Compare commits
12 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
4b20642107 | ||
|
1c2ab61fa1 | ||
|
d84c65b444 | ||
|
929846e5d1 | ||
|
c0a499bb31 | ||
|
546bf977b5 | ||
|
20c4fd7c9c | ||
|
a3963e794f | ||
|
fc6854bd38 | ||
|
be99ed71a5 | ||
|
ed457feb49 | ||
|
4fcc430a48 |
31
.gitignore
vendored
31
.gitignore
vendored
@ -1,7 +1,3 @@
|
||||
.build*.log
|
||||
clog
|
||||
000*.patch
|
||||
*.src.rpm
|
||||
openssl-1.0.0a-usa.tar.bz2
|
||||
/openssl-1.0.0b-usa.tar.bz2
|
||||
/openssl-1.0.0c-usa.tar.bz2
|
||||
@ -22,30 +18,3 @@ openssl-1.0.0a-usa.tar.bz2
|
||||
/openssl-1.0.1i-hobbled.tar.xz
|
||||
/openssl-1.0.1j-hobbled.tar.xz
|
||||
/openssl-1.0.1k-hobbled.tar.xz
|
||||
/openssl-1.0.2a-hobbled.tar.xz
|
||||
/openssl-1.0.2c-hobbled.tar.xz
|
||||
/openssl-1.0.2d-hobbled.tar.xz
|
||||
/openssl-1.0.2e-hobbled.tar.xz
|
||||
/openssl-1.0.2f-hobbled.tar.xz
|
||||
/openssl-1.0.2g-hobbled.tar.xz
|
||||
/openssl-1.0.2h-hobbled.tar.xz
|
||||
/openssl-1.0.2i-hobbled.tar.xz
|
||||
/openssl-1.0.2j-hobbled.tar.xz
|
||||
/openssl-1.1.0b-hobbled.tar.xz
|
||||
/openssl-1.1.0c-hobbled.tar.xz
|
||||
/openssl-1.1.0d-hobbled.tar.xz
|
||||
/openssl-1.1.0e-hobbled.tar.xz
|
||||
/openssl-1.1.0f-hobbled.tar.xz
|
||||
/openssl-1.1.0g-hobbled.tar.xz
|
||||
/openssl-1.1.0h-hobbled.tar.xz
|
||||
/openssl-1.1.1-pre8-hobbled.tar.xz
|
||||
/openssl-1.1.1-pre9-hobbled.tar.xz
|
||||
/openssl-1.1.1-hobbled.tar.xz
|
||||
/openssl-1.1.1a-hobbled.tar.xz
|
||||
/openssl-1.1.1b-hobbled.tar.xz
|
||||
/openssl-1.1.1c-hobbled.tar.xz
|
||||
/openssl-1.1.1d-hobbled.tar.xz
|
||||
/openssl-1.1.1e-hobbled.tar.xz
|
||||
/openssl-1.1.1f-hobbled.tar.xz
|
||||
/openssl-1.1.1g-hobbled.tar.xz
|
||||
/openssl-1.1.1h-hobbled.tar.xz
|
||||
|
@ -1,11 +1,8 @@
|
||||
UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
|
||||
SERIAL=0
|
||||
DAYS=365
|
||||
KEYLEN=2048
|
||||
TYPE=rsa:$(KEYLEN)
|
||||
EXTRA_FLAGS=
|
||||
ifdef SERIAL
|
||||
EXTRA_FLAGS+=-set_serial $(SERIAL)
|
||||
endif
|
||||
|
||||
.PHONY: usage
|
||||
.SUFFIXES: .key .csr .crt .pem
|
||||
@ -26,9 +23,8 @@ usage:
|
||||
@echo "To create a CSR for use with Apache, run \"make certreq\"."
|
||||
@echo "To create a test certificate for use with Apache, run \"make testcert\"."
|
||||
@echo
|
||||
@echo "To create a test certificate with serial number other than random, add SERIAL=num"
|
||||
@echo "To create a test certificate with serial number other than zero, add SERIAL=num"
|
||||
@echo "You can also specify key length with KEYLEN=n and expiration in days with DAYS=n"
|
||||
@echo "Any additional options can be passed to openssl req via EXTRA_FLAGS"
|
||||
@echo
|
||||
@echo Examples:
|
||||
@echo " make server.key"
|
||||
@ -39,14 +35,14 @@ usage:
|
||||
@echo " make certreq"
|
||||
@echo " make testcert"
|
||||
@echo " make server.crt SERIAL=1"
|
||||
@echo " make stunnel.pem EXTRA_FLAGS=-sha384"
|
||||
@echo " make testcert DAYS=600"
|
||||
@echo " make stunnel.pem SERIAL=2"
|
||||
@echo " make testcert SERIAL=3"
|
||||
|
||||
%.pem:
|
||||
umask 77 ; \
|
||||
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
||||
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
||||
/usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 $(EXTRA_FLAGS) ; \
|
||||
/usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 -set_serial $(SERIAL) ; \
|
||||
cat $$PEM1 > $@ ; \
|
||||
echo "" >> $@ ; \
|
||||
cat $$PEM2 >> $@ ; \
|
||||
@ -62,7 +58,7 @@ usage:
|
||||
|
||||
%.crt: %.key
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ $(EXTRA_FLAGS)
|
||||
/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ -set_serial $(SERIAL)
|
||||
|
||||
TLSROOT=/etc/pki/tls
|
||||
KEY=$(TLSROOT)/private/localhost.key
|
||||
@ -79,4 +75,4 @@ $(CSR): $(KEY)
|
||||
|
||||
$(CRT): $(KEY)
|
||||
umask 77 ; \
|
||||
/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) $(EXTRA_FLAGS)
|
||||
/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) -set_serial $(SERIAL)
|
||||
|
17
README.FIPS
17
README.FIPS
@ -6,17 +6,17 @@ Red Hat Enterprise Linux - OPENSSL Module.
|
||||
|
||||
The module files
|
||||
================
|
||||
/usr/lib[64]/libcrypto.so.1.1.0
|
||||
/usr/lib[64]/libssl.so.1.1.0
|
||||
/usr/lib[64]/.libcrypto.so.1.1.0.hmac
|
||||
/usr/lib[64]/.libssl.so.1.1.0.hmac
|
||||
/usr/lib[64]/libcrypto.so.1.0.1e
|
||||
/usr/lib[64]/libssl.so.1.0.1e
|
||||
/usr/lib[64]/.libcrypto.so.1.0.1e.hmac
|
||||
/usr/lib[64]/.libssl.so.1.0.1e.hmac
|
||||
|
||||
Dependencies
|
||||
============
|
||||
|
||||
The approved mode of operation requires kernel with /dev/urandom RNG running
|
||||
with properties as defined in the security policy of the module. This is
|
||||
provided by kernel packages with validated Red Hat Enterprise Linux Kernel
|
||||
provided by kernel packages with validated Red Hat Enterprise Linux - IPSec
|
||||
Crytographic Module.
|
||||
|
||||
Installation
|
||||
@ -26,8 +26,11 @@ The RPM package of the module can be installed by standard tools recommended
|
||||
for installation of RPM packages on the Red Hat Enterprise Linux system (yum,
|
||||
rpm, RHN remote management tool).
|
||||
|
||||
The RPM package dracut-fips must be installed for the approved mode of
|
||||
operation.
|
||||
For proper operation of the in-module integrity verification the prelink has to
|
||||
be disabled. This can be done with setting PRELINKING=no in the
|
||||
/etc/sysconfig/prelink configuration file. If the libraries were already
|
||||
prelinked the prelink should be undone on all the system files with the
|
||||
'prelink -u -a' command.
|
||||
|
||||
Usage and API
|
||||
=============
|
||||
|
662
ec_curve.c
662
ec_curve.c
@ -1,238 +1,205 @@
|
||||
/* crypto/ec/ec_curve.c */
|
||||
/*
|
||||
* Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||
* Written by Nils Larsch for the OpenSSL project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||
*
|
||||
* Portions of the attached software ("Contribution") are developed by
|
||||
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
|
||||
*
|
||||
* The Contribution is licensed pursuant to the OpenSSL open source
|
||||
* license provided above.
|
||||
*
|
||||
* The elliptic curve binary polynomial software is originally written by
|
||||
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include "ec_local.h"
|
||||
#include "ec_lcl.h"
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/obj_mac.h>
|
||||
#include <openssl/opensslconf.h>
|
||||
#include "internal/nelem.h"
|
||||
|
||||
typedef struct {
|
||||
int field_type, /* either NID_X9_62_prime_field or
|
||||
* NID_X9_62_characteristic_two_field */
|
||||
seed_len, param_len;
|
||||
seed_len,
|
||||
param_len;
|
||||
unsigned int cofactor; /* promoted to BN_ULONG */
|
||||
} EC_CURVE_DATA;
|
||||
|
||||
/* the nist prime curves */
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 28 * 6];
|
||||
} _EC_NIST_PRIME_224 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 28, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
|
||||
0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x01,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE,
|
||||
/* b */
|
||||
0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
|
||||
0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
|
||||
0x23, 0x55, 0xFF, 0xB4,
|
||||
/* x */
|
||||
0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
|
||||
0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
|
||||
0x11, 0x5C, 0x1D, 0x21,
|
||||
/* y */
|
||||
0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
|
||||
0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
|
||||
0x85, 0x00, 0x7e, 0x34,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
|
||||
0x5C, 0x5C, 0x2A, 0x3D
|
||||
}
|
||||
static const struct { EC_CURVE_DATA h; unsigned char data[20+48*6]; }
|
||||
_EC_NIST_PRIME_384 = {
|
||||
{ NID_X9_62_prime_field,20,48,1 },
|
||||
{ 0xA3,0x35,0x92,0x6A,0xA3,0x19,0xA2,0x7A,0x1D,0x00, /* seed */
|
||||
0x89,0x6A,0x67,0x73,0xA4,0x82,0x7A,0xCD,0xAC,0x73,
|
||||
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* p */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
|
||||
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* a */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
|
||||
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFC,
|
||||
0xB3,0x31,0x2F,0xA7,0xE2,0x3E,0xE7,0xE4,0x98,0x8E, /* b */
|
||||
0x05,0x6B,0xE3,0xF8,0x2D,0x19,0x18,0x1D,0x9C,0x6E,
|
||||
0xFE,0x81,0x41,0x12,0x03,0x14,0x08,0x8F,0x50,0x13,
|
||||
0x87,0x5A,0xC6,0x56,0x39,0x8D,0x8A,0x2E,0xD1,0x9D,
|
||||
0x2A,0x85,0xC8,0xED,0xD3,0xEC,0x2A,0xEF,
|
||||
0xAA,0x87,0xCA,0x22,0xBE,0x8B,0x05,0x37,0x8E,0xB1, /* x */
|
||||
0xC7,0x1E,0xF3,0x20,0xAD,0x74,0x6E,0x1D,0x3B,0x62,
|
||||
0x8B,0xA7,0x9B,0x98,0x59,0xF7,0x41,0xE0,0x82,0x54,
|
||||
0x2A,0x38,0x55,0x02,0xF2,0x5D,0xBF,0x55,0x29,0x6C,
|
||||
0x3A,0x54,0x5E,0x38,0x72,0x76,0x0A,0xB7,
|
||||
0x36,0x17,0xde,0x4a,0x96,0x26,0x2c,0x6f,0x5d,0x9e, /* y */
|
||||
0x98,0xbf,0x92,0x92,0xdc,0x29,0xf8,0xf4,0x1d,0xbd,
|
||||
0x28,0x9a,0x14,0x7c,0xe9,0xda,0x31,0x13,0xb5,0xf0,
|
||||
0xb8,0xc0,0x0a,0x60,0xb1,0xce,0x1d,0x7e,0x81,0x9d,
|
||||
0x7a,0x43,0x1d,0x7c,0x90,0xea,0x0e,0x5f,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* order */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xC7,0x63,0x4D,0x81,0xF4,0x37,
|
||||
0x2D,0xDF,0x58,0x1A,0x0D,0xB2,0x48,0xB0,0xA7,0x7A,
|
||||
0xEC,0xEC,0x19,0x6A,0xCC,0xC5,0x29,0x73 }
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 48 * 6];
|
||||
} _EC_NIST_PRIME_384 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 48, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
|
||||
0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||
/* b */
|
||||
0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
|
||||
0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
|
||||
0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
|
||||
0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
|
||||
/* x */
|
||||
0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
|
||||
0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
|
||||
0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
|
||||
0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
|
||||
/* y */
|
||||
0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
|
||||
0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
|
||||
0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
|
||||
0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
|
||||
0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
|
||||
}
|
||||
};
|
||||
static const struct { EC_CURVE_DATA h; unsigned char data[20+66*6]; }
|
||||
_EC_NIST_PRIME_521 = {
|
||||
{ NID_X9_62_prime_field,20,66,1 },
|
||||
{ 0xD0,0x9E,0x88,0x00,0x29,0x1C,0xB8,0x53,0x96,0xCC, /* seed */
|
||||
0x67,0x17,0x39,0x32,0x84,0xAA,0xA0,0xDA,0x64,0xBA,
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 66 * 6];
|
||||
} _EC_NIST_PRIME_521 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 66, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
|
||||
0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
|
||||
/* p */
|
||||
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* p */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
/* a */
|
||||
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* a */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFC,
|
||||
/* b */
|
||||
0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
|
||||
0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
|
||||
0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
|
||||
0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
|
||||
0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
|
||||
0x00,0x51,0x95,0x3E,0xB9,0x61,0x8E,0x1C,0x9A,0x1F, /* b */
|
||||
0x92,0x9A,0x21,0xA0,0xB6,0x85,0x40,0xEE,0xA2,0xDA,
|
||||
0x72,0x5B,0x99,0xB3,0x15,0xF3,0xB8,0xB4,0x89,0x91,
|
||||
0x8E,0xF1,0x09,0xE1,0x56,0x19,0x39,0x51,0xEC,0x7E,
|
||||
0x93,0x7B,0x16,0x52,0xC0,0xBD,0x3B,0xB1,0xBF,0x07,
|
||||
0x35,0x73,0xDF,0x88,0x3D,0x2C,0x34,0xF1,0xEF,0x45,
|
||||
0x1F,0xD4,0x6B,0x50,0x3F,0x00,
|
||||
/* x */
|
||||
0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
|
||||
0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
|
||||
0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
|
||||
0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
|
||||
0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
|
||||
0x00,0xC6,0x85,0x8E,0x06,0xB7,0x04,0x04,0xE9,0xCD, /* x */
|
||||
0x9E,0x3E,0xCB,0x66,0x23,0x95,0xB4,0x42,0x9C,0x64,
|
||||
0x81,0x39,0x05,0x3F,0xB5,0x21,0xF8,0x28,0xAF,0x60,
|
||||
0x6B,0x4D,0x3D,0xBA,0xA1,0x4B,0x5E,0x77,0xEF,0xE7,
|
||||
0x59,0x28,0xFE,0x1D,0xC1,0x27,0xA2,0xFF,0xA8,0xDE,
|
||||
0x33,0x48,0xB3,0xC1,0x85,0x6A,0x42,0x9B,0xF9,0x7E,
|
||||
0x7E,0x31,0xC2,0xE5,0xBD,0x66,
|
||||
/* y */
|
||||
0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
|
||||
0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
|
||||
0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
|
||||
0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
|
||||
0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
|
||||
0x01,0x18,0x39,0x29,0x6a,0x78,0x9a,0x3b,0xc0,0x04, /* y */
|
||||
0x5c,0x8a,0x5f,0xb4,0x2c,0x7d,0x1b,0xd9,0x98,0xf5,
|
||||
0x44,0x49,0x57,0x9b,0x44,0x68,0x17,0xaf,0xbd,0x17,
|
||||
0x27,0x3e,0x66,0x2c,0x97,0xee,0x72,0x99,0x5e,0xf4,
|
||||
0x26,0x40,0xc5,0x50,0xb9,0x01,0x3f,0xad,0x07,0x61,
|
||||
0x35,0x3c,0x70,0x86,0xa2,0x72,0xc2,0x40,0x88,0xbe,
|
||||
0x94,0x76,0x9f,0xd1,0x66,0x50,
|
||||
/* order */
|
||||
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
|
||||
0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
|
||||
0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
|
||||
0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
|
||||
}
|
||||
0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* order */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFA,0x51,0x86,0x87,0x83,0xBF,0x2F,
|
||||
0x96,0x6B,0x7F,0xCC,0x01,0x48,0xF7,0x09,0xA5,0xD0,
|
||||
0x3B,0xB5,0xC9,0xB8,0x89,0x9C,0x47,0xAE,0xBB,0x6F,
|
||||
0xB7,0x1E,0x91,0x38,0x64,0x09 }
|
||||
};
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[20 + 32 * 6];
|
||||
} _EC_X9_62_PRIME_256V1 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 20, 32, 1
|
||||
},
|
||||
{
|
||||
/* seed */
|
||||
0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
|
||||
0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
/* a */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||
/* b */
|
||||
0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
|
||||
0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
|
||||
0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
|
||||
/* x */
|
||||
0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
|
||||
0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
|
||||
0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
|
||||
/* y */
|
||||
0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
|
||||
0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
|
||||
0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
|
||||
0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
|
||||
}
|
||||
};
|
||||
static const struct { EC_CURVE_DATA h; unsigned char data[20+32*6]; }
|
||||
_EC_X9_62_PRIME_256V1 = {
|
||||
{ NID_X9_62_prime_field,20,32,1 },
|
||||
{ 0xC4,0x9D,0x36,0x08,0x86,0xE7,0x04,0x93,0x6A,0x66, /* seed */
|
||||
0x78,0xE1,0x13,0x9D,0x26,0xB7,0x81,0x9F,0x7E,0x90,
|
||||
|
||||
static const struct {
|
||||
EC_CURVE_DATA h;
|
||||
unsigned char data[0 + 32 * 6];
|
||||
} _EC_SECG_PRIME_256K1 = {
|
||||
{
|
||||
NID_X9_62_prime_field, 0, 32, 1
|
||||
},
|
||||
{
|
||||
/* no seed */
|
||||
/* p */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
|
||||
/* a */
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
/* b */
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
|
||||
/* x */
|
||||
0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
|
||||
0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
|
||||
0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
|
||||
/* y */
|
||||
0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
|
||||
0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
|
||||
0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
|
||||
/* order */
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
|
||||
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
|
||||
}
|
||||
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00, /* p */
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFF,
|
||||
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00, /* a */
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
0xFF,0xFC,
|
||||
0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,0xB3,0xEB, /* b */
|
||||
0xBD,0x55,0x76,0x98,0x86,0xBC,0x65,0x1D,0x06,0xB0,
|
||||
0xCC,0x53,0xB0,0xF6,0x3B,0xCE,0x3C,0x3E,0x27,0xD2,
|
||||
0x60,0x4B,
|
||||
0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,0xF8,0xBC, /* x */
|
||||
0xE6,0xE5,0x63,0xA4,0x40,0xF2,0x77,0x03,0x7D,0x81,
|
||||
0x2D,0xEB,0x33,0xA0,0xF4,0xA1,0x39,0x45,0xD8,0x98,
|
||||
0xC2,0x96,
|
||||
0x4f,0xe3,0x42,0xe2,0xfe,0x1a,0x7f,0x9b,0x8e,0xe7, /* y */
|
||||
0xeb,0x4a,0x7c,0x0f,0x9e,0x16,0x2b,0xce,0x33,0x57,
|
||||
0x6b,0x31,0x5e,0xce,0xcb,0xb6,0x40,0x68,0x37,0xbf,
|
||||
0x51,0xf5,
|
||||
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xFF,0xFF, /* order */
|
||||
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xBC,0xE6,0xFA,0xAD,
|
||||
0xA7,0x17,0x9E,0x84,0xF3,0xB9,0xCA,0xC2,0xFC,0x63,
|
||||
0x25,0x51 }
|
||||
};
|
||||
|
||||
typedef struct _ec_list_element_st {
|
||||
@ -245,57 +212,36 @@ typedef struct _ec_list_element_st {
|
||||
static const ec_list_element curve_list[] = {
|
||||
/* prime field curves */
|
||||
/* secg curves */
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
#else
|
||||
{NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
#endif
|
||||
{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||
"SECG curve over a 256 bit prime field"},
|
||||
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||
{NID_secp384r1, &_EC_NIST_PRIME_384.h, 0,
|
||||
"NIST/SECG curve over a 384 bit prime field"},
|
||||
{ NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" },
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
{NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method,
|
||||
"NIST/SECG curve over a 521 bit prime field"},
|
||||
{ NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, "NIST/SECG curve over a 521 bit prime field" },
|
||||
#else
|
||||
{NID_secp521r1, &_EC_NIST_PRIME_521.h, 0,
|
||||
"NIST/SECG curve over a 521 bit prime field"},
|
||||
{ NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, "NIST/SECG curve over a 521 bit prime field" },
|
||||
#endif
|
||||
/* X9.62 curves */
|
||||
{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
|
||||
#if defined(ECP_NISTZ256_ASM)
|
||||
EC_GFp_nistz256_method,
|
||||
#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
EC_GFp_nistp256_method,
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method, "X9.62/SECG curve over a 256 bit prime field" },
|
||||
#else
|
||||
0,
|
||||
{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field" },
|
||||
#endif
|
||||
"X9.62/SECG curve over a 256 bit prime field"},
|
||||
};
|
||||
|
||||
#define curve_list_length OSSL_NELEM(curve_list)
|
||||
#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
|
||||
|
||||
static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
||||
{
|
||||
EC_GROUP *group=NULL;
|
||||
EC_POINT *P=NULL;
|
||||
BN_CTX *ctx=NULL;
|
||||
BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
|
||||
NULL;
|
||||
BIGNUM *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL;
|
||||
int ok=0;
|
||||
int seed_len,param_len;
|
||||
const EC_METHOD *meth;
|
||||
const EC_CURVE_DATA *data;
|
||||
const unsigned char *params;
|
||||
|
||||
/* If no curve data curve method must handle everything */
|
||||
if (curve.data == NULL)
|
||||
return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL);
|
||||
|
||||
if ((ctx = BN_CTX_new()) == NULL) {
|
||||
if ((ctx = BN_CTX_new()) == NULL)
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
@ -306,81 +252,101 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
||||
params = (const unsigned char *)(data+1); /* skip header */
|
||||
params += seed_len; /* skip seed */
|
||||
|
||||
if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL
|
||||
|| (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL
|
||||
|| (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) {
|
||||
if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL))
|
||||
|| !(a = BN_bin2bn(params+1*param_len, param_len, NULL))
|
||||
|| !(b = BN_bin2bn(params+2*param_len, param_len, NULL)))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (curve.meth != 0) {
|
||||
if (curve.meth != 0)
|
||||
{
|
||||
meth = curve.meth();
|
||||
if (((group = EC_GROUP_new(meth)) == NULL) ||
|
||||
(!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
|
||||
(!(group->meth->group_set_curve(group, p, a, b, ctx))))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
} else if (data->field_type == NID_X9_62_prime_field) {
|
||||
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
|
||||
}
|
||||
else if (data->field_type == NID_X9_62_prime_field)
|
||||
{
|
||||
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL)
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
else { /* field_type ==
|
||||
* NID_X9_62_characteristic_two_field */
|
||||
|
||||
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
|
||||
else /* field_type == NID_X9_62_characteristic_two_field */
|
||||
{
|
||||
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL)
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
EC_GROUP_set_curve_name(group, curve.nid);
|
||||
|
||||
if ((P = EC_POINT_new(group)) == NULL) {
|
||||
if ((P = EC_POINT_new(group)) == NULL)
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL
|
||||
|| (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) {
|
||||
if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL))
|
||||
|| !(y = BN_bin2bn(params+4*param_len, param_len, NULL)))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) {
|
||||
if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL
|
||||
|| !BN_set_word(x, (BN_ULONG)data->cofactor)) {
|
||||
if (!(order = BN_bin2bn(params+5*param_len, param_len, NULL))
|
||||
|| !BN_set_word(x, (BN_ULONG)data->cofactor))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (!EC_GROUP_set_generator(group, P, order, x)) {
|
||||
if (!EC_GROUP_set_generator(group, P, order, x))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
if (seed_len) {
|
||||
if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
|
||||
if (seed_len)
|
||||
{
|
||||
if (!EC_GROUP_set_seed(group, params-seed_len, seed_len))
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
ok=1;
|
||||
err:
|
||||
if (!ok) {
|
||||
if (!ok)
|
||||
{
|
||||
EC_GROUP_free(group);
|
||||
group = NULL;
|
||||
}
|
||||
if (P)
|
||||
EC_POINT_free(P);
|
||||
if (ctx)
|
||||
BN_CTX_free(ctx);
|
||||
if (p)
|
||||
BN_free(p);
|
||||
if (a)
|
||||
BN_free(a);
|
||||
if (b)
|
||||
BN_free(b);
|
||||
if (order)
|
||||
BN_free(order);
|
||||
if (x)
|
||||
BN_free(x);
|
||||
if (y)
|
||||
BN_free(y);
|
||||
return group;
|
||||
}
|
||||
@ -394,16 +360,20 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
|
||||
return NULL;
|
||||
|
||||
for (i=0; i<curve_list_length; i++)
|
||||
if (curve_list[i].nid == nid) {
|
||||
if (curve_list[i].nid == nid)
|
||||
{
|
||||
ret = ec_group_new_from_data(curve_list[i]);
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret == NULL) {
|
||||
if (ret == NULL)
|
||||
{
|
||||
ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
EC_GROUP_set_curve_name(ret, nid);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -416,167 +386,11 @@ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
|
||||
|
||||
min = nitems < curve_list_length ? nitems : curve_list_length;
|
||||
|
||||
for (i = 0; i < min; i++) {
|
||||
for (i = 0; i < min; i++)
|
||||
{
|
||||
r[i].nid = curve_list[i].nid;
|
||||
r[i].comment = curve_list[i].comment;
|
||||
}
|
||||
|
||||
return curve_list_length;
|
||||
}
|
||||
|
||||
/* Functions to translate between common NIST curve names and NIDs */
|
||||
|
||||
typedef struct {
|
||||
const char *name; /* NIST Name of curve */
|
||||
int nid; /* Curve NID */
|
||||
} EC_NIST_NAME;
|
||||
|
||||
static EC_NIST_NAME nist_curves[] = {
|
||||
{"B-163", NID_sect163r2},
|
||||
{"B-233", NID_sect233r1},
|
||||
{"B-283", NID_sect283r1},
|
||||
{"B-409", NID_sect409r1},
|
||||
{"B-571", NID_sect571r1},
|
||||
{"K-163", NID_sect163k1},
|
||||
{"K-233", NID_sect233k1},
|
||||
{"K-283", NID_sect283k1},
|
||||
{"K-409", NID_sect409k1},
|
||||
{"K-571", NID_sect571k1},
|
||||
{"P-192", NID_X9_62_prime192v1},
|
||||
{"P-224", NID_secp224r1},
|
||||
{"P-256", NID_X9_62_prime256v1},
|
||||
{"P-384", NID_secp384r1},
|
||||
{"P-521", NID_secp521r1}
|
||||
};
|
||||
|
||||
const char *EC_curve_nid2nist(int nid)
|
||||
{
|
||||
size_t i;
|
||||
for (i = 0; i < OSSL_NELEM(nist_curves); i++) {
|
||||
if (nist_curves[i].nid == nid)
|
||||
return nist_curves[i].name;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int EC_curve_nist2nid(const char *name)
|
||||
{
|
||||
size_t i;
|
||||
for (i = 0; i < OSSL_NELEM(nist_curves); i++) {
|
||||
if (strcmp(nist_curves[i].name, name) == 0)
|
||||
return nist_curves[i].nid;
|
||||
}
|
||||
return NID_undef;
|
||||
}
|
||||
|
||||
#define NUM_BN_FIELDS 6
|
||||
/*
|
||||
* Validates EC domain parameter data for known named curves.
|
||||
* This can be used when a curve is loaded explicitly (without a curve
|
||||
* name) or to validate that domain parameters have not been modified.
|
||||
*
|
||||
* Returns: The nid associated with the found named curve, or NID_undef
|
||||
* if not found. If there was an error it returns -1.
|
||||
*/
|
||||
int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
|
||||
{
|
||||
int ret = -1, nid, len, field_type, param_len;
|
||||
size_t i, seed_len;
|
||||
const unsigned char *seed, *params_seed, *params;
|
||||
unsigned char *param_bytes = NULL;
|
||||
const EC_CURVE_DATA *data;
|
||||
const EC_POINT *generator = NULL;
|
||||
const EC_METHOD *meth;
|
||||
const BIGNUM *cofactor = NULL;
|
||||
/* An array of BIGNUMs for (p, a, b, x, y, order) */
|
||||
BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
|
||||
|
||||
meth = EC_GROUP_method_of(group);
|
||||
if (meth == NULL)
|
||||
return -1;
|
||||
/* Use the optional named curve nid as a search field */
|
||||
nid = EC_GROUP_get_curve_name(group);
|
||||
field_type = EC_METHOD_get_field_type(meth);
|
||||
seed_len = EC_GROUP_get_seed_len(group);
|
||||
seed = EC_GROUP_get0_seed(group);
|
||||
cofactor = EC_GROUP_get0_cofactor(group);
|
||||
|
||||
BN_CTX_start(ctx);
|
||||
|
||||
/*
|
||||
* The built-in curves contains data fields (p, a, b, x, y, order) that are
|
||||
* all zero-padded to be the same size. The size of the padding is
|
||||
* determined by either the number of bytes in the field modulus (p) or the
|
||||
* EC group order, whichever is larger.
|
||||
*/
|
||||
param_len = BN_num_bytes(group->order);
|
||||
len = BN_num_bytes(group->field);
|
||||
if (len > param_len)
|
||||
param_len = len;
|
||||
|
||||
/* Allocate space to store the padded data for (p, a, b, x, y, order) */
|
||||
param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS);
|
||||
if (param_bytes == NULL)
|
||||
goto end;
|
||||
|
||||
/* Create the bignums */
|
||||
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||
if ((bn[i] = BN_CTX_get(ctx)) == NULL)
|
||||
goto end;
|
||||
}
|
||||
/*
|
||||
* Fill in the bn array with the same values as the internal curves
|
||||
* i.e. the values are p, a, b, x, y, order.
|
||||
*/
|
||||
/* Get p, a & b */
|
||||
if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx)
|
||||
&& ((generator = EC_GROUP_get0_generator(group)) != NULL)
|
||||
/* Get x & y */
|
||||
&& EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx)
|
||||
/* Get order */
|
||||
&& EC_GROUP_get_order(group, bn[5], ctx)))
|
||||
goto end;
|
||||
|
||||
/*
|
||||
* Convert the bignum array to bytes that are joined together to form
|
||||
* a single buffer that contains data for all fields.
|
||||
* (p, a, b, x, y, order) are all zero padded to be the same size.
|
||||
*/
|
||||
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||
if (BN_bn2binpad(bn[i], ¶m_bytes[i*param_len], param_len) <= 0)
|
||||
goto end;
|
||||
}
|
||||
|
||||
for (i = 0; i < curve_list_length; i++) {
|
||||
const ec_list_element curve = curve_list[i];
|
||||
|
||||
data = curve.data;
|
||||
/* Get the raw order byte data */
|
||||
params_seed = (const unsigned char *)(data + 1); /* skip header */
|
||||
params = params_seed + data->seed_len;
|
||||
|
||||
/* Look for unique fields in the fixed curve data */
|
||||
if (data->field_type == field_type
|
||||
&& param_len == data->param_len
|
||||
&& (nid <= 0 || nid == curve.nid)
|
||||
/* check the optional cofactor (ignore if its zero) */
|
||||
&& (BN_is_zero(cofactor)
|
||||
|| BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor))
|
||||
/* Check the optional seed (ignore if its not set) */
|
||||
&& (data->seed_len == 0 || seed_len == 0
|
||||
|| ((size_t)data->seed_len == seed_len
|
||||
&& memcmp(params_seed, seed, seed_len) == 0))
|
||||
/* Check that the groups params match the built-in curve params */
|
||||
&& memcmp(param_bytes, params, param_len * NUM_BN_FIELDS)
|
||||
== 0) {
|
||||
ret = curve.nid;
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
/* Gets here if the group was not found */
|
||||
ret = NID_undef;
|
||||
end:
|
||||
OPENSSL_free(param_bytes);
|
||||
BN_CTX_end(ctx);
|
||||
return ret;
|
||||
}
|
||||
|
@ -6,35 +6,48 @@ set -e
|
||||
# Clean out patent-or-otherwise-encumbered code.
|
||||
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
||||
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
||||
# RC5: 5,724,428 01/11/2015 - expired, we do not remove it anymore
|
||||
# RC5: 5,724,428 01/11/2015
|
||||
# EC: ????????? ??/??/2020
|
||||
# SRP: ????????? ??/??/2017 - expired, we do not remove it anymore
|
||||
# SRP: ????????? ??/??/20??
|
||||
|
||||
# Remove assembler portions of IDEA, MDC2, and RC5.
|
||||
# (find crypto/rc5/asm -type f | xargs -r rm -fv)
|
||||
(find crypto/rc5/asm -type f | xargs -r rm -fv)
|
||||
|
||||
# RC5, SRP.
|
||||
for a in rc5 srp; do
|
||||
for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
done
|
||||
|
||||
for c in `find crypto/evp -name "*_rc5.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for c in `find crypto/bn -name "*gf2m.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for c in `find test -name "ectest.c"`; do
|
||||
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c" -o -name "ecp_nistp?2?.c" -o -name "ectest.c"`; do
|
||||
echo Destroying $c
|
||||
> $c
|
||||
done
|
||||
|
||||
for h in `find crypto ssl apps test -name "*.h"` ; do
|
||||
echo Removing EC2M references from $h
|
||||
echo Removing RC5, SRP and EC2M references from $h
|
||||
cat $h | \
|
||||
awk 'BEGIN {ech=1;} \
|
||||
/^#[ \t]*ifndef.*NO_SRP/ {ech--; next;} \
|
||||
/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
|
||||
/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
|
||||
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
||||
{if(ech>0) {;print $0};} \
|
||||
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
||||
mv $h.hobbled $h
|
||||
done
|
||||
|
||||
# Make the makefiles happy.
|
||||
touch crypto/rc5/asm/rc5-586.pl
|
||||
|
29
openssl-0.9.6-x509.patch
Normal file
29
openssl-0.9.6-x509.patch
Normal file
@ -0,0 +1,29 @@
|
||||
Do not treat duplicate certs as an error.
|
||||
|
||||
--- openssl-0.9.6/crypto/x509/by_file.c Wed Sep 27 15:09:05 2000
|
||||
+++ openssl-0.9.6/crypto/x509/by_file.c Wed Sep 27 14:21:20 2000
|
||||
@@ -163,8 +163,12 @@
|
||||
}
|
||||
}
|
||||
i=X509_STORE_add_cert(ctx->store_ctx,x);
|
||||
- if (!i) goto err;
|
||||
- count++;
|
||||
+ /* ignore any problems with current certificate
|
||||
+ and continue with the next one */
|
||||
+ if (i)
|
||||
+ count++;
|
||||
+ else
|
||||
+ ERR_clear_error();
|
||||
X509_free(x);
|
||||
x=NULL;
|
||||
}
|
||||
@@ -179,7 +183,8 @@
|
||||
goto err;
|
||||
}
|
||||
i=X509_STORE_add_cert(ctx->store_ctx,x);
|
||||
- if (!i) goto err;
|
||||
+ if (!i)
|
||||
+ ERR_clear_error();
|
||||
ret=i;
|
||||
}
|
||||
else
|
11
openssl-0.9.8a-no-rpath.patch
Normal file
11
openssl-0.9.8a-no-rpath.patch
Normal file
@ -0,0 +1,11 @@
|
||||
--- openssl-0.9.8a/Makefile.shared.no-rpath 2005-06-23 22:47:54.000000000 +0200
|
||||
+++ openssl-0.9.8a/Makefile.shared 2005-11-16 22:35:37.000000000 +0100
|
||||
@@ -153,7 +153,7 @@
|
||||
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
|
||||
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
|
||||
|
||||
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
|
||||
+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
|
||||
|
||||
#This is rather special. It's a special target with which one can link
|
||||
#applications without bothering with any features that have anything to
|
24
openssl-0.9.8b-test-use-localhost.patch
Normal file
24
openssl-0.9.8b-test-use-localhost.patch
Normal file
@ -0,0 +1,24 @@
|
||||
diff -up openssl-0.9.8b/ssl/ssltest.c.use-localhost openssl-0.9.8b/ssl/ssltest.c
|
||||
--- openssl-0.9.8b/ssl/ssltest.c.use-localhost 2006-02-24 18:58:35.000000000 +0100
|
||||
+++ openssl-0.9.8b/ssl/ssltest.c 2007-08-03 14:06:16.000000000 +0200
|
||||
@@ -839,19 +839,8 @@ bad:
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
if (c_ssl && c_ssl->kssl_ctx)
|
||||
{
|
||||
- char localhost[MAXHOSTNAMELEN+2];
|
||||
-
|
||||
- if (gethostname(localhost, sizeof localhost-1) == 0)
|
||||
- {
|
||||
- localhost[sizeof localhost-1]='\0';
|
||||
- if(strlen(localhost) == sizeof localhost-1)
|
||||
- {
|
||||
- BIO_printf(bio_err,"localhost name too long\n");
|
||||
- goto end;
|
||||
- }
|
||||
kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
|
||||
- localhost);
|
||||
- }
|
||||
+ "localhost");
|
||||
}
|
||||
#endif /* OPENSSL_NO_KRB5 */
|
||||
|
48
openssl-0.9.8j-version-add-engines.patch
Normal file
48
openssl-0.9.8j-version-add-engines.patch
Normal file
@ -0,0 +1,48 @@
|
||||
diff -up openssl-0.9.8j/apps/version.c.version-add-engines openssl-0.9.8j/apps/version.c
|
||||
--- openssl-0.9.8j/apps/version.c.version-add-engines 2008-10-20 14:53:33.000000000 +0200
|
||||
+++ openssl-0.9.8j/apps/version.c 2009-01-13 23:22:03.000000000 +0100
|
||||
@@ -131,6 +131,7 @@
|
||||
#ifndef OPENSSL_NO_BF
|
||||
# include <openssl/blowfish.h>
|
||||
#endif
|
||||
+#include <openssl/engine.h>
|
||||
|
||||
#undef PROG
|
||||
#define PROG version_main
|
||||
@@ -140,7 +141,7 @@ int MAIN(int, char **);
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
int i,ret=0;
|
||||
- int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
|
||||
+ int cflags=0,version=0,date=0,options=0,platform=0,dir=0,engines=0;
|
||||
|
||||
apps_startup();
|
||||
|
||||
@@ -164,7 +165,7 @@ int MAIN(int argc, char **argv)
|
||||
else if (strcmp(argv[i],"-d") == 0)
|
||||
dir=1;
|
||||
else if (strcmp(argv[i],"-a") == 0)
|
||||
- date=version=cflags=options=platform=dir=1;
|
||||
+ date=version=cflags=options=platform=dir=engines=1;
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_err,"usage:version -[avbofpd]\n");
|
||||
@@ -211,6 +212,18 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
|
||||
if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR));
|
||||
+ if (engines)
|
||||
+ {
|
||||
+ ENGINE *e;
|
||||
+ printf("engines: ");
|
||||
+ e = ENGINE_get_first();
|
||||
+ while (e)
|
||||
+ {
|
||||
+ printf("%s ", ENGINE_get_id(e));
|
||||
+ e = ENGINE_get_next(e);
|
||||
+ }
|
||||
+ printf("\n");
|
||||
+ }
|
||||
end:
|
||||
apps_shutdown();
|
||||
OPENSSL_EXIT(ret);
|
36
openssl-1.0.0-beta4-ca-dir.patch
Normal file
36
openssl-1.0.0-beta4-ca-dir.patch
Normal file
@ -0,0 +1,36 @@
|
||||
diff -up openssl-1.0.0-beta4/apps/CA.pl.in.ca-dir openssl-1.0.0-beta4/apps/CA.pl.in
|
||||
--- openssl-1.0.0-beta4/apps/CA.pl.in.ca-dir 2006-04-28 02:30:49.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/apps/CA.pl.in 2009-11-12 12:33:13.000000000 +0100
|
||||
@@ -53,7 +53,7 @@ $VERIFY="$openssl verify";
|
||||
$X509="$openssl x509";
|
||||
$PKCS12="$openssl pkcs12";
|
||||
|
||||
-$CATOP="./demoCA";
|
||||
+$CATOP="/etc/pki/CA";
|
||||
$CAKEY="cakey.pem";
|
||||
$CAREQ="careq.pem";
|
||||
$CACERT="cacert.pem";
|
||||
diff -up openssl-1.0.0-beta4/apps/CA.sh.ca-dir openssl-1.0.0-beta4/apps/CA.sh
|
||||
--- openssl-1.0.0-beta4/apps/CA.sh.ca-dir 2009-10-15 19:27:47.000000000 +0200
|
||||
+++ openssl-1.0.0-beta4/apps/CA.sh 2009-11-12 12:35:14.000000000 +0100
|
||||
@@ -68,7 +68,7 @@ VERIFY="$OPENSSL verify"
|
||||
X509="$OPENSSL x509"
|
||||
PKCS12="openssl pkcs12"
|
||||
|
||||
-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
|
||||
+if [ -z "$CATOP" ] ; then CATOP=/etc/pki/CA ; fi
|
||||
CAKEY=./cakey.pem
|
||||
CAREQ=./careq.pem
|
||||
CACERT=./cacert.pem
|
||||
diff -up openssl-1.0.0-beta4/apps/openssl.cnf.ca-dir openssl-1.0.0-beta4/apps/openssl.cnf
|
||||
--- openssl-1.0.0-beta4/apps/openssl.cnf.ca-dir 2009-11-12 12:33:13.000000000 +0100
|
||||
+++ openssl-1.0.0-beta4/apps/openssl.cnf 2009-11-12 12:33:13.000000000 +0100
|
||||
@@ -39,7 +39,7 @@ default_ca = CA_default # The default c
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
-dir = ./demoCA # Where everything is kept
|
||||
+dir = /etc/pki/CA # Where everything is kept
|
||||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
52
openssl-1.0.0-beta5-enginesdir.patch
Normal file
52
openssl-1.0.0-beta5-enginesdir.patch
Normal file
@ -0,0 +1,52 @@
|
||||
diff -up openssl-1.0.0-beta5/Configure.enginesdir openssl-1.0.0-beta5/Configure
|
||||
--- openssl-1.0.0-beta5/Configure.enginesdir 2010-01-20 18:07:05.000000000 +0100
|
||||
+++ openssl-1.0.0-beta5/Configure 2010-01-20 18:10:48.000000000 +0100
|
||||
@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
|
||||
my $prefix="";
|
||||
my $libdir="";
|
||||
my $openssldir="";
|
||||
+my $enginesdir="";
|
||||
my $exe_ext="";
|
||||
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
|
||||
my $cross_compile_prefix="";
|
||||
@@ -833,6 +834,10 @@ PROCESS_ARGS:
|
||||
{
|
||||
$openssldir=$1;
|
||||
}
|
||||
+ elsif (/^--enginesdir=(.*)$/)
|
||||
+ {
|
||||
+ $enginesdir=$1;
|
||||
+ }
|
||||
elsif (/^--install.prefix=(.*)$/)
|
||||
{
|
||||
$install_prefix=$1;
|
||||
@@ -1053,7 +1058,7 @@ chop $prefix if $prefix =~ /.\/$/;
|
||||
|
||||
$openssldir=$prefix . "/ssl" if $openssldir eq "";
|
||||
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
|
||||
-
|
||||
+$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
|
||||
|
||||
print "IsMK1MF=$IsMK1MF\n";
|
||||
|
||||
@@ -1673,7 +1678,7 @@ while (<IN>)
|
||||
}
|
||||
elsif (/^#define\s+ENGINESDIR/)
|
||||
{
|
||||
- my $foo = "$prefix/$libdir/engines";
|
||||
+ my $foo = "$enginesdir";
|
||||
$foo =~ s/\\/\\\\/g;
|
||||
print OUT "#define ENGINESDIR \"$foo\"\n";
|
||||
}
|
||||
diff -up openssl-1.0.0-beta5/engines/Makefile.enginesdir openssl-1.0.0-beta5/engines/Makefile
|
||||
--- openssl-1.0.0-beta5/engines/Makefile.enginesdir 2010-01-16 21:06:09.000000000 +0100
|
||||
+++ openssl-1.0.0-beta5/engines/Makefile 2010-01-20 18:07:05.000000000 +0100
|
||||
@@ -124,7 +124,7 @@ install:
|
||||
sfx=".so"; \
|
||||
cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
||||
fi; \
|
||||
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
||||
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
||||
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
|
||||
done; \
|
||||
fi
|
39
openssl-1.0.0-beta5-readme-warning.patch
Normal file
39
openssl-1.0.0-beta5-readme-warning.patch
Normal file
@ -0,0 +1,39 @@
|
||||
diff -up openssl-1.0.0-beta5/README.warning openssl-1.0.0-beta5/README
|
||||
--- openssl-1.0.0-beta5/README.warning 2010-01-20 16:00:47.000000000 +0100
|
||||
+++ openssl-1.0.0-beta5/README 2010-01-21 09:06:11.000000000 +0100
|
||||
@@ -5,6 +5,35 @@
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
All rights reserved.
|
||||
|
||||
+ WARNING
|
||||
+ -------
|
||||
+
|
||||
+ This version of OpenSSL is built in a way that supports operation in
|
||||
+ the so called FIPS mode. Note though that the library as we build it
|
||||
+ is not FIPS validated and the FIPS mode is present for testing purposes
|
||||
+ only.
|
||||
+
|
||||
+ This version also contains a few differences from the upstream code
|
||||
+ some of which are:
|
||||
+ * There are added changes forward ported from the upstream OpenSSL
|
||||
+ 0.9.8 FIPS branch however the FIPS integrity verification check
|
||||
+ is implemented differently from the upstream FIPS validated OpenSSL
|
||||
+ module. It verifies HMAC-SHA256 checksum of the whole shared
|
||||
+ libraries. For this reason the changes are ported to files in the
|
||||
+ crypto directory and not in a separate fips subdirectory. Also
|
||||
+ note that the FIPS integrity verification check requires unmodified
|
||||
+ libcrypto and libssl shared library files which means that it will
|
||||
+ fail if these files are modified for example by prelink.
|
||||
+ * The module respects the kernel FIPS flag /proc/sys/crypto/fips and
|
||||
+ tries to initialize the FIPS mode if it is set to 1 aborting if the
|
||||
+ FIPS mode could not be initialized. It is also possible to force the
|
||||
+ OpenSSL library to FIPS mode especially for debugging purposes by
|
||||
+ setting the environment variable OPENSSL_FORCE_FIPS_MODE.
|
||||
+ * If the environment variable OPENSSL_NO_DEFAULT_ZLIB is set the module
|
||||
+ will not automatically load the built in compression method ZLIB
|
||||
+ when initialized. Applications can still explicitely ask for ZLIB
|
||||
+ compression method.
|
||||
+
|
||||
DESCRIPTION
|
||||
-----------
|
||||
|
21
openssl-1.0.0-timezone.patch
Normal file
21
openssl-1.0.0-timezone.patch
Normal file
@ -0,0 +1,21 @@
|
||||
diff -up openssl-1.0.0/Makefile.org.timezone openssl-1.0.0/Makefile.org
|
||||
--- openssl-1.0.0/Makefile.org.timezone 2010-03-30 11:08:40.000000000 +0200
|
||||
+++ openssl-1.0.0/Makefile.org 2010-04-06 12:49:21.000000000 +0200
|
||||
@@ -609,7 +609,7 @@ install_docs:
|
||||
sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
|
||||
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
|
||||
(cd `$(PERL) util/dirname.pl $$i`; \
|
||||
- sh -c "$$pod2man \
|
||||
+ sh -c "TZ=UTC $$pod2man \
|
||||
--section=$$sec --center=OpenSSL \
|
||||
--release=$(VERSION) `basename $$i`") \
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
|
||||
@@ -626,7 +626,7 @@ install_docs:
|
||||
sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
|
||||
echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
|
||||
(cd `$(PERL) util/dirname.pl $$i`; \
|
||||
- sh -c "$$pod2man \
|
||||
+ sh -c "TZ=UTC $$pod2man \
|
||||
--section=$$sec --center=OpenSSL \
|
||||
--release=$(VERSION) `basename $$i`") \
|
||||
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
|
36
openssl-1.0.0c-rsa-x931.patch
Normal file
36
openssl-1.0.0c-rsa-x931.patch
Normal file
@ -0,0 +1,36 @@
|
||||
diff -up openssl-1.0.0c/apps/genrsa.c.x931 openssl-1.0.0c/apps/genrsa.c
|
||||
--- openssl-1.0.0c/apps/genrsa.c.x931 2010-03-01 15:22:02.000000000 +0100
|
||||
+++ openssl-1.0.0c/apps/genrsa.c 2011-02-01 18:32:05.000000000 +0100
|
||||
@@ -95,6 +95,7 @@ int MAIN(int argc, char **argv)
|
||||
int ret=1;
|
||||
int i,num=DEFBITS;
|
||||
long l;
|
||||
+ int use_x931 = 0;
|
||||
const EVP_CIPHER *enc=NULL;
|
||||
unsigned long f4=RSA_F4;
|
||||
char *outfile=NULL;
|
||||
@@ -138,6 +139,8 @@ int MAIN(int argc, char **argv)
|
||||
f4=3;
|
||||
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
|
||||
f4=RSA_F4;
|
||||
+ else if (strcmp(*argv,"-x931") == 0)
|
||||
+ use_x931 = 1;
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
else if (strcmp(*argv,"-engine") == 0)
|
||||
{
|
||||
@@ -273,7 +276,14 @@ bad:
|
||||
if (!rsa)
|
||||
goto err;
|
||||
|
||||
- if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
|
||||
+ if (use_x931)
|
||||
+ {
|
||||
+ if (!BN_set_word(bn, f4))
|
||||
+ goto err;
|
||||
+ if (!RSA_X931_generate_key_ex(rsa, num, bn, &cb))
|
||||
+ goto err;
|
||||
+ }
|
||||
+ else if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
|
||||
goto err;
|
||||
|
||||
app_RAND_write_file(NULL, bio_err);
|
110
openssl-1.0.0d-apps-dgst.patch
Normal file
110
openssl-1.0.0d-apps-dgst.patch
Normal file
@ -0,0 +1,110 @@
|
||||
diff -up openssl-1.0.0d/apps/ca.c.dgst openssl-1.0.0d/apps/ca.c
|
||||
--- openssl-1.0.0d/apps/ca.c.dgst 2009-12-02 15:41:24.000000000 +0100
|
||||
+++ openssl-1.0.0d/apps/ca.c 2011-04-05 21:09:42.000000000 +0200
|
||||
@@ -157,7 +157,7 @@ static const char *ca_usage[]={
|
||||
" -startdate YYMMDDHHMMSSZ - certificate validity notBefore\n",
|
||||
" -enddate YYMMDDHHMMSSZ - certificate validity notAfter (overrides -days)\n",
|
||||
" -days arg - number of days to certify the certificate for\n",
|
||||
-" -md arg - md to use, one of md2, md5, sha or sha1\n",
|
||||
+" -md arg - md to use, see openssl dgst -h for list\n",
|
||||
" -policy arg - The CA 'policy' to support\n",
|
||||
" -keyfile arg - private key file\n",
|
||||
" -keyform arg - private key file format (PEM or ENGINE)\n",
|
||||
diff -up openssl-1.0.0d/apps/enc.c.dgst openssl-1.0.0d/apps/enc.c
|
||||
--- openssl-1.0.0d/apps/enc.c.dgst 2010-06-15 19:25:02.000000000 +0200
|
||||
+++ openssl-1.0.0d/apps/enc.c 2011-04-05 21:11:54.000000000 +0200
|
||||
@@ -302,7 +302,7 @@ bad:
|
||||
BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k");
|
||||
BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile");
|
||||
BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md");
|
||||
- BIO_printf(bio_err,"%-14s from a passphrase. One of md2, md5, sha or sha1\n","");
|
||||
+ BIO_printf(bio_err,"%-14s from a passphrase. See openssl dgst -h for list.\n","");
|
||||
BIO_printf(bio_err,"%-14s salt in hex is the next argument\n","-S");
|
||||
BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
|
||||
BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
|
||||
diff -up openssl-1.0.0d/apps/req.c.dgst openssl-1.0.0d/apps/req.c
|
||||
--- openssl-1.0.0d/apps/req.c.dgst 2010-03-10 14:48:21.000000000 +0100
|
||||
+++ openssl-1.0.0d/apps/req.c 2011-04-05 21:12:33.000000000 +0200
|
||||
@@ -421,7 +421,7 @@ bad:
|
||||
#ifndef OPENSSL_NO_ECDSA
|
||||
BIO_printf(bio_err," -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n");
|
||||
#endif
|
||||
- BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
|
||||
+ BIO_printf(bio_err," -[digest] Digest to sign with (see openssl dgst -h for list)\n");
|
||||
BIO_printf(bio_err," -config file request template file.\n");
|
||||
BIO_printf(bio_err," -subj arg set or modify request subject\n");
|
||||
BIO_printf(bio_err," -multivalue-rdn enable support for multivalued RDNs\n");
|
||||
diff -up openssl-1.0.0d/apps/ts.c.dgst openssl-1.0.0d/apps/ts.c
|
||||
--- openssl-1.0.0d/apps/ts.c.dgst 2009-10-18 16:42:26.000000000 +0200
|
||||
+++ openssl-1.0.0d/apps/ts.c 2011-04-05 21:16:07.000000000 +0200
|
||||
@@ -368,7 +368,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(bio_err, "usage:\n"
|
||||
"ts -query [-rand file%cfile%c...] [-config configfile] "
|
||||
"[-data file_to_hash] [-digest digest_bytes]"
|
||||
- "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
|
||||
+ "[-<hashalg>] "
|
||||
"[-policy object_id] [-no_nonce] [-cert] "
|
||||
"[-in request.tsq] [-out request.tsq] [-text]\n",
|
||||
LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
|
||||
diff -up openssl-1.0.0d/apps/x509.c.dgst openssl-1.0.0d/apps/x509.c
|
||||
--- openssl-1.0.0d/apps/x509.c.dgst 2011-04-05 21:13:42.000000000 +0200
|
||||
+++ openssl-1.0.0d/apps/x509.c 2011-04-05 21:13:17.000000000 +0200
|
||||
@@ -141,7 +141,7 @@ static const char *x509_usage[]={
|
||||
" -set_serial - serial number to use\n",
|
||||
" -text - print the certificate in text form\n",
|
||||
" -C - print out C code forms\n",
|
||||
-" -md2/-md5/-sha1/-mdc2 - digest to use\n",
|
||||
+" -<dgst> - digest to use, see openssl dgst -h output for list\n",
|
||||
" -extfile - configuration file with X509V3 extensions to add\n",
|
||||
" -extensions - section from config file with X509V3 extensions to add\n",
|
||||
" -clrext - delete extensions before signing and input certificate\n",
|
||||
diff -up openssl-1.0.0d/doc/apps/ca.pod.dgst openssl-1.0.0d/doc/apps/ca.pod
|
||||
--- openssl-1.0.0d/doc/apps/ca.pod.dgst 2009-04-10 13:25:53.000000000 +0200
|
||||
+++ openssl-1.0.0d/doc/apps/ca.pod 2011-04-05 21:16:39.000000000 +0200
|
||||
@@ -160,7 +160,8 @@ the number of days to certify the certif
|
||||
=item B<-md alg>
|
||||
|
||||
the message digest to use. Possible values include md5, sha1 and mdc2.
|
||||
-This option also applies to CRLs.
|
||||
+For full list of digests see openssl dgst -h output. This option also
|
||||
+applies to CRLs.
|
||||
|
||||
=item B<-policy arg>
|
||||
|
||||
diff -up openssl-1.0.0d/doc/apps/ocsp.pod.dgst openssl-1.0.0d/doc/apps/ocsp.pod
|
||||
--- openssl-1.0.0d/doc/apps/ocsp.pod.dgst 2008-02-25 19:11:47.000000000 +0100
|
||||
+++ openssl-1.0.0d/doc/apps/ocsp.pod 2011-04-05 21:18:17.000000000 +0200
|
||||
@@ -210,7 +210,8 @@ check is not performed.
|
||||
=item B<-md5|-sha1|-sha256|-ripemod160|...>
|
||||
|
||||
this option sets digest algorithm to use for certificate identification
|
||||
-in the OCSP request. By default SHA-1 is used.
|
||||
+in the OCSP request. By default SHA-1 is used. See openssl dgst -h output for
|
||||
+the list of available algorithms.
|
||||
|
||||
=back
|
||||
|
||||
diff -up openssl-1.0.0d/doc/apps/req.pod.dgst openssl-1.0.0d/doc/apps/req.pod
|
||||
--- openssl-1.0.0d/doc/apps/req.pod.dgst 2009-04-10 18:42:28.000000000 +0200
|
||||
+++ openssl-1.0.0d/doc/apps/req.pod 2011-04-05 21:20:47.000000000 +0200
|
||||
@@ -201,7 +201,8 @@ will not be encrypted.
|
||||
|
||||
this specifies the message digest to sign the request with (such as
|
||||
B<-md5>, B<-sha1>). This overrides the digest algorithm specified in
|
||||
-the configuration file.
|
||||
+the configuration file. For full list of possible digests see openssl
|
||||
+dgst -h output.
|
||||
|
||||
Some public key algorithms may override this choice. For instance, DSA
|
||||
signatures always use SHA1, GOST R 34.10 signatures always use
|
||||
diff -up openssl-1.0.0d/doc/apps/x509.pod.dgst openssl-1.0.0d/doc/apps/x509.pod
|
||||
--- openssl-1.0.0d/doc/apps/x509.pod.dgst 2010-01-12 18:27:11.000000000 +0100
|
||||
+++ openssl-1.0.0d/doc/apps/x509.pod 2011-04-05 21:19:56.000000000 +0200
|
||||
@@ -101,6 +101,7 @@ the digest to use. This affects any sign
|
||||
digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
|
||||
specified then SHA1 is used. If the key being used to sign with is a DSA key
|
||||
then this option has no effect: SHA1 is always used with DSA keys.
|
||||
+For full list of digests see openssl dgst -h output.
|
||||
|
||||
=item B<-engine id>
|
||||
|
12
openssl-1.0.0d-xmpp-starttls.patch
Normal file
12
openssl-1.0.0d-xmpp-starttls.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -ru openssl-1.0.0d.old/apps/s_client.c openssl-1.0.0d/apps/s_client.c
|
||||
--- openssl-1.0.0d.old/apps/s_client.c 2011-07-17 21:05:19.934181169 +0200
|
||||
+++ openssl-1.0.0d/apps/s_client.c 2011-07-17 21:11:42.747824990 +0200
|
||||
@@ -1186,7 +1186,7 @@
|
||||
"xmlns='jabber:client' to='%s' version='1.0'>", host);
|
||||
seen = BIO_read(sbio,mbuf,BUFSIZZ);
|
||||
mbuf[seen] = 0;
|
||||
- while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
|
||||
+ while (!strcasestr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") && !strcasestr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\""))
|
||||
{
|
||||
if (strstr(mbuf, "/stream:features>"))
|
||||
goto shut;
|
24
openssl-1.0.0e-chil-fixes.patch
Normal file
24
openssl-1.0.0e-chil-fixes.patch
Normal file
@ -0,0 +1,24 @@
|
||||
diff -up openssl-1.0.0e/engines/e_chil.c.chil openssl-1.0.0e/engines/e_chil.c
|
||||
--- openssl-1.0.0e/engines/e_chil.c.chil 2010-06-15 19:25:12.000000000 +0200
|
||||
+++ openssl-1.0.0e/engines/e_chil.c 2011-09-21 17:32:03.000000000 +0200
|
||||
@@ -1261,6 +1261,11 @@ static int hwcrhk_insert_card(const char
|
||||
UI *ui;
|
||||
void *callback_data = NULL;
|
||||
UI_METHOD *ui_method = NULL;
|
||||
+ /* Despite what the documentation says prompt_info can be
|
||||
+ * an empty string.
|
||||
+ */
|
||||
+ if (prompt_info && !*prompt_info)
|
||||
+ prompt_info = NULL;
|
||||
|
||||
if (cactx)
|
||||
{
|
||||
@@ -1287,7 +1292,7 @@ static int hwcrhk_insert_card(const char
|
||||
|
||||
if (ui)
|
||||
{
|
||||
- char answer;
|
||||
+ char answer = '\0';
|
||||
char buf[BUFSIZ];
|
||||
/* Despite what the documentation says wrong_info can be
|
||||
* an empty string.
|
21
openssl-1.0.1-beta2-fips-md5-allow.patch
Normal file
21
openssl-1.0.1-beta2-fips-md5-allow.patch
Normal file
@ -0,0 +1,21 @@
|
||||
diff -up openssl-1.0.1-beta2/crypto/md5/md5_dgst.c.md5-allow openssl-1.0.1-beta2/crypto/md5/md5_dgst.c
|
||||
--- openssl-1.0.1-beta2/crypto/md5/md5_dgst.c.md5-allow 2012-02-06 20:09:56.000000000 +0100
|
||||
+++ openssl-1.0.1-beta2/crypto/md5/md5_dgst.c 2012-02-06 20:14:02.332117603 +0100
|
||||
@@ -71,7 +71,16 @@ const char MD5_version[]="MD5" OPENSSL_V
|
||||
#define INIT_DATA_C (unsigned long)0x98badcfeL
|
||||
#define INIT_DATA_D (unsigned long)0x10325476L
|
||||
|
||||
-nonfips_md_init(MD5)
|
||||
+int MD5_Init(MD5_CTX *c)
|
||||
+#ifdef OPENSSL_FIPS
|
||||
+ {
|
||||
+ if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
|
||||
+ OpenSSLDie(__FILE__, __LINE__, \
|
||||
+ "Digest MD5 forbidden in FIPS mode!");
|
||||
+ return private_MD5_Init(c);
|
||||
+ }
|
||||
+int private_MD5_Init(MD5_CTX *c)
|
||||
+#endif
|
||||
{
|
||||
memset (c,0,sizeof(*c));
|
||||
c->A=INIT_DATA_A;
|
30
openssl-1.0.1-pkgconfig-krb5.patch
Normal file
30
openssl-1.0.1-pkgconfig-krb5.patch
Normal file
@ -0,0 +1,30 @@
|
||||
diff -up openssl-1.0.1/Makefile.org.krb5 openssl-1.0.1/Makefile.org
|
||||
--- openssl-1.0.1/Makefile.org.krb5 2012-03-14 21:15:04.000000000 +0100
|
||||
+++ openssl-1.0.1/Makefile.org 2012-04-11 16:28:31.254725422 +0200
|
||||
@@ -370,7 +370,7 @@ libcrypto.pc: Makefile
|
||||
echo 'Requires: '; \
|
||||
echo 'Libs: -L$${libdir} -lcrypto'; \
|
||||
echo 'Libs.private: $(EX_LIBS)'; \
|
||||
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
|
||||
+ echo 'Cflags: -I$${includedir}' ) > libcrypto.pc
|
||||
|
||||
libssl.pc: Makefile
|
||||
@ ( echo 'prefix=$(INSTALLTOP)'; \
|
||||
@@ -383,7 +383,7 @@ libssl.pc: Makefile
|
||||
echo 'Version: '$(VERSION); \
|
||||
echo 'Requires: '; \
|
||||
echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
|
||||
- echo 'Libs.private: $(EX_LIBS)'; \
|
||||
+ echo 'Libs.private: $(EX_LIBS) $(LIBKRB5)'; \
|
||||
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
|
||||
|
||||
openssl.pc: Makefile
|
||||
@@ -397,7 +397,7 @@ openssl.pc: Makefile
|
||||
echo 'Version: '$(VERSION); \
|
||||
echo 'Requires: '; \
|
||||
echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
|
||||
- echo 'Libs.private: $(EX_LIBS)'; \
|
||||
+ echo 'Libs.private: $(EX_LIBS) $(LIBKRB5)'; \
|
||||
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
|
||||
|
||||
Makefile: Makefile.org Configure config
|
12
openssl-1.0.1c-aliasing.patch
Normal file
12
openssl-1.0.1c-aliasing.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up openssl-1.0.1c/crypto/modes/Makefile.aliasing openssl-1.0.1c/crypto/modes/Makefile
|
||||
--- openssl-1.0.1c/crypto/modes/Makefile.aliasing 2011-08-12 00:36:17.000000000 +0200
|
||||
+++ openssl-1.0.1c/crypto/modes/Makefile 2012-07-13 11:32:10.767829077 +0200
|
||||
@@ -12,7 +12,7 @@ AR= ar r
|
||||
|
||||
MODES_ASM_OBJ=
|
||||
|
||||
-CFLAGS= $(INCLUDES) $(CFLAG)
|
||||
+CFLAGS= $(INCLUDES) $(CFLAG) -fno-strict-aliasing
|
||||
ASFLAGS= $(INCLUDES) $(ASFLAG)
|
||||
AFLAGS= $(ASFLAGS)
|
||||
|
100
openssl-1.0.1c-default-paths.patch
Normal file
100
openssl-1.0.1c-default-paths.patch
Normal file
@ -0,0 +1,100 @@
|
||||
diff -up openssl-1.0.1c/apps/s_client.c.default-paths openssl-1.0.1c/apps/s_client.c
|
||||
--- openssl-1.0.1c/apps/s_client.c.default-paths 2012-03-18 19:16:05.000000000 +0100
|
||||
+++ openssl-1.0.1c/apps/s_client.c 2012-12-06 18:24:06.425933203 +0100
|
||||
@@ -1166,12 +1166,19 @@ bad:
|
||||
if (!set_cert_key_stuff(ctx,cert,key))
|
||||
goto end;
|
||||
|
||||
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
|
||||
- (!SSL_CTX_set_default_verify_paths(ctx)))
|
||||
+ if (CAfile == NULL && CApath == NULL)
|
||||
{
|
||||
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
||||
- ERR_print_errors(bio_err);
|
||||
- /* goto end; */
|
||||
+ if (!SSL_CTX_set_default_verify_paths(ctx))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
diff -up openssl-1.0.1c/apps/s_server.c.default-paths openssl-1.0.1c/apps/s_server.c
|
||||
--- openssl-1.0.1c/apps/s_server.c.default-paths 2012-03-18 19:16:05.000000000 +0100
|
||||
+++ openssl-1.0.1c/apps/s_server.c 2012-12-06 18:25:11.199329611 +0100
|
||||
@@ -1565,13 +1565,21 @@ bad:
|
||||
}
|
||||
#endif
|
||||
|
||||
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
|
||||
- (!SSL_CTX_set_default_verify_paths(ctx)))
|
||||
+ if (CAfile == NULL && CApath == NULL)
|
||||
{
|
||||
- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
|
||||
- ERR_print_errors(bio_err);
|
||||
- /* goto end; */
|
||||
+ if (!SSL_CTX_set_default_verify_paths(ctx))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
}
|
||||
+
|
||||
if (vpm)
|
||||
SSL_CTX_set1_param(ctx, vpm);
|
||||
|
||||
@@ -1622,8 +1630,11 @@ bad:
|
||||
else
|
||||
SSL_CTX_sess_set_cache_size(ctx2,128);
|
||||
|
||||
- if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
|
||||
- (!SSL_CTX_set_default_verify_paths(ctx2)))
|
||||
+ if (!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
+ if (!SSL_CTX_set_default_verify_paths(ctx2))
|
||||
{
|
||||
ERR_print_errors(bio_err);
|
||||
}
|
||||
diff -up openssl-1.0.1c/apps/s_time.c.default-paths openssl-1.0.1c/apps/s_time.c
|
||||
--- openssl-1.0.1c/apps/s_time.c.default-paths 2006-04-17 14:22:13.000000000 +0200
|
||||
+++ openssl-1.0.1c/apps/s_time.c 2012-12-06 18:27:41.694574044 +0100
|
||||
@@ -373,12 +373,19 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
SSL_load_error_strings();
|
||||
|
||||
- if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
|
||||
- (!SSL_CTX_set_default_verify_paths(tm_ctx)))
|
||||
+ if (CAfile == NULL && CApath == NULL)
|
||||
{
|
||||
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
||||
- ERR_print_errors(bio_err);
|
||||
- /* goto end; */
|
||||
+ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ if (!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath))
|
||||
+ {
|
||||
+ ERR_print_errors(bio_err);
|
||||
+ }
|
||||
}
|
||||
|
||||
if (tm_cipher == NULL)
|
61
openssl-1.0.1c-dh-1024.patch
Normal file
61
openssl-1.0.1c-dh-1024.patch
Normal file
@ -0,0 +1,61 @@
|
||||
diff -up openssl-1.0.1c/apps/s_server.c.dh1024 openssl-1.0.1c/apps/s_server.c
|
||||
--- openssl-1.0.1c/apps/s_server.c.dh1024 2012-11-14 20:27:50.000000000 +0100
|
||||
+++ openssl-1.0.1c/apps/s_server.c 2012-11-15 20:56:15.247774465 +0100
|
||||
@@ -222,27 +222,31 @@ static void s_server_init(void);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_DH
|
||||
-static unsigned char dh512_p[]={
|
||||
- 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
|
||||
- 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
|
||||
- 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
|
||||
- 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
|
||||
- 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
|
||||
- 0x47,0x74,0xE8,0x33,
|
||||
- };
|
||||
-static unsigned char dh512_g[]={
|
||||
- 0x02,
|
||||
- };
|
||||
-
|
||||
-static DH *get_dh512(void)
|
||||
+static DH *get_dh1024()
|
||||
{
|
||||
- DH *dh=NULL;
|
||||
+ static unsigned char dh1024_p[]={
|
||||
+ 0x99,0x58,0xFA,0x90,0x53,0x2F,0xE0,0x61,0x83,0x9D,0x54,0x63,
|
||||
+ 0xBD,0x35,0x5A,0x31,0xF3,0xC6,0x79,0xE5,0xA0,0x0F,0x66,0x79,
|
||||
+ 0x3C,0xA0,0x7F,0xE8,0xA2,0x5F,0xDF,0x11,0x08,0xA3,0xF0,0x3C,
|
||||
+ 0xC3,0x3C,0x5D,0x50,0x2C,0xD5,0xD6,0x58,0x12,0xDB,0xC1,0xEF,
|
||||
+ 0xB4,0x47,0x4A,0x5A,0x39,0x8A,0x4E,0xEB,0x44,0xE2,0x07,0xFB,
|
||||
+ 0x3D,0xA3,0xC7,0x6E,0x52,0xF3,0x2B,0x7B,0x10,0xA5,0x98,0xE3,
|
||||
+ 0x38,0x2A,0xE2,0x7F,0xA4,0x8F,0x26,0x87,0x9B,0x66,0x7A,0xED,
|
||||
+ 0x2D,0x4C,0xE7,0x33,0x77,0x47,0x94,0x43,0xB6,0xAA,0x97,0x23,
|
||||
+ 0x8A,0xFC,0xA5,0xA6,0x64,0x09,0xC0,0x27,0xC0,0xEF,0xCB,0x05,
|
||||
+ 0x90,0x9D,0xD5,0x75,0xBA,0x00,0xE0,0xFB,0xA8,0x81,0x52,0xA4,
|
||||
+ 0xB2,0x83,0x22,0x5B,0xCB,0xD7,0x16,0x93,
|
||||
+ };
|
||||
+ static unsigned char dh1024_g[]={
|
||||
+ 0x02,
|
||||
+ };
|
||||
+ DH *dh;
|
||||
|
||||
if ((dh=DH_new()) == NULL) return(NULL);
|
||||
- dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
|
||||
- dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
|
||||
+ dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
|
||||
+ dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
|
||||
if ((dh->p == NULL) || (dh->g == NULL))
|
||||
- return(NULL);
|
||||
+ { DH_free(dh); return(NULL); }
|
||||
return(dh);
|
||||
}
|
||||
#endif
|
||||
@@ -1657,7 +1661,7 @@ bad:
|
||||
else
|
||||
{
|
||||
BIO_printf(bio_s_out,"Using default temp DH parameters\n");
|
||||
- dh=get_dh512();
|
||||
+ dh=get_dh1024();
|
||||
}
|
||||
(void)BIO_flush(bio_s_out);
|
||||
|
16
openssl-1.0.1c-perlfind.patch
Normal file
16
openssl-1.0.1c-perlfind.patch
Normal file
@ -0,0 +1,16 @@
|
||||
diff -up openssl-1.0.1c/util/perlpath.pl.perlfind openssl-1.0.1c/util/perlpath.pl
|
||||
--- openssl-1.0.1c/util/perlpath.pl.perlfind 2012-07-11 22:57:33.000000000 +0200
|
||||
+++ openssl-1.0.1c/util/perlpath.pl 2012-07-12 00:31:12.102156275 +0200
|
||||
@@ -4,10 +4,10 @@
|
||||
# line in all scripts that rely on perl.
|
||||
#
|
||||
|
||||
-require "find.pl";
|
||||
+use File::Find;
|
||||
|
||||
$#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n";
|
||||
-&find(".");
|
||||
+find(\&wanted, ".");
|
||||
|
||||
sub wanted
|
||||
{
|
93
openssl-1.0.1e-arm-use-elf-auxv-caps.patch
Normal file
93
openssl-1.0.1e-arm-use-elf-auxv-caps.patch
Normal file
@ -0,0 +1,93 @@
|
||||
diff --git a/crypto/armcap.c b/crypto/armcap.c
|
||||
index 5258d2f..efb4009 100644
|
||||
--- a/crypto/armcap.c
|
||||
+++ b/crypto/armcap.c
|
||||
@@ -9,11 +9,6 @@
|
||||
|
||||
unsigned int OPENSSL_armcap_P;
|
||||
|
||||
-static sigset_t all_masked;
|
||||
-
|
||||
-static sigjmp_buf ill_jmp;
|
||||
-static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
|
||||
-
|
||||
/*
|
||||
* Following subroutines could have been inlined, but it's not all
|
||||
* ARM compilers support inline assembler...
|
||||
@@ -29,24 +24,26 @@ unsigned int OPENSSL_rdtsc(void)
|
||||
return 0;
|
||||
}
|
||||
|
||||
-#if defined(__GNUC__) && __GNUC__>=2
|
||||
-void OPENSSL_cpuid_setup(void) __attribute__((constructor));
|
||||
-#endif
|
||||
-void OPENSSL_cpuid_setup(void)
|
||||
+#if defined(__GLIBC__) && __GLIBC__>=2 && __GLIBC_MINOR__>=16
|
||||
+#include <sys/auxv.h>
|
||||
+
|
||||
+void OPENSSL_cpuid_find(void)
|
||||
+ {
|
||||
+ unsigned long hwcap = getauxval(AT_HWCAP);
|
||||
+ char *plat = (char *)getauxval(AT_PLATFORM);
|
||||
+
|
||||
+ OPENSSL_armcap_P |= hwcap & HWCAP_ARM_NEON ? ARMV7_NEON : 0;
|
||||
+ OPENSSL_armcap_P |= plat ? (plat[1] == '7' ? ARMV7_TICK : 0) : 0;
|
||||
+ }
|
||||
+#else
|
||||
+static sigset_t all_masked;
|
||||
+static sigjmp_buf ill_jmp;
|
||||
+static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
|
||||
+
|
||||
+void OPENSSL_cpuid_find(void)
|
||||
{
|
||||
- char *e;
|
||||
struct sigaction ill_oact,ill_act;
|
||||
sigset_t oset;
|
||||
- static int trigger=0;
|
||||
-
|
||||
- if (trigger) return;
|
||||
- trigger=1;
|
||||
-
|
||||
- if ((e=getenv("OPENSSL_armcap")))
|
||||
- {
|
||||
- OPENSSL_armcap_P=strtoul(e,NULL,0);
|
||||
- return;
|
||||
- }
|
||||
|
||||
sigfillset(&all_masked);
|
||||
sigdelset(&all_masked,SIGILL);
|
||||
@@ -55,8 +52,6 @@ void OPENSSL_cpuid_setup(void)
|
||||
sigdelset(&all_masked,SIGBUS);
|
||||
sigdelset(&all_masked,SIGSEGV);
|
||||
|
||||
- OPENSSL_armcap_P = 0;
|
||||
-
|
||||
memset(&ill_act,0,sizeof(ill_act));
|
||||
ill_act.sa_handler = ill_handler;
|
||||
ill_act.sa_mask = all_masked;
|
||||
@@ -78,3 +73,25 @@ void OPENSSL_cpuid_setup(void)
|
||||
sigaction (SIGILL,&ill_oact,NULL);
|
||||
sigprocmask(SIG_SETMASK,&oset,NULL);
|
||||
}
|
||||
+#endif
|
||||
+
|
||||
+#if defined(__GNUC__) && __GNUC__>=2
|
||||
+void OPENSSL_cpuid_setup(void) __attribute__((constructor));
|
||||
+#endif
|
||||
+void OPENSSL_cpuid_setup(void)
|
||||
+ {
|
||||
+ char *e;
|
||||
+ static int trigger=0;
|
||||
+
|
||||
+ if (trigger) return;
|
||||
+ trigger=1;
|
||||
+
|
||||
+ if ((e=getenv("OPENSSL_armcap")))
|
||||
+ {
|
||||
+ OPENSSL_armcap_P=strtoul(e,NULL,0);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ OPENSSL_armcap_P = 0;
|
||||
+ OPENSSL_cpuid_find();
|
||||
+ }
|
25
openssl-1.0.1e-cc-reqs.patch
Normal file
25
openssl-1.0.1e-cc-reqs.patch
Normal file
@ -0,0 +1,25 @@
|
||||
diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.0.1e/crypto/rsa/rsa_gen.c
|
||||
--- openssl-1.0.1e/crypto/rsa/rsa_gen.c.cc-reqs 2015-01-13 12:45:51.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/rsa/rsa_gen.c 2015-01-15 17:35:04.649697922 +0100
|
||||
@@ -438,6 +438,10 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err;
|
||||
if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err;
|
||||
|
||||
+ /* prepare minimum p and q difference */
|
||||
+ if (!BN_one(r3)) goto err;
|
||||
+ if (bitsp > 100 && !BN_lshift(r3, r3, bitsp - 100)) goto err;
|
||||
+
|
||||
BN_copy(rsa->e, e_value);
|
||||
|
||||
/* generate p and q */
|
||||
@@ -463,7 +467,9 @@ static int rsa_builtin_keygen(RSA *rsa,
|
||||
{
|
||||
if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
|
||||
goto err;
|
||||
- } while((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
|
||||
+ if (!BN_sub(r2, rsa->q, rsa->p))
|
||||
+ goto err;
|
||||
+ } while((BN_ucmp(r2, r3) <= 0) && (++degenerate < 3));
|
||||
if(degenerate == 3)
|
||||
{
|
||||
ok = 0; /* we set our own err */
|
46
openssl-1.0.1e-compat-symbols.patch
Normal file
46
openssl-1.0.1e-compat-symbols.patch
Normal file
@ -0,0 +1,46 @@
|
||||
diff -up openssl-1.0.1e/crypto/dsa/dsa_key.c.compat openssl-1.0.1e/crypto/dsa/dsa_key.c
|
||||
--- openssl-1.0.1e/crypto/dsa/dsa_key.c.compat 2013-11-26 14:36:35.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/dsa/dsa_key.c 2013-12-11 16:34:58.638549687 +0100
|
||||
@@ -68,6 +68,11 @@
|
||||
#include <openssl/fips.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
+/* just a compatibility symbol - no-op */
|
||||
+void FIPS_corrupt_dsa_keygen(void)
|
||||
+ {
|
||||
+ }
|
||||
+
|
||||
static int fips_check_dsa(DSA *dsa)
|
||||
{
|
||||
EVP_PKEY *pk;
|
||||
diff -up openssl-1.0.1e/crypto/engine/eng_all.c.compat openssl-1.0.1e/crypto/engine/eng_all.c
|
||||
--- openssl-1.0.1e/crypto/engine/eng_all.c.compat 2013-11-26 14:36:35.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/engine/eng_all.c 2013-12-11 16:32:13.512820424 +0100
|
||||
@@ -62,6 +62,11 @@
|
||||
#include <openssl/fips.h>
|
||||
#endif
|
||||
|
||||
+/* just backwards compatibility symbol - no-op */
|
||||
+void ENGINE_load_aesni (void)
|
||||
+{
|
||||
+}
|
||||
+
|
||||
void ENGINE_load_builtin_engines(void)
|
||||
{
|
||||
/* Some ENGINEs need this */
|
||||
diff -up openssl-1.0.1e/crypto/fips/fips.c.compat openssl-1.0.1e/crypto/fips/fips.c
|
||||
--- openssl-1.0.1e/crypto/fips/fips.c.compat 2013-11-26 14:36:35.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/fips/fips.c 2013-12-11 16:38:52.524831858 +0100
|
||||
@@ -111,6 +111,12 @@ int FIPS_module_mode(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
+/* just a compat symbol - return NULL */
|
||||
+const void *FIPS_rand_check(void)
|
||||
+ {
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
int FIPS_selftest_failed(void)
|
||||
{
|
||||
int ret = 0;
|
13
openssl-1.0.1e-cve-2015-0286.patch
Normal file
13
openssl-1.0.1e-cve-2015-0286.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff -up openssl-1.0.1e/crypto/asn1/a_type.c.bool-cmp openssl-1.0.1e/crypto/asn1/a_type.c
|
||||
--- openssl-1.0.1e/crypto/asn1/a_type.c.bool-cmp 2015-03-18 13:02:36.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/asn1/a_type.c 2015-03-18 14:38:07.111401390 +0100
|
||||
@@ -124,6 +124,9 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, co
|
||||
case V_ASN1_OBJECT:
|
||||
result = OBJ_cmp(a->value.object, b->value.object);
|
||||
break;
|
||||
+ case V_ASN1_BOOLEAN:
|
||||
+ result = a->value.boolean - b->value.boolean;
|
||||
+ break;
|
||||
case V_ASN1_NULL:
|
||||
result = 0; /* They do not have content. */
|
||||
break;
|
46
openssl-1.0.1e-cve-2015-0287.patch
Normal file
46
openssl-1.0.1e-cve-2015-0287.patch
Normal file
@ -0,0 +1,46 @@
|
||||
diff -up openssl-1.0.1e/crypto/asn1/tasn_dec.c.item-reuse openssl-1.0.1e/crypto/asn1/tasn_dec.c
|
||||
--- openssl-1.0.1e/crypto/asn1/tasn_dec.c.item-reuse 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/asn1/tasn_dec.c 2015-03-19 15:46:51.097022616 +0100
|
||||
@@ -310,9 +310,19 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval,
|
||||
case ASN1_ITYPE_CHOICE:
|
||||
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
|
||||
goto auxerr;
|
||||
-
|
||||
- /* Allocate structure */
|
||||
- if (!*pval && !ASN1_item_ex_new(pval, it))
|
||||
+ if (*pval)
|
||||
+ {
|
||||
+ /* Free up and zero CHOICE value if initialised */
|
||||
+ i = asn1_get_choice_selector(pval, it);
|
||||
+ if ((i >= 0) && (i < it->tcount))
|
||||
+ {
|
||||
+ tt = it->templates + i;
|
||||
+ pchptr = asn1_get_field_ptr(pval, tt);
|
||||
+ ASN1_template_free(pchptr, tt);
|
||||
+ asn1_set_choice_selector(pval, -1, it);
|
||||
+ }
|
||||
+ }
|
||||
+ else if (!ASN1_item_ex_new(pval, it))
|
||||
{
|
||||
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
|
||||
ERR_R_NESTED_ASN1_ERROR);
|
||||
@@ -407,6 +417,19 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval,
|
||||
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
|
||||
goto auxerr;
|
||||
|
||||
+ /* Free up and zero any ADB found */
|
||||
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++)
|
||||
+ {
|
||||
+ if (tt->flags & ASN1_TFLG_ADB_MASK)
|
||||
+ {
|
||||
+ const ASN1_TEMPLATE *seqtt;
|
||||
+ ASN1_VALUE **pseqval;
|
||||
+ seqtt = asn1_do_adb(pval, tt, 1);
|
||||
+ pseqval = asn1_get_field_ptr(pval, seqtt);
|
||||
+ ASN1_template_free(pseqval, seqtt);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
/* Get each field entry */
|
||||
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++)
|
||||
{
|
12
openssl-1.0.1e-cve-2015-0288.patch
Normal file
12
openssl-1.0.1e-cve-2015-0288.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up openssl-1.0.1e/crypto/x509/x509_req.c.req-null-deref openssl-1.0.1e/crypto/x509/x509_req.c
|
||||
--- openssl-1.0.1e/crypto/x509/x509_req.c.req-null-deref 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/x509/x509_req.c 2015-03-18 18:34:35.732448017 +0100
|
||||
@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_
|
||||
goto err;
|
||||
|
||||
pktmp = X509_get_pubkey(x);
|
||||
+ if (pktmp == NULL)
|
||||
+ goto err;
|
||||
i=X509_REQ_set_pubkey(ret,pktmp);
|
||||
EVP_PKEY_free(pktmp);
|
||||
if (!i) goto err;
|
102
openssl-1.0.1e-cve-2015-0293.patch
Normal file
102
openssl-1.0.1e-cve-2015-0293.patch
Normal file
@ -0,0 +1,102 @@
|
||||
diff -up openssl-1.0.1e/ssl/s2_lib.c.ssl2-assert openssl-1.0.1e/ssl/s2_lib.c
|
||||
--- openssl-1.0.1e/ssl/s2_lib.c.ssl2-assert 2015-03-18 13:02:36.000000000 +0100
|
||||
+++ openssl-1.0.1e/ssl/s2_lib.c 2015-03-18 18:22:20.195322489 +0100
|
||||
@@ -488,7 +488,7 @@ int ssl2_generate_key_material(SSL *s)
|
||||
|
||||
OPENSSL_assert(s->session->master_key_length >= 0
|
||||
&& s->session->master_key_length
|
||||
- < (int)sizeof(s->session->master_key));
|
||||
+ <= (int)sizeof(s->session->master_key));
|
||||
EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
|
||||
EVP_DigestUpdate(&ctx,&c,1);
|
||||
c++;
|
||||
diff -up openssl-1.0.1e/ssl/s2_srvr.c.ssl2-assert openssl-1.0.1e/ssl/s2_srvr.c
|
||||
--- openssl-1.0.1e/ssl/s2_srvr.c.ssl2-assert 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/ssl/s2_srvr.c 2015-03-18 18:30:11.403974038 +0100
|
||||
@@ -446,9 +446,6 @@ static int get_client_master_key(SSL *s)
|
||||
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
|
||||
return(-1);
|
||||
}
|
||||
- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc,
|
||||
- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]),
|
||||
- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
|
||||
|
||||
is_export=SSL_C_IS_EXPORT(s->session->cipher);
|
||||
|
||||
@@ -467,21 +464,61 @@ static int get_client_master_key(SSL *s)
|
||||
else
|
||||
ek=5;
|
||||
|
||||
+ /*
|
||||
+ * The format of the CLIENT-MASTER-KEY message is
|
||||
+ * 1 byte message type
|
||||
+ * 3 bytes cipher
|
||||
+ * 2-byte clear key length (stored in s->s2->tmp.clear)
|
||||
+ * 2-byte encrypted key length (stored in s->s2->tmp.enc)
|
||||
+ * 2-byte key args length (IV etc)
|
||||
+ * clear key
|
||||
+ * encrypted key
|
||||
+ * key args
|
||||
+ *
|
||||
+ * If the cipher is an export cipher, then the encrypted key bytes
|
||||
+ * are a fixed portion of the total key (5 or 8 bytes). The size of
|
||||
+ * this portion is in |ek|. If the cipher is not an export cipher,
|
||||
+ * then the entire key material is encrypted (i.e., clear key length
|
||||
+ * must be zero).
|
||||
+ */
|
||||
+ if ((!is_export && s->s2->tmp.clear != 0) ||
|
||||
+ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c)))
|
||||
+ {
|
||||
+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
|
||||
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ /*
|
||||
+ * The encrypted blob must decrypt to the encrypted portion of the key.
|
||||
+ * Decryption can't be expanding, so if we don't have enough encrypted
|
||||
+ * bytes to fit the key in the buffer, stop now.
|
||||
+ */
|
||||
+ if ((is_export && s->s2->tmp.enc < ek) ||
|
||||
+ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c)))
|
||||
+ {
|
||||
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
|
||||
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
|
||||
+ &(p[s->s2->tmp.clear]),
|
||||
+ &(p[s->s2->tmp.clear]),
|
||||
+ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : RSA_PKCS1_PADDING);
|
||||
+
|
||||
/* bad decrypt */
|
||||
#if 1
|
||||
/* If a bad decrypt, continue with protocol but with a
|
||||
* random master secret (Bleichenbacher attack) */
|
||||
- if ((i < 0) ||
|
||||
- ((!is_export && (i != EVP_CIPHER_key_length(c)))
|
||||
- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i !=
|
||||
- (unsigned int)EVP_CIPHER_key_length(c))))))
|
||||
+ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c))
|
||||
+ || (is_export && i != ek)))
|
||||
{
|
||||
ERR_clear_error();
|
||||
if (is_export)
|
||||
i=ek;
|
||||
else
|
||||
i=EVP_CIPHER_key_length(c);
|
||||
- if (RAND_pseudo_bytes(p,i) <= 0)
|
||||
+ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear],i) <= 0)
|
||||
return 0;
|
||||
}
|
||||
#else
|
||||
@@ -505,7 +542,8 @@ static int get_client_master_key(SSL *s)
|
||||
}
|
||||
#endif
|
||||
|
||||
- if (is_export) i+=s->s2->tmp.clear;
|
||||
+ if (is_export)
|
||||
+ i = EVP_CIPHER_key_length(c);
|
||||
|
||||
if (i > SSL_MAX_MASTER_KEY_LENGTH)
|
||||
{
|
103
openssl-1.0.1e-cve-2015-1789.patch
Normal file
103
openssl-1.0.1e-cve-2015-1789.patch
Normal file
@ -0,0 +1,103 @@
|
||||
diff -up openssl-1.0.1e/crypto/x509/x509_vfy.c.oob-read openssl-1.0.1e/crypto/x509/x509_vfy.c
|
||||
--- openssl-1.0.1e/crypto/x509/x509_vfy.c.oob-read 2015-05-25 12:03:41.000000000 +0200
|
||||
+++ openssl-1.0.1e/crypto/x509/x509_vfy.c 2015-06-09 15:01:51.688640453 +0200
|
||||
@@ -1702,49 +1702,92 @@ int X509_cmp_time(const ASN1_TIME *ctm,
|
||||
ASN1_TIME atm;
|
||||
long offset;
|
||||
char buff1[24],buff2[24],*p;
|
||||
- int i,j;
|
||||
+ int i, j, remaining;
|
||||
|
||||
p=buff1;
|
||||
- i=ctm->length;
|
||||
+ remaining=ctm->length;
|
||||
str=(char *)ctm->data;
|
||||
+ /*
|
||||
+ * Note that the following (historical) code allows much more slack in the
|
||||
+ * time format than RFC5280. In RFC5280, the representation is fixed:
|
||||
+ * UTCTime: YYMMDDHHMMSSZ
|
||||
+ * GeneralizedTime: YYYYMMDDHHMMSSZ
|
||||
+ */
|
||||
if (ctm->type == V_ASN1_UTCTIME)
|
||||
{
|
||||
- if ((i < 11) || (i > 17)) return 0;
|
||||
+ /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
|
||||
+ int min_length = sizeof("YYMMDDHHMMZ") - 1;
|
||||
+ int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
|
||||
+ if (remaining < min_length || remaining > max_length)
|
||||
+ return 0;
|
||||
memcpy(p,str,10);
|
||||
p+=10;
|
||||
str+=10;
|
||||
+ remaining -= 10;
|
||||
}
|
||||
else
|
||||
{
|
||||
- if (i < 13) return 0;
|
||||
+ /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */
|
||||
+ int min_length = sizeof("YYYYMMDDHHMMZ") - 1;
|
||||
+ int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
|
||||
+ if (remaining < min_length || remaining > max_length)
|
||||
+ return 0;
|
||||
memcpy(p,str,12);
|
||||
p+=12;
|
||||
str+=12;
|
||||
+ remaining -= 12;
|
||||
}
|
||||
|
||||
if ((*str == 'Z') || (*str == '-') || (*str == '+'))
|
||||
{ *(p++)='0'; *(p++)='0'; }
|
||||
else
|
||||
{
|
||||
+ /* SS (seconds) */
|
||||
+ if (remaining < 2)
|
||||
+ return 0;
|
||||
*(p++)= *(str++);
|
||||
*(p++)= *(str++);
|
||||
- /* Skip any fractional seconds... */
|
||||
- if (*str == '.')
|
||||
+ remaining -= 2;
|
||||
+ /*
|
||||
+ * Skip any (up to three) fractional seconds...
|
||||
+ * TODO(emilia): in RFC5280, fractional seconds are forbidden.
|
||||
+ * Can we just kill them altogether?
|
||||
+ */
|
||||
+ if (remaining && *str == '.')
|
||||
{
|
||||
str++;
|
||||
- while ((*str >= '0') && (*str <= '9')) str++;
|
||||
+ remaining--;
|
||||
+ for (i = 0; i < 3 && remaining; i++, str++, remaining--)
|
||||
+ {
|
||||
+ if (*str < '0' || *str > '9')
|
||||
+ break;
|
||||
+ }
|
||||
}
|
||||
|
||||
}
|
||||
*(p++)='Z';
|
||||
*(p++)='\0';
|
||||
|
||||
+ /* We now need either a terminating 'Z' or an offset. */
|
||||
+ if (!remaining)
|
||||
+ return 0;
|
||||
if (*str == 'Z')
|
||||
+ {
|
||||
+ if (remaining != 1)
|
||||
+ return 0;
|
||||
offset=0;
|
||||
+ }
|
||||
else
|
||||
{
|
||||
+ /* (+-)HHMM */
|
||||
if ((*str != '+') && (*str != '-'))
|
||||
return 0;
|
||||
+ /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */
|
||||
+ if (remaining != 5)
|
||||
+ return 0;
|
||||
+ if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' ||
|
||||
+ str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9')
|
||||
+ return 0;
|
||||
offset=((str[1]-'0')*10+(str[2]-'0'))*60;
|
||||
offset+=(str[3]-'0')*10+(str[4]-'0');
|
||||
if (*str == '-')
|
55
openssl-1.0.1e-cve-2015-1790.patch
Normal file
55
openssl-1.0.1e-cve-2015-1790.patch
Normal file
@ -0,0 +1,55 @@
|
||||
diff -up openssl-1.0.1e/crypto/pkcs7/pk7_doit.c.missing-content openssl-1.0.1e/crypto/pkcs7/pk7_doit.c
|
||||
--- openssl-1.0.1e/crypto/pkcs7/pk7_doit.c.missing-content 2015-05-25 12:03:41.000000000 +0200
|
||||
+++ openssl-1.0.1e/crypto/pkcs7/pk7_doit.c 2015-06-09 15:21:21.377951520 +0200
|
||||
@@ -472,6 +472,12 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
||||
switch (i)
|
||||
{
|
||||
case NID_pkcs7_signed:
|
||||
+ /*
|
||||
+ * p7->d.sign->contents is a PKCS7 structure consisting of a contentType
|
||||
+ * field and optional content.
|
||||
+ * data_body is NULL if that structure has no (=detached) content
|
||||
+ * or if the contentType is wrong (i.e., not "data").
|
||||
+ */
|
||||
data_body=PKCS7_get_octet_string(p7->d.sign->contents);
|
||||
if (!PKCS7_is_detached(p7) && data_body == NULL)
|
||||
{
|
||||
@@ -484,6 +490,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
||||
case NID_pkcs7_signedAndEnveloped:
|
||||
rsk=p7->d.signed_and_enveloped->recipientinfo;
|
||||
md_sk=p7->d.signed_and_enveloped->md_algs;
|
||||
+ /* data_body is NULL if the optional EncryptedContent is missing. */
|
||||
data_body=p7->d.signed_and_enveloped->enc_data->enc_data;
|
||||
enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm;
|
||||
evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
|
||||
@@ -496,6 +503,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
||||
case NID_pkcs7_enveloped:
|
||||
rsk=p7->d.enveloped->recipientinfo;
|
||||
enc_alg=p7->d.enveloped->enc_data->algorithm;
|
||||
+ /* data_body is NULL if the optional EncryptedContent is missing. */
|
||||
data_body=p7->d.enveloped->enc_data->enc_data;
|
||||
evp_cipher=EVP_get_cipherbyobj(enc_alg->algorithm);
|
||||
if (evp_cipher == NULL)
|
||||
@@ -509,6 +517,13 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
||||
goto err;
|
||||
}
|
||||
|
||||
+ /* Detached content must be supplied via in_bio instead. */
|
||||
+ if (data_body == NULL && in_bio == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
/* We will be checking the signature */
|
||||
if (md_sk != NULL)
|
||||
{
|
||||
@@ -665,7 +680,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
||||
}
|
||||
|
||||
#if 1
|
||||
- if (PKCS7_is_detached(p7) || (in_bio != NULL))
|
||||
+ if (in_bio != NULL)
|
||||
{
|
||||
bio=in_bio;
|
||||
}
|
12
openssl-1.0.1e-cve-2015-1792.patch
Normal file
12
openssl-1.0.1e-cve-2015-1792.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up openssl-1.0.1e/crypto/cms/cms_smime.c.unknown-hash openssl-1.0.1e/crypto/cms/cms_smime.c
|
||||
--- openssl-1.0.1e/crypto/cms/cms_smime.c.unknown-hash 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/cms/cms_smime.c 2015-06-09 16:07:16.001516190 +0200
|
||||
@@ -141,7 +141,7 @@ static void do_free_upto(BIO *f, BIO *up
|
||||
BIO_free(f);
|
||||
f = tbio;
|
||||
}
|
||||
- while (f != upto);
|
||||
+ while (f && f != upto);
|
||||
}
|
||||
else
|
||||
BIO_free_all(f);
|
@ -1,7 +1,7 @@
|
||||
diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cnf
|
||||
--- openssl-1.1.1a/apps/openssl.cnf.defaults 2018-11-20 14:35:37.000000000 +0100
|
||||
+++ openssl-1.1.1a/apps/openssl.cnf 2019-01-15 13:56:50.841719776 +0100
|
||||
@@ -74,7 +74,7 @@ cert_opt = ca_default # Certificate fi
|
||||
diff -up openssl-1.0.1e/apps/openssl.cnf.defaults openssl-1.0.1e/apps/openssl.cnf
|
||||
--- openssl-1.0.1e/apps/openssl.cnf.defaults 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/apps/openssl.cnf 2014-02-06 18:00:00.170929334 +0100
|
||||
@@ -72,7 +72,7 @@ cert_opt = ca_default # Certificate fi
|
||||
|
||||
default_days = 365 # how long to certify for
|
||||
default_crl_days= 30 # how long before next CRL
|
||||
@ -10,15 +10,17 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn
|
||||
preserve = no # keep passed DN ordering
|
||||
|
||||
# A few difference way of specifying how similar the request should look
|
||||
@@ -106,6 +106,7 @@ emailAddress = optional
|
||||
@@ -103,7 +103,8 @@ emailAddress = optional
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = 2048
|
||||
-default_bits = 1024
|
||||
+default_bits = 2048
|
||||
+default_md = sha256
|
||||
default_keyfile = privkey.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
attributes = req_attributes
|
||||
@@ -128,17 +129,18 @@ string_mask = utf8only
|
||||
@@ -126,17 +127,18 @@ string_mask = utf8only
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
@ -40,7 +42,7 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn
|
||||
|
||||
# we can do this but it is not needed normally :-)
|
||||
#1.organizationName = Second Organization Name (eg, company)
|
||||
@@ -147,7 +149,7 @@ localityName = Locality Name (eg, city
|
||||
@@ -145,7 +147,7 @@ localityName = Locality Name (eg, city
|
||||
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||
#organizationalUnitName_default =
|
||||
|
||||
@ -49,3 +51,12 @@ diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cn
|
||||
commonName_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
@@ -339,7 +341,7 @@ signer_key = $dir/private/tsakey.pem # T
|
||||
default_policy = tsa_policy1 # Policy if request did not specify it
|
||||
# (optional)
|
||||
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
|
||||
-digests = md5, sha1 # Acceptable message digests (mandatory)
|
||||
+digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)
|
||||
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
|
||||
clock_precision_digits = 0 # number of digits after dot. (optional)
|
||||
ordering = yes # Is ordering defined for timestamps?
|
39
openssl-1.0.1e-enc-fail.patch
Normal file
39
openssl-1.0.1e-enc-fail.patch
Normal file
@ -0,0 +1,39 @@
|
||||
diff -up openssl-1.0.1e/crypto/evp/bio_enc.c.enc-fail openssl-1.0.1e/crypto/evp/bio_enc.c
|
||||
--- openssl-1.0.1e/crypto/evp/bio_enc.c.enc-fail 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/evp/bio_enc.c 2014-03-04 15:21:12.185821738 +0100
|
||||
@@ -198,10 +198,15 @@ static int enc_read(BIO *b, char *out, i
|
||||
}
|
||||
else
|
||||
{
|
||||
- EVP_CipherUpdate(&(ctx->cipher),
|
||||
+ if (!EVP_CipherUpdate(&(ctx->cipher),
|
||||
(unsigned char *)ctx->buf,&ctx->buf_len,
|
||||
- (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
|
||||
- ctx->cont=1;
|
||||
+ (unsigned char *)&(ctx->buf[BUF_OFFSET]),i))
|
||||
+ {
|
||||
+ ctx->ok = 0;
|
||||
+ ctx->cont = 0;
|
||||
+ }
|
||||
+ else
|
||||
+ ctx->cont=1;
|
||||
/* Note: it is possible for EVP_CipherUpdate to
|
||||
* decrypt zero bytes because this is or looks like
|
||||
* the final block: if this happens we should retry
|
||||
@@ -257,9 +262,14 @@ static int enc_write(BIO *b, const char
|
||||
while (inl > 0)
|
||||
{
|
||||
n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
|
||||
- EVP_CipherUpdate(&(ctx->cipher),
|
||||
+ if (!EVP_CipherUpdate(&(ctx->cipher),
|
||||
(unsigned char *)ctx->buf,&ctx->buf_len,
|
||||
- (unsigned char *)in,n);
|
||||
+ (unsigned char *)in,n))
|
||||
+ {
|
||||
+ BIO_copy_next_retry(b);
|
||||
+ ctx->ok = 0;
|
||||
+ return ret - inl;
|
||||
+ }
|
||||
inl-=n;
|
||||
in+=n;
|
||||
|
38
openssl-1.0.1e-env-zlib.patch
Normal file
38
openssl-1.0.1e-env-zlib.patch
Normal file
@ -0,0 +1,38 @@
|
||||
diff -up openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.env-zlib openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
|
||||
--- openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod.env-zlib 2013-02-11 16:02:48.000000000 +0100
|
||||
+++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod 2013-02-19 16:32:51.000000000 +0100
|
||||
@@ -47,6 +47,13 @@ Once the identities of the compression m
|
||||
been standardized, the compression API will most likely be changed. Using
|
||||
it in the current state is not recommended.
|
||||
|
||||
+It is also not recommended to use compression if data transfered contain
|
||||
+untrusted parts that can be manipulated by an attacker as he could then
|
||||
+get information about the encrypted data. See the CRIME attack. For
|
||||
+that reason the default loading of the zlib compression method is
|
||||
+disabled and enabled only if the environment variable B<OPENSSL_DEFAULT_ZLIB>
|
||||
+is present during the library initialization.
|
||||
+
|
||||
=head1 RETURN VALUES
|
||||
|
||||
SSL_COMP_add_compression_method() may return the following values:
|
||||
diff -up openssl-1.0.1e/ssl/ssl_ciph.c.env-zlib openssl-1.0.1e/ssl/ssl_ciph.c
|
||||
--- openssl-1.0.1e/ssl/ssl_ciph.c.env-zlib 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/ssl/ssl_ciph.c 2013-02-19 16:37:36.163545085 +0100
|
||||
@@ -140,6 +140,8 @@
|
||||
* OTHERWISE.
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <openssl/objects.h>
|
||||
#ifndef OPENSSL_NO_COMP
|
||||
@@ -455,7 +457,7 @@ static void load_builtin_compressions(vo
|
||||
|
||||
MemCheck_off();
|
||||
ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
|
||||
- if (ssl_comp_methods != NULL)
|
||||
+ if (ssl_comp_methods != NULL && secure_getenv("OPENSSL_DEFAULT_ZLIB") != NULL)
|
||||
{
|
||||
comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
|
||||
if (comp != NULL)
|
179
openssl-1.0.1e-fips-ctor.patch
Normal file
179
openssl-1.0.1e-fips-ctor.patch
Normal file
@ -0,0 +1,179 @@
|
||||
diff -up openssl-1.0.1e/crypto/fips/fips.c.fips-ctor openssl-1.0.1e/crypto/fips/fips.c
|
||||
--- openssl-1.0.1e/crypto/fips/fips.c.fips-ctor 2013-09-26 13:52:30.767885457 +0200
|
||||
+++ openssl-1.0.1e/crypto/fips/fips.c 2013-09-26 14:01:29.406010187 +0200
|
||||
@@ -60,6 +60,8 @@
|
||||
#include <dlfcn.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
+#include <unistd.h>
|
||||
+#include <errno.h>
|
||||
#include "fips_locl.h"
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
@@ -198,8 +200,10 @@ bin2hex(void *buf, size_t len)
|
||||
return hex;
|
||||
}
|
||||
|
||||
-#define HMAC_PREFIX "."
|
||||
-#define HMAC_SUFFIX ".hmac"
|
||||
+#define HMAC_PREFIX "."
|
||||
+#ifndef HMAC_SUFFIX
|
||||
+#define HMAC_SUFFIX ".hmac"
|
||||
+#endif
|
||||
#define READ_BUFFER_LENGTH 16384
|
||||
|
||||
static char *
|
||||
@@ -279,19 +283,13 @@ end:
|
||||
}
|
||||
|
||||
static int
|
||||
-FIPSCHECK_verify(const char *libname, const char *symbolname)
|
||||
+FIPSCHECK_verify(const char *path)
|
||||
{
|
||||
- char path[PATH_MAX+1];
|
||||
- int rv;
|
||||
+ int rv = 0;
|
||||
FILE *hf;
|
||||
char *hmacpath, *p;
|
||||
char *hmac = NULL;
|
||||
size_t n;
|
||||
-
|
||||
- rv = get_library_path(libname, symbolname, path, sizeof(path));
|
||||
-
|
||||
- if (rv < 0)
|
||||
- return 0;
|
||||
|
||||
hmacpath = make_hmac_path(path);
|
||||
if (hmacpath == NULL)
|
||||
@@ -341,6 +339,53 @@ end:
|
||||
return 1;
|
||||
}
|
||||
|
||||
+static int
|
||||
+verify_checksums(void)
|
||||
+ {
|
||||
+ int rv;
|
||||
+ char path[PATH_MAX+1];
|
||||
+ char *p;
|
||||
+
|
||||
+ /* we need to avoid dlopening libssl, assume both libcrypto and libssl
|
||||
+ are in the same directory */
|
||||
+
|
||||
+ rv = get_library_path("libcrypto.so." SHLIB_VERSION_NUMBER, "FIPS_mode_set", path, sizeof(path));
|
||||
+ if (rv < 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ rv = FIPSCHECK_verify(path);
|
||||
+ if (!rv)
|
||||
+ return 0;
|
||||
+
|
||||
+ /* replace libcrypto with libssl */
|
||||
+ while ((p = strstr(path, "libcrypto.so")) != NULL)
|
||||
+ {
|
||||
+ p = stpcpy(p, "libssl");
|
||||
+ memmove(p, p+3, strlen(p+2));
|
||||
+ }
|
||||
+
|
||||
+ rv = FIPSCHECK_verify(path);
|
||||
+ if (!rv)
|
||||
+ return 0;
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+#ifndef FIPS_MODULE_PATH
|
||||
+#define FIPS_MODULE_PATH "/etc/system-fips"
|
||||
+#endif
|
||||
+
|
||||
+int
|
||||
+FIPS_module_installed(void)
|
||||
+ {
|
||||
+ int rv;
|
||||
+ rv = access(FIPS_MODULE_PATH, F_OK);
|
||||
+ if (rv < 0 && errno != ENOENT)
|
||||
+ rv = 0;
|
||||
+
|
||||
+ /* Installed == true */
|
||||
+ return !rv;
|
||||
+ }
|
||||
+
|
||||
int FIPS_module_mode_set(int onoff, const char *auth)
|
||||
{
|
||||
int ret = 0;
|
||||
@@ -379,15 +424,7 @@ int FIPS_module_mode_set(int onoff, cons
|
||||
}
|
||||
#endif
|
||||
|
||||
- if(!FIPSCHECK_verify("libcrypto.so." SHLIB_VERSION_NUMBER,"FIPS_mode_set"))
|
||||
- {
|
||||
- FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
|
||||
- fips_selftest_fail = 1;
|
||||
- ret = 0;
|
||||
- goto end;
|
||||
- }
|
||||
-
|
||||
- if(!FIPSCHECK_verify("libssl.so." SHLIB_VERSION_NUMBER,"SSL_CTX_new"))
|
||||
+ if(!verify_checksums())
|
||||
{
|
||||
FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
|
||||
fips_selftest_fail = 1;
|
||||
diff -up openssl-1.0.1e/crypto/fips/fips.h.fips-ctor openssl-1.0.1e/crypto/fips/fips.h
|
||||
--- openssl-1.0.1e/crypto/fips/fips.h.fips-ctor 2013-09-26 13:52:30.814886515 +0200
|
||||
+++ openssl-1.0.1e/crypto/fips/fips.h 2013-09-26 13:52:30.816886560 +0200
|
||||
@@ -74,6 +74,7 @@ struct hmac_ctx_st;
|
||||
|
||||
int FIPS_module_mode_set(int onoff, const char *auth);
|
||||
int FIPS_module_mode(void);
|
||||
+int FIPS_module_installed(void);
|
||||
const void *FIPS_rand_check(void);
|
||||
int FIPS_selftest(void);
|
||||
int FIPS_selftest_failed(void);
|
||||
diff -up openssl-1.0.1e/crypto/o_init.c.fips-ctor openssl-1.0.1e/crypto/o_init.c
|
||||
--- openssl-1.0.1e/crypto/o_init.c.fips-ctor 2013-09-26 13:52:30.807886357 +0200
|
||||
+++ openssl-1.0.1e/crypto/o_init.c 2013-09-26 14:00:21.000000000 +0200
|
||||
@@ -71,6 +71,9 @@ static void init_fips_mode(void)
|
||||
char buf[2] = "0";
|
||||
int fd;
|
||||
|
||||
+ /* Ensure the selftests always run */
|
||||
+ FIPS_mode_set(1);
|
||||
+
|
||||
if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
|
||||
{
|
||||
buf[0] = '1';
|
||||
@@ -85,9 +88,15 @@ static void init_fips_mode(void)
|
||||
* otherwise.
|
||||
*/
|
||||
|
||||
- if (buf[0] == '1')
|
||||
+ if (buf[0] != '1')
|
||||
+ {
|
||||
+ /* drop down to non-FIPS mode if it is not requested */
|
||||
+ FIPS_mode_set(0);
|
||||
+ }
|
||||
+ else
|
||||
{
|
||||
- FIPS_mode_set(1);
|
||||
+ /* abort if selftest failed */
|
||||
+ FIPS_selftest_check();
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -96,13 +105,17 @@ static void init_fips_mode(void)
|
||||
* Currently only sets FIPS callbacks
|
||||
*/
|
||||
|
||||
-void OPENSSL_init_library(void)
|
||||
+void __attribute__ ((constructor)) OPENSSL_init_library(void)
|
||||
{
|
||||
static int done = 0;
|
||||
if (done)
|
||||
return;
|
||||
done = 1;
|
||||
#ifdef OPENSSL_FIPS
|
||||
+ if (!FIPS_module_installed())
|
||||
+ {
|
||||
+ return;
|
||||
+ }
|
||||
RAND_init_fips();
|
||||
init_fips_mode();
|
||||
if (!FIPS_mode())
|
11
openssl-1.0.1e-issuer-hash.patch
Normal file
11
openssl-1.0.1e-issuer-hash.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -up openssl-1.0.1e/crypto/x509/x509_cmp.c.issuer-hash openssl-1.0.1e/crypto/x509/x509_cmp.c
|
||||
--- openssl-1.0.1e/crypto/x509/x509_cmp.c.issuer-hash 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/x509/x509_cmp.c 2013-02-19 12:46:11.315788592 +0100
|
||||
@@ -85,6 +85,7 @@ unsigned long X509_issuer_and_serial_has
|
||||
char *f;
|
||||
|
||||
EVP_MD_CTX_init(&ctx);
|
||||
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
||||
f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
|
||||
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
|
||||
goto err;
|
25
openssl-1.0.1e-no-md5-verify.patch
Normal file
25
openssl-1.0.1e-no-md5-verify.patch
Normal file
@ -0,0 +1,25 @@
|
||||
diff -up openssl-1.0.1e/crypto/asn1/a_verify.c.no-md5-verify openssl-1.0.1e/crypto/asn1/a_verify.c
|
||||
--- openssl-1.0.1e/crypto/asn1/a_verify.c.no-md5-verify 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/asn1/a_verify.c 2013-11-13 16:30:04.628791616 +0100
|
||||
@@ -56,6 +56,9 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
+
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
|
||||
@@ -171,6 +174,11 @@ int ASN1_item_verify(const ASN1_ITEM *it
|
||||
goto err;
|
||||
ret = -1;
|
||||
}
|
||||
+ else if (mdnid == NID_md5 && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL)
|
||||
+ {
|
||||
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
|
||||
+ goto err;
|
||||
+ }
|
||||
else
|
||||
{
|
||||
const EVP_MD *type;
|
6664
openssl-1.0.1e-ppc-asm-update.patch
Normal file
6664
openssl-1.0.1e-ppc-asm-update.patch
Normal file
File diff suppressed because it is too large
Load Diff
112
openssl-1.0.1e-rpmbuild.patch
Normal file
112
openssl-1.0.1e-rpmbuild.patch
Normal file
@ -0,0 +1,112 @@
|
||||
diff -up openssl-1.0.1e/Configure.rpmbuild openssl-1.0.1e/Configure
|
||||
--- openssl-1.0.1e/Configure.rpmbuild 2014-08-13 19:19:53.211005598 +0200
|
||||
+++ openssl-1.0.1e/Configure 2014-08-13 19:29:21.704099285 +0200
|
||||
@@ -345,24 +345,24 @@ my %table=(
|
||||
####
|
||||
# *-generic* is endian-neutral target, but ./config is free to
|
||||
# throw in -D[BL]_ENDIAN, whichever appropriate...
|
||||
-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
-"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-generic32","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
+"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
# It's believed that majority of ARM toolchains predefine appropriate -march.
|
||||
# If you compiler does not, do complement config command line with one!
|
||||
-"linux-armv4", "gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-armv4", "gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
#### IA-32 targets...
|
||||
"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
|
||||
####
|
||||
-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
-"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||
-"linux-ppc64le","gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:$ppc64_asm:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
|
||||
-"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-generic64","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
+"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
||||
+"linux-ppc64le","gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64le:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
||||
+"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||
-"linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
||||
+"linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
||||
#### So called "highgprs" target for z/Architecture CPUs
|
||||
# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
|
||||
# /proc/cpuinfo. The idea is to preserve most significant bits of
|
||||
@@ -376,16 +376,17 @@ my %table=(
|
||||
# ldconfig and run-time linker to autodiscover. Unfortunately it
|
||||
# doesn't work just yet, because of couple of bugs in glibc
|
||||
# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
|
||||
-"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
|
||||
+"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::/highgprs",
|
||||
#### SPARC Linux setups
|
||||
# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
|
||||
# assisted with debugging of following two configs.
|
||||
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-sparcv8","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT::-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
# it's a real mess with -mcpu=ultrasparc option under Linux, but
|
||||
# -Wa,-Av8plus should do the trick no matter what.
|
||||
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
# GCC 3.1 is a requirement
|
||||
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
||||
+"linux64-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT:ULTRASPARC:-Wl,-z,relro -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
||||
+"linux-aarch64","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
||||
#### Alpha Linux with GNU C and Compaq C setups
|
||||
# Special notes:
|
||||
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
|
||||
@@ -399,8 +400,8 @@ my %table=(
|
||||
#
|
||||
# <appro@fy.chalmers.se>
|
||||
#
|
||||
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
+"linux-alpha-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
+"linux-alpha+bwx-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-Wl,-z,relro -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
||||
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
|
||||
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
|
||||
|
||||
@@ -1675,7 +1676,7 @@ while (<IN>)
|
||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
|
||||
{
|
||||
my $sotmp = $1;
|
||||
- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
|
||||
+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_SONAMEVER) .s$sotmp/;
|
||||
}
|
||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
|
||||
{
|
||||
diff -up openssl-1.0.1e/Makefile.org.rpmbuild openssl-1.0.1e/Makefile.org
|
||||
--- openssl-1.0.1e/Makefile.org.rpmbuild 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/Makefile.org 2014-08-13 19:19:53.218005759 +0200
|
||||
@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
|
||||
SHLIB_MAJOR=
|
||||
SHLIB_MINOR=
|
||||
SHLIB_EXT=
|
||||
+SHLIB_SONAMEVER=10
|
||||
PLATFORM=dist
|
||||
OPTIONS=
|
||||
CONFIGURE_ARGS=
|
||||
@@ -333,10 +334,9 @@ clean-shared:
|
||||
link-shared:
|
||||
@ set -e; for i in $(SHLIBDIRS); do \
|
||||
$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
|
||||
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
|
||||
+ LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
|
||||
LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
|
||||
symlink.$(SHLIB_TARGET); \
|
||||
- libs="$$libs -l$$i"; \
|
||||
done
|
||||
|
||||
build-shared: do_$(SHLIB_TARGET) link-shared
|
||||
@@ -347,7 +347,7 @@ do_$(SHLIB_TARGET):
|
||||
libs="$(LIBKRB5) $$libs"; \
|
||||
fi; \
|
||||
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
|
||||
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
|
||||
+ LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
|
||||
LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
|
||||
LIBDEPS="$$libs $(EX_LIBS)" \
|
||||
link_a.$(SHLIB_TARGET); \
|
244
openssl-1.0.1e-secure-getenv.patch
Normal file
244
openssl-1.0.1e-secure-getenv.patch
Normal file
@ -0,0 +1,244 @@
|
||||
diff -up openssl-1.0.1e/crypto/conf/conf_api.c.secure-getenv openssl-1.0.1e/crypto/conf/conf_api.c
|
||||
--- openssl-1.0.1e/crypto/conf/conf_api.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/conf/conf_api.c 2013-02-19 13:02:02.531188124 +0100
|
||||
@@ -63,6 +63,8 @@
|
||||
# define NDEBUG
|
||||
#endif
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <assert.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@@ -142,7 +144,7 @@ char *_CONF_get_string(const CONF *conf,
|
||||
if (v != NULL) return(v->value);
|
||||
if (strcmp(section,"ENV") == 0)
|
||||
{
|
||||
- p=getenv(name);
|
||||
+ p=secure_getenv(name);
|
||||
if (p != NULL) return(p);
|
||||
}
|
||||
}
|
||||
@@ -155,7 +157,7 @@ char *_CONF_get_string(const CONF *conf,
|
||||
return(NULL);
|
||||
}
|
||||
else
|
||||
- return(getenv(name));
|
||||
+ return (secure_getenv(name));
|
||||
}
|
||||
|
||||
#if 0 /* There's no way to provide error checking with this function, so
|
||||
diff -up openssl-1.0.1e/crypto/conf/conf_mod.c.secure-getenv openssl-1.0.1e/crypto/conf/conf_mod.c
|
||||
--- openssl-1.0.1e/crypto/conf/conf_mod.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/conf/conf_mod.c 2013-02-19 13:02:02.531188124 +0100
|
||||
@@ -56,6 +56,8 @@
|
||||
*
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
#include <openssl/crypto.h>
|
||||
@@ -548,8 +550,8 @@ char *CONF_get1_default_config_file(void
|
||||
char *file;
|
||||
int len;
|
||||
|
||||
- file = getenv("OPENSSL_CONF");
|
||||
- if (file)
|
||||
+ file = secure_getenv("OPENSSL_CONF");
|
||||
+ if (file)
|
||||
return BUF_strdup(file);
|
||||
|
||||
len = strlen(X509_get_default_cert_area());
|
||||
diff -up openssl-1.0.1e/crypto/engine/eng_list.c.secure-getenv openssl-1.0.1e/crypto/engine/eng_list.c
|
||||
--- openssl-1.0.1e/crypto/engine/eng_list.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/engine/eng_list.c 2013-02-19 13:02:02.536188233 +0100
|
||||
@@ -61,6 +61,8 @@
|
||||
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include "eng_int.h"
|
||||
|
||||
/* The linked-list of pointers to engine types. engine_list_head
|
||||
@@ -399,9 +401,9 @@ ENGINE *ENGINE_by_id(const char *id)
|
||||
if (strcmp(id, "dynamic"))
|
||||
{
|
||||
#ifdef OPENSSL_SYS_VMS
|
||||
- if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]";
|
||||
+ if(OPENSSL_issetugid() || (load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]";
|
||||
#else
|
||||
- if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR;
|
||||
+ if((load_dir = secure_getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR;
|
||||
#endif
|
||||
iterator = ENGINE_by_id("dynamic");
|
||||
if(!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
|
||||
diff -up openssl-1.0.1e/crypto/md5/md5_dgst.c.secure-getenv openssl-1.0.1e/crypto/md5/md5_dgst.c
|
||||
--- openssl-1.0.1e/crypto/md5/md5_dgst.c.secure-getenv 2013-02-19 13:02:02.492187275 +0100
|
||||
+++ openssl-1.0.1e/crypto/md5/md5_dgst.c 2013-02-19 13:02:02.537188254 +0100
|
||||
@@ -56,6 +56,8 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include "md5_locl.h"
|
||||
#include <openssl/opensslv.h>
|
||||
@@ -74,7 +76,7 @@ const char MD5_version[]="MD5" OPENSSL_V
|
||||
int MD5_Init(MD5_CTX *c)
|
||||
#ifdef OPENSSL_FIPS
|
||||
{
|
||||
- if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
|
||||
+ if (FIPS_mode() && secure_getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
|
||||
OpenSSLDie(__FILE__, __LINE__, \
|
||||
"Digest MD5 forbidden in FIPS mode!");
|
||||
return private_MD5_Init(c);
|
||||
diff -up openssl-1.0.1e/crypto/o_init.c.secure-getenv openssl-1.0.1e/crypto/o_init.c
|
||||
--- openssl-1.0.1e/crypto/o_init.c.secure-getenv 2013-02-19 13:02:02.428185882 +0100
|
||||
+++ openssl-1.0.1e/crypto/o_init.c 2013-02-19 13:02:02.538188276 +0100
|
||||
@@ -52,6 +52,8 @@
|
||||
*
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <e_os.h>
|
||||
#include <openssl/err.h>
|
||||
#ifdef OPENSSL_FIPS
|
||||
@@ -71,7 +73,7 @@ static void init_fips_mode(void)
|
||||
char buf[2] = "0";
|
||||
int fd;
|
||||
|
||||
- if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
|
||||
+ if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
|
||||
{
|
||||
buf[0] = '1';
|
||||
}
|
||||
diff -up openssl-1.0.1e/crypto/rand/randfile.c.secure-getenv openssl-1.0.1e/crypto/rand/randfile.c
|
||||
--- openssl-1.0.1e/crypto/rand/randfile.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/rand/randfile.c 2013-02-19 13:03:06.971591052 +0100
|
||||
@@ -60,6 +60,8 @@
|
||||
#if !defined(OPENSSL_SYS_VXWORKS)
|
||||
#define _XOPEN_SOURCE 500
|
||||
#endif
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
|
||||
#include <errno.h>
|
||||
#include <stdio.h>
|
||||
@@ -277,8 +279,7 @@ const char *RAND_file_name(char *buf, si
|
||||
struct stat sb;
|
||||
#endif
|
||||
|
||||
- if (OPENSSL_issetugid() == 0)
|
||||
- s=getenv("RANDFILE");
|
||||
+ s=secure_getenv("RANDFILE");
|
||||
if (s != NULL && *s && strlen(s) + 1 < size)
|
||||
{
|
||||
if (BUF_strlcpy(buf,s,size) >= size)
|
||||
@@ -286,8 +287,7 @@ const char *RAND_file_name(char *buf, si
|
||||
}
|
||||
else
|
||||
{
|
||||
- if (OPENSSL_issetugid() == 0)
|
||||
- s=getenv("HOME");
|
||||
+ s=secure_getenv("HOME");
|
||||
#ifdef DEFAULT_HOME
|
||||
if (s == NULL)
|
||||
{
|
||||
diff -up openssl-1.0.1e/crypto/x509/by_dir.c.secure-getenv openssl-1.0.1e/crypto/x509/by_dir.c
|
||||
--- openssl-1.0.1e/crypto/x509/by_dir.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/x509/by_dir.c 2013-02-19 13:02:02.539188298 +0100
|
||||
@@ -56,6 +56,8 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
#include <errno.h>
|
||||
@@ -135,7 +137,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, in
|
||||
case X509_L_ADD_DIR:
|
||||
if (argl == X509_FILETYPE_DEFAULT)
|
||||
{
|
||||
- dir=(char *)getenv(X509_get_default_cert_dir_env());
|
||||
+ dir=(char *)secure_getenv(X509_get_default_cert_dir_env());
|
||||
if (dir)
|
||||
ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
|
||||
else
|
||||
diff -up openssl-1.0.1e/crypto/x509/by_file.c.secure-getenv openssl-1.0.1e/crypto/x509/by_file.c
|
||||
--- openssl-1.0.1e/crypto/x509/by_file.c.secure-getenv 2013-02-19 13:02:02.236181701 +0100
|
||||
+++ openssl-1.0.1e/crypto/x509/by_file.c 2013-02-19 13:02:02.554188624 +0100
|
||||
@@ -56,6 +56,8 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
#include <errno.h>
|
||||
@@ -100,7 +102,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx
|
||||
case X509_L_FILE_LOAD:
|
||||
if (argl == X509_FILETYPE_DEFAULT)
|
||||
{
|
||||
- file = (char *)getenv(X509_get_default_cert_file_env());
|
||||
+ file = (char *)secure_getenv(X509_get_default_cert_file_env());
|
||||
if (file)
|
||||
ok = (X509_load_cert_crl_file(ctx,file,
|
||||
X509_FILETYPE_PEM) != 0);
|
||||
diff -up openssl-1.0.1e/crypto/x509/x509_vfy.c.secure-getenv openssl-1.0.1e/crypto/x509/x509_vfy.c
|
||||
--- openssl-1.0.1e/crypto/x509/x509_vfy.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/x509/x509_vfy.c 2013-02-19 13:02:02.556188668 +0100
|
||||
@@ -56,6 +56,8 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
#include <errno.h>
|
||||
@@ -481,7 +483,7 @@ static int check_chain_extensions(X509_S
|
||||
!!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
|
||||
/* A hack to keep people who don't want to modify their
|
||||
software happy */
|
||||
- if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
|
||||
+ if (secure_getenv("OPENSSL_ALLOW_PROXY_CERTS"))
|
||||
allow_proxy_certs = 1;
|
||||
purpose = ctx->param->purpose;
|
||||
}
|
||||
diff -up openssl-1.0.1e/engines/ccgost/gost_ctl.c.secure-getenv openssl-1.0.1e/engines/ccgost/gost_ctl.c
|
||||
--- openssl-1.0.1e/engines/ccgost/gost_ctl.c.secure-getenv 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/engines/ccgost/gost_ctl.c 2013-02-19 13:02:02.557188690 +0100
|
||||
@@ -6,6 +6,8 @@
|
||||
* Implementation of control commands for GOST engine *
|
||||
* OpenSSL 0.9.9 libraries required *
|
||||
**********************************************************************/
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
@@ -65,7 +67,7 @@ const char *get_gost_engine_param(int pa
|
||||
{
|
||||
return gost_params[param];
|
||||
}
|
||||
- tmp = getenv(gost_envnames[param]);
|
||||
+ tmp = secure_getenv(gost_envnames[param]);
|
||||
if (tmp)
|
||||
{
|
||||
if (gost_params[param]) OPENSSL_free(gost_params[param]);
|
||||
@@ -79,7 +81,7 @@ int gost_set_default_param(int param, co
|
||||
{
|
||||
const char *tmp;
|
||||
if (param <0 || param >GOST_PARAM_MAX) return 0;
|
||||
- tmp = getenv(gost_envnames[param]);
|
||||
+ tmp = secure_getenv(gost_envnames[param]);
|
||||
/* if there is value in the environment, use it, else -passed string * */
|
||||
if (!tmp) tmp=value;
|
||||
if (gost_params[param]) OPENSSL_free(gost_params[param]);
|
63
openssl-1.0.1e-version.patch
Normal file
63
openssl-1.0.1e-version.patch
Normal file
@ -0,0 +1,63 @@
|
||||
diff -up openssl-1.0.1e/crypto/cversion.c.version openssl-1.0.1e/crypto/cversion.c
|
||||
--- openssl-1.0.1e/crypto/cversion.c.version 2013-02-11 16:02:47.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/cversion.c 2013-07-26 12:28:12.739161925 +0200
|
||||
@@ -62,7 +62,7 @@
|
||||
#include "buildinf.h"
|
||||
#endif
|
||||
|
||||
-const char *SSLeay_version(int t)
|
||||
+const char *_current_SSLeay_version(int t)
|
||||
{
|
||||
if (t == SSLEAY_VERSION)
|
||||
return OPENSSL_VERSION_TEXT;
|
||||
@@ -110,8 +110,25 @@ const char *SSLeay_version(int t)
|
||||
return("not available");
|
||||
}
|
||||
|
||||
-unsigned long SSLeay(void)
|
||||
+const char *_original_SSLeay_version(int t)
|
||||
+ {
|
||||
+ if (t == SSLEAY_VERSION)
|
||||
+ return "OpenSSL 1.0.0-fips 29 Mar 2010";
|
||||
+ else
|
||||
+ return _current_SSLeay_version(t);
|
||||
+ }
|
||||
+
|
||||
+unsigned long _original_SSLeay(void)
|
||||
+ {
|
||||
+ return(0x10000003);
|
||||
+ }
|
||||
+
|
||||
+unsigned long _current_SSLeay(void)
|
||||
{
|
||||
return(SSLEAY_VERSION_NUMBER);
|
||||
}
|
||||
|
||||
+__asm__(".symver _original_SSLeay,SSLeay@");
|
||||
+__asm__(".symver _original_SSLeay_version,SSLeay_version@");
|
||||
+__asm__(".symver _current_SSLeay,SSLeay@@OPENSSL_1.0.1");
|
||||
+__asm__(".symver _current_SSLeay_version,SSLeay_version@@OPENSSL_1.0.1");
|
||||
diff -up openssl-1.0.1e/Makefile.shared.version openssl-1.0.1e/Makefile.shared
|
||||
--- openssl-1.0.1e/Makefile.shared.version 2013-07-26 12:23:43.615545603 +0200
|
||||
+++ openssl-1.0.1e/Makefile.shared 2013-07-26 12:23:43.701547398 +0200
|
||||
@@ -151,7 +151,7 @@ DO_GNU_SO=$(CALC_VERSIONS); \
|
||||
SHLIB_SUFFIX=; \
|
||||
ALLSYMSFLAGS='-Wl,--whole-archive'; \
|
||||
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
|
||||
- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
|
||||
+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,--default-symver,--version-script=version.map -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
|
||||
|
||||
DO_GNU_APP=LDFLAGS="$(CFLAGS)"
|
||||
|
||||
diff -up openssl-1.0.1e/version.map.version openssl-1.0.1e/version.map
|
||||
--- openssl-1.0.1e/version.map.version 2013-07-26 12:23:43.701547398 +0200
|
||||
+++ openssl-1.0.1e/version.map 2013-07-26 12:29:10.698371472 +0200
|
||||
@@ -0,0 +1,8 @@
|
||||
+OPENSSL_1.0.1 {
|
||||
+ global:
|
||||
+ SSLeay;
|
||||
+ SSLeay_version;
|
||||
+ local:
|
||||
+ _original*;
|
||||
+ _current*;
|
||||
+};
|
12
openssl-1.0.1e-weak-ciphers.patch
Normal file
12
openssl-1.0.1e-weak-ciphers.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up openssl-1.0.1e/ssl/ssl.h.weak-ciphers openssl-1.0.1e/ssl/ssl.h
|
||||
--- openssl-1.0.1e/ssl/ssl.h.weak-ciphers 2013-12-18 15:50:40.881620314 +0100
|
||||
+++ openssl-1.0.1e/ssl/ssl.h 2013-12-18 14:25:25.596566704 +0100
|
||||
@@ -331,7 +331,7 @@ extern "C" {
|
||||
/* The following cipher list is used by default.
|
||||
* It also is substituted when an application-defined cipher list string
|
||||
* starts with 'DEFAULT'. */
|
||||
-#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2"
|
||||
+#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2:!EXPORT:!RC2:!DES"
|
||||
/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
|
||||
* starts with a reasonable order, and all we have to do for DEFAULT is
|
||||
* throwing out anonymous and unencrypted ciphersuites!
|
13
openssl-1.0.1h-disable-sslv2v3.patch
Normal file
13
openssl-1.0.1h-disable-sslv2v3.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff -up openssl-1.0.1h/ssl/ssl_lib.c.v2v3 openssl-1.0.1h/ssl/ssl_lib.c
|
||||
--- openssl-1.0.1h/ssl/ssl_lib.c.v2v3 2014-06-11 16:02:52.000000000 +0200
|
||||
+++ openssl-1.0.1h/ssl/ssl_lib.c 2014-06-30 14:18:04.290248080 +0200
|
||||
@@ -1875,6 +1875,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||
*/
|
||||
ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
|
||||
|
||||
+ /* Disable SSLv2 by default (affects the SSLv23_method() only) */
|
||||
+ ret->options |= SSL_OP_NO_SSLv2;
|
||||
+
|
||||
return(ret);
|
||||
err:
|
||||
SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
|
529
openssl-1.0.1h-ipv6-apps.patch
Normal file
529
openssl-1.0.1h-ipv6-apps.patch
Normal file
@ -0,0 +1,529 @@
|
||||
diff -up openssl-1.0.1h/apps/s_apps.h.ipv6-apps openssl-1.0.1h/apps/s_apps.h
|
||||
--- openssl-1.0.1h/apps/s_apps.h.ipv6-apps 2014-06-05 14:33:38.515668750 +0200
|
||||
+++ openssl-1.0.1h/apps/s_apps.h 2014-06-05 14:33:38.540669335 +0200
|
||||
@@ -148,7 +148,7 @@ typedef fd_mask fd_set;
|
||||
#define PORT_STR "4433"
|
||||
#define PROTOCOL "tcp"
|
||||
|
||||
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
||||
+int do_server(char *port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
||||
#ifdef HEADER_X509_H
|
||||
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
|
||||
#endif
|
||||
@@ -156,10 +156,9 @@ int MS_CALLBACK verify_callback(int ok,
|
||||
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
|
||||
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
|
||||
#endif
|
||||
-int init_client(int *sock, char *server, int port, int type);
|
||||
+int init_client(int *sock, char *server, char *port, int type);
|
||||
int should_retry(int i);
|
||||
-int extract_port(char *str, short *port_ptr);
|
||||
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
|
||||
+int extract_host_port(char *str,char **host_ptr,char **port_ptr);
|
||||
|
||||
long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
|
||||
int argi, long argl, long ret);
|
||||
diff -up openssl-1.0.1h/apps/s_client.c.ipv6-apps openssl-1.0.1h/apps/s_client.c
|
||||
--- openssl-1.0.1h/apps/s_client.c.ipv6-apps 2014-06-05 14:33:38.533669171 +0200
|
||||
+++ openssl-1.0.1h/apps/s_client.c 2014-06-05 14:33:38.540669335 +0200
|
||||
@@ -567,7 +567,7 @@ int MAIN(int argc, char **argv)
|
||||
int cbuf_len,cbuf_off;
|
||||
int sbuf_len,sbuf_off;
|
||||
fd_set readfds,writefds;
|
||||
- short port=PORT;
|
||||
+ char *port_str = PORT_STR;
|
||||
int full_log=1;
|
||||
char *host=SSL_HOST_NAME;
|
||||
char *cert_file=NULL,*key_file=NULL;
|
||||
@@ -668,13 +668,12 @@ int MAIN(int argc, char **argv)
|
||||
else if (strcmp(*argv,"-port") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
- port=atoi(*(++argv));
|
||||
- if (port == 0) goto bad;
|
||||
+ port_str= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-connect") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
- if (!extract_host_port(*(++argv),&host,NULL,&port))
|
||||
+ if (!extract_host_port(*(++argv),&host,&port_str))
|
||||
goto bad;
|
||||
}
|
||||
else if (strcmp(*argv,"-verify") == 0)
|
||||
@@ -1267,7 +1266,7 @@ bad:
|
||||
|
||||
re_start:
|
||||
|
||||
- if (init_client(&s,host,port,socket_type) == 0)
|
||||
+ if (init_client(&s,host,port_str,socket_type) == 0)
|
||||
{
|
||||
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
|
||||
SHUTDOWN(s);
|
||||
diff -up openssl-1.0.1h/apps/s_server.c.ipv6-apps openssl-1.0.1h/apps/s_server.c
|
||||
--- openssl-1.0.1h/apps/s_server.c.ipv6-apps 2014-06-05 14:33:38.533669171 +0200
|
||||
+++ openssl-1.0.1h/apps/s_server.c 2014-06-05 14:33:38.541669358 +0200
|
||||
@@ -933,7 +933,7 @@ int MAIN(int argc, char *argv[])
|
||||
{
|
||||
X509_VERIFY_PARAM *vpm = NULL;
|
||||
int badarg = 0;
|
||||
- short port=PORT;
|
||||
+ char *port_str = PORT_STR;
|
||||
char *CApath=NULL,*CAfile=NULL;
|
||||
unsigned char *context = NULL;
|
||||
char *dhfile = NULL;
|
||||
@@ -1004,8 +1004,7 @@ int MAIN(int argc, char *argv[])
|
||||
(strcmp(*argv,"-accept") == 0))
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
- if (!extract_port(*(++argv),&port))
|
||||
- goto bad;
|
||||
+ port_str= *(++argv);
|
||||
}
|
||||
else if (strcmp(*argv,"-verify") == 0)
|
||||
{
|
||||
@@ -1892,9 +1891,9 @@ bad:
|
||||
BIO_printf(bio_s_out,"ACCEPT\n");
|
||||
(void)BIO_flush(bio_s_out);
|
||||
if (www)
|
||||
- do_server(port,socket_type,&accept_socket,www_body, context);
|
||||
+ do_server(port_str,socket_type,&accept_socket,www_body, context);
|
||||
else
|
||||
- do_server(port,socket_type,&accept_socket,sv_body, context);
|
||||
+ do_server(port_str,socket_type,&accept_socket,sv_body, context);
|
||||
print_stats(bio_s_out,ctx);
|
||||
ret=0;
|
||||
end:
|
||||
diff -up openssl-1.0.1h/apps/s_socket.c.ipv6-apps openssl-1.0.1h/apps/s_socket.c
|
||||
--- openssl-1.0.1h/apps/s_socket.c.ipv6-apps 2014-06-05 11:44:33.000000000 +0200
|
||||
+++ openssl-1.0.1h/apps/s_socket.c 2014-06-05 14:39:53.226442195 +0200
|
||||
@@ -102,9 +102,7 @@ static struct hostent *GetHostByName(cha
|
||||
static void ssl_sock_cleanup(void);
|
||||
#endif
|
||||
static int ssl_sock_init(void);
|
||||
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
|
||||
-static int init_server(int *sock, int port, int type);
|
||||
-static int init_server_long(int *sock, int port,char *ip, int type);
|
||||
+static int init_server(int *sock, char *port, int type);
|
||||
static int do_accept(int acc_sock, int *sock, char **host);
|
||||
static int host_ip(char *str, unsigned char ip[4]);
|
||||
|
||||
@@ -234,57 +232,71 @@ static int ssl_sock_init(void)
|
||||
return(1);
|
||||
}
|
||||
|
||||
-int init_client(int *sock, char *host, int port, int type)
|
||||
+int init_client(int *sock, char *host, char *port, int type)
|
||||
{
|
||||
- unsigned char ip[4];
|
||||
-
|
||||
- memset(ip, '\0', sizeof ip);
|
||||
- if (!host_ip(host,&(ip[0])))
|
||||
- return 0;
|
||||
- return init_client_ip(sock,ip,port,type);
|
||||
- }
|
||||
-
|
||||
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
|
||||
- {
|
||||
- unsigned long addr;
|
||||
- struct sockaddr_in them;
|
||||
- int s,i;
|
||||
+ struct addrinfo *res, *res0, hints;
|
||||
+ char * failed_call = NULL;
|
||||
+ int s;
|
||||
+ int e;
|
||||
|
||||
if (!ssl_sock_init()) return(0);
|
||||
|
||||
- memset((char *)&them,0,sizeof(them));
|
||||
- them.sin_family=AF_INET;
|
||||
- them.sin_port=htons((unsigned short)port);
|
||||
- addr=(unsigned long)
|
||||
- ((unsigned long)ip[0]<<24L)|
|
||||
- ((unsigned long)ip[1]<<16L)|
|
||||
- ((unsigned long)ip[2]<< 8L)|
|
||||
- ((unsigned long)ip[3]);
|
||||
- them.sin_addr.s_addr=htonl(addr);
|
||||
-
|
||||
- if (type == SOCK_STREAM)
|
||||
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
- else /* ( type == SOCK_DGRAM) */
|
||||
- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
|
||||
-
|
||||
- if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
||||
+ memset(&hints, '\0', sizeof(hints));
|
||||
+ hints.ai_socktype = type;
|
||||
+ hints.ai_flags = AI_ADDRCONFIG;
|
||||
+
|
||||
+ e = getaddrinfo(host, port, &hints, &res);
|
||||
+ if (e)
|
||||
+ {
|
||||
+ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
|
||||
+ if (e == EAI_SYSTEM)
|
||||
+ perror("getaddrinfo");
|
||||
+ return (0);
|
||||
+ }
|
||||
|
||||
+ res0 = res;
|
||||
+ while (res)
|
||||
+ {
|
||||
+ s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
|
||||
+ if (s == INVALID_SOCKET)
|
||||
+ {
|
||||
+ failed_call = "socket";
|
||||
+ goto nextres;
|
||||
+ }
|
||||
#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
|
||||
if (type == SOCK_STREAM)
|
||||
{
|
||||
- i=0;
|
||||
- i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
||||
- if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
|
||||
+ int i=0;
|
||||
+ i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
|
||||
+ (char *)&i,sizeof(i));
|
||||
+ if (i < 0) {
|
||||
+ failed_call = "keepalive";
|
||||
+ goto nextres;
|
||||
+ }
|
||||
}
|
||||
#endif
|
||||
-
|
||||
- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
|
||||
- { closesocket(s); perror("connect"); return(0); }
|
||||
+ if (connect(s,(struct sockaddr *)res->ai_addr,
|
||||
+ res->ai_addrlen) == 0)
|
||||
+ {
|
||||
+ freeaddrinfo(res0);
|
||||
*sock=s;
|
||||
return(1);
|
||||
}
|
||||
|
||||
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
||||
+ failed_call = "socket";
|
||||
+nextres:
|
||||
+ if (s != INVALID_SOCKET)
|
||||
+ close(s);
|
||||
+ res = res->ai_next;
|
||||
+ }
|
||||
+ freeaddrinfo(res0);
|
||||
+ closesocket(s);
|
||||
+
|
||||
+ perror(failed_call);
|
||||
+ return(0);
|
||||
+ }
|
||||
+
|
||||
+int do_server(char *port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
||||
{
|
||||
int sock;
|
||||
char *name = NULL;
|
||||
@@ -322,33 +334,50 @@ int do_server(int port, int type, int *r
|
||||
}
|
||||
}
|
||||
|
||||
-static int init_server_long(int *sock, int port, char *ip, int type)
|
||||
+static int init_server(int *sock, char *port, int type)
|
||||
{
|
||||
- int ret=0;
|
||||
- struct sockaddr_in server;
|
||||
- int s= -1;
|
||||
+ struct addrinfo *res, *res0 = NULL, hints;
|
||||
+ char * failed_call = NULL;
|
||||
+ int s = INVALID_SOCKET;
|
||||
+ int e;
|
||||
|
||||
if (!ssl_sock_init()) return(0);
|
||||
|
||||
- memset((char *)&server,0,sizeof(server));
|
||||
- server.sin_family=AF_INET;
|
||||
- server.sin_port=htons((unsigned short)port);
|
||||
- if (ip == NULL)
|
||||
- server.sin_addr.s_addr=INADDR_ANY;
|
||||
- else
|
||||
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
||||
-#ifndef BIT_FIELD_LIMITS
|
||||
- memcpy(&server.sin_addr.s_addr,ip,4);
|
||||
-#else
|
||||
- memcpy(&server.sin_addr,ip,4);
|
||||
-#endif
|
||||
+ memset(&hints, '\0', sizeof(hints));
|
||||
+ hints.ai_family = AF_INET6;
|
||||
+tryipv4:
|
||||
+ hints.ai_socktype = type;
|
||||
+ hints.ai_flags = AI_PASSIVE;
|
||||
|
||||
- if (type == SOCK_STREAM)
|
||||
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
- else /* type == SOCK_DGRAM */
|
||||
- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
|
||||
+ e = getaddrinfo(NULL, port, &hints, &res);
|
||||
+ if (e)
|
||||
+ {
|
||||
+ if (hints.ai_family == AF_INET)
|
||||
+ {
|
||||
+ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
|
||||
+ if (e == EAI_SYSTEM)
|
||||
+ perror("getaddrinfo");
|
||||
+ return (0);
|
||||
+ }
|
||||
+ else
|
||||
+ res = NULL;
|
||||
+ }
|
||||
|
||||
- if (s == INVALID_SOCKET) goto err;
|
||||
+ res0 = res;
|
||||
+ while (res)
|
||||
+ {
|
||||
+ s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
|
||||
+ if (s == INVALID_SOCKET)
|
||||
+ {
|
||||
+ failed_call = "socket";
|
||||
+ goto nextres;
|
||||
+ }
|
||||
+ if (hints.ai_family == AF_INET6)
|
||||
+ {
|
||||
+ int j = 0;
|
||||
+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
|
||||
+ (void *) &j, sizeof j);
|
||||
+ }
|
||||
#if defined SOL_SOCKET && defined SO_REUSEADDR
|
||||
{
|
||||
int j = 1;
|
||||
@@ -356,35 +385,49 @@ static int init_server_long(int *sock, i
|
||||
(void *) &j, sizeof j);
|
||||
}
|
||||
#endif
|
||||
- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
|
||||
+
|
||||
+ if (bind(s,(struct sockaddr *)res->ai_addr, res->ai_addrlen) == -1)
|
||||
{
|
||||
-#ifndef OPENSSL_SYS_WINDOWS
|
||||
- perror("bind");
|
||||
-#endif
|
||||
- goto err;
|
||||
+ failed_call = "bind";
|
||||
+ goto nextres;
|
||||
}
|
||||
- /* Make it 128 for linux */
|
||||
- if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
|
||||
- *sock=s;
|
||||
- ret=1;
|
||||
-err:
|
||||
- if ((ret == 0) && (s != -1))
|
||||
+ if (type==SOCK_STREAM && listen(s,128) == -1)
|
||||
{
|
||||
- SHUTDOWN(s);
|
||||
+ failed_call = "listen";
|
||||
+ goto nextres;
|
||||
}
|
||||
- return(ret);
|
||||
+
|
||||
+ *sock=s;
|
||||
+ return(1);
|
||||
+
|
||||
+nextres:
|
||||
+ if (s != INVALID_SOCKET)
|
||||
+ close(s);
|
||||
+ res = res->ai_next;
|
||||
}
|
||||
+ if (res0)
|
||||
+ freeaddrinfo(res0);
|
||||
|
||||
-static int init_server(int *sock, int port, int type)
|
||||
+ if (s == INVALID_SOCKET)
|
||||
{
|
||||
- return(init_server_long(sock, port, NULL, type));
|
||||
+ if (hints.ai_family == AF_INET6)
|
||||
+ {
|
||||
+ hints.ai_family = AF_INET;
|
||||
+ goto tryipv4;
|
||||
+ }
|
||||
+ perror("socket");
|
||||
+ return(0);
|
||||
+ }
|
||||
+
|
||||
+ perror(failed_call);
|
||||
+ return(0);
|
||||
}
|
||||
|
||||
static int do_accept(int acc_sock, int *sock, char **host)
|
||||
{
|
||||
+ static struct sockaddr_storage from;
|
||||
+ char buffer[NI_MAXHOST];
|
||||
int ret;
|
||||
- struct hostent *h1,*h2;
|
||||
- static struct sockaddr_in from;
|
||||
int len;
|
||||
/* struct linger ling; */
|
||||
|
||||
@@ -424,145 +467,66 @@ redoit:
|
||||
ling.l_onoff=1;
|
||||
ling.l_linger=0;
|
||||
i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
|
||||
- if (i < 0) { perror("linger"); return(0); }
|
||||
+ if (i < 0) { closesocket(ret); perror("linger"); return(0); }
|
||||
i=0;
|
||||
i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
||||
- if (i < 0) { perror("keepalive"); return(0); }
|
||||
+ if (i < 0) { closesocket(ret); perror("keepalive"); return(0); }
|
||||
*/
|
||||
|
||||
if (host == NULL) goto end;
|
||||
-#ifndef BIT_FIELD_LIMITS
|
||||
- /* I should use WSAAsyncGetHostByName() under windows */
|
||||
- h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
|
||||
- sizeof(from.sin_addr.s_addr),AF_INET);
|
||||
-#else
|
||||
- h1=gethostbyaddr((char *)&from.sin_addr,
|
||||
- sizeof(struct in_addr),AF_INET);
|
||||
-#endif
|
||||
- if (h1 == NULL)
|
||||
+
|
||||
+ if (getnameinfo((struct sockaddr *)&from, sizeof(from),
|
||||
+ buffer, sizeof(buffer),
|
||||
+ NULL, 0, 0))
|
||||
{
|
||||
- BIO_printf(bio_err,"bad gethostbyaddr\n");
|
||||
+ BIO_printf(bio_err,"getnameinfo failed\n");
|
||||
*host=NULL;
|
||||
/* return(0); */
|
||||
}
|
||||
else
|
||||
{
|
||||
- if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
|
||||
+ if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
|
||||
{
|
||||
perror("OPENSSL_malloc");
|
||||
closesocket(ret);
|
||||
return(0);
|
||||
}
|
||||
- BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
|
||||
-
|
||||
- h2=GetHostByName(*host);
|
||||
- if (h2 == NULL)
|
||||
- {
|
||||
- BIO_printf(bio_err,"gethostbyname failure\n");
|
||||
- closesocket(ret);
|
||||
- return(0);
|
||||
- }
|
||||
- if (h2->h_addrtype != AF_INET)
|
||||
- {
|
||||
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||
- closesocket(ret);
|
||||
- return(0);
|
||||
- }
|
||||
+ strcpy(*host, buffer);
|
||||
}
|
||||
end:
|
||||
*sock=ret;
|
||||
return(1);
|
||||
}
|
||||
|
||||
-int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
|
||||
- short *port_ptr)
|
||||
+int extract_host_port(char *str, char **host_ptr,
|
||||
+ char **port_ptr)
|
||||
{
|
||||
- char *h,*p;
|
||||
+ char *h,*p,*x;
|
||||
|
||||
- h=str;
|
||||
- p=strchr(str,':');
|
||||
+ x=h=str;
|
||||
+ if (*h == '[')
|
||||
+ {
|
||||
+ h++;
|
||||
+ p=strchr(h,']');
|
||||
if (p == NULL)
|
||||
{
|
||||
- BIO_printf(bio_err,"no port defined\n");
|
||||
+ BIO_printf(bio_err,"no ending bracket for IPv6 address\n");
|
||||
return(0);
|
||||
}
|
||||
*(p++)='\0';
|
||||
-
|
||||
- if ((ip != NULL) && !host_ip(str,ip))
|
||||
- goto err;
|
||||
- if (host_ptr != NULL) *host_ptr=h;
|
||||
-
|
||||
- if (!extract_port(p,port_ptr))
|
||||
- goto err;
|
||||
- return(1);
|
||||
-err:
|
||||
- return(0);
|
||||
+ x = p;
|
||||
}
|
||||
-
|
||||
-static int host_ip(char *str, unsigned char ip[4])
|
||||
- {
|
||||
- unsigned int in[4];
|
||||
- int i;
|
||||
-
|
||||
- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
|
||||
- {
|
||||
- for (i=0; i<4; i++)
|
||||
- if (in[i] > 255)
|
||||
- {
|
||||
- BIO_printf(bio_err,"invalid IP address\n");
|
||||
- goto err;
|
||||
- }
|
||||
- ip[0]=in[0];
|
||||
- ip[1]=in[1];
|
||||
- ip[2]=in[2];
|
||||
- ip[3]=in[3];
|
||||
- }
|
||||
- else
|
||||
- { /* do a gethostbyname */
|
||||
- struct hostent *he;
|
||||
-
|
||||
- if (!ssl_sock_init()) return(0);
|
||||
-
|
||||
- he=GetHostByName(str);
|
||||
- if (he == NULL)
|
||||
- {
|
||||
- BIO_printf(bio_err,"gethostbyname failure\n");
|
||||
- goto err;
|
||||
- }
|
||||
- /* cast to short because of win16 winsock definition */
|
||||
- if ((short)he->h_addrtype != AF_INET)
|
||||
+ p=strchr(x,':');
|
||||
+ if (p == NULL)
|
||||
{
|
||||
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||
- return(0);
|
||||
- }
|
||||
- ip[0]=he->h_addr_list[0][0];
|
||||
- ip[1]=he->h_addr_list[0][1];
|
||||
- ip[2]=he->h_addr_list[0][2];
|
||||
- ip[3]=he->h_addr_list[0][3];
|
||||
- }
|
||||
- return(1);
|
||||
-err:
|
||||
+ BIO_printf(bio_err,"no port defined\n");
|
||||
return(0);
|
||||
}
|
||||
+ *(p++)='\0';
|
||||
|
||||
-int extract_port(char *str, short *port_ptr)
|
||||
- {
|
||||
- int i;
|
||||
- struct servent *s;
|
||||
+ if (host_ptr != NULL) *host_ptr=h;
|
||||
+ if (port_ptr != NULL) *port_ptr=p;
|
||||
|
||||
- i=atoi(str);
|
||||
- if (i != 0)
|
||||
- *port_ptr=(unsigned short)i;
|
||||
- else
|
||||
- {
|
||||
- s=getservbyname(str,"tcp");
|
||||
- if (s == NULL)
|
||||
- {
|
||||
- BIO_printf(bio_err,"getservbyname failure for %s\n",str);
|
||||
- return(0);
|
||||
- }
|
||||
- *port_ptr=ntohs((unsigned short)s->s_port);
|
||||
- }
|
||||
return(1);
|
||||
}
|
||||
|
289
openssl-1.0.1h-system-cipherlist.patch
Normal file
289
openssl-1.0.1h-system-cipherlist.patch
Normal file
@ -0,0 +1,289 @@
|
||||
diff -up openssl-1.0.1h/Configure.system openssl-1.0.1h/Configure
|
||||
--- openssl-1.0.1h/Configure.system 2014-06-05 14:47:37.509312875 +0200
|
||||
+++ openssl-1.0.1h/Configure 2014-06-11 14:05:28.560359069 +0200
|
||||
@@ -10,7 +10,7 @@ use strict;
|
||||
|
||||
# see INSTALL for instructions.
|
||||
|
||||
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
|
||||
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
|
||||
|
||||
# Options:
|
||||
#
|
||||
@@ -35,6 +35,9 @@ my $usage="Usage: Configure [no-<cipher>
|
||||
# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently
|
||||
# supported values are "MIT" and "Heimdal". A value is required.
|
||||
#
|
||||
+# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM
|
||||
+# cipher is specified (default).
|
||||
+#
|
||||
# --test-sanity Make a number of sanity checks on the data in this file.
|
||||
# This is a debugging tool for OpenSSL developers.
|
||||
#
|
||||
@@ -663,6 +666,7 @@ my $prefix="";
|
||||
my $libdir="";
|
||||
my $openssldir="";
|
||||
my $enginesdir="";
|
||||
+my $system_ciphers_file="";
|
||||
my $exe_ext="";
|
||||
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
|
||||
my $cross_compile_prefix="";
|
||||
@@ -895,6 +899,10 @@ PROCESS_ARGS:
|
||||
{
|
||||
$enginesdir=$1;
|
||||
}
|
||||
+ elsif (/^--system-ciphers-file=(.*)$/)
|
||||
+ {
|
||||
+ $system_ciphers_file=$1;
|
||||
+ }
|
||||
elsif (/^--install.prefix=(.*)$/)
|
||||
{
|
||||
$install_prefix=$1;
|
||||
@@ -1053,6 +1061,7 @@ print "Configuring for $target\n";
|
||||
|
||||
&usage if (!defined($table{$target}));
|
||||
|
||||
+chop $system_ciphers_file if $system_ciphers_file =~ /\/$/;
|
||||
|
||||
foreach (sort (keys %disabled))
|
||||
{
|
||||
@@ -1607,6 +1616,7 @@ while (<IN>)
|
||||
s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
|
||||
s/^MULTILIB=.*$/MULTILIB=$multilib/;
|
||||
s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
|
||||
+ s/^SYSTEM_CIPHERS_FILE=.*$/SYSTEM_CIPHERS_FILE=$system_ciphers_file/;
|
||||
s/^LIBDIR=.*$/LIBDIR=$libdir/;
|
||||
s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
|
||||
s/^PLATFORM=.*$/PLATFORM=$target/;
|
||||
@@ -1812,6 +1822,14 @@ while (<IN>)
|
||||
$foo =~ s/\\/\\\\/g;
|
||||
print OUT "#define ENGINESDIR \"$foo\"\n";
|
||||
}
|
||||
+ elsif (/^#((define)|(undef))\s+SYSTEM_CIPHERS_FILE/)
|
||||
+ {
|
||||
+ my $foo = "$system_ciphers_file";
|
||||
+ if ($foo ne '') {
|
||||
+ $foo =~ s/\\/\\\\/g;
|
||||
+ print OUT "#define SYSTEM_CIPHERS_FILE \"$foo\"\n";
|
||||
+ }
|
||||
+ }
|
||||
elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
|
||||
{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
|
||||
if $export_var_as_fn;
|
||||
diff -up openssl-1.0.1h/crypto/opensslconf.h.in.system openssl-1.0.1h/crypto/opensslconf.h.in
|
||||
--- openssl-1.0.1h/crypto/opensslconf.h.in.system 2014-06-05 14:47:37.437311188 +0200
|
||||
+++ openssl-1.0.1h/crypto/opensslconf.h.in 2014-06-11 13:31:44.497722345 +0200
|
||||
@@ -25,6 +25,8 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
+#undef SYSTEM_CIPHERS_FILE
|
||||
+
|
||||
#undef OPENSSL_UNISTD
|
||||
#define OPENSSL_UNISTD <unistd.h>
|
||||
|
||||
diff -up openssl-1.0.1h/ssl/ssl_ciph.c.system openssl-1.0.1h/ssl/ssl_ciph.c
|
||||
--- openssl-1.0.1h/ssl/ssl_ciph.c.system 2014-06-05 14:47:37.441311282 +0200
|
||||
+++ openssl-1.0.1h/ssl/ssl_ciph.c 2014-06-11 13:55:28.194381937 +0200
|
||||
@@ -1352,6 +1352,54 @@ static int ssl_cipher_process_rulestr(co
|
||||
return(retval);
|
||||
}
|
||||
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+static char* load_system_str(const char* suffix)
|
||||
+ {
|
||||
+ FILE* fp;
|
||||
+ char buf[1024];
|
||||
+ char *new_rules;
|
||||
+ unsigned len, slen;
|
||||
+
|
||||
+ fp = fopen(SYSTEM_CIPHERS_FILE, "r");
|
||||
+ if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL)
|
||||
+ {
|
||||
+ /* cannot open or file is empty */
|
||||
+ snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST);
|
||||
+ }
|
||||
+
|
||||
+ if (fp)
|
||||
+ fclose(fp);
|
||||
+
|
||||
+ slen = strlen(suffix);
|
||||
+ len = strlen(buf);
|
||||
+
|
||||
+ if (buf[len-1] == '\n')
|
||||
+ {
|
||||
+ len--;
|
||||
+ buf[len] = 0;
|
||||
+ }
|
||||
+ if (buf[len-1] == '\r')
|
||||
+ {
|
||||
+ len--;
|
||||
+ buf[len] = 0;
|
||||
+ }
|
||||
+
|
||||
+ new_rules = OPENSSL_malloc(len + slen + 1);
|
||||
+ if (new_rules == 0)
|
||||
+ return NULL;
|
||||
+
|
||||
+ memcpy(new_rules, buf, len);
|
||||
+ if (slen > 0)
|
||||
+ {
|
||||
+ memcpy(&new_rules[len], suffix, slen);
|
||||
+ len += slen;
|
||||
+ }
|
||||
+ new_rules[len] = 0;
|
||||
+
|
||||
+ return new_rules;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
STACK_OF(SSL_CIPHER) **cipher_list,
|
||||
STACK_OF(SSL_CIPHER) **cipher_list_by_id,
|
||||
@@ -1359,16 +1407,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
{
|
||||
int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
|
||||
unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
|
||||
- STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
|
||||
+ STACK_OF(SSL_CIPHER) *cipherstack = NULL, *tmp_cipher_list;
|
||||
const char *rule_p;
|
||||
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
|
||||
const SSL_CIPHER **ca_list = NULL;
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+ char *new_rules = NULL;
|
||||
+
|
||||
+ if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0)
|
||||
+ {
|
||||
+ char *p = rule_str + 14;
|
||||
+
|
||||
+ new_rules = load_system_str(p);
|
||||
+ rule_str = new_rules;
|
||||
+ }
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Return with error if nothing to do.
|
||||
*/
|
||||
if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
|
||||
- return NULL;
|
||||
+ {
|
||||
+ goto end;
|
||||
+ }
|
||||
|
||||
/*
|
||||
* To reduce the work to do we only want to process the compiled
|
||||
@@ -1389,7 +1450,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
if (co_list == NULL)
|
||||
{
|
||||
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
|
||||
- return(NULL); /* Failure */
|
||||
+ goto end;
|
||||
}
|
||||
|
||||
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
|
||||
@@ -1431,8 +1492,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
* in force within each class */
|
||||
if (!ssl_cipher_strength_sort(&head, &tail))
|
||||
{
|
||||
- OPENSSL_free(co_list);
|
||||
- return NULL;
|
||||
+ goto end;
|
||||
}
|
||||
|
||||
/* Now disable everything (maintaining the ordering!) */
|
||||
@@ -1452,9 +1512,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
|
||||
if (ca_list == NULL)
|
||||
{
|
||||
- OPENSSL_free(co_list);
|
||||
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
|
||||
- return(NULL); /* Failure */
|
||||
+ goto end;
|
||||
}
|
||||
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
|
||||
disabled_mkey, disabled_auth, disabled_enc,
|
||||
@@ -1482,8 +1541,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
|
||||
if (!ok)
|
||||
{ /* Rule processing failure */
|
||||
- OPENSSL_free(co_list);
|
||||
- return(NULL);
|
||||
+ goto end;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1492,8 +1550,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
*/
|
||||
if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
|
||||
{
|
||||
- OPENSSL_free(co_list);
|
||||
- return(NULL);
|
||||
+ goto end;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1514,13 +1571,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
#endif
|
||||
}
|
||||
}
|
||||
- OPENSSL_free(co_list); /* Not needed any longer */
|
||||
|
||||
tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
|
||||
if (tmp_cipher_list == NULL)
|
||||
{
|
||||
sk_SSL_CIPHER_free(cipherstack);
|
||||
- return NULL;
|
||||
+ cipherstack = NULL;
|
||||
+ goto end;
|
||||
}
|
||||
if (*cipher_list != NULL)
|
||||
sk_SSL_CIPHER_free(*cipher_list);
|
||||
@@ -1531,6 +1588,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
(void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
|
||||
|
||||
sk_SSL_CIPHER_sort(*cipher_list_by_id);
|
||||
+
|
||||
+end:
|
||||
+ OPENSSL_free(co_list);
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+ OPENSSL_free(new_rules);
|
||||
+#endif
|
||||
return(cipherstack);
|
||||
}
|
||||
|
||||
diff -up openssl-1.0.1h/ssl/ssl.h.system openssl-1.0.1h/ssl/ssl.h
|
||||
--- openssl-1.0.1h/ssl/ssl.h.system 2014-06-05 14:47:37.000000000 +0200
|
||||
+++ openssl-1.0.1h/ssl/ssl.h 2014-06-11 14:08:35.243461447 +0200
|
||||
@@ -338,6 +338,11 @@ extern "C" {
|
||||
* (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
|
||||
* some of them.)
|
||||
*/
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+#define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
|
||||
+#else
|
||||
+#define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST
|
||||
+#endif
|
||||
|
||||
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
|
||||
#define SSL_SENT_SHUTDOWN 1
|
||||
diff -up openssl-1.0.1h/ssl/ssl_lib.c.system openssl-1.0.1h/ssl/ssl_lib.c
|
||||
--- openssl-1.0.1h/ssl/ssl_lib.c.system 2014-06-05 11:44:33.000000000 +0200
|
||||
+++ openssl-1.0.1h/ssl/ssl_lib.c 2014-06-11 13:59:40.696578139 +0200
|
||||
@@ -263,7 +263,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
|
||||
|
||||
sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
|
||||
&(ctx->cipher_list_by_id),
|
||||
- meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
|
||||
+ meth->version == SSL2_VERSION ? "SSLv2" : SSL_SYSTEM_DEFAULT_CIPHER_LIST);
|
||||
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
|
||||
{
|
||||
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
|
||||
@@ -1767,7 +1767,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||
|
||||
ssl_create_cipher_list(ret->method,
|
||||
&ret->cipher_list,&ret->cipher_list_by_id,
|
||||
- meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
|
||||
+ meth->version == SSL2_VERSION ? "SSLv2" : SSL_SYSTEM_DEFAULT_CIPHER_LIST);
|
||||
if (ret->cipher_list == NULL
|
||||
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
|
||||
{
|
77
openssl-1.0.1i-algo-doc.patch
Normal file
77
openssl-1.0.1i-algo-doc.patch
Normal file
@ -0,0 +1,77 @@
|
||||
diff -up openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod
|
||||
--- openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod.algo-doc 2014-08-06 23:10:56.000000000 +0200
|
||||
+++ openssl-1.0.1i/doc/crypto/EVP_DigestInit.pod 2014-08-07 11:18:01.290773970 +0200
|
||||
@@ -75,7 +75,7 @@ EVP_MD_CTX_create() allocates, initializ
|
||||
|
||||
EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
|
||||
B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
|
||||
-function. B<type> will typically be supplied by a functionsuch as EVP_sha1().
|
||||
+function. B<type> will typically be supplied by a function such as EVP_sha1().
|
||||
If B<impl> is NULL then the default implementation of digest B<type> is used.
|
||||
|
||||
EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
|
||||
@@ -164,7 +164,8 @@ corresponding OBJECT IDENTIFIER or NID_u
|
||||
EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
|
||||
EVP_MD_CTX_block_size() return the digest or block size in bytes.
|
||||
|
||||
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
|
||||
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
|
||||
+EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_dss(),
|
||||
EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
|
||||
corresponding EVP_MD structures.
|
||||
|
||||
diff -up openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod.algo-doc openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod
|
||||
--- openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod.algo-doc 2014-08-06 23:10:56.000000000 +0200
|
||||
+++ openssl-1.0.1i/doc/crypto/EVP_EncryptInit.pod 2014-08-07 10:55:25.100638252 +0200
|
||||
@@ -91,6 +91,32 @@ EVP_CIPHER_CTX_set_padding - EVP cipher
|
||||
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
|
||||
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
|
||||
|
||||
+ const EVP_CIPHER *EVP_des_ede3(void);
|
||||
+ const EVP_CIPHER *EVP_des_ede3_ecb(void);
|
||||
+ const EVP_CIPHER *EVP_des_ede3_cfb64(void);
|
||||
+ const EVP_CIPHER *EVP_des_ede3_cfb1(void);
|
||||
+ const EVP_CIPHER *EVP_des_ede3_cfb8(void);
|
||||
+ const EVP_CIPHER *EVP_des_ede3_ofb(void);
|
||||
+ const EVP_CIPHER *EVP_des_ede3_cbc(void);
|
||||
+ const EVP_CIPHER *EVP_aes_128_ecb(void);
|
||||
+ const EVP_CIPHER *EVP_aes_128_cbc(void);
|
||||
+ const EVP_CIPHER *EVP_aes_128_cfb1(void);
|
||||
+ const EVP_CIPHER *EVP_aes_128_cfb8(void);
|
||||
+ const EVP_CIPHER *EVP_aes_128_cfb128(void);
|
||||
+ const EVP_CIPHER *EVP_aes_128_ofb(void);
|
||||
+ const EVP_CIPHER *EVP_aes_192_ecb(void);
|
||||
+ const EVP_CIPHER *EVP_aes_192_cbc(void);
|
||||
+ const EVP_CIPHER *EVP_aes_192_cfb1(void);
|
||||
+ const EVP_CIPHER *EVP_aes_192_cfb8(void);
|
||||
+ const EVP_CIPHER *EVP_aes_192_cfb128(void);
|
||||
+ const EVP_CIPHER *EVP_aes_192_ofb(void);
|
||||
+ const EVP_CIPHER *EVP_aes_256_ecb(void);
|
||||
+ const EVP_CIPHER *EVP_aes_256_cbc(void);
|
||||
+ const EVP_CIPHER *EVP_aes_256_cfb1(void);
|
||||
+ const EVP_CIPHER *EVP_aes_256_cfb8(void);
|
||||
+ const EVP_CIPHER *EVP_aes_256_cfb128(void);
|
||||
+ const EVP_CIPHER *EVP_aes_256_ofb(void);
|
||||
+
|
||||
=head1 DESCRIPTION
|
||||
|
||||
The EVP cipher routines are a high level interface to certain
|
||||
@@ -297,6 +323,18 @@ Three key triple DES in CBC, ECB, CFB an
|
||||
|
||||
DESX algorithm in CBC mode.
|
||||
|
||||
+=item EVP_aes_128_cbc(void), EVP_aes_128_ecb(), EVP_aes_128_ofb(void), EVP_aes_128_cfb1(void), EVP_aes_128_cfb8(void), EVP_aes_128_cfb128(void)
|
||||
+
|
||||
+AES with 128 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
||||
+
|
||||
+=item EVP_aes_192_cbc(void), EVP_aes_192_ecb(), EVP_aes_192_ofb(void), EVP_aes_192_cfb1(void), EVP_aes_192_cfb8(void), EVP_aes_192_cfb128(void)
|
||||
+
|
||||
+AES with 192 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
||||
+
|
||||
+=item EVP_aes_256_cbc(void), EVP_aes_256_ecb(), EVP_aes_256_ofb(void), EVP_aes_256_cfb1(void), EVP_aes_256_cfb8(void), EVP_aes_256_cfb128(void)
|
||||
+
|
||||
+AES with 256 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
||||
+
|
||||
=item EVP_rc4(void)
|
||||
|
||||
RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
|
86
openssl-1.0.1i-manfix.patch
Normal file
86
openssl-1.0.1i-manfix.patch
Normal file
@ -0,0 +1,86 @@
|
||||
diff -up openssl-1.0.1i/doc/apps/ec.pod.manfix openssl-1.0.1i/doc/apps/ec.pod
|
||||
--- openssl-1.0.1i/doc/apps/ec.pod.manfix 2014-07-22 21:41:23.000000000 +0200
|
||||
+++ openssl-1.0.1i/doc/apps/ec.pod 2014-08-07 11:21:57.258887741 +0200
|
||||
@@ -93,10 +93,6 @@ prints out the public, private key compo
|
||||
|
||||
this option prevents output of the encoded version of the key.
|
||||
|
||||
-=item B<-modulus>
|
||||
-
|
||||
-this option prints out the value of the public key component of the key.
|
||||
-
|
||||
=item B<-pubin>
|
||||
|
||||
by default a private key is read from the input file: with this option a
|
||||
diff -up openssl-1.0.1i/doc/apps/openssl.pod.manfix openssl-1.0.1i/doc/apps/openssl.pod
|
||||
--- openssl-1.0.1i/doc/apps/openssl.pod.manfix 2014-07-22 21:43:11.000000000 +0200
|
||||
+++ openssl-1.0.1i/doc/apps/openssl.pod 2014-08-07 11:21:57.259887746 +0200
|
||||
@@ -163,7 +163,7 @@ Create or examine a netscape certificate
|
||||
|
||||
Online Certificate Status Protocol utility.
|
||||
|
||||
-=item L<B<passwd>|passwd(1)>
|
||||
+=item L<B<passwd>|sslpasswd(1)>
|
||||
|
||||
Generation of hashed passwords.
|
||||
|
||||
@@ -187,7 +187,7 @@ Public key algorithm parameter managemen
|
||||
|
||||
Public key algorithm cryptographic operation utility.
|
||||
|
||||
-=item L<B<rand>|rand(1)>
|
||||
+=item L<B<rand>|sslrand(1)>
|
||||
|
||||
Generate pseudo-random bytes.
|
||||
|
||||
@@ -401,9 +401,9 @@ L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkc
|
||||
L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
|
||||
L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
|
||||
L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
|
||||
-L<passwd(1)|passwd(1)>,
|
||||
+L<sslpasswd(1)|sslpasswd(1)>,
|
||||
L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
|
||||
-L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
|
||||
+L<sslrand(1)|sslrand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
|
||||
L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
|
||||
L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
|
||||
L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
|
||||
diff -up openssl-1.0.1i/doc/apps/s_client.pod.manfix openssl-1.0.1i/doc/apps/s_client.pod
|
||||
--- openssl-1.0.1i/doc/apps/s_client.pod.manfix 2014-08-06 23:10:56.000000000 +0200
|
||||
+++ openssl-1.0.1i/doc/apps/s_client.pod 2014-08-07 11:24:28.736604443 +0200
|
||||
@@ -34,9 +34,14 @@ B<openssl> B<s_client>
|
||||
[B<-ssl2>]
|
||||
[B<-ssl3>]
|
||||
[B<-tls1>]
|
||||
+[B<-tls1_1>]
|
||||
+[B<-tls1_2>]
|
||||
+[B<-dtls1>]
|
||||
[B<-no_ssl2>]
|
||||
[B<-no_ssl3>]
|
||||
[B<-no_tls1>]
|
||||
+[B<-no_tls1_1>]
|
||||
+[B<-no_tls1_2>]
|
||||
[B<-bugs>]
|
||||
[B<-cipher cipherlist>]
|
||||
[B<-serverpref>]
|
||||
@@ -196,7 +201,7 @@ Use the PSK key B<key> when using a PSK
|
||||
given as a hexadecimal number without leading 0x, for example -psk
|
||||
1a2b3c4d.
|
||||
|
||||
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
|
||||
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
|
||||
|
||||
these options disable the use of certain SSL or TLS protocols. By default
|
||||
the initial handshake uses a method which should be compatible with all
|
||||
diff -up openssl-1.0.1i/doc/apps/s_server.pod.manfix openssl-1.0.1i/doc/apps/s_server.pod
|
||||
--- openssl-1.0.1i/doc/apps/s_server.pod.manfix 2014-08-06 23:10:56.000000000 +0200
|
||||
+++ openssl-1.0.1i/doc/apps/s_server.pod 2014-08-07 11:21:57.259887746 +0200
|
||||
@@ -216,7 +216,7 @@ Use the PSK key B<key> when using a PSK
|
||||
given as a hexadecimal number without leading 0x, for example -psk
|
||||
1a2b3c4d.
|
||||
|
||||
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
|
||||
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-dtls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
|
||||
|
||||
these options disable the use of certain SSL or TLS protocols. By default
|
||||
the initial handshake uses a method which should be compatible with all
|
1391
openssl-1.0.1i-new-fips-reqs.patch
Normal file
1391
openssl-1.0.1i-new-fips-reqs.patch
Normal file
File diff suppressed because it is too large
Load Diff
6636
openssl-1.0.1i-ppc-asm-update.patch
Normal file
6636
openssl-1.0.1i-ppc-asm-update.patch
Normal file
File diff suppressed because it is too large
Load Diff
1242
openssl-1.0.1j-evp-wrap.patch
Normal file
1242
openssl-1.0.1j-evp-wrap.patch
Normal file
File diff suppressed because it is too large
Load Diff
2031
openssl-1.0.1j-fips-ec.patch
Normal file
2031
openssl-1.0.1j-fips-ec.patch
Normal file
File diff suppressed because it is too large
Load Diff
407
openssl-1.0.1k-alt-chains.patch
Normal file
407
openssl-1.0.1k-alt-chains.patch
Normal file
@ -0,0 +1,407 @@
|
||||
diff -up openssl-1.0.1k/apps/apps.c.alt-chains openssl-1.0.1k/apps/apps.c
|
||||
--- openssl-1.0.1k/apps/apps.c.alt-chains 2015-07-09 14:58:55.949753674 +0200
|
||||
+++ openssl-1.0.1k/apps/apps.c 2015-07-09 14:58:55.970754174 +0200
|
||||
@@ -2365,6 +2365,8 @@ int args_verify(char ***pargs, int *parg
|
||||
flags |= X509_V_FLAG_NOTIFY_POLICY;
|
||||
else if (!strcmp(arg, "-check_ss_sig"))
|
||||
flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
|
||||
+ else if (!strcmp(arg, "-no_alt_chains"))
|
||||
+ flags |= X509_V_FLAG_NO_ALT_CHAINS;
|
||||
else if (!strcmp(arg, "-trusted_first"))
|
||||
flags |= X509_V_FLAG_TRUSTED_FIRST;
|
||||
else
|
||||
diff -up openssl-1.0.1k/apps/cms.c.alt-chains openssl-1.0.1k/apps/cms.c
|
||||
--- openssl-1.0.1k/apps/cms.c.alt-chains 2015-07-09 14:58:55.949753674 +0200
|
||||
+++ openssl-1.0.1k/apps/cms.c 2015-07-09 14:58:55.970754174 +0200
|
||||
@@ -642,6 +642,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
+ BIO_printf (bio_err, "-no_alt_chains only ever use the first certificate chain found\n");
|
||||
BIO_printf (bio_err, "-trusted_first use trusted certificates first when building the trust chain\n");
|
||||
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
|
||||
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
|
||||
diff -up openssl-1.0.1k/apps/ocsp.c.alt-chains openssl-1.0.1k/apps/ocsp.c
|
||||
--- openssl-1.0.1k/apps/ocsp.c.alt-chains 2015-07-09 14:58:55.949753674 +0200
|
||||
+++ openssl-1.0.1k/apps/ocsp.c 2015-07-09 14:58:55.971754198 +0200
|
||||
@@ -605,6 +605,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-path path to use in OCSP request\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
+ BIO_printf (bio_err, "-no_alt_chains only ever use the first certificate chain found\n");
|
||||
BIO_printf (bio_err, "-trusted_first use trusted certificates first when building the trust chain\n");
|
||||
BIO_printf (bio_err, "-VAfile file validator certificates file\n");
|
||||
BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n");
|
||||
diff -up openssl-1.0.1k/apps/s_client.c.alt-chains openssl-1.0.1k/apps/s_client.c
|
||||
--- openssl-1.0.1k/apps/s_client.c.alt-chains 2015-07-09 14:58:55.956753841 +0200
|
||||
+++ openssl-1.0.1k/apps/s_client.c 2015-07-09 14:58:55.971754198 +0200
|
||||
@@ -299,6 +299,7 @@ static void sc_usage(void)
|
||||
BIO_printf(bio_err," -pass arg - private key file pass phrase source\n");
|
||||
BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
|
||||
BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
|
||||
+ BIO_printf(bio_err," -no_alt_chains - only ever use the first certificate chain found\n");
|
||||
BIO_printf(bio_err," -trusted_first - Use trusted CA's first when building the trust chain\n");
|
||||
BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n");
|
||||
BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n");
|
||||
diff -up openssl-1.0.1k/apps/smime.c.alt-chains openssl-1.0.1k/apps/smime.c
|
||||
--- openssl-1.0.1k/apps/smime.c.alt-chains 2015-07-09 14:58:55.950753698 +0200
|
||||
+++ openssl-1.0.1k/apps/smime.c 2015-07-09 14:58:55.971754198 +0200
|
||||
@@ -479,6 +479,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
+ BIO_printf (bio_err, "-no_alt_chains only ever use the first certificate chain found\n");
|
||||
BIO_printf (bio_err, "-trusted_first use trusted certificates first when building the trust chain\n");
|
||||
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
|
||||
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
|
||||
diff -up openssl-1.0.1k/apps/s_server.c.alt-chains openssl-1.0.1k/apps/s_server.c
|
||||
--- openssl-1.0.1k/apps/s_server.c.alt-chains 2015-07-09 14:58:55.950753698 +0200
|
||||
+++ openssl-1.0.1k/apps/s_server.c 2015-07-09 14:58:55.971754198 +0200
|
||||
@@ -502,6 +502,7 @@ static void sv_usage(void)
|
||||
BIO_printf(bio_err," -state - Print the SSL states\n");
|
||||
BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
|
||||
BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
|
||||
+ BIO_printf(bio_err," -no_alt_chains - only ever use the first certificate chain found\n");
|
||||
BIO_printf(bio_err," -trusted_first - Use trusted CA's first when building the trust chain\n");
|
||||
BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n");
|
||||
BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n");
|
||||
diff -up openssl-1.0.1k/apps/verify.c.alt-chains openssl-1.0.1k/apps/verify.c
|
||||
--- openssl-1.0.1k/apps/verify.c.alt-chains 2015-07-09 14:58:55.951753722 +0200
|
||||
+++ openssl-1.0.1k/apps/verify.c 2015-07-09 14:58:55.972754221 +0200
|
||||
@@ -238,7 +238,7 @@ int MAIN(int argc, char **argv)
|
||||
end:
|
||||
if (ret == 1) {
|
||||
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check]");
|
||||
- BIO_printf(bio_err," [-attime timestamp]");
|
||||
+ BIO_printf(bio_err," [-no_alt_chains] [-attime timestamp]");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
BIO_printf(bio_err," [-engine e]");
|
||||
#endif
|
||||
diff -up openssl-1.0.1k/crypto/x509/x509_vfy.c.alt-chains openssl-1.0.1k/crypto/x509/x509_vfy.c
|
||||
--- openssl-1.0.1k/crypto/x509/x509_vfy.c.alt-chains 2015-07-09 14:58:55.951753722 +0200
|
||||
+++ openssl-1.0.1k/crypto/x509/x509_vfy.c 2015-07-09 15:28:03.630442145 +0200
|
||||
@@ -154,11 +154,11 @@ static int x509_subject_cmp(X509 **a, X5
|
||||
|
||||
int X509_verify_cert(X509_STORE_CTX *ctx)
|
||||
{
|
||||
- X509 *x,*xtmp,*chain_ss=NULL;
|
||||
+ X509 *x,*xtmp,*xtmp2,*chain_ss=NULL;
|
||||
int bad_chain = 0;
|
||||
X509_VERIFY_PARAM *param = ctx->param;
|
||||
int depth,i,ok=0;
|
||||
- int num;
|
||||
+ int num, j, retry;
|
||||
int (*cb)(int xok,X509_STORE_CTX *xctx);
|
||||
STACK_OF(X509) *sktmp=NULL;
|
||||
if (ctx->cert == NULL)
|
||||
@@ -167,21 +167,27 @@ int X509_verify_cert(X509_STORE_CTX *ctx
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (ctx->chain != NULL) {
|
||||
+ /*
|
||||
+ * This X509_STORE_CTX has already been used to verify a cert. We
|
||||
+ * cannot do another one.
|
||||
+ */
|
||||
+ X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
cb=ctx->verify_cb;
|
||||
|
||||
/* first we make sure the chain we are going to build is
|
||||
* present and that the first entry is in place */
|
||||
- if (ctx->chain == NULL)
|
||||
+ if ( ((ctx->chain=sk_X509_new_null()) == NULL) ||
|
||||
+ (!sk_X509_push(ctx->chain,ctx->cert)))
|
||||
{
|
||||
- if ( ((ctx->chain=sk_X509_new_null()) == NULL) ||
|
||||
- (!sk_X509_push(ctx->chain,ctx->cert)))
|
||||
- {
|
||||
- X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
|
||||
- goto end;
|
||||
- }
|
||||
- CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
|
||||
- ctx->last_untrusted=1;
|
||||
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
|
||||
+ goto end;
|
||||
}
|
||||
+ CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
|
||||
+ ctx->last_untrusted=1;
|
||||
|
||||
/* We use a temporary STACK so we can chop and hack at it */
|
||||
if (ctx->untrusted != NULL
|
||||
@@ -247,10 +253,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx
|
||||
break;
|
||||
}
|
||||
|
||||
+ /* Remember how many untrusted certs we have */
|
||||
+ j = num;
|
||||
+
|
||||
/* at this point, chain should contain a list of untrusted
|
||||
* certificates. We now need to add at least one trusted one,
|
||||
* if possible, otherwise we complain. */
|
||||
|
||||
+ do {
|
||||
/* Examine last certificate in chain and see if it
|
||||
* is self signed.
|
||||
*/
|
||||
@@ -294,6 +304,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx
|
||||
chain_ss=sk_X509_pop(ctx->chain);
|
||||
ctx->last_untrusted--;
|
||||
num--;
|
||||
+ j--;
|
||||
x=sk_X509_value(ctx->chain,num-1);
|
||||
}
|
||||
}
|
||||
@@ -322,7 +333,42 @@ int X509_verify_cert(X509_STORE_CTX *ctx
|
||||
num++;
|
||||
}
|
||||
|
||||
- /* we now have our chain, lets check it... */
|
||||
+ /*
|
||||
+ * If we haven't got a least one certificate from our store then check
|
||||
+ * if there is an alternative chain that could be used. We only do this
|
||||
+ * if the user hasn't switched off alternate chain checking
|
||||
+ */
|
||||
+ retry = 0;
|
||||
+ if (num == ctx->last_untrusted &&
|
||||
+ !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
|
||||
+ while (j-- > 1) {
|
||||
+ xtmp2 = sk_X509_value(ctx->chain, j - 1);
|
||||
+ ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
|
||||
+ if (ok < 0)
|
||||
+ goto end;
|
||||
+ /* Check if we found an alternate chain */
|
||||
+ if (ok > 0) {
|
||||
+ /*
|
||||
+ * Free up the found cert we'll add it again later
|
||||
+ */
|
||||
+ X509_free(xtmp);
|
||||
+
|
||||
+ /*
|
||||
+ * Dump all the certs above this point - we've found an
|
||||
+ * alternate chain
|
||||
+ */
|
||||
+ while (num > j) {
|
||||
+ xtmp = sk_X509_pop(ctx->chain);
|
||||
+ X509_free(xtmp);
|
||||
+ num--;
|
||||
+ }
|
||||
+ ctx->last_untrusted = j;
|
||||
+ retry = 1;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+ } while (retry);
|
||||
|
||||
/* Is last certificate looked up self signed? */
|
||||
if (!ctx->check_issued(ctx,x,x))
|
||||
diff -up openssl-1.0.1k/crypto/x509/x509_vfy.h.alt-chains openssl-1.0.1k/crypto/x509/x509_vfy.h
|
||||
--- openssl-1.0.1k/crypto/x509/x509_vfy.h.alt-chains 2015-07-09 14:58:55.951753722 +0200
|
||||
+++ openssl-1.0.1k/crypto/x509/x509_vfy.h 2015-07-09 14:58:55.972754221 +0200
|
||||
@@ -391,7 +391,12 @@ void X509_STORE_CTX_set_depth(X509_STORE
|
||||
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
||||
/* Use trusted store first */
|
||||
#define X509_V_FLAG_TRUSTED_FIRST 0x8000
|
||||
-
|
||||
+/*
|
||||
+ * If the initial chain is not trusted, do not attempt to build an alternative
|
||||
+ * chain. Alternate chain checking was introduced in 1.0.1n/1.0.2b. Setting
|
||||
+ * this flag will force the behaviour to match that of previous versions.
|
||||
+ */
|
||||
+#define X509_V_FLAG_NO_ALT_CHAINS 0x100000
|
||||
|
||||
#define X509_VP_FLAG_DEFAULT 0x1
|
||||
#define X509_VP_FLAG_OVERWRITE 0x2
|
||||
diff -up openssl-1.0.1k/doc/apps/cms.pod.alt-chains openssl-1.0.1k/doc/apps/cms.pod
|
||||
--- openssl-1.0.1k/doc/apps/cms.pod.alt-chains 2015-07-09 14:58:55.951753722 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/cms.pod 2015-07-09 14:58:55.972754221 +0200
|
||||
@@ -35,6 +35,7 @@ B<openssl> B<cms>
|
||||
[B<-print>]
|
||||
[B<-CAfile file>]
|
||||
[B<-CApath dir>]
|
||||
+[B<-no_alt_chains>]
|
||||
[B<-trusted_first>]
|
||||
[B<-md digest>]
|
||||
[B<-[cipher]>]
|
||||
@@ -413,7 +414,7 @@ portion of a message so they may be incl
|
||||
then many S/MIME mail clients check the signers certificate's email
|
||||
address matches that specified in the From: address.
|
||||
|
||||
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
|
||||
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
|
||||
|
||||
Set various certificate chain valiadition option. See the
|
||||
L<B<verify>|verify(1)> manual page for details.
|
||||
diff -up openssl-1.0.1k/doc/apps/ocsp.pod.alt-chains openssl-1.0.1k/doc/apps/ocsp.pod
|
||||
--- openssl-1.0.1k/doc/apps/ocsp.pod.alt-chains 2015-07-09 14:58:55.951753722 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/ocsp.pod 2015-07-09 14:58:55.973754245 +0200
|
||||
@@ -29,6 +29,7 @@ B<openssl> B<ocsp>
|
||||
[B<-path>]
|
||||
[B<-CApath dir>]
|
||||
[B<-CAfile file>]
|
||||
+[B<-no_alt_chains>]]
|
||||
[B<-trusted_first>]
|
||||
[B<-VAfile file>]
|
||||
[B<-validity_period n>]
|
||||
@@ -143,6 +144,10 @@ connection timeout to the OCSP responder
|
||||
file or pathname containing trusted CA certificates. These are used to verify
|
||||
the signature on the OCSP response.
|
||||
|
||||
+=item B<-no_alt_chains>
|
||||
+
|
||||
+See L<B<verify>|verify(1)> manual page for details.
|
||||
+
|
||||
=item B<-trusted_first>
|
||||
|
||||
Use certificates in CA file or CA directory over certificates provided
|
||||
diff -up openssl-1.0.1k/doc/apps/s_client.pod.alt-chains openssl-1.0.1k/doc/apps/s_client.pod
|
||||
--- openssl-1.0.1k/doc/apps/s_client.pod.alt-chains 2015-07-09 14:58:55.952753746 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/s_client.pod 2015-07-09 14:58:55.973754245 +0200
|
||||
@@ -19,6 +19,7 @@ B<openssl> B<s_client>
|
||||
[B<-pass arg>]
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile filename>]
|
||||
+[B<-no_alt_chains>]
|
||||
[B<-trusted_first>]
|
||||
[B<-reconnect>]
|
||||
[B<-pause>]
|
||||
@@ -122,7 +123,7 @@ also used when building the client certi
|
||||
A file containing trusted certificates to use during server authentication
|
||||
and to use when attempting to build the client certificate chain.
|
||||
|
||||
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first>
|
||||
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
|
||||
|
||||
Set various certificate chain valiadition option. See the
|
||||
L<B<verify>|verify(1)> manual page for details.
|
||||
diff -up openssl-1.0.1k/doc/apps/smime.pod.alt-chains openssl-1.0.1k/doc/apps/smime.pod
|
||||
--- openssl-1.0.1k/doc/apps/smime.pod.alt-chains 2015-07-09 14:58:55.952753746 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/smime.pod 2015-07-09 14:58:55.973754245 +0200
|
||||
@@ -17,6 +17,7 @@ B<openssl> B<smime>
|
||||
[B<-in file>]
|
||||
[B<-CAfile file>]
|
||||
[B<-CApath dir>]
|
||||
+[B<-no_alt_chains>]
|
||||
[B<-trusted_first>]
|
||||
[B<-certfile file>]
|
||||
[B<-signer file>]
|
||||
@@ -268,7 +269,7 @@ portion of a message so they may be incl
|
||||
then many S/MIME mail clients check the signers certificate's email
|
||||
address matches that specified in the From: address.
|
||||
|
||||
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
|
||||
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains>
|
||||
|
||||
Set various options of certificate chain verification. See
|
||||
L<B<verify>|verify(1)> manual page for details.
|
||||
diff -up openssl-1.0.1k/doc/apps/s_server.pod.alt-chains openssl-1.0.1k/doc/apps/s_server.pod
|
||||
--- openssl-1.0.1k/doc/apps/s_server.pod.alt-chains 2015-07-09 14:58:55.952753746 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/s_server.pod 2015-07-09 14:58:55.973754245 +0200
|
||||
@@ -33,6 +33,7 @@ B<openssl> B<s_server>
|
||||
[B<-state>]
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile filename>]
|
||||
+[B<-no_alt_chains>]
|
||||
[B<-trusted_first>]
|
||||
[B<-nocert>]
|
||||
[B<-cipher cipherlist>]
|
||||
@@ -179,6 +180,10 @@ and to use when attempting to build the
|
||||
is also used in the list of acceptable client CAs passed to the client when
|
||||
a certificate is requested.
|
||||
|
||||
+=item B<-no_alt_chains>
|
||||
+
|
||||
+See the L<B<verify>|verify(1)> manual page for details.
|
||||
+
|
||||
=item B<-trusted_first>
|
||||
|
||||
Use certificates in CA file or CA directory before other certificates
|
||||
diff -up openssl-1.0.1k/doc/apps/verify.pod.alt-chains openssl-1.0.1k/doc/apps/verify.pod
|
||||
--- openssl-1.0.1k/doc/apps/verify.pod.alt-chains 2015-07-09 14:58:55.952753746 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/verify.pod 2015-07-09 14:58:55.973754245 +0200
|
||||
@@ -23,6 +23,7 @@ B<openssl> B<verify>
|
||||
[B<-extended_crl>]
|
||||
[B<-use_deltas>]
|
||||
[B<-policy_print>]
|
||||
+[B<-no_alt_chains>]
|
||||
[B<-untrusted file>]
|
||||
[B<-help>]
|
||||
[B<-issuer_checks>]
|
||||
@@ -115,6 +116,14 @@ Set policy variable inhibit-any-policy (
|
||||
|
||||
Set policy variable inhibit-policy-mapping (see RFC5280).
|
||||
|
||||
+=item B<-no_alt_chains>
|
||||
+
|
||||
+When building a certificate chain, if the first certificate chain found is not
|
||||
+trusted, then OpenSSL will continue to check to see if an alternative chain can
|
||||
+be found that is trusted. With this option that behaviour is suppressed so that
|
||||
+only the first chain found is ever used. Using this option will force the
|
||||
+behaviour to match that of previous OpenSSL versions.
|
||||
+
|
||||
=item B<-policy_print>
|
||||
|
||||
Print out diagnostics related to policy processing.
|
||||
diff -up openssl-1.0.1k/doc/crypto/X509_STORE_CTX_new.pod.alt-chains openssl-1.0.1k/doc/crypto/X509_STORE_CTX_new.pod
|
||||
--- openssl-1.0.1k/doc/crypto/X509_STORE_CTX_new.pod.alt-chains 2014-10-15 15:49:15.000000000 +0200
|
||||
+++ openssl-1.0.1k/doc/crypto/X509_STORE_CTX_new.pod 2015-07-09 15:29:16.461174414 +0200
|
||||
@@ -39,10 +39,15 @@ X509_STORE_CTX_free() completely frees u
|
||||
is no longer valid.
|
||||
|
||||
X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
|
||||
-The trusted certificate store is set to B<store>, the end entity certificate
|
||||
-to be verified is set to B<x509> and a set of additional certificates (which
|
||||
-will be untrusted but may be used to build the chain) in B<chain>. Any or
|
||||
-all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
|
||||
+It must be called before each call to X509_verify_cert(), i.e. a B<ctx> is only
|
||||
+good for one call to X509_verify_cert(); if you want to verify a second
|
||||
+certificate with the same B<ctx> then you must call X509_XTORE_CTX_cleanup()
|
||||
+and then X509_STORE_CTX_init() again before the second call to
|
||||
+X509_verify_cert(). The trusted certificate store is set to B<store>, the end
|
||||
+entity certificate to be verified is set to B<x509> and a set of additional
|
||||
+certificates (which will be untrusted but may be used to build the chain) in
|
||||
+B<chain>. Any or all of the B<store>, B<x509> and B<chain> parameters can be
|
||||
+B<NULL>.
|
||||
|
||||
X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
|
||||
to B<sk>. This is an alternative way of specifying trusted certificates
|
||||
diff -up openssl-1.0.1k/doc/crypto/X509_verify_cert.pod.alt-chains openssl-1.0.1k/doc/crypto/X509_verify_cert.pod
|
||||
--- openssl-1.0.1k/doc/crypto/X509_verify_cert.pod.alt-chains 2014-10-15 15:49:15.000000000 +0200
|
||||
+++ openssl-1.0.1k/doc/crypto/X509_verify_cert.pod 2015-07-09 15:29:16.461174414 +0200
|
||||
@@ -32,7 +32,8 @@ OpenSSL internally for certificate valid
|
||||
SSL/TLS code.
|
||||
|
||||
The negative return value from X509_verify_cert() can only occur if no
|
||||
-certificate is set in B<ctx> (due to a programming error) or if a retry
|
||||
+certificate is set in B<ctx> (due to a programming error); if X509_verify_cert()
|
||||
+twice without reinitialising B<ctx> in between; or if a retry
|
||||
operation is requested during internal lookups (which never happens with
|
||||
standard lookup methods). It is however recommended that application check
|
||||
for <= 0 return value on error.
|
||||
diff -up openssl-1.0.1k/doc/crypto/X509_VERIFY_PARAM_set_flags.pod.alt-chains openssl-1.0.1k/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
|
||||
--- openssl-1.0.1k/doc/crypto/X509_VERIFY_PARAM_set_flags.pod.alt-chains 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/doc/crypto/X509_VERIFY_PARAM_set_flags.pod 2015-07-09 14:58:55.973754245 +0200
|
||||
@@ -133,6 +133,12 @@ verification. If this flag is set then a
|
||||
to the verification callback and it B<must> be prepared to handle such cases
|
||||
without assuming they are hard errors.
|
||||
|
||||
+The B<X509_V_FLAG_NO_ALT_CHAINS> flag suppresses checking for alternative
|
||||
+chains. By default, when building a certificate chain, if the first certificate
|
||||
+chain found is not trusted, then OpenSSL will continue to check to see if an
|
||||
+alternative chain can be found that is trusted. With this flag set the behaviour
|
||||
+will match that of OpenSSL versions prior to 1.0.1n and 1.0.2b.
|
||||
+
|
||||
=head1 NOTES
|
||||
|
||||
The above functions should be used to manipulate verification parameters
|
||||
@@ -166,6 +172,6 @@ L<X509_verify_cert(3)|X509_verify_cert(3
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
-TBA
|
||||
+The B<X509_V_FLAG_NO_ALT_CHAINS> flag was added in upstream OpenSSL 1.0.1n and 1.0.2b
|
||||
|
||||
=cut
|
82
openssl-1.0.1k-cve-2015-0209.patch
Normal file
82
openssl-1.0.1k-cve-2015-0209.patch
Normal file
@ -0,0 +1,82 @@
|
||||
diff -up openssl-1.0.1e/crypto/asn1/x_x509.c.use-after-free openssl-1.0.1e/crypto/asn1/x_x509.c
|
||||
--- openssl-1.0.1e/crypto/asn1/x_x509.c.use-after-free 2013-02-11 16:26:04.000000000 +0100
|
||||
+++ openssl-1.0.1e/crypto/asn1/x_x509.c 2015-06-11 11:14:52.581856349 +0200
|
||||
@@ -170,8 +170,14 @@ X509 *d2i_X509_AUX(X509 **a, const unsig
|
||||
{
|
||||
const unsigned char *q;
|
||||
X509 *ret;
|
||||
+ int freeret = 0;
|
||||
+
|
||||
/* Save start position */
|
||||
q = *pp;
|
||||
+
|
||||
+ if(!a || *a == NULL) {
|
||||
+ freeret = 1;
|
||||
+ }
|
||||
ret = d2i_X509(a, pp, length);
|
||||
/* If certificate unreadable then forget it */
|
||||
if(!ret) return NULL;
|
||||
@@ -181,7 +187,11 @@ X509 *d2i_X509_AUX(X509 **a, const unsig
|
||||
if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
|
||||
return ret;
|
||||
err:
|
||||
- X509_free(ret);
|
||||
+ if(freeret) {
|
||||
+ X509_free(ret);
|
||||
+ if (a)
|
||||
+ *a = NULL;
|
||||
+ }
|
||||
return NULL;
|
||||
}
|
||||
|
||||
diff -up openssl-1.0.1k/crypto/ec/ec_asn1.c.use-after-free openssl-1.0.1k/crypto/ec/ec_asn1.c
|
||||
--- openssl-1.0.1k/crypto/ec/ec_asn1.c.use-after-free 2014-10-15 15:49:54.000000000 +0200
|
||||
+++ openssl-1.0.1k/crypto/ec/ec_asn1.c 2015-03-19 17:28:03.349627040 +0100
|
||||
@@ -1142,8 +1142,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
|
||||
ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
- if (a)
|
||||
- *a = ret;
|
||||
}
|
||||
else
|
||||
ret = *a;
|
||||
@@ -1225,11 +1223,13 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, con
|
||||
ret->enc_flag |= EC_PKEY_NO_PUBKEY;
|
||||
}
|
||||
|
||||
+ if (a)
|
||||
+ *a = ret;
|
||||
ok = 1;
|
||||
err:
|
||||
if (!ok)
|
||||
{
|
||||
- if (ret)
|
||||
+ if (ret && (a == NULL || *a != ret))
|
||||
EC_KEY_free(ret);
|
||||
ret = NULL;
|
||||
}
|
||||
@@ -1377,8 +1377,6 @@ EC_KEY *d2i_ECParameters(EC_KEY **a, con
|
||||
ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
- if (a)
|
||||
- *a = ret;
|
||||
}
|
||||
else
|
||||
ret = *a;
|
||||
@@ -1386,9 +1384,14 @@ EC_KEY *d2i_ECParameters(EC_KEY **a, con
|
||||
if (!d2i_ECPKParameters(&ret->group, in, len))
|
||||
{
|
||||
ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
|
||||
+ if (a == NULL || *a != ret)
|
||||
+ EC_KEY_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
+ if (a)
|
||||
+ *a = ret;
|
||||
+
|
||||
return ret;
|
||||
}
|
||||
|
163
openssl-1.0.1k-cve-2015-0289.patch
Normal file
163
openssl-1.0.1k-cve-2015-0289.patch
Normal file
@ -0,0 +1,163 @@
|
||||
diff -up openssl-1.0.1k/crypto/pkcs7/pk7_doit.c.pkcs7-null-deref openssl-1.0.1k/crypto/pkcs7/pk7_doit.c
|
||||
--- openssl-1.0.1k/crypto/pkcs7/pk7_doit.c.pkcs7-null-deref 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/crypto/pkcs7/pk7_doit.c 2015-03-19 17:30:36.797650980 +0100
|
||||
@@ -272,6 +272,27 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
|
||||
PKCS7_RECIP_INFO *ri=NULL;
|
||||
ASN1_OCTET_STRING *os=NULL;
|
||||
|
||||
+ if (p7 == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ /*
|
||||
+ * The content field in the PKCS7 ContentInfo is optional, but that really
|
||||
+ * only applies to inner content (precisely, detached signatures).
|
||||
+ *
|
||||
+ * When reading content, missing outer content is therefore treated as an
|
||||
+ * error.
|
||||
+ *
|
||||
+ * When creating content, PKCS7_content_new() must be called before
|
||||
+ * calling this method, so a NULL p7->d is always an error.
|
||||
+ */
|
||||
+ if (p7->d.ptr == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
i=OBJ_obj2nid(p7->type);
|
||||
p7->state=PKCS7_S_HEADER;
|
||||
|
||||
@@ -433,6 +454,18 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE
|
||||
unsigned char *ek = NULL, *tkey = NULL;
|
||||
int eklen = 0, tkeylen = 0;
|
||||
|
||||
+ if (p7 == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ if (p7->d.ptr == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
i=OBJ_obj2nid(p7->type);
|
||||
p7->state=PKCS7_S_HEADER;
|
||||
|
||||
@@ -752,6 +785,18 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL;
|
||||
ASN1_OCTET_STRING *os=NULL;
|
||||
|
||||
+ if (p7 == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ if (p7->d.ptr == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
EVP_MD_CTX_init(&ctx_tmp);
|
||||
i=OBJ_obj2nid(p7->type);
|
||||
p7->state=PKCS7_S_HEADER;
|
||||
@@ -796,6 +841,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
/* If detached data then the content is excluded */
|
||||
if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
|
||||
M_ASN1_OCTET_STRING_free(os);
|
||||
+ os = NULL;
|
||||
p7->d.sign->contents->d.data = NULL;
|
||||
}
|
||||
break;
|
||||
@@ -806,6 +852,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached)
|
||||
{
|
||||
M_ASN1_OCTET_STRING_free(os);
|
||||
+ os = NULL;
|
||||
p7->d.digest->contents->d.data = NULL;
|
||||
}
|
||||
break;
|
||||
@@ -878,23 +925,32 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
|
||||
M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
|
||||
}
|
||||
|
||||
- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF))
|
||||
+ if (!PKCS7_is_detached(p7))
|
||||
{
|
||||
- char *cont;
|
||||
- long contlen;
|
||||
- btmp=BIO_find_type(bio,BIO_TYPE_MEM);
|
||||
- if (btmp == NULL)
|
||||
- {
|
||||
- PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
|
||||
+ /*
|
||||
+ * NOTE(emilia): I think we only reach os == NULL here because detached
|
||||
+ * digested data support is broken.
|
||||
+ */
|
||||
+ if (os == NULL)
|
||||
goto err;
|
||||
+ if (!(os->flags & ASN1_STRING_FLAG_NDEF))
|
||||
+ {
|
||||
+ char *cont;
|
||||
+ long contlen;
|
||||
+ btmp=BIO_find_type(bio,BIO_TYPE_MEM);
|
||||
+ if (btmp == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
|
||||
+ goto err;
|
||||
+ }
|
||||
+ contlen = BIO_get_mem_data(btmp, &cont);
|
||||
+ /* Mark the BIO read only then we can use its copy of the data
|
||||
+ * instead of making an extra copy.
|
||||
+ */
|
||||
+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
|
||||
+ BIO_set_mem_eof_return(btmp, 0);
|
||||
+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
|
||||
}
|
||||
- contlen = BIO_get_mem_data(btmp, &cont);
|
||||
- /* Mark the BIO read only then we can use its copy of the data
|
||||
- * instead of making an extra copy.
|
||||
- */
|
||||
- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
|
||||
- BIO_set_mem_eof_return(btmp, 0);
|
||||
- ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
|
||||
}
|
||||
ret=1;
|
||||
err:
|
||||
@@ -971,6 +1027,18 @@ int PKCS7_dataVerify(X509_STORE *cert_st
|
||||
STACK_OF(X509) *cert;
|
||||
X509 *x509;
|
||||
|
||||
+ if (p7 == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ if (p7->d.ptr == NULL)
|
||||
+ {
|
||||
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
if (PKCS7_type_is_signed(p7))
|
||||
{
|
||||
cert=p7->d.sign->cert;
|
||||
diff -up openssl-1.0.1k/crypto/pkcs7/pk7_lib.c.pkcs7-null-deref openssl-1.0.1k/crypto/pkcs7/pk7_lib.c
|
||||
--- openssl-1.0.1k/crypto/pkcs7/pk7_lib.c.pkcs7-null-deref 2014-10-15 15:49:15.000000000 +0200
|
||||
+++ openssl-1.0.1k/crypto/pkcs7/pk7_lib.c 2015-03-19 17:30:36.797650980 +0100
|
||||
@@ -459,6 +459,8 @@ int PKCS7_set_digest(PKCS7 *p7, const EV
|
||||
|
||||
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
|
||||
{
|
||||
+ if (p7 == NULL || p7->d.ptr == NULL)
|
||||
+ return NULL;
|
||||
if (PKCS7_type_is_signed(p7))
|
||||
{
|
||||
return(p7->d.sign->signer_info);
|
231
openssl-1.0.1k-cve-2015-1791.patch
Normal file
231
openssl-1.0.1k-cve-2015-1791.patch
Normal file
@ -0,0 +1,231 @@
|
||||
diff -up openssl-1.0.1k/ssl/ssl_err.c.ticket-race openssl-1.0.1k/ssl/ssl_err.c
|
||||
--- openssl-1.0.1k/ssl/ssl_err.c.ticket-race 2015-06-15 17:06:22.699702477 +0200
|
||||
+++ openssl-1.0.1k/ssl/ssl_err.c 2015-06-15 17:06:22.704702592 +0200
|
||||
@@ -245,6 +245,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
|
||||
{ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
|
||||
{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
|
||||
{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
|
||||
+{ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
|
||||
{ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
|
||||
{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
|
||||
{ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT), "SSL_SESSION_set1_id_context"},
|
||||
diff -up openssl-1.0.1k/ssl/ssl.h.ticket-race openssl-1.0.1k/ssl/ssl.h
|
||||
--- openssl-1.0.1k/ssl/ssl.h.ticket-race 2015-06-15 17:06:22.700702500 +0200
|
||||
+++ openssl-1.0.1k/ssl/ssl.h 2015-06-15 17:06:22.704702592 +0200
|
||||
@@ -2203,6 +2203,7 @@ void ERR_load_SSL_strings(void);
|
||||
#define SSL_F_SSL_READ 223
|
||||
#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
|
||||
#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
|
||||
+#define SSL_F_SSL_SESSION_DUP 348
|
||||
#define SSL_F_SSL_SESSION_NEW 189
|
||||
#define SSL_F_SSL_SESSION_PRINT_FP 190
|
||||
#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
|
||||
diff -up openssl-1.0.1k/ssl/ssl_locl.h.ticket-race openssl-1.0.1k/ssl/ssl_locl.h
|
||||
--- openssl-1.0.1k/ssl/ssl_locl.h.ticket-race 2015-06-15 17:06:22.543698865 +0200
|
||||
+++ openssl-1.0.1k/ssl/ssl_locl.h 2015-06-15 17:06:22.705702616 +0200
|
||||
@@ -831,6 +831,7 @@ void ssl_sess_cert_free(SESS_CERT *sc);
|
||||
int ssl_set_peer_cert_type(SESS_CERT *c, int type);
|
||||
int ssl_get_new_session(SSL *s, int session);
|
||||
int ssl_get_prev_session(SSL *s, unsigned char *session,int len, const unsigned char *limit);
|
||||
+SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket);
|
||||
int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
|
||||
DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
|
||||
ssl_cipher_id);
|
||||
diff -up openssl-1.0.1k/ssl/ssl_sess.c.ticket-race openssl-1.0.1k/ssl/ssl_sess.c
|
||||
--- openssl-1.0.1k/ssl/ssl_sess.c.ticket-race 2015-01-08 15:00:56.000000000 +0100
|
||||
+++ openssl-1.0.1k/ssl/ssl_sess.c 2015-06-15 17:06:22.705702616 +0200
|
||||
@@ -224,6 +224,146 @@ SSL_SESSION *SSL_SESSION_new(void)
|
||||
return(ss);
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
|
||||
+ * ticket == 0 then no ticket information is duplicated, otherwise it is.
|
||||
+ */
|
||||
+SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
|
||||
+{
|
||||
+ SSL_SESSION *dest;
|
||||
+
|
||||
+ dest = OPENSSL_malloc(sizeof(*src));
|
||||
+ if (dest == NULL)
|
||||
+ {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ memcpy(dest, src, sizeof(*dest));
|
||||
+
|
||||
+ /*
|
||||
+ * Set the various pointers to NULL so that we can call SSL_SESSION_free in
|
||||
+ * the case of an error whilst halfway through constructing dest
|
||||
+ */
|
||||
+#ifndef OPENSSL_NO_PSK
|
||||
+ dest->psk_identity_hint = NULL;
|
||||
+ dest->psk_identity = NULL;
|
||||
+#endif
|
||||
+ dest->ciphers = NULL;
|
||||
+#ifndef OPENSSL_NO_TLSEXT
|
||||
+ dest->tlsext_hostname = NULL;
|
||||
+# ifndef OPENSSL_NO_EC
|
||||
+ dest->tlsext_ecpointformatlist = NULL;
|
||||
+ dest->tlsext_ellipticcurvelist = NULL;
|
||||
+# endif
|
||||
+#endif
|
||||
+ dest->tlsext_tick = NULL;
|
||||
+#ifndef OPENSSL_NO_SRP
|
||||
+ dest->srp_username = NULL;
|
||||
+#endif
|
||||
+ memset(&dest->ex_data, 0, sizeof(dest->ex_data));
|
||||
+
|
||||
+ /* We deliberately don't copy the prev and next pointers */
|
||||
+ dest->prev = NULL;
|
||||
+ dest->next = NULL;
|
||||
+
|
||||
+ dest->references = 1;
|
||||
+
|
||||
+ if (src->sess_cert != NULL)
|
||||
+ CRYPTO_add(&src->sess_cert->references, 1, CRYPTO_LOCK_SSL_SESS_CERT);
|
||||
+
|
||||
+ if (src->peer != NULL)
|
||||
+ CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
|
||||
+
|
||||
+#ifndef OPENSSL_NO_PSK
|
||||
+ if (src->psk_identity_hint)
|
||||
+ {
|
||||
+ dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);
|
||||
+ if (dest->psk_identity_hint == NULL)
|
||||
+ {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ }
|
||||
+ if (src->psk_identity)
|
||||
+ {
|
||||
+ dest->psk_identity = BUF_strdup(src->psk_identity);
|
||||
+ if (dest->psk_identity == NULL)
|
||||
+ {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ if(src->ciphers != NULL)
|
||||
+ {
|
||||
+ dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
|
||||
+ if (dest->ciphers == NULL)
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
|
||||
+ &dest->ex_data, &src->ex_data))
|
||||
+ {
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+#ifndef OPENSSL_NO_TLSEXT
|
||||
+ if (src->tlsext_hostname)
|
||||
+ {
|
||||
+ dest->tlsext_hostname = BUF_strdup(src->tlsext_hostname);
|
||||
+ if (dest->tlsext_hostname == NULL)
|
||||
+ {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ }
|
||||
+# ifndef OPENSSL_NO_EC
|
||||
+ if (src->tlsext_ecpointformatlist)
|
||||
+ {
|
||||
+ dest->tlsext_ecpointformatlist =
|
||||
+ BUF_memdup(src->tlsext_ecpointformatlist,
|
||||
+ src->tlsext_ecpointformatlist_length);
|
||||
+ if (dest->tlsext_ecpointformatlist == NULL)
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (src->tlsext_ellipticcurvelist)
|
||||
+ {
|
||||
+ dest->tlsext_ellipticcurvelist =
|
||||
+ BUF_memdup(src->tlsext_ellipticcurvelist,
|
||||
+ src->tlsext_ellipticcurvelist_length);
|
||||
+ if (dest->tlsext_ellipticcurvelist == NULL)
|
||||
+ goto err;
|
||||
+ }
|
||||
+# endif
|
||||
+#endif
|
||||
+
|
||||
+ if (ticket != 0)
|
||||
+ {
|
||||
+ dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
|
||||
+ if(dest->tlsext_tick == NULL)
|
||||
+ goto err;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ dest->tlsext_tick_lifetime_hint = 0;
|
||||
+ dest->tlsext_ticklen = 0;
|
||||
+ }
|
||||
+
|
||||
+#ifndef OPENSSL_NO_SRP
|
||||
+ if (src->srp_username)
|
||||
+ {
|
||||
+ dest->srp_username = BUF_strdup(src->srp_username);
|
||||
+ if (dest->srp_username == NULL)
|
||||
+ {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ return dest;
|
||||
+err:
|
||||
+ SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
|
||||
+ SSL_SESSION_free(dest);
|
||||
+ return NULL;
|
||||
+}
|
||||
+
|
||||
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
|
||||
{
|
||||
if(len)
|
||||
diff -up openssl-1.0.1k/ssl/s3_clnt.c.ticket-race openssl-1.0.1k/ssl/s3_clnt.c
|
||||
--- openssl-1.0.1k/ssl/s3_clnt.c.ticket-race 2015-06-15 17:06:22.700702500 +0200
|
||||
+++ openssl-1.0.1k/ssl/s3_clnt.c 2015-06-15 17:06:37.434043557 +0200
|
||||
@@ -2191,6 +2191,44 @@ int ssl3_get_new_session_ticket(SSL *s)
|
||||
}
|
||||
|
||||
p=d=(unsigned char *)s->init_msg;
|
||||
+
|
||||
+ if (s->session->session_id_length > 0)
|
||||
+ {
|
||||
+ int i = s->session_ctx->session_cache_mode;
|
||||
+ SSL_SESSION *new_sess;
|
||||
+ /*
|
||||
+ * We reused an existing session, so we need to replace it with a new
|
||||
+ * one
|
||||
+ */
|
||||
+ if (i & SSL_SESS_CACHE_CLIENT)
|
||||
+ {
|
||||
+ /*
|
||||
+ * Remove the old session from the cache
|
||||
+ */
|
||||
+ if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
|
||||
+ {
|
||||
+ if (s->session_ctx->remove_session_cb != NULL)
|
||||
+ s->session_ctx->remove_session_cb(s->session_ctx,
|
||||
+ s->session);
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ /* We carry on if this fails */
|
||||
+ SSL_CTX_remove_session(s->session_ctx, s->session);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if ((new_sess = ssl_session_dup(s->session, 0)) == 0)
|
||||
+ {
|
||||
+ al = SSL_AD_INTERNAL_ERROR;
|
||||
+ SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
|
||||
+ goto f_err;
|
||||
+ }
|
||||
+
|
||||
+ SSL_SESSION_free(s->session);
|
||||
+ s->session = new_sess;
|
||||
+ }
|
||||
+
|
||||
n2l(p, s->session->tlsext_tick_lifetime_hint);
|
||||
n2s(p, ticklen);
|
||||
/* ticket_lifetime_hint + ticket_length + ticket */
|
208
openssl-1.0.1k-cve-2015-4000.patch
Normal file
208
openssl-1.0.1k-cve-2015-4000.patch
Normal file
@ -0,0 +1,208 @@
|
||||
diff -up openssl-1.0.1k/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod.logjam openssl-1.0.1k/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
|
||||
--- openssl-1.0.1k/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod.logjam 2015-05-29 16:02:33.335187143 +0200
|
||||
+++ openssl-1.0.1k/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod 2015-05-29 16:05:16.611940775 +0200
|
||||
@@ -61,12 +61,12 @@ negotiation is being saved.
|
||||
|
||||
If "strong" primes were used to generate the DH parameters, it is not strictly
|
||||
necessary to generate a new key for each handshake but it does improve forward
|
||||
-secrecy. If it is not assured, that "strong" primes were used (see especially
|
||||
-the section about DSA parameters below), SSL_OP_SINGLE_DH_USE must be used
|
||||
-in order to prevent small subgroup attacks. Always using SSL_OP_SINGLE_DH_USE
|
||||
-has an impact on the computer time needed during negotiation, but it is not
|
||||
-very large, so application authors/users should consider to always enable
|
||||
-this option.
|
||||
+secrecy. If it is not assured that "strong" primes were used,
|
||||
+SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup
|
||||
+attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the
|
||||
+computer time needed during negotiation, but it is not very large, so
|
||||
+application authors/users should consider always enabling this option.
|
||||
+The option is required to implement perfect forward secrecy (PFS).
|
||||
|
||||
As generating DH parameters is extremely time consuming, an application
|
||||
should not generate the parameters on the fly but supply the parameters.
|
||||
@@ -74,82 +74,62 @@ DH parameters can be reused, as the actu
|
||||
the negotiation. The risk in reusing DH parameters is that an attacker
|
||||
may specialize on a very often used DH group. Applications should therefore
|
||||
generate their own DH parameters during the installation process using the
|
||||
-openssl L<dhparam(1)|dhparam(1)> application. In order to reduce the computer
|
||||
-time needed for this generation, it is possible to use DSA parameters
|
||||
-instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
|
||||
-is mandatory.
|
||||
+openssl L<dhparam(1)|dhparam(1)> application. This application
|
||||
+guarantees that "strong" primes are used.
|
||||
|
||||
-Application authors may compile in DH parameters. Files dh512.pem,
|
||||
-dh1024.pem, dh2048.pem, and dh4096.pem in the 'apps' directory of current
|
||||
+Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current
|
||||
version of the OpenSSL distribution contain the 'SKIP' DH parameters,
|
||||
which use safe primes and were generated verifiably pseudo-randomly.
|
||||
These files can be converted into C code using the B<-C> option of the
|
||||
-L<dhparam(1)|dhparam(1)> application.
|
||||
-Authors may also generate their own set of parameters using
|
||||
-L<dhparam(1)|dhparam(1)>, but a user may not be sure how the parameters were
|
||||
-generated. The generation of DH parameters during installation is therefore
|
||||
-recommended.
|
||||
+L<dhparam(1)|dhparam(1)> application. Generation of custom DH
|
||||
+parameters during installation should still be preferred to stop an
|
||||
+attacker from specializing on a commonly used group. Files dh1024.pem
|
||||
+and dh512.pem contain old parameters that must not be used by
|
||||
+applications.
|
||||
|
||||
An application may either directly specify the DH parameters or
|
||||
-can supply the DH parameters via a callback function. The callback approach
|
||||
-has the advantage, that the callback may supply DH parameters for different
|
||||
-key lengths.
|
||||
-
|
||||
-The B<tmp_dh_callback> is called with the B<keylength> needed and
|
||||
-the B<is_export> information. The B<is_export> flag is set, when the
|
||||
-ephemeral DH key exchange is performed with an export cipher.
|
||||
+can supply the DH parameters via a callback function.
|
||||
+
|
||||
+Previous versions of the callback used B<is_export> and B<keylength>
|
||||
+parameters to control parameter generation for export and non-export
|
||||
+cipher suites. Modern servers that do not support export ciphersuites
|
||||
+are advised to either use SSL_CTX_set_tmp_dh() in combination with
|
||||
+SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore
|
||||
+B<keylength> and B<is_export> and simply supply at least 2048-bit
|
||||
+parameters in the callback.
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
||||
-Handle DH parameters for key lengths of 512 and 1024 bits. (Error handling
|
||||
+Setup DH parameters with a key length of 2048 bits. (Error handling
|
||||
partly left out.)
|
||||
|
||||
- ...
|
||||
- /* Set up ephemeral DH stuff */
|
||||
- DH *dh_512 = NULL;
|
||||
- DH *dh_1024 = NULL;
|
||||
- FILE *paramfile;
|
||||
+ Command-line parameter generation:
|
||||
+ $ openssl dhparam -out dh_param_2048.pem 2048
|
||||
+
|
||||
+ Code for setting up parameters during server initialization:
|
||||
|
||||
...
|
||||
- /* "openssl dhparam -out dh_param_512.pem -2 512" */
|
||||
- paramfile = fopen("dh_param_512.pem", "r");
|
||||
+ SSL_CTX ctx = SSL_CTX_new();
|
||||
+ ...
|
||||
+
|
||||
+ /* Set up ephemeral DH parameters. */
|
||||
+ DH *dh_2048 = NULL;
|
||||
+ FILE *paramfile;
|
||||
+ paramfile = fopen("dh_param_2048.pem", "r");
|
||||
if (paramfile) {
|
||||
- dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
|
||||
+ dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
|
||||
fclose(paramfile);
|
||||
+ } else {
|
||||
+ /* Error. */
|
||||
}
|
||||
- /* "openssl dhparam -out dh_param_1024.pem -2 1024" */
|
||||
- paramfile = fopen("dh_param_1024.pem", "r");
|
||||
- if (paramfile) {
|
||||
- dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
|
||||
- fclose(paramfile);
|
||||
+ if (dh_2048 == NULL) {
|
||||
+ /* Error. */
|
||||
}
|
||||
- ...
|
||||
-
|
||||
- /* "openssl dhparam -C -2 512" etc... */
|
||||
- DH *get_dh512() { ... }
|
||||
- DH *get_dh1024() { ... }
|
||||
-
|
||||
- DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
|
||||
- {
|
||||
- DH *dh_tmp=NULL;
|
||||
-
|
||||
- switch (keylength) {
|
||||
- case 512:
|
||||
- if (!dh_512)
|
||||
- dh_512 = get_dh512();
|
||||
- dh_tmp = dh_512;
|
||||
- break;
|
||||
- case 1024:
|
||||
- if (!dh_1024)
|
||||
- dh_1024 = get_dh1024();
|
||||
- dh_tmp = dh_1024;
|
||||
- break;
|
||||
- default:
|
||||
- /* Generating a key on the fly is very costly, so use what is there */
|
||||
- setup_dh_parameters_like_above();
|
||||
+ if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
|
||||
+ /* Error. */
|
||||
}
|
||||
- return(dh_tmp);
|
||||
- }
|
||||
+ SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
|
||||
+ ...
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
diff -up openssl-1.0.1k/ssl/ssl_err.c.logjam openssl-1.0.1k/ssl/ssl_err.c
|
||||
--- openssl-1.0.1k/ssl/ssl_err.c.logjam 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/ssl/ssl_err.c 2015-05-29 16:02:33.336187166 +0200
|
||||
@@ -362,6 +362,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
||||
{ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG) ,"data length too long"},
|
||||
{ERR_REASON(SSL_R_DECRYPTION_FAILED) ,"decryption failed"},
|
||||
{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),"decryption failed or bad record mac"},
|
||||
+{ERR_REASON(SSL_R_DH_KEY_TOO_SMALL) ,"dh key too small"},
|
||||
{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),"dh public value length is wrong"},
|
||||
{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED) ,"digest check failed"},
|
||||
{ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG) ,"dtls message too big"},
|
||||
diff -up openssl-1.0.1k/ssl/ssl.h.logjam openssl-1.0.1k/ssl/ssl.h
|
||||
--- openssl-1.0.1k/ssl/ssl.h.logjam 2015-05-29 16:02:19.210862433 +0200
|
||||
+++ openssl-1.0.1k/ssl/ssl.h 2015-05-29 16:02:33.337187189 +0200
|
||||
@@ -2317,6 +2317,7 @@ void ERR_load_SSL_strings(void);
|
||||
#define SSL_R_DATA_LENGTH_TOO_LONG 146
|
||||
#define SSL_R_DECRYPTION_FAILED 147
|
||||
#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
|
||||
+#define SSL_R_DH_KEY_TOO_SMALL 372
|
||||
#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
|
||||
#define SSL_R_DIGEST_CHECK_FAILED 149
|
||||
#define SSL_R_DTLS_MESSAGE_TOO_BIG 334
|
||||
diff -up openssl-1.0.1k/ssl/s3_clnt.c.logjam openssl-1.0.1k/ssl/s3_clnt.c
|
||||
--- openssl-1.0.1k/ssl/s3_clnt.c.logjam 2015-01-08 15:00:56.000000000 +0100
|
||||
+++ openssl-1.0.1k/ssl/s3_clnt.c 2015-05-29 16:02:33.338187212 +0200
|
||||
@@ -3393,24 +3393,34 @@ int ssl3_check_cert_and_algorithm(SSL *s
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DH
|
||||
- if ((alg_k & SSL_kEDH) &&
|
||||
- !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
|
||||
+ if ((alg_k & SSL_kEDH) && dh == NULL)
|
||||
{
|
||||
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
|
||||
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
|
||||
goto f_err;
|
||||
}
|
||||
- else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
|
||||
+ if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
|
||||
{
|
||||
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
|
||||
goto f_err;
|
||||
}
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
- else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
|
||||
+ if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
|
||||
{
|
||||
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
|
||||
goto f_err;
|
||||
}
|
||||
#endif
|
||||
+ /* Check DHE only: static DH not implemented. */
|
||||
+ if (alg_k & SSL_kEDH)
|
||||
+ {
|
||||
+ int dh_size = BN_num_bits(dh->p);
|
||||
+ if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
|
||||
+ || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512))
|
||||
+ {
|
||||
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
|
||||
+ goto f_err;
|
||||
+ }
|
||||
+ }
|
||||
#endif
|
||||
|
||||
if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
|
26
openssl-1.0.1k-dtls1-abi.patch
Normal file
26
openssl-1.0.1k-dtls1-abi.patch
Normal file
@ -0,0 +1,26 @@
|
||||
diff -up openssl-1.0.1k/ssl/dtls1.h.dtls1-abi openssl-1.0.1k/ssl/dtls1.h
|
||||
--- openssl-1.0.1k/ssl/dtls1.h.dtls1-abi 2015-01-09 09:58:59.332596897 +0100
|
||||
+++ openssl-1.0.1k/ssl/dtls1.h 2015-01-09 10:02:34.908472320 +0100
|
||||
@@ -231,10 +231,6 @@ typedef struct dtls1_state_st
|
||||
*/
|
||||
record_pqueue buffered_app_data;
|
||||
|
||||
- /* Is set when listening for new connections with dtls1_listen() */
|
||||
- unsigned int listen;
|
||||
-
|
||||
- unsigned int link_mtu; /* max on-the-wire DTLS packet size */
|
||||
unsigned int mtu; /* max DTLS packet size */
|
||||
|
||||
struct hm_header_st w_msg_hdr;
|
||||
@@ -262,6 +258,11 @@ typedef struct dtls1_state_st
|
||||
*/
|
||||
unsigned int change_cipher_spec_ok;
|
||||
|
||||
+ /* Is set when listening for new connections with dtls1_listen() */
|
||||
+ unsigned int listen;
|
||||
+
|
||||
+ unsigned int link_mtu; /* max on-the-wire DTLS packet size */
|
||||
+
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* used when SSL_ST_XX_FLUSH is entered */
|
||||
int next_state;
|
130
openssl-1.0.1k-ecc-suiteb.patch
Normal file
130
openssl-1.0.1k-ecc-suiteb.patch
Normal file
@ -0,0 +1,130 @@
|
||||
diff -up openssl-1.0.1k/apps/speed.c.suiteb openssl-1.0.1k/apps/speed.c
|
||||
--- openssl-1.0.1k/apps/speed.c.suiteb 2015-01-09 10:03:38.406908388 +0100
|
||||
+++ openssl-1.0.1k/apps/speed.c 2015-01-09 10:03:38.602912821 +0100
|
||||
@@ -966,49 +966,23 @@ int MAIN(int argc, char **argv)
|
||||
else
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDSA
|
||||
- if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
|
||||
- else if (strcmp(*argv,"ecdsap192") == 0) ecdsa_doit[R_EC_P192]=2;
|
||||
- else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
|
||||
- else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
|
||||
+ if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
|
||||
else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2;
|
||||
else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2;
|
||||
- else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2;
|
||||
- else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2;
|
||||
- else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2;
|
||||
- else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2;
|
||||
- else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2;
|
||||
- else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2;
|
||||
- else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2;
|
||||
- else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2;
|
||||
- else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2;
|
||||
- else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2;
|
||||
else if (strcmp(*argv,"ecdsa") == 0)
|
||||
{
|
||||
- for (i=0; i < EC_NUM; i++)
|
||||
+ for (i=R_EC_P256; i <= R_EC_P521; i++)
|
||||
ecdsa_doit[i]=1;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
- if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
|
||||
- else if (strcmp(*argv,"ecdhp192") == 0) ecdh_doit[R_EC_P192]=2;
|
||||
- else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
|
||||
- else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
|
||||
+ if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
|
||||
else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2;
|
||||
else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2;
|
||||
- else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2;
|
||||
- else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2;
|
||||
- else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2;
|
||||
- else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2;
|
||||
- else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2;
|
||||
- else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2;
|
||||
- else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2;
|
||||
- else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2;
|
||||
- else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2;
|
||||
- else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2;
|
||||
else if (strcmp(*argv,"ecdh") == 0)
|
||||
{
|
||||
- for (i=0; i < EC_NUM; i++)
|
||||
+ for (i=R_EC_P256; i <= R_EC_P521; i++)
|
||||
ecdh_doit[i]=1;
|
||||
}
|
||||
else
|
||||
@@ -1097,15 +1071,11 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n");
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDSA
|
||||
- BIO_printf(bio_err,"ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
|
||||
- BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
|
||||
- BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
|
||||
+ BIO_printf(bio_err,"ecdsap256 ecdsap384 ecdsap521\n");
|
||||
BIO_printf(bio_err,"ecdsa\n");
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
- BIO_printf(bio_err,"ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n");
|
||||
- BIO_printf(bio_err,"ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
|
||||
- BIO_printf(bio_err,"ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n");
|
||||
+ BIO_printf(bio_err,"ecdhp256 ecdhp384 ecdhp521\n");
|
||||
BIO_printf(bio_err,"ecdh\n");
|
||||
#endif
|
||||
|
||||
@@ -1184,11 +1154,11 @@ int MAIN(int argc, char **argv)
|
||||
if (!FIPS_mode() || i != R_DSA_512)
|
||||
dsa_doit[i]=1;
|
||||
#ifndef OPENSSL_NO_ECDSA
|
||||
- for (i=0; i<EC_NUM; i++)
|
||||
+ for (i=R_EC_P256; i <= R_EC_P521; i++)
|
||||
ecdsa_doit[i]=1;
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_ECDH
|
||||
- for (i=0; i<EC_NUM; i++)
|
||||
+ for (i=R_EC_P256; i <= R_EC_P521; i++)
|
||||
ecdh_doit[i]=1;
|
||||
#endif
|
||||
}
|
||||
diff -up openssl-1.0.1k/ssl/t1_lib.c.suiteb openssl-1.0.1k/ssl/t1_lib.c
|
||||
--- openssl-1.0.1k/ssl/t1_lib.c.suiteb 2015-01-09 10:03:38.603912844 +0100
|
||||
+++ openssl-1.0.1k/ssl/t1_lib.c 2015-01-09 10:06:35.470912834 +0100
|
||||
@@ -218,29 +218,21 @@ static int pref_list[] =
|
||||
NID_sect283k1, /* sect283k1 (9) */
|
||||
NID_sect283r1, /* sect283r1 (10) */
|
||||
#endif
|
||||
- NID_secp256k1, /* secp256k1 (22) */
|
||||
NID_X9_62_prime256v1, /* secp256r1 (23) */
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
NID_sect239k1, /* sect239k1 (8) */
|
||||
NID_sect233k1, /* sect233k1 (6) */
|
||||
NID_sect233r1, /* sect233r1 (7) */
|
||||
#endif
|
||||
- NID_secp224k1, /* secp224k1 (20) */
|
||||
- NID_secp224r1, /* secp224r1 (21) */
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
NID_sect193r1, /* sect193r1 (4) */
|
||||
NID_sect193r2, /* sect193r2 (5) */
|
||||
#endif
|
||||
- NID_secp192k1, /* secp192k1 (18) */
|
||||
- NID_X9_62_prime192v1, /* secp192r1 (19) */
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
NID_sect163k1, /* sect163k1 (1) */
|
||||
NID_sect163r1, /* sect163r1 (2) */
|
||||
NID_sect163r2, /* sect163r2 (3) */
|
||||
#endif
|
||||
- NID_secp160k1, /* secp160k1 (15) */
|
||||
- NID_secp160r1, /* secp160r1 (16) */
|
||||
- NID_secp160r2, /* secp160r2 (17) */
|
||||
};
|
||||
|
||||
int tls1_ec_curve_id2nid(int curve_id)
|
||||
@@ -1820,7 +1812,6 @@ int ssl_prepare_clienthello_tlsext(SSL *
|
||||
s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
|
||||
s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
|
||||
|
||||
- /* we support all named elliptic curves in RFC 4492 */
|
||||
if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist);
|
||||
s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2;
|
||||
if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
|
135
openssl-1.0.1k-ephemeral-key-size.patch
Normal file
135
openssl-1.0.1k-ephemeral-key-size.patch
Normal file
@ -0,0 +1,135 @@
|
||||
diff -up openssl-1.0.1k/apps/s_apps.h.ephemeral openssl-1.0.1k/apps/s_apps.h
|
||||
--- openssl-1.0.1k/apps/s_apps.h.ephemeral 2015-01-09 10:22:03.289896211 +0100
|
||||
+++ openssl-1.0.1k/apps/s_apps.h 2015-01-09 10:22:03.373898111 +0100
|
||||
@@ -156,6 +156,7 @@ int MS_CALLBACK verify_callback(int ok,
|
||||
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
|
||||
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
|
||||
#endif
|
||||
+int ssl_print_tmp_key(BIO *out, SSL *s);
|
||||
int init_client(int *sock, char *server, char *port, int type);
|
||||
int should_retry(int i);
|
||||
int extract_host_port(char *str,char **host_ptr,char **port_ptr);
|
||||
diff -up openssl-1.0.1k/apps/s_cb.c.ephemeral openssl-1.0.1k/apps/s_cb.c
|
||||
--- openssl-1.0.1k/apps/s_cb.c.ephemeral 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/apps/s_cb.c 2015-01-09 10:22:03.373898111 +0100
|
||||
@@ -338,6 +338,38 @@ void MS_CALLBACK apps_ssl_info_callback(
|
||||
}
|
||||
}
|
||||
|
||||
+int ssl_print_tmp_key(BIO *out, SSL *s)
|
||||
+ {
|
||||
+ EVP_PKEY *key;
|
||||
+ if (!SSL_get_server_tmp_key(s, &key))
|
||||
+ return 1;
|
||||
+ BIO_puts(out, "Server Temp Key: ");
|
||||
+ switch (EVP_PKEY_id(key))
|
||||
+ {
|
||||
+ case EVP_PKEY_RSA:
|
||||
+ BIO_printf(out, "RSA, %d bits\n", EVP_PKEY_bits(key));
|
||||
+ break;
|
||||
+
|
||||
+ case EVP_PKEY_DH:
|
||||
+ BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key));
|
||||
+ break;
|
||||
+
|
||||
+ case EVP_PKEY_EC:
|
||||
+ {
|
||||
+ EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
|
||||
+ int nid;
|
||||
+ const char *cname;
|
||||
+ nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
|
||||
+ EC_KEY_free(ec);
|
||||
+ cname = OBJ_nid2sn(nid);
|
||||
+ BIO_printf(out, "ECDH, %s, %d bits\n",
|
||||
+ cname, EVP_PKEY_bits(key));
|
||||
+ }
|
||||
+ }
|
||||
+ EVP_PKEY_free(key);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
|
||||
void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
|
||||
{
|
||||
diff -up openssl-1.0.1k/apps/s_client.c.ephemeral openssl-1.0.1k/apps/s_client.c
|
||||
--- openssl-1.0.1k/apps/s_client.c.ephemeral 2015-01-09 10:22:03.367897975 +0100
|
||||
+++ openssl-1.0.1k/apps/s_client.c 2015-01-09 10:22:03.373898111 +0100
|
||||
@@ -2058,6 +2058,8 @@ static void print_stuff(BIO *bio, SSL *s
|
||||
BIO_write(bio,"\n",1);
|
||||
}
|
||||
|
||||
+ ssl_print_tmp_key(bio, s);
|
||||
+
|
||||
BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
|
||||
BIO_number_read(SSL_get_rbio(s)),
|
||||
BIO_number_written(SSL_get_wbio(s)));
|
||||
diff -up openssl-1.0.1k/ssl/ssl.h.ephemeral openssl-1.0.1k/ssl/ssl.h
|
||||
--- openssl-1.0.1k/ssl/ssl.h.ephemeral 2015-01-09 10:22:03.358897772 +0100
|
||||
+++ openssl-1.0.1k/ssl/ssl.h 2015-01-09 10:25:08.644088146 +0100
|
||||
@@ -1593,6 +1593,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
||||
#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
|
||||
#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
|
||||
|
||||
+#define SSL_CTRL_GET_SERVER_TMP_KEY 109
|
||||
#define SSL_CTRL_CHECK_PROTO_VERSION 119
|
||||
#define DTLS_CTRL_SET_LINK_MTU 120
|
||||
#define DTLS_CTRL_GET_LINK_MIN_MTU 121
|
||||
@@ -1638,6 +1639,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
||||
#define SSL_CTX_clear_extra_chain_certs(ctx) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
|
||||
|
||||
+#define SSL_get_server_tmp_key(s, pk) \
|
||||
+ SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk)
|
||||
+
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
BIO_METHOD *BIO_f_ssl(void);
|
||||
BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
|
||||
diff -up openssl-1.0.1k/ssl/s3_lib.c.ephemeral openssl-1.0.1k/ssl/s3_lib.c
|
||||
--- openssl-1.0.1k/ssl/s3_lib.c.ephemeral 2015-01-08 15:00:56.000000000 +0100
|
||||
+++ openssl-1.0.1k/ssl/s3_lib.c 2015-01-09 10:22:03.374898133 +0100
|
||||
@@ -3356,6 +3356,45 @@ long ssl3_ctrl(SSL *s, int cmd, long lar
|
||||
|
||||
#endif /* !OPENSSL_NO_TLSEXT */
|
||||
|
||||
+ case SSL_CTRL_GET_SERVER_TMP_KEY:
|
||||
+ if (s->server || !s->session || !s->session->sess_cert)
|
||||
+ return 0;
|
||||
+ else
|
||||
+ {
|
||||
+ SESS_CERT *sc;
|
||||
+ EVP_PKEY *ptmp;
|
||||
+ int rv = 0;
|
||||
+ sc = s->session->sess_cert;
|
||||
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC)
|
||||
+ if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp
|
||||
+ && !sc->peer_ecdh_tmp)
|
||||
+ return 0;
|
||||
+#endif
|
||||
+ ptmp = EVP_PKEY_new();
|
||||
+ if (!ptmp)
|
||||
+ return 0;
|
||||
+ if (0);
|
||||
+#ifndef OPENSSL_NO_RSA
|
||||
+ else if (sc->peer_rsa_tmp)
|
||||
+ rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
|
||||
+#endif
|
||||
+#ifndef OPENSSL_NO_DH
|
||||
+ else if (sc->peer_dh_tmp)
|
||||
+ rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
|
||||
+#endif
|
||||
+#ifndef OPENSSL_NO_ECDH
|
||||
+ else if (sc->peer_ecdh_tmp)
|
||||
+ rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
|
||||
+#endif
|
||||
+ if (rv)
|
||||
+ {
|
||||
+ *(EVP_PKEY **)parg = ptmp;
|
||||
+ return 1;
|
||||
+ }
|
||||
+ EVP_PKEY_free(ptmp);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
case SSL_CTRL_CHECK_PROTO_VERSION:
|
||||
/* For library-internal use; checks that the current protocol
|
||||
* is the highest enabled version (according to s->ctx->method,
|
20400
openssl-1.0.1k-fips.patch
Normal file
20400
openssl-1.0.1k-fips.patch
Normal file
File diff suppressed because it is too large
Load Diff
197
openssl-1.0.1k-padlock64.patch
Normal file
197
openssl-1.0.1k-padlock64.patch
Normal file
@ -0,0 +1,197 @@
|
||||
diff -up openssl-1.0.1k/engines/e_padlock.c.padlock64 openssl-1.0.1k/engines/e_padlock.c
|
||||
--- openssl-1.0.1k/engines/e_padlock.c.padlock64 2015-01-08 15:00:56.000000000 +0100
|
||||
+++ openssl-1.0.1k/engines/e_padlock.c 2015-01-09 10:18:55.579650992 +0100
|
||||
@@ -101,7 +101,10 @@
|
||||
compiler choice is limited to GCC and Microsoft C. */
|
||||
#undef COMPILE_HW_PADLOCK
|
||||
#if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
|
||||
-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
|
||||
+# if (defined(__GNUC__) && __GNUC__>=2 && \
|
||||
+ (defined(__i386__) || defined(__i386) || \
|
||||
+ defined(__x86_64__) || defined(__x86_64)) \
|
||||
+ ) || \
|
||||
(defined(_MSC_VER) && defined(_M_IX86))
|
||||
# define COMPILE_HW_PADLOCK
|
||||
# endif
|
||||
@@ -137,7 +140,7 @@ void ENGINE_load_padlock (void)
|
||||
# endif
|
||||
#elif defined(__GNUC__)
|
||||
# ifndef alloca
|
||||
-# define alloca(s) __builtin_alloca(s)
|
||||
+# define alloca(s) __builtin_alloca((s))
|
||||
# endif
|
||||
#endif
|
||||
|
||||
@@ -304,6 +307,7 @@ static volatile struct padlock_cipher_da
|
||||
* =======================================================
|
||||
*/
|
||||
#if defined(__GNUC__) && __GNUC__>=2
|
||||
+#if defined(__i386__) || defined(__i386)
|
||||
/*
|
||||
* As for excessive "push %ebx"/"pop %ebx" found all over.
|
||||
* When generating position-independent code GCC won't let
|
||||
@@ -383,23 +387,6 @@ padlock_available(void)
|
||||
return padlock_use_ace + padlock_use_rng;
|
||||
}
|
||||
|
||||
-#ifndef OPENSSL_NO_AES
|
||||
-#ifndef AES_ASM
|
||||
-/* Our own htonl()/ntohl() */
|
||||
-static inline void
|
||||
-padlock_bswapl(AES_KEY *ks)
|
||||
-{
|
||||
- size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
|
||||
- unsigned int *key = ks->rd_key;
|
||||
-
|
||||
- while (i--) {
|
||||
- asm volatile ("bswapl %0" : "+r"(*key));
|
||||
- key++;
|
||||
- }
|
||||
-}
|
||||
-#endif
|
||||
-#endif
|
||||
-
|
||||
/* Force key reload from memory to the CPU microcode.
|
||||
Loading EFLAGS from the stack clears EFLAGS[30]
|
||||
which does the trick. */
|
||||
@@ -457,12 +444,129 @@ static inline void *name(size_t cnt, \
|
||||
: "edx", "cc", "memory"); \
|
||||
return iv; \
|
||||
}
|
||||
+#endif
|
||||
+
|
||||
+#elif defined(__x86_64__) || defined(__x86_64)
|
||||
+
|
||||
+/* Load supported features of the CPU to see if
|
||||
+ the PadLock is available. */
|
||||
+static int
|
||||
+padlock_available(void)
|
||||
+{
|
||||
+ char vendor_string[16];
|
||||
+ unsigned int eax, edx;
|
||||
|
||||
+ /* Are we running on the Centaur (VIA) CPU? */
|
||||
+ eax = 0x00000000;
|
||||
+ vendor_string[12] = 0;
|
||||
+ asm volatile (
|
||||
+ "cpuid\n"
|
||||
+ "movl %%ebx,(%1)\n"
|
||||
+ "movl %%edx,4(%1)\n"
|
||||
+ "movl %%ecx,8(%1)\n"
|
||||
+ : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
|
||||
+ if (strcmp(vendor_string, "CentaurHauls") != 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ /* Check for Centaur Extended Feature Flags presence */
|
||||
+ eax = 0xC0000000;
|
||||
+ asm volatile ("cpuid"
|
||||
+ : "+a"(eax) : : "rbx", "rcx", "rdx");
|
||||
+ if (eax < 0xC0000001)
|
||||
+ return 0;
|
||||
+
|
||||
+ /* Read the Centaur Extended Feature Flags */
|
||||
+ eax = 0xC0000001;
|
||||
+ asm volatile ("cpuid"
|
||||
+ : "+a"(eax), "=d"(edx) : : "rbx", "rcx");
|
||||
+
|
||||
+ /* Fill up some flags */
|
||||
+ padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
|
||||
+ padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
|
||||
+
|
||||
+ return padlock_use_ace + padlock_use_rng;
|
||||
+}
|
||||
+
|
||||
+/* Force key reload from memory to the CPU microcode.
|
||||
+ Loading EFLAGS from the stack clears EFLAGS[30]
|
||||
+ which does the trick. */
|
||||
+static inline void
|
||||
+padlock_reload_key(void)
|
||||
+{
|
||||
+ asm volatile ("pushfq; popfq");
|
||||
+}
|
||||
+
|
||||
+#ifndef OPENSSL_NO_AES
|
||||
+/*
|
||||
+ * This is heuristic key context tracing. At first one
|
||||
+ * believes that one should use atomic swap instructions,
|
||||
+ * but it's not actually necessary. Point is that if
|
||||
+ * padlock_saved_context was changed by another thread
|
||||
+ * after we've read it and before we compare it with cdata,
|
||||
+ * our key *shall* be reloaded upon thread context switch
|
||||
+ * and we are therefore set in either case...
|
||||
+ */
|
||||
+static inline void
|
||||
+padlock_verify_context(struct padlock_cipher_data *cdata)
|
||||
+{
|
||||
+ asm volatile (
|
||||
+ "pushfq\n"
|
||||
+" btl $30,(%%rsp)\n"
|
||||
+" jnc 1f\n"
|
||||
+" cmpq %2,%1\n"
|
||||
+" je 1f\n"
|
||||
+" popfq\n"
|
||||
+" subq $8,%%rsp\n"
|
||||
+"1: addq $8,%%rsp\n"
|
||||
+" movq %2,%0"
|
||||
+ :"+m"(padlock_saved_context)
|
||||
+ : "r"(padlock_saved_context), "r"(cdata) : "cc");
|
||||
+}
|
||||
+
|
||||
+/* Template for padlock_xcrypt_* modes */
|
||||
+/* BIG FAT WARNING:
|
||||
+ * The offsets used with 'leal' instructions
|
||||
+ * describe items of the 'padlock_cipher_data'
|
||||
+ * structure.
|
||||
+ */
|
||||
+#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \
|
||||
+static inline void *name(size_t cnt, \
|
||||
+ struct padlock_cipher_data *cdata, \
|
||||
+ void *out, const void *inp) \
|
||||
+{ void *iv; \
|
||||
+ asm volatile ( "leaq 16(%0),%%rdx\n" \
|
||||
+ " leaq 32(%0),%%rbx\n" \
|
||||
+ rep_xcrypt "\n" \
|
||||
+ : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
|
||||
+ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \
|
||||
+ : "rbx", "rdx", "cc", "memory"); \
|
||||
+ return iv; \
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
+#endif /* cpu */
|
||||
+
|
||||
+#ifndef OPENSSL_NO_AES
|
||||
/* Generate all functions with appropriate opcodes */
|
||||
PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryptecb */
|
||||
PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */
|
||||
PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */
|
||||
PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */
|
||||
+
|
||||
+#ifndef AES_ASM
|
||||
+/* Our own htonl()/ntohl() */
|
||||
+static inline void
|
||||
+padlock_bswapl(AES_KEY *ks)
|
||||
+{
|
||||
+ size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
|
||||
+ unsigned int *key = ks->rd_key;
|
||||
+
|
||||
+ while (i--) {
|
||||
+ asm volatile ("bswapl %0" : "+r"(*key));
|
||||
+ key++;
|
||||
+ }
|
||||
+}
|
||||
+#endif
|
||||
#endif
|
||||
|
||||
/* The RNG call itself */
|
||||
@@ -493,8 +597,8 @@ padlock_xstore(void *addr, unsigned int
|
||||
static inline unsigned char *
|
||||
padlock_memcpy(void *dst,const void *src,size_t n)
|
||||
{
|
||||
- long *d=dst;
|
||||
- const long *s=src;
|
||||
+ size_t *d=dst;
|
||||
+ const size_t *s=src;
|
||||
|
||||
n /= sizeof(*d);
|
||||
do { *d++ = *s++; } while (--n);
|
59
openssl-1.0.1k-secp256k1.patch
Normal file
59
openssl-1.0.1k-secp256k1.patch
Normal file
@ -0,0 +1,59 @@
|
||||
diff -up openssl-1.0.1k/crypto/ec/ec_curve.c.secp256k1 openssl-1.0.1k/crypto/ec/ec_curve.c
|
||||
--- openssl-1.0.1k/crypto/ec/ec_curve.c.secp256k1 2015-08-13 07:47:37.890966462 -0400
|
||||
+++ openssl-1.0.1k/crypto/ec/ec_curve.c 2015-08-13 08:01:31.697866786 -0400
|
||||
@@ -82,6 +82,36 @@ typedef struct {
|
||||
unsigned int cofactor; /* promoted to BN_ULONG */
|
||||
} EC_CURVE_DATA;
|
||||
|
||||
+static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; }
|
||||
+ _EC_SECG_PRIME_256K1 = {
|
||||
+ { NID_X9_62_prime_field,0,32,1 },
|
||||
+ { /* no seed */
|
||||
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* p */
|
||||
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
|
||||
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,
|
||||
+ 0xFC,0x2F,
|
||||
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* a */
|
||||
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
+ 0x00,0x00,
|
||||
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* b */
|
||||
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
+ 0x00,0x07,
|
||||
+ 0x79,0xBE,0x66,0x7E,0xF9,0xDC,0xBB,0xAC,0x55,0xA0, /* x */
|
||||
+ 0x62,0x95,0xCE,0x87,0x0B,0x07,0x02,0x9B,0xFC,0xDB,
|
||||
+ 0x2D,0xCE,0x28,0xD9,0x59,0xF2,0x81,0x5B,0x16,0xF8,
|
||||
+ 0x17,0x98,
|
||||
+ 0x48,0x3a,0xda,0x77,0x26,0xa3,0xc4,0x65,0x5d,0xa4, /* y */
|
||||
+ 0xfb,0xfc,0x0e,0x11,0x08,0xa8,0xfd,0x17,0xb4,0x48,
|
||||
+ 0xa6,0x85,0x54,0x19,0x9c,0x47,0xd0,0x8f,0xfb,0x10,
|
||||
+ 0xd4,0xb8,
|
||||
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, /* order */
|
||||
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xBA,0xAE,0xDC,0xE6,
|
||||
+ 0xAF,0x48,0xA0,0x3B,0xBF,0xD2,0x5E,0x8C,0xD0,0x36,
|
||||
+ 0x41,0x41 }
|
||||
+ };
|
||||
+
|
||||
static const struct { EC_CURVE_DATA h; unsigned char data[20+48*6]; }
|
||||
_EC_NIST_PRIME_384 = {
|
||||
{ NID_X9_62_prime_field,20,48,1 },
|
||||
@@ -212,6 +242,7 @@ typedef struct _ec_list_element_st {
|
||||
static const ec_list_element curve_list[] = {
|
||||
/* prime field curves */
|
||||
/* secg curves */
|
||||
+ { NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field" },
|
||||
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||
{ NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" },
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
diff -up openssl-1.0.1k/ssl/t1_lib.c.secp256k1 openssl-1.0.1k/ssl/t1_lib.c
|
||||
--- openssl-1.0.1k/ssl/t1_lib.c.secp256k1 2015-08-13 08:03:17.401589785 -0400
|
||||
+++ openssl-1.0.1k/ssl/t1_lib.c 2015-08-13 08:05:44.283292971 -0400
|
||||
@@ -218,6 +218,7 @@ static int pref_list[] =
|
||||
NID_sect283k1, /* sect283k1 (9) */
|
||||
NID_sect283r1, /* sect283r1 (10) */
|
||||
#endif
|
||||
+ NID_secp256k1, /* secp256k1 (22) */
|
||||
NID_X9_62_prime256v1, /* secp256r1 (23) */
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
NID_sect239k1, /* sect239k1 (8) */
|
330
openssl-1.0.1k-trusted-first.patch
Normal file
330
openssl-1.0.1k-trusted-first.patch
Normal file
@ -0,0 +1,330 @@
|
||||
diff -up openssl-1.0.1k/apps/apps.c.trusted-first openssl-1.0.1k/apps/apps.c
|
||||
--- openssl-1.0.1k/apps/apps.c.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/apps/apps.c 2015-01-09 10:19:45.476779456 +0100
|
||||
@@ -2365,6 +2365,8 @@ int args_verify(char ***pargs, int *parg
|
||||
flags |= X509_V_FLAG_NOTIFY_POLICY;
|
||||
else if (!strcmp(arg, "-check_ss_sig"))
|
||||
flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
|
||||
+ else if (!strcmp(arg, "-trusted_first"))
|
||||
+ flags |= X509_V_FLAG_TRUSTED_FIRST;
|
||||
else
|
||||
return 0;
|
||||
|
||||
diff -up openssl-1.0.1k/apps/cms.c.trusted-first openssl-1.0.1k/apps/cms.c
|
||||
--- openssl-1.0.1k/apps/cms.c.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/apps/cms.c 2015-01-09 10:19:45.476779456 +0100
|
||||
@@ -642,6 +642,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
+ BIO_printf (bio_err, "-trusted_first use trusted certificates first when building the trust chain\n");
|
||||
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
|
||||
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
diff -up openssl-1.0.1k/apps/ocsp.c.trusted-first openssl-1.0.1k/apps/ocsp.c
|
||||
--- openssl-1.0.1k/apps/ocsp.c.trusted-first 2015-01-09 10:19:45.477779478 +0100
|
||||
+++ openssl-1.0.1k/apps/ocsp.c 2015-01-09 10:20:57.726413440 +0100
|
||||
@@ -605,6 +605,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-path path to use in OCSP request\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
+ BIO_printf (bio_err, "-trusted_first use trusted certificates first when building the trust chain\n");
|
||||
BIO_printf (bio_err, "-VAfile file validator certificates file\n");
|
||||
BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n");
|
||||
BIO_printf (bio_err, "-status_age n maximum status age in seconds\n");
|
||||
diff -up openssl-1.0.1k/apps/s_client.c.trusted-first openssl-1.0.1k/apps/s_client.c
|
||||
--- openssl-1.0.1k/apps/s_client.c.trusted-first 2015-01-09 10:19:45.438778596 +0100
|
||||
+++ openssl-1.0.1k/apps/s_client.c 2015-01-09 10:19:45.477779478 +0100
|
||||
@@ -299,6 +299,7 @@ static void sc_usage(void)
|
||||
BIO_printf(bio_err," -pass arg - private key file pass phrase source\n");
|
||||
BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
|
||||
BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
|
||||
+ BIO_printf(bio_err," -trusted_first - Use trusted CA's first when building the trust chain\n");
|
||||
BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n");
|
||||
BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n");
|
||||
BIO_printf(bio_err," -prexit - print session information even on connection failure\n");
|
||||
diff -up openssl-1.0.1k/apps/smime.c.trusted-first openssl-1.0.1k/apps/smime.c
|
||||
--- openssl-1.0.1k/apps/smime.c.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/apps/smime.c 2015-01-09 10:19:45.477779478 +0100
|
||||
@@ -479,6 +479,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf (bio_err, "-text include or delete text MIME headers\n");
|
||||
BIO_printf (bio_err, "-CApath dir trusted certificates directory\n");
|
||||
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
|
||||
+ BIO_printf (bio_err, "-trusted_first use trusted certificates first when building the trust chain\n");
|
||||
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
|
||||
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
diff -up openssl-1.0.1k/apps/s_server.c.trusted-first openssl-1.0.1k/apps/s_server.c
|
||||
--- openssl-1.0.1k/apps/s_server.c.trusted-first 2015-01-09 10:19:45.445778755 +0100
|
||||
+++ openssl-1.0.1k/apps/s_server.c 2015-01-09 10:19:45.478779501 +0100
|
||||
@@ -502,6 +502,7 @@ static void sv_usage(void)
|
||||
BIO_printf(bio_err," -state - Print the SSL states\n");
|
||||
BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
|
||||
BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
|
||||
+ BIO_printf(bio_err," -trusted_first - Use trusted CA's first when building the trust chain\n");
|
||||
BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n");
|
||||
BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n");
|
||||
BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n");
|
||||
diff -up openssl-1.0.1k/apps/s_time.c.trusted-first openssl-1.0.1k/apps/s_time.c
|
||||
--- openssl-1.0.1k/apps/s_time.c.trusted-first 2015-01-09 10:19:45.391777534 +0100
|
||||
+++ openssl-1.0.1k/apps/s_time.c 2015-01-09 10:19:45.478779501 +0100
|
||||
@@ -179,6 +179,7 @@ static void s_time_usage(void)
|
||||
file if not specified by this option\n\
|
||||
-CApath arg - PEM format directory of CA's\n\
|
||||
-CAfile arg - PEM format file of CA's\n\
|
||||
+-trusted_first - Use trusted CA's first when building the trust chain\n\
|
||||
-cipher - preferred cipher to use, play with 'openssl ciphers'\n\n";
|
||||
|
||||
printf( "usage: s_time <args>\n\n" );
|
||||
diff -up openssl-1.0.1k/apps/ts.c.trusted-first openssl-1.0.1k/apps/ts.c
|
||||
--- openssl-1.0.1k/apps/ts.c.trusted-first 2015-01-09 10:19:45.435778529 +0100
|
||||
+++ openssl-1.0.1k/apps/ts.c 2015-01-09 10:19:45.478779501 +0100
|
||||
@@ -383,7 +383,7 @@ int MAIN(int argc, char **argv)
|
||||
"ts -verify [-data file_to_hash] [-digest digest_bytes] "
|
||||
"[-queryfile request.tsq] "
|
||||
"-in response.tsr [-token_in] "
|
||||
- "-CApath ca_path -CAfile ca_file.pem "
|
||||
+ "-CApath ca_path -CAfile ca_file.pem -trusted_first"
|
||||
"-untrusted cert_file.pem\n");
|
||||
cleanup:
|
||||
/* Clean up. */
|
||||
diff -up openssl-1.0.1k/apps/verify.c.trusted-first openssl-1.0.1k/apps/verify.c
|
||||
--- openssl-1.0.1k/apps/verify.c.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/apps/verify.c 2015-01-09 10:19:45.478779501 +0100
|
||||
@@ -237,7 +237,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
end:
|
||||
if (ret == 1) {
|
||||
- BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
|
||||
+ BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check]");
|
||||
BIO_printf(bio_err," [-attime timestamp]");
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
BIO_printf(bio_err," [-engine e]");
|
||||
diff -up openssl-1.0.1k/crypto/x509/x509_vfy.c.trusted-first openssl-1.0.1k/crypto/x509/x509_vfy.c
|
||||
--- openssl-1.0.1k/crypto/x509/x509_vfy.c.trusted-first 2015-01-09 10:19:45.443778710 +0100
|
||||
+++ openssl-1.0.1k/crypto/x509/x509_vfy.c 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -207,6 +207,21 @@ int X509_verify_cert(X509_STORE_CTX *ctx
|
||||
|
||||
/* If we are self signed, we break */
|
||||
if (ctx->check_issued(ctx, x,x)) break;
|
||||
+ /* If asked see if we can find issuer in trusted store first */
|
||||
+ if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST)
|
||||
+ {
|
||||
+ ok = ctx->get_issuer(&xtmp, ctx, x);
|
||||
+ if (ok < 0)
|
||||
+ return ok;
|
||||
+ /* If successful for now free up cert so it
|
||||
+ * will be picked up again later.
|
||||
+ */
|
||||
+ if (ok > 0)
|
||||
+ {
|
||||
+ X509_free(xtmp);
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
|
||||
/* If we were passed a cert chain, use it first */
|
||||
if (ctx->untrusted != NULL)
|
||||
diff -up openssl-1.0.1k/crypto/x509/x509_vfy.h.trusted-first openssl-1.0.1k/crypto/x509/x509_vfy.h
|
||||
--- openssl-1.0.1k/crypto/x509/x509_vfy.h.trusted-first 2015-01-09 10:19:45.266774706 +0100
|
||||
+++ openssl-1.0.1k/crypto/x509/x509_vfy.h 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -389,6 +389,8 @@ void X509_STORE_CTX_set_depth(X509_STORE
|
||||
#define X509_V_FLAG_USE_DELTAS 0x2000
|
||||
/* Check selfsigned CA signature */
|
||||
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
||||
+/* Use trusted store first */
|
||||
+#define X509_V_FLAG_TRUSTED_FIRST 0x8000
|
||||
|
||||
|
||||
#define X509_VP_FLAG_DEFAULT 0x1
|
||||
diff -up openssl-1.0.1k/doc/apps/cms.pod.trusted-first openssl-1.0.1k/doc/apps/cms.pod
|
||||
--- openssl-1.0.1k/doc/apps/cms.pod.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/cms.pod 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -35,6 +35,7 @@ B<openssl> B<cms>
|
||||
[B<-print>]
|
||||
[B<-CAfile file>]
|
||||
[B<-CApath dir>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-md digest>]
|
||||
[B<-[cipher]>]
|
||||
[B<-nointern>]
|
||||
@@ -243,6 +244,12 @@ B<-verify>. This directory must be a sta
|
||||
is a hash of each subject name (using B<x509 -hash>) should be linked
|
||||
to each certificate.
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory before untrusted certificates
|
||||
+from the message when building the trust chain to verify certificates.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-md digest>
|
||||
|
||||
digest algorithm to use when signing or resigning. If not present then the
|
||||
diff -up openssl-1.0.1k/doc/apps/ocsp.pod.trusted-first openssl-1.0.1k/doc/apps/ocsp.pod
|
||||
--- openssl-1.0.1k/doc/apps/ocsp.pod.trusted-first 2015-01-09 10:19:45.436778551 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/ocsp.pod 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -29,6 +29,7 @@ B<openssl> B<ocsp>
|
||||
[B<-path>]
|
||||
[B<-CApath dir>]
|
||||
[B<-CAfile file>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-VAfile file>]
|
||||
[B<-validity_period n>]
|
||||
[B<-status_age n>]
|
||||
@@ -142,6 +143,13 @@ connection timeout to the OCSP responder
|
||||
file or pathname containing trusted CA certificates. These are used to verify
|
||||
the signature on the OCSP response.
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory over certificates provided
|
||||
+in the response or residing in other certificates file when building the trust
|
||||
+chain to verify responder certificate.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-verify_other file>
|
||||
|
||||
file containing additional certificates to search when attempting to locate
|
||||
diff -up openssl-1.0.1k/doc/apps/s_client.pod.trusted-first openssl-1.0.1k/doc/apps/s_client.pod
|
||||
--- openssl-1.0.1k/doc/apps/s_client.pod.trusted-first 2015-01-09 10:19:45.451778890 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/s_client.pod 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -19,6 +19,7 @@ B<openssl> B<s_client>
|
||||
[B<-pass arg>]
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile filename>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-reconnect>]
|
||||
[B<-pause>]
|
||||
[B<-showcerts>]
|
||||
@@ -121,7 +122,7 @@ also used when building the client certi
|
||||
A file containing trusted certificates to use during server authentication
|
||||
and to use when attempting to build the client certificate chain.
|
||||
|
||||
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
|
||||
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first>
|
||||
|
||||
Set various certificate chain valiadition option. See the
|
||||
L<B<verify>|verify(1)> manual page for details.
|
||||
diff -up openssl-1.0.1k/doc/apps/smime.pod.trusted-first openssl-1.0.1k/doc/apps/smime.pod
|
||||
--- openssl-1.0.1k/doc/apps/smime.pod.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/smime.pod 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -15,6 +15,9 @@ B<openssl> B<smime>
|
||||
[B<-pk7out>]
|
||||
[B<-[cipher]>]
|
||||
[B<-in file>]
|
||||
+[B<-CAfile file>]
|
||||
+[B<-CApath dir>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-certfile file>]
|
||||
[B<-signer file>]
|
||||
[B<-recip file>]
|
||||
@@ -146,6 +149,12 @@ B<-verify>. This directory must be a sta
|
||||
is a hash of each subject name (using B<x509 -hash>) should be linked
|
||||
to each certificate.
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory over certificates provided
|
||||
+in the message when building the trust chain to verify a certificate.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-md digest>
|
||||
|
||||
digest algorithm to use when signing or resigning. If not present then the
|
||||
diff -up openssl-1.0.1k/doc/apps/s_server.pod.trusted-first openssl-1.0.1k/doc/apps/s_server.pod
|
||||
--- openssl-1.0.1k/doc/apps/s_server.pod.trusted-first 2015-01-09 10:19:45.451778890 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/s_server.pod 2015-01-09 10:19:45.479779524 +0100
|
||||
@@ -33,6 +33,7 @@ B<openssl> B<s_server>
|
||||
[B<-state>]
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile filename>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-nocert>]
|
||||
[B<-cipher cipherlist>]
|
||||
[B<-serverpref>]
|
||||
@@ -178,6 +179,12 @@ and to use when attempting to build the
|
||||
is also used in the list of acceptable client CAs passed to the client when
|
||||
a certificate is requested.
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory before other certificates
|
||||
+when building the trust chain to verify client certificates.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-state>
|
||||
|
||||
prints out the SSL session states.
|
||||
diff -up openssl-1.0.1k/doc/apps/s_time.pod.trusted-first openssl-1.0.1k/doc/apps/s_time.pod
|
||||
--- openssl-1.0.1k/doc/apps/s_time.pod.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/s_time.pod 2015-01-09 10:19:45.480779546 +0100
|
||||
@@ -14,6 +14,7 @@ B<openssl> B<s_time>
|
||||
[B<-key filename>]
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile filename>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-reuse>]
|
||||
[B<-new>]
|
||||
[B<-verify depth>]
|
||||
@@ -76,6 +77,12 @@ also used when building the client certi
|
||||
A file containing trusted certificates to use during server authentication
|
||||
and to use when attempting to build the client certificate chain.
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory over the certificates provided
|
||||
+by the server when building the trust chain to verify server certificate.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-new>
|
||||
|
||||
performs the timing test using a new session ID for each connection.
|
||||
diff -up openssl-1.0.1k/doc/apps/ts.pod.trusted-first openssl-1.0.1k/doc/apps/ts.pod
|
||||
--- openssl-1.0.1k/doc/apps/ts.pod.trusted-first 2014-10-15 15:49:15.000000000 +0200
|
||||
+++ openssl-1.0.1k/doc/apps/ts.pod 2015-01-09 10:19:45.480779546 +0100
|
||||
@@ -46,6 +46,7 @@ B<-verify>
|
||||
[B<-token_in>]
|
||||
[B<-CApath> trusted_cert_path]
|
||||
[B<-CAfile> trusted_certs.pem]
|
||||
+[B<-trusted_first>]
|
||||
[B<-untrusted> cert_file.pem]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
@@ -324,6 +325,12 @@ L<verify(1)|verify(1)> for additional de
|
||||
or B<-CApath> must be specified.
|
||||
(Optional)
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory before other certificates
|
||||
+when building the trust chain to verify certificates.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-untrusted> cert_file.pem
|
||||
|
||||
Set of additional untrusted certificates in PEM format which may be
|
||||
diff -up openssl-1.0.1k/doc/apps/verify.pod.trusted-first openssl-1.0.1k/doc/apps/verify.pod
|
||||
--- openssl-1.0.1k/doc/apps/verify.pod.trusted-first 2015-01-08 15:00:36.000000000 +0100
|
||||
+++ openssl-1.0.1k/doc/apps/verify.pod 2015-01-09 10:19:45.480779546 +0100
|
||||
@@ -9,6 +9,7 @@ verify - Utility to verify certificates.
|
||||
B<openssl> B<verify>
|
||||
[B<-CApath directory>]
|
||||
[B<-CAfile file>]
|
||||
+[B<-trusted_first>]
|
||||
[B<-purpose purpose>]
|
||||
[B<-policy arg>]
|
||||
[B<-ignore_critical>]
|
||||
@@ -56,6 +57,12 @@ in PEM format concatenated together.
|
||||
A file of untrusted certificates. The file should contain multiple certificates
|
||||
in PEM format concatenated together.
|
||||
|
||||
+=item B<-trusted_first>
|
||||
+
|
||||
+Use certificates in CA file or CA directory before the certificates in the untrusted
|
||||
+file when building the trust chain to verify certificates.
|
||||
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
|
||||
+
|
||||
=item B<-purpose purpose>
|
||||
|
||||
The intended use for the certificate. If this option is not specified,
|
@ -1,11 +0,0 @@
|
||||
diff -up openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash openssl-1.1.0-pre5/crypto/x509/x509_cmp.c
|
||||
--- openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash 2016-07-18 15:16:32.788881100 +0200
|
||||
+++ openssl-1.1.0-pre5/crypto/x509/x509_cmp.c 2016-07-18 15:17:16.671871840 +0200
|
||||
@@ -87,6 +87,7 @@ unsigned long X509_issuer_and_serial_has
|
||||
|
||||
if (ctx == NULL)
|
||||
goto err;
|
||||
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
||||
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
|
||||
if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))
|
||||
goto err;
|
@ -1,27 +0,0 @@
|
||||
commit 9e885a707d604e9528b5491b78fb9c00f41193fc
|
||||
Author: Tomas Mraz <tmraz@fedoraproject.org>
|
||||
Date: Thu Mar 26 15:59:00 2020 +0100
|
||||
|
||||
s_server: Properly indicate ALPN protocol mismatch
|
||||
|
||||
Return SSL_TLSEXT_ERR_ALERT_FATAL from alpn_select_cb so that
|
||||
an alert is sent to the client on ALPN protocol mismatch.
|
||||
|
||||
Fixes: #2708
|
||||
|
||||
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/11415)
|
||||
|
||||
diff --git a/apps/s_server.c b/apps/s_server.c
|
||||
index bcc83e562c..591c6c19c5 100644
|
||||
--- a/apps/s_server.c
|
||||
+++ b/apps/s_server.c
|
||||
@@ -707,7 +707,7 @@ static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
|
||||
if (SSL_select_next_proto
|
||||
((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in,
|
||||
inlen) != OPENSSL_NPN_NEGOTIATED) {
|
||||
- return SSL_TLSEXT_ERR_NOACK;
|
||||
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
|
||||
}
|
||||
|
||||
if (!s_quiet) {
|
@ -1,12 +0,0 @@
|
||||
diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c
|
||||
--- openssl-1.1.1b/apps/ca.c.dgst 2019-02-26 15:15:30.000000000 +0100
|
||||
+++ openssl-1.1.1b/apps/ca.c 2019-03-15 15:53:46.622267688 +0100
|
||||
@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = {
|
||||
{"enddate", OPT_ENDDATE, 's',
|
||||
"YYMMDDHHMMSSZ cert notAfter (overrides -days)"},
|
||||
{"days", OPT_DAYS, 'p', "Number of days to certify the cert for"},
|
||||
- {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"},
|
||||
+ {"md", OPT_MD, 's', "md to use; see openssl help for list"},
|
||||
{"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
|
||||
{"keyfile", OPT_KEYFILE, 's', "Private key"},
|
||||
{"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},
|
File diff suppressed because it is too large
Load Diff
@ -1,40 +0,0 @@
|
||||
diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf
|
||||
--- openssl-1.1.1f/Configurations/10-main.conf.build 2020-03-31 14:17:45.000000000 +0200
|
||||
+++ openssl-1.1.1f/Configurations/10-main.conf 2020-04-07 16:42:10.920546387 +0200
|
||||
@@ -678,6 +678,7 @@ my %targets = (
|
||||
cxxflags => add("-m64"),
|
||||
lib_cppflags => add("-DL_ENDIAN"),
|
||||
perlasm_scheme => "linux64le",
|
||||
+ multilib => "64",
|
||||
},
|
||||
|
||||
"linux-armv4" => {
|
||||
@@ -718,6 +719,7 @@ my %targets = (
|
||||
"linux-aarch64" => {
|
||||
inherit_from => [ "linux-generic64", asm("aarch64_asm") ],
|
||||
perlasm_scheme => "linux64",
|
||||
+ multilib => "64",
|
||||
},
|
||||
"linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32
|
||||
inherit_from => [ "linux-generic32", asm("aarch64_asm") ],
|
||||
diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||
--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build 2020-04-07 16:42:10.920546387 +0200
|
||||
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:44:23.539142108 +0200
|
||||
@@ -823,7 +823,7 @@ uninstall_runtime_libs:
|
||||
install_man_docs:
|
||||
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
||||
@$(ECHO) "*** Installing manpages"
|
||||
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||
"--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX)
|
||||
|
||||
uninstall_man_docs:
|
||||
@@ -835,7 +835,7 @@ uninstall_man_docs:
|
||||
install_html_docs:
|
||||
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
||||
@$(ECHO) "*** Installing HTML manpages"
|
||||
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||
"--destdir=$(DESTDIR)$(HTMLDIR)" --type=html
|
||||
|
||||
uninstall_html_docs:
|
@ -1,56 +0,0 @@
|
||||
diff -up openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths openssl-1.1.1-pre8/apps/CA.pl.in
|
||||
--- openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths 2018-06-20 16:48:09.000000000 +0200
|
||||
+++ openssl-1.1.1-pre8/apps/CA.pl.in 2018-07-25 17:26:58.388624296 +0200
|
||||
@@ -33,7 +33,7 @@ my $X509 = "$openssl x509";
|
||||
my $PKCS12 = "$openssl pkcs12";
|
||||
|
||||
# default openssl.cnf file has setup as per the following
|
||||
-my $CATOP = "./demoCA";
|
||||
+my $CATOP = "/etc/pki/CA";
|
||||
my $CAKEY = "cakey.pem";
|
||||
my $CAREQ = "careq.pem";
|
||||
my $CACERT = "cacert.pem";
|
||||
diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/openssl.cnf
|
||||
--- openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths 2018-07-25 17:26:58.378624057 +0200
|
||||
+++ openssl-1.1.1-pre8/apps/openssl.cnf 2018-07-27 13:20:08.198513471 +0200
|
||||
@@ -23,6 +23,22 @@ oid_section = new_oids
|
||||
# (Alternatively, use a configuration file that has only
|
||||
# X.509v3 extensions in its main [= default] section.)
|
||||
|
||||
+# Load default TLS policy configuration
|
||||
+
|
||||
+openssl_conf = default_modules
|
||||
+
|
||||
+[ default_modules ]
|
||||
+
|
||||
+ssl_conf = ssl_module
|
||||
+
|
||||
+[ ssl_module ]
|
||||
+
|
||||
+system_default = crypto_policy
|
||||
+
|
||||
+[ crypto_policy ]
|
||||
+
|
||||
+.include = /etc/crypto-policies/back-ends/opensslcnf.config
|
||||
+
|
||||
[ new_oids ]
|
||||
|
||||
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
|
||||
@@ -43,7 +59,7 @@ default_ca = CA_default # The default c
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
-dir = ./demoCA # Where everything is kept
|
||||
+dir = /etc/pki/CA # Where everything is kept
|
||||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
@@ -329,7 +345,7 @@ default_tsa = tsa_config1 # the default
|
||||
[ tsa_config1 ]
|
||||
|
||||
# These are used by the TSA reply generation only.
|
||||
-dir = ./demoCA # TSA root directory
|
||||
+dir = /etc/pki/CA # TSA root directory
|
||||
serial = $dir/tsaserial # The current serial number (mandatory)
|
||||
crypto_device = builtin # OpenSSL engine to use for signing
|
||||
signer_cert = $dir/tsacert.pem # The TSA signing certificate
|
@ -1,91 +0,0 @@
|
||||
diff -up openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_client.c
|
||||
--- openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200
|
||||
+++ openssl-1.1.1-pre8/apps/s_client.c 2018-07-16 18:16:40.070186323 +0200
|
||||
@@ -1681,6 +1681,9 @@ int s_client_main(int argc, char **argv)
|
||||
if (sdebug)
|
||||
ssl_ctx_security_debug(ctx, sdebug);
|
||||
|
||||
+ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
|
||||
+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
|
||||
+
|
||||
if (!config_ctx(cctx, ssl_args, ctx))
|
||||
goto end;
|
||||
|
||||
diff -up openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_server.c
|
||||
--- openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200
|
||||
+++ openssl-1.1.1-pre8/apps/s_server.c 2018-07-16 18:17:17.300055551 +0200
|
||||
@@ -1760,6 +1760,9 @@ int s_server_main(int argc, char *argv[]
|
||||
if (sdebug)
|
||||
ssl_ctx_security_debug(ctx, sdebug);
|
||||
|
||||
+ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
|
||||
+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
|
||||
+
|
||||
if (!config_ctx(cctx, ssl_args, ctx))
|
||||
goto end;
|
||||
|
||||
diff -up openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.1-pre8/ssl/ssl_lib.c
|
||||
--- openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 2018-06-20 16:48:13.000000000 +0200
|
||||
+++ openssl-1.1.1-pre8/ssl/ssl_lib.c 2018-07-16 18:08:20.001487652 +0200
|
||||
@@ -3016,6 +3016,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||
*/
|
||||
ret->options |= SSL_OP_NO_COMPRESSION | SSL_OP_ENABLE_MIDDLEBOX_COMPAT;
|
||||
|
||||
+ if (meth->version != SSL3_VERSION) {
|
||||
+ /*
|
||||
+ * Disable SSLv3 by default. Applications can
|
||||
+ * re-enable it by configuring
|
||||
+ * SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
|
||||
+ * or by using the SSL_CONF API.
|
||||
+ */
|
||||
+ ret->options |= SSL_OP_NO_SSLv3;
|
||||
+ }
|
||||
+
|
||||
ret->ext.status_type = TLSEXT_STATUSTYPE_nothing;
|
||||
|
||||
/*
|
||||
diff -up openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 openssl-1.1.1-pre8/test/ssl_test.c
|
||||
--- openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200
|
||||
+++ openssl-1.1.1-pre8/test/ssl_test.c 2018-07-16 18:18:34.806865121 +0200
|
||||
@@ -443,6 +443,7 @@ static int test_handshake(int idx)
|
||||
SSL_TEST_SERVERNAME_CB_NONE) {
|
||||
if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method())))
|
||||
goto err;
|
||||
+ SSL_CTX_clear_options(server2_ctx, SSL_OP_NO_SSLv3);
|
||||
if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx,
|
||||
TLS_MAX_VERSION)))
|
||||
goto err;
|
||||
@@ -464,6 +465,8 @@ static int test_handshake(int idx)
|
||||
if (!TEST_ptr(resume_server_ctx)
|
||||
|| !TEST_ptr(resume_client_ctx))
|
||||
goto err;
|
||||
+ SSL_CTX_clear_options(resume_server_ctx, SSL_OP_NO_SSLv3);
|
||||
+ SSL_CTX_clear_options(resume_client_ctx, SSL_OP_NO_SSLv3);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -477,6 +480,9 @@ static int test_handshake(int idx)
|
||||
|| !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0))
|
||||
goto err;
|
||||
|
||||
+ SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3);
|
||||
+ SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3);
|
||||
+
|
||||
if (!SSL_CTX_config(server_ctx, "server")
|
||||
|| !SSL_CTX_config(client_ctx, "client")) {
|
||||
goto err;
|
||||
diff -up openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 openssl-1.1.1-pre8/test/ssltest_old.c
|
||||
--- openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200
|
||||
+++ openssl-1.1.1-pre8/test/ssltest_old.c 2018-07-16 18:08:20.002487676 +0200
|
||||
@@ -1358,6 +1358,11 @@ int main(int argc, char *argv[])
|
||||
ERR_print_errors(bio_err);
|
||||
goto end;
|
||||
}
|
||||
+
|
||||
+ SSL_CTX_clear_options(c_ctx, SSL_OP_NO_SSLv3);
|
||||
+ SSL_CTX_clear_options(s_ctx, SSL_OP_NO_SSLv3);
|
||||
+ SSL_CTX_clear_options(s_ctx2, SSL_OP_NO_SSLv3);
|
||||
+
|
||||
/*
|
||||
* Since we will use low security ciphersuites and keys for testing set
|
||||
* security level to zero by default. Tests can override this by adding
|
@ -1,266 +0,0 @@
|
||||
diff -up openssl-1.1.1h/apps/speed.c.curves openssl-1.1.1h/apps/speed.c
|
||||
--- openssl-1.1.1h/apps/speed.c.curves 2020-09-22 14:55:07.000000000 +0200
|
||||
+++ openssl-1.1.1h/apps/speed.c 2020-11-06 13:27:15.659288431 +0100
|
||||
@@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2];
|
||||
#endif /* OPENSSL_NO_RSA */
|
||||
|
||||
enum {
|
||||
- R_EC_P160,
|
||||
- R_EC_P192,
|
||||
R_EC_P224,
|
||||
R_EC_P256,
|
||||
R_EC_P384,
|
||||
R_EC_P521,
|
||||
-#ifndef OPENSSL_NO_EC2M
|
||||
- R_EC_K163,
|
||||
- R_EC_K233,
|
||||
- R_EC_K283,
|
||||
- R_EC_K409,
|
||||
- R_EC_K571,
|
||||
- R_EC_B163,
|
||||
- R_EC_B233,
|
||||
- R_EC_B283,
|
||||
- R_EC_B409,
|
||||
- R_EC_B571,
|
||||
-#endif
|
||||
- R_EC_BRP256R1,
|
||||
- R_EC_BRP256T1,
|
||||
- R_EC_BRP384R1,
|
||||
- R_EC_BRP384T1,
|
||||
- R_EC_BRP512R1,
|
||||
- R_EC_BRP512T1,
|
||||
R_EC_X25519,
|
||||
R_EC_X448
|
||||
};
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static OPT_PAIR ecdsa_choices[] = {
|
||||
- {"ecdsap160", R_EC_P160},
|
||||
- {"ecdsap192", R_EC_P192},
|
||||
{"ecdsap224", R_EC_P224},
|
||||
{"ecdsap256", R_EC_P256},
|
||||
{"ecdsap384", R_EC_P384},
|
||||
{"ecdsap521", R_EC_P521},
|
||||
-# ifndef OPENSSL_NO_EC2M
|
||||
- {"ecdsak163", R_EC_K163},
|
||||
- {"ecdsak233", R_EC_K233},
|
||||
- {"ecdsak283", R_EC_K283},
|
||||
- {"ecdsak409", R_EC_K409},
|
||||
- {"ecdsak571", R_EC_K571},
|
||||
- {"ecdsab163", R_EC_B163},
|
||||
- {"ecdsab233", R_EC_B233},
|
||||
- {"ecdsab283", R_EC_B283},
|
||||
- {"ecdsab409", R_EC_B409},
|
||||
- {"ecdsab571", R_EC_B571},
|
||||
-# endif
|
||||
- {"ecdsabrp256r1", R_EC_BRP256R1},
|
||||
- {"ecdsabrp256t1", R_EC_BRP256T1},
|
||||
- {"ecdsabrp384r1", R_EC_BRP384R1},
|
||||
- {"ecdsabrp384t1", R_EC_BRP384T1},
|
||||
- {"ecdsabrp512r1", R_EC_BRP512R1},
|
||||
- {"ecdsabrp512t1", R_EC_BRP512T1}
|
||||
};
|
||||
# define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
|
||||
|
||||
static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
|
||||
|
||||
static const OPT_PAIR ecdh_choices[] = {
|
||||
- {"ecdhp160", R_EC_P160},
|
||||
- {"ecdhp192", R_EC_P192},
|
||||
{"ecdhp224", R_EC_P224},
|
||||
{"ecdhp256", R_EC_P256},
|
||||
{"ecdhp384", R_EC_P384},
|
||||
{"ecdhp521", R_EC_P521},
|
||||
-# ifndef OPENSSL_NO_EC2M
|
||||
- {"ecdhk163", R_EC_K163},
|
||||
- {"ecdhk233", R_EC_K233},
|
||||
- {"ecdhk283", R_EC_K283},
|
||||
- {"ecdhk409", R_EC_K409},
|
||||
- {"ecdhk571", R_EC_K571},
|
||||
- {"ecdhb163", R_EC_B163},
|
||||
- {"ecdhb233", R_EC_B233},
|
||||
- {"ecdhb283", R_EC_B283},
|
||||
- {"ecdhb409", R_EC_B409},
|
||||
- {"ecdhb571", R_EC_B571},
|
||||
-# endif
|
||||
- {"ecdhbrp256r1", R_EC_BRP256R1},
|
||||
- {"ecdhbrp256t1", R_EC_BRP256T1},
|
||||
- {"ecdhbrp384r1", R_EC_BRP384R1},
|
||||
- {"ecdhbrp384t1", R_EC_BRP384T1},
|
||||
- {"ecdhbrp512r1", R_EC_BRP512R1},
|
||||
- {"ecdhbrp512t1", R_EC_BRP512T1},
|
||||
{"ecdhx25519", R_EC_X25519},
|
||||
{"ecdhx448", R_EC_X448}
|
||||
};
|
||||
@@ -1502,31 +1442,10 @@ int speed_main(int argc, char **argv)
|
||||
unsigned int bits;
|
||||
} test_curves[] = {
|
||||
/* Prime Curves */
|
||||
- {"secp160r1", NID_secp160r1, 160},
|
||||
- {"nistp192", NID_X9_62_prime192v1, 192},
|
||||
{"nistp224", NID_secp224r1, 224},
|
||||
{"nistp256", NID_X9_62_prime256v1, 256},
|
||||
{"nistp384", NID_secp384r1, 384},
|
||||
{"nistp521", NID_secp521r1, 521},
|
||||
-# ifndef OPENSSL_NO_EC2M
|
||||
- /* Binary Curves */
|
||||
- {"nistk163", NID_sect163k1, 163},
|
||||
- {"nistk233", NID_sect233k1, 233},
|
||||
- {"nistk283", NID_sect283k1, 283},
|
||||
- {"nistk409", NID_sect409k1, 409},
|
||||
- {"nistk571", NID_sect571k1, 571},
|
||||
- {"nistb163", NID_sect163r2, 163},
|
||||
- {"nistb233", NID_sect233r1, 233},
|
||||
- {"nistb283", NID_sect283r1, 283},
|
||||
- {"nistb409", NID_sect409r1, 409},
|
||||
- {"nistb571", NID_sect571r1, 571},
|
||||
-# endif
|
||||
- {"brainpoolP256r1", NID_brainpoolP256r1, 256},
|
||||
- {"brainpoolP256t1", NID_brainpoolP256t1, 256},
|
||||
- {"brainpoolP384r1", NID_brainpoolP384r1, 384},
|
||||
- {"brainpoolP384t1", NID_brainpoolP384t1, 384},
|
||||
- {"brainpoolP512r1", NID_brainpoolP512r1, 512},
|
||||
- {"brainpoolP512t1", NID_brainpoolP512t1, 512},
|
||||
/* Other and ECDH only ones */
|
||||
{"X25519", NID_X25519, 253},
|
||||
{"X448", NID_X448, 448}
|
||||
@@ -2026,9 +1945,9 @@ int speed_main(int argc, char **argv)
|
||||
# endif
|
||||
|
||||
# ifndef OPENSSL_NO_EC
|
||||
- ecdsa_c[R_EC_P160][0] = count / 1000;
|
||||
- ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
|
||||
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
||||
+ ecdsa_c[R_EC_P224][0] = count / 1000;
|
||||
+ ecdsa_c[R_EC_P224][1] = count / 1000 / 2;
|
||||
+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
|
||||
ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
|
||||
ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
|
||||
if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
|
||||
@@ -2040,7 +1959,7 @@ int speed_main(int argc, char **argv)
|
||||
}
|
||||
}
|
||||
}
|
||||
-# ifndef OPENSSL_NO_EC2M
|
||||
+# if 0
|
||||
ecdsa_c[R_EC_K163][0] = count / 1000;
|
||||
ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
|
||||
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
||||
@@ -2071,8 +1990,8 @@ int speed_main(int argc, char **argv)
|
||||
}
|
||||
# endif
|
||||
|
||||
- ecdh_c[R_EC_P160][0] = count / 1000;
|
||||
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
||||
+ ecdh_c[R_EC_P224][0] = count / 1000;
|
||||
+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
|
||||
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
||||
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
||||
ecdh_doit[i] = 0;
|
||||
@@ -2082,7 +2001,7 @@ int speed_main(int argc, char **argv)
|
||||
}
|
||||
}
|
||||
}
|
||||
-# ifndef OPENSSL_NO_EC2M
|
||||
+# if 0
|
||||
ecdh_c[R_EC_K163][0] = count / 1000;
|
||||
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
||||
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
||||
diff -up openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves openssl-1.1.1h/crypto/ec/ecp_smpl.c
|
||||
--- openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves 2020-09-22 14:55:07.000000000 +0200
|
||||
+++ openssl-1.1.1h/crypto/ec/ecp_smpl.c 2020-11-06 13:27:15.659288431 +0100
|
||||
@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
|
||||
return 0;
|
||||
}
|
||||
|
||||
+ if (BN_num_bits(p) < 224) {
|
||||
+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
if (ctx == NULL) {
|
||||
ctx = new_ctx = BN_CTX_new();
|
||||
if (ctx == NULL)
|
||||
diff -up openssl-1.1.1h/test/ecdsatest.h.curves openssl-1.1.1h/test/ecdsatest.h
|
||||
--- openssl-1.1.1h/test/ecdsatest.h.curves 2020-11-06 13:27:15.627288114 +0100
|
||||
+++ openssl-1.1.1h/test/ecdsatest.h 2020-11-06 13:27:15.660288441 +0100
|
||||
@@ -32,23 +32,6 @@ typedef struct {
|
||||
} ecdsa_cavs_kat_t;
|
||||
|
||||
static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = {
|
||||
- /* prime KATs from X9.62 */
|
||||
- {NID_X9_62_prime192v1, NID_sha1,
|
||||
- "616263", /* "abc" */
|
||||
- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb",
|
||||
- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e"
|
||||
- "5ca5c0d69716dfcb3474373902",
|
||||
- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e",
|
||||
- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead",
|
||||
- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"},
|
||||
- {NID_X9_62_prime239v1, NID_sha1,
|
||||
- "616263", /* "abc" */
|
||||
- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d",
|
||||
- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e"
|
||||
- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee",
|
||||
- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af",
|
||||
- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0",
|
||||
- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"},
|
||||
/* prime KATs from NIST CAVP */
|
||||
{NID_secp224r1, NID_sha224,
|
||||
"699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1"
|
||||
--- openssl-1.1.1h/test/recipes/15-test_genec.t.ec-curves 2020-11-06 13:58:36.402895540 +0100
|
||||
+++ openssl-1.1.1h/test/recipes/15-test_genec.t 2020-11-06 13:59:38.508484498 +0100
|
||||
@@ -20,45 +20,11 @@ plan skip_all => "This test is unsupport
|
||||
if disabled("ec");
|
||||
|
||||
my @prime_curves = qw(
|
||||
- secp112r1
|
||||
- secp112r2
|
||||
- secp128r1
|
||||
- secp128r2
|
||||
- secp160k1
|
||||
- secp160r1
|
||||
- secp160r2
|
||||
- secp192k1
|
||||
- secp224k1
|
||||
secp224r1
|
||||
secp256k1
|
||||
secp384r1
|
||||
secp521r1
|
||||
- prime192v1
|
||||
- prime192v2
|
||||
- prime192v3
|
||||
- prime239v1
|
||||
- prime239v2
|
||||
- prime239v3
|
||||
prime256v1
|
||||
- wap-wsg-idm-ecid-wtls6
|
||||
- wap-wsg-idm-ecid-wtls7
|
||||
- wap-wsg-idm-ecid-wtls8
|
||||
- wap-wsg-idm-ecid-wtls9
|
||||
- wap-wsg-idm-ecid-wtls12
|
||||
- brainpoolP160r1
|
||||
- brainpoolP160t1
|
||||
- brainpoolP192r1
|
||||
- brainpoolP192t1
|
||||
- brainpoolP224r1
|
||||
- brainpoolP224t1
|
||||
- brainpoolP256r1
|
||||
- brainpoolP256t1
|
||||
- brainpoolP320r1
|
||||
- brainpoolP320t1
|
||||
- brainpoolP384r1
|
||||
- brainpoolP384t1
|
||||
- brainpoolP512r1
|
||||
- brainpoolP512t1
|
||||
);
|
||||
|
||||
my @binary_curves = qw(
|
||||
@@ -115,7 +81,6 @@ push(@other_curves, 'SM2')
|
||||
if !disabled("sm2");
|
||||
|
||||
my @curve_aliases = qw(
|
||||
- P-192
|
||||
P-224
|
||||
P-256
|
||||
P-384
|
@ -1,57 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c
|
||||
--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build 2020-05-18 12:55:53.299548432 +0200
|
||||
+++ openssl-1.1.1g/crypto/evp/pkey_kdf.c 2020-05-18 12:55:53.340548788 +0200
|
||||
@@ -12,6 +12,7 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/kdf.h>
|
||||
+#include "internal/numbers.h"
|
||||
#include "crypto/evp.h"
|
||||
|
||||
static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
||||
diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c
|
||||
--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build 2020-05-18 12:55:53.340548788 +0200
|
||||
+++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:57:18.648288904 +0200
|
||||
@@ -13,6 +13,7 @@
|
||||
#include <openssl/hmac.h>
|
||||
#include <openssl/kdf.h>
|
||||
#include <openssl/evp.h>
|
||||
+#include "internal/numbers.h"
|
||||
#include "internal/cryptlib.h"
|
||||
#include "crypto/evp.h"
|
||||
#include "kdf_local.h"
|
||||
diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c
|
||||
--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build 2020-05-18 12:56:05.646655554 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-18 12:58:51.088090896 +0200
|
||||
@@ -20,7 +20,7 @@
|
||||
#include "crypto/fips.h"
|
||||
#include <stdio.h>
|
||||
#include "internal/dso.h"
|
||||
-#ifdef __linux
|
||||
+#if defined(__linux) && !defined(OPENSSL_SYS_UEFI)
|
||||
# include <sys/syscall.h>
|
||||
# include <sys/random.h>
|
||||
# ifdef DEVRANDOM_WAIT
|
||||
diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h
|
||||
--- openssl-1.1.1g/include/crypto/fips.h.edk2-build 2020-05-18 12:55:53.296548406 +0200
|
||||
+++ openssl-1.1.1g/include/crypto/fips.h 2020-05-18 12:55:53.340548788 +0200
|
||||
@@ -50,10 +50,6 @@
|
||||
#include <openssl/opensslconf.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
-#ifndef OPENSSL_FIPS
|
||||
-# error FIPS is disabled.
|
||||
-#endif
|
||||
-
|
||||
#ifdef OPENSSL_FIPS
|
||||
|
||||
int FIPS_module_mode_set(int onoff);
|
||||
@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void);
|
||||
|
||||
void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
|
||||
|
||||
+#else
|
||||
+
|
||||
+# define fips_in_post() 0
|
||||
+
|
||||
#endif
|
File diff suppressed because it is too large
Load Diff
@ -1,408 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/rand/build.info.crng-test openssl-1.1.1g/crypto/rand/build.info
|
||||
--- openssl-1.1.1g/crypto/rand/build.info.crng-test 2020-04-23 13:30:45.863389837 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:31:55.847069892 +0200
|
||||
@@ -1,6 +1,6 @@
|
||||
LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]=\
|
||||
- randfile.c rand_lib.c rand_err.c rand_egd.c \
|
||||
+ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
||||
rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
||||
|
||||
INCLUDE[drbg_ctr.o]=../modes
|
||||
diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c
|
||||
--- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test 2020-04-23 13:30:45.818390686 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/drbg_lib.c 2020-04-23 13:30:45.864389819 +0200
|
||||
@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg;
|
||||
|
||||
|
||||
/* NIST SP 800-90A DRBG recommends the use of a personalization string. */
|
||||
-static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG";
|
||||
+static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING;
|
||||
|
||||
static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT;
|
||||
|
||||
@@ -201,8 +201,13 @@ static RAND_DRBG *rand_drbg_new(int secu
|
||||
drbg->parent = parent;
|
||||
|
||||
if (parent == NULL) {
|
||||
+#ifdef OPENSSL_FIPS
|
||||
+ drbg->get_entropy = rand_crngt_get_entropy;
|
||||
+ drbg->cleanup_entropy = rand_crngt_cleanup_entropy;
|
||||
+#else
|
||||
drbg->get_entropy = rand_drbg_get_entropy;
|
||||
drbg->cleanup_entropy = rand_drbg_cleanup_entropy;
|
||||
+#endif
|
||||
#ifndef RAND_DRBG_GET_RANDOM_NONCE
|
||||
drbg->get_nonce = rand_drbg_get_nonce;
|
||||
drbg->cleanup_nonce = rand_drbg_cleanup_nonce;
|
||||
diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c
|
||||
--- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test 2020-04-23 13:30:45.864389819 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/rand_crng_test.c 2020-04-23 13:30:45.864389819 +0200
|
||||
@@ -0,0 +1,118 @@
|
||||
+/*
|
||||
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||
+ *
|
||||
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
+ * this file except in compliance with the License. You can obtain a copy
|
||||
+ * in the file LICENSE in the source distribution or at
|
||||
+ * https://www.openssl.org/source/license.html
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * Implementation of the FIPS 140-2 section 4.9.2 Conditional Tests.
|
||||
+ */
|
||||
+
|
||||
+#include <string.h>
|
||||
+#include <openssl/evp.h>
|
||||
+#include "crypto/rand.h"
|
||||
+#include "internal/thread_once.h"
|
||||
+#include "rand_local.h"
|
||||
+
|
||||
+static RAND_POOL *crngt_pool;
|
||||
+static unsigned char crngt_prev[EVP_MAX_MD_SIZE];
|
||||
+
|
||||
+int (*crngt_get_entropy)(unsigned char *, unsigned char *, unsigned int *)
|
||||
+ = &rand_crngt_get_entropy_cb;
|
||||
+
|
||||
+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
|
||||
+ unsigned int *md_size)
|
||||
+{
|
||||
+ int r;
|
||||
+ size_t n;
|
||||
+ unsigned char *p;
|
||||
+
|
||||
+ n = rand_pool_acquire_entropy(crngt_pool);
|
||||
+ if (n >= CRNGT_BUFSIZ) {
|
||||
+ p = rand_pool_detach(crngt_pool);
|
||||
+ r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
|
||||
+ if (r != 0)
|
||||
+ memcpy(buf, p, CRNGT_BUFSIZ);
|
||||
+ rand_pool_reattach(crngt_pool, p);
|
||||
+ return r;
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+void rand_crngt_cleanup(void)
|
||||
+{
|
||||
+ rand_pool_free(crngt_pool);
|
||||
+ crngt_pool = NULL;
|
||||
+}
|
||||
+
|
||||
+int rand_crngt_init(void)
|
||||
+{
|
||||
+ unsigned char buf[CRNGT_BUFSIZ];
|
||||
+
|
||||
+ if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL)
|
||||
+ return 0;
|
||||
+ if (crngt_get_entropy(buf, crngt_prev, NULL)) {
|
||||
+ OPENSSL_cleanse(buf, sizeof(buf));
|
||||
+ return 1;
|
||||
+ }
|
||||
+ rand_crngt_cleanup();
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static CRYPTO_ONCE rand_crngt_init_flag = CRYPTO_ONCE_STATIC_INIT;
|
||||
+DEFINE_RUN_ONCE_STATIC(do_rand_crngt_init)
|
||||
+{
|
||||
+ return OPENSSL_init_crypto(0, NULL)
|
||||
+ && rand_crngt_init()
|
||||
+ && OPENSSL_atexit(&rand_crngt_cleanup);
|
||||
+}
|
||||
+
|
||||
+int rand_crngt_single_init(void)
|
||||
+{
|
||||
+ return RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init);
|
||||
+}
|
||||
+
|
||||
+size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
|
||||
+ unsigned char **pout,
|
||||
+ int entropy, size_t min_len, size_t max_len,
|
||||
+ int prediction_resistance)
|
||||
+{
|
||||
+ unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE];
|
||||
+ unsigned int sz;
|
||||
+ RAND_POOL *pool;
|
||||
+ size_t q, r = 0, s, t = 0;
|
||||
+ int attempts = 3;
|
||||
+
|
||||
+ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init))
|
||||
+ return 0;
|
||||
+
|
||||
+ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) {
|
||||
+ s = q > sizeof(buf) ? sizeof(buf) : q;
|
||||
+ if (!crngt_get_entropy(buf, md, &sz)
|
||||
+ || memcmp(crngt_prev, md, sz) == 0
|
||||
+ || !rand_pool_add(pool, buf, s, s * 8))
|
||||
+ goto err;
|
||||
+ memcpy(crngt_prev, md, sz);
|
||||
+ t += s;
|
||||
+ attempts++;
|
||||
+ }
|
||||
+ r = t;
|
||||
+ *pout = rand_pool_detach(pool);
|
||||
+err:
|
||||
+ OPENSSL_cleanse(buf, sizeof(buf));
|
||||
+ rand_pool_free(pool);
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
|
||||
+ unsigned char *out, size_t outlen)
|
||||
+{
|
||||
+ OPENSSL_secure_clear_free(out, outlen);
|
||||
+}
|
||||
diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h
|
||||
--- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test 2020-04-23 13:30:45.470397250 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/rand_local.h 2020-04-23 13:30:45.864389819 +0200
|
||||
@@ -33,7 +33,15 @@
|
||||
# define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */
|
||||
# define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */
|
||||
|
||||
-
|
||||
+/*
|
||||
+ * The number of bytes that constitutes an atomic lump of entropy with respect
|
||||
+ * to the FIPS 140-2 section 4.9.2 Conditional Tests. The size is somewhat
|
||||
+ * arbitrary, the smaller the value, the less entropy is consumed on first
|
||||
+ * read but the higher the probability of the test failing by accident.
|
||||
+ *
|
||||
+ * The value is in bytes.
|
||||
+ */
|
||||
+#define CRNGT_BUFSIZ 16
|
||||
|
||||
/*
|
||||
* Maximum input size for the DRBG (entropy, nonce, personalization string)
|
||||
@@ -44,6 +52,8 @@
|
||||
*/
|
||||
# define DRBG_MAX_LENGTH INT32_MAX
|
||||
|
||||
+/* The default nonce */
|
||||
+# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG"
|
||||
|
||||
/*
|
||||
* Maximum allocation size for RANDOM_POOL buffers
|
||||
@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG *
|
||||
/* initializes the AES-CTR DRBG implementation */
|
||||
int drbg_ctr_init(RAND_DRBG *drbg);
|
||||
|
||||
+/*
|
||||
+ * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests.
|
||||
+ * These need to be exposed for the unit tests.
|
||||
+ */
|
||||
+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
|
||||
+ unsigned int *md_size);
|
||||
+extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md,
|
||||
+ unsigned int *md_size);
|
||||
+int rand_crngt_init(void);
|
||||
+void rand_crngt_cleanup(void);
|
||||
+
|
||||
+/*
|
||||
+ * Expose the run once initialisation function for the unit tests because.
|
||||
+ * they need to restart from scratch to validate the first block is skipped
|
||||
+ * properly.
|
||||
+ */
|
||||
+int rand_crngt_single_init(void);
|
||||
+
|
||||
#endif
|
||||
diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h
|
||||
--- openssl-1.1.1g/include/crypto/rand.h.crng-test 2020-04-23 13:30:45.824390573 +0200
|
||||
+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:30:45.864389819 +0200
|
||||
@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN
|
||||
|
||||
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
|
||||
|
||||
+/* CRNG test entropy filter callbacks. */
|
||||
+size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
|
||||
+ unsigned char **pout,
|
||||
+ int entropy, size_t min_len, size_t max_len,
|
||||
+ int prediction_resistance);
|
||||
+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
|
||||
+ unsigned char *out, size_t outlen);
|
||||
+
|
||||
/*
|
||||
* RAND_POOL functions
|
||||
*/
|
||||
diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c
|
||||
--- openssl-1.1.1g/test/drbgtest.c.crng-test 2020-04-21 14:22:39.000000000 +0200
|
||||
+++ openssl-1.1.1g/test/drbgtest.c 2020-04-23 13:30:45.865389800 +0200
|
||||
@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg,
|
||||
return t->noncelen;
|
||||
}
|
||||
|
||||
+ /*
|
||||
+ * Disable CRNG testing if it is enabled.
|
||||
+ * If the DRBG is ready or in an error state, this means an instantiate cycle
|
||||
+ * for which the default personalisation string is used.
|
||||
+ */
|
||||
+static int disable_crngt(RAND_DRBG *drbg)
|
||||
+{
|
||||
+ static const char pers[] = DRBG_DEFAULT_PERS_STRING;
|
||||
+ const int instantiate = drbg->state != DRBG_UNINITIALISED;
|
||||
+
|
||||
+ if (drbg->get_entropy != rand_crngt_get_entropy)
|
||||
+ return 1;
|
||||
+
|
||||
+ if ((instantiate && !RAND_DRBG_uninstantiate(drbg))
|
||||
+ || !TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_drbg_get_entropy,
|
||||
+ &rand_drbg_cleanup_entropy,
|
||||
+ &rand_drbg_get_nonce,
|
||||
+ &rand_drbg_cleanup_nonce))
|
||||
+ || (instantiate
|
||||
+ && !RAND_DRBG_instantiate(drbg, (const unsigned char *)pers,
|
||||
+ sizeof(pers) - 1)))
|
||||
+ return 0;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
static int uninstantiate(RAND_DRBG *drbg)
|
||||
{
|
||||
int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg);
|
||||
@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA
|
||||
if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
|
||||
return 0;
|
||||
if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||
- kat_nonce, NULL))) {
|
||||
+ kat_nonce, NULL))
|
||||
+ || !TEST_true(disable_crngt(drbg))) {
|
||||
failures++;
|
||||
goto err;
|
||||
}
|
||||
@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT
|
||||
unsigned int reseed_counter_tmp;
|
||||
int ret = 0;
|
||||
|
||||
- if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)))
|
||||
+ if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))
|
||||
+ || !TEST_true(disable_crngt(drbg)))
|
||||
goto err;
|
||||
|
||||
/*
|
||||
@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void)
|
||||
|| !TEST_ptr_eq(private->parent, master))
|
||||
return 0;
|
||||
|
||||
+ /* Disable CRNG testing for the master DRBG */
|
||||
+ if (!TEST_true(disable_crngt(master)))
|
||||
+ return 0;
|
||||
+
|
||||
/* uninstantiate the three global DRBGs */
|
||||
RAND_DRBG_uninstantiate(private);
|
||||
RAND_DRBG_uninstantiate(public);
|
||||
@@ -964,7 +995,8 @@ static int test_rand_seed(void)
|
||||
size_t rand_buflen;
|
||||
size_t required_seed_buflen = 0;
|
||||
|
||||
- if (!TEST_ptr(master = RAND_DRBG_get0_master()))
|
||||
+ if (!TEST_ptr(master = RAND_DRBG_get0_master())
|
||||
+ || !TEST_true(disable_crngt(master)))
|
||||
return 0;
|
||||
|
||||
#ifdef OPENSSL_RAND_SEED_NONE
|
||||
@@ -1013,6 +1045,95 @@ static int test_rand_add(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
+/*
|
||||
+ * A list of the FIPS DRGB types.
|
||||
+ */
|
||||
+static const struct s_drgb_types {
|
||||
+ int nid;
|
||||
+ int flags;
|
||||
+} drgb_types[] = {
|
||||
+ { NID_aes_128_ctr, 0 },
|
||||
+ { NID_aes_192_ctr, 0 },
|
||||
+ { NID_aes_256_ctr, 0 },
|
||||
+};
|
||||
+
|
||||
+/* Six cases for each covers seed sizes up to 32 bytes */
|
||||
+static const size_t crngt_num_cases = 6;
|
||||
+
|
||||
+static size_t crngt_case, crngt_idx;
|
||||
+
|
||||
+static int crngt_entropy_cb(unsigned char *buf, unsigned char *md,
|
||||
+ unsigned int *md_size)
|
||||
+{
|
||||
+ size_t i, z;
|
||||
+
|
||||
+ if (!TEST_int_lt(crngt_idx, crngt_num_cases))
|
||||
+ return 0;
|
||||
+ /* Generate a block of unique data unless this is the duplication point */
|
||||
+ z = crngt_idx++;
|
||||
+ if (z > 0 && crngt_case == z)
|
||||
+ z--;
|
||||
+ for (i = 0; i < CRNGT_BUFSIZ; i++)
|
||||
+ buf[i] = (unsigned char)(i + 'A' + z);
|
||||
+ return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
|
||||
+}
|
||||
+
|
||||
+static int test_crngt(int n)
|
||||
+{
|
||||
+ const struct s_drgb_types *dt = drgb_types + n / crngt_num_cases;
|
||||
+ RAND_DRBG *drbg = NULL;
|
||||
+ unsigned char buff[100];
|
||||
+ size_t ent;
|
||||
+ int res = 0;
|
||||
+ int expect;
|
||||
+
|
||||
+ if (!TEST_true(rand_crngt_single_init()))
|
||||
+ return 0;
|
||||
+ rand_crngt_cleanup();
|
||||
+
|
||||
+ if (!TEST_ptr(drbg = RAND_DRBG_new(dt->nid, dt->flags, NULL)))
|
||||
+ return 0;
|
||||
+ ent = (drbg->min_entropylen + CRNGT_BUFSIZ - 1) / CRNGT_BUFSIZ;
|
||||
+ crngt_case = n % crngt_num_cases;
|
||||
+ crngt_idx = 0;
|
||||
+ crngt_get_entropy = &crngt_entropy_cb;
|
||||
+ if (!TEST_true(rand_crngt_init()))
|
||||
+ goto err;
|
||||
+#ifndef OPENSSL_FIPS
|
||||
+ if (!TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_crngt_get_entropy,
|
||||
+ &rand_crngt_cleanup_entropy,
|
||||
+ &rand_drbg_get_nonce,
|
||||
+ &rand_drbg_cleanup_nonce)))
|
||||
+ goto err;
|
||||
+#endif
|
||||
+ expect = crngt_case == 0 || crngt_case > ent;
|
||||
+ if (!TEST_int_eq(RAND_DRBG_instantiate(drbg, NULL, 0), expect))
|
||||
+ goto err;
|
||||
+ if (!expect)
|
||||
+ goto fin;
|
||||
+ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0)))
|
||||
+ goto err;
|
||||
+
|
||||
+ expect = crngt_case == 0 || crngt_case > 2 * ent;
|
||||
+ if (!TEST_int_eq(RAND_DRBG_reseed(drbg, NULL, 0, 0), expect))
|
||||
+ goto err;
|
||||
+ if (!expect)
|
||||
+ goto fin;
|
||||
+ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0)))
|
||||
+ goto err;
|
||||
+
|
||||
+fin:
|
||||
+ res = 1;
|
||||
+err:
|
||||
+ if (!res)
|
||||
+ TEST_note("DRBG %zd case %zd block %zd", n / crngt_num_cases,
|
||||
+ crngt_case, crngt_idx);
|
||||
+ uninstantiate(drbg);
|
||||
+ RAND_DRBG_free(drbg);
|
||||
+ crngt_get_entropy = &rand_crngt_get_entropy_cb;
|
||||
+ return res;
|
||||
+}
|
||||
+
|
||||
int setup_tests(void)
|
||||
{
|
||||
app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
|
||||
@@ -1025,5 +1146,6 @@ int setup_tests(void)
|
||||
#if defined(OPENSSL_THREADS)
|
||||
ADD_TEST(test_multi_thread);
|
||||
#endif
|
||||
+ ADD_ALL_TESTS(test_crngt, crngt_num_cases * OSSL_NELEM(drgb_types));
|
||||
return 1;
|
||||
}
|
@ -1,200 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c
|
||||
--- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves 2020-05-18 12:59:54.839643980 +0200
|
||||
+++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:59:54.852644093 +0200
|
||||
@@ -13,6 +13,7 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/obj_mac.h>
|
||||
#include <openssl/opensslconf.h>
|
||||
+#include <openssl/crypto.h>
|
||||
#include "internal/nelem.h"
|
||||
|
||||
typedef struct {
|
||||
@@ -237,6 +238,7 @@ static const struct {
|
||||
|
||||
typedef struct _ec_list_element_st {
|
||||
int nid;
|
||||
+ int fips_allowed;
|
||||
const EC_CURVE_DATA *data;
|
||||
const EC_METHOD *(*meth) (void);
|
||||
const char *comment;
|
||||
@@ -246,23 +248,23 @@ static const ec_list_element curve_list[
|
||||
/* prime field curves */
|
||||
/* secg curves */
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
- {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||
+ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
#else
|
||||
- {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
|
||||
+ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, 0,
|
||||
"NIST/SECG curve over a 224 bit prime field"},
|
||||
#endif
|
||||
- {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||
+ {NID_secp256k1, 0, &_EC_SECG_PRIME_256K1.h, 0,
|
||||
"SECG curve over a 256 bit prime field"},
|
||||
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||
- {NID_secp384r1, &_EC_NIST_PRIME_384.h,
|
||||
+ {NID_secp384r1, 1, &_EC_NIST_PRIME_384.h,
|
||||
# if defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp384_method,
|
||||
# else
|
||||
0,
|
||||
# endif
|
||||
"NIST/SECG curve over a 384 bit prime field"},
|
||||
- {NID_secp521r1, &_EC_NIST_PRIME_521.h,
|
||||
+ {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h,
|
||||
# if defined(S390X_EC_ASM)
|
||||
EC_GFp_s390x_nistp521_method,
|
||||
# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||
@@ -272,7 +274,7 @@ static const ec_list_element curve_list[
|
||||
# endif
|
||||
"NIST/SECG curve over a 521 bit prime field"},
|
||||
/* X9.62 curves */
|
||||
- {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
|
||||
+ {NID_X9_62_prime256v1, 1, &_EC_X9_62_PRIME_256V1.h,
|
||||
#if defined(ECP_NISTZ256_ASM)
|
||||
EC_GFp_nistz256_method,
|
||||
# elif defined(S390X_EC_ASM)
|
||||
@@ -404,6 +406,10 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int
|
||||
|
||||
for (i = 0; i < curve_list_length; i++)
|
||||
if (curve_list[i].nid == nid) {
|
||||
+ if (!curve_list[i].fips_allowed && FIPS_mode()) {
|
||||
+ ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_NOT_A_NIST_PRIME);
|
||||
+ return NULL;
|
||||
+ }
|
||||
ret = ec_group_new_from_data(curve_list[i]);
|
||||
break;
|
||||
}
|
||||
@@ -418,19 +424,31 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int
|
||||
|
||||
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
|
||||
{
|
||||
- size_t i, min;
|
||||
+ size_t i, j, num;
|
||||
+ int fips_mode = FIPS_mode();
|
||||
|
||||
- if (r == NULL || nitems == 0)
|
||||
- return curve_list_length;
|
||||
+ num = curve_list_length;
|
||||
+ if (fips_mode)
|
||||
+ for (i = 0; i < curve_list_length; i++) {
|
||||
+ if (!curve_list[i].fips_allowed)
|
||||
+ --num;
|
||||
+ }
|
||||
|
||||
- min = nitems < curve_list_length ? nitems : curve_list_length;
|
||||
+ if (r == NULL || nitems == 0) {
|
||||
+ return num;
|
||||
+ }
|
||||
|
||||
- for (i = 0; i < min; i++) {
|
||||
- r[i].nid = curve_list[i].nid;
|
||||
- r[i].comment = curve_list[i].comment;
|
||||
+ for (i = 0, j = 0; i < curve_list_length; i++) {
|
||||
+ if (j >= nitems)
|
||||
+ break;
|
||||
+ if (!fips_mode || curve_list[i].fips_allowed) {
|
||||
+ r[j].nid = curve_list[i].nid;
|
||||
+ r[j].comment = curve_list[i].comment;
|
||||
+ ++j;
|
||||
+ }
|
||||
}
|
||||
|
||||
- return curve_list_length;
|
||||
+ return num;
|
||||
}
|
||||
|
||||
/* Functions to translate between common NIST curve names and NIDs */
|
||||
diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c
|
||||
--- openssl-1.1.1g/ssl/t1_lib.c.fips-curves 2020-05-18 12:59:54.797643616 +0200
|
||||
+++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-18 13:03:54.748725463 +0200
|
||||
@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] =
|
||||
#endif
|
||||
};
|
||||
|
||||
+static const uint16_t tls12_fips_sigalgs[] = {
|
||||
+#ifndef OPENSSL_NO_EC
|
||||
+ TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
|
||||
+ TLSEXT_SIGALG_ecdsa_secp384r1_sha384,
|
||||
+ TLSEXT_SIGALG_ecdsa_secp521r1_sha512,
|
||||
+#endif
|
||||
+
|
||||
+ TLSEXT_SIGALG_rsa_pss_pss_sha256,
|
||||
+ TLSEXT_SIGALG_rsa_pss_pss_sha384,
|
||||
+ TLSEXT_SIGALG_rsa_pss_pss_sha512,
|
||||
+ TLSEXT_SIGALG_rsa_pss_rsae_sha256,
|
||||
+ TLSEXT_SIGALG_rsa_pss_rsae_sha384,
|
||||
+ TLSEXT_SIGALG_rsa_pss_rsae_sha512,
|
||||
+
|
||||
+ TLSEXT_SIGALG_rsa_pkcs1_sha256,
|
||||
+ TLSEXT_SIGALG_rsa_pkcs1_sha384,
|
||||
+ TLSEXT_SIGALG_rsa_pkcs1_sha512,
|
||||
+
|
||||
+#ifndef OPENSSL_NO_EC
|
||||
+ TLSEXT_SIGALG_ecdsa_sha224,
|
||||
+#endif
|
||||
+ TLSEXT_SIGALG_rsa_pkcs1_sha224,
|
||||
+#ifndef OPENSSL_NO_DSA
|
||||
+ TLSEXT_SIGALG_dsa_sha224,
|
||||
+ TLSEXT_SIGALG_dsa_sha256,
|
||||
+ TLSEXT_SIGALG_dsa_sha384,
|
||||
+ TLSEXT_SIGALG_dsa_sha512,
|
||||
+#endif
|
||||
+};
|
||||
+
|
||||
#ifndef OPENSSL_NO_EC
|
||||
static const uint16_t suiteb_sigalgs[] = {
|
||||
TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
|
||||
@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg
|
||||
}
|
||||
if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg))
|
||||
return NULL;
|
||||
+ if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */
|
||||
+ return NULL;
|
||||
if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
|
||||
const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
|
||||
|
||||
@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se
|
||||
} else if (s->cert->conf_sigalgs) {
|
||||
*psigs = s->cert->conf_sigalgs;
|
||||
return s->cert->conf_sigalgslen;
|
||||
+ } else if (FIPS_mode()) {
|
||||
+ *psigs = tls12_fips_sigalgs;
|
||||
+ return OSSL_NELEM(tls12_fips_sigalgs);
|
||||
} else {
|
||||
*psigs = tls12_sigalgs;
|
||||
return OSSL_NELEM(tls12_sigalgs);
|
||||
@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s,
|
||||
if (s->cert->conf_sigalgs) {
|
||||
sigs = s->cert->conf_sigalgs;
|
||||
siglen = s->cert->conf_sigalgslen;
|
||||
+ } else if (FIPS_mode()) {
|
||||
+ sigs = tls12_fips_sigalgs;
|
||||
+ siglen = OSSL_NELEM(tls12_fips_sigalgs);
|
||||
} else {
|
||||
sigs = tls12_sigalgs;
|
||||
siglen = OSSL_NELEM(tls12_sigalgs);
|
||||
@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS
|
||||
if (lu->sig == NID_id_GostR3410_2012_256
|
||||
|| lu->sig == NID_id_GostR3410_2012_512
|
||||
|| lu->sig == NID_id_GostR3410_2001) {
|
||||
+ if (FIPS_mode())
|
||||
+ return 0;
|
||||
/* We never allow GOST sig algs on the server with TLSv1.3 */
|
||||
if (s->server && SSL_IS_TLS13(s))
|
||||
return 0;
|
||||
@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale
|
||||
const uint16_t *sent_sigs;
|
||||
size_t sent_sigslen;
|
||||
|
||||
+ if (fatalerrs && FIPS_mode()) {
|
||||
+ /* There are no suitable legacy algorithms in FIPS mode */
|
||||
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
|
||||
+ SSL_F_TLS_CHOOSE_SIGALG,
|
||||
+ SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
|
||||
+ return 0;
|
||||
+ }
|
||||
if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) {
|
||||
if (!fatalerrs)
|
||||
return 1;
|
File diff suppressed because it is too large
Load Diff
@ -1,587 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest 2020-04-23 13:33:12.500624151 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-04-23 13:33:12.618621925 +0200
|
||||
@@ -67,12 +67,18 @@
|
||||
|
||||
# include <openssl/fips.h>
|
||||
# include "crypto/fips.h"
|
||||
+# include "crypto/rand.h"
|
||||
# include "fips_locl.h"
|
||||
|
||||
/* Run all selftests */
|
||||
int FIPS_selftest(void)
|
||||
{
|
||||
int rv = 1;
|
||||
+ if (!rand_drbg_selftest()) {
|
||||
+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE);
|
||||
+ ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
|
||||
+ rv = 0;
|
||||
+ }
|
||||
if (!FIPS_selftest_drbg())
|
||||
rv = 0;
|
||||
if (!FIPS_selftest_sha1())
|
||||
diff -up openssl-1.1.1g/crypto/rand/build.info.drbg-selftest openssl-1.1.1g/crypto/rand/build.info
|
||||
--- openssl-1.1.1g/crypto/rand/build.info.drbg-selftest 2020-04-23 13:33:12.619621907 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:34:10.857523497 +0200
|
||||
@@ -1,6 +1,6 @@
|
||||
LIBS=../../libcrypto
|
||||
SOURCE[../../libcrypto]=\
|
||||
randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
||||
- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
||||
+ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c
|
||||
|
||||
INCLUDE[drbg_ctr.o]=../modes
|
||||
diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c
|
||||
--- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest 2020-04-23 13:33:12.619621907 +0200
|
||||
+++ openssl-1.1.1g/crypto/rand/drbg_selftest.c 2020-04-23 13:33:12.619621907 +0200
|
||||
@@ -0,0 +1,537 @@
|
||||
+/*
|
||||
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+ *
|
||||
+ * Licensed under the OpenSSL license (the "License"). You may not use
|
||||
+ * this file except in compliance with the License. You can obtain a copy
|
||||
+ * in the file LICENSE in the source distribution or at
|
||||
+ * https://www.openssl.org/source/license.html
|
||||
+ */
|
||||
+
|
||||
+#include <string.h>
|
||||
+#include <stddef.h>
|
||||
+#include "internal/nelem.h"
|
||||
+#include <openssl/crypto.h>
|
||||
+#include <openssl/err.h>
|
||||
+#include <openssl/rand_drbg.h>
|
||||
+#include <openssl/obj_mac.h>
|
||||
+#include "internal/thread_once.h"
|
||||
+#include "crypto/rand.h"
|
||||
+
|
||||
+typedef struct test_ctx_st {
|
||||
+ const unsigned char *entropy;
|
||||
+ size_t entropylen;
|
||||
+ int entropycnt;
|
||||
+ const unsigned char *nonce;
|
||||
+ size_t noncelen;
|
||||
+ int noncecnt;
|
||||
+} TEST_CTX;
|
||||
+
|
||||
+static int app_data_index = -1;
|
||||
+static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT;
|
||||
+DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init)
|
||||
+{
|
||||
+ app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+enum drbg_kat_type {
|
||||
+ NO_RESEED,
|
||||
+ PR_FALSE,
|
||||
+ PR_TRUE
|
||||
+};
|
||||
+
|
||||
+enum drbg_df {
|
||||
+ USE_DF,
|
||||
+ NO_DF,
|
||||
+ NA
|
||||
+};
|
||||
+
|
||||
+struct drbg_kat_no_reseed {
|
||||
+ size_t count;
|
||||
+ const unsigned char *entropyin;
|
||||
+ const unsigned char *nonce;
|
||||
+ const unsigned char *persstr;
|
||||
+ const unsigned char *addin1;
|
||||
+ const unsigned char *addin2;
|
||||
+ const unsigned char *retbytes;
|
||||
+};
|
||||
+
|
||||
+struct drbg_kat_pr_false {
|
||||
+ size_t count;
|
||||
+ const unsigned char *entropyin;
|
||||
+ const unsigned char *nonce;
|
||||
+ const unsigned char *persstr;
|
||||
+ const unsigned char *entropyinreseed;
|
||||
+ const unsigned char *addinreseed;
|
||||
+ const unsigned char *addin1;
|
||||
+ const unsigned char *addin2;
|
||||
+ const unsigned char *retbytes;
|
||||
+};
|
||||
+
|
||||
+struct drbg_kat_pr_true {
|
||||
+ size_t count;
|
||||
+ const unsigned char *entropyin;
|
||||
+ const unsigned char *nonce;
|
||||
+ const unsigned char *persstr;
|
||||
+ const unsigned char *entropyinpr1;
|
||||
+ const unsigned char *addin1;
|
||||
+ const unsigned char *entropyinpr2;
|
||||
+ const unsigned char *addin2;
|
||||
+ const unsigned char *retbytes;
|
||||
+};
|
||||
+
|
||||
+struct drbg_kat {
|
||||
+ enum drbg_kat_type type;
|
||||
+ enum drbg_df df;
|
||||
+ int nid;
|
||||
+
|
||||
+ size_t entropyinlen;
|
||||
+ size_t noncelen;
|
||||
+ size_t persstrlen;
|
||||
+ size_t addinlen;
|
||||
+ size_t retbyteslen;
|
||||
+
|
||||
+ const void *t;
|
||||
+};
|
||||
+
|
||||
+/*
|
||||
+ * Excerpt from test/drbg_cavs_data.c
|
||||
+ * DRBG test vectors from:
|
||||
+ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/
|
||||
+ */
|
||||
+
|
||||
+static const unsigned char kat1308_entropyin[] = {
|
||||
+ 0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c,
|
||||
+ 0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7,
|
||||
+ 0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97,
|
||||
+ 0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52,
|
||||
+};
|
||||
+static const unsigned char kat1308_nonce[] = {0};
|
||||
+static const unsigned char kat1308_persstr[] = {
|
||||
+ 0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2,
|
||||
+ 0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39,
|
||||
+ 0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45,
|
||||
+ 0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3,
|
||||
+};
|
||||
+static const unsigned char kat1308_addin0[] = {
|
||||
+ 0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e,
|
||||
+ 0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a,
|
||||
+ 0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a,
|
||||
+ 0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c,
|
||||
+};
|
||||
+static const unsigned char kat1308_addin1[] = {
|
||||
+ 0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19,
|
||||
+ 0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a,
|
||||
+ 0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e,
|
||||
+ 0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4,
|
||||
+};
|
||||
+static const unsigned char kat1308_retbits[] = {
|
||||
+ 0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2,
|
||||
+ 0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92,
|
||||
+ 0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f,
|
||||
+ 0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63,
|
||||
+ 0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53,
|
||||
+ 0x26, 0x32, 0xd0, 0xb8,
|
||||
+};
|
||||
+static const struct drbg_kat_no_reseed kat1308_t = {
|
||||
+ 2, kat1308_entropyin, kat1308_nonce, kat1308_persstr,
|
||||
+ kat1308_addin0, kat1308_addin1, kat1308_retbits
|
||||
+};
|
||||
+static const struct drbg_kat kat1308 = {
|
||||
+ NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t
|
||||
+};
|
||||
+
|
||||
+static const unsigned char kat1465_entropyin[] = {
|
||||
+ 0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64,
|
||||
+ 0x87, 0xbe, 0xaa, 0xc0,
|
||||
+};
|
||||
+static const unsigned char kat1465_nonce[] = {
|
||||
+ 0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85,
|
||||
+};
|
||||
+static const unsigned char kat1465_persstr[] = {0};
|
||||
+static const unsigned char kat1465_entropyinreseed[] = {
|
||||
+ 0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5,
|
||||
+ 0x1f, 0x4b, 0x7b, 0x51,
|
||||
+};
|
||||
+static const unsigned char kat1465_addinreseed[] = {
|
||||
+ 0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12,
|
||||
+ 0x61, 0x9f, 0x26, 0x5f,
|
||||
+};
|
||||
+static const unsigned char kat1465_addin0[] = {
|
||||
+ 0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6,
|
||||
+ 0x10, 0x5a, 0x73, 0x9c,
|
||||
+};
|
||||
+static const unsigned char kat1465_addin1[] = {
|
||||
+ 0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18,
|
||||
+ 0x47, 0x99, 0x1f, 0xeb,
|
||||
+};
|
||||
+static const unsigned char kat1465_retbits[] = {
|
||||
+ 0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d,
|
||||
+ 0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb,
|
||||
+ 0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52,
|
||||
+ 0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e,
|
||||
+ 0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41,
|
||||
+ 0x58, 0xdb, 0x27, 0xba,
|
||||
+};
|
||||
+static const struct drbg_kat_pr_false kat1465_t = {
|
||||
+ 9, kat1465_entropyin, kat1465_nonce, kat1465_persstr,
|
||||
+ kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0,
|
||||
+ kat1465_addin1, kat1465_retbits
|
||||
+};
|
||||
+static const struct drbg_kat kat1465 = {
|
||||
+ PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t
|
||||
+};
|
||||
+
|
||||
+static const unsigned char kat3146_entropyin[] = {
|
||||
+ 0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3,
|
||||
+ 0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4,
|
||||
+};
|
||||
+static const unsigned char kat3146_nonce[] = {
|
||||
+ 0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3,
|
||||
+ 0x50, 0x86, 0xca, 0xca,
|
||||
+};
|
||||
+static const unsigned char kat3146_persstr[] = {0};
|
||||
+static const unsigned char kat3146_entropyinpr1[] = {
|
||||
+ 0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda,
|
||||
+ 0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15,
|
||||
+};
|
||||
+static const unsigned char kat3146_addinpr1[] = {
|
||||
+ 0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1,
|
||||
+ 0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90,
|
||||
+ 0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99,
|
||||
+};
|
||||
+static const unsigned char kat3146_entropyinpr2[] = {
|
||||
+ 0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7,
|
||||
+ 0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34,
|
||||
+};
|
||||
+static const unsigned char kat3146_addinpr2[] = {
|
||||
+ 0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c,
|
||||
+ 0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3,
|
||||
+ 0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6,
|
||||
+};
|
||||
+static const unsigned char kat3146_retbits[] = {
|
||||
+ 0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f,
|
||||
+ 0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28,
|
||||
+ 0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76,
|
||||
+ 0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87,
|
||||
+ 0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45,
|
||||
+ 0xd4, 0x30, 0x73, 0xbb,
|
||||
+};
|
||||
+static const struct drbg_kat_pr_true kat3146_t = {
|
||||
+ 10, kat3146_entropyin, kat3146_nonce, kat3146_persstr,
|
||||
+ kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2,
|
||||
+ kat3146_addinpr2, kat3146_retbits
|
||||
+};
|
||||
+static const struct drbg_kat kat3146 = {
|
||||
+ PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t
|
||||
+};
|
||||
+
|
||||
+static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 };
|
||||
+
|
||||
+static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test);
|
||||
+
|
||||
+static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
|
||||
+ int entropy, size_t min_len, size_t max_len,
|
||||
+ int prediction_resistance)
|
||||
+{
|
||||
+ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
|
||||
+
|
||||
+ t->entropycnt++;
|
||||
+ *pout = (unsigned char *)t->entropy;
|
||||
+ return t->entropylen;
|
||||
+}
|
||||
+
|
||||
+static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
|
||||
+ int entropy, size_t min_len, size_t max_len)
|
||||
+{
|
||||
+ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
|
||||
+
|
||||
+ t->noncecnt++;
|
||||
+ *pout = (unsigned char *)t->nonce;
|
||||
+ return t->noncelen;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * Do a single NO_RESEED KAT:
|
||||
+ *
|
||||
+ * Instantiate
|
||||
+ * Generate Random Bits (pr=false)
|
||||
+ * Generate Random Bits (pr=false)
|
||||
+ * Uninstantiate
|
||||
+ *
|
||||
+ * Return 0 on failure.
|
||||
+ */
|
||||
+static int single_kat_no_reseed(const struct drbg_kat *td)
|
||||
+{
|
||||
+ struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t;
|
||||
+ RAND_DRBG *drbg = NULL;
|
||||
+ unsigned char *buff = NULL;
|
||||
+ unsigned int flags = 0;
|
||||
+ int failures = 0;
|
||||
+ TEST_CTX t;
|
||||
+
|
||||
+ if (td->df != USE_DF)
|
||||
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||
+
|
||||
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||
+ kat_nonce, NULL)) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+ memset(&t, 0, sizeof(t));
|
||||
+ t.entropy = data->entropyin;
|
||||
+ t.entropylen = td->entropyinlen;
|
||||
+ t.nonce = data->nonce;
|
||||
+ t.noncelen = td->noncelen;
|
||||
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||
+
|
||||
+ buff = OPENSSL_malloc(td->retbyteslen);
|
||||
+ if (buff == NULL) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)
|
||||
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||
+ data->addin1, td->addinlen)
|
||||
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||
+ data->addin2, td->addinlen)
|
||||
+ || memcmp(data->retbytes, buff,
|
||||
+ td->retbyteslen) != 0)
|
||||
+ failures++;
|
||||
+
|
||||
+err:
|
||||
+ OPENSSL_free(buff);
|
||||
+ RAND_DRBG_uninstantiate(drbg);
|
||||
+ RAND_DRBG_free(drbg);
|
||||
+ return failures == 0;
|
||||
+}
|
||||
+
|
||||
+/*-
|
||||
+ * Do a single PR_FALSE KAT:
|
||||
+ *
|
||||
+ * Instantiate
|
||||
+ * Reseed
|
||||
+ * Generate Random Bits (pr=false)
|
||||
+ * Generate Random Bits (pr=false)
|
||||
+ * Uninstantiate
|
||||
+ *
|
||||
+ * Return 0 on failure.
|
||||
+ */
|
||||
+static int single_kat_pr_false(const struct drbg_kat *td)
|
||||
+{
|
||||
+ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
|
||||
+ RAND_DRBG *drbg = NULL;
|
||||
+ unsigned char *buff = NULL;
|
||||
+ unsigned int flags = 0;
|
||||
+ int failures = 0;
|
||||
+ TEST_CTX t;
|
||||
+
|
||||
+ if (td->df != USE_DF)
|
||||
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||
+
|
||||
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||
+ kat_nonce, NULL)) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+ memset(&t, 0, sizeof(t));
|
||||
+ t.entropy = data->entropyin;
|
||||
+ t.entropylen = td->entropyinlen;
|
||||
+ t.nonce = data->nonce;
|
||||
+ t.noncelen = td->noncelen;
|
||||
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||
+
|
||||
+ buff = OPENSSL_malloc(td->retbyteslen);
|
||||
+ if (buff == NULL) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
|
||||
+ failures++;
|
||||
+
|
||||
+ t.entropy = data->entropyinreseed;
|
||||
+ t.entropylen = td->entropyinlen;
|
||||
+
|
||||
+ if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0)
|
||||
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||
+ data->addin1, td->addinlen)
|
||||
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||
+ data->addin2, td->addinlen)
|
||||
+ || memcmp(data->retbytes, buff,
|
||||
+ td->retbyteslen) != 0)
|
||||
+ failures++;
|
||||
+
|
||||
+err:
|
||||
+ OPENSSL_free(buff);
|
||||
+ RAND_DRBG_uninstantiate(drbg);
|
||||
+ RAND_DRBG_free(drbg);
|
||||
+ return failures == 0;
|
||||
+}
|
||||
+
|
||||
+/*-
|
||||
+ * Do a single PR_TRUE KAT:
|
||||
+ *
|
||||
+ * Instantiate
|
||||
+ * Generate Random Bits (pr=true)
|
||||
+ * Generate Random Bits (pr=true)
|
||||
+ * Uninstantiate
|
||||
+ *
|
||||
+ * Return 0 on failure.
|
||||
+ */
|
||||
+static int single_kat_pr_true(const struct drbg_kat *td)
|
||||
+{
|
||||
+ struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t;
|
||||
+ RAND_DRBG *drbg = NULL;
|
||||
+ unsigned char *buff = NULL;
|
||||
+ unsigned int flags = 0;
|
||||
+ int failures = 0;
|
||||
+ TEST_CTX t;
|
||||
+
|
||||
+ if (td->df != USE_DF)
|
||||
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||
+
|
||||
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||
+ kat_nonce, NULL)) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+ memset(&t, 0, sizeof(t));
|
||||
+ t.nonce = data->nonce;
|
||||
+ t.noncelen = td->noncelen;
|
||||
+ t.entropy = data->entropyin;
|
||||
+ t.entropylen = td->entropyinlen;
|
||||
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||
+
|
||||
+ buff = OPENSSL_malloc(td->retbyteslen);
|
||||
+ if (buff == NULL) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
|
||||
+ failures++;
|
||||
+
|
||||
+ t.entropy = data->entropyinpr1;
|
||||
+ t.entropylen = td->entropyinlen;
|
||||
+
|
||||
+ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
|
||||
+ data->addin1, td->addinlen))
|
||||
+ failures++;
|
||||
+
|
||||
+ t.entropy = data->entropyinpr2;
|
||||
+ t.entropylen = td->entropyinlen;
|
||||
+
|
||||
+ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
|
||||
+ data->addin2, td->addinlen)
|
||||
+ || memcmp(data->retbytes, buff,
|
||||
+ td->retbyteslen) != 0)
|
||||
+ failures++;
|
||||
+
|
||||
+err:
|
||||
+ OPENSSL_free(buff);
|
||||
+ RAND_DRBG_uninstantiate(drbg);
|
||||
+ RAND_DRBG_free(drbg);
|
||||
+ return failures == 0;
|
||||
+}
|
||||
+
|
||||
+static int test_kats(int i)
|
||||
+{
|
||||
+ const struct drbg_kat *td = drbg_test[i];
|
||||
+ int rv = 0;
|
||||
+
|
||||
+ switch (td->type) {
|
||||
+ case NO_RESEED:
|
||||
+ if (!single_kat_no_reseed(td))
|
||||
+ goto err;
|
||||
+ break;
|
||||
+ case PR_FALSE:
|
||||
+ if (!single_kat_pr_false(td))
|
||||
+ goto err;
|
||||
+ break;
|
||||
+ case PR_TRUE:
|
||||
+ if (!single_kat_pr_true(td))
|
||||
+ goto err;
|
||||
+ break;
|
||||
+ default: /* cant happen */
|
||||
+ goto err;
|
||||
+ }
|
||||
+ rv = 1;
|
||||
+err:
|
||||
+ return rv;
|
||||
+}
|
||||
+
|
||||
+/*-
|
||||
+ * Do one expected-error test:
|
||||
+ *
|
||||
+ * Instantiate with no entropy supplied
|
||||
+ *
|
||||
+ * Return 0 on failure.
|
||||
+ */
|
||||
+static int test_drbg_sanity(const struct drbg_kat *td)
|
||||
+{
|
||||
+ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
|
||||
+ RAND_DRBG *drbg = NULL;
|
||||
+ unsigned int flags = 0;
|
||||
+ int failures = 0;
|
||||
+ TEST_CTX t;
|
||||
+
|
||||
+ if (td->df != USE_DF)
|
||||
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||
+
|
||||
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||
+ kat_nonce, NULL)) {
|
||||
+ failures++;
|
||||
+ goto err;
|
||||
+ }
|
||||
+ memset(&t, 0, sizeof(t));
|
||||
+ t.entropy = data->entropyin;
|
||||
+ t.entropylen = 0; /* No entropy */
|
||||
+ t.nonce = data->nonce;
|
||||
+ t.noncelen = td->noncelen;
|
||||
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||
+
|
||||
+ ERR_set_mark();
|
||||
+ /* This must fail. */
|
||||
+ if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
|
||||
+ failures++;
|
||||
+ RAND_DRBG_uninstantiate(drbg);
|
||||
+ ERR_pop_to_mark();
|
||||
+
|
||||
+err:
|
||||
+ RAND_DRBG_free(drbg);
|
||||
+ return failures == 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+int rand_drbg_selftest(void)
|
||||
+{
|
||||
+ int i;
|
||||
+
|
||||
+ if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init))
|
||||
+ return 0;
|
||||
+
|
||||
+ for (i = 0; i < drbg_test_nelem; i++) {
|
||||
+ if (test_kats(i) <= 0)
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ if (test_drbg_sanity(&kat1465) <= 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ return 1;
|
||||
+}
|
||||
diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h
|
||||
--- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest 2020-04-23 13:33:12.587622510 +0200
|
||||
+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:33:12.619621907 +0200
|
||||
@@ -140,4 +140,9 @@ void rand_pool_cleanup(void);
|
||||
*/
|
||||
void rand_pool_keep_random_devices_open(int keep);
|
||||
|
||||
+/*
|
||||
+ * Perform the DRBG KAT selftests
|
||||
+ */
|
||||
+int rand_drbg_selftest(void);
|
||||
+
|
||||
#endif
|
@ -1,189 +0,0 @@
|
||||
diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c
|
||||
--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100
|
||||
+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100
|
||||
@@ -68,6 +68,7 @@
|
||||
|
||||
# include <openssl/fips.h>
|
||||
# include "internal/thread_once.h"
|
||||
+# include "crypto/rand.h"
|
||||
|
||||
# ifndef PATH_MAX
|
||||
# define PATH_MAX 1024
|
||||
@@ -76,6 +77,7 @@
|
||||
static int fips_selftest_fail = 0;
|
||||
static int fips_mode = 0;
|
||||
static int fips_started = 0;
|
||||
+static int fips_post = 0;
|
||||
|
||||
static int fips_is_owning_thread(void);
|
||||
static int fips_set_owning_thread(void);
|
||||
@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void)
|
||||
fips_selftest_fail = 1;
|
||||
}
|
||||
|
||||
+int fips_in_post(void)
|
||||
+{
|
||||
+ return fips_post;
|
||||
+}
|
||||
+
|
||||
/* we implement what libfipscheck does ourselves */
|
||||
|
||||
static int
|
||||
@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff)
|
||||
}
|
||||
# endif
|
||||
|
||||
+ fips_post = 1;
|
||||
+
|
||||
if (!FIPS_selftest()) {
|
||||
fips_selftest_fail = 1;
|
||||
ret = 0;
|
||||
@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff)
|
||||
goto end;
|
||||
}
|
||||
|
||||
+ fips_post = 0;
|
||||
+
|
||||
fips_set_mode(onoff);
|
||||
+ /* force RNG reseed with entropy from getrandom() on next call */
|
||||
+ rand_force_reseed();
|
||||
+
|
||||
ret = 1;
|
||||
goto end;
|
||||
}
|
||||
diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c
|
||||
--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100
|
||||
@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
|
||||
return min_entropy > min_entropylen ? min_entropy : min_entropylen;
|
||||
}
|
||||
|
||||
+void rand_force_reseed(void)
|
||||
+{
|
||||
+ RAND_DRBG *drbg;
|
||||
+
|
||||
+ drbg = RAND_DRBG_get0_master();
|
||||
+ drbg->fork_id = 0;
|
||||
+
|
||||
+ drbg = RAND_DRBG_get0_private();
|
||||
+ drbg->fork_id = 0;
|
||||
+
|
||||
+ drbg = RAND_DRBG_get0_public();
|
||||
+ drbg->fork_id = 0;
|
||||
+}
|
||||
+
|
||||
/* Implements the default OpenSSL RAND_add() method */
|
||||
static int drbg_add(const void *buf, int num, double randomness)
|
||||
{
|
||||
diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c
|
||||
--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100
|
||||
@@ -17,10 +17,12 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include "rand_local.h"
|
||||
#include "crypto/rand.h"
|
||||
+#include "crypto/fips.h"
|
||||
#include <stdio.h>
|
||||
#include "internal/dso.h"
|
||||
#ifdef __linux
|
||||
# include <sys/syscall.h>
|
||||
+# include <sys/random.h>
|
||||
# ifdef DEVRANDOM_WAIT
|
||||
# include <sys/shm.h>
|
||||
# include <sys/utsname.h>
|
||||
@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf,
|
||||
* syscall_random(): Try to get random data using a system call
|
||||
* returns the number of bytes returned in buf, or < 0 on error.
|
||||
*/
|
||||
-static ssize_t syscall_random(void *buf, size_t buflen)
|
||||
+static ssize_t syscall_random(void *buf, size_t buflen, int nonblock)
|
||||
{
|
||||
/*
|
||||
* Note: 'buflen' equals the size of the buffer which is used by the
|
||||
@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf,
|
||||
* - Linux since 3.17 with glibc 2.25
|
||||
* - FreeBSD since 12.0 (1200061)
|
||||
*/
|
||||
+# if 0
|
||||
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
|
||||
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
|
||||
|
||||
@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf,
|
||||
if (p_getentropy.p != NULL)
|
||||
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
|
||||
# endif
|
||||
-
|
||||
+# endif
|
||||
/* Linux supports this since version 3.17 */
|
||||
-# if defined(__linux) && defined(__NR_getrandom)
|
||||
- return syscall(__NR_getrandom, buf, buflen, 0);
|
||||
+# if defined(__linux) && defined(SYS_getrandom)
|
||||
+ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0);
|
||||
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
|
||||
return sysctl_random(buf, buflen);
|
||||
# else
|
||||
@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
size_t entropy_available;
|
||||
|
||||
# if defined(OPENSSL_RAND_SEED_GETRANDOM)
|
||||
+ int in_post;
|
||||
+
|
||||
+ for (in_post = fips_in_post(); in_post >= 0; --in_post) {
|
||||
{
|
||||
size_t bytes_needed;
|
||||
unsigned char *buffer;
|
||||
@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
|
||||
while (bytes_needed != 0 && attempts-- > 0) {
|
||||
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||
- bytes = syscall_random(buffer, bytes_needed);
|
||||
+ bytes = syscall_random(buffer, bytes_needed, in_post);
|
||||
if (bytes > 0) {
|
||||
rand_pool_add_end(pool, bytes, 8 * bytes);
|
||||
bytes_needed -= bytes;
|
||||
@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
int attempts = 3;
|
||||
const int fd = get_random_device(i);
|
||||
|
||||
- if (fd == -1)
|
||||
+ if (fd == -1) {
|
||||
+ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]);
|
||||
continue;
|
||||
+ }
|
||||
|
||||
while (bytes_needed != 0 && attempts-- > 0) {
|
||||
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||
@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||
return entropy_available;
|
||||
}
|
||||
# endif
|
||||
-
|
||||
+# ifdef OPENSSL_RAND_SEED_GETRANDOM
|
||||
+ }
|
||||
+# endif
|
||||
return rand_pool_entropy_available(pool);
|
||||
# endif
|
||||
}
|
||||
diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h
|
||||
--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100
|
||||
+++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100
|
||||
@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
|
||||
int FIPS_selftest_drbg(void);
|
||||
int FIPS_selftest_cmac(void);
|
||||
|
||||
+int fips_in_post(void);
|
||||
+
|
||||
int fips_pkey_signature_test(EVP_PKEY *pkey,
|
||||
const unsigned char *tbs, int tbslen,
|
||||
const unsigned char *kat,
|
||||
diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h
|
||||
--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100
|
||||
@@ -24,6 +24,7 @@
|
||||
typedef struct rand_pool_st RAND_POOL;
|
||||
|
||||
void rand_cleanup_int(void);
|
||||
+void rand_force_reseed(void);
|
||||
void rand_drbg_cleanup_int(void);
|
||||
void drbg_delete_thread_state(void);
|
||||
|
11655
openssl-1.1.1-fips.patch
11655
openssl-1.1.1-fips.patch
File diff suppressed because it is too large
Load Diff
@ -1,500 +0,0 @@
|
||||
diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl
|
||||
--- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl 2020-03-19 17:07:02.626522694 +0100
|
||||
@@ -275,6 +275,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
movups ($inp),$inout0 # load input
|
||||
mov 240($key),$rounds # key->rounds
|
||||
___
|
||||
@@ -293,6 +294,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_decrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
movups ($inp),$inout0 # load input
|
||||
mov 240($key),$rounds # key->rounds
|
||||
___
|
||||
@@ -613,6 +615,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
aesni_ecb_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0x58(%rsp),%rsp
|
||||
@@ -985,6 +988,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
aesni_ccm64_encrypt_blocks:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0x58(%rsp),%rsp
|
||||
@@ -1077,6 +1081,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
aesni_ccm64_decrypt_blocks:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0x58(%rsp),%rsp
|
||||
@@ -1203,6 +1208,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
aesni_ctr32_encrypt_blocks:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
cmp \$1,$len
|
||||
jne .Lctr32_bulk
|
||||
|
||||
@@ -1775,6 +1781,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
aesni_xts_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
lea (%rsp),%r11 # frame pointer
|
||||
.cfi_def_cfa_register %r11
|
||||
push %rbp
|
||||
@@ -2258,6 +2265,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
aesni_xts_decrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
lea (%rsp),%r11 # frame pointer
|
||||
.cfi_def_cfa_register %r11
|
||||
push %rbp
|
||||
@@ -2783,6 +2791,7 @@ $code.=<<___;
|
||||
.align 32
|
||||
aesni_ocb_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
lea (%rsp),%rax
|
||||
push %rbx
|
||||
.cfi_push %rbx
|
||||
@@ -3249,6 +3258,7 @@ __ocb_encrypt1:
|
||||
.align 32
|
||||
aesni_ocb_decrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
lea (%rsp),%rax
|
||||
push %rbx
|
||||
.cfi_push %rbx
|
||||
@@ -3737,6 +3747,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_cbc_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
test $len,$len # check length
|
||||
jz .Lcbc_ret
|
||||
|
||||
diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl
|
||||
--- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl 2020-03-19 17:00:15.974621757 +0100
|
||||
@@ -696,6 +696,7 @@ _vpaes_schedule_mangle:
|
||||
.align 16
|
||||
${PREFIX}_set_encrypt_key:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0xb8(%rsp),%rsp
|
||||
@@ -746,6 +747,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_set_decrypt_key:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0xb8(%rsp),%rsp
|
||||
@@ -801,6 +803,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0xb8(%rsp),%rsp
|
||||
@@ -846,6 +849,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_decrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
lea -0xb8(%rsp),%rsp
|
||||
@@ -897,6 +901,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
${PREFIX}_cbc_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
xchg $key,$len
|
||||
___
|
||||
($len,$key)=($key,$len);
|
||||
diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c
|
||||
--- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/async/arch/async_posix.c 2020-03-19 17:00:15.974621757 +0100
|
||||
@@ -34,7 +34,9 @@ void async_local_cleanup(void)
|
||||
|
||||
int async_fibre_makecontext(async_fibre *fibre)
|
||||
{
|
||||
+#ifndef USE_SWAPCONTEXT
|
||||
fibre->env_init = 0;
|
||||
+#endif
|
||||
if (getcontext(&fibre->fibre) == 0) {
|
||||
fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE);
|
||||
if (fibre->fibre.uc_stack.ss_sp != NULL) {
|
||||
diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h
|
||||
--- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet 2020-03-19 17:00:15.435631166 +0100
|
||||
+++ openssl-1.1.1e/crypto/async/arch/async_posix.h 2020-03-19 17:00:15.975621739 +0100
|
||||
@@ -25,17 +25,33 @@
|
||||
# define ASYNC_POSIX
|
||||
# define ASYNC_ARCH
|
||||
|
||||
+# ifdef __CET__
|
||||
+/*
|
||||
+ * When Intel CET is enabled, makecontext will create a different
|
||||
+ * shadow stack for each context. async_fibre_swapcontext cannot
|
||||
+ * use _longjmp. It must call swapcontext to swap shadow stack as
|
||||
+ * well as normal stack.
|
||||
+ */
|
||||
+# define USE_SWAPCONTEXT
|
||||
+# endif
|
||||
# include <ucontext.h>
|
||||
-# include <setjmp.h>
|
||||
+# ifndef USE_SWAPCONTEXT
|
||||
+# include <setjmp.h>
|
||||
+# endif
|
||||
|
||||
typedef struct async_fibre_st {
|
||||
ucontext_t fibre;
|
||||
+# ifndef USE_SWAPCONTEXT
|
||||
jmp_buf env;
|
||||
int env_init;
|
||||
+# endif
|
||||
} async_fibre;
|
||||
|
||||
static ossl_inline int async_fibre_swapcontext(async_fibre *o, async_fibre *n, int r)
|
||||
{
|
||||
+# ifdef USE_SWAPCONTEXT
|
||||
+ swapcontext(&o->fibre, &n->fibre);
|
||||
+# else
|
||||
o->env_init = 1;
|
||||
|
||||
if (!r || !_setjmp(o->env)) {
|
||||
@@ -44,6 +60,7 @@ static ossl_inline int async_fibre_swapc
|
||||
else
|
||||
setcontext(&n->fibre);
|
||||
}
|
||||
+# endif
|
||||
|
||||
return 1;
|
||||
}
|
||||
diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl
|
||||
--- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl 2020-03-19 17:00:15.975621739 +0100
|
||||
@@ -685,6 +685,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
Camellia_cbc_encrypt:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
cmp \$0,%rdx
|
||||
je .Lcbc_abort
|
||||
push %rbx
|
||||
diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl
|
||||
--- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl 2020-03-19 17:00:15.975621739 +0100
|
||||
@@ -239,6 +239,7 @@ $code=<<___;
|
||||
.align 16
|
||||
gcm_gmult_4bit:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
push %rbx
|
||||
.cfi_push %rbx
|
||||
push %rbp # %rbp and others are pushed exclusively in
|
||||
@@ -286,6 +287,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
gcm_ghash_4bit:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
push %rbx
|
||||
.cfi_push %rbx
|
||||
push %rbp
|
||||
@@ -612,6 +614,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
gcm_gmult_clmul:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
.L_gmult_clmul:
|
||||
movdqu ($Xip),$Xi
|
||||
movdqa .Lbswap_mask(%rip),$T3
|
||||
@@ -663,6 +666,7 @@ $code.=<<___;
|
||||
.align 32
|
||||
gcm_ghash_clmul:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
.L_ghash_clmul:
|
||||
___
|
||||
$code.=<<___ if ($win64);
|
||||
@@ -1166,6 +1170,7 @@ $code.=<<___;
|
||||
.align 32
|
||||
gcm_gmult_avx:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
jmp .L_gmult_clmul
|
||||
.cfi_endproc
|
||||
.size gcm_gmult_avx,.-gcm_gmult_avx
|
||||
@@ -1177,6 +1182,7 @@ $code.=<<___;
|
||||
.align 32
|
||||
gcm_ghash_avx:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
___
|
||||
if ($avx) {
|
||||
my ($Xip,$Htbl,$inp,$len)=@_4args;
|
||||
diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl
|
||||
--- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/perlasm/cbc.pl 2020-03-19 17:00:15.976621722 +0100
|
||||
@@ -165,21 +165,28 @@ sub cbc
|
||||
&jmp_ptr($count);
|
||||
|
||||
&set_label("ej7");
|
||||
+ &endbranch()
|
||||
&movb(&HB("edx"), &BP(6,$in,"",0));
|
||||
&shl("edx",8);
|
||||
&set_label("ej6");
|
||||
+ &endbranch()
|
||||
&movb(&HB("edx"), &BP(5,$in,"",0));
|
||||
&set_label("ej5");
|
||||
+ &endbranch()
|
||||
&movb(&LB("edx"), &BP(4,$in,"",0));
|
||||
&set_label("ej4");
|
||||
+ &endbranch()
|
||||
&mov("ecx", &DWP(0,$in,"",0));
|
||||
&jmp(&label("ejend"));
|
||||
&set_label("ej3");
|
||||
+ &endbranch()
|
||||
&movb(&HB("ecx"), &BP(2,$in,"",0));
|
||||
&shl("ecx",8);
|
||||
&set_label("ej2");
|
||||
+ &endbranch()
|
||||
&movb(&HB("ecx"), &BP(1,$in,"",0));
|
||||
&set_label("ej1");
|
||||
+ &endbranch()
|
||||
&movb(&LB("ecx"), &BP(0,$in,"",0));
|
||||
&set_label("ejend");
|
||||
|
||||
diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl
|
||||
--- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl 2020-03-19 17:00:15.984621582 +0100
|
||||
@@ -101,6 +101,33 @@ elsif (!$gas)
|
||||
$decor="\$L\$";
|
||||
}
|
||||
|
||||
+my $cet_property;
|
||||
+if ($flavour =~ /elf/) {
|
||||
+ # Always generate .note.gnu.property section for ELF outputs to
|
||||
+ # mark Intel CET support since all input files must be marked
|
||||
+ # with Intel CET support in order for linker to mark output with
|
||||
+ # Intel CET support.
|
||||
+ my $p2align=3; $p2align=2 if ($flavour eq "elf32");
|
||||
+ $cet_property = <<_____;
|
||||
+ .section ".note.gnu.property", "a"
|
||||
+ .p2align $p2align
|
||||
+ .long 1f - 0f
|
||||
+ .long 4f - 1f
|
||||
+ .long 5
|
||||
+0:
|
||||
+ .asciz "GNU"
|
||||
+1:
|
||||
+ .p2align $p2align
|
||||
+ .long 0xc0000002
|
||||
+ .long 3f - 2f
|
||||
+2:
|
||||
+ .long 3
|
||||
+3:
|
||||
+ .p2align $p2align
|
||||
+4:
|
||||
+_____
|
||||
+}
|
||||
+
|
||||
my $current_segment;
|
||||
my $current_function;
|
||||
my %globals;
|
||||
@@ -1213,6 +1240,7 @@ while(defined(my $line=<>)) {
|
||||
print $line,"\n";
|
||||
}
|
||||
|
||||
+print "$cet_property" if ($cet_property);
|
||||
print "\n$current_segment\tENDS\n" if ($current_segment && $masm);
|
||||
print "END\n" if ($masm);
|
||||
|
||||
diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl
|
||||
--- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/perlasm/x86gas.pl 2020-03-19 17:00:15.985621565 +0100
|
||||
@@ -124,6 +124,7 @@ sub ::function_begin_B
|
||||
push(@out,".align\t$align\n");
|
||||
push(@out,"$func:\n");
|
||||
push(@out,"$begin:\n") if ($global);
|
||||
+ &::endbranch();
|
||||
$::stack=4;
|
||||
}
|
||||
|
||||
@@ -172,6 +173,26 @@ sub ::file_end
|
||||
else { push (@out,"$tmp\n"); }
|
||||
}
|
||||
push(@out,$initseg) if ($initseg);
|
||||
+ if ($::elf) {
|
||||
+ push(@out,"
|
||||
+ .section \".note.gnu.property\", \"a\"
|
||||
+ .p2align 2
|
||||
+ .long 1f - 0f
|
||||
+ .long 4f - 1f
|
||||
+ .long 5
|
||||
+0:
|
||||
+ .asciz \"GNU\"
|
||||
+1:
|
||||
+ .p2align 2
|
||||
+ .long 0xc0000002
|
||||
+ .long 3f - 2f
|
||||
+2:
|
||||
+ .long 3
|
||||
+3:
|
||||
+ .p2align 2
|
||||
+4:
|
||||
+");
|
||||
+ }
|
||||
}
|
||||
|
||||
sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); }
|
||||
diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl
|
||||
--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-03-19 17:00:38.185234015 +0100
|
||||
+++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl 2020-03-19 17:05:46.575850341 +0100
|
||||
@@ -2806,6 +2806,7 @@ $code.=<<___;
|
||||
.align 32
|
||||
poly1305_blocks_vpmadd52:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
shr \$4,$len
|
||||
jz .Lno_data_vpmadd52 # too short
|
||||
|
||||
@@ -3739,6 +3740,7 @@ $code.=<<___;
|
||||
.align 32
|
||||
poly1305_emit_base2_44:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
mov 0($ctx),%r8 # load hash value
|
||||
mov 8($ctx),%r9
|
||||
mov 16($ctx),%r10
|
||||
diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl
|
||||
--- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-03-19 17:00:38.190233928 +0100
|
||||
+++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl 2020-03-19 17:05:02.598618064 +0100
|
||||
@@ -140,6 +140,7 @@ $code=<<___;
|
||||
.align 16
|
||||
RC4:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
or $len,$len
|
||||
jne .Lentry
|
||||
ret
|
||||
@@ -455,6 +456,7 @@ $code.=<<___;
|
||||
.align 16
|
||||
RC4_set_key:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
lea 8($dat),$dat
|
||||
lea ($inp,$len),$inp
|
||||
neg $len
|
||||
@@ -529,6 +531,7 @@ RC4_set_key:
|
||||
.align 16
|
||||
RC4_options:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
lea .Lopts(%rip),%rax
|
||||
mov OPENSSL_ia32cap_P(%rip),%edx
|
||||
bt \$20,%edx
|
||||
diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl
|
||||
--- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||
+++ openssl-1.1.1e/crypto/x86_64cpuid.pl 2020-03-19 17:03:58.172742775 +0100
|
||||
@@ -40,6 +40,7 @@ print<<___;
|
||||
.align 16
|
||||
OPENSSL_atomic_add:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
movl ($arg1),%eax
|
||||
.Lspin: leaq ($arg2,%rax),%r8
|
||||
.byte 0xf0 # lock
|
||||
@@ -56,6 +57,7 @@ OPENSSL_atomic_add:
|
||||
.align 16
|
||||
OPENSSL_rdtsc:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
rdtsc
|
||||
shl \$32,%rdx
|
||||
or %rdx,%rax
|
||||
@@ -68,6 +70,7 @@ OPENSSL_rdtsc:
|
||||
.align 16
|
||||
OPENSSL_ia32_cpuid:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
mov %rbx,%r8 # save %rbx
|
||||
.cfi_register %rbx,%r8
|
||||
|
||||
@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid:
|
||||
.align 16
|
||||
OPENSSL_cleanse:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
xor %rax,%rax
|
||||
cmp \$15,$arg2
|
||||
jae .Lot
|
||||
@@ -274,6 +278,7 @@ OPENSSL_cleanse:
|
||||
.align 16
|
||||
CRYPTO_memcmp:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
xor %rax,%rax
|
||||
xor %r10,%r10
|
||||
cmp \$0,$arg3
|
||||
@@ -312,6 +317,7 @@ print<<___ if (!$win64);
|
||||
.align 16
|
||||
OPENSSL_wipe_cpu:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
pxor %xmm0,%xmm0
|
||||
pxor %xmm1,%xmm1
|
||||
pxor %xmm2,%xmm2
|
||||
@@ -346,6 +352,8 @@ print<<___ if ($win64);
|
||||
.type OPENSSL_wipe_cpu,\@abi-omnipotent
|
||||
.align 16
|
||||
OPENSSL_wipe_cpu:
|
||||
+.cfi_startproc
|
||||
+ endbranch
|
||||
pxor %xmm0,%xmm0
|
||||
pxor %xmm1,%xmm1
|
||||
pxor %xmm2,%xmm2
|
||||
@@ -376,6 +384,7 @@ print<<___;
|
||||
.align 16
|
||||
OPENSSL_instrument_bus:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
mov $arg1,$out # tribute to Win64
|
||||
mov $arg2,$cnt
|
||||
mov $arg2,$max
|
||||
@@ -410,6 +419,7 @@ OPENSSL_instrument_bus:
|
||||
.align 16
|
||||
OPENSSL_instrument_bus2:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
mov $arg1,$out # tribute to Win64
|
||||
mov $arg2,$cnt
|
||||
mov $arg3,$max
|
||||
@@ -465,6 +475,7 @@ print<<___;
|
||||
.align 16
|
||||
OPENSSL_ia32_${rdop}_bytes:
|
||||
.cfi_startproc
|
||||
+ endbranch
|
||||
xor %rax, %rax # return value
|
||||
cmp \$0,$arg2
|
||||
je .Ldone_${rdop}_bytes
|
@ -1,170 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info
|
||||
--- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest 2020-06-03 16:08:36.274849058 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/build.info 2020-06-03 16:11:05.609079372 +0200
|
||||
@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\
|
||||
fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
|
||||
fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
|
||||
fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \
|
||||
- fips_dh_selftest.c fips_ers.c
|
||||
+ fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c
|
||||
|
||||
PROGRAMS_NO_INST=\
|
||||
fips_standalone_hmac
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest 2020-06-03 16:08:36.337849577 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c 2020-06-03 16:08:36.337849577 +0200
|
||||
@@ -0,0 +1,117 @@
|
||||
+/*
|
||||
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
+ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
|
||||
+ *
|
||||
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
+ * this file except in compliance with the License. You can obtain a copy
|
||||
+ * in the file LICENSE in the source distribution or at
|
||||
+ * https://www.openssl.org/source/license.html
|
||||
+ */
|
||||
+
|
||||
+#include <string.h>
|
||||
+#include <openssl/err.h>
|
||||
+#include <openssl/fips.h>
|
||||
+#include "crypto/fips.h"
|
||||
+
|
||||
+#include <openssl/evp.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+
|
||||
+#ifdef OPENSSL_FIPS
|
||||
+int FIPS_selftest_pbkdf2(void)
|
||||
+{
|
||||
+ int ret = 0;
|
||||
+ EVP_KDF_CTX *kctx;
|
||||
+ unsigned char out[32];
|
||||
+
|
||||
+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ {
|
||||
+ const unsigned char expected[sizeof(out)] = {
|
||||
+ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
|
||||
+ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
|
||||
+ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
|
||||
+ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
|
||||
+ };
|
||||
+ if (memcmp(out, expected, sizeof(expected))) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ }
|
||||
+ ret = 1;
|
||||
+
|
||||
+err:
|
||||
+ if (!ret)
|
||||
+ FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED);
|
||||
+ EVP_KDF_CTX_free(kctx);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos
|
||||
+ * 5) appendix A. */
|
||||
+int FIPS_selftest_kbkdf(void)
|
||||
+{
|
||||
+ int ret = 0;
|
||||
+ EVP_KDF_CTX *kctx;
|
||||
+ char *label = "prf", *prf_input = "test";
|
||||
+ static unsigned char input_key[] = {
|
||||
+ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
|
||||
+ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
|
||||
+ };
|
||||
+ static unsigned char output[] = {
|
||||
+ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
|
||||
+ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
|
||||
+ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
|
||||
+ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
|
||||
+ };
|
||||
+ unsigned char result[sizeof(output)] = { 0 };
|
||||
+
|
||||
+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) {
|
||||
+ goto err;
|
||||
+ }
|
||||
+ ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0
|
||||
+ && memcmp(result, output, sizeof(output)) == 0;
|
||||
+err:
|
||||
+
|
||||
+ if (!ret)
|
||||
+ FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED);
|
||||
+ EVP_KDF_CTX_free(kctx);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+int FIPS_selftest_kdf(void)
|
||||
+{
|
||||
+ return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf();
|
||||
+}
|
||||
+
|
||||
+#endif
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest 2020-06-03 16:08:36.332849536 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-03 16:08:36.338849585 +0200
|
||||
@@ -111,6 +111,8 @@ int FIPS_selftest(void)
|
||||
rv = 0;
|
||||
if (!FIPS_selftest_ecdh())
|
||||
rv = 0;
|
||||
+ if (!FIPS_selftest_kdf())
|
||||
+ rv = 0;
|
||||
return rv;
|
||||
}
|
||||
|
||||
diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h
|
||||
--- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest 2020-06-03 16:08:36.330849519 +0200
|
||||
+++ openssl-1.1.1g/include/crypto/fips.h 2020-06-03 16:08:36.338849585 +0200
|
||||
@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff);
|
||||
int FIPS_selftest_hmac(void);
|
||||
int FIPS_selftest_drbg(void);
|
||||
int FIPS_selftest_cmac(void);
|
||||
+int FIPS_selftest_kbkdf(void);
|
||||
+int FIPS_selftest_pbkdf2(void);
|
||||
+int FIPS_selftest_kdf(void);
|
||||
|
||||
int fips_in_post(void);
|
||||
|
||||
diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h
|
||||
--- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest 2020-06-03 16:08:36.282849124 +0200
|
||||
+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-03 16:08:36.338849585 +0200
|
||||
@@ -123,6 +123,8 @@ extern "C" {
|
||||
# define FIPS_F_FIPS_SELFTEST_DSA 112
|
||||
# define FIPS_F_FIPS_SELFTEST_ECDSA 133
|
||||
# define FIPS_F_FIPS_SELFTEST_HMAC 113
|
||||
+# define FIPS_F_FIPS_SELFTEST_KBKDF 151
|
||||
+# define FIPS_F_FIPS_SELFTEST_PBKDF2 152
|
||||
# define FIPS_F_FIPS_SELFTEST_SHA1 115
|
||||
# define FIPS_F_FIPS_SELFTEST_SHA2 105
|
||||
# define FIPS_F_OSSL_ECDSA_SIGN_SIG 143
|
File diff suppressed because it is too large
Load Diff
@ -1,19 +0,0 @@
|
||||
diff -up openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename openssl-1.1.1-pre9/doc/man1/openssl.pod
|
||||
--- openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename 2018-08-21 14:14:13.000000000 +0200
|
||||
+++ openssl-1.1.1-pre9/doc/man1/openssl.pod 2018-08-22 12:13:04.092568064 +0200
|
||||
@@ -482,13 +482,13 @@ L<dhparam(1)>, L<dsa(1)>, L<dsaparam(1)>
|
||||
L<ec(1)>, L<ecparam(1)>,
|
||||
L<enc(1)>, L<engine(1)>, L<errstr(1)>, L<gendsa(1)>, L<genpkey(1)>,
|
||||
L<genrsa(1)>, L<nseq(1)>, L<ocsp(1)>,
|
||||
-L<passwd(1)>,
|
||||
L<pkcs12(1)>, L<pkcs7(1)>, L<pkcs8(1)>,
|
||||
L<pkey(1)>, L<pkeyparam(1)>, L<pkeyutl(1)>, L<prime(1)>,
|
||||
-L<rand(1)>, L<rehash(1)>, L<req(1)>, L<rsa(1)>,
|
||||
+L<rehash(1)>, L<req(1)>, L<rsa(1)>,
|
||||
L<rsautl(1)>, L<s_client(1)>,
|
||||
L<s_server(1)>, L<s_time(1)>, L<sess_id(1)>,
|
||||
L<smime(1)>, L<speed(1)>, L<spkac(1)>, L<srp(1)>, L<storeutl(1)>,
|
||||
+L<sslpasswd(1)>, L<sslrand(1)>,
|
||||
L<ts(1)>,
|
||||
L<verify(1)>, L<version(1)>, L<x509(1)>,
|
||||
L<crypto(7)>, L<ssl(7)>, L<x509v3_config(5)>
|
@ -1,112 +0,0 @@
|
||||
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in
|
||||
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in 2019-09-13 15:11:07.358687169 +0200
|
||||
@@ -147,22 +147,22 @@ our @tests = (
|
||||
{
|
||||
name => "ECDSA with brainpool",
|
||||
server => {
|
||||
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
||||
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
||||
- "Groups" => "brainpoolP256r1",
|
||||
+ "Certificate" => test_pem("server-ecdsa-cert.pem"),
|
||||
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"),
|
||||
+# "Groups" => "brainpoolP256r1",
|
||||
},
|
||||
client => {
|
||||
#We don't restrict this to TLSv1.2, although use of brainpool
|
||||
#should force this anyway so that this should succeed
|
||||
"CipherString" => "aECDSA",
|
||||
"RequestCAFile" => test_pem("root-cert.pem"),
|
||||
- "Groups" => "brainpoolP256r1",
|
||||
+# "Groups" => "brainpoolP256r1",
|
||||
},
|
||||
test => {
|
||||
- "ExpectedServerCertType" =>, "brainpoolP256r1",
|
||||
- "ExpectedServerSignType" =>, "EC",
|
||||
+# "ExpectedServerCertType" =>, "brainpoolP256r1",
|
||||
+# "ExpectedServerSignType" =>, "EC",
|
||||
# Note: certificate_authorities not sent for TLS < 1.3
|
||||
- "ExpectedServerCANames" =>, "empty",
|
||||
+# "ExpectedServerCANames" =>, "empty",
|
||||
"ExpectedResult" => "Success"
|
||||
},
|
||||
},
|
||||
@@ -853,18 +853,18 @@ my @tests_tls_1_3 = (
|
||||
{
|
||||
name => "TLS 1.3 ECDSA with brainpool",
|
||||
server => {
|
||||
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
||||
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
||||
- "Groups" => "brainpoolP256r1",
|
||||
+ "Certificate" => test_pem("server-ecdsa-cert.pem"),
|
||||
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"),
|
||||
+# "Groups" => "brainpoolP256r1",
|
||||
},
|
||||
client => {
|
||||
"RequestCAFile" => test_pem("root-cert.pem"),
|
||||
- "Groups" => "brainpoolP256r1",
|
||||
+# "Groups" => "brainpoolP256r1",
|
||||
"MinProtocol" => "TLSv1.3",
|
||||
"MaxProtocol" => "TLSv1.3"
|
||||
},
|
||||
test => {
|
||||
- "ExpectedResult" => "ServerFail"
|
||||
+ "ExpectedResult" => "Success"
|
||||
},
|
||||
},
|
||||
);
|
||||
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf
|
||||
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-09-10 15:13:07.000000000 +0200
|
||||
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf 2019-09-13 15:12:27.380288469 +0200
|
||||
@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server
|
||||
client = 5-ECDSA with brainpool-client
|
||||
|
||||
[5-ECDSA with brainpool-server]
|
||||
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
||||
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
||||
CipherString = DEFAULT
|
||||
-Groups = brainpoolP256r1
|
||||
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
||||
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
||||
|
||||
[5-ECDSA with brainpool-client]
|
||||
CipherString = aECDSA
|
||||
-Groups = brainpoolP256r1
|
||||
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
[test-5]
|
||||
ExpectedResult = Success
|
||||
-ExpectedServerCANames = empty
|
||||
-ExpectedServerCertType = brainpoolP256r1
|
||||
-ExpectedServerSignType = EC
|
||||
|
||||
|
||||
# ===========================================================
|
||||
@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool
|
||||
client = 52-TLS 1.3 ECDSA with brainpool-client
|
||||
|
||||
[52-TLS 1.3 ECDSA with brainpool-server]
|
||||
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
||||
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
||||
CipherString = DEFAULT
|
||||
-Groups = brainpoolP256r1
|
||||
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
||||
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
||||
|
||||
[52-TLS 1.3 ECDSA with brainpool-client]
|
||||
CipherString = DEFAULT
|
||||
-Groups = brainpoolP256r1
|
||||
MaxProtocol = TLSv1.3
|
||||
MinProtocol = TLSv1.3
|
||||
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
|
||||
VerifyMode = Peer
|
||||
|
||||
[test-52]
|
||||
-ExpectedResult = ServerFail
|
||||
+ExpectedResult = Success
|
||||
|
||||
|
||||
# ===========================================================
|
@ -1,12 +0,0 @@
|
||||
diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||
--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html 2020-04-07 16:45:21.904083989 +0200
|
||||
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:45:56.218461895 +0200
|
||||
@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
|
||||
|
||||
uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
|
||||
|
||||
-install_docs: install_man_docs install_html_docs
|
||||
+install_docs: install_man_docs
|
||||
|
||||
uninstall_docs: uninstall_man_docs uninstall_html_docs
|
||||
$(RM) -r "$(DESTDIR)$(DOCDIR)"
|
@ -1,26 +0,0 @@
|
||||
diff -up openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify openssl-1.1.1b/crypto/asn1/a_verify.c
|
||||
--- openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify 2019-02-26 15:15:30.000000000 +0100
|
||||
+++ openssl-1.1.1b/crypto/asn1/a_verify.c 2019-02-28 11:25:31.531862873 +0100
|
||||
@@ -7,6 +7,9 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
+
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
@@ -130,6 +133,12 @@ int ASN1_item_verify(const ASN1_ITEM *it
|
||||
if (ret != 2)
|
||||
goto err;
|
||||
ret = -1;
|
||||
+ } else if ((mdnid == NID_md5
|
||||
+ && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) ||
|
||||
+ mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) {
|
||||
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
|
||||
+ ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
|
||||
+ goto err;
|
||||
} else {
|
||||
const EVP_MD *type = EVP_get_digestbynid(mdnid);
|
||||
|
@ -1,170 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200
|
||||
@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx,
|
||||
int FIPS_drbg_reseed(DRBG_CTX *dctx,
|
||||
const unsigned char *adin, size_t adinlen)
|
||||
{
|
||||
+ int len = (int)adinlen;
|
||||
+
|
||||
+ if (len < 0 || (size_t)len != adinlen) {
|
||||
+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ RAND_seed(adin, len);
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+int FIPS_drbg_reseed_internal(DRBG_CTX *dctx,
|
||||
+ const unsigned char *adin, size_t adinlen)
|
||||
+{
|
||||
return drbg_reseed(dctx, adin, adinlen, 1);
|
||||
}
|
||||
|
||||
@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u
|
||||
int prediction_resistance,
|
||||
const unsigned char *adin, size_t adinlen)
|
||||
{
|
||||
+ int len = (int)outlen;
|
||||
+
|
||||
+ if (len < 0 || (size_t)len != outlen) {
|
||||
+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG);
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return RAND_bytes(out, len);
|
||||
+}
|
||||
+
|
||||
+int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
|
||||
+ int prediction_resistance,
|
||||
+ const unsigned char *adin, size_t adinlen)
|
||||
+{
|
||||
int r = 0;
|
||||
|
||||
if (FIPS_selftest_failed()) {
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200
|
||||
@@ -57,6 +57,8 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/fips.h>
|
||||
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
|
||||
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
|
||||
#include <openssl/fips_rand.h>
|
||||
#include "fips_rand_lcl.h"
|
||||
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200
|
||||
@@ -55,6 +55,8 @@
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/fips.h>
|
||||
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
|
||||
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
|
||||
#include <openssl/fips_rand.h>
|
||||
#include "fips_rand_lcl.h"
|
||||
#include "fips_locl.h"
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200
|
||||
@@ -79,8 +79,6 @@ int FIPS_selftest(void)
|
||||
ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
|
||||
rv = 0;
|
||||
}
|
||||
- if (!FIPS_selftest_drbg())
|
||||
- rv = 0;
|
||||
if (!FIPS_selftest_sha1())
|
||||
rv = 0;
|
||||
if (!FIPS_selftest_sha2())
|
||||
diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c
|
||||
--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200
|
||||
+++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200
|
||||
@@ -120,6 +120,7 @@ void FIPS_rand_reset(void)
|
||||
|
||||
int FIPS_rand_seed(const void *buf, int num)
|
||||
{
|
||||
+#if 0
|
||||
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||
FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
|
||||
return 0;
|
||||
@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int
|
||||
if (fips_rand_meth && fips_rand_meth->seed)
|
||||
fips_rand_meth->seed(buf, num);
|
||||
return 1;
|
||||
+#else
|
||||
+ RAND_seed(buf, num);
|
||||
+ return 1;
|
||||
+#endif
|
||||
}
|
||||
|
||||
int FIPS_rand_bytes(unsigned char *buf, int num)
|
||||
{
|
||||
+#if 0
|
||||
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||
FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
|
||||
return 0;
|
||||
@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf,
|
||||
if (fips_rand_meth && fips_rand_meth->bytes)
|
||||
return fips_rand_meth->bytes(buf, num);
|
||||
return 0;
|
||||
+#else
|
||||
+ return RAND_bytes(buf, num);
|
||||
+#endif
|
||||
}
|
||||
|
||||
int FIPS_rand_status(void)
|
||||
{
|
||||
+#if 0
|
||||
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||
FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
|
||||
return 0;
|
||||
@@ -149,6 +159,9 @@ int FIPS_rand_status(void)
|
||||
if (fips_rand_meth && fips_rand_meth->status)
|
||||
return fips_rand_meth->status();
|
||||
return 0;
|
||||
+#else
|
||||
+ return RAND_status();
|
||||
+#endif
|
||||
}
|
||||
|
||||
/* Return instantiated strength of PRNG. For DRBG this is an internal
|
||||
diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h
|
||||
--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
|
||||
+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200
|
||||
@@ -64,6 +64,11 @@ extern "C" {
|
||||
|
||||
int FIPS_selftest(void);
|
||||
int FIPS_selftest_failed(void);
|
||||
+
|
||||
+ /*
|
||||
+ * This function is deprecated as it performs selftest of the old FIPS drbg
|
||||
+ * implementation that is not validated.
|
||||
+ */
|
||||
int FIPS_selftest_drbg_all(void);
|
||||
|
||||
int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
|
||||
diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h
|
||||
--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200
|
||||
+++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200
|
||||
@@ -60,6 +60,20 @@
|
||||
# ifdef __cplusplus
|
||||
extern "C" {
|
||||
# endif
|
||||
+
|
||||
+/*
|
||||
+ * IMPORTANT NOTE:
|
||||
+ * All functions in this header file are deprecated and should not be used
|
||||
+ * as they use the old FIPS_drbg implementation that is not FIPS validated
|
||||
+ * anymore.
|
||||
+ * To provide backwards compatibility for applications that need FIPS compliant
|
||||
+ * RNG number generation and use FIPS_drbg_generate, this function was
|
||||
+ * re-wired to call the FIPS validated DRBG instance instead through
|
||||
+ * the RAND_bytes() call.
|
||||
+ *
|
||||
+ * All these functions will be removed in future.
|
||||
+ */
|
||||
+
|
||||
typedef struct drbg_ctx_st DRBG_CTX;
|
||||
/* DRBG external flags */
|
||||
/* Flag for CTR mode only: use derivation function ctr_df */
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1,160 +0,0 @@
|
||||
diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c
|
||||
--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||
+++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200
|
||||
@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c
|
||||
}
|
||||
|
||||
static const int minbits_table[] = { 80, 112, 128, 192, 256 };
|
||||
+static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 };
|
||||
static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
|
||||
|
||||
/*
|
||||
@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT
|
||||
|
||||
if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
|
||||
return 0;
|
||||
-
|
||||
- return secbits >= minbits_table[level - 1];
|
||||
+ /*
|
||||
+ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic
|
||||
+ * disable SHA1 flag is not set.
|
||||
+ */
|
||||
+ if ((ctx->param->flags & 0x40000000) || FIPS_mode())
|
||||
+ return secbits >= minbits_table[level - 1];
|
||||
+ return secbits >= minbits_digest_table[level - 1];
|
||||
}
|
||||
diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod
|
||||
--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||
+++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200
|
||||
@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited
|
||||
|
||||
=item B<Level 2>
|
||||
|
||||
-Security level set to 112 bits of security. As a result RSA, DSA and DH keys
|
||||
-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited.
|
||||
+Security level set to 112 bits of security with the exception of SHA1 allowed
|
||||
+for signatures.
|
||||
+As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys
|
||||
+shorter than 224 bits are prohibited.
|
||||
In addition to the level 1 exclusions any cipher suite using RC4 is also
|
||||
prohibited. SSL version 3 is also not allowed. Compression is disabled.
|
||||
|
||||
diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c
|
||||
--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||
+++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200
|
||||
@@ -27,6 +27,7 @@
|
||||
static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
|
||||
int op, int bits, int nid, void *other,
|
||||
void *ex);
|
||||
+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx);
|
||||
|
||||
static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT;
|
||||
static volatile int ssl_x509_store_ctx_idx = -1;
|
||||
@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_
|
||||
X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s));
|
||||
|
||||
/* Set suite B flags if needed */
|
||||
- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s));
|
||||
+ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL));
|
||||
if (!X509_STORE_CTX_set_ex_data
|
||||
(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) {
|
||||
goto end;
|
||||
@@ -953,12 +954,33 @@ static int ssl_security_default_callback
|
||||
return 0;
|
||||
break;
|
||||
default:
|
||||
+ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */
|
||||
+ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx))
|
||||
+ break;
|
||||
if (bits < minbits)
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx)
|
||||
+{
|
||||
+ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */
|
||||
+ const CERT *c;
|
||||
+
|
||||
+ if (FIPS_mode())
|
||||
+ return ret;
|
||||
+
|
||||
+ if (ctx != NULL) {
|
||||
+ c = ctx->cert;
|
||||
+ } else {
|
||||
+ c = s->cert;
|
||||
+ }
|
||||
+ if (tls1_cert_sigalgs_have_sha1(c))
|
||||
+ return 0;
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
int ssl_security(const SSL *s, int op, int bits, int nid, void *other)
|
||||
{
|
||||
return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex);
|
||||
diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h
|
||||
--- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200
|
||||
+++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200
|
||||
@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC
|
||||
__owur int tls1_process_sigalgs(SSL *s);
|
||||
__owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
|
||||
__owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd);
|
||||
+int tls1_cert_sigalgs_have_sha1(const CERT *c);
|
||||
__owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
|
||||
# ifndef OPENSSL_NO_EC
|
||||
__owur int tls_check_sigalg_curve(const SSL *s, int curve);
|
||||
diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c
|
||||
--- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200
|
||||
+++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200
|
||||
@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen)
|
||||
+{
|
||||
+ size_t i;
|
||||
+
|
||||
+ for (i = 0; i < sigalgslen; i++, sigalgs++) {
|
||||
+ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs);
|
||||
+
|
||||
+ if (lu == NULL)
|
||||
+ continue;
|
||||
+ if (lu->hash == NID_sha1)
|
||||
+ return 1;
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+int tls1_cert_sigalgs_have_sha1(const CERT *c)
|
||||
+{
|
||||
+ if (c->client_sigalgs != NULL) {
|
||||
+ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen))
|
||||
+ return 1;
|
||||
+ }
|
||||
+ if (c->conf_sigalgs != NULL) {
|
||||
+ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen))
|
||||
+ return 1;
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
|
||||
{
|
||||
int sig_nid, use_pc_sigalgs = 0;
|
||||
diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t
|
||||
--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||
+++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200
|
||||
@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver
|
||||
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),
|
||||
"CA with PSS signature using SHA256");
|
||||
|
||||
-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
||||
- "Reject PSS signature using SHA1 and auth level 2");
|
||||
+ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"),
|
||||
+ "Reject PSS signature using SHA1 and auth level 3");
|
||||
|
||||
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
||||
"PSS signature using SHA256 and auth level 2");
|
File diff suppressed because it is too large
Load Diff
@ -1,310 +0,0 @@
|
||||
diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.1c/Configurations/unix-Makefile.tmpl
|
||||
--- openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist 2019-05-29 15:42:27.951329271 +0200
|
||||
+++ openssl-1.1.1c/Configurations/unix-Makefile.tmpl 2019-05-29 15:42:27.974328867 +0200
|
||||
@@ -180,6 +180,10 @@ MANDIR=$(INSTALLTOP)/share/man
|
||||
DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
|
||||
HTMLDIR=$(DOCDIR)/html
|
||||
|
||||
+{- output_off() if $config{system_ciphers_file} eq ""; "" -}
|
||||
+SYSTEM_CIPHERS_FILE_DEFINE=-DSYSTEM_CIPHERS_FILE="\"{- $config{system_ciphers_file} -}\""
|
||||
+{- output_on() if $config{system_ciphers_file} eq ""; "" -}
|
||||
+
|
||||
# MANSUFFIX is for the benefit of anyone who may want to have a suffix
|
||||
# appended after the manpage file section number. "ssl" is popular,
|
||||
# resulting in files such as config.5ssl rather than config.5.
|
||||
@@ -203,6 +207,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
|
||||
CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -}
|
||||
CPPFLAGS={- our $cppflags1 = join(" ",
|
||||
(map { "-D".$_} @{$config{CPPDEFINES}}),
|
||||
+ "\$(SYSTEM_CIPHERS_FILE_DEFINE)",
|
||||
(map { "-I".$_} @{$config{CPPINCLUDES}}),
|
||||
@{$config{CPPFLAGS}}) -}
|
||||
CFLAGS={- join(' ', @{$config{CFLAGS}}) -}
|
||||
diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure
|
||||
--- openssl-1.1.1c/Configure.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||
+++ openssl-1.1.1c/Configure 2019-05-29 15:45:10.465469533 +0200
|
||||
@@ -24,7 +24,7 @@ use OpenSSL::Glob;
|
||||
my $orig_death_handler = $SIG{__DIE__};
|
||||
$SIG{__DIE__} = \&death_handler;
|
||||
|
||||
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||
|
||||
# Options:
|
||||
#
|
||||
@@ -41,6 +41,9 @@ my $usage="Usage: Configure [no-<cipher>
|
||||
# This becomes the value of OPENSSLDIR in Makefile and in C.
|
||||
# (Default: PREFIX/ssl)
|
||||
#
|
||||
+# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM
|
||||
+# cipher is specified (default).
|
||||
+#
|
||||
# --cross-compile-prefix Add specified prefix to binutils components.
|
||||
#
|
||||
# --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for
|
||||
@@ -295,6 +298,7 @@ $config{prefix}="";
|
||||
$config{openssldir}="";
|
||||
$config{processor}="";
|
||||
$config{libdir}="";
|
||||
+$config{system_ciphers_file}="";
|
||||
my $auto_threads=1; # enable threads automatically? true by default
|
||||
my $default_ranlib;
|
||||
|
||||
@@ -824,6 +828,10 @@ while (@argvcopy)
|
||||
push @seed_sources, $x;
|
||||
}
|
||||
}
|
||||
+ elsif (/^--system-ciphers-file=(.*)$/)
|
||||
+ {
|
||||
+ $config{system_ciphers_file}=$1;
|
||||
+ }
|
||||
elsif (/^--cross-compile-prefix=(.*)$/)
|
||||
{
|
||||
$user{CROSS_COMPILE}=$1;
|
||||
@@ -1016,6 +1024,8 @@ if ($target eq "HASH") {
|
||||
exit 0;
|
||||
}
|
||||
|
||||
+chop $config{system_ciphers_file} if $config{system_ciphers_file} =~ /\/$/;
|
||||
+
|
||||
print "Configuring OpenSSL version $config{version} ($config{version_num}) ";
|
||||
print "for $target\n";
|
||||
|
||||
diff -up openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist openssl-1.1.1c/doc/man1/ciphers.pod
|
||||
--- openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||
+++ openssl-1.1.1c/doc/man1/ciphers.pod 2019-05-29 15:42:27.975328849 +0200
|
||||
@@ -182,6 +182,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher s
|
||||
|
||||
The cipher suites not enabled by B<ALL>, currently B<eNULL>.
|
||||
|
||||
+=item B<PROFILE=SYSTEM>
|
||||
+
|
||||
+The list of enabled cipher suites will be loaded from the system crypto policy
|
||||
+configuration file B</etc/crypto-policies/back-ends/openssl.config>.
|
||||
+See also L<update-crypto-policies(8)>.
|
||||
+This is the default behavior unless an application explicitly sets a cipher
|
||||
+list. If used in a cipher list configuration value this string must be at the
|
||||
+beginning of the cipher list, otherwise it will not be recognized.
|
||||
+
|
||||
=item B<HIGH>
|
||||
|
||||
"High" encryption cipher suites. This currently means those with key lengths
|
||||
diff -up openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist openssl-1.1.1c/include/openssl/ssl.h
|
||||
--- openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||
+++ openssl-1.1.1c/include/openssl/ssl.h 2019-05-29 15:42:27.975328849 +0200
|
||||
@@ -186,6 +186,11 @@ extern "C" {
|
||||
* throwing out anonymous and unencrypted ciphersuites! (The latter are not
|
||||
* actually enabled by ALL, but "ALL:RSA" would enable some of them.)
|
||||
*/
|
||||
+# ifdef SYSTEM_CIPHERS_FILE
|
||||
+# define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
|
||||
+# else
|
||||
+# define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST
|
||||
+# endif
|
||||
|
||||
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
|
||||
# define SSL_SENT_SHUTDOWN 1
|
||||
diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ciph.c
|
||||
--- openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||
+++ openssl-1.1.1c/ssl/ssl_ciph.c 2019-05-29 15:42:27.976328831 +0200
|
||||
@@ -9,6 +9,8 @@
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
+/* for secure_getenv */
|
||||
+#define _GNU_SOURCE
|
||||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
#include <openssl/objects.h>
|
||||
@@ -1399,6 +1401,53 @@ int SSL_set_ciphersuites(SSL *s, const c
|
||||
return ret;
|
||||
}
|
||||
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+static char *load_system_str(const char *suffix)
|
||||
+{
|
||||
+ FILE *fp;
|
||||
+ char buf[1024];
|
||||
+ char *new_rules;
|
||||
+ const char *ciphers_path;
|
||||
+ unsigned len, slen;
|
||||
+
|
||||
+ if ((ciphers_path = secure_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL)
|
||||
+ ciphers_path = SYSTEM_CIPHERS_FILE;
|
||||
+ fp = fopen(ciphers_path, "r");
|
||||
+ if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL) {
|
||||
+ /* cannot open or file is empty */
|
||||
+ snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST);
|
||||
+ }
|
||||
+
|
||||
+ if (fp)
|
||||
+ fclose(fp);
|
||||
+
|
||||
+ slen = strlen(suffix);
|
||||
+ len = strlen(buf);
|
||||
+
|
||||
+ if (buf[len - 1] == '\n') {
|
||||
+ len--;
|
||||
+ buf[len] = 0;
|
||||
+ }
|
||||
+ if (buf[len - 1] == '\r') {
|
||||
+ len--;
|
||||
+ buf[len] = 0;
|
||||
+ }
|
||||
+
|
||||
+ new_rules = OPENSSL_malloc(len + slen + 1);
|
||||
+ if (new_rules == 0)
|
||||
+ return NULL;
|
||||
+
|
||||
+ memcpy(new_rules, buf, len);
|
||||
+ if (slen > 0) {
|
||||
+ memcpy(&new_rules[len], suffix, slen);
|
||||
+ len += slen;
|
||||
+ }
|
||||
+ new_rules[len] = 0;
|
||||
+
|
||||
+ return new_rules;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
|
||||
STACK_OF(SSL_CIPHER) **cipher_list,
|
||||
@@ -1412,15 +1461,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
const char *rule_p;
|
||||
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
|
||||
const SSL_CIPHER **ca_list = NULL;
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+ char *new_rules = NULL;
|
||||
+
|
||||
+ if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) {
|
||||
+ char *p = rule_str + 14;
|
||||
+
|
||||
+ new_rules = load_system_str(p);
|
||||
+ rule_str = new_rules;
|
||||
+ }
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Return with error if nothing to do.
|
||||
*/
|
||||
if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
#ifndef OPENSSL_NO_EC
|
||||
if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -1443,7 +1502,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
|
||||
if (co_list == NULL) {
|
||||
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
|
||||
- return NULL; /* Failure */
|
||||
+ goto err;
|
||||
}
|
||||
|
||||
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
|
||||
@@ -1509,8 +1568,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
* in force within each class
|
||||
*/
|
||||
if (!ssl_cipher_strength_sort(&head, &tail)) {
|
||||
- OPENSSL_free(co_list);
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1555,9 +1613,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
|
||||
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
|
||||
if (ca_list == NULL) {
|
||||
- OPENSSL_free(co_list);
|
||||
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
|
||||
- return NULL; /* Failure */
|
||||
+ goto err;
|
||||
}
|
||||
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
|
||||
disabled_mkey, disabled_auth, disabled_enc,
|
||||
@@ -1583,8 +1640,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
OPENSSL_free(ca_list); /* Not needed anymore */
|
||||
|
||||
if (!ok) { /* Rule processing failure */
|
||||
- OPENSSL_free(co_list);
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1592,14 +1648,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
* if we cannot get one.
|
||||
*/
|
||||
if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
|
||||
- OPENSSL_free(co_list);
|
||||
- return NULL;
|
||||
+ goto err;
|
||||
}
|
||||
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+ OPENSSL_free(new_rules); /* Not needed anymore */
|
||||
+#endif
|
||||
+
|
||||
/* Add TLSv1.3 ciphers first - we always prefer those if possible */
|
||||
for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
|
||||
if (!sk_SSL_CIPHER_push(cipherstack,
|
||||
sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
|
||||
+ OPENSSL_free(co_list);
|
||||
sk_SSL_CIPHER_free(cipherstack);
|
||||
return NULL;
|
||||
}
|
||||
@@ -1631,6 +1691,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||
*cipher_list = cipherstack;
|
||||
|
||||
return cipherstack;
|
||||
+
|
||||
+err:
|
||||
+ OPENSSL_free(co_list);
|
||||
+#ifdef SYSTEM_CIPHERS_FILE
|
||||
+ OPENSSL_free(new_rules);
|
||||
+#endif
|
||||
+ return NULL;
|
||||
+
|
||||
}
|
||||
|
||||
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
||||
diff -up openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist openssl-1.1.1c/ssl/ssl_lib.c
|
||||
--- openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist 2019-05-29 15:42:27.970328937 +0200
|
||||
+++ openssl-1.1.1c/ssl/ssl_lib.c 2019-05-29 15:42:27.977328814 +0200
|
||||
@@ -662,7 +662,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
|
||||
ctx->tls13_ciphersuites,
|
||||
&(ctx->cipher_list),
|
||||
&(ctx->cipher_list_by_id),
|
||||
- SSL_DEFAULT_CIPHER_LIST, ctx->cert);
|
||||
+ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ctx->cert);
|
||||
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
|
||||
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
|
||||
return 0;
|
||||
@@ -2954,7 +2954,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||
if (!ssl_create_cipher_list(ret->method,
|
||||
ret->tls13_ciphersuites,
|
||||
&ret->cipher_list, &ret->cipher_list_by_id,
|
||||
- SSL_DEFAULT_CIPHER_LIST, ret->cert)
|
||||
+ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert)
|
||||
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
|
||||
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
|
||||
goto err2;
|
||||
diff -up openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist openssl-1.1.1c/test/cipherlist_test.c
|
||||
--- openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||
+++ openssl-1.1.1c/test/cipherlist_test.c 2019-05-29 15:42:27.977328814 +0200
|
||||
@@ -251,7 +251,9 @@ end:
|
||||
|
||||
int setup_tests(void)
|
||||
{
|
||||
+#ifndef SYSTEM_CIPHERS_FILE
|
||||
ADD_TEST(test_default_cipherlist_implicit);
|
||||
+#endif
|
||||
ADD_TEST(test_default_cipherlist_explicit);
|
||||
ADD_TEST(test_default_cipherlist_clear);
|
||||
return 1;
|
@ -1,70 +0,0 @@
|
||||
diff -up openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default openssl-1.1.1h/apps/openssl.cnf
|
||||
--- openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default 2020-11-06 11:07:28.850100899 +0100
|
||||
+++ openssl-1.1.1h/apps/openssl.cnf 2020-11-06 11:11:28.042913791 +0100
|
||||
@@ -364,5 +348,5 @@ tsa_name = yes # Must the TSA name be i
|
||||
# (optional, default: no)
|
||||
ess_cert_id_chain = no # Must the ESS cert id chain be included?
|
||||
# (optional, default: no)
|
||||
-ess_cert_id_alg = sha1 # algorithm to compute certificate
|
||||
+ess_cert_id_alg = sha256 # algorithm to compute certificate
|
||||
# identifier (optional, default: sha1)
|
||||
diff -up openssl-1.1.1h/apps/ts.c.ts-sha256-default openssl-1.1.1h/apps/ts.c
|
||||
--- openssl-1.1.1h/apps/ts.c.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200
|
||||
+++ openssl-1.1.1h/apps/ts.c 2020-11-06 11:07:28.883101220 +0100
|
||||
@@ -423,7 +423,7 @@ static TS_REQ *create_query(BIO *data_bi
|
||||
ASN1_OBJECT *policy_obj = NULL;
|
||||
ASN1_INTEGER *nonce_asn1 = NULL;
|
||||
|
||||
- if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
|
||||
+ if (md == NULL && (md = EVP_get_digestbyname("sha256")) == NULL)
|
||||
goto err;
|
||||
if ((ts_req = TS_REQ_new()) == NULL)
|
||||
goto err;
|
||||
diff -up openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default openssl-1.1.1h/crypto/ts/ts_conf.c
|
||||
--- openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default 2020-11-06 12:03:51.226372867 +0100
|
||||
+++ openssl-1.1.1h/crypto/ts/ts_conf.c 2020-11-06 12:04:01.713488990 +0100
|
||||
@@ -476,7 +476,7 @@ int TS_CONF_set_ess_cert_id_digest(CONF
|
||||
const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG);
|
||||
|
||||
if (md == NULL)
|
||||
- md = "sha1";
|
||||
+ md = "sha256";
|
||||
|
||||
cert_md = EVP_get_digestbyname(md);
|
||||
if (cert_md == NULL) {
|
||||
diff -up openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default openssl-1.1.1h/doc/man1/ts.pod
|
||||
--- openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200
|
||||
+++ openssl-1.1.1h/doc/man1/ts.pod 2020-11-06 11:07:28.883101220 +0100
|
||||
@@ -518,7 +518,7 @@ included. Default is no. (Optional)
|
||||
=item B<ess_cert_id_alg>
|
||||
|
||||
This option specifies the hash function to be used to calculate the TSA's
|
||||
-public key certificate identifier. Default is sha1. (Optional)
|
||||
+public key certificate identifier. Default is sha256. (Optional)
|
||||
|
||||
=back
|
||||
|
||||
@@ -530,7 +530,7 @@ openssl/apps/openssl.cnf will do.
|
||||
|
||||
=head2 Time Stamp Request
|
||||
|
||||
-To create a timestamp request for design1.txt with SHA-1
|
||||
+To create a timestamp request for design1.txt with SHA-256
|
||||
without nonce and policy and no certificate is required in the response:
|
||||
|
||||
openssl ts -query -data design1.txt -no_nonce \
|
||||
@@ -546,12 +546,12 @@ To print the content of the previous req
|
||||
|
||||
openssl ts -query -in design1.tsq -text
|
||||
|
||||
-To create a timestamp request which includes the MD-5 digest
|
||||
+To create a timestamp request which includes the SHA-512 digest
|
||||
of design2.txt, requests the signer certificate and nonce,
|
||||
specifies a policy id (assuming the tsa_policy1 name is defined in the
|
||||
OID section of the config file):
|
||||
|
||||
- openssl ts -query -data design2.txt -md5 \
|
||||
+ openssl ts -query -data design2.txt -sha512 \
|
||||
-tspolicy tsa_policy1 -cert -out design2.tsq
|
||||
|
||||
=head2 Time Stamp Response
|
@ -1,38 +0,0 @@
|
||||
diff -up openssl-1.1.1-pre8/apps/version.c.version-add-engines openssl-1.1.1-pre8/apps/version.c
|
||||
--- openssl-1.1.1-pre8/apps/version.c.version-add-engines 2018-06-20 16:48:09.000000000 +0200
|
||||
+++ openssl-1.1.1-pre8/apps/version.c 2018-07-16 18:00:40.608624346 +0200
|
||||
@@ -64,7 +64,7 @@ int version_main(int argc, char **argv)
|
||||
{
|
||||
int ret = 1, dirty = 0, seed = 0;
|
||||
int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;
|
||||
- int engdir = 0;
|
||||
+ int engdir = 0, engines = 0;
|
||||
char *prog;
|
||||
OPTION_CHOICE o;
|
||||
|
||||
@@ -106,7 +106,7 @@ opthelp:
|
||||
break;
|
||||
case OPT_A:
|
||||
seed = options = cflags = version = date = platform = dir = engdir
|
||||
- = 1;
|
||||
+ = engines = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -188,6 +188,16 @@ opthelp:
|
||||
#endif
|
||||
printf("\n");
|
||||
}
|
||||
+ if (engines) {
|
||||
+ ENGINE *e;
|
||||
+ printf("engines: ");
|
||||
+ e = ENGINE_get_first();
|
||||
+ while (e) {
|
||||
+ printf("%s ", ENGINE_get_id(e));
|
||||
+ e = ENGINE_get_next(e);
|
||||
+ }
|
||||
+ printf("\n");
|
||||
+ }
|
||||
ret = 0;
|
||||
end:
|
||||
return ret;
|
@ -1,12 +0,0 @@
|
||||
diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h
|
||||
--- openssl-1.1.1g/include/openssl/opensslv.h.version-override 2020-04-23 13:29:37.802673513 +0200
|
||||
+++ openssl-1.1.1g/include/openssl/opensslv.h 2020-04-23 13:30:13.064008458 +0200
|
||||
@@ -40,7 +40,7 @@ extern "C" {
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
# define OPENSSL_VERSION_NUMBER 0x1010108fL
|
||||
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h 22 Sep 2020"
|
||||
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h FIPS 22 Sep 2020"
|
||||
|
||||
/*-
|
||||
* The macros below are to be used for shared library (.so, .dll, ...)
|
@ -1,57 +0,0 @@
|
||||
diff -up openssl-1.1.1/ssl/s3_lib.c.weak-ciphers openssl-1.1.1/ssl/s3_lib.c
|
||||
--- openssl-1.1.1/ssl/s3_lib.c.weak-ciphers 2018-09-11 14:48:23.000000000 +0200
|
||||
+++ openssl-1.1.1/ssl/s3_lib.c 2018-09-17 12:53:33.850637181 +0200
|
||||
@@ -2612,7 +2612,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_GOST89MAC,
|
||||
TLS1_VERSION, TLS1_2_VERSION,
|
||||
0, 0,
|
||||
- SSL_HIGH,
|
||||
+ SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
|
||||
256,
|
||||
256,
|
||||
@@ -2644,7 +2644,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
SSL_GOST89MAC12,
|
||||
TLS1_VERSION, TLS1_2_VERSION,
|
||||
0, 0,
|
||||
- SSL_HIGH,
|
||||
+ SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
|
||||
256,
|
||||
256,
|
||||
@@ -2753,7 +2753,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
},
|
||||
#endif /* OPENSSL_NO_SEED */
|
||||
|
||||
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||
+#if 0 /* No MD5 ciphersuites */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_RSA_RC4_128_MD5,
|
||||
@@ -2770,6 +2770,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
128,
|
||||
128,
|
||||
},
|
||||
+#endif
|
||||
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_RSA_RC4_128_SHA,
|
||||
@@ -2786,6 +2788,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
128,
|
||||
128,
|
||||
},
|
||||
+#endif
|
||||
+#if 0
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_ADH_RC4_128_MD5,
|
||||
@@ -2802,6 +2806,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||
128,
|
||||
128,
|
||||
},
|
||||
+#endif
|
||||
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
|
2
openssl-fips.conf
Normal file
2
openssl-fips.conf
Normal file
@ -0,0 +1,2 @@
|
||||
-b /usr/lib{,64}/libcrypto.so.*
|
||||
-b /usr/lib{,64}/libssl.so.*
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user