Compare commits
357 Commits
openssl-1_
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
3413ff9700 | ||
|
261f10a200 | ||
|
7ae2c9cd85 | ||
|
a75e581407 | ||
|
067d5800f2 | ||
|
04d5ef4d72 | ||
|
7f27ca925c | ||
|
f023424321 | ||
|
ef93cf994d | ||
|
b9c80ecf85 | ||
|
9833eff277 | ||
|
8746bcba4c | ||
|
7396eb055e | ||
|
6e23655506 | ||
|
87eaf879ac | ||
|
1bc9545b38 | ||
|
1e6a98d9e9 | ||
|
d902645d90 | ||
|
89a24d69fc | ||
|
0f4ce87941 | ||
|
5888d1863e | ||
|
5004ccfb25 | ||
|
ea310218f3 | ||
|
c9936c55c2 | ||
|
30d45eb047 | ||
|
c11b71fd2f | ||
|
c77593a912 | ||
|
b9b156fb97 | ||
|
d742997a1e | ||
|
898af7893c | ||
|
b8a97dc1d8 | ||
|
0536b721ef | ||
|
266efa3055 | ||
|
dc9d5caf5e | ||
|
f1c4ba61a3 | ||
|
10c30b2322 | ||
|
f6a62c4c2c | ||
|
c44b3f96fe | ||
|
45ebb7fdc2 | ||
|
dba4c3b578 | ||
|
b395c9afd4 | ||
|
8419f769c7 | ||
|
a71f5ae7ab | ||
|
4784e45765 | ||
|
31d61b19d5 | ||
|
b3060e5f2d | ||
|
22a821356e | ||
|
e18dcc63f4 | ||
|
65a11b2a90 | ||
|
569a3cb917 | ||
|
f5bba4a2a3 | ||
|
5c7382cd79 | ||
|
648a3cb985 | ||
|
1aaf4073e3 | ||
|
7a654fc69c | ||
|
c99b8bf7f9 | ||
|
e2ea1027fe | ||
|
5cda1ca091 | ||
|
757524ec00 | ||
|
f565dfd7ec | ||
|
99d68c7f43 | ||
|
5ee230264d | ||
|
301c642c7f | ||
|
06bb120ffb | ||
|
68f387b1c4 | ||
|
a985e4b118 | ||
|
3bfe874268 | ||
|
8574fb5150 | ||
|
33bd389ea8 | ||
|
746c76a1d7 | ||
|
143a3dae64 | ||
|
60efa7758e | ||
|
1a7b91b472 | ||
|
d2c08bab45 | ||
|
a4bf4e1b65 | ||
|
90121b0c9d | ||
|
cfeae6fcb3 | ||
|
62ec0f1fa9 | ||
|
1186311ade | ||
|
f7a30f9a15 | ||
|
60357072e0 | ||
|
4bff11d832 | ||
|
9189f03055 | ||
|
7f74f219f1 | ||
|
5ec63a5ce1 | ||
|
86c97f4f4b | ||
|
98bbad839c | ||
|
357b7a7e37 | ||
|
73ef787803 | ||
|
5d5075d4c9 | ||
|
08db5cbcb9 | ||
|
5a93773172 | ||
|
c6d0704d87 | ||
|
6eb8f62027 | ||
|
6d92af0099 | ||
|
e688115b6d | ||
|
3a05f1f46a | ||
|
c11b1341c5 | ||
|
899f2baacb | ||
|
f20f5f466f | ||
|
0ac4eaaf93 | ||
|
8e2fdfb52a | ||
|
e85d72778f | ||
|
50c1418e79 | ||
|
c68da76796 | ||
|
790567dc64 | ||
|
f852080c72 | ||
|
7b595774f0 | ||
|
226b42827c | ||
|
81258b6d2a | ||
|
6b68d87d06 | ||
|
1ff978b22e | ||
|
c676ac32d5 | ||
|
f6b0040c3e | ||
|
d00e0a5904 | ||
|
c144665042 | ||
|
fe449cd23c | ||
|
836560b322 | ||
|
21909a4d4c | ||
|
3a8593870a | ||
|
e443a79334 | ||
|
be56ae067b | ||
|
a416cba2f4 | ||
|
648a4e2db0 | ||
|
f655917cf7 | ||
|
c7fc8d6daa | ||
|
d2220322f3 | ||
|
0e04498302 | ||
|
635f6a80a8 | ||
|
4e52f8d3db | ||
|
510bcc2e3a | ||
|
d0c38b1fe6 | ||
|
e8261d1b72 | ||
|
edc03c1b9b | ||
|
6e67274c62 | ||
|
9fc25c1d28 | ||
|
a1b5b83ccd | ||
|
b7ec4eee2b | ||
|
eeb6ac1a65 | ||
|
0a6d0e5ddc | ||
|
589d3ee15b | ||
|
8f6be98bf7 | ||
|
e7a0ff581f | ||
|
843fdf0512 | ||
|
1004dabcc6 | ||
|
341f751fb7 | ||
|
0d8bb6ef41 | ||
|
41a5ee166a | ||
|
c79bed9e76 | ||
|
88482b2b4a | ||
|
6536aa4c73 | ||
|
4240ecaa1b | ||
|
a83e4d7c4a | ||
|
314b2359b8 | ||
|
1417ec988d | ||
|
5675d07a14 | ||
|
7f0b164051 | ||
|
49a07018fb | ||
|
837dd04882 | ||
|
18455c91c0 | ||
|
e4bf425a79 | ||
|
d743a79756 | ||
|
a1fb602a95 | ||
|
805c06e347 | ||
|
729d2d0e11 | ||
|
446f9bea43 | ||
|
303fb7be60 | ||
|
1804d4c857 | ||
|
6a450be963 | ||
|
7e7e3f299f | ||
|
8c1cdfe3ab | ||
|
80b5477597 | ||
|
3f43f7e93a | ||
|
0a961bb5e3 | ||
|
613f664141 | ||
|
1f162bf2ee | ||
|
11aeae71ed | ||
|
58eec73ac0 | ||
|
0e8cc69f30 | ||
|
a577400ed8 | ||
|
638098da51 | ||
|
a78828f786 | ||
|
a751492d12 | ||
|
6c0bfa087d | ||
|
c66230af31 | ||
|
6466466115 | ||
|
873dc4a466 | ||
|
9c4f375672 | ||
|
f550490681 | ||
|
a98d99a503 | ||
|
0a491cd9f2 | ||
|
360a4bb67c | ||
|
b5f54ff916 | ||
|
0376d8368c | ||
|
e55cd2c0e4 | ||
|
239d122765 | ||
|
477d4a1758 | ||
|
423ab177c8 | ||
|
3f8863c3cd | ||
|
165cee17b3 | ||
|
a9591c7f1f | ||
|
24632bb1db | ||
|
abe62302b2 | ||
|
40825564d8 | ||
|
519fe2cc24 | ||
|
c5b74d70a3 | ||
|
8978637f3b | ||
|
5713696953 | ||
|
dc728e2d8b | ||
|
ad237d19e6 | ||
|
c9a46cb3ac | ||
|
e64d4ea7bb | ||
|
9caf868063 | ||
|
dcd0fb1ec9 | ||
|
1e5b73a151 | ||
|
83d99a68af | ||
|
5714047e75 | ||
|
eca676db7a | ||
|
a8799e01c4 | ||
|
e241743946 | ||
|
b3551463ca | ||
|
4d56d16496 | ||
|
9a59868619 | ||
|
1f19ac14f9 | ||
|
7ae1dc1df9 | ||
|
4e423c3c50 | ||
|
df94661da5 | ||
|
372f3ac997 | ||
|
8c28623e94 | ||
|
d907abae39 | ||
|
fa93b626ad | ||
|
30ebb4d732 | ||
|
ae08b15c89 | ||
|
cb069618e7 | ||
|
f6aa3c2ddd | ||
|
eb63cc63df | ||
|
850ca72b9a | ||
|
b5d2711ab6 | ||
|
1465572e17 | ||
|
bb2f3882f2 | ||
|
9c324da28e | ||
|
a254940dd1 | ||
|
acdf8a62f6 | ||
|
9b36f08da8 | ||
|
653e1efa34 | ||
|
49a1fc761b | ||
|
7ccde74773 | ||
|
9555809e80 | ||
|
6a0a35eb5f | ||
|
30aa9303c7 | ||
|
dad6e3ee78 | ||
|
6705192b85 | ||
|
64e30c5369 | ||
|
9cf55df55b | ||
|
169c3a0ddb | ||
|
dc696fdac4 | ||
|
0fd0958b75 | ||
|
2ca16b9a24 | ||
|
c67ea975b9 | ||
|
07ac3d216e | ||
|
728b1133e0 | ||
|
650873ff0e | ||
|
12aab15a03 | ||
|
d8e7bfc73b | ||
|
b7eb6f4a5f | ||
|
79971bf194 | ||
|
c015bd1b1e | ||
|
eaa5561c35 | ||
|
af044b4037 | ||
|
72a1bddddc | ||
|
c2e3151786 | ||
|
55a3598cc7 | ||
|
5183d32904 | ||
|
254f85a5c0 | ||
|
18ccae20f6 | ||
|
5e74bace82 | ||
|
651215c12b | ||
|
5eb4589d83 | ||
|
6a4bd67710 | ||
|
e8c18345a4 | ||
|
d46b44c249 | ||
|
d7587a26b6 | ||
|
0f0ab24176 | ||
|
0aa7d61151 | ||
|
00c4986d53 | ||
|
ad05b50537 | ||
|
d91aea8890 | ||
|
48bba71e16 | ||
|
ea51fee99f | ||
|
628d7e4989 | ||
|
ea1d432ecf | ||
|
c28bd1cc5f | ||
|
497f2d674c | ||
|
6f65ffce68 | ||
|
e4008f0b0e | ||
|
edb70644c7 | ||
|
3447c41c99 | ||
|
4c970c62c5 | ||
|
0ed17c0652 | ||
|
5c4fc08e4d | ||
|
f4fb8490a9 | ||
|
19062db533 | ||
|
0b4cee3bc2 | ||
|
138493a921 | ||
|
8d20fec281 | ||
|
76952b7e2b | ||
|
1caf3ae072 | ||
|
ccc6e6f1c6 | ||
|
65ebbaecc7 | ||
|
15fad7109b | ||
|
09127ac54a | ||
|
540056f0e0 | ||
|
a62c516f75 | ||
|
154f82b97d | ||
|
0a5657ab94 | ||
|
143a23a635 | ||
|
6e7d6d4dfd | ||
|
23675ff78b | ||
|
7b95d1665f | ||
|
2b2423c26b | ||
|
3ff2d49a83 | ||
|
17a6aec60b | ||
|
71ece19475 | ||
|
f56c138b05 | ||
|
318c05cab7 | ||
|
56642f75b1 | ||
|
1df3ab4d32 | ||
|
03d2622327 | ||
|
9847ab298b | ||
|
1b4b1eaf63 | ||
|
6adf85458c | ||
|
354ff9f60c | ||
|
bbe5f977c9 | ||
|
ae0beee7db | ||
|
290d51ec7f | ||
|
3bdf494b4f | ||
|
7325c65a3e | ||
|
c2fc1058b4 | ||
|
b825afeee6 | ||
|
f07ff38d38 | ||
|
fa66cf4b52 | ||
|
129cd80b24 | ||
|
7c4ab8ff8e | ||
|
ad8308995b | ||
|
bffe20438c | ||
|
ae5568515b | ||
|
79249339a7 | ||
|
e8799f082e | ||
|
30ef066514 | ||
|
e88edba9c7 | ||
|
6b512f3414 | ||
|
5404b48738 | ||
|
27847ae318 | ||
|
a650e4abcb | ||
|
5c062c1ba9 | ||
|
0d4bee2e57 | ||
|
ac2b786dc8 |
@ -1 +0,0 @@
|
|||||||
openssl-1.0.0-beta4-usa.tar.bz2
|
|
51
.gitignore
vendored
Normal file
51
.gitignore
vendored
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
.build*.log
|
||||||
|
clog
|
||||||
|
000*.patch
|
||||||
|
*.src.rpm
|
||||||
|
openssl-1.0.0a-usa.tar.bz2
|
||||||
|
/openssl-1.0.0b-usa.tar.bz2
|
||||||
|
/openssl-1.0.0c-usa.tar.bz2
|
||||||
|
/openssl-1.0.0d-usa.tar.bz2
|
||||||
|
/openssl-1.0.0e-usa.tar.bz2
|
||||||
|
/openssl-1.0.0f-usa.tar.bz2
|
||||||
|
/openssl-1.0.0g-usa.tar.xz
|
||||||
|
/openssl-1.0.1-beta2-usa.tar.xz
|
||||||
|
/openssl-1.0.1-beta3-usa.tar.xz
|
||||||
|
/openssl-1.0.1-usa.tar.xz
|
||||||
|
/openssl-1.0.1a-usa.tar.xz
|
||||||
|
/openssl-1.0.1b-usa.tar.xz
|
||||||
|
/openssl-1.0.1c-usa.tar.xz
|
||||||
|
/openssl-1.0.1e-usa.tar.xz
|
||||||
|
/openssl-1.0.1e-hobbled.tar.xz
|
||||||
|
/openssl-1.0.1g-hobbled.tar.xz
|
||||||
|
/openssl-1.0.1h-hobbled.tar.xz
|
||||||
|
/openssl-1.0.1i-hobbled.tar.xz
|
||||||
|
/openssl-1.0.1j-hobbled.tar.xz
|
||||||
|
/openssl-1.0.1k-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2a-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2c-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2d-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2e-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2f-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2g-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2h-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2i-hobbled.tar.xz
|
||||||
|
/openssl-1.0.2j-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0b-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0c-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0d-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0e-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0f-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0g-hobbled.tar.xz
|
||||||
|
/openssl-1.1.0h-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1-pre8-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1-pre9-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1a-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1b-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1c-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1d-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1e-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1f-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1g-hobbled.tar.xz
|
||||||
|
/openssl-1.1.1h-hobbled.tar.xz
|
21
Makefile
21
Makefile
@ -1,21 +0,0 @@
|
|||||||
# Makefile for source rpm: openssl
|
|
||||||
# $Id: Makefile,v 1.2 2007/10/15 19:12:21 notting Exp $
|
|
||||||
NAME := openssl
|
|
||||||
SPECFILE = $(firstword $(wildcard *.spec))
|
|
||||||
|
|
||||||
define find-makefile-common
|
|
||||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
|
||||||
endef
|
|
||||||
|
|
||||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
|
||||||
|
|
||||||
ifeq ($(MAKEFILE_COMMON),)
|
|
||||||
# attempt a checkout
|
|
||||||
define checkout-makefile-common
|
|
||||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
|
||||||
endef
|
|
||||||
|
|
||||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
|
||||||
endif
|
|
||||||
|
|
||||||
include $(MAKEFILE_COMMON)
|
|
@ -1,5 +1,11 @@
|
|||||||
UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
|
UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
|
||||||
SERIAL=0
|
DAYS=365
|
||||||
|
KEYLEN=2048
|
||||||
|
TYPE=rsa:$(KEYLEN)
|
||||||
|
EXTRA_FLAGS=
|
||||||
|
ifdef SERIAL
|
||||||
|
EXTRA_FLAGS+=-set_serial $(SERIAL)
|
||||||
|
endif
|
||||||
|
|
||||||
.PHONY: usage
|
.PHONY: usage
|
||||||
.SUFFIXES: .key .csr .crt .pem
|
.SUFFIXES: .key .csr .crt .pem
|
||||||
@ -20,7 +26,9 @@ usage:
|
|||||||
@echo "To create a CSR for use with Apache, run \"make certreq\"."
|
@echo "To create a CSR for use with Apache, run \"make certreq\"."
|
||||||
@echo "To create a test certificate for use with Apache, run \"make testcert\"."
|
@echo "To create a test certificate for use with Apache, run \"make testcert\"."
|
||||||
@echo
|
@echo
|
||||||
@echo "To create a test certificate with serial number other than zero, add SERIAL=num"
|
@echo "To create a test certificate with serial number other than random, add SERIAL=num"
|
||||||
|
@echo "You can also specify key length with KEYLEN=n and expiration in days with DAYS=n"
|
||||||
|
@echo "Any additional options can be passed to openssl req via EXTRA_FLAGS"
|
||||||
@echo
|
@echo
|
||||||
@echo Examples:
|
@echo Examples:
|
||||||
@echo " make server.key"
|
@echo " make server.key"
|
||||||
@ -31,14 +39,14 @@ usage:
|
|||||||
@echo " make certreq"
|
@echo " make certreq"
|
||||||
@echo " make testcert"
|
@echo " make testcert"
|
||||||
@echo " make server.crt SERIAL=1"
|
@echo " make server.crt SERIAL=1"
|
||||||
@echo " make stunnel.pem SERIAL=2"
|
@echo " make stunnel.pem EXTRA_FLAGS=-sha384"
|
||||||
@echo " make testcert SERIAL=3"
|
@echo " make testcert DAYS=600"
|
||||||
|
|
||||||
%.pem:
|
%.pem:
|
||||||
umask 77 ; \
|
umask 77 ; \
|
||||||
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
||||||
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
|
||||||
/usr/bin/openssl req $(UTF8) -newkey rsa:2048 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \
|
/usr/bin/openssl req $(UTF8) -newkey $(TYPE) -keyout $$PEM1 -nodes -x509 -days $(DAYS) -out $$PEM2 $(EXTRA_FLAGS) ; \
|
||||||
cat $$PEM1 > $@ ; \
|
cat $$PEM1 > $@ ; \
|
||||||
echo "" >> $@ ; \
|
echo "" >> $@ ; \
|
||||||
cat $$PEM2 >> $@ ; \
|
cat $$PEM2 >> $@ ; \
|
||||||
@ -46,7 +54,7 @@ usage:
|
|||||||
|
|
||||||
%.key:
|
%.key:
|
||||||
umask 77 ; \
|
umask 77 ; \
|
||||||
/usr/bin/openssl genrsa -aes128 2048 > $@
|
/usr/bin/openssl genrsa -aes128 $(KEYLEN) > $@
|
||||||
|
|
||||||
%.csr: %.key
|
%.csr: %.key
|
||||||
umask 77 ; \
|
umask 77 ; \
|
||||||
@ -54,7 +62,7 @@ usage:
|
|||||||
|
|
||||||
%.crt: %.key
|
%.crt: %.key
|
||||||
umask 77 ; \
|
umask 77 ; \
|
||||||
/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL)
|
/usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days $(DAYS) -out $@ $(EXTRA_FLAGS)
|
||||||
|
|
||||||
TLSROOT=/etc/pki/tls
|
TLSROOT=/etc/pki/tls
|
||||||
KEY=$(TLSROOT)/private/localhost.key
|
KEY=$(TLSROOT)/private/localhost.key
|
||||||
@ -71,4 +79,4 @@ $(CSR): $(KEY)
|
|||||||
|
|
||||||
$(CRT): $(KEY)
|
$(CRT): $(KEY)
|
||||||
umask 77 ; \
|
umask 77 ; \
|
||||||
/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL)
|
/usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days $(DAYS) -out $(CRT) $(EXTRA_FLAGS)
|
||||||
|
23
README.FIPS
23
README.FIPS
@ -6,17 +6,17 @@ Red Hat Enterprise Linux - OPENSSL Module.
|
|||||||
|
|
||||||
The module files
|
The module files
|
||||||
================
|
================
|
||||||
/lib[64]/libcrypto.so.0.9.8e
|
/usr/lib[64]/libcrypto.so.1.1.0
|
||||||
/lib[64]/libssl.so.0.9.8e
|
/usr/lib[64]/libssl.so.1.1.0
|
||||||
/lib[64]/.libcrypto.so.0.9.8e.hmac
|
/usr/lib[64]/.libcrypto.so.1.1.0.hmac
|
||||||
/lib[64]/.libssl.so.0.9.8e.hmac
|
/usr/lib[64]/.libssl.so.1.1.0.hmac
|
||||||
|
|
||||||
Dependencies
|
Dependencies
|
||||||
============
|
============
|
||||||
|
|
||||||
The approved mode of operation requires kernel with /dev/urandom RNG running
|
The approved mode of operation requires kernel with /dev/urandom RNG running
|
||||||
with properties as defined in the security policy of the module. This is
|
with properties as defined in the security policy of the module. This is
|
||||||
provided by kernel packages with validated Red Hat Enterprise Linux - IPSec
|
provided by kernel packages with validated Red Hat Enterprise Linux Kernel
|
||||||
Crytographic Module.
|
Crytographic Module.
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
@ -26,11 +26,8 @@ The RPM package of the module can be installed by standard tools recommended
|
|||||||
for installation of RPM packages on the Red Hat Enterprise Linux system (yum,
|
for installation of RPM packages on the Red Hat Enterprise Linux system (yum,
|
||||||
rpm, RHN remote management tool).
|
rpm, RHN remote management tool).
|
||||||
|
|
||||||
For proper operation of the in-module integrity verification the prelink has to
|
The RPM package dracut-fips must be installed for the approved mode of
|
||||||
be disabled. This can be done with setting PRELINKING=no in the
|
operation.
|
||||||
/etc/sysconfig/prelink configuration file. If the libraries were already
|
|
||||||
prelinked the prelink should be undone on all the system files with the
|
|
||||||
'prelink -u -a' command.
|
|
||||||
|
|
||||||
Usage and API
|
Usage and API
|
||||||
=============
|
=============
|
||||||
@ -40,9 +37,9 @@ line contains option fips=1 the module will initialize in the FIPS approved
|
|||||||
mode of operation automatically. To allow for the automatic initialization the
|
mode of operation automatically. To allow for the automatic initialization the
|
||||||
application using the module has to call one of the following API calls:
|
application using the module has to call one of the following API calls:
|
||||||
|
|
||||||
- void OPENSSL_init(void) - this will do only a basic initialization of the
|
- void OPENSSL_init_library(void) - this will do only a basic initialization
|
||||||
library and does initialization of the FIPS approved mode without setting up
|
of the library and does initialization of the FIPS approved mode without setting
|
||||||
EVP API with supported algorithms.
|
up EVP API with supported algorithms.
|
||||||
|
|
||||||
- void OPENSSL_add_all_algorithms(void) - this API function calls
|
- void OPENSSL_add_all_algorithms(void) - this API function calls
|
||||||
OPENSSL_init() implicitly and also adds all approved algorithms to the EVP API
|
OPENSSL_init() implicitly and also adds all approved algorithms to the EVP API
|
||||||
|
582
ec_curve.c
Normal file
582
ec_curve.c
Normal file
@ -0,0 +1,582 @@
|
|||||||
|
/*
|
||||||
|
* Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
|
#include "ec_local.h"
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/obj_mac.h>
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#include "internal/nelem.h"
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
int field_type, /* either NID_X9_62_prime_field or
|
||||||
|
* NID_X9_62_characteristic_two_field */
|
||||||
|
seed_len, param_len;
|
||||||
|
unsigned int cofactor; /* promoted to BN_ULONG */
|
||||||
|
} EC_CURVE_DATA;
|
||||||
|
|
||||||
|
/* the nist prime curves */
|
||||||
|
static const struct {
|
||||||
|
EC_CURVE_DATA h;
|
||||||
|
unsigned char data[20 + 28 * 6];
|
||||||
|
} _EC_NIST_PRIME_224 = {
|
||||||
|
{
|
||||||
|
NID_X9_62_prime_field, 20, 28, 1
|
||||||
|
},
|
||||||
|
{
|
||||||
|
/* seed */
|
||||||
|
0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
|
||||||
|
0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
|
||||||
|
/* p */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x01,
|
||||||
|
/* a */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFE,
|
||||||
|
/* b */
|
||||||
|
0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
|
||||||
|
0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
|
||||||
|
0x23, 0x55, 0xFF, 0xB4,
|
||||||
|
/* x */
|
||||||
|
0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
|
||||||
|
0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
|
||||||
|
0x11, 0x5C, 0x1D, 0x21,
|
||||||
|
/* y */
|
||||||
|
0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
|
||||||
|
0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
|
||||||
|
0x85, 0x00, 0x7e, 0x34,
|
||||||
|
/* order */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
|
||||||
|
0x5C, 0x5C, 0x2A, 0x3D
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
static const struct {
|
||||||
|
EC_CURVE_DATA h;
|
||||||
|
unsigned char data[20 + 48 * 6];
|
||||||
|
} _EC_NIST_PRIME_384 = {
|
||||||
|
{
|
||||||
|
NID_X9_62_prime_field, 20, 48, 1
|
||||||
|
},
|
||||||
|
{
|
||||||
|
/* seed */
|
||||||
|
0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
|
||||||
|
0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
|
||||||
|
/* p */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
/* a */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||||
|
/* b */
|
||||||
|
0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
|
||||||
|
0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
|
||||||
|
0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
|
||||||
|
0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
|
||||||
|
/* x */
|
||||||
|
0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
|
||||||
|
0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
|
||||||
|
0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
|
||||||
|
0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
|
||||||
|
/* y */
|
||||||
|
0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
|
||||||
|
0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
|
||||||
|
0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
|
||||||
|
0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
|
||||||
|
/* order */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
|
||||||
|
0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
static const struct {
|
||||||
|
EC_CURVE_DATA h;
|
||||||
|
unsigned char data[20 + 66 * 6];
|
||||||
|
} _EC_NIST_PRIME_521 = {
|
||||||
|
{
|
||||||
|
NID_X9_62_prime_field, 20, 66, 1
|
||||||
|
},
|
||||||
|
{
|
||||||
|
/* seed */
|
||||||
|
0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
|
||||||
|
0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
|
||||||
|
/* p */
|
||||||
|
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
/* a */
|
||||||
|
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||||
|
/* b */
|
||||||
|
0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
|
||||||
|
0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
|
||||||
|
0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
|
||||||
|
0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
|
||||||
|
0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
|
||||||
|
0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
|
||||||
|
/* x */
|
||||||
|
0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
|
||||||
|
0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
|
||||||
|
0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
|
||||||
|
0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
|
||||||
|
0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
|
||||||
|
0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
|
||||||
|
/* y */
|
||||||
|
0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
|
||||||
|
0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
|
||||||
|
0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
|
||||||
|
0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
|
||||||
|
0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
|
||||||
|
0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
|
||||||
|
/* order */
|
||||||
|
0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
|
||||||
|
0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
|
||||||
|
0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
|
||||||
|
0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
static const struct {
|
||||||
|
EC_CURVE_DATA h;
|
||||||
|
unsigned char data[20 + 32 * 6];
|
||||||
|
} _EC_X9_62_PRIME_256V1 = {
|
||||||
|
{
|
||||||
|
NID_X9_62_prime_field, 20, 32, 1
|
||||||
|
},
|
||||||
|
{
|
||||||
|
/* seed */
|
||||||
|
0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
|
||||||
|
0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
|
||||||
|
/* p */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
/* a */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
|
||||||
|
/* b */
|
||||||
|
0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
|
||||||
|
0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
|
||||||
|
0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
|
||||||
|
/* x */
|
||||||
|
0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
|
||||||
|
0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
|
||||||
|
0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
|
||||||
|
/* y */
|
||||||
|
0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
|
||||||
|
0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
|
||||||
|
0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
|
||||||
|
/* order */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
|
||||||
|
0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
static const struct {
|
||||||
|
EC_CURVE_DATA h;
|
||||||
|
unsigned char data[0 + 32 * 6];
|
||||||
|
} _EC_SECG_PRIME_256K1 = {
|
||||||
|
{
|
||||||
|
NID_X9_62_prime_field, 0, 32, 1
|
||||||
|
},
|
||||||
|
{
|
||||||
|
/* no seed */
|
||||||
|
/* p */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
|
||||||
|
/* a */
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
/* b */
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
|
||||||
|
/* x */
|
||||||
|
0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
|
||||||
|
0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
|
||||||
|
0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
|
||||||
|
/* y */
|
||||||
|
0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
|
||||||
|
0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
|
||||||
|
0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
|
||||||
|
/* order */
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||||
|
0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
|
||||||
|
0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
typedef struct _ec_list_element_st {
|
||||||
|
int nid;
|
||||||
|
const EC_CURVE_DATA *data;
|
||||||
|
const EC_METHOD *(*meth) (void);
|
||||||
|
const char *comment;
|
||||||
|
} ec_list_element;
|
||||||
|
|
||||||
|
static const ec_list_element curve_list[] = {
|
||||||
|
/* prime field curves */
|
||||||
|
/* secg curves */
|
||||||
|
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
{NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||||
|
"NIST/SECG curve over a 224 bit prime field"},
|
||||||
|
#else
|
||||||
|
{NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
|
||||||
|
"NIST/SECG curve over a 224 bit prime field"},
|
||||||
|
#endif
|
||||||
|
{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||||
|
"SECG curve over a 256 bit prime field"},
|
||||||
|
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||||
|
{NID_secp384r1, &_EC_NIST_PRIME_384.h, 0,
|
||||||
|
"NIST/SECG curve over a 384 bit prime field"},
|
||||||
|
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
{NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method,
|
||||||
|
"NIST/SECG curve over a 521 bit prime field"},
|
||||||
|
#else
|
||||||
|
{NID_secp521r1, &_EC_NIST_PRIME_521.h, 0,
|
||||||
|
"NIST/SECG curve over a 521 bit prime field"},
|
||||||
|
#endif
|
||||||
|
/* X9.62 curves */
|
||||||
|
{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
|
||||||
|
#if defined(ECP_NISTZ256_ASM)
|
||||||
|
EC_GFp_nistz256_method,
|
||||||
|
#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||||
|
EC_GFp_nistp256_method,
|
||||||
|
#else
|
||||||
|
0,
|
||||||
|
#endif
|
||||||
|
"X9.62/SECG curve over a 256 bit prime field"},
|
||||||
|
};
|
||||||
|
|
||||||
|
#define curve_list_length OSSL_NELEM(curve_list)
|
||||||
|
|
||||||
|
static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
|
||||||
|
{
|
||||||
|
EC_GROUP *group = NULL;
|
||||||
|
EC_POINT *P = NULL;
|
||||||
|
BN_CTX *ctx = NULL;
|
||||||
|
BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
|
||||||
|
NULL;
|
||||||
|
int ok = 0;
|
||||||
|
int seed_len, param_len;
|
||||||
|
const EC_METHOD *meth;
|
||||||
|
const EC_CURVE_DATA *data;
|
||||||
|
const unsigned char *params;
|
||||||
|
|
||||||
|
/* If no curve data curve method must handle everything */
|
||||||
|
if (curve.data == NULL)
|
||||||
|
return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL);
|
||||||
|
|
||||||
|
if ((ctx = BN_CTX_new()) == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
data = curve.data;
|
||||||
|
seed_len = data->seed_len;
|
||||||
|
param_len = data->param_len;
|
||||||
|
params = (const unsigned char *)(data + 1); /* skip header */
|
||||||
|
params += seed_len; /* skip seed */
|
||||||
|
|
||||||
|
if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL
|
||||||
|
|| (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL
|
||||||
|
|| (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (curve.meth != 0) {
|
||||||
|
meth = curve.meth();
|
||||||
|
if (((group = EC_GROUP_new(meth)) == NULL) ||
|
||||||
|
(!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
} else if (data->field_type == NID_X9_62_prime_field) {
|
||||||
|
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#ifndef OPENSSL_NO_EC2M
|
||||||
|
else { /* field_type ==
|
||||||
|
* NID_X9_62_characteristic_two_field */
|
||||||
|
|
||||||
|
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
EC_GROUP_set_curve_name(group, curve.nid);
|
||||||
|
|
||||||
|
if ((P = EC_POINT_new(group)) == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL
|
||||||
|
|| (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL
|
||||||
|
|| !BN_set_word(x, (BN_ULONG)data->cofactor)) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (!EC_GROUP_set_generator(group, P, order, x)) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (seed_len) {
|
||||||
|
if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ok = 1;
|
||||||
|
err:
|
||||||
|
if (!ok) {
|
||||||
|
EC_GROUP_free(group);
|
||||||
|
group = NULL;
|
||||||
|
}
|
||||||
|
EC_POINT_free(P);
|
||||||
|
BN_CTX_free(ctx);
|
||||||
|
BN_free(p);
|
||||||
|
BN_free(a);
|
||||||
|
BN_free(b);
|
||||||
|
BN_free(order);
|
||||||
|
BN_free(x);
|
||||||
|
BN_free(y);
|
||||||
|
return group;
|
||||||
|
}
|
||||||
|
|
||||||
|
EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
EC_GROUP *ret = NULL;
|
||||||
|
|
||||||
|
if (nid <= 0)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
for (i = 0; i < curve_list_length; i++)
|
||||||
|
if (curve_list[i].nid == nid) {
|
||||||
|
ret = ec_group_new_from_data(curve_list[i]);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ret == NULL) {
|
||||||
|
ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
|
||||||
|
{
|
||||||
|
size_t i, min;
|
||||||
|
|
||||||
|
if (r == NULL || nitems == 0)
|
||||||
|
return curve_list_length;
|
||||||
|
|
||||||
|
min = nitems < curve_list_length ? nitems : curve_list_length;
|
||||||
|
|
||||||
|
for (i = 0; i < min; i++) {
|
||||||
|
r[i].nid = curve_list[i].nid;
|
||||||
|
r[i].comment = curve_list[i].comment;
|
||||||
|
}
|
||||||
|
|
||||||
|
return curve_list_length;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Functions to translate between common NIST curve names and NIDs */
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
const char *name; /* NIST Name of curve */
|
||||||
|
int nid; /* Curve NID */
|
||||||
|
} EC_NIST_NAME;
|
||||||
|
|
||||||
|
static EC_NIST_NAME nist_curves[] = {
|
||||||
|
{"B-163", NID_sect163r2},
|
||||||
|
{"B-233", NID_sect233r1},
|
||||||
|
{"B-283", NID_sect283r1},
|
||||||
|
{"B-409", NID_sect409r1},
|
||||||
|
{"B-571", NID_sect571r1},
|
||||||
|
{"K-163", NID_sect163k1},
|
||||||
|
{"K-233", NID_sect233k1},
|
||||||
|
{"K-283", NID_sect283k1},
|
||||||
|
{"K-409", NID_sect409k1},
|
||||||
|
{"K-571", NID_sect571k1},
|
||||||
|
{"P-192", NID_X9_62_prime192v1},
|
||||||
|
{"P-224", NID_secp224r1},
|
||||||
|
{"P-256", NID_X9_62_prime256v1},
|
||||||
|
{"P-384", NID_secp384r1},
|
||||||
|
{"P-521", NID_secp521r1}
|
||||||
|
};
|
||||||
|
|
||||||
|
const char *EC_curve_nid2nist(int nid)
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
for (i = 0; i < OSSL_NELEM(nist_curves); i++) {
|
||||||
|
if (nist_curves[i].nid == nid)
|
||||||
|
return nist_curves[i].name;
|
||||||
|
}
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
int EC_curve_nist2nid(const char *name)
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
for (i = 0; i < OSSL_NELEM(nist_curves); i++) {
|
||||||
|
if (strcmp(nist_curves[i].name, name) == 0)
|
||||||
|
return nist_curves[i].nid;
|
||||||
|
}
|
||||||
|
return NID_undef;
|
||||||
|
}
|
||||||
|
|
||||||
|
#define NUM_BN_FIELDS 6
|
||||||
|
/*
|
||||||
|
* Validates EC domain parameter data for known named curves.
|
||||||
|
* This can be used when a curve is loaded explicitly (without a curve
|
||||||
|
* name) or to validate that domain parameters have not been modified.
|
||||||
|
*
|
||||||
|
* Returns: The nid associated with the found named curve, or NID_undef
|
||||||
|
* if not found. If there was an error it returns -1.
|
||||||
|
*/
|
||||||
|
int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
|
||||||
|
{
|
||||||
|
int ret = -1, nid, len, field_type, param_len;
|
||||||
|
size_t i, seed_len;
|
||||||
|
const unsigned char *seed, *params_seed, *params;
|
||||||
|
unsigned char *param_bytes = NULL;
|
||||||
|
const EC_CURVE_DATA *data;
|
||||||
|
const EC_POINT *generator = NULL;
|
||||||
|
const EC_METHOD *meth;
|
||||||
|
const BIGNUM *cofactor = NULL;
|
||||||
|
/* An array of BIGNUMs for (p, a, b, x, y, order) */
|
||||||
|
BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
|
||||||
|
|
||||||
|
meth = EC_GROUP_method_of(group);
|
||||||
|
if (meth == NULL)
|
||||||
|
return -1;
|
||||||
|
/* Use the optional named curve nid as a search field */
|
||||||
|
nid = EC_GROUP_get_curve_name(group);
|
||||||
|
field_type = EC_METHOD_get_field_type(meth);
|
||||||
|
seed_len = EC_GROUP_get_seed_len(group);
|
||||||
|
seed = EC_GROUP_get0_seed(group);
|
||||||
|
cofactor = EC_GROUP_get0_cofactor(group);
|
||||||
|
|
||||||
|
BN_CTX_start(ctx);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The built-in curves contains data fields (p, a, b, x, y, order) that are
|
||||||
|
* all zero-padded to be the same size. The size of the padding is
|
||||||
|
* determined by either the number of bytes in the field modulus (p) or the
|
||||||
|
* EC group order, whichever is larger.
|
||||||
|
*/
|
||||||
|
param_len = BN_num_bytes(group->order);
|
||||||
|
len = BN_num_bytes(group->field);
|
||||||
|
if (len > param_len)
|
||||||
|
param_len = len;
|
||||||
|
|
||||||
|
/* Allocate space to store the padded data for (p, a, b, x, y, order) */
|
||||||
|
param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS);
|
||||||
|
if (param_bytes == NULL)
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/* Create the bignums */
|
||||||
|
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||||
|
if ((bn[i] = BN_CTX_get(ctx)) == NULL)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
* Fill in the bn array with the same values as the internal curves
|
||||||
|
* i.e. the values are p, a, b, x, y, order.
|
||||||
|
*/
|
||||||
|
/* Get p, a & b */
|
||||||
|
if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx)
|
||||||
|
&& ((generator = EC_GROUP_get0_generator(group)) != NULL)
|
||||||
|
/* Get x & y */
|
||||||
|
&& EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx)
|
||||||
|
/* Get order */
|
||||||
|
&& EC_GROUP_get_order(group, bn[5], ctx)))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Convert the bignum array to bytes that are joined together to form
|
||||||
|
* a single buffer that contains data for all fields.
|
||||||
|
* (p, a, b, x, y, order) are all zero padded to be the same size.
|
||||||
|
*/
|
||||||
|
for (i = 0; i < NUM_BN_FIELDS; ++i) {
|
||||||
|
if (BN_bn2binpad(bn[i], ¶m_bytes[i*param_len], param_len) <= 0)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0; i < curve_list_length; i++) {
|
||||||
|
const ec_list_element curve = curve_list[i];
|
||||||
|
|
||||||
|
data = curve.data;
|
||||||
|
/* Get the raw order byte data */
|
||||||
|
params_seed = (const unsigned char *)(data + 1); /* skip header */
|
||||||
|
params = params_seed + data->seed_len;
|
||||||
|
|
||||||
|
/* Look for unique fields in the fixed curve data */
|
||||||
|
if (data->field_type == field_type
|
||||||
|
&& param_len == data->param_len
|
||||||
|
&& (nid <= 0 || nid == curve.nid)
|
||||||
|
/* check the optional cofactor (ignore if its zero) */
|
||||||
|
&& (BN_is_zero(cofactor)
|
||||||
|
|| BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor))
|
||||||
|
/* Check the optional seed (ignore if its not set) */
|
||||||
|
&& (data->seed_len == 0 || seed_len == 0
|
||||||
|
|| ((size_t)data->seed_len == seed_len
|
||||||
|
&& memcmp(params_seed, seed, seed_len) == 0))
|
||||||
|
/* Check that the groups params match the built-in curve params */
|
||||||
|
&& memcmp(param_bytes, params, param_len * NUM_BN_FIELDS)
|
||||||
|
== 0) {
|
||||||
|
ret = curve.nid;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/* Gets here if the group was not found */
|
||||||
|
ret = NID_undef;
|
||||||
|
end:
|
||||||
|
OPENSSL_free(param_bytes);
|
||||||
|
BN_CTX_end(ctx);
|
||||||
|
return ret;
|
||||||
|
}
|
15
fixpatch
Executable file
15
fixpatch
Executable file
@ -0,0 +1,15 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# Fixes patch from upstream tracker view
|
||||||
|
gawk '
|
||||||
|
BEGIN {
|
||||||
|
dir=""
|
||||||
|
}
|
||||||
|
/^Index: openssl\// {
|
||||||
|
dir = $2
|
||||||
|
}
|
||||||
|
/^(---|\+\+\+)/ {
|
||||||
|
$2 = dir
|
||||||
|
}
|
||||||
|
{
|
||||||
|
print
|
||||||
|
}'
|
@ -5,40 +5,36 @@ set -e
|
|||||||
|
|
||||||
# Clean out patent-or-otherwise-encumbered code.
|
# Clean out patent-or-otherwise-encumbered code.
|
||||||
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway
|
||||||
# IDEA: 5,214,703 25/05/2010
|
# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore
|
||||||
# RC5: 5,724,428 03/03/2015
|
# RC5: 5,724,428 01/11/2015 - expired, we do not remove it anymore
|
||||||
# EC: ????????? ??/??/2015
|
# EC: ????????? ??/??/2020
|
||||||
|
# SRP: ????????? ??/??/2017 - expired, we do not remove it anymore
|
||||||
|
|
||||||
# Remove assembler portions of IDEA, MDC2, and RC5.
|
# Remove assembler portions of IDEA, MDC2, and RC5.
|
||||||
(find crypto/{idea,rc5}/asm -type f | xargs -r rm -fv)
|
# (find crypto/rc5/asm -type f | xargs -r rm -fv)
|
||||||
|
|
||||||
# IDEA, MDC2, RC5, EC.
|
for c in `find crypto/bn -name "*gf2m.c"`; do
|
||||||
for a in idea rc5 ec ecdh ecdsa; do
|
|
||||||
for c in `find crypto/$a -name "*.c" -a \! -name "*test*" -type f` ; do
|
|
||||||
echo Destroying $c
|
echo Destroying $c
|
||||||
> $c
|
> $c
|
||||||
done
|
|
||||||
done
|
done
|
||||||
|
|
||||||
for c in `find crypto/evp -name "*_rc5.c" -o -name "*_idea.c" -o -name "*_ecdsa.c"`; do
|
for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do
|
||||||
|
echo Destroying $c
|
||||||
|
> $c
|
||||||
|
done
|
||||||
|
|
||||||
|
for c in `find test -name "ectest.c"`; do
|
||||||
echo Destroying $c
|
echo Destroying $c
|
||||||
> $c
|
> $c
|
||||||
done
|
done
|
||||||
|
|
||||||
for h in `find crypto ssl apps test -name "*.h"` ; do
|
for h in `find crypto ssl apps test -name "*.h"` ; do
|
||||||
echo Removing IDEA, RC5, and EC references from $h
|
echo Removing EC2M references from $h
|
||||||
cat $h | \
|
cat $h | \
|
||||||
awk 'BEGIN {ech=1;} \
|
awk 'BEGIN {ech=1;} \
|
||||||
/^#[ \t]*ifndef.*NO_IDEA/ {ech--; next;} \
|
/^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \
|
||||||
/^#[ \t]*ifndef.*NO_RC5/ {ech--; next;} \
|
|
||||||
/^#[ \t]*ifndef.*NO_EC/ {ech--; next;} \
|
|
||||||
/^#[ \t]*ifndef.*NO_ECDH/ {ech--; next;} \
|
|
||||||
/^#[ \t]*ifndef.*NO_ECDSA/ {ech--; next;} \
|
|
||||||
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
/^#[ \t]*if/ {if(ech < 1) ech--;} \
|
||||||
{if(ech>0) {;print $0};} \
|
{if(ech>0) {;print $0};} \
|
||||||
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
/^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \
|
||||||
mv $h.hobbled $h
|
mv $h.hobbled $h
|
||||||
done
|
done
|
||||||
|
|
||||||
# Make the makefiles happy.
|
|
||||||
touch crypto/rc5/asm/rc5-586.pl
|
|
||||||
|
@ -1,29 +0,0 @@
|
|||||||
Do not treat duplicate certs as an error.
|
|
||||||
|
|
||||||
--- openssl-0.9.6/crypto/x509/by_file.c Wed Sep 27 15:09:05 2000
|
|
||||||
+++ openssl-0.9.6/crypto/x509/by_file.c Wed Sep 27 14:21:20 2000
|
|
||||||
@@ -163,8 +163,12 @@
|
|
||||||
}
|
|
||||||
}
|
|
||||||
i=X509_STORE_add_cert(ctx->store_ctx,x);
|
|
||||||
- if (!i) goto err;
|
|
||||||
- count++;
|
|
||||||
+ /* ignore any problems with current certificate
|
|
||||||
+ and continue with the next one */
|
|
||||||
+ if (i)
|
|
||||||
+ count++;
|
|
||||||
+ else
|
|
||||||
+ ERR_clear_error();
|
|
||||||
X509_free(x);
|
|
||||||
x=NULL;
|
|
||||||
}
|
|
||||||
@@ -179,7 +183,8 @@
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
i=X509_STORE_add_cert(ctx->store_ctx,x);
|
|
||||||
- if (!i) goto err;
|
|
||||||
+ if (!i)
|
|
||||||
+ ERR_clear_error();
|
|
||||||
ret=i;
|
|
||||||
}
|
|
||||||
else
|
|
@ -1,11 +0,0 @@
|
|||||||
--- openssl-0.9.8a/Makefile.shared.no-rpath 2005-06-23 22:47:54.000000000 +0200
|
|
||||||
+++ openssl-0.9.8a/Makefile.shared 2005-11-16 22:35:37.000000000 +0100
|
|
||||||
@@ -153,7 +153,7 @@
|
|
||||||
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
|
|
||||||
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
|
|
||||||
|
|
||||||
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
|
|
||||||
+DO_GNU_APP=LDFLAGS="$(CFLAGS)"
|
|
||||||
|
|
||||||
#This is rather special. It's a special target with which one can link
|
|
||||||
#applications without bothering with any features that have anything to
|
|
@ -1,24 +0,0 @@
|
|||||||
diff -up openssl-0.9.8b/ssl/ssltest.c.use-localhost openssl-0.9.8b/ssl/ssltest.c
|
|
||||||
--- openssl-0.9.8b/ssl/ssltest.c.use-localhost 2006-02-24 18:58:35.000000000 +0100
|
|
||||||
+++ openssl-0.9.8b/ssl/ssltest.c 2007-08-03 14:06:16.000000000 +0200
|
|
||||||
@@ -839,19 +839,8 @@ bad:
|
|
||||||
#ifndef OPENSSL_NO_KRB5
|
|
||||||
if (c_ssl && c_ssl->kssl_ctx)
|
|
||||||
{
|
|
||||||
- char localhost[MAXHOSTNAMELEN+2];
|
|
||||||
-
|
|
||||||
- if (gethostname(localhost, sizeof localhost-1) == 0)
|
|
||||||
- {
|
|
||||||
- localhost[sizeof localhost-1]='\0';
|
|
||||||
- if(strlen(localhost) == sizeof localhost-1)
|
|
||||||
- {
|
|
||||||
- BIO_printf(bio_err,"localhost name too long\n");
|
|
||||||
- goto end;
|
|
||||||
- }
|
|
||||||
kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
|
|
||||||
- localhost);
|
|
||||||
- }
|
|
||||||
+ "localhost");
|
|
||||||
}
|
|
||||||
#endif /* OPENSSL_NO_KRB5 */
|
|
||||||
|
|
@ -1,19 +0,0 @@
|
|||||||
diff -up openssl-0.9.8g/crypto/bn/bn_lcl.h.ia64 openssl-0.9.8g/crypto/bn/bn_lcl.h
|
|
||||||
--- openssl-0.9.8g/crypto/bn/bn_lcl.h.ia64 2008-08-10 22:23:55.000000000 +0200
|
|
||||||
+++ openssl-0.9.8g/crypto/bn/bn_lcl.h 2008-08-10 22:23:55.000000000 +0200
|
|
||||||
@@ -279,6 +279,15 @@ extern "C" {
|
|
||||||
# define BN_UMULT_HIGH(a,b) __umulh((a),(b))
|
|
||||||
# define BN_UMULT_LOHI(low,high,a,b) ((low)=_umul128((a),(b),&(high)))
|
|
||||||
# endif
|
|
||||||
+# elif defined(__ia64) && defined(SIXTY_FOUR_BIT_LONG)
|
|
||||||
+# if defined(__GNUC__)
|
|
||||||
+# define BN_UMULT_HIGH(a,b) ({ \
|
|
||||||
+ register BN_ULONG ret; \
|
|
||||||
+ asm ("xmpy.hu %0 = %1, %2" \
|
|
||||||
+ : "=f"(ret) \
|
|
||||||
+ : "f"(a), "f"(b)); \
|
|
||||||
+ ret; })
|
|
||||||
+# endif /* compiler */
|
|
||||||
# endif /* cpu */
|
|
||||||
#endif /* OPENSSL_NO_ASM */
|
|
||||||
|
|
@ -1,14 +0,0 @@
|
|||||||
diff -up openssl-0.9.8j/crypto/asn1/asn_mime.c.bad-mime openssl-0.9.8j/crypto/asn1/asn_mime.c
|
|
||||||
--- openssl-0.9.8j/crypto/asn1/asn_mime.c.bad-mime 2008-08-05 17:56:11.000000000 +0200
|
|
||||||
+++ openssl-0.9.8j/crypto/asn1/asn_mime.c 2009-01-14 22:08:34.000000000 +0100
|
|
||||||
@@ -792,6 +792,10 @@ static int mime_hdr_addparam(MIME_HEADER
|
|
||||||
static int mime_hdr_cmp(const MIME_HEADER * const *a,
|
|
||||||
const MIME_HEADER * const *b)
|
|
||||||
{
|
|
||||||
+ if ((*a)->name == NULL || (*b)->name == NULL)
|
|
||||||
+ return (*a)->name - (*b)->name < 0 ? -1 :
|
|
||||||
+ (*a)->name - (*b)->name > 0 ? 1 : 0;
|
|
||||||
+
|
|
||||||
return(strcmp((*a)->name, (*b)->name));
|
|
||||||
}
|
|
||||||
|
|
@ -1,13 +0,0 @@
|
|||||||
Do not implicitly load the zlib support if OPENSSL_NO_DEFAULT_ZLIB is set.
|
|
||||||
diff -up openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib openssl-0.9.8j/ssl/ssl_ciph.c
|
|
||||||
--- openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib 2009-01-05 15:43:07.000000000 +0100
|
|
||||||
+++ openssl-0.9.8j/ssl/ssl_ciph.c 2009-01-14 17:47:46.000000000 +0100
|
|
||||||
@@ -287,7 +287,7 @@ static void load_builtin_compressions(vo
|
|
||||||
|
|
||||||
MemCheck_off();
|
|
||||||
ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
|
|
||||||
- if (ssl_comp_methods != NULL)
|
|
||||||
+ if (ssl_comp_methods != NULL && getenv("OPENSSL_NO_DEFAULT_ZLIB") == NULL)
|
|
||||||
{
|
|
||||||
comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
|
|
||||||
if (comp != NULL)
|
|
@ -1,35 +0,0 @@
|
|||||||
diff -up openssl-0.9.8j/README.warning openssl-0.9.8j/README
|
|
||||||
--- openssl-0.9.8j/README.warning 2009-01-07 11:50:53.000000000 +0100
|
|
||||||
+++ openssl-0.9.8j/README 2009-01-14 17:43:02.000000000 +0100
|
|
||||||
@@ -5,6 +5,31 @@
|
|
||||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
|
||||||
All rights reserved.
|
|
||||||
|
|
||||||
+ WARNING
|
|
||||||
+ -------
|
|
||||||
+
|
|
||||||
+ This version of OpenSSL is built in a way that supports operation in
|
|
||||||
+ the so called FIPS mode. Note though that the library as we build it
|
|
||||||
+ is not FIPS validated and the FIPS mode is present for testing purposes
|
|
||||||
+ only.
|
|
||||||
+
|
|
||||||
+ This version also contains a few differences from the upstream code
|
|
||||||
+ some of which are:
|
|
||||||
+ * The FIPS integrity verification check is implemented differently
|
|
||||||
+ from the upstream FIPS validated OpenSSL module. It verifies
|
|
||||||
+ HMAC-SHA256 checksum of the whole libcrypto shared library.
|
|
||||||
+ * The module respects the kernel FIPS flag /proc/sys/crypto/fips and
|
|
||||||
+ tries to initialize the FIPS mode if it is set to 1 aborting if the
|
|
||||||
+ FIPS mode could not be initialized. It is also possible to force the
|
|
||||||
+ OpenSSL library to FIPS mode especially for debugging purposes by
|
|
||||||
+ setting the environment variable OPENSSL_FORCE_FIPS_MODE.
|
|
||||||
+ * If the environment variable OPENSSL_NO_DEFAULT_ZLIB is set the module
|
|
||||||
+ will not automatically load the built in compression method ZLIB
|
|
||||||
+ when initialized. Applications can still explicitely ask for ZLIB
|
|
||||||
+ compression method.
|
|
||||||
+ * There is added a support for EAP-FAST through TLS extension. This code
|
|
||||||
+ is backported from OpenSSL upstream development branch.
|
|
||||||
+
|
|
||||||
DESCRIPTION
|
|
||||||
-----------
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
|||||||
diff -up openssl-0.9.8j/apps/version.c.version-add-engines openssl-0.9.8j/apps/version.c
|
|
||||||
--- openssl-0.9.8j/apps/version.c.version-add-engines 2008-10-20 14:53:33.000000000 +0200
|
|
||||||
+++ openssl-0.9.8j/apps/version.c 2009-01-13 23:22:03.000000000 +0100
|
|
||||||
@@ -131,6 +131,7 @@
|
|
||||||
#ifndef OPENSSL_NO_BF
|
|
||||||
# include <openssl/blowfish.h>
|
|
||||||
#endif
|
|
||||||
+#include <openssl/engine.h>
|
|
||||||
|
|
||||||
#undef PROG
|
|
||||||
#define PROG version_main
|
|
||||||
@@ -140,7 +141,7 @@ int MAIN(int, char **);
|
|
||||||
int MAIN(int argc, char **argv)
|
|
||||||
{
|
|
||||||
int i,ret=0;
|
|
||||||
- int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
|
|
||||||
+ int cflags=0,version=0,date=0,options=0,platform=0,dir=0,engines=0;
|
|
||||||
|
|
||||||
apps_startup();
|
|
||||||
|
|
||||||
@@ -164,7 +165,7 @@ int MAIN(int argc, char **argv)
|
|
||||||
else if (strcmp(argv[i],"-d") == 0)
|
|
||||||
dir=1;
|
|
||||||
else if (strcmp(argv[i],"-a") == 0)
|
|
||||||
- date=version=cflags=options=platform=dir=1;
|
|
||||||
+ date=version=cflags=options=platform=dir=engines=1;
|
|
||||||
else
|
|
||||||
{
|
|
||||||
BIO_printf(bio_err,"usage:version -[avbofpd]\n");
|
|
||||||
@@ -211,6 +212,18 @@ int MAIN(int argc, char **argv)
|
|
||||||
}
|
|
||||||
if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
|
|
||||||
if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR));
|
|
||||||
+ if (engines)
|
|
||||||
+ {
|
|
||||||
+ ENGINE *e;
|
|
||||||
+ printf("engines: ");
|
|
||||||
+ e = ENGINE_get_first();
|
|
||||||
+ while (e)
|
|
||||||
+ {
|
|
||||||
+ printf("%s ", ENGINE_get_id(e));
|
|
||||||
+ e = ENGINE_get_next(e);
|
|
||||||
+ }
|
|
||||||
+ printf("\n");
|
|
||||||
+ }
|
|
||||||
end:
|
|
||||||
apps_shutdown();
|
|
||||||
OPENSSL_EXIT(ret);
|
|
@ -1,21 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta3/ssl/ssl.h.cipher-change openssl-1.0.0-beta3/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta3/ssl/ssl.h.cipher-change 2009-08-05 18:22:45.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/ssl/ssl.h 2009-08-05 18:27:32.000000000 +0200
|
|
||||||
@@ -511,7 +511,7 @@ typedef struct ssl_session_st
|
|
||||||
|
|
||||||
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
|
|
||||||
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
|
||||||
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
|
|
||||||
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */
|
|
||||||
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
|
|
||||||
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
|
|
||||||
#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */
|
|
||||||
@@ -528,7 +528,7 @@ typedef struct ssl_session_st
|
|
||||||
|
|
||||||
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
|
|
||||||
* This used to be 0x000FFFFFL before 0.9.7. */
|
|
||||||
-#define SSL_OP_ALL 0x80000FFFL
|
|
||||||
+#define SSL_OP_ALL 0x80000FF7L
|
|
||||||
|
|
||||||
/* DTLS options */
|
|
||||||
#define SSL_OP_NO_QUERY_MTU 0x00001000L
|
|
@ -1,400 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta3/crypto/fips/fips.c.fipscheck openssl-1.0.0-beta3/crypto/fips/fips.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/fips/fips.c.fipscheck 2009-08-10 20:11:59.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/fips/fips.c 2009-08-10 20:11:59.000000000 +0200
|
|
||||||
@@ -47,6 +47,7 @@
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
+#define _GNU_SOURCE
|
|
||||||
|
|
||||||
#include <openssl/rand.h>
|
|
||||||
#include <openssl/fips_rand.h>
|
|
||||||
@@ -56,6 +57,9 @@
|
|
||||||
#include <openssl/rsa.h>
|
|
||||||
#include <string.h>
|
|
||||||
#include <limits.h>
|
|
||||||
+#include <dlfcn.h>
|
|
||||||
+#include <stdio.h>
|
|
||||||
+#include <stdlib.h>
|
|
||||||
#include "fips_locl.h"
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
@@ -165,6 +169,204 @@ int FIPS_selftest()
|
|
||||||
&& FIPS_selftest_dsa();
|
|
||||||
}
|
|
||||||
|
|
||||||
+/* we implement what libfipscheck does ourselves */
|
|
||||||
+
|
|
||||||
+static int
|
|
||||||
+get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen)
|
|
||||||
+{
|
|
||||||
+ Dl_info info;
|
|
||||||
+ void *dl, *sym;
|
|
||||||
+ int rv = -1;
|
|
||||||
+
|
|
||||||
+ dl = dlopen(libname, RTLD_LAZY);
|
|
||||||
+ if (dl == NULL) {
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ sym = dlsym(dl, symbolname);
|
|
||||||
+
|
|
||||||
+ if (sym != NULL && dladdr(sym, &info)) {
|
|
||||||
+ strncpy(path, info.dli_fname, pathlen-1);
|
|
||||||
+ path[pathlen-1] = '\0';
|
|
||||||
+ rv = 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ dlclose(dl);
|
|
||||||
+
|
|
||||||
+ return rv;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static const char conv[] = "0123456789abcdef";
|
|
||||||
+
|
|
||||||
+static char *
|
|
||||||
+bin2hex(void *buf, size_t len)
|
|
||||||
+{
|
|
||||||
+ char *hex, *p;
|
|
||||||
+ unsigned char *src = buf;
|
|
||||||
+
|
|
||||||
+ hex = malloc(len * 2 + 1);
|
|
||||||
+ if (hex == NULL)
|
|
||||||
+ return NULL;
|
|
||||||
+
|
|
||||||
+ p = hex;
|
|
||||||
+
|
|
||||||
+ while (len > 0) {
|
|
||||||
+ unsigned c;
|
|
||||||
+
|
|
||||||
+ c = *src;
|
|
||||||
+ src++;
|
|
||||||
+
|
|
||||||
+ *p = conv[c >> 4];
|
|
||||||
+ ++p;
|
|
||||||
+ *p = conv[c & 0x0f];
|
|
||||||
+ ++p;
|
|
||||||
+ --len;
|
|
||||||
+ }
|
|
||||||
+ *p = '\0';
|
|
||||||
+ return hex;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#define HMAC_PREFIX "."
|
|
||||||
+#define HMAC_SUFFIX ".hmac"
|
|
||||||
+#define READ_BUFFER_LENGTH 16384
|
|
||||||
+
|
|
||||||
+static char *
|
|
||||||
+make_hmac_path(const char *origpath)
|
|
||||||
+{
|
|
||||||
+ char *path, *p;
|
|
||||||
+ const char *fn;
|
|
||||||
+
|
|
||||||
+ path = malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath));
|
|
||||||
+ if(path == NULL) {
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ fn = strrchr(origpath, '/');
|
|
||||||
+ if (fn == NULL) {
|
|
||||||
+ fn = origpath;
|
|
||||||
+ } else {
|
|
||||||
+ ++fn;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ strncpy(path, origpath, fn-origpath);
|
|
||||||
+ p = path + (fn - origpath);
|
|
||||||
+ p = stpcpy(p, HMAC_PREFIX);
|
|
||||||
+ p = stpcpy(p, fn);
|
|
||||||
+ p = stpcpy(p, HMAC_SUFFIX);
|
|
||||||
+
|
|
||||||
+ return path;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP";
|
|
||||||
+
|
|
||||||
+static int
|
|
||||||
+compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
|
|
||||||
+{
|
|
||||||
+ FILE *f = NULL;
|
|
||||||
+ int rv = -1;
|
|
||||||
+ unsigned char rbuf[READ_BUFFER_LENGTH];
|
|
||||||
+ size_t len;
|
|
||||||
+ unsigned int hlen;
|
|
||||||
+ HMAC_CTX c;
|
|
||||||
+
|
|
||||||
+ HMAC_CTX_init(&c);
|
|
||||||
+
|
|
||||||
+ f = fopen(path, "r");
|
|
||||||
+
|
|
||||||
+ if (f == NULL) {
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
|
|
||||||
+
|
|
||||||
+ while ((len=fread(rbuf, 1, sizeof(rbuf), f)) != 0) {
|
|
||||||
+ HMAC_Update(&c, rbuf, len);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ len = sizeof(rbuf);
|
|
||||||
+ /* reuse rbuf for hmac */
|
|
||||||
+ HMAC_Final(&c, rbuf, &hlen);
|
|
||||||
+
|
|
||||||
+ *buf = malloc(hlen);
|
|
||||||
+ if (*buf == NULL) {
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ *hmaclen = hlen;
|
|
||||||
+
|
|
||||||
+ memcpy(*buf, rbuf, hlen);
|
|
||||||
+
|
|
||||||
+ rv = 0;
|
|
||||||
+end:
|
|
||||||
+ HMAC_CTX_cleanup(&c);
|
|
||||||
+
|
|
||||||
+ if (f)
|
|
||||||
+ fclose(f);
|
|
||||||
+
|
|
||||||
+ return rv;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static int
|
|
||||||
+FIPSCHECK_verify(const char *libname, const char *symbolname)
|
|
||||||
+{
|
|
||||||
+ char path[PATH_MAX+1];
|
|
||||||
+ int rv;
|
|
||||||
+ FILE *hf;
|
|
||||||
+ char *hmacpath, *p;
|
|
||||||
+ char *hmac = NULL;
|
|
||||||
+ size_t n;
|
|
||||||
+
|
|
||||||
+ rv = get_library_path(libname, symbolname, path, sizeof(path));
|
|
||||||
+
|
|
||||||
+ if (rv < 0)
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
+ hmacpath = make_hmac_path(path);
|
|
||||||
+
|
|
||||||
+ hf = fopen(hmacpath, "r");
|
|
||||||
+ if (hf == NULL) {
|
|
||||||
+ free(hmacpath);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (getline(&hmac, &n, hf) > 0) {
|
|
||||||
+ void *buf;
|
|
||||||
+ size_t hmaclen;
|
|
||||||
+ char *hex;
|
|
||||||
+
|
|
||||||
+ if ((p=strchr(hmac, '\n')) != NULL)
|
|
||||||
+ *p = '\0';
|
|
||||||
+
|
|
||||||
+ if (compute_file_hmac(path, &buf, &hmaclen) < 0) {
|
|
||||||
+ rv = -4;
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if ((hex=bin2hex(buf, hmaclen)) == NULL) {
|
|
||||||
+ free(buf);
|
|
||||||
+ rv = -5;
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (strcmp(hex, hmac) != 0) {
|
|
||||||
+ rv = -1;
|
|
||||||
+ }
|
|
||||||
+ free(buf);
|
|
||||||
+ free(hex);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+end:
|
|
||||||
+ free(hmac);
|
|
||||||
+ free(hmacpath);
|
|
||||||
+ fclose(hf);
|
|
||||||
+
|
|
||||||
+ if (rv < 0)
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
+ /* check successful */
|
|
||||||
+ return 1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int FIPS_mode_set(int onoff)
|
|
||||||
{
|
|
||||||
int fips_set_owning_thread();
|
|
||||||
@@ -201,6 +403,22 @@ int FIPS_mode_set(int onoff)
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+ if(!FIPSCHECK_verify("libcrypto.so." SHLIB_VERSION_NUMBER,"FIPS_mode_set"))
|
|
||||||
+ {
|
|
||||||
+ FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
|
|
||||||
+ fips_selftest_fail = 1;
|
|
||||||
+ ret = 0;
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if(!FIPSCHECK_verify("libssl.so." SHLIB_VERSION_NUMBER,"SSL_CTX_new"))
|
|
||||||
+ {
|
|
||||||
+ FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
|
|
||||||
+ fips_selftest_fail = 1;
|
|
||||||
+ ret = 0;
|
|
||||||
+ goto end;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
/* Perform RNG KAT before seeding */
|
|
||||||
if (!FIPS_selftest_rng())
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c.fipscheck openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c.fipscheck 2009-08-10 20:11:59.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/fips/fips_standalone_sha1.c 2009-08-10 20:11:59.000000000 +0200
|
|
||||||
@@ -62,7 +62,7 @@ void OPENSSL_cleanse(void *p,size_t len)
|
|
||||||
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
|
|
||||||
-static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx,
|
|
||||||
+static void hmac_init(SHA256_CTX *md_ctx,SHA256_CTX *o_ctx,
|
|
||||||
const char *key)
|
|
||||||
{
|
|
||||||
size_t len=strlen(key);
|
|
||||||
@@ -72,10 +72,10 @@ static void hmac_init(SHA_CTX *md_ctx,SH
|
|
||||||
|
|
||||||
if (len > SHA_CBLOCK)
|
|
||||||
{
|
|
||||||
- SHA1_Init(md_ctx);
|
|
||||||
- SHA1_Update(md_ctx,key,len);
|
|
||||||
- SHA1_Final(keymd,md_ctx);
|
|
||||||
- len=20;
|
|
||||||
+ SHA256_Init(md_ctx);
|
|
||||||
+ SHA256_Update(md_ctx,key,len);
|
|
||||||
+ SHA256_Final(keymd,md_ctx);
|
|
||||||
+ len=SHA256_DIGEST_LENGTH;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
memcpy(keymd,key,len);
|
|
||||||
@@ -83,22 +83,22 @@ static void hmac_init(SHA_CTX *md_ctx,SH
|
|
||||||
|
|
||||||
for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
|
|
||||||
pad[i]=0x36^keymd[i];
|
|
||||||
- SHA1_Init(md_ctx);
|
|
||||||
- SHA1_Update(md_ctx,pad,SHA_CBLOCK);
|
|
||||||
+ SHA256_Init(md_ctx);
|
|
||||||
+ SHA256_Update(md_ctx,pad,SHA256_CBLOCK);
|
|
||||||
|
|
||||||
for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
|
|
||||||
pad[i]=0x5c^keymd[i];
|
|
||||||
- SHA1_Init(o_ctx);
|
|
||||||
- SHA1_Update(o_ctx,pad,SHA_CBLOCK);
|
|
||||||
+ SHA256_Init(o_ctx);
|
|
||||||
+ SHA256_Update(o_ctx,pad,SHA256_CBLOCK);
|
|
||||||
}
|
|
||||||
|
|
||||||
-static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx)
|
|
||||||
+static void hmac_final(unsigned char *md,SHA256_CTX *md_ctx,SHA256_CTX *o_ctx)
|
|
||||||
{
|
|
||||||
- unsigned char buf[20];
|
|
||||||
+ unsigned char buf[SHA256_DIGEST_LENGTH];
|
|
||||||
|
|
||||||
- SHA1_Final(buf,md_ctx);
|
|
||||||
- SHA1_Update(o_ctx,buf,sizeof buf);
|
|
||||||
- SHA1_Final(md,o_ctx);
|
|
||||||
+ SHA256_Final(buf,md_ctx);
|
|
||||||
+ SHA256_Update(o_ctx,buf,sizeof buf);
|
|
||||||
+ SHA256_Final(md,o_ctx);
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif
|
|
||||||
@@ -106,7 +106,7 @@ static void hmac_final(unsigned char *md
|
|
||||||
int main(int argc,char **argv)
|
|
||||||
{
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
- static char key[]="etaonrishdlcupfm";
|
|
||||||
+ static char key[]="orboDeJITITejsirpADONivirpUkvarP";
|
|
||||||
int n,binary=0;
|
|
||||||
|
|
||||||
if(argc < 2)
|
|
||||||
@@ -125,8 +125,8 @@ int main(int argc,char **argv)
|
|
||||||
for(; n < argc ; ++n)
|
|
||||||
{
|
|
||||||
FILE *f=fopen(argv[n],"rb");
|
|
||||||
- SHA_CTX md_ctx,o_ctx;
|
|
||||||
- unsigned char md[20];
|
|
||||||
+ SHA256_CTX md_ctx,o_ctx;
|
|
||||||
+ unsigned char md[SHA256_DIGEST_LENGTH];
|
|
||||||
int i;
|
|
||||||
|
|
||||||
if(!f)
|
|
||||||
@@ -151,18 +151,18 @@ int main(int argc,char **argv)
|
|
||||||
else
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
- SHA1_Update(&md_ctx,buf,l);
|
|
||||||
+ SHA256_Update(&md_ctx,buf,l);
|
|
||||||
}
|
|
||||||
hmac_final(md,&md_ctx,&o_ctx);
|
|
||||||
|
|
||||||
if (binary)
|
|
||||||
{
|
|
||||||
- fwrite(md,20,1,stdout);
|
|
||||||
+ fwrite(md,SHA256_DIGEST_LENGTH,1,stdout);
|
|
||||||
break; /* ... for single(!) file */
|
|
||||||
}
|
|
||||||
|
|
||||||
- printf("HMAC-SHA1(%s)= ",argv[n]);
|
|
||||||
- for(i=0 ; i < 20 ; ++i)
|
|
||||||
+/* printf("HMAC-SHA1(%s)= ",argv[n]); */
|
|
||||||
+ for(i=0 ; i < SHA256_DIGEST_LENGTH ; ++i)
|
|
||||||
printf("%02x",md[i]);
|
|
||||||
printf("\n");
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/fips/Makefile.fipscheck openssl-1.0.0-beta3/crypto/fips/Makefile
|
|
||||||
--- openssl-1.0.0-beta3/crypto/fips/Makefile.fipscheck 2009-08-10 20:11:59.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/fips/Makefile 2009-08-10 20:27:45.000000000 +0200
|
|
||||||
@@ -16,6 +16,9 @@ GENERAL=Makefile
|
|
||||||
TEST=fips_test_suite.c fips_randtest.c
|
|
||||||
APPS=
|
|
||||||
|
|
||||||
+PROGRAM= fips_standalone_sha1
|
|
||||||
+EXE= $(PROGRAM)$(EXE_EXT)
|
|
||||||
+
|
|
||||||
LIB=$(TOP)/libcrypto.a
|
|
||||||
LIBSRC=fips_aes_selftest.c fips_des_selftest.c fips_hmac_selftest.c fips_rand_selftest.c \
|
|
||||||
fips_rsa_selftest.c fips_sha1_selftest.c fips.c fips_dsa_selftest.c fips_rand.c \
|
|
||||||
@@ -25,6 +28,8 @@ LIBOBJ=fips_aes_selftest.o fips_des_self
|
|
||||||
fips_rsa_selftest.o fips_sha1_selftest.o fips.o fips_dsa_selftest.o fips_rand.o \
|
|
||||||
fips_rsa_x931g.o
|
|
||||||
|
|
||||||
+LIBCRYPTO=-L.. -lcrypto
|
|
||||||
+
|
|
||||||
SRC= $(LIBSRC) fips_standalone_sha1.c
|
|
||||||
|
|
||||||
EXHEADER= fips.h fips_rand.h
|
|
||||||
@@ -35,13 +40,15 @@ ALL= $(GENERAL) $(SRC) $(HEADER)
|
|
||||||
top:
|
|
||||||
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
|
|
||||||
|
|
||||||
-all: lib
|
|
||||||
+all: lib exe
|
|
||||||
|
|
||||||
lib: $(LIBOBJ)
|
|
||||||
$(AR) $(LIB) $(LIBOBJ)
|
|
||||||
$(RANLIB) $(LIB) || echo Never mind.
|
|
||||||
@touch lib
|
|
||||||
|
|
||||||
+exe: $(EXE)
|
|
||||||
+
|
|
||||||
files:
|
|
||||||
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
|
|
||||||
|
|
||||||
@@ -77,5 +84,9 @@ dclean:
|
|
||||||
clean:
|
|
||||||
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
|
|
||||||
|
|
||||||
+$(EXE): $(PROGRAM).o
|
|
||||||
+ FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) sha256.o ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../sha/$$i" ; done; \
|
|
||||||
+ $(CC) -o $@ $(CFLAGS) $(PROGRAM).o $$FIPS_SHA_ASM
|
|
||||||
+
|
|
||||||
# DO NOT DELETE THIS LINE -- make depend depends on it.
|
|
||||||
|
|
@ -1,265 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta3/crypto/engine/eng_all.c.fipsmode openssl-1.0.0-beta3/crypto/engine/eng_all.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/engine/eng_all.c.fipsmode 2009-07-01 16:55:58.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/engine/eng_all.c 2009-08-11 17:37:16.000000000 +0200
|
|
||||||
@@ -58,9 +58,23 @@
|
|
||||||
|
|
||||||
#include "cryptlib.h"
|
|
||||||
#include "eng_int.h"
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+#include <openssl/fips.h>
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
void ENGINE_load_builtin_engines(void)
|
|
||||||
{
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ OPENSSL_init_library();
|
|
||||||
+ if (FIPS_mode()) {
|
|
||||||
+ /* We allow loading dynamic engine as a third party
|
|
||||||
+ engine might be FIPS validated.
|
|
||||||
+ User is disallowed to load non-validated engines
|
|
||||||
+ by security policy. */
|
|
||||||
+ ENGINE_load_dynamic();
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
#if 0
|
|
||||||
/* There's no longer any need for an "openssl" ENGINE unless, one day,
|
|
||||||
* it is the *only* way for standard builtin implementations to be be
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/evp/c_allc.c.fipsmode openssl-1.0.0-beta3/crypto/evp/c_allc.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/evp/c_allc.c.fipsmode 2007-04-24 01:48:28.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/evp/c_allc.c 2009-08-11 17:42:34.000000000 +0200
|
|
||||||
@@ -65,6 +65,11 @@
|
|
||||||
void OpenSSL_add_all_ciphers(void)
|
|
||||||
{
|
|
||||||
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ OPENSSL_init_library();
|
|
||||||
+ if(!FIPS_mode())
|
|
||||||
+ {
|
|
||||||
+#endif
|
|
||||||
#ifndef OPENSSL_NO_DES
|
|
||||||
EVP_add_cipher(EVP_des_cfb());
|
|
||||||
EVP_add_cipher(EVP_des_cfb1());
|
|
||||||
@@ -219,4 +224,61 @@ void OpenSSL_add_all_ciphers(void)
|
|
||||||
EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256");
|
|
||||||
EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256");
|
|
||||||
#endif
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+#ifndef OPENSSL_NO_DES
|
|
||||||
+ EVP_add_cipher(EVP_des_ede_cfb());
|
|
||||||
+ EVP_add_cipher(EVP_des_ede3_cfb());
|
|
||||||
+
|
|
||||||
+ EVP_add_cipher(EVP_des_ede_ofb());
|
|
||||||
+ EVP_add_cipher(EVP_des_ede3_ofb());
|
|
||||||
+
|
|
||||||
+ EVP_add_cipher(EVP_des_ede_cbc());
|
|
||||||
+ EVP_add_cipher(EVP_des_ede3_cbc());
|
|
||||||
+ EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
|
|
||||||
+ EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
|
|
||||||
+
|
|
||||||
+ EVP_add_cipher(EVP_des_ede());
|
|
||||||
+ EVP_add_cipher(EVP_des_ede3());
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
+#ifndef OPENSSL_NO_AES
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_ecb());
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_cbc());
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_cfb());
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_cfb1());
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_cfb8());
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_ofb());
|
|
||||||
+#if 0
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_ctr());
|
|
||||||
+#endif
|
|
||||||
+ EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
|
|
||||||
+ EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_ecb());
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_cbc());
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_cfb());
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_cfb1());
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_cfb8());
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_ofb());
|
|
||||||
+#if 0
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_ctr());
|
|
||||||
+#endif
|
|
||||||
+ EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
|
|
||||||
+ EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_ecb());
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_cbc());
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_cfb());
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_cfb1());
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_cfb8());
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_ofb());
|
|
||||||
+#if 0
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_ctr());
|
|
||||||
+#endif
|
|
||||||
+ EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
|
|
||||||
+ EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
|
|
||||||
+#endif
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/evp/c_alld.c.fipsmode openssl-1.0.0-beta3/crypto/evp/c_alld.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/evp/c_alld.c.fipsmode 2009-07-08 10:50:53.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/evp/c_alld.c 2009-08-11 17:54:08.000000000 +0200
|
|
||||||
@@ -64,6 +64,11 @@
|
|
||||||
|
|
||||||
void OpenSSL_add_all_digests(void)
|
|
||||||
{
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ OPENSSL_init_library();
|
|
||||||
+ if (!FIPS_mode())
|
|
||||||
+ {
|
|
||||||
+#endif
|
|
||||||
#ifndef OPENSSL_NO_MD4
|
|
||||||
EVP_add_digest(EVP_md4());
|
|
||||||
#endif
|
|
||||||
@@ -110,5 +115,33 @@ void OpenSSL_add_all_digests(void)
|
|
||||||
#endif
|
|
||||||
#ifndef OPENSSL_NO_WHIRLPOOL
|
|
||||||
EVP_add_digest(EVP_whirlpool());
|
|
||||||
+#endif
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
|
|
||||||
+ EVP_add_digest(EVP_sha1());
|
|
||||||
+ EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
|
|
||||||
+ EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
|
|
||||||
+#ifndef OPENSSL_NO_DSA
|
|
||||||
+ EVP_add_digest(EVP_dss1());
|
|
||||||
+ EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
|
|
||||||
+ EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
|
|
||||||
+ EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_ECDSA
|
|
||||||
+ EVP_add_digest(EVP_ecdsa());
|
|
||||||
+#endif
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_SHA256
|
|
||||||
+ EVP_add_digest(EVP_sha224());
|
|
||||||
+ EVP_add_digest(EVP_sha256());
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_SHA512
|
|
||||||
+ EVP_add_digest(EVP_sha384());
|
|
||||||
+ EVP_add_digest(EVP_sha512());
|
|
||||||
+#endif
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/o_init.c.fipsmode openssl-1.0.0-beta3/crypto/o_init.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/o_init.c.fipsmode 2009-08-11 17:28:25.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/o_init.c 2009-08-11 17:39:06.000000000 +0200
|
|
||||||
@@ -59,6 +59,43 @@
|
|
||||||
#include <e_os.h>
|
|
||||||
#include <openssl/err.h>
|
|
||||||
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+#include <sys/types.h>
|
|
||||||
+#include <sys/stat.h>
|
|
||||||
+#include <fcntl.h>
|
|
||||||
+#include <unistd.h>
|
|
||||||
+#include <errno.h>
|
|
||||||
+#include <stdlib.h>
|
|
||||||
+#include <openssl/fips.h>
|
|
||||||
+
|
|
||||||
+#define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled"
|
|
||||||
+
|
|
||||||
+static void init_fips_mode(void)
|
|
||||||
+ {
|
|
||||||
+ char buf[2] = "0";
|
|
||||||
+ int fd;
|
|
||||||
+
|
|
||||||
+ if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL)
|
|
||||||
+ {
|
|
||||||
+ buf[0] = '1';
|
|
||||||
+ }
|
|
||||||
+ else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0)
|
|
||||||
+ {
|
|
||||||
+ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR);
|
|
||||||
+ close(fd);
|
|
||||||
+ }
|
|
||||||
+ /* Failure reading the fips mode switch file means just not
|
|
||||||
+ * switching into FIPS mode. We would break too many things
|
|
||||||
+ * otherwise.
|
|
||||||
+ */
|
|
||||||
+
|
|
||||||
+ if (buf[0] == '1')
|
|
||||||
+ {
|
|
||||||
+ FIPS_mode_set(1);
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
/* Perform any essential OpenSSL initialization operations.
|
|
||||||
* Currently only sets FIPS callbacks
|
|
||||||
*/
|
|
||||||
@@ -72,6 +109,7 @@ void OPENSSL_init_library(void)
|
|
||||||
#ifdef CRYPTO_MDEBUG
|
|
||||||
CRYPTO_malloc_debug_init();
|
|
||||||
#endif
|
|
||||||
+ init_fips_mode();
|
|
||||||
done = 1;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.0.0-beta3/ssl/ssl_algs.c.fipsmode openssl-1.0.0-beta3/ssl/ssl_algs.c
|
|
||||||
--- openssl-1.0.0-beta3/ssl/ssl_algs.c.fipsmode 2009-07-08 10:50:53.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/ssl/ssl_algs.c 2009-08-11 18:01:13.000000000 +0200
|
|
||||||
@@ -64,6 +64,12 @@
|
|
||||||
int SSL_library_init(void)
|
|
||||||
{
|
|
||||||
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ OPENSSL_init_library();
|
|
||||||
+ if (!FIPS_mode())
|
|
||||||
+ {
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
#ifndef OPENSSL_NO_DES
|
|
||||||
EVP_add_cipher(EVP_des_cbc());
|
|
||||||
EVP_add_cipher(EVP_des_ede3_cbc());
|
|
||||||
@@ -115,6 +121,40 @@ int SSL_library_init(void)
|
|
||||||
EVP_add_digest(EVP_sha());
|
|
||||||
EVP_add_digest(EVP_dss());
|
|
||||||
#endif
|
|
||||||
+#ifdef OPENSSL_FIPS
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+#ifndef OPENSSL_NO_DES
|
|
||||||
+ EVP_add_cipher(EVP_des_ede3_cbc());
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_AES
|
|
||||||
+ EVP_add_cipher(EVP_aes_128_cbc());
|
|
||||||
+ EVP_add_cipher(EVP_aes_192_cbc());
|
|
||||||
+ EVP_add_cipher(EVP_aes_256_cbc());
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_MD5
|
|
||||||
+ /* needed even in the FIPS mode for TLS MAC */
|
|
||||||
+ EVP_add_digest(EVP_md5());
|
|
||||||
+ EVP_add_digest_alias(SN_md5,"ssl2-md5");
|
|
||||||
+ EVP_add_digest_alias(SN_md5,"ssl3-md5");
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_SHA
|
|
||||||
+ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
|
|
||||||
+ EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
|
|
||||||
+ EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
|
|
||||||
+#endif
|
|
||||||
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
|
|
||||||
+ EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
|
|
||||||
+ EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
|
|
||||||
+ EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
|
|
||||||
+ EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
|
|
||||||
+#endif
|
|
||||||
+#ifndef OPENSSL_NO_ECDSA
|
|
||||||
+ EVP_add_digest(EVP_ecdsa());
|
|
||||||
+#endif
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
#ifndef OPENSSL_NO_COMP
|
|
||||||
/* This will initialise the built-in compression algorithms.
|
|
||||||
The value returned is a STACK_OF(SSL_COMP), but that can
|
|
@ -1,79 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta3/crypto/fips/fips.c.fipsrng openssl-1.0.0-beta3/crypto/fips/fips.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/fips/fips.c.fipsrng 2009-08-11 18:12:14.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/fips/fips.c 2009-08-11 18:14:36.000000000 +0200
|
|
||||||
@@ -427,22 +427,22 @@ int FIPS_mode_set(int onoff)
|
|
||||||
goto end;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ /* now switch the RNG into FIPS mode */
|
|
||||||
+ fips_set_rand_check(FIPS_rand_method());
|
|
||||||
+ RAND_set_rand_method(FIPS_rand_method());
|
|
||||||
+
|
|
||||||
/* automagically seed PRNG if not already seeded */
|
|
||||||
if(!FIPS_rand_status())
|
|
||||||
{
|
|
||||||
- if(RAND_bytes(buf,sizeof buf) <= 0)
|
|
||||||
+ RAND_poll();
|
|
||||||
+ if (!FIPS_rand_status())
|
|
||||||
{
|
|
||||||
fips_selftest_fail = 1;
|
|
||||||
ret = 0;
|
|
||||||
goto end;
|
|
||||||
}
|
|
||||||
- FIPS_rand_set_key(buf,32);
|
|
||||||
- FIPS_rand_seed(buf+32,16);
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* now switch into FIPS mode */
|
|
||||||
- fips_set_rand_check(FIPS_rand_method());
|
|
||||||
- RAND_set_rand_method(FIPS_rand_method());
|
|
||||||
if(FIPS_selftest())
|
|
||||||
fips_set_mode(1);
|
|
||||||
else
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/fips/fips_rand.c.fipsrng openssl-1.0.0-beta3/crypto/fips/fips_rand.c
|
|
||||||
--- openssl-1.0.0-beta3/crypto/fips/fips_rand.c.fipsrng 2009-08-11 18:12:14.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/fips/fips_rand.c 2009-08-11 18:16:48.000000000 +0200
|
|
||||||
@@ -155,7 +155,18 @@ static int fips_set_prng_seed(FIPS_PRNG_
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
if (!ctx->keyed)
|
|
||||||
- return 0;
|
|
||||||
+ {
|
|
||||||
+ FIPS_RAND_SIZE_T keylen = 16;
|
|
||||||
+
|
|
||||||
+ if (seedlen - keylen < AES_BLOCK_LENGTH)
|
|
||||||
+ return 0;
|
|
||||||
+ if (seedlen - keylen - 8 >= AES_BLOCK_LENGTH)
|
|
||||||
+ keylen += 8;
|
|
||||||
+ if (seedlen - keylen - 8 >= AES_BLOCK_LENGTH)
|
|
||||||
+ keylen += 8;
|
|
||||||
+ seedlen -= keylen;
|
|
||||||
+ fips_set_prng_key(ctx, seed+seedlen, keylen);
|
|
||||||
+ }
|
|
||||||
/* In test mode seed is just supplied data */
|
|
||||||
if (ctx->test_mode)
|
|
||||||
{
|
|
||||||
@@ -276,6 +287,7 @@ static int fips_rand(FIPS_PRNG_CTX *ctx,
|
|
||||||
unsigned char R[AES_BLOCK_LENGTH], I[AES_BLOCK_LENGTH];
|
|
||||||
unsigned char tmp[AES_BLOCK_LENGTH];
|
|
||||||
int i;
|
|
||||||
+ FIPS_selftest_check();
|
|
||||||
if (ctx->error)
|
|
||||||
{
|
|
||||||
RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_ERROR);
|
|
||||||
diff -up openssl-1.0.0-beta3/crypto/rand/rand_lcl.h.fipsrng openssl-1.0.0-beta3/crypto/rand/rand_lcl.h
|
|
||||||
--- openssl-1.0.0-beta3/crypto/rand/rand_lcl.h.fipsrng 2009-08-11 18:12:13.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/crypto/rand/rand_lcl.h 2009-08-11 18:18:13.000000000 +0200
|
|
||||||
@@ -112,8 +112,11 @@
|
|
||||||
#ifndef HEADER_RAND_LCL_H
|
|
||||||
#define HEADER_RAND_LCL_H
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_FIPS
|
|
||||||
#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */
|
|
||||||
-
|
|
||||||
+#else
|
|
||||||
+#define ENTROPY_NEEDED 48 /* we need 48 bytes of randomness for FIPS rng */
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
|
|
||||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
|
|
@ -1,506 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta3/apps/s_apps.h.ipv6-apps openssl-1.0.0-beta3/apps/s_apps.h
|
|
||||||
--- openssl-1.0.0-beta3/apps/s_apps.h.ipv6-apps 2009-08-05 21:29:58.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/apps/s_apps.h 2009-08-05 21:29:58.000000000 +0200
|
|
||||||
@@ -148,7 +148,7 @@ typedef fd_mask fd_set;
|
|
||||||
#define PORT_STR "4433"
|
|
||||||
#define PROTOCOL "tcp"
|
|
||||||
|
|
||||||
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
|
||||||
+int do_server(char *port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
|
||||||
#ifdef HEADER_X509_H
|
|
||||||
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
|
|
||||||
#endif
|
|
||||||
@@ -156,10 +156,9 @@ int MS_CALLBACK verify_callback(int ok,
|
|
||||||
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
|
|
||||||
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
|
|
||||||
#endif
|
|
||||||
-int init_client(int *sock, char *server, int port, int type);
|
|
||||||
+int init_client(int *sock, char *server, char *port, int type);
|
|
||||||
int should_retry(int i);
|
|
||||||
-int extract_port(char *str, short *port_ptr);
|
|
||||||
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
|
|
||||||
+int extract_host_port(char *str,char **host_ptr,char **port_ptr);
|
|
||||||
|
|
||||||
long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
|
|
||||||
int argi, long argl, long ret);
|
|
||||||
diff -up openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps openssl-1.0.0-beta3/apps/s_client.c
|
|
||||||
--- openssl-1.0.0-beta3/apps/s_client.c.ipv6-apps 2009-08-05 21:29:58.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/apps/s_client.c 2009-08-05 22:33:44.000000000 +0200
|
|
||||||
@@ -388,7 +388,7 @@ int MAIN(int argc, char **argv)
|
|
||||||
int cbuf_len,cbuf_off;
|
|
||||||
int sbuf_len,sbuf_off;
|
|
||||||
fd_set readfds,writefds;
|
|
||||||
- short port=PORT;
|
|
||||||
+ char *port_str = PORT_STR;
|
|
||||||
int full_log=1;
|
|
||||||
char *host=SSL_HOST_NAME;
|
|
||||||
char *cert_file=NULL,*key_file=NULL;
|
|
||||||
@@ -486,13 +486,12 @@ int MAIN(int argc, char **argv)
|
|
||||||
else if (strcmp(*argv,"-port") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
- port=atoi(*(++argv));
|
|
||||||
- if (port == 0) goto bad;
|
|
||||||
+ port_str= *(++argv);
|
|
||||||
}
|
|
||||||
else if (strcmp(*argv,"-connect") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
- if (!extract_host_port(*(++argv),&host,NULL,&port))
|
|
||||||
+ if (!extract_host_port(*(++argv),&host,&port_str))
|
|
||||||
goto bad;
|
|
||||||
}
|
|
||||||
else if (strcmp(*argv,"-verify") == 0)
|
|
||||||
@@ -956,7 +955,7 @@ bad:
|
|
||||||
|
|
||||||
re_start:
|
|
||||||
|
|
||||||
- if (init_client(&s,host,port,socket_type) == 0)
|
|
||||||
+ if (init_client(&s,host,port_str,socket_type) == 0)
|
|
||||||
{
|
|
||||||
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
|
|
||||||
SHUTDOWN(s);
|
|
||||||
diff -up openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps openssl-1.0.0-beta3/apps/s_server.c
|
|
||||||
--- openssl-1.0.0-beta3/apps/s_server.c.ipv6-apps 2009-08-05 21:29:58.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/apps/s_server.c 2009-08-05 21:29:58.000000000 +0200
|
|
||||||
@@ -837,7 +837,7 @@ int MAIN(int argc, char *argv[])
|
|
||||||
{
|
|
||||||
X509_VERIFY_PARAM *vpm = NULL;
|
|
||||||
int badarg = 0;
|
|
||||||
- short port=PORT;
|
|
||||||
+ char *port_str = PORT_STR;
|
|
||||||
char *CApath=NULL,*CAfile=NULL;
|
|
||||||
unsigned char *context = NULL;
|
|
||||||
char *dhfile = NULL;
|
|
||||||
@@ -907,8 +907,7 @@ int MAIN(int argc, char *argv[])
|
|
||||||
(strcmp(*argv,"-accept") == 0))
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
- if (!extract_port(*(++argv),&port))
|
|
||||||
- goto bad;
|
|
||||||
+ port_str= *(++argv);
|
|
||||||
}
|
|
||||||
else if (strcmp(*argv,"-verify") == 0)
|
|
||||||
{
|
|
||||||
@@ -1685,9 +1684,9 @@ bad:
|
|
||||||
BIO_printf(bio_s_out,"ACCEPT\n");
|
|
||||||
(void)BIO_flush(bio_s_out);
|
|
||||||
if (www)
|
|
||||||
- do_server(port,socket_type,&accept_socket,www_body, context);
|
|
||||||
+ do_server(port_str,socket_type,&accept_socket,www_body, context);
|
|
||||||
else
|
|
||||||
- do_server(port,socket_type,&accept_socket,sv_body, context);
|
|
||||||
+ do_server(port_str,socket_type,&accept_socket,sv_body, context);
|
|
||||||
print_stats(bio_s_out,ctx);
|
|
||||||
ret=0;
|
|
||||||
end:
|
|
||||||
diff -up openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps openssl-1.0.0-beta3/apps/s_socket.c
|
|
||||||
--- openssl-1.0.0-beta3/apps/s_socket.c.ipv6-apps 2008-11-12 04:57:47.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta3/apps/s_socket.c 2009-08-05 21:29:58.000000000 +0200
|
|
||||||
@@ -96,9 +96,7 @@ static struct hostent *GetHostByName(cha
|
|
||||||
static void ssl_sock_cleanup(void);
|
|
||||||
#endif
|
|
||||||
static int ssl_sock_init(void);
|
|
||||||
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
|
|
||||||
-static int init_server(int *sock, int port, int type);
|
|
||||||
-static int init_server_long(int *sock, int port,char *ip, int type);
|
|
||||||
+static int init_server(int *sock, char *port, int type);
|
|
||||||
static int do_accept(int acc_sock, int *sock, char **host);
|
|
||||||
static int host_ip(char *str, unsigned char ip[4]);
|
|
||||||
|
|
||||||
@@ -228,58 +226,70 @@ static int ssl_sock_init(void)
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
-int init_client(int *sock, char *host, int port, int type)
|
|
||||||
+int init_client(int *sock, char *host, char *port, int type)
|
|
||||||
{
|
|
||||||
- unsigned char ip[4];
|
|
||||||
-
|
|
||||||
- if (!host_ip(host,&(ip[0])))
|
|
||||||
- {
|
|
||||||
- return(0);
|
|
||||||
- }
|
|
||||||
- return(init_client_ip(sock,ip,port,type));
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
|
|
||||||
- {
|
|
||||||
- unsigned long addr;
|
|
||||||
- struct sockaddr_in them;
|
|
||||||
- int s,i;
|
|
||||||
+ struct addrinfo *res, *res0, hints;
|
|
||||||
+ char * failed_call = NULL;
|
|
||||||
+ int s;
|
|
||||||
+ int e;
|
|
||||||
|
|
||||||
if (!ssl_sock_init()) return(0);
|
|
||||||
|
|
||||||
- memset((char *)&them,0,sizeof(them));
|
|
||||||
- them.sin_family=AF_INET;
|
|
||||||
- them.sin_port=htons((unsigned short)port);
|
|
||||||
- addr=(unsigned long)
|
|
||||||
- ((unsigned long)ip[0]<<24L)|
|
|
||||||
- ((unsigned long)ip[1]<<16L)|
|
|
||||||
- ((unsigned long)ip[2]<< 8L)|
|
|
||||||
- ((unsigned long)ip[3]);
|
|
||||||
- them.sin_addr.s_addr=htonl(addr);
|
|
||||||
-
|
|
||||||
- if (type == SOCK_STREAM)
|
|
||||||
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
|
||||||
- else /* ( type == SOCK_DGRAM) */
|
|
||||||
- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
|
|
||||||
-
|
|
||||||
- if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
|
||||||
+ memset(&hints, '\0', sizeof(hints));
|
|
||||||
+ hints.ai_socktype = type;
|
|
||||||
+ hints.ai_flags = AI_ADDRCONFIG;
|
|
||||||
+
|
|
||||||
+ e = getaddrinfo(host, port, &hints, &res);
|
|
||||||
+ if (e)
|
|
||||||
+ {
|
|
||||||
+ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
|
|
||||||
+ if (e == EAI_SYSTEM)
|
|
||||||
+ perror("getaddrinfo");
|
|
||||||
+ return (0);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
+ res0 = res;
|
|
||||||
+ while (res)
|
|
||||||
+ {
|
|
||||||
+ s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
|
|
||||||
+ if (s == INVALID_SOCKET)
|
|
||||||
+ {
|
|
||||||
+ failed_call = "socket";
|
|
||||||
+ goto nextres;
|
|
||||||
+ }
|
|
||||||
#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
|
|
||||||
if (type == SOCK_STREAM)
|
|
||||||
{
|
|
||||||
- i=0;
|
|
||||||
- i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
|
|
||||||
- if (i < 0) { perror("keepalive"); return(0); }
|
|
||||||
+ int i=0;
|
|
||||||
+ i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
|
|
||||||
+ (char *)&i,sizeof(i));
|
|
||||||
+ if (i < 0) {
|
|
||||||
+ failed_call = "keepalive";
|
|
||||||
+ goto nextres;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
-
|
|
||||||
- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
|
|
||||||
- { closesocket(s); perror("connect"); return(0); }
|
|
||||||
+ if (connect(s,(struct sockaddr *)res->ai_addr,
|
|
||||||
+ res->ai_addrlen) == 0)
|
|
||||||
+ {
|
|
||||||
+ freeaddrinfo(res0);
|
|
||||||
*sock=s;
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
|
||||||
+ failed_call = "socket";
|
|
||||||
+nextres:
|
|
||||||
+ if (s != INVALID_SOCKET)
|
|
||||||
+ close(s);
|
|
||||||
+ res = res->ai_next;
|
|
||||||
+ }
|
|
||||||
+ freeaddrinfo(res0);
|
|
||||||
+
|
|
||||||
+ perror(failed_call);
|
|
||||||
+ return(0);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+int do_server(char *port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
|
||||||
{
|
|
||||||
int sock;
|
|
||||||
char *name = NULL;
|
|
||||||
@@ -317,33 +327,38 @@ int do_server(int port, int type, int *r
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
-static int init_server_long(int *sock, int port, char *ip, int type)
|
|
||||||
+static int init_server(int *sock, char *port, int type)
|
|
||||||
{
|
|
||||||
- int ret=0;
|
|
||||||
- struct sockaddr_in server;
|
|
||||||
- int s= -1,i;
|
|
||||||
+ struct addrinfo *res, *res0, hints;
|
|
||||||
+ char * failed_call = NULL;
|
|
||||||
+ char port_name[8];
|
|
||||||
+ int s;
|
|
||||||
+ int e;
|
|
||||||
|
|
||||||
if (!ssl_sock_init()) return(0);
|
|
||||||
|
|
||||||
- memset((char *)&server,0,sizeof(server));
|
|
||||||
- server.sin_family=AF_INET;
|
|
||||||
- server.sin_port=htons((unsigned short)port);
|
|
||||||
- if (ip == NULL)
|
|
||||||
- server.sin_addr.s_addr=INADDR_ANY;
|
|
||||||
- else
|
|
||||||
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
|
||||||
-#ifndef BIT_FIELD_LIMITS
|
|
||||||
- memcpy(&server.sin_addr.s_addr,ip,4);
|
|
||||||
-#else
|
|
||||||
- memcpy(&server.sin_addr,ip,4);
|
|
||||||
-#endif
|
|
||||||
+ memset(&hints, '\0', sizeof(hints));
|
|
||||||
+ hints.ai_socktype = type;
|
|
||||||
+ hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
|
|
||||||
|
|
||||||
- if (type == SOCK_STREAM)
|
|
||||||
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
|
||||||
- else /* type == SOCK_DGRAM */
|
|
||||||
- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
|
|
||||||
+ e = getaddrinfo(NULL, port, &hints, &res);
|
|
||||||
+ if (e)
|
|
||||||
+ {
|
|
||||||
+ fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(e));
|
|
||||||
+ if (e == EAI_SYSTEM)
|
|
||||||
+ perror("getaddrinfo");
|
|
||||||
+ return (0);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- if (s == INVALID_SOCKET) goto err;
|
|
||||||
+ res0 = res;
|
|
||||||
+ while (res)
|
|
||||||
+ {
|
|
||||||
+ s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
|
|
||||||
+ if (s == INVALID_SOCKET)
|
|
||||||
+ {
|
|
||||||
+ failed_call = "socket";
|
|
||||||
+ goto nextres;
|
|
||||||
+ }
|
|
||||||
#if defined SOL_SOCKET && defined SO_REUSEADDR
|
|
||||||
{
|
|
||||||
int j = 1;
|
|
||||||
@@ -351,36 +366,39 @@ static int init_server_long(int *sock, i
|
|
||||||
(void *) &j, sizeof j);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
|
|
||||||
+
|
|
||||||
+ if (bind(s,(struct sockaddr *)res->ai_addr, res->ai_addrlen) == -1)
|
|
||||||
{
|
|
||||||
-#ifndef OPENSSL_SYS_WINDOWS
|
|
||||||
- perror("bind");
|
|
||||||
-#endif
|
|
||||||
- goto err;
|
|
||||||
+ failed_call = "bind";
|
|
||||||
+ goto nextres;
|
|
||||||
}
|
|
||||||
- /* Make it 128 for linux */
|
|
||||||
- if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
|
|
||||||
- i=0;
|
|
||||||
- *sock=s;
|
|
||||||
- ret=1;
|
|
||||||
-err:
|
|
||||||
- if ((ret == 0) && (s != -1))
|
|
||||||
+ if (type==SOCK_STREAM && listen(s,128) == -1)
|
|
||||||
{
|
|
||||||
- SHUTDOWN(s);
|
|
||||||
+ failed_call = "listen";
|
|
||||||
+ goto nextres;
|
|
||||||
}
|
|
||||||
- return(ret);
|
|
||||||
+
|
|
||||||
+ *sock=s;
|
|
||||||
+ return(1);
|
|
||||||
+
|
|
||||||
+nextres:
|
|
||||||
+ if (s != INVALID_SOCKET)
|
|
||||||
+ close(s);
|
|
||||||
+ res = res->ai_next;
|
|
||||||
}
|
|
||||||
+ freeaddrinfo(res0);
|
|
||||||
|
|
||||||
-static int init_server(int *sock, int port, int type)
|
|
||||||
- {
|
|
||||||
- return(init_server_long(sock, port, NULL, type));
|
|
||||||
+ if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
|
||||||
+
|
|
||||||
+ perror(failed_call);
|
|
||||||
+ return(0);
|
|
||||||
}
|
|
||||||
|
|
||||||
static int do_accept(int acc_sock, int *sock, char **host)
|
|
||||||
{
|
|
||||||
- int ret,i;
|
|
||||||
- struct hostent *h1,*h2;
|
|
||||||
- static struct sockaddr_in from;
|
|
||||||
+ static struct sockaddr_storage from;
|
|
||||||
+ char buffer[NI_MAXHOST];
|
|
||||||
+ int ret;
|
|
||||||
int len;
|
|
||||||
/* struct linger ling; */
|
|
||||||
|
|
||||||
@@ -425,137 +443,62 @@ redoit:
|
|
||||||
if (i < 0) { perror("keepalive"); return(0); }
|
|
||||||
*/
|
|
||||||
|
|
||||||
- if (host == NULL) goto end;
|
|
||||||
-#ifndef BIT_FIELD_LIMITS
|
|
||||||
- /* I should use WSAAsyncGetHostByName() under windows */
|
|
||||||
- h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
|
|
||||||
- sizeof(from.sin_addr.s_addr),AF_INET);
|
|
||||||
-#else
|
|
||||||
- h1=gethostbyaddr((char *)&from.sin_addr,
|
|
||||||
- sizeof(struct in_addr),AF_INET);
|
|
||||||
-#endif
|
|
||||||
- if (h1 == NULL)
|
|
||||||
+ if (host == NULL)
|
|
||||||
{
|
|
||||||
- BIO_printf(bio_err,"bad gethostbyaddr\n");
|
|
||||||
- *host=NULL;
|
|
||||||
- /* return(0); */
|
|
||||||
- }
|
|
||||||
- else
|
|
||||||
- {
|
|
||||||
- if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
|
|
||||||
- {
|
|
||||||
- perror("OPENSSL_malloc");
|
|
||||||
+ *sock=ret;
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
- BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
|
|
||||||
|
|
||||||
- h2=GetHostByName(*host);
|
|
||||||
- if (h2 == NULL)
|
|
||||||
+ if (getnameinfo((struct sockaddr *)&from, sizeof(from),
|
|
||||||
+ buffer, sizeof(buffer),
|
|
||||||
+ NULL, 0, 0))
|
|
||||||
{
|
|
||||||
- BIO_printf(bio_err,"gethostbyname failure\n");
|
|
||||||
+ BIO_printf(bio_err,"getnameinfo failed\n");
|
|
||||||
+ *host=NULL;
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
- i=0;
|
|
||||||
- if (h2->h_addrtype != AF_INET)
|
|
||||||
+ else
|
|
||||||
{
|
|
||||||
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
|
||||||
+ if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
|
|
||||||
+ {
|
|
||||||
+ perror("OPENSSL_malloc");
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
- }
|
|
||||||
-end:
|
|
||||||
+ strcpy(*host, buffer);
|
|
||||||
*sock=ret;
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
+ }
|
|
||||||
|
|
||||||
-int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
|
|
||||||
- short *port_ptr)
|
|
||||||
+int extract_host_port(char *str, char **host_ptr,
|
|
||||||
+ char **port_ptr)
|
|
||||||
{
|
|
||||||
- char *h,*p;
|
|
||||||
+ char *h,*p,*x;
|
|
||||||
|
|
||||||
- h=str;
|
|
||||||
- p=strchr(str,':');
|
|
||||||
+ x=h=str;
|
|
||||||
+ if (*h == '[')
|
|
||||||
+ {
|
|
||||||
+ h++;
|
|
||||||
+ p=strchr(h,']');
|
|
||||||
if (p == NULL)
|
|
||||||
{
|
|
||||||
- BIO_printf(bio_err,"no port defined\n");
|
|
||||||
+ BIO_printf(bio_err,"no ending bracket for IPv6 address\n");
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
*(p++)='\0';
|
|
||||||
-
|
|
||||||
- if ((ip != NULL) && !host_ip(str,ip))
|
|
||||||
- goto err;
|
|
||||||
- if (host_ptr != NULL) *host_ptr=h;
|
|
||||||
-
|
|
||||||
- if (!extract_port(p,port_ptr))
|
|
||||||
- goto err;
|
|
||||||
- return(1);
|
|
||||||
-err:
|
|
||||||
- return(0);
|
|
||||||
+ x = p;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
-static int host_ip(char *str, unsigned char ip[4])
|
|
||||||
- {
|
|
||||||
- unsigned int in[4];
|
|
||||||
- int i;
|
|
||||||
-
|
|
||||||
- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
|
|
||||||
- {
|
|
||||||
- for (i=0; i<4; i++)
|
|
||||||
- if (in[i] > 255)
|
|
||||||
- {
|
|
||||||
- BIO_printf(bio_err,"invalid IP address\n");
|
|
||||||
- goto err;
|
|
||||||
- }
|
|
||||||
- ip[0]=in[0];
|
|
||||||
- ip[1]=in[1];
|
|
||||||
- ip[2]=in[2];
|
|
||||||
- ip[3]=in[3];
|
|
||||||
- }
|
|
||||||
- else
|
|
||||||
- { /* do a gethostbyname */
|
|
||||||
- struct hostent *he;
|
|
||||||
-
|
|
||||||
- if (!ssl_sock_init()) return(0);
|
|
||||||
-
|
|
||||||
- he=GetHostByName(str);
|
|
||||||
- if (he == NULL)
|
|
||||||
- {
|
|
||||||
- BIO_printf(bio_err,"gethostbyname failure\n");
|
|
||||||
- goto err;
|
|
||||||
- }
|
|
||||||
- /* cast to short because of win16 winsock definition */
|
|
||||||
- if ((short)he->h_addrtype != AF_INET)
|
|
||||||
+ p=strchr(x,':');
|
|
||||||
+ if (p == NULL)
|
|
||||||
{
|
|
||||||
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
|
||||||
- return(0);
|
|
||||||
- }
|
|
||||||
- ip[0]=he->h_addr_list[0][0];
|
|
||||||
- ip[1]=he->h_addr_list[0][1];
|
|
||||||
- ip[2]=he->h_addr_list[0][2];
|
|
||||||
- ip[3]=he->h_addr_list[0][3];
|
|
||||||
- }
|
|
||||||
- return(1);
|
|
||||||
-err:
|
|
||||||
+ BIO_printf(bio_err,"no port defined\n");
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
+ *(p++)='\0';
|
|
||||||
|
|
||||||
-int extract_port(char *str, short *port_ptr)
|
|
||||||
- {
|
|
||||||
- int i;
|
|
||||||
- struct servent *s;
|
|
||||||
+ if (host_ptr != NULL) *host_ptr=h;
|
|
||||||
+ if (port_ptr != NULL) *port_ptr=p;
|
|
||||||
|
|
||||||
- i=atoi(str);
|
|
||||||
- if (i != 0)
|
|
||||||
- *port_ptr=(unsigned short)i;
|
|
||||||
- else
|
|
||||||
- {
|
|
||||||
- s=getservbyname(str,"tcp");
|
|
||||||
- if (s == NULL)
|
|
||||||
- {
|
|
||||||
- BIO_printf(bio_err,"getservbyname failure for %s\n",str);
|
|
||||||
- return(0);
|
|
||||||
- }
|
|
||||||
- *port_ptr=ntohs((unsigned short)s->s_port);
|
|
||||||
- }
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
|
|
@ -1,44 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta3/Configure.soversion openssl-1.0.0-beta3/Configure
|
|
||||||
--- openssl-1.0.0-beta3/Configure.soversion 2009-08-04 23:06:52.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/Configure 2009-08-04 23:06:52.000000000 +0200
|
|
||||||
@@ -1514,7 +1514,7 @@ while (<IN>)
|
|
||||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
|
|
||||||
{
|
|
||||||
my $sotmp = $1;
|
|
||||||
- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
|
|
||||||
+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_SONAMEVER) .s$sotmp/;
|
|
||||||
}
|
|
||||||
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta3/Makefile.org.soversion openssl-1.0.0-beta3/Makefile.org
|
|
||||||
--- openssl-1.0.0-beta3/Makefile.org.soversion 2009-08-04 23:06:52.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta3/Makefile.org 2009-08-04 23:11:01.000000000 +0200
|
|
||||||
@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
|
|
||||||
SHLIB_MAJOR=
|
|
||||||
SHLIB_MINOR=
|
|
||||||
SHLIB_EXT=
|
|
||||||
+SHLIB_SONAMEVER=10
|
|
||||||
PLATFORM=dist
|
|
||||||
OPTIONS=
|
|
||||||
CONFIGURE_ARGS=
|
|
||||||
@@ -289,10 +290,9 @@ clean-shared:
|
|
||||||
link-shared:
|
|
||||||
@ set -e; for i in $(SHLIBDIRS); do \
|
|
||||||
$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
|
|
||||||
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
|
|
||||||
+ LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
|
|
||||||
LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
|
|
||||||
symlink.$(SHLIB_TARGET); \
|
|
||||||
- libs="$$libs -l$$i"; \
|
|
||||||
done
|
|
||||||
|
|
||||||
build-shared: do_$(SHLIB_TARGET) link-shared
|
|
||||||
@@ -303,7 +303,7 @@ do_$(SHLIB_TARGET):
|
|
||||||
libs="$(LIBKRB5) $$libs"; \
|
|
||||||
fi; \
|
|
||||||
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
|
|
||||||
- LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
|
|
||||||
+ LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
|
|
||||||
LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
|
|
||||||
LIBDEPS="$$libs $(EX_LIBS)" \
|
|
||||||
link_a.$(SHLIB_TARGET); \
|
|
File diff suppressed because it is too large
Load Diff
@ -1,113 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod.algo-doc openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod
|
|
||||||
--- openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod.algo-doc 2009-10-16 17:29:34.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/doc/crypto/EVP_DigestInit.pod 2009-11-12 14:13:21.000000000 +0100
|
|
||||||
@@ -6,7 +6,8 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_
|
|
||||||
EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
|
|
||||||
EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
|
|
||||||
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
|
|
||||||
-EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
|
|
||||||
+EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_sha224,
|
|
||||||
+EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
|
|
||||||
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
|
|
||||||
EVP digest routines
|
|
||||||
|
|
||||||
@@ -51,6 +52,10 @@ EVP digest routines
|
|
||||||
const EVP_MD *EVP_md5(void);
|
|
||||||
const EVP_MD *EVP_sha(void);
|
|
||||||
const EVP_MD *EVP_sha1(void);
|
|
||||||
+ const EVP_MD *EVP_sha224(void);
|
|
||||||
+ const EVP_MD *EVP_sha256(void);
|
|
||||||
+ const EVP_MD *EVP_sha384(void);
|
|
||||||
+ const EVP_MD *EVP_sha512(void);
|
|
||||||
const EVP_MD *EVP_dss(void);
|
|
||||||
const EVP_MD *EVP_dss1(void);
|
|
||||||
const EVP_MD *EVP_mdc2(void);
|
|
||||||
@@ -70,7 +75,7 @@ EVP_MD_CTX_create() allocates, initializ
|
|
||||||
|
|
||||||
EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
|
|
||||||
B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
|
|
||||||
-function. B<type> will typically be supplied by a functionsuch as EVP_sha1().
|
|
||||||
+function. B<type> will typically be supplied by a function such as EVP_sha1().
|
|
||||||
If B<impl> is NULL then the default implementation of digest B<type> is used.
|
|
||||||
|
|
||||||
EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
|
|
||||||
@@ -127,9 +132,11 @@ with this digest. For example EVP_sha1()
|
|
||||||
return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
|
|
||||||
algorithms may not be retained in future versions of OpenSSL.
|
|
||||||
|
|
||||||
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
|
|
||||||
-return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
|
|
||||||
-algorithms respectively. The associated signature algorithm is RSA in each case.
|
|
||||||
+EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
|
|
||||||
+EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160()
|
|
||||||
+return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384,
|
|
||||||
+SHA512, MDC2 and RIPEMD160 digest algorithms respectively. The associated
|
|
||||||
+signature algorithm is RSA in each case.
|
|
||||||
|
|
||||||
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
|
|
||||||
algorithms but using DSS (DSA) for the signature algorithm. Note: there is
|
|
||||||
@@ -158,7 +165,8 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_
|
|
||||||
EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block
|
|
||||||
size in bytes.
|
|
||||||
|
|
||||||
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
|
|
||||||
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
|
|
||||||
+EVP_sha224(), EVP_sha256(), EVP_sha384(), EVP_sha512(), EVP_dss(),
|
|
||||||
EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
|
|
||||||
corresponding EVP_MD structures.
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod.algo-doc openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod
|
|
||||||
--- openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod.algo-doc 2005-04-15 18:01:35.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/doc/crypto/EVP_EncryptInit.pod 2009-11-12 14:11:03.000000000 +0100
|
|
||||||
@@ -91,6 +91,32 @@ EVP_CIPHER_CTX_set_padding - EVP cipher
|
|
||||||
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
|
|
||||||
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
|
|
||||||
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3(void);
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3_ecb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3_cfb64(void);
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3_cfb1(void);
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3_cfb8(void);
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3_ofb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_des_ede3_cbc(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_128_ecb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_128_cbc(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_128_cfb1(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_128_cfb8(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_128_cfb128(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_128_ofb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_192_ecb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_192_cbc(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_192_cfb1(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_192_cfb8(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_192_cfb128(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_192_ofb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_256_ecb(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_256_cbc(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_256_cfb1(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_256_cfb8(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_256_cfb128(void);
|
|
||||||
+ const EVP_CIPHER *EVP_aes_256_ofb(void);
|
|
||||||
+
|
|
||||||
=head1 DESCRIPTION
|
|
||||||
|
|
||||||
The EVP cipher routines are a high level interface to certain
|
|
||||||
@@ -297,6 +323,18 @@ Three key triple DES in CBC, ECB, CFB an
|
|
||||||
|
|
||||||
DESX algorithm in CBC mode.
|
|
||||||
|
|
||||||
+=item EVP_aes_128_cbc(void), EVP_aes_128_ecb(), EVP_aes_128_ofb(void), EVP_aes_128_cfb1(void), EVP_aes_128_cfb8(void), EVP_aes_128_cfb128(void)
|
|
||||||
+
|
|
||||||
+AES with 128 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
|
||||||
+
|
|
||||||
+=item EVP_aes_192_cbc(void), EVP_aes_192_ecb(), EVP_aes_192_ofb(void), EVP_aes_192_cfb1(void), EVP_aes_192_cfb8(void), EVP_aes_192_cfb128(void)
|
|
||||||
+
|
|
||||||
+AES with 192 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
|
||||||
+
|
|
||||||
+=item EVP_aes_256_cbc(void), EVP_aes_256_ecb(), EVP_aes_256_ofb(void), EVP_aes_256_cfb1(void), EVP_aes_256_cfb8(void), EVP_aes_256_cfb128(void)
|
|
||||||
+
|
|
||||||
+AES with 256 bit key length in CBC, ECB, OFB and CFB modes respectively.
|
|
||||||
+
|
|
||||||
=item EVP_rc4(void)
|
|
||||||
|
|
||||||
RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
|
|
@ -1,45 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c.backports openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c.backports 2008-11-12 04:57:49.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c 2009-11-18 14:11:14.000000000 +0100
|
|
||||||
@@ -87,9 +87,13 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PK
|
|
||||||
}
|
|
||||||
else ret= *a;
|
|
||||||
|
|
||||||
- ret->save_type=type;
|
|
||||||
- ret->type=EVP_PKEY_type(type);
|
|
||||||
- switch (ret->type)
|
|
||||||
+ if (!EVP_PKEY_set_type(ret, type))
|
|
||||||
+ {
|
|
||||||
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ switch (EVP_PKEY_id(ret))
|
|
||||||
{
|
|
||||||
#ifndef OPENSSL_NO_RSA
|
|
||||||
case EVP_PKEY_RSA:
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/p_lib.c.backports openssl-1.0.0-beta4/crypto/evp/p_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/p_lib.c.backports 2006-07-04 22:27:44.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/p_lib.c 2009-11-18 14:11:26.000000000 +0100
|
|
||||||
@@ -220,7 +220,10 @@ static int pkey_set_type(EVP_PKEY *pkey,
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
/* If we have an ENGINE release it */
|
|
||||||
if (pkey->engine)
|
|
||||||
+ {
|
|
||||||
ENGINE_finish(pkey->engine);
|
|
||||||
+ pkey->engine = NULL;
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
if (str)
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/x509/x509_vfy.c.backports openssl-1.0.0-beta4/crypto/x509/x509_vfy.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/x509/x509_vfy.c.backports 2009-10-31 20:21:47.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/x509/x509_vfy.c 2009-11-18 14:11:31.000000000 +0100
|
|
||||||
@@ -1727,6 +1727,7 @@ int X509_cmp_time(const ASN1_TIME *ctm,
|
|
||||||
offset= -offset;
|
|
||||||
}
|
|
||||||
atm.type=ctm->type;
|
|
||||||
+ atm.flags = 0;
|
|
||||||
atm.length=sizeof(buff2);
|
|
||||||
atm.data=(unsigned char *)buff2;
|
|
||||||
|
|
@ -1,334 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/ca.c.backports2 openssl-1.0.0-beta4/apps/ca.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/ca.c.backports2 2009-10-04 18:43:21.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/ca.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -215,7 +215,6 @@ static int certify_spkac(X509 **xret, ch
|
|
||||||
char *startdate, char *enddate, long days, char *ext_sect,
|
|
||||||
CONF *conf, int verbose, unsigned long certopt,
|
|
||||||
unsigned long nameopt, int default_op, int ext_copy);
|
|
||||||
-static int fix_data(int nid, int *type);
|
|
||||||
static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext);
|
|
||||||
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
|
|
||||||
STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn,
|
|
||||||
@@ -2334,25 +2333,9 @@ static int certify_spkac(X509 **xret, ch
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
- /*
|
|
||||||
- if ((nid == NID_pkcs9_emailAddress) && (email_dn == 0))
|
|
||||||
- continue;
|
|
||||||
- */
|
|
||||||
-
|
|
||||||
- j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
|
|
||||||
- if (fix_data(nid, &j) == 0)
|
|
||||||
- {
|
|
||||||
- BIO_printf(bio_err,
|
|
||||||
- "invalid characters in string %s\n",buf);
|
|
||||||
- goto err;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j,
|
|
||||||
- (unsigned char *)buf,
|
|
||||||
- strlen(buf))) == NULL)
|
|
||||||
+ if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
|
|
||||||
+ (unsigned char *)buf, -1, -1, 0))
|
|
||||||
goto err;
|
|
||||||
-
|
|
||||||
- if (!X509_NAME_add_entry(n,ne,-1, 0)) goto err;
|
|
||||||
}
|
|
||||||
if (spki == NULL)
|
|
||||||
{
|
|
||||||
@@ -2395,21 +2378,6 @@ err:
|
|
||||||
return(ok);
|
|
||||||
}
|
|
||||||
|
|
||||||
-static int fix_data(int nid, int *type)
|
|
||||||
- {
|
|
||||||
- if (nid == NID_pkcs9_emailAddress)
|
|
||||||
- *type=V_ASN1_IA5STRING;
|
|
||||||
- if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
|
|
||||||
- *type=V_ASN1_T61STRING;
|
|
||||||
- if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING))
|
|
||||||
- *type=V_ASN1_T61STRING;
|
|
||||||
- if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING))
|
|
||||||
- return(0);
|
|
||||||
- if (nid == NID_pkcs9_unstructuredName)
|
|
||||||
- *type=V_ASN1_IA5STRING;
|
|
||||||
- return(1);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
static int check_time_format(const char *str)
|
|
||||||
{
|
|
||||||
return ASN1_TIME_set_string(NULL, str);
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c.backports2 openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c.backports2 2008-11-12 04:57:49.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -301,6 +301,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(
|
|
||||||
if (!ameth->info)
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
+ else
|
|
||||||
+ ameth->info = NULL;
|
|
||||||
|
|
||||||
if (pem_str)
|
|
||||||
{
|
|
||||||
@@ -308,6 +310,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(
|
|
||||||
if (!ameth->pem_str)
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
+ else
|
|
||||||
+ ameth->pem_str = NULL;
|
|
||||||
|
|
||||||
ameth->pub_decode = 0;
|
|
||||||
ameth->pub_encode = 0;
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bio/b_sock.c.backports2 openssl-1.0.0-beta4/crypto/bio/b_sock.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/b_sock.c.backports2 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/b_sock.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -595,7 +595,7 @@ int BIO_get_accept_socket(char *host, in
|
|
||||||
struct sockaddr_in6 sa_in6;
|
|
||||||
#endif
|
|
||||||
} server,client;
|
|
||||||
- int s=INVALID_SOCKET,cs;
|
|
||||||
+ int s=INVALID_SOCKET,cs,addrlen;
|
|
||||||
unsigned char ip[4];
|
|
||||||
unsigned short port;
|
|
||||||
char *str=NULL,*e;
|
|
||||||
@@ -666,8 +666,10 @@ int BIO_get_accept_socket(char *host, in
|
|
||||||
|
|
||||||
if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break;
|
|
||||||
|
|
||||||
- memcpy(&server, res->ai_addr,
|
|
||||||
- res->ai_addrlen<=sizeof(server)?res->ai_addrlen:sizeof(server));
|
|
||||||
+ addrlen = res->ai_addrlen<=sizeof(server) ?
|
|
||||||
+ res->ai_addrlen :
|
|
||||||
+ sizeof(server);
|
|
||||||
+ memcpy(&server, res->ai_addr, addrlen);
|
|
||||||
|
|
||||||
(*p_freeaddrinfo.f)(res);
|
|
||||||
goto again;
|
|
||||||
@@ -679,6 +681,7 @@ int BIO_get_accept_socket(char *host, in
|
|
||||||
memset((char *)&server,0,sizeof(server));
|
|
||||||
server.sa_in.sin_family=AF_INET;
|
|
||||||
server.sa_in.sin_port=htons(port);
|
|
||||||
+ addrlen = sizeof(server.sa_in);
|
|
||||||
|
|
||||||
if (h == NULL || strcmp(h,"*") == 0)
|
|
||||||
server.sa_in.sin_addr.s_addr=INADDR_ANY;
|
|
||||||
@@ -712,7 +715,7 @@ again:
|
|
||||||
bind_mode=BIO_BIND_NORMAL;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
- if (bind(s,&server.sa,sizeof(server)) == -1)
|
|
||||||
+ if (bind(s,&server.sa,addrlen) == -1)
|
|
||||||
{
|
|
||||||
#ifdef SO_REUSEADDR
|
|
||||||
err_num=get_last_socket_error();
|
|
||||||
@@ -740,7 +743,7 @@ again:
|
|
||||||
if (cs != INVALID_SOCKET)
|
|
||||||
{
|
|
||||||
int ii;
|
|
||||||
- ii=connect(cs,&client.sa,sizeof(client));
|
|
||||||
+ ii=connect(cs,&client.sa,addrlen);
|
|
||||||
closesocket(cs);
|
|
||||||
if (ii == INVALID_SOCKET)
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.backports2 openssl-1.0.0-beta4/crypto/bio/bss_dgram.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.backports2 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/bss_dgram.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -335,11 +335,21 @@ static int dgram_write(BIO *b, const cha
|
|
||||||
if ( data->connected )
|
|
||||||
ret=writesocket(b->num,in,inl);
|
|
||||||
else
|
|
||||||
+ {
|
|
||||||
+ int peerlen = sizeof(data->peer);
|
|
||||||
+
|
|
||||||
+ if (data->peer.sa.sa_family == AF_INET)
|
|
||||||
+ peerlen = sizeof(data->peer.sa_in);
|
|
||||||
+#if OPENSSL_USE_IVP6
|
|
||||||
+ else if (data->peer.sa.sa_family == AF_INET6)
|
|
||||||
+ peerlen = sizeof(data->peer.sa_in6);
|
|
||||||
+#endif
|
|
||||||
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
+ ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
|
|
||||||
#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
+ ret=sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
|
|
||||||
#endif
|
|
||||||
+ }
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
|
||||||
if (ret <= 0)
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bn/bn_mul.c.backports2 openssl-1.0.0-beta4/crypto/bn/bn_mul.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bn/bn_mul.c.backports2 2009-06-17 13:47:54.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bn/bn_mul.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -1032,15 +1032,15 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c
|
|
||||||
goto err;
|
|
||||||
if (al > j || bl > j)
|
|
||||||
{
|
|
||||||
- bn_wexpand(t,k*4);
|
|
||||||
- bn_wexpand(rr,k*4);
|
|
||||||
+ if (bn_wexpand(t,k*4) == NULL) goto err;
|
|
||||||
+ if (bn_wexpand(rr,k*4) == NULL) goto err;
|
|
||||||
bn_mul_part_recursive(rr->d,a->d,b->d,
|
|
||||||
j,al-j,bl-j,t->d);
|
|
||||||
}
|
|
||||||
else /* al <= j || bl <= j */
|
|
||||||
{
|
|
||||||
- bn_wexpand(t,k*2);
|
|
||||||
- bn_wexpand(rr,k*2);
|
|
||||||
+ if (bn_wexpand(t,k*2) == NULL) goto err;
|
|
||||||
+ if (bn_wexpand(rr,k*2) == NULL) goto err;
|
|
||||||
bn_mul_recursive(rr->d,a->d,b->d,
|
|
||||||
j,al-j,bl-j,t->d);
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c.backports2 openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c.backports2 2009-09-02 17:51:28.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -132,7 +132,7 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *c
|
|
||||||
|
|
||||||
ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
|
|
||||||
|
|
||||||
- if (ret < 0)
|
|
||||||
+ if (ret <= 0)
|
|
||||||
return ret;
|
|
||||||
*siglen = sltmp;
|
|
||||||
return 1;
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/digest.c.backports2 openssl-1.0.0-beta4/crypto/evp/digest.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/digest.c.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/digest.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -127,7 +127,8 @@ EVP_MD_CTX *EVP_MD_CTX_create(void)
|
|
||||||
{
|
|
||||||
EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
|
|
||||||
|
|
||||||
- EVP_MD_CTX_init(ctx);
|
|
||||||
+ if (ctx)
|
|
||||||
+ EVP_MD_CTX_init(ctx);
|
|
||||||
|
|
||||||
return ctx;
|
|
||||||
}
|
|
||||||
@@ -256,6 +257,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
|
|
||||||
{
|
|
||||||
ctx->update = type->update;
|
|
||||||
ctx->md_data=OPENSSL_malloc(type->ctx_size);
|
|
||||||
+ if (ctx->md_data == NULL)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX,
|
|
||||||
+ ERR_R_MALLOC_FAILURE);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
@@ -346,8 +353,17 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,
|
|
||||||
|
|
||||||
if (in->md_data && out->digest->ctx_size)
|
|
||||||
{
|
|
||||||
- if (tmp_buf) out->md_data = tmp_buf;
|
|
||||||
- else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
|
|
||||||
+ if (tmp_buf)
|
|
||||||
+ out->md_data = tmp_buf;
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ out->md_data=OPENSSL_malloc(out->digest->ctx_size);
|
|
||||||
+ if (!out->md_data)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
memcpy(out->md_data,in->md_data,out->digest->ctx_size);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/evp_err.c.backports2 openssl-1.0.0-beta4/crypto/evp/evp_err.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/evp_err.c.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/evp_err.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -186,6 +186,8 @@ static ERR_STRING_DATA EVP_str_reasons[]
|
|
||||||
{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"},
|
|
||||||
{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"},
|
|
||||||
{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
|
|
||||||
+{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
|
|
||||||
+{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
|
|
||||||
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
|
|
||||||
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
|
|
||||||
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/evp.h.backports2 openssl-1.0.0-beta4/crypto/evp/evp.h
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/evp.h.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/evp.h 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -1275,6 +1275,8 @@ void ERR_load_EVP_strings(void);
|
|
||||||
#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
|
|
||||||
#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
|
|
||||||
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
|
|
||||||
+#define EVP_R_UNKNOWN_CIPHER 160
|
|
||||||
+#define EVP_R_UNKNOWN_DIGEST 161
|
|
||||||
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
|
|
||||||
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
|
|
||||||
#define EVP_R_UNSUPPORTED_ALGORITHM 156
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/evp_pbe.c.backports2 openssl-1.0.0-beta4/crypto/evp/evp_pbe.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/evp_pbe.c.backports2 2008-11-05 19:38:57.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/evp_pbe.c 2010-01-07 23:17:15.000000000 +0100
|
|
||||||
@@ -174,12 +174,26 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_
|
|
||||||
if (cipher_nid == -1)
|
|
||||||
cipher = NULL;
|
|
||||||
else
|
|
||||||
+ {
|
|
||||||
cipher = EVP_get_cipherbynid(cipher_nid);
|
|
||||||
+ if (!cipher)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
|
|
||||||
if (md_nid == -1)
|
|
||||||
md = NULL;
|
|
||||||
else
|
|
||||||
+ {
|
|
||||||
md = EVP_get_digestbynid(md_nid);
|
|
||||||
+ if (!md)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
|
|
||||||
if (!keygen(ctx, pass, passlen, param, cipher, md, en_de))
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.backports2 openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -208,7 +208,16 @@ RSA *RSA_new_method(ENGINE *engine)
|
|
||||||
ret->mt_blinding=NULL;
|
|
||||||
ret->bignum_data=NULL;
|
|
||||||
ret->flags=ret->meth->flags;
|
|
||||||
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
|
|
||||||
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
|
|
||||||
+ {
|
|
||||||
+#ifndef OPENSSL_NO_ENGINE
|
|
||||||
+ if (ret->engine)
|
|
||||||
+ ENGINE_finish(ret->engine);
|
|
||||||
+#endif
|
|
||||||
+ OPENSSL_free(ret);
|
|
||||||
+ return(NULL);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
|
|
||||||
{
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/x509/x509_lu.c.backports2 openssl-1.0.0-beta4/crypto/x509/x509_lu.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/x509/x509_lu.c.backports2 2009-10-18 16:42:27.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/x509/x509_lu.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -200,7 +200,13 @@ X509_STORE *X509_STORE_new(void)
|
|
||||||
ret->lookup_crls = 0;
|
|
||||||
ret->cleanup = 0;
|
|
||||||
|
|
||||||
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
|
|
||||||
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
|
|
||||||
+ {
|
|
||||||
+ sk_X509_OBJECT_free(ret->objs);
|
|
||||||
+ OPENSSL_free(ret);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
ret->references=1;
|
|
||||||
return ret;
|
|
||||||
}
|
|
@ -1,56 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl.binutils openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl
|
|
||||||
--- openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl 2009-11-12 17:26:08.000000000 +0100
|
|
||||||
@@ -19,6 +19,7 @@ my $code;
|
|
||||||
sub round1_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
|
|
||||||
$code .= <<EOF;
|
|
||||||
@@ -43,6 +44,7 @@ EOF
|
|
||||||
sub round2_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 1*4(%rsi), %r10d /* (NEXT STEP) X[1] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %edx, %r12d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
|
|
||||||
@@ -69,6 +71,7 @@ EOF
|
|
||||||
sub round3_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 5*4(%rsi), %r10d /* (NEXT STEP) X[5] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
|
|
||||||
$code .= <<EOF;
|
|
||||||
@@ -91,6 +94,7 @@ EOF
|
|
||||||
sub round4_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov \$0xffffffff, %r11d\n" if ($pos == -1);
|
|
||||||
$code .= " xor %edx, %r11d /* (NEXT STEP) not z' = not %edx*/\n"
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl
|
|
||||||
--- openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl 2009-11-12 17:24:18.000000000 +0100
|
|
||||||
@@ -150,7 +150,7 @@ ___
|
|
||||||
sub BODY_20_39 {
|
|
||||||
my ($i,$a,$b,$c,$d,$e,$f)=@_;
|
|
||||||
my $j=$i+1;
|
|
||||||
-my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
|
|
||||||
+my $K=($i<40)?0x6ed9eba1:-0x359d3e2a;
|
|
||||||
$code.=<<___ if ($i<79);
|
|
||||||
lea $K($xi,$e),$f
|
|
||||||
mov `4*($j%16)`(%rsp),$xi
|
|
||||||
@@ -187,7 +187,7 @@ sub BODY_40_59 {
|
|
||||||
my ($i,$a,$b,$c,$d,$e,$f)=@_;
|
|
||||||
my $j=$i+1;
|
|
||||||
$code.=<<___;
|
|
||||||
- lea 0x8f1bbcdc($xi,$e),$f
|
|
||||||
+ lea -0x70e44324($xi,$e),$f
|
|
||||||
mov `4*($j%16)`(%rsp),$xi
|
|
||||||
mov $b,$t0
|
|
||||||
mov $b,$t1
|
|
@ -1,36 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/CA.pl.in.ca-dir openssl-1.0.0-beta4/apps/CA.pl.in
|
|
||||||
--- openssl-1.0.0-beta4/apps/CA.pl.in.ca-dir 2006-04-28 02:30:49.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/CA.pl.in 2009-11-12 12:33:13.000000000 +0100
|
|
||||||
@@ -53,7 +53,7 @@ $VERIFY="$openssl verify";
|
|
||||||
$X509="$openssl x509";
|
|
||||||
$PKCS12="$openssl pkcs12";
|
|
||||||
|
|
||||||
-$CATOP="./demoCA";
|
|
||||||
+$CATOP="/etc/pki/CA";
|
|
||||||
$CAKEY="cakey.pem";
|
|
||||||
$CAREQ="careq.pem";
|
|
||||||
$CACERT="cacert.pem";
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/CA.sh.ca-dir openssl-1.0.0-beta4/apps/CA.sh
|
|
||||||
--- openssl-1.0.0-beta4/apps/CA.sh.ca-dir 2009-10-15 19:27:47.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/CA.sh 2009-11-12 12:35:14.000000000 +0100
|
|
||||||
@@ -68,7 +68,7 @@ VERIFY="$OPENSSL verify"
|
|
||||||
X509="$OPENSSL x509"
|
|
||||||
PKCS12="openssl pkcs12"
|
|
||||||
|
|
||||||
-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
|
|
||||||
+if [ -z "$CATOP" ] ; then CATOP=/etc/pki/CA ; fi
|
|
||||||
CAKEY=./cakey.pem
|
|
||||||
CAREQ=./careq.pem
|
|
||||||
CACERT=./cacert.pem
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/openssl.cnf.ca-dir openssl-1.0.0-beta4/apps/openssl.cnf
|
|
||||||
--- openssl-1.0.0-beta4/apps/openssl.cnf.ca-dir 2009-11-12 12:33:13.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/openssl.cnf 2009-11-12 12:33:13.000000000 +0100
|
|
||||||
@@ -39,7 +39,7 @@ default_ca = CA_default # The default c
|
|
||||||
####################################################################
|
|
||||||
[ CA_default ]
|
|
||||||
|
|
||||||
-dir = ./demoCA # Where everything is kept
|
|
||||||
+dir = /etc/pki/CA # Where everything is kept
|
|
||||||
certs = $dir/certs # Where the issued certs are kept
|
|
||||||
crl_dir = $dir/crl # Where the issued crl are kept
|
|
||||||
database = $dir/index.txt # database index file.
|
|
@ -1,35 +0,0 @@
|
|||||||
Do not enforce the renegotiation extension on the client - too many broken servers remain.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.client-reneg openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.client-reneg 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2009-11-18 14:04:19.000000000 +0100
|
|
||||||
@@ -985,6 +985,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
{
|
|
||||||
+#if 0
|
|
||||||
/* Because the client does not see any renegotiation during an
|
|
||||||
attack, we must enforce this on all server hellos, even the
|
|
||||||
first */
|
|
||||||
@@ -994,6 +995,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#endif
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1126,12 +1128,14 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#if 0
|
|
||||||
if (!renegotiate_seen
|
|
||||||
&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
{
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
if (!s->hit && tlsext_servername == 1)
|
|
||||||
{
|
|
@ -1,77 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/s_client.c.default-paths openssl-1.0.0-beta4/apps/s_client.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_client.c.default-paths 2009-08-12 15:21:26.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_client.c 2009-11-12 12:26:32.000000000 +0100
|
|
||||||
@@ -889,12 +889,13 @@ bad:
|
|
||||||
if (!set_cert_key_stuff(ctx,cert,key))
|
|
||||||
goto end;
|
|
||||||
|
|
||||||
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
|
|
||||||
- (!SSL_CTX_set_default_verify_paths(ctx)))
|
|
||||||
+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
|
|
||||||
+ {
|
|
||||||
+ ERR_print_errors(bio_err);
|
|
||||||
+ }
|
|
||||||
+ if (!SSL_CTX_set_default_verify_paths(ctx))
|
|
||||||
{
|
|
||||||
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
|
||||||
ERR_print_errors(bio_err);
|
|
||||||
- /* goto end; */
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_server.c.default-paths openssl-1.0.0-beta4/apps/s_server.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_server.c.default-paths 2009-10-28 18:49:37.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_server.c 2009-11-12 12:31:23.000000000 +0100
|
|
||||||
@@ -1408,12 +1408,13 @@ bad:
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
|
|
||||||
- (!SSL_CTX_set_default_verify_paths(ctx)))
|
|
||||||
+ if (!SSL_CTX_load_verify_locations(ctx,CAfile,CApath))
|
|
||||||
+ {
|
|
||||||
+ ERR_print_errors(bio_err);
|
|
||||||
+ }
|
|
||||||
+ if (!SSL_CTX_set_default_verify_paths(ctx))
|
|
||||||
{
|
|
||||||
- /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
|
|
||||||
ERR_print_errors(bio_err);
|
|
||||||
- /* goto end; */
|
|
||||||
}
|
|
||||||
if (vpm)
|
|
||||||
SSL_CTX_set1_param(ctx, vpm);
|
|
||||||
@@ -1465,8 +1466,11 @@ bad:
|
|
||||||
else
|
|
||||||
SSL_CTX_sess_set_cache_size(ctx2,128);
|
|
||||||
|
|
||||||
- if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
|
|
||||||
- (!SSL_CTX_set_default_verify_paths(ctx2)))
|
|
||||||
+ if (!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath))
|
|
||||||
+ {
|
|
||||||
+ ERR_print_errors(bio_err);
|
|
||||||
+ }
|
|
||||||
+ if (!SSL_CTX_set_default_verify_paths(ctx2))
|
|
||||||
{
|
|
||||||
ERR_print_errors(bio_err);
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_time.c.default-paths openssl-1.0.0-beta4/apps/s_time.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_time.c.default-paths 2006-04-17 14:22:13.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_time.c 2009-11-12 12:26:32.000000000 +0100
|
|
||||||
@@ -373,12 +373,13 @@ int MAIN(int argc, char **argv)
|
|
||||||
|
|
||||||
SSL_load_error_strings();
|
|
||||||
|
|
||||||
- if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
|
|
||||||
- (!SSL_CTX_set_default_verify_paths(tm_ctx)))
|
|
||||||
+ if (!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath))
|
|
||||||
+ {
|
|
||||||
+ ERR_print_errors(bio_err);
|
|
||||||
+ }
|
|
||||||
+ if (!SSL_CTX_set_default_verify_paths(tm_ctx))
|
|
||||||
{
|
|
||||||
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */
|
|
||||||
ERR_print_errors(bio_err);
|
|
||||||
- /* goto end; */
|
|
||||||
}
|
|
||||||
|
|
||||||
if (tm_cipher == NULL)
|
|
@ -1,222 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/b_sock.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 2009-11-09 15:09:53.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/b_sock.c 2009-11-23 08:50:45.000000000 +0100
|
|
||||||
@@ -822,7 +822,8 @@ int BIO_accept(int sock, char **addr)
|
|
||||||
if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
|
|
||||||
{
|
|
||||||
OPENSSL_assert(sa.len.s<=sizeof(sa.from));
|
|
||||||
- sa.len.i = (unsigned int)sa.len.s;
|
|
||||||
+ sa.len.i = (int)sa.len.s;
|
|
||||||
+ /* use sa.len.i from this point */
|
|
||||||
}
|
|
||||||
if (ret == INVALID_SOCKET)
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/bss_dgram.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 2009-10-15 19:41:44.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/bss_dgram.c 2010-01-07 17:31:00.000000000 +0100
|
|
||||||
@@ -108,11 +108,13 @@ static BIO_METHOD methods_dgramp=
|
|
||||||
|
|
||||||
typedef struct bio_dgram_data_st
|
|
||||||
{
|
|
||||||
+ union {
|
|
||||||
+ struct sockaddr sa;
|
|
||||||
+ struct sockaddr_in sa_in;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- struct sockaddr_storage peer;
|
|
||||||
-#else
|
|
||||||
- struct sockaddr_in peer;
|
|
||||||
+ struct sockaddr_in6 sa_in6;
|
|
||||||
#endif
|
|
||||||
+ } peer;
|
|
||||||
unsigned int connected;
|
|
||||||
unsigned int _errno;
|
|
||||||
unsigned int mtu;
|
|
||||||
@@ -278,28 +280,38 @@ static int dgram_read(BIO *b, char *out,
|
|
||||||
int ret=0;
|
|
||||||
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
|
|
||||||
|
|
||||||
+ struct {
|
|
||||||
+ /*
|
|
||||||
+ * See commentary in b_sock.c. <appro>
|
|
||||||
+ */
|
|
||||||
+ union { size_t s; int i; } len;
|
|
||||||
+ union {
|
|
||||||
+ struct sockaddr sa;
|
|
||||||
+ struct sockaddr_in sa_in;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- struct sockaddr_storage peer;
|
|
||||||
-#else
|
|
||||||
- struct sockaddr_in peer;
|
|
||||||
+ struct sockaddr_in6 sa_in6;
|
|
||||||
#endif
|
|
||||||
- int peerlen = sizeof(peer);
|
|
||||||
+ } peer;
|
|
||||||
+ } sa;
|
|
||||||
+
|
|
||||||
+ sa.len.s=0;
|
|
||||||
+ sa.len.i=sizeof(sa.peer);
|
|
||||||
|
|
||||||
if (out != NULL)
|
|
||||||
{
|
|
||||||
clear_socket_error();
|
|
||||||
- memset(&peer, 0x00, peerlen);
|
|
||||||
- /* Last arg in recvfrom is signed on some platforms and
|
|
||||||
- * unsigned on others. It is of type socklen_t on some
|
|
||||||
- * but this is not universal. Cast to (void *) to avoid
|
|
||||||
- * compiler warnings.
|
|
||||||
- */
|
|
||||||
+ memset(&sa.peer, 0x00, sizeof(sa.peer));
|
|
||||||
dgram_adjust_rcv_timeout(b);
|
|
||||||
- ret=recvfrom(b->num,out,outl,0,(struct sockaddr *)&peer,(void *)&peerlen);
|
|
||||||
+ ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len);
|
|
||||||
+ if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
|
|
||||||
+ sa.len.i = (int)sa.len.s;
|
|
||||||
+ }
|
|
||||||
dgram_reset_rcv_timeout(b);
|
|
||||||
|
|
||||||
if ( ! data->connected && ret >= 0)
|
|
||||||
- BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
|
|
||||||
+ BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
|
||||||
if (ret < 0)
|
|
||||||
@@ -323,25 +335,10 @@ static int dgram_write(BIO *b, const cha
|
|
||||||
if ( data->connected )
|
|
||||||
ret=writesocket(b->num,in,inl);
|
|
||||||
else
|
|
||||||
-#if OPENSSL_USE_IPV6
|
|
||||||
- if (data->peer.ss_family == AF_INET)
|
|
||||||
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
+ ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
- else
|
|
||||||
-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
|
|
||||||
-#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
|
|
||||||
-#endif
|
|
||||||
-#else
|
|
||||||
-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
-#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
#endif
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
|
||||||
@@ -428,11 +425,20 @@ static long dgram_ctrl(BIO *b, int cmd,
|
|
||||||
else
|
|
||||||
{
|
|
||||||
#endif
|
|
||||||
+ switch (to->sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
#if 0
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
@@ -537,41 +543,62 @@ static long dgram_ctrl(BIO *b, int cmd,
|
|
||||||
if ( to != NULL)
|
|
||||||
{
|
|
||||||
data->connected = 1;
|
|
||||||
+ switch (to->sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
data->connected = 0;
|
|
||||||
-#if OPENSSL_USE_IPV6
|
|
||||||
- memset(&(data->peer), 0x00, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memset(&(data->peer), 0x00, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ memset(&(data->peer), 0x00, sizeof(data->peer));
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case BIO_CTRL_DGRAM_GET_PEER:
|
|
||||||
- to = (struct sockaddr *) ptr;
|
|
||||||
-
|
|
||||||
+ switch (data->peer.sa.sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ ret=sizeof(data->peer.sa_in);
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(to, &(data->peer), sizeof(struct sockaddr_storage));
|
|
||||||
- ret = sizeof(struct sockaddr_storage);
|
|
||||||
-#else
|
|
||||||
- memcpy(to, &(data->peer), sizeof(struct sockaddr_in));
|
|
||||||
- ret = sizeof(struct sockaddr_in);
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ ret=sizeof(data->peer.sa_in6);
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ ret=sizeof(data->peer.sa);
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ if (num==0 || num>ret)
|
|
||||||
+ num=ret;
|
|
||||||
+ memcpy(ptr,&data->peer,(ret=num));
|
|
||||||
break;
|
|
||||||
case BIO_CTRL_DGRAM_SET_PEER:
|
|
||||||
to = (struct sockaddr *) ptr;
|
|
||||||
-
|
|
||||||
+ switch (to->sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(&(data->peer), to, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memcpy(&(data->peer), to, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
|
|
||||||
memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
|
|
@ -1,571 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/ssl/d1_both.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_both.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_both.c.dtls-reneg 2009-11-02 14:37:17.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_both.c 2010-01-07 17:35:19.000000000 +0100
|
|
||||||
@@ -764,6 +764,24 @@ int dtls1_send_finished(SSL *s, int a, i
|
|
||||||
p+=i;
|
|
||||||
l=i;
|
|
||||||
|
|
||||||
+ /* Copy the finished so we can use it for
|
|
||||||
+ * renegotiation checks
|
|
||||||
+ */
|
|
||||||
+ if(s->type == SSL_ST_CONNECT)
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
|
|
||||||
+ memcpy(s->s3->previous_client_finished,
|
|
||||||
+ s->s3->tmp.finish_md, i);
|
|
||||||
+ s->s3->previous_client_finished_len=i;
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
|
|
||||||
+ memcpy(s->s3->previous_server_finished,
|
|
||||||
+ s->s3->tmp.finish_md, i);
|
|
||||||
+ s->s3->previous_server_finished_len=i;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifdef OPENSSL_SYS_WIN16
|
|
||||||
/* MSVC 1.5 does not clear the top bytes of the word unless
|
|
||||||
* I do this.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_clnt.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_clnt.c.dtls-reneg 2009-07-24 13:52:32.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_clnt.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -286,16 +286,44 @@ int dtls1_connect(SSL *s)
|
|
||||||
|
|
||||||
case SSL3_ST_CR_CERT_A:
|
|
||||||
case SSL3_ST_CR_CERT_B:
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ ret=ssl3_check_finished(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ if (ret == 2)
|
|
||||||
+ {
|
|
||||||
+ s->hit = 1;
|
|
||||||
+ if (s->tlsext_ticket_expected)
|
|
||||||
+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_CR_FINISHED_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
/* Check if it is anon DH or PSK */
|
|
||||||
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
|
|
||||||
!(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
|
|
||||||
{
|
|
||||||
ret=ssl3_get_server_certificate(s);
|
|
||||||
if (ret <= 0) goto end;
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if (s->tlsext_status_expected)
|
|
||||||
+ s->state=SSL3_ST_CR_CERT_STATUS_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ skip = 1;
|
|
||||||
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+#else
|
|
||||||
}
|
|
||||||
else
|
|
||||||
skip=1;
|
|
||||||
+
|
|
||||||
s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+#endif
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
@@ -437,11 +465,36 @@ int dtls1_connect(SSL *s)
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ /* Allow NewSessionTicket if ticket expected */
|
|
||||||
+ if (s->tlsext_ticket_expected)
|
|
||||||
+ s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
|
|
||||||
+ else
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
|
|
||||||
}
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ case SSL3_ST_CR_SESSION_TICKET_A:
|
|
||||||
+ case SSL3_ST_CR_SESSION_TICKET_B:
|
|
||||||
+ ret=ssl3_get_new_session_ticket(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_CR_FINISHED_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case SSL3_ST_CR_CERT_STATUS_A:
|
|
||||||
+ case SSL3_ST_CR_CERT_STATUS_B:
|
|
||||||
+ ret=ssl3_get_cert_status(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
case SSL3_ST_CR_FINISHED_A:
|
|
||||||
case SSL3_ST_CR_FINISHED_B:
|
|
||||||
s->d1->change_cipher_spec_ok = 1;
|
|
||||||
@@ -554,8 +607,14 @@ int dtls1_client_hello(SSL *s)
|
|
||||||
buf=(unsigned char *)s->init_buf->data;
|
|
||||||
if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
|
|
||||||
{
|
|
||||||
+ SSL_SESSION *sess = s->session;
|
|
||||||
if ((s->session == NULL) ||
|
|
||||||
(s->session->ssl_version != s->version) ||
|
|
||||||
+#ifdef OPENSSL_NO_TLSEXT
|
|
||||||
+ !sess->session_id_length ||
|
|
||||||
+#else
|
|
||||||
+ (!sess->session_id_length && !sess->tlsext_tick) ||
|
|
||||||
+#endif
|
|
||||||
(s->session->not_resumable))
|
|
||||||
{
|
|
||||||
if (!ssl_get_new_session(s,0))
|
|
||||||
@@ -635,7 +694,15 @@ int dtls1_client_hello(SSL *s)
|
|
||||||
*(p++)=comp->id;
|
|
||||||
}
|
|
||||||
*(p++)=0; /* Add the NULL method */
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
l=(p-d);
|
|
||||||
d=buf;
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_lib.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_lib.c
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_srvr.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_srvr.c.dtls-reneg 2009-09-09 19:05:42.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_srvr.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -305,8 +305,18 @@ int dtls1_accept(SSL *s)
|
|
||||||
ret=dtls1_send_server_hello(s);
|
|
||||||
if (ret <= 0) goto end;
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
if (s->hit)
|
|
||||||
- s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+ {
|
|
||||||
+ if (s->tlsext_ticket_expected)
|
|
||||||
+ s->state=SSL3_ST_SW_SESSION_TICKET_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+ }
|
|
||||||
+#else
|
|
||||||
+ if (s->hit)
|
|
||||||
+ s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+#endif
|
|
||||||
else
|
|
||||||
s->state=SSL3_ST_SW_CERT_A;
|
|
||||||
s->init_num=0;
|
|
||||||
@@ -321,10 +331,24 @@ int dtls1_accept(SSL *s)
|
|
||||||
dtls1_start_timer(s);
|
|
||||||
ret=dtls1_send_server_certificate(s);
|
|
||||||
if (ret <= 0) goto end;
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if (s->tlsext_status_expected)
|
|
||||||
+ s->state=SSL3_ST_SW_CERT_STATUS_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ skip = 1;
|
|
||||||
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+#else
|
|
||||||
}
|
|
||||||
else
|
|
||||||
skip=1;
|
|
||||||
+
|
|
||||||
s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+#endif
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
@@ -519,11 +543,34 @@ int dtls1_accept(SSL *s)
|
|
||||||
dtls1_stop_timer(s);
|
|
||||||
if (s->hit)
|
|
||||||
s->state=SSL_ST_OK;
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ else if (s->tlsext_ticket_expected)
|
|
||||||
+ s->state=SSL3_ST_SW_SESSION_TICKET_A;
|
|
||||||
+#endif
|
|
||||||
else
|
|
||||||
s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ case SSL3_ST_SW_SESSION_TICKET_A:
|
|
||||||
+ case SSL3_ST_SW_SESSION_TICKET_B:
|
|
||||||
+ ret=dtls1_send_newsession_ticket(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case SSL3_ST_SW_CERT_STATUS_A:
|
|
||||||
+ case SSL3_ST_SW_CERT_STATUS_B:
|
|
||||||
+ ret=ssl3_send_cert_status(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
case SSL3_ST_SW_CHANGE_A:
|
|
||||||
case SSL3_ST_SW_CHANGE_B:
|
|
||||||
|
|
||||||
@@ -749,6 +796,8 @@ int dtls1_send_server_hello(SSL *s)
|
|
||||||
p+=sl;
|
|
||||||
|
|
||||||
/* put the cipher */
|
|
||||||
+ if (s->s3->tmp.new_cipher == NULL)
|
|
||||||
+ return -1;
|
|
||||||
i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
|
|
||||||
p+=i;
|
|
||||||
|
|
||||||
@@ -762,6 +811,14 @@ int dtls1_send_server_hello(SSL *s)
|
|
||||||
*(p++)=s->s3->tmp.new_compression->id;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
/* do the header */
|
|
||||||
l=(p-d);
|
|
||||||
d=buf;
|
|
||||||
@@ -1384,3 +1441,114 @@ int dtls1_send_server_certificate(SSL *s
|
|
||||||
/* SSL3_ST_SW_CERT_B */
|
|
||||||
return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+int dtls1_send_newsession_ticket(SSL *s)
|
|
||||||
+ {
|
|
||||||
+ if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
|
|
||||||
+ {
|
|
||||||
+ unsigned char *p, *senc, *macstart;
|
|
||||||
+ int len, slen;
|
|
||||||
+ unsigned int hlen, msg_len;
|
|
||||||
+ EVP_CIPHER_CTX ctx;
|
|
||||||
+ HMAC_CTX hctx;
|
|
||||||
+ SSL_CTX *tctx = s->initial_ctx;
|
|
||||||
+ unsigned char iv[EVP_MAX_IV_LENGTH];
|
|
||||||
+ unsigned char key_name[16];
|
|
||||||
+
|
|
||||||
+ /* get session encoding length */
|
|
||||||
+ slen = i2d_SSL_SESSION(s->session, NULL);
|
|
||||||
+ /* Some length values are 16 bits, so forget it if session is
|
|
||||||
+ * too long
|
|
||||||
+ */
|
|
||||||
+ if (slen > 0xFF00)
|
|
||||||
+ return -1;
|
|
||||||
+ /* Grow buffer if need be: the length calculation is as
|
|
||||||
+ * follows 12 (DTLS handshake message header) +
|
|
||||||
+ * 4 (ticket lifetime hint) + 2 (ticket length) +
|
|
||||||
+ * 16 (key name) + max_iv_len (iv length) +
|
|
||||||
+ * session_length + max_enc_block_size (max encrypted session
|
|
||||||
+ * length) + max_md_size (HMAC).
|
|
||||||
+ */
|
|
||||||
+ if (!BUF_MEM_grow(s->init_buf,
|
|
||||||
+ DTLS1_HM_HEADER_LENGTH + 22 + EVP_MAX_IV_LENGTH +
|
|
||||||
+ EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
|
|
||||||
+ return -1;
|
|
||||||
+ senc = OPENSSL_malloc(slen);
|
|
||||||
+ if (!senc)
|
|
||||||
+ return -1;
|
|
||||||
+ p = senc;
|
|
||||||
+ i2d_SSL_SESSION(s->session, &p);
|
|
||||||
+
|
|
||||||
+ p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
|
|
||||||
+ EVP_CIPHER_CTX_init(&ctx);
|
|
||||||
+ HMAC_CTX_init(&hctx);
|
|
||||||
+ /* Initialize HMAC and cipher contexts. If callback present
|
|
||||||
+ * it does all the work otherwise use generated values
|
|
||||||
+ * from parent ctx.
|
|
||||||
+ */
|
|
||||||
+ if (tctx->tlsext_ticket_key_cb)
|
|
||||||
+ {
|
|
||||||
+ if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
|
|
||||||
+ &hctx, 1) < 0)
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_free(senc);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ RAND_pseudo_bytes(iv, 16);
|
|
||||||
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
|
|
||||||
+ tctx->tlsext_tick_aes_key, iv);
|
|
||||||
+ HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
|
|
||||||
+ tlsext_tick_md(), NULL);
|
|
||||||
+ memcpy(key_name, tctx->tlsext_tick_key_name, 16);
|
|
||||||
+ }
|
|
||||||
+ l2n(s->session->tlsext_tick_lifetime_hint, p);
|
|
||||||
+ /* Skip ticket length for now */
|
|
||||||
+ p += 2;
|
|
||||||
+ /* Output key name */
|
|
||||||
+ macstart = p;
|
|
||||||
+ memcpy(p, key_name, 16);
|
|
||||||
+ p += 16;
|
|
||||||
+ /* output IV */
|
|
||||||
+ memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
|
|
||||||
+ p += EVP_CIPHER_CTX_iv_length(&ctx);
|
|
||||||
+ /* Encrypt session data */
|
|
||||||
+ EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
|
|
||||||
+ p += len;
|
|
||||||
+ EVP_EncryptFinal(&ctx, p, &len);
|
|
||||||
+ p += len;
|
|
||||||
+ EVP_CIPHER_CTX_cleanup(&ctx);
|
|
||||||
+
|
|
||||||
+ HMAC_Update(&hctx, macstart, p - macstart);
|
|
||||||
+ HMAC_Final(&hctx, p, &hlen);
|
|
||||||
+ HMAC_CTX_cleanup(&hctx);
|
|
||||||
+
|
|
||||||
+ p += hlen;
|
|
||||||
+ /* Now write out lengths: p points to end of data written */
|
|
||||||
+ /* Total length */
|
|
||||||
+ len = p - (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
|
|
||||||
+ p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4;
|
|
||||||
+ s2n(len - 18, p); /* Ticket length */
|
|
||||||
+
|
|
||||||
+ /* number of bytes to write */
|
|
||||||
+ s->init_num= len;
|
|
||||||
+ s->state=SSL3_ST_SW_SESSION_TICKET_B;
|
|
||||||
+ s->init_off=0;
|
|
||||||
+ OPENSSL_free(senc);
|
|
||||||
+
|
|
||||||
+ /* XDTLS: set message header ? */
|
|
||||||
+ msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
|
|
||||||
+ dtls1_set_message_header(s, (void *)s->init_buf->data,
|
|
||||||
+ SSL3_MT_NEWSESSION_TICKET, msg_len, 0, msg_len);
|
|
||||||
+
|
|
||||||
+ /* buffer the message to handle re-xmits */
|
|
||||||
+ dtls1_buffer_message(s, 0);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* SSL3_ST_SW_SESSION_TICKET_B */
|
|
||||||
+ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_locl.h.dtls-reneg openssl-1.0.0-beta4/ssl/ssl_locl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_locl.h.dtls-reneg 2009-11-23 08:36:03.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_locl.h 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -933,7 +933,7 @@ void dtls1_start_timer(SSL *s);
|
|
||||||
void dtls1_stop_timer(SSL *s);
|
|
||||||
int dtls1_is_timer_expired(SSL *s);
|
|
||||||
void dtls1_double_timeout(SSL *s);
|
|
||||||
-
|
|
||||||
+int dtls1_send_newsession_ticket(SSL *s);
|
|
||||||
|
|
||||||
/* some client-only functions */
|
|
||||||
int ssl3_client_hello(SSL *s);
|
|
||||||
@@ -949,6 +949,9 @@ int ssl3_send_client_key_exchange(SSL *s
|
|
||||||
int ssl3_get_key_exchange(SSL *s);
|
|
||||||
int ssl3_get_server_certificate(SSL *s);
|
|
||||||
int ssl3_check_cert_and_algorithm(SSL *s);
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+int ssl3_check_finished(SSL *s);
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
int dtls1_client_hello(SSL *s);
|
|
||||||
int dtls1_send_client_certificate(SSL *s);
|
|
||||||
@@ -1030,6 +1033,7 @@ int ssl_prepare_clienthello_tlsext(SSL *
|
|
||||||
int ssl_prepare_serverhello_tlsext(SSL *s);
|
|
||||||
int ssl_check_clienthello_tlsext(SSL *s);
|
|
||||||
int ssl_check_serverhello_tlsext(SSL *s);
|
|
||||||
+
|
|
||||||
#ifdef OPENSSL_NO_SHA256
|
|
||||||
#define tlsext_tick_md EVP_sha1
|
|
||||||
#else
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.dtls-reneg openssl-1.0.0-beta4/ssl/s3_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.dtls-reneg 2009-11-23 08:36:04.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -170,9 +170,6 @@
|
|
||||||
|
|
||||||
static const SSL_METHOD *ssl3_get_client_method(int ver);
|
|
||||||
static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
|
|
||||||
-#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
-static int ssl3_check_finished(SSL *s);
|
|
||||||
-#endif
|
|
||||||
|
|
||||||
static const SSL_METHOD *ssl3_get_client_method(int ver)
|
|
||||||
{
|
|
||||||
@@ -1827,6 +1824,7 @@ int ssl3_get_new_session_ticket(SSL *s)
|
|
||||||
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_LENGTH_MISMATCH);
|
|
||||||
goto f_err;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
p=d=(unsigned char *)s->init_msg;
|
|
||||||
n2l(p, s->session->tlsext_tick_lifetime_hint);
|
|
||||||
n2s(p, ticklen);
|
|
||||||
@@ -2991,7 +2989,7 @@ err:
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
-static int ssl3_check_finished(SSL *s)
|
|
||||||
+int ssl3_check_finished(SSL *s)
|
|
||||||
{
|
|
||||||
int ok;
|
|
||||||
long n;
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.dtls-reneg openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.dtls-reneg 2009-11-23 08:36:04.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -340,7 +340,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
+ if (s->tlsext_ecpointformatlist != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* Add TLS extension ECPointFormats to the ClientHello message */
|
|
||||||
long lenmax;
|
|
||||||
@@ -359,7 +360,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
|
|
||||||
ret+=s->tlsext_ecpointformatlist_length;
|
|
||||||
}
|
|
||||||
- if (s->tlsext_ellipticcurvelist != NULL)
|
|
||||||
+ if (s->tlsext_ellipticcurvelist != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* Add TLS extension EllipticCurves to the ClientHello message */
|
|
||||||
long lenmax;
|
|
||||||
@@ -423,7 +425,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
skip_ext:
|
|
||||||
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- if (s->s3->client_opaque_prf_input != NULL)
|
|
||||||
+ if (s->s3->client_opaque_prf_input != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
size_t col = s->s3->client_opaque_prf_input_len;
|
|
||||||
|
|
||||||
@@ -440,7 +443,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
- if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp)
|
|
||||||
+ if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
long extlen, idlen, itmp;
|
|
||||||
@@ -515,7 +519,7 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
s2n(0,ret);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if(s->s3->send_connection_binding)
|
|
||||||
+ if(s->s3->send_connection_binding)
|
|
||||||
{
|
|
||||||
int el;
|
|
||||||
|
|
||||||
@@ -540,7 +544,8 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
+ if (s->tlsext_ecpointformatlist != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* Add TLS extension ECPointFormats to the ServerHello message */
|
|
||||||
long lenmax;
|
|
||||||
@@ -579,7 +584,8 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- if (s->s3->server_opaque_prf_input != NULL)
|
|
||||||
+ if (s->s3->server_opaque_prf_input != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
size_t sol = s->s3->server_opaque_prf_input_len;
|
|
||||||
|
|
||||||
@@ -757,7 +763,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- else if (type == TLSEXT_TYPE_ec_point_formats)
|
|
||||||
+ else if (type == TLSEXT_TYPE_ec_point_formats &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
int ecpointformatlist_length = *(sdata++);
|
|
||||||
@@ -784,7 +791,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
fprintf(stderr,"\n");
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
- else if (type == TLSEXT_TYPE_elliptic_curves)
|
|
||||||
+ else if (type == TLSEXT_TYPE_elliptic_curves &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
int ellipticcurvelist_length = (*(sdata++) << 8);
|
|
||||||
@@ -814,7 +822,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
#endif /* OPENSSL_NO_EC */
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- else if (type == TLSEXT_TYPE_opaque_prf_input)
|
|
||||||
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
|
|
||||||
@@ -858,8 +867,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
renegotiate_seen = 1;
|
|
||||||
}
|
|
||||||
- else if (type == TLSEXT_TYPE_status_request
|
|
||||||
- && s->ctx->tlsext_status_cb)
|
|
||||||
+ else if (type == TLSEXT_TYPE_status_request &&
|
|
||||||
+ s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb)
|
|
||||||
{
|
|
||||||
|
|
||||||
if (size < 5)
|
|
||||||
@@ -1027,7 +1036,8 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- else if (type == TLSEXT_TYPE_ec_point_formats)
|
|
||||||
+ else if (type == TLSEXT_TYPE_ec_point_formats &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
int ecpointformatlist_length = *(sdata++);
|
|
||||||
@@ -1073,7 +1083,8 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
s->tlsext_ticket_expected = 1;
|
|
||||||
}
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- else if (type == TLSEXT_TYPE_opaque_prf_input)
|
|
||||||
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
|
|
||||||
@@ -1103,7 +1114,8 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
- else if (type == TLSEXT_TYPE_status_request)
|
|
||||||
+ else if (type == TLSEXT_TYPE_status_request &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* MUST be empty and only sent if we've requested
|
|
||||||
* a status request message.
|
|
@ -1,25 +0,0 @@
|
|||||||
Adding struct member is ABI breaker however as the structure is always allocated by
|
|
||||||
the library calls we just move it to the end and it should be reasonably safe.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/dtls1.h.dtls1-abi openssl-1.0.0-beta4/ssl/dtls1.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/dtls1.h.dtls1-abi 2009-11-12 14:34:37.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/dtls1.h 2009-11-12 14:47:57.000000000 +0100
|
|
||||||
@@ -216,9 +216,6 @@ typedef struct dtls1_state_st
|
|
||||||
*/
|
|
||||||
record_pqueue buffered_app_data;
|
|
||||||
|
|
||||||
- /* Is set when listening for new connections with dtls1_listen() */
|
|
||||||
- unsigned int listen;
|
|
||||||
-
|
|
||||||
unsigned int mtu; /* max DTLS packet size */
|
|
||||||
|
|
||||||
struct hm_header_st w_msg_hdr;
|
|
||||||
@@ -242,6 +239,9 @@ typedef struct dtls1_state_st
|
|
||||||
unsigned int retransmitting;
|
|
||||||
unsigned int change_cipher_spec_ok;
|
|
||||||
|
|
||||||
+ /* Is set when listening for new connections with dtls1_listen() */
|
|
||||||
+ unsigned int listen;
|
|
||||||
+
|
|
||||||
} DTLS1_STATE;
|
|
||||||
|
|
||||||
typedef struct dtls1_record_data_st
|
|
@ -1,52 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/Configure.enginesdir openssl-1.0.0-beta4/Configure
|
|
||||||
--- openssl-1.0.0-beta4/Configure.enginesdir 2009-11-12 12:17:59.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/Configure 2009-11-12 12:19:45.000000000 +0100
|
|
||||||
@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
|
|
||||||
my $prefix="";
|
|
||||||
my $libdir="";
|
|
||||||
my $openssldir="";
|
|
||||||
+my $enginesdir="";
|
|
||||||
my $exe_ext="";
|
|
||||||
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
|
|
||||||
my $cross_compile_prefix="";
|
|
||||||
@@ -833,6 +834,10 @@ PROCESS_ARGS:
|
|
||||||
{
|
|
||||||
$openssldir=$1;
|
|
||||||
}
|
|
||||||
+ elsif (/^--enginesdir=(.*)$/)
|
|
||||||
+ {
|
|
||||||
+ $enginesdir=$1;
|
|
||||||
+ }
|
|
||||||
elsif (/^--install.prefix=(.*)$/)
|
|
||||||
{
|
|
||||||
$install_prefix=$1;
|
|
||||||
@@ -1055,7 +1060,7 @@ chop $prefix if $prefix =~ /.\/$/;
|
|
||||||
|
|
||||||
$openssldir=$prefix . "/ssl" if $openssldir eq "";
|
|
||||||
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
|
|
||||||
-
|
|
||||||
+$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
|
|
||||||
|
|
||||||
print "IsMK1MF=$IsMK1MF\n";
|
|
||||||
|
|
||||||
@@ -1676,7 +1681,7 @@ while (<IN>)
|
|
||||||
# $foo is to become "$prefix/lib$multilib/engines";
|
|
||||||
# as Makefile.org and engines/Makefile are adapted for
|
|
||||||
# $multilib suffix.
|
|
||||||
- my $foo = "$prefix/lib/engines";
|
|
||||||
+ my $foo = "$enginesdir";
|
|
||||||
$foo =~ s/\\/\\\\/g;
|
|
||||||
print OUT "#define ENGINESDIR \"$foo\"\n";
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta4/engines/Makefile.enginesdir openssl-1.0.0-beta4/engines/Makefile
|
|
||||||
--- openssl-1.0.0-beta4/engines/Makefile.enginesdir 2009-11-10 02:52:52.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/engines/Makefile 2009-11-12 12:23:06.000000000 +0100
|
|
||||||
@@ -124,7 +124,7 @@ install:
|
|
||||||
sfx=".so"; \
|
|
||||||
cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
|
||||||
fi; \
|
|
||||||
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
|
||||||
+ chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
|
||||||
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
|
|
||||||
done; \
|
|
||||||
fi
|
|
File diff suppressed because it is too large
Load Diff
@ -1,59 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/Configure.redhat openssl-1.0.0-beta4/Configure
|
|
||||||
--- openssl-1.0.0-beta4/Configure.redhat 2009-11-09 15:11:13.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/Configure 2009-11-12 12:15:27.000000000 +0100
|
|
||||||
@@ -336,32 +336,32 @@ my %table=(
|
|
||||||
####
|
|
||||||
# *-generic* is endian-neutral target, but ./config is free to
|
|
||||||
# throw in -D[BL]_ENDIAN, whichever appropriate...
|
|
||||||
-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
-"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-generic32","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
+"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
# It's believed that majority of ARM toolchains predefine appropriate -march.
|
|
||||||
# If you compiler does not, do complement config command line with one!
|
|
||||||
-"linux-armv4", "gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-armv4", "gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
#### IA-32 targets...
|
|
||||||
"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
|
|
||||||
####
|
|
||||||
-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
-"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
|
||||||
-"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-generic64","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
+"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
|
||||||
+"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
|
||||||
-"linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
|
||||||
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
|
||||||
+"linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
|
||||||
#### SPARC Linux setups
|
|
||||||
# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
|
|
||||||
# assisted with debugging of following two configs.
|
|
||||||
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-sparcv8","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
# it's a real mess with -mcpu=ultrasparc option under Linux, but
|
|
||||||
# -Wa,-Av8plus should do the trick no matter what.
|
|
||||||
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
# GCC 3.1 is a requirement
|
|
||||||
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
|
|
||||||
+"linux64-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
|
|
||||||
#### Alpha Linux with GNU C and Compaq C setups
|
|
||||||
# Special notes:
|
|
||||||
# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
|
|
||||||
@@ -375,8 +375,8 @@ my %table=(
|
|
||||||
#
|
|
||||||
# <appro@fy.chalmers.se>
|
|
||||||
#
|
|
||||||
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
|
||||||
+"linux-alpha-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
+"linux-alpha+bwx-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
|
|
||||||
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
|
|
||||||
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
|
|
||||||
|
|
@ -1,93 +0,0 @@
|
|||||||
Better error reporting for unsafe renegotiation.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_err.c.reneg-err openssl-1.0.0-beta4/ssl/ssl_err.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_err.c.reneg-err 2009-11-09 19:45:42.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_err.c 2009-11-20 17:56:57.000000000 +0100
|
|
||||||
@@ -226,7 +226,9 @@ static ERR_STRING_DATA SSL_str_functs[]=
|
|
||||||
{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
|
|
||||||
+{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT), "SSL_PARSE_CLIENTHELLO_TLSEXT"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT), "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
|
|
||||||
+{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT), "SSL_PARSE_SERVERHELLO_TLSEXT"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "SSL_PREPARE_SERVERHELLO_TLSEXT"},
|
|
||||||
@@ -526,6 +528,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),"unknown remote error type"},
|
|
||||||
{ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) ,"unknown ssl version"},
|
|
||||||
{ERR_REASON(SSL_R_UNKNOWN_STATE) ,"unknown state"},
|
|
||||||
+{ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),"unsafe legacy renegotiation disabled"},
|
|
||||||
{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
|
|
||||||
{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
|
|
||||||
{ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE),"unsupported digest type"},
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl.h.reneg-err openssl-1.0.0-beta4/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl.h.reneg-err 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl.h 2009-11-20 17:56:57.000000000 +0100
|
|
||||||
@@ -1934,7 +1934,9 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
|
|
||||||
#define SSL_F_SSL_NEW 186
|
|
||||||
#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
|
|
||||||
+#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
|
|
||||||
#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
|
|
||||||
+#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
|
|
||||||
#define SSL_F_SSL_PEEK 270
|
|
||||||
#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
|
|
||||||
#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
|
|
||||||
@@ -2231,6 +2233,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
|
|
||||||
#define SSL_R_UNKNOWN_SSL_VERSION 254
|
|
||||||
#define SSL_R_UNKNOWN_STATE 255
|
|
||||||
+#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
|
|
||||||
#define SSL_R_UNSUPPORTED_CIPHER 256
|
|
||||||
#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
|
|
||||||
#define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s23_srvr.c.reneg-err openssl-1.0.0-beta4/ssl/s23_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s23_srvr.c.reneg-err 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s23_srvr.c 2009-11-20 17:57:23.000000000 +0100
|
|
||||||
@@ -497,6 +497,11 @@ int ssl23_get_client_hello(SSL *s)
|
|
||||||
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
|
|
||||||
goto err;
|
|
||||||
#else
|
|
||||||
+ if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
/* we are talking sslv2 */
|
|
||||||
/* we need to clean up the SSLv3/TLSv1 setup and put in the
|
|
||||||
* sslv2 stuff. */
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.reneg-err openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.reneg-err 2009-11-18 14:04:19.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2009-11-20 17:56:57.000000000 +0100
|
|
||||||
@@ -636,6 +636,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
{
|
|
||||||
/* We should always see one extension: the renegotiate extension */
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
return 1;
|
|
||||||
@@ -965,6 +966,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
if (s->new_session && !renegotiate_seen
|
|
||||||
&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
{
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
@@ -993,6 +995,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
{
|
|
||||||
/* We should always see one extension: the renegotiate extension */
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
@@ -1133,6 +1136,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
{
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif
|
|
@ -1,793 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/s_client.c.scsv openssl-1.0.0-beta4/apps/s_client.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_client.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_client.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -382,7 +382,7 @@ int MAIN(int, char **);
|
|
||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
|
||||||
{
|
|
||||||
- int off=0;
|
|
||||||
+ unsigned int off=0, clr=0;
|
|
||||||
SSL *con=NULL;
|
|
||||||
int s,k,width,state=0;
|
|
||||||
char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
|
|
||||||
@@ -660,6 +660,10 @@ int MAIN(int argc, char **argv)
|
|
||||||
off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
|
|
||||||
else if (strcmp(*argv,"-legacy_renegotiation") == 0)
|
|
||||||
off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
|
|
||||||
+ else if (strcmp(*argv,"-legacy_server_connect") == 0)
|
|
||||||
+ { off|=SSL_OP_LEGACY_SERVER_CONNECT; }
|
|
||||||
+ else if (strcmp(*argv,"-no_legacy_server_connect") == 0)
|
|
||||||
+ { clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
|
|
||||||
else if (strcmp(*argv,"-cipher") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
@@ -870,6 +874,9 @@ bad:
|
|
||||||
SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
|
|
||||||
else
|
|
||||||
SSL_CTX_set_options(ctx,off);
|
|
||||||
+
|
|
||||||
+ if (clr)
|
|
||||||
+ SSL_CTX_clear_options(ctx, clr);
|
|
||||||
/* DTLS: partial reads end up discarding unread UDP bytes :-(
|
|
||||||
* Setting read ahead solves this problem.
|
|
||||||
*/
|
|
||||||
@@ -1725,6 +1732,8 @@ static void print_stuff(BIO *bio, SSL *s
|
|
||||||
EVP_PKEY_bits(pktmp));
|
|
||||||
EVP_PKEY_free(pktmp);
|
|
||||||
}
|
|
||||||
+ BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
|
|
||||||
+ SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
|
|
||||||
#ifndef OPENSSL_NO_COMP
|
|
||||||
comp=SSL_get_current_compression(s);
|
|
||||||
expansion=SSL_get_current_expansion(s);
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_server.c.scsv openssl-1.0.0-beta4/apps/s_server.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_server.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_server.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -2212,6 +2212,8 @@ static int init_ssl_connection(SSL *con)
|
|
||||||
con->kssl_ctx->client_princ);
|
|
||||||
}
|
|
||||||
#endif /* OPENSSL_NO_KRB5 */
|
|
||||||
+ BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
|
|
||||||
+ SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod.scsv openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod
|
|
||||||
--- openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod.scsv 2007-08-24 00:49:13.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -2,7 +2,7 @@
|
|
||||||
|
|
||||||
=head1 NAME
|
|
||||||
|
|
||||||
-SSL_CTX_set_options, SSL_set_options, SSL_CTX_get_options, SSL_get_options - manipulate SSL engine options
|
|
||||||
+SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options
|
|
||||||
|
|
||||||
=head1 SYNOPSIS
|
|
||||||
|
|
||||||
@@ -11,26 +11,41 @@ SSL_CTX_set_options, SSL_set_options, SS
|
|
||||||
long SSL_CTX_set_options(SSL_CTX *ctx, long options);
|
|
||||||
long SSL_set_options(SSL *ssl, long options);
|
|
||||||
|
|
||||||
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
|
|
||||||
+ long SSL_clear_options(SSL *ssl, long options);
|
|
||||||
+
|
|
||||||
long SSL_CTX_get_options(SSL_CTX *ctx);
|
|
||||||
long SSL_get_options(SSL *ssl);
|
|
||||||
|
|
||||||
+ long SSL_get_secure_renegotiation_support(SSL *ssl);
|
|
||||||
+
|
|
||||||
=head1 DESCRIPTION
|
|
||||||
|
|
||||||
+Note: all these functions are implemented using macros.
|
|
||||||
+
|
|
||||||
SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
|
|
||||||
Options already set before are not cleared!
|
|
||||||
|
|
||||||
SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
|
|
||||||
Options already set before are not cleared!
|
|
||||||
|
|
||||||
+SSL_CTX_clear_options() clears the options set via bitmask in B<options>
|
|
||||||
+to B<ctx>.
|
|
||||||
+
|
|
||||||
+SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
|
|
||||||
+
|
|
||||||
SSL_CTX_get_options() returns the options set for B<ctx>.
|
|
||||||
|
|
||||||
SSL_get_options() returns the options set for B<ssl>.
|
|
||||||
|
|
||||||
+SSL_get_secure_renegotiation_support() indicates whether the peer supports
|
|
||||||
+secure renegotiation.
|
|
||||||
+
|
|
||||||
=head1 NOTES
|
|
||||||
|
|
||||||
The behaviour of the SSL library can be changed by setting several options.
|
|
||||||
The options are coded as bitmasks and can be combined by a logical B<or>
|
|
||||||
-operation (|). Options can only be added but can never be reset.
|
|
||||||
+operation (|).
|
|
||||||
|
|
||||||
SSL_CTX_set_options() and SSL_set_options() affect the (external)
|
|
||||||
protocol behaviour of the SSL library. The (internal) behaviour of
|
|
||||||
@@ -199,7 +214,7 @@ Do not use the TLSv1 protocol.
|
|
||||||
|
|
||||||
When performing renegotiation as a server, always start a new session
|
|
||||||
(i.e., session resumption requests are only accepted in the initial
|
|
||||||
-handshake). This option is not needed for clients.
|
|
||||||
+handshake). This option is not needed for clients.
|
|
||||||
|
|
||||||
=item SSL_OP_NO_TICKET
|
|
||||||
|
|
||||||
@@ -209,15 +224,63 @@ of RFC4507bis tickets for stateless sess
|
|
||||||
If this option is set this functionality is disabled and tickets will
|
|
||||||
not be used by clients or servers.
|
|
||||||
|
|
||||||
+=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
|
|
||||||
+
|
|
||||||
+See the B<SECURE RENEGOTIATION> section for a discussion of the purpose of
|
|
||||||
+this option
|
|
||||||
+
|
|
||||||
=back
|
|
||||||
|
|
||||||
+=head1 SECURE RENEGOTIATION
|
|
||||||
+
|
|
||||||
+OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
|
|
||||||
+described in draft-ietf-tls-renegotiation (FIXME: replace by RFC). This
|
|
||||||
+counters a prefix attack described in the draft and elsewhere (FIXME: need full
|
|
||||||
+reference).
|
|
||||||
+
|
|
||||||
+This attack has far reaching consequences which application writers should be
|
|
||||||
+aware of. In the description below an implementation supporting secure
|
|
||||||
+renegotiation is referred to as I<patched>. A server not supporting secure
|
|
||||||
+renegotiation is referred to as I<unpatched>.
|
|
||||||
+
|
|
||||||
+If an unpatched client attempts to connect to a patched OpenSSL server then
|
|
||||||
+the attempt will succeed but renegotiation is not permitted. As required
|
|
||||||
+by the standard a B<no_renegotiation> alert is sent back to the client if
|
|
||||||
+the TLS v1.0 protocol is used. If SSLv3.0 is used then renegotiation results
|
|
||||||
+in a fatal B<handshake_failed> alert.
|
|
||||||
+
|
|
||||||
+If a patched OpenSSL client attempts to connect to an unpatched server
|
|
||||||
+then the connection will fail because it is not possible to determine
|
|
||||||
+whether an attack is taking place.
|
|
||||||
+
|
|
||||||
+If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then the
|
|
||||||
+above restrictions are relaxed. Renegotiation is permissible and initial
|
|
||||||
+connections to unpatched servers will succeed.
|
|
||||||
+
|
|
||||||
+This option should be used with caution because it leaves both clients and
|
|
||||||
+servers vulnerable. However unpatched servers and clients are likely to be
|
|
||||||
+around for some time and refusing to connect to unpatched servers or denying
|
|
||||||
+renegotion altogether may be unacceptable. So applications may be forced to
|
|
||||||
+tolerate unsafe renegotiation for the immediate future.
|
|
||||||
+
|
|
||||||
+The function SSL_get_secure_renegotiation_support() indicates whether the peer
|
|
||||||
+supports secure renegotiation.
|
|
||||||
+
|
|
||||||
+The deprecated SSLv2 protocol does not support secure renegotiation at all.
|
|
||||||
+
|
|
||||||
=head1 RETURN VALUES
|
|
||||||
|
|
||||||
SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
|
|
||||||
after adding B<options>.
|
|
||||||
|
|
||||||
+SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
|
|
||||||
+after clearing B<options>.
|
|
||||||
+
|
|
||||||
SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
|
|
||||||
|
|
||||||
+SSL_get_secure_renegotiation_support() returns 1 is the peer supports
|
|
||||||
+secure renegotiation and 0 if it does not.
|
|
||||||
+
|
|
||||||
=head1 SEE ALSO
|
|
||||||
|
|
||||||
L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
|
|
||||||
@@ -240,4 +303,10 @@ Versions up to OpenSSL 0.9.6c do not inc
|
|
||||||
can be disabled with this option (in OpenSSL 0.9.6d, it was always
|
|
||||||
enabled).
|
|
||||||
|
|
||||||
+SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
|
|
||||||
+0.9.8m.
|
|
||||||
+
|
|
||||||
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> was first added in OpenSSL
|
|
||||||
+0.9.8m.
|
|
||||||
+
|
|
||||||
=cut
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_clnt.c.scsv openssl-1.0.0-beta4/ssl/d1_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_clnt.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_clnt.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -698,7 +698,7 @@ int dtls1_client_hello(SSL *s)
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
{
|
|
||||||
- SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_srvr.c.scsv openssl-1.0.0-beta4/ssl/d1_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_srvr.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_srvr.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -814,7 +814,7 @@ int dtls1_send_server_hello(SSL *s)
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
{
|
|
||||||
- SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_err.c.scsv openssl-1.0.0-beta4/ssl/ssl_err.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_err.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_err.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -414,6 +414,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"},
|
|
||||||
{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"},
|
|
||||||
{ERR_REASON(SSL_R_NO_PUBLICKEY) ,"no publickey"},
|
|
||||||
+{ERR_REASON(SSL_R_NO_RENEGOTIATION) ,"no renegotiation"},
|
|
||||||
{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) ,"digest requred for handshake isn't computed"},
|
|
||||||
{ERR_REASON(SSL_R_NO_SHARED_CIPHER) ,"no shared cipher"},
|
|
||||||
{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) ,"no verify callback"},
|
|
||||||
@@ -453,6 +454,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
|
|
||||||
+{ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"},
|
|
||||||
{ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) ,"serverhello tlsext"},
|
|
||||||
{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
|
|
||||||
{ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl.h.scsv openssl-1.0.0-beta4/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl.h.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl.h 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -511,6 +511,8 @@ typedef struct ssl_session_st
|
|
||||||
|
|
||||||
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
|
|
||||||
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
|
||||||
+/* Allow initial connection to servers that don't support RI */
|
|
||||||
+#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
|
|
||||||
#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */
|
|
||||||
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
|
|
||||||
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
|
|
||||||
@@ -518,7 +520,6 @@ typedef struct ssl_session_st
|
|
||||||
#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
|
|
||||||
#define SSL_OP_TLS_D5_BUG 0x00000100L
|
|
||||||
#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
|
|
||||||
-#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00000400L
|
|
||||||
|
|
||||||
/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
|
|
||||||
* in OpenSSL 0.9.6d. Usually (depending on the application protocol)
|
|
||||||
@@ -544,6 +545,8 @@ typedef struct ssl_session_st
|
|
||||||
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
|
|
||||||
/* Don't use compression even if supported */
|
|
||||||
#define SSL_OP_NO_COMPRESSION 0x00020000L
|
|
||||||
+/* Permit unsafe legacy renegotiation */
|
|
||||||
+#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
|
|
||||||
/* If set, always create a new key when using tmp_ecdh parameters */
|
|
||||||
#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
|
|
||||||
/* If set, always create a new key when using tmp_dh parameters */
|
|
||||||
@@ -599,17 +602,25 @@ typedef struct ssl_session_st
|
|
||||||
|
|
||||||
#define SSL_CTX_set_options(ctx,op) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
|
|
||||||
+#define SSL_CTX_clear_options(ctx,op) \
|
|
||||||
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
|
|
||||||
#define SSL_CTX_get_options(ctx) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
|
|
||||||
#define SSL_set_options(ssl,op) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
|
|
||||||
+#define SSL_clear_options(ssl,op) \
|
|
||||||
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
|
|
||||||
#define SSL_get_options(ssl) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
|
|
||||||
|
|
||||||
#define SSL_CTX_set_mode(ctx,op) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
|
|
||||||
+#define SSL_CTX_clear_mode(ctx,op) \
|
|
||||||
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
|
|
||||||
#define SSL_CTX_get_mode(ctx) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
|
|
||||||
+#define SSL_clear_mode(ssl,op) \
|
|
||||||
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
|
|
||||||
#define SSL_set_mode(ssl,op) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
|
|
||||||
#define SSL_get_mode(ssl) \
|
|
||||||
@@ -617,6 +628,8 @@ typedef struct ssl_session_st
|
|
||||||
#define SSL_set_mtu(ssl, mtu) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
|
|
||||||
|
|
||||||
+#define SSL_get_secure_renegotiation_support(ssl) \
|
|
||||||
+ SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
|
|
||||||
|
|
||||||
void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
|
|
||||||
void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
|
|
||||||
@@ -1389,6 +1402,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|
||||||
#define DTLS_CTRL_HANDLE_TIMEOUT 74
|
|
||||||
#define DTLS_CTRL_LISTEN 75
|
|
||||||
|
|
||||||
+#define SSL_CTRL_GET_RI_SUPPORT 76
|
|
||||||
+#define SSL_CTRL_CLEAR_OPTIONS 77
|
|
||||||
+#define SSL_CTRL_CLEAR_MODE 78
|
|
||||||
+
|
|
||||||
#define DTLSv1_get_timeout(ssl, arg) \
|
|
||||||
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
|
|
||||||
#define DTLSv1_handle_timeout(ssl) \
|
|
||||||
@@ -2119,6 +2136,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
|
|
||||||
#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
|
|
||||||
#define SSL_R_NO_PUBLICKEY 192
|
|
||||||
+#define SSL_R_NO_RENEGOTIATION 339
|
|
||||||
#define SSL_R_NO_REQUIRED_DIGEST 324
|
|
||||||
#define SSL_R_NO_SHARED_CIPHER 193
|
|
||||||
#define SSL_R_NO_VERIFY_CALLBACK 194
|
|
||||||
@@ -2158,6 +2176,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
|
|
||||||
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
|
|
||||||
#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
|
|
||||||
+#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
|
|
||||||
#define SSL_R_SERVERHELLO_TLSEXT 275
|
|
||||||
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
|
|
||||||
#define SSL_R_SHORT_READ 219
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_lib.c.scsv openssl-1.0.0-beta4/ssl/ssl_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_lib.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_lib.c 2010-01-07 23:38:08.000000000 +0100
|
|
||||||
@@ -1041,8 +1041,12 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
|
|
||||||
|
|
||||||
case SSL_CTRL_OPTIONS:
|
|
||||||
return(s->options|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_OPTIONS:
|
|
||||||
+ return(s->options&=~larg);
|
|
||||||
case SSL_CTRL_MODE:
|
|
||||||
return(s->mode|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_MODE:
|
|
||||||
+ return(s->mode &=~larg);
|
|
||||||
case SSL_CTRL_GET_MAX_CERT_LIST:
|
|
||||||
return(s->max_cert_list);
|
|
||||||
case SSL_CTRL_SET_MAX_CERT_LIST:
|
|
||||||
@@ -1062,6 +1066,10 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
|
|
||||||
return 0;
|
|
||||||
s->max_send_fragment = larg;
|
|
||||||
return 1;
|
|
||||||
+ case SSL_CTRL_GET_RI_SUPPORT:
|
|
||||||
+ if (s->s3)
|
|
||||||
+ return s->s3->send_connection_binding;
|
|
||||||
+ else return 0;
|
|
||||||
default:
|
|
||||||
return(s->method->ssl_ctrl(s,cmd,larg,parg));
|
|
||||||
}
|
|
||||||
@@ -1148,8 +1156,12 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,l
|
|
||||||
return(ctx->stats.sess_cache_full);
|
|
||||||
case SSL_CTRL_OPTIONS:
|
|
||||||
return(ctx->options|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_OPTIONS:
|
|
||||||
+ return(ctx->options&=~larg);
|
|
||||||
case SSL_CTRL_MODE:
|
|
||||||
return(ctx->mode|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_MODE:
|
|
||||||
+ return(ctx->mode&=~larg);
|
|
||||||
case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
|
|
||||||
if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
|
|
||||||
return 0;
|
|
||||||
@@ -1357,6 +1369,22 @@ int ssl_cipher_list_to_bytes(SSL *s,STAC
|
|
||||||
j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
|
|
||||||
p+=j;
|
|
||||||
}
|
|
||||||
+ /* If p == q, no ciphers and caller indicates an error. Otherwise
|
|
||||||
+ * add SCSV if not renegotiating.
|
|
||||||
+ */
|
|
||||||
+ if (p != q && !s->new_session)
|
|
||||||
+ {
|
|
||||||
+ static SSL_CIPHER scsv =
|
|
||||||
+ {
|
|
||||||
+ 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
|
||||||
+ };
|
|
||||||
+ j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
|
|
||||||
+ p+=j;
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "SCSV sent by client\n");
|
|
||||||
+#endif
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return(p-q);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1366,6 +1394,8 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_ciphe
|
|
||||||
const SSL_CIPHER *c;
|
|
||||||
STACK_OF(SSL_CIPHER) *sk;
|
|
||||||
int i,n;
|
|
||||||
+ if (s->s3)
|
|
||||||
+ s->s3->send_connection_binding = 0;
|
|
||||||
|
|
||||||
n=ssl_put_cipher_by_char(s,NULL,NULL);
|
|
||||||
if ((num%n) != 0)
|
|
||||||
@@ -1383,6 +1413,26 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_ciphe
|
|
||||||
|
|
||||||
for (i=0; i<num; i+=n)
|
|
||||||
{
|
|
||||||
+ /* Check for SCSV */
|
|
||||||
+ if (s->s3 && (n != 3 || !p[0]) &&
|
|
||||||
+ (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
|
|
||||||
+ (p[n-1] == (SSL3_CK_SCSV & 0xff)))
|
|
||||||
+ {
|
|
||||||
+ /* SCSV fatal if renegotiating */
|
|
||||||
+ if (s->new_session)
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
|
|
||||||
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+ s->s3->send_connection_binding = 1;
|
|
||||||
+ p += n;
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "SCSV received by server\n");
|
|
||||||
+#endif
|
|
||||||
+ continue;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
c=ssl_get_cipher_by_char(s,p);
|
|
||||||
p+=n;
|
|
||||||
if (c != NULL)
|
|
||||||
@@ -1642,6 +1692,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
+ /* Default is to connect to non-RI servers. When RI is more widely
|
|
||||||
+ * deployed might change this.
|
|
||||||
+ */
|
|
||||||
+ ret->options = SSL_OP_LEGACY_SERVER_CONNECT;
|
|
||||||
|
|
||||||
return(ret);
|
|
||||||
err:
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl3.h.scsv openssl-1.0.0-beta4/ssl/ssl3.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl3.h.scsv 2010-01-07 23:37:38.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl3.h 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -128,6 +128,9 @@
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */
|
|
||||||
+#define SSL3_CK_SCSV 0x030000FF
|
|
||||||
+
|
|
||||||
#define SSL3_CK_RSA_NULL_MD5 0x03000001
|
|
||||||
#define SSL3_CK_RSA_NULL_SHA 0x03000002
|
|
||||||
#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.scsv openssl-1.0.0-beta4/ssl/s3_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -916,7 +916,7 @@ int ssl3_get_server_hello(SSL *s)
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
/* TLS extensions*/
|
|
||||||
- if (s->version > SSL3_VERSION)
|
|
||||||
+ if (s->version >= SSL3_VERSION)
|
|
||||||
{
|
|
||||||
if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_pkt.c.scsv openssl-1.0.0-beta4/ssl/s3_pkt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_pkt.c.scsv 2009-07-14 17:28:44.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_pkt.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -1120,7 +1120,25 @@ start:
|
|
||||||
* now try again to obtain the (application) data we were asked for */
|
|
||||||
goto start;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
+ /* If we are a server and get a client hello when renegotiation isn't
|
|
||||||
+ * allowed send back a no renegotiation alert and carry on.
|
|
||||||
+ * WARNING: experimental code, needs reviewing (steve)
|
|
||||||
+ */
|
|
||||||
+ if (s->server &&
|
|
||||||
+ SSL_is_init_finished(s) &&
|
|
||||||
+ !s->s3->send_connection_binding &&
|
|
||||||
+ (s->version > SSL3_VERSION) &&
|
|
||||||
+ (s->s3->handshake_fragment_len >= 4) &&
|
|
||||||
+ (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
|
|
||||||
+ (s->session != NULL) && (s->session->cipher != NULL) &&
|
|
||||||
+ !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+
|
|
||||||
+ {
|
|
||||||
+ /*s->s3->handshake_fragment_len = 0;*/
|
|
||||||
+ rr->length = 0;
|
|
||||||
+ ssl3_send_alert(s,SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
|
|
||||||
+ goto start;
|
|
||||||
+ }
|
|
||||||
if (s->s3->alert_fragment_len >= 2)
|
|
||||||
{
|
|
||||||
int alert_level = s->s3->alert_fragment[0];
|
|
||||||
@@ -1150,6 +1168,21 @@ start:
|
|
||||||
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
+ /* This is a warning but we receive it if we requested
|
|
||||||
+ * renegotiation and the peer denied it. Terminate with
|
|
||||||
+ * a fatal alert because if application tried to
|
|
||||||
+ * renegotiatie it presumably had a good reason and
|
|
||||||
+ * expects it to succeed.
|
|
||||||
+ *
|
|
||||||
+ * In future we might have a renegotiation where we
|
|
||||||
+ * don't care if the peer refused it where we carry on.
|
|
||||||
+ */
|
|
||||||
+ else if (alert_descr == SSL_AD_NO_RENEGOTIATION)
|
|
||||||
+ {
|
|
||||||
+ al = SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_NO_RENEGOTIATION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
else if (alert_level == 2) /* fatal */
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_srvr.c.scsv openssl-1.0.0-beta4/ssl/s3_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_srvr.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_srvr.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -1015,7 +1015,7 @@ int ssl3_get_client_hello(SSL *s)
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
/* TLS extensions*/
|
|
||||||
- if (s->version > SSL3_VERSION)
|
|
||||||
+ if (s->version >= SSL3_VERSION)
|
|
||||||
{
|
|
||||||
if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.scsv openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2010-01-07 23:38:08.000000000 +0100
|
|
||||||
@@ -275,8 +275,9 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
int extdatalen=0;
|
|
||||||
unsigned char *ret = p;
|
|
||||||
|
|
||||||
- /* don't add extensions for SSLv3 */
|
|
||||||
- if (s->client_version == SSL3_VERSION)
|
|
||||||
+ /* don't add extensions for SSLv3 unless doing secure renegotiation */
|
|
||||||
+ if (s->client_version == SSL3_VERSION
|
|
||||||
+ && !s->s3->send_connection_binding)
|
|
||||||
return p;
|
|
||||||
|
|
||||||
ret+=2;
|
|
||||||
@@ -315,8 +316,9 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
ret+=size_str;
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* Add the renegotiation option: TODOEKR switch */
|
|
||||||
- {
|
|
||||||
+ /* Add RI if renegotiating */
|
|
||||||
+ if (s->new_session)
|
|
||||||
+ {
|
|
||||||
int el;
|
|
||||||
|
|
||||||
if(!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0))
|
|
||||||
@@ -504,8 +506,8 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
int extdatalen=0;
|
|
||||||
unsigned char *ret = p;
|
|
||||||
|
|
||||||
- /* don't add extensions for SSLv3 */
|
|
||||||
- if (s->version == SSL3_VERSION)
|
|
||||||
+ /* don't add extensions for SSLv3, unless doing secure renegotiation */
|
|
||||||
+ if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
|
|
||||||
return p;
|
|
||||||
|
|
||||||
ret+=2;
|
|
||||||
@@ -633,24 +635,13 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
|
|
||||||
s->servername_done = 0;
|
|
||||||
s->tlsext_status_type = -1;
|
|
||||||
- s->s3->send_connection_binding = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
- {
|
|
||||||
- if (s->new_session
|
|
||||||
- && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- /* We should always see one extension: the renegotiate extension */
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
- return 1;
|
|
||||||
- }
|
|
||||||
+ goto ri_check;
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
if (data > (d+n-len))
|
|
||||||
- return 1;
|
|
||||||
+ goto ri_check;
|
|
||||||
|
|
||||||
while (data <= (d+n-4))
|
|
||||||
{
|
|
||||||
@@ -658,7 +649,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
n2s(data,size);
|
|
||||||
|
|
||||||
if (data+size > (d+n))
|
|
||||||
- return 1;
|
|
||||||
+ goto ri_check;
|
|
||||||
#if 0
|
|
||||||
fprintf(stderr,"Received extension type %d size %d\n",type,size);
|
|
||||||
#endif
|
|
||||||
@@ -971,17 +962,22 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
/* session ticket processed earlier */
|
|
||||||
data+=size;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
- if (s->new_session && !renegotiate_seen
|
|
||||||
- && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
|
|
||||||
*p = data;
|
|
||||||
+
|
|
||||||
+ ri_check:
|
|
||||||
+
|
|
||||||
+ /* Need RI if renegotiating */
|
|
||||||
+
|
|
||||||
+ if (!renegotiate_seen && s->new_session &&
|
|
||||||
+ !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
|
|
||||||
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -995,21 +991,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
int renegotiate_seen = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
- {
|
|
||||||
-#if 0
|
|
||||||
- /* Because the client does not see any renegotiation during an
|
|
||||||
- attack, we must enforce this on all server hellos, even the
|
|
||||||
- first */
|
|
||||||
- if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- /* We should always see one extension: the renegotiate extension */
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-#endif
|
|
||||||
- return 1;
|
|
||||||
- }
|
|
||||||
+ goto ri_check;
|
|
||||||
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
@@ -1019,7 +1001,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
n2s(data,size);
|
|
||||||
|
|
||||||
if (data+size > (d+n))
|
|
||||||
- return 1;
|
|
||||||
+ goto ri_check;
|
|
||||||
|
|
||||||
if (s->tlsext_debug_cb)
|
|
||||||
s->tlsext_debug_cb(s, 1, type, data, size,
|
|
||||||
@@ -1143,16 +1125,6 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-#if 0
|
|
||||||
- if (!renegotiate_seen
|
|
||||||
- && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-#endif
|
|
||||||
-
|
|
||||||
if (!s->hit && tlsext_servername == 1)
|
|
||||||
{
|
|
||||||
if (s->tlsext_hostname)
|
|
||||||
@@ -1175,6 +1147,26 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
|
|
||||||
*p = data;
|
|
||||||
+
|
|
||||||
+ ri_check:
|
|
||||||
+
|
|
||||||
+ /* Determine if we need to see RI. Strictly speaking if we want to
|
|
||||||
+ * avoid an attack we should *always* see RI even on initial server
|
|
||||||
+ * hello because the client doesn't see any renegotiation during an
|
|
||||||
+ * attack. However this would mean we could not connect to any server
|
|
||||||
+ * which doesn't support RI so for the immediate future tolerate RI
|
|
||||||
+ * absence on initial connect only.
|
|
||||||
+ */
|
|
||||||
+ if (!renegotiate_seen &&
|
|
||||||
+ (s->new_session || !(s->options & SSL_OP_LEGACY_SERVER_CONNECT))
|
|
||||||
+ && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT,
|
|
||||||
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_reneg.c.scsv openssl-1.0.0-beta4/ssl/t1_reneg.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_reneg.c.scsv 2009-11-09 19:45:42.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_reneg.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -130,10 +130,15 @@ int ssl_add_clienthello_renegotiate_ext(
|
|
||||||
|
|
||||||
memcpy(p, s->s3->previous_client_finished,
|
|
||||||
s->s3->previous_client_finished_len);
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension sent by client\n",
|
|
||||||
+ s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
*len=s->s3->previous_client_finished_len + 1;
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -166,7 +171,7 @@ int ssl_parse_clienthello_renegotiate_ex
|
|
||||||
if(ilen != s->s3->previous_client_finished_len)
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -174,9 +179,13 @@ int ssl_parse_clienthello_renegotiate_ex
|
|
||||||
s->s3->previous_client_finished_len))
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension received by server\n",
|
|
||||||
+ ilen ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
s->s3->send_connection_binding=1;
|
|
||||||
|
|
||||||
@@ -206,6 +215,10 @@ int ssl_add_serverhello_renegotiate_ext(
|
|
||||||
|
|
||||||
memcpy(p, s->s3->previous_server_finished,
|
|
||||||
s->s3->previous_server_finished_len);
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension sent by server\n",
|
|
||||||
+ s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
*len=s->s3->previous_client_finished_len
|
|
||||||
@@ -249,7 +262,7 @@ int ssl_parse_serverhello_renegotiate_ex
|
|
||||||
if(ilen != expected_len)
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -257,7 +270,7 @@ int ssl_parse_serverhello_renegotiate_ex
|
|
||||||
s->s3->previous_client_finished_len))
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
d += s->s3->previous_client_finished_len;
|
|
||||||
@@ -269,6 +282,11 @@ int ssl_parse_serverhello_renegotiate_ex
|
|
||||||
*al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension received by client\n",
|
|
||||||
+ ilen ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
+ s->s3->send_connection_binding=1;
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
@ -1,237 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/s_cb.c.reneg openssl-1.0.0-beta4/apps/s_cb.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_cb.c.reneg 2009-10-15 20:48:47.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_cb.c 2009-11-12 15:02:30.000000000 +0100
|
|
||||||
@@ -669,6 +669,10 @@ void MS_CALLBACK tlsext_cb(SSL *s, int c
|
|
||||||
extname = "server ticket";
|
|
||||||
break;
|
|
||||||
|
|
||||||
+ case TLSEXT_TYPE_renegotiate:
|
|
||||||
+ extname = "renegotiate";
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
case TLSEXT_TYPE_opaque_prf_input:
|
|
||||||
extname = "opaque PRF input";
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_client.c.reneg openssl-1.0.0-beta4/apps/s_client.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_client.c.reneg 2009-11-12 14:57:48.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_client.c 2009-11-12 15:01:48.000000000 +0100
|
|
||||||
@@ -343,6 +343,7 @@ static void sc_usage(void)
|
|
||||||
BIO_printf(bio_err," -status - request certificate status from server\n");
|
|
||||||
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
|
|
||||||
#endif
|
|
||||||
+ BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
@@ -657,6 +658,8 @@ int MAIN(int argc, char **argv)
|
|
||||||
#endif
|
|
||||||
else if (strcmp(*argv,"-serverpref") == 0)
|
|
||||||
off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
|
|
||||||
+ else if (strcmp(*argv,"-legacy_renegotiation") == 0)
|
|
||||||
+ off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
|
|
||||||
else if (strcmp(*argv,"-cipher") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_server.c.reneg openssl-1.0.0-beta4/apps/s_server.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_server.c.reneg 2009-11-12 14:57:48.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_server.c 2009-11-12 15:01:48.000000000 +0100
|
|
||||||
@@ -491,6 +491,7 @@ static void sv_usage(void)
|
|
||||||
BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2);
|
|
||||||
BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
|
|
||||||
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
|
|
||||||
+ BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1013,6 +1014,8 @@ int MAIN(int argc, char *argv[])
|
|
||||||
verify_return_error = 1;
|
|
||||||
else if (strcmp(*argv,"-serverpref") == 0)
|
|
||||||
{ off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
|
|
||||||
+ else if (strcmp(*argv,"-legacy_renegotiation") == 0)
|
|
||||||
+ off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
|
|
||||||
else if (strcmp(*argv,"-cipher") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/tls1.h.reneg openssl-1.0.0-beta4/ssl/tls1.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/tls1.h.reneg 2009-11-12 14:57:47.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/tls1.h 2009-11-12 15:02:30.000000000 +0100
|
|
||||||
@@ -201,6 +201,9 @@ extern "C" {
|
|
||||||
# define TLSEXT_TYPE_opaque_prf_input ?? */
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+/* Temporary extension type */
|
|
||||||
+#define TLSEXT_TYPE_renegotiate 0xff01
|
|
||||||
+
|
|
||||||
/* NameType value from RFC 3546 */
|
|
||||||
#define TLSEXT_NAMETYPE_host_name 0
|
|
||||||
/* status request value from RFC 3546 */
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.reneg openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.reneg 2009-11-08 15:36:32.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2009-11-12 15:02:30.000000000 +0100
|
|
||||||
@@ -315,6 +315,30 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
ret+=size_str;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ /* Add the renegotiation option: TODOEKR switch */
|
|
||||||
+ {
|
|
||||||
+ int el;
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if((limit - p - 4 - el) < 0) return NULL;
|
|
||||||
+
|
|
||||||
+ s2n(TLSEXT_TYPE_renegotiate,ret);
|
|
||||||
+ s2n(el,ret);
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ ret += el;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
{
|
|
||||||
@@ -490,6 +514,31 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
s2n(TLSEXT_TYPE_server_name,ret);
|
|
||||||
s2n(0,ret);
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if(s->s3->send_connection_binding)
|
|
||||||
+ {
|
|
||||||
+ int el;
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if((limit - p - 4 - el) < 0) return NULL;
|
|
||||||
+
|
|
||||||
+ s2n(TLSEXT_TYPE_renegotiate,ret);
|
|
||||||
+ s2n(el,ret);
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ ret += el;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
{
|
|
||||||
@@ -574,11 +623,23 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
unsigned short size;
|
|
||||||
unsigned short len;
|
|
||||||
unsigned char *data = *p;
|
|
||||||
+ int renegotiate_seen = 0;
|
|
||||||
+
|
|
||||||
s->servername_done = 0;
|
|
||||||
s->tlsext_status_type = -1;
|
|
||||||
+ s->s3->send_connection_binding = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
+ {
|
|
||||||
+ if (s->new_session
|
|
||||||
+ && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ /* We should always see one extension: the renegotiate extension */
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
return 1;
|
|
||||||
+ }
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
if (data > (d+n-len))
|
|
||||||
@@ -790,6 +851,12 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+ else if (type == TLSEXT_TYPE_renegotiate)
|
|
||||||
+ {
|
|
||||||
+ if(!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
|
|
||||||
+ return 0;
|
|
||||||
+ renegotiate_seen = 1;
|
|
||||||
+ }
|
|
||||||
else if (type == TLSEXT_TYPE_status_request
|
|
||||||
&& s->ctx->tlsext_status_cb)
|
|
||||||
{
|
|
||||||
@@ -894,6 +961,14 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
/* session ticket processed earlier */
|
|
||||||
data+=size;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if (s->new_session && !renegotiate_seen
|
|
||||||
+ && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
|
|
||||||
*p = data;
|
|
||||||
return 1;
|
|
||||||
@@ -905,11 +980,22 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
unsigned short size;
|
|
||||||
unsigned short len;
|
|
||||||
unsigned char *data = *p;
|
|
||||||
-
|
|
||||||
int tlsext_servername = 0;
|
|
||||||
+ int renegotiate_seen = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
+ {
|
|
||||||
+ /* Because the client does not see any renegotiation during an
|
|
||||||
+ attack, we must enforce this on all server hellos, even the
|
|
||||||
+ first */
|
|
||||||
+ if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ /* We should always see one extension: the renegotiate extension */
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
return 1;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
@@ -1025,7 +1111,12 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
/* Set flag to expect CertificateStatus message */
|
|
||||||
s->tlsext_status_expected = 1;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
+ else if (type == TLSEXT_TYPE_renegotiate)
|
|
||||||
+ {
|
|
||||||
+ if(!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
|
|
||||||
+ return 0;
|
|
||||||
+ renegotiate_seen = 1;
|
|
||||||
+ }
|
|
||||||
data+=size;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1035,6 +1126,13 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if (!renegotiate_seen
|
|
||||||
+ && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (!s->hit && tlsext_servername == 1)
|
|
||||||
{
|
|
||||||
if (s->tlsext_hostname)
|
|
@ -1,193 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_err.c.tls-comp openssl-1.0.0-beta4/ssl/ssl_err.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_err.c.tls-comp 2010-01-07 18:45:46.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_err.c 2010-01-07 22:46:10.000000000 +0100
|
|
||||||
@@ -329,6 +329,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
|
|
||||||
{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) ,"clienthello tlsext"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
|
|
||||||
+{ERR_REASON(SSL_R_COMPRESSION_DISABLED) ,"compression disabled"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSION_FAILURE) ,"compression failure"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),"compression id not within private range"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),"compression library error"},
|
|
||||||
@@ -357,8 +358,10 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"},
|
|
||||||
{ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"},
|
|
||||||
{ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"},
|
|
||||||
+{ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION),"inconsistent compression"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"},
|
|
||||||
+{ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),"invalid compression algorithm"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid purpose"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"},
|
|
||||||
@@ -421,6 +424,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_NULL_SSL_CTX) ,"null ssl ctx"},
|
|
||||||
{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"},
|
|
||||||
{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),"old session cipher not returned"},
|
|
||||||
+{ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),"old session compression algorithm not returned"},
|
|
||||||
{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),"only tls allowed in fips mode"},
|
|
||||||
{ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),"opaque PRF input too long"},
|
|
||||||
{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG),"packet length too long"},
|
|
||||||
@@ -451,6 +455,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),"renegotiation encoding err"},
|
|
||||||
{ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH),"renegotiation mismatch"},
|
|
||||||
{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING),"required cipher missing"},
|
|
||||||
+{ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),"required compresssion algorithm missing"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl.h.tls-comp openssl-1.0.0-beta4/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl.h.tls-comp 2010-01-07 18:45:46.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl.h 2010-01-07 22:47:07.000000000 +0100
|
|
||||||
@@ -485,7 +485,7 @@ typedef struct ssl_session_st
|
|
||||||
long timeout;
|
|
||||||
long time;
|
|
||||||
|
|
||||||
- int compress_meth; /* Need to lookup the method */
|
|
||||||
+ unsigned int compress_meth; /* Need to lookup the method */
|
|
||||||
|
|
||||||
const SSL_CIPHER *cipher;
|
|
||||||
unsigned long cipher_id; /* when ASN.1 loaded, this
|
|
||||||
@@ -2051,6 +2051,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
|
|
||||||
#define SSL_R_CLIENTHELLO_TLSEXT 226
|
|
||||||
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
|
|
||||||
+#define SSL_R_COMPRESSION_DISABLED 343
|
|
||||||
#define SSL_R_COMPRESSION_FAILURE 141
|
|
||||||
#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
|
|
||||||
#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
|
|
||||||
@@ -2079,8 +2080,10 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_HTTPS_PROXY_REQUEST 155
|
|
||||||
#define SSL_R_HTTP_REQUEST 156
|
|
||||||
#define SSL_R_ILLEGAL_PADDING 283
|
|
||||||
+#define SSL_R_INCONSISTENT_COMPRESSION 340
|
|
||||||
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
|
|
||||||
#define SSL_R_INVALID_COMMAND 280
|
|
||||||
+#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
|
|
||||||
#define SSL_R_INVALID_PURPOSE 278
|
|
||||||
#define SSL_R_INVALID_STATUS_RESPONSE 328
|
|
||||||
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
|
|
||||||
@@ -2143,6 +2146,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_NULL_SSL_CTX 195
|
|
||||||
#define SSL_R_NULL_SSL_METHOD_PASSED 196
|
|
||||||
#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
|
|
||||||
+#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
|
|
||||||
#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
|
|
||||||
#define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
|
|
||||||
#define SSL_R_PACKET_LENGTH_TOO_LONG 198
|
|
||||||
@@ -2173,6 +2177,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_RENEGOTIATION_ENCODING_ERR 336
|
|
||||||
#define SSL_R_RENEGOTIATION_MISMATCH 337
|
|
||||||
#define SSL_R_REQUIRED_CIPHER_MISSING 215
|
|
||||||
+#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
|
|
||||||
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
|
|
||||||
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
|
|
||||||
#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.tls-comp openssl-1.0.0-beta4/ssl/s3_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.tls-comp 2010-01-07 17:53:12.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2010-01-07 22:47:07.000000000 +0100
|
|
||||||
@@ -895,10 +895,31 @@ int ssl3_get_server_hello(SSL *s)
|
|
||||||
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
|
|
||||||
goto f_err;
|
|
||||||
}
|
|
||||||
+ /* If compression is disabled we'd better not try to resume a session
|
|
||||||
+ * using compression.
|
|
||||||
+ */
|
|
||||||
+ if (s->session->compress_meth != 0)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
#else
|
|
||||||
j= *(p++);
|
|
||||||
- if ((j == 0) || (s->options & SSL_OP_NO_COMPRESSION))
|
|
||||||
+ if (s->hit && j != s->session->compress_meth)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ if (j == 0)
|
|
||||||
comp=NULL;
|
|
||||||
+ else if (s->options & SSL_OP_NO_COMPRESSION)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_COMPRESSION_DISABLED);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
else
|
|
||||||
comp=ssl3_comp_find(s->ctx->comp_methods,j);
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_srvr.c.tls-comp openssl-1.0.0-beta4/ssl/s3_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_srvr.c.tls-comp 2010-01-07 17:53:12.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_srvr.c 2010-01-07 22:46:10.000000000 +0100
|
|
||||||
@@ -1088,7 +1088,50 @@ int ssl3_get_client_hello(SSL *s)
|
|
||||||
* algorithms from the client, starting at q. */
|
|
||||||
s->s3->tmp.new_compression=NULL;
|
|
||||||
#ifndef OPENSSL_NO_COMP
|
|
||||||
- if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods)
|
|
||||||
+ /* This only happens if we have a cache hit */
|
|
||||||
+ if (s->session->compress_meth != 0)
|
|
||||||
+ {
|
|
||||||
+ int m, comp_id = s->session->compress_meth;
|
|
||||||
+ /* Perform sanity checks on resumed compression algorithm */
|
|
||||||
+ /* Can't disable compression */
|
|
||||||
+ if (s->options & SSL_OP_NO_COMPRESSION)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ /* Look for resumed compression method */
|
|
||||||
+ for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++)
|
|
||||||
+ {
|
|
||||||
+ comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
|
|
||||||
+ if (comp_id == comp->id)
|
|
||||||
+ {
|
|
||||||
+ s->s3->tmp.new_compression=comp;
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ if (s->s3->tmp.new_compression == NULL)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INVALID_COMPRESSION_ALGORITHM);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ /* Look for resumed method in compression list */
|
|
||||||
+ for (m = 0; m < i; m++)
|
|
||||||
+ {
|
|
||||||
+ if (q[m] == comp_id)
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ if (m >= i)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ else if (s->hit)
|
|
||||||
+ comp = NULL;
|
|
||||||
+ else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods)
|
|
||||||
{ /* See if we have a match */
|
|
||||||
int m,nn,o,v,done=0;
|
|
||||||
|
|
||||||
@@ -1112,6 +1155,16 @@ int ssl3_get_client_hello(SSL *s)
|
|
||||||
else
|
|
||||||
comp=NULL;
|
|
||||||
}
|
|
||||||
+#else
|
|
||||||
+ /* If compression is disabled we'd better not try to resume a session
|
|
||||||
+ * using compression.
|
|
||||||
+ */
|
|
||||||
+ if (s->session->compress_meth != 0)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Given s->session->ciphers and SSL_get_ciphers, we must
|
|
@ -1,14 +0,0 @@
|
|||||||
We have to keep the beta status on 3 as some applications (OpenSSH) incorrectly insist
|
|
||||||
on having the same beta status of OpenSSL library as they were built against.
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/opensslv.h.version openssl-1.0.0-beta4/crypto/opensslv.h
|
|
||||||
--- openssl-1.0.0-beta4/crypto/opensslv.h.version 2009-11-12 15:17:28.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/opensslv.h 2009-11-13 12:39:08.000000000 +0100
|
|
||||||
@@ -25,7 +25,7 @@
|
|
||||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
|
||||||
* major minor fix final patch/beta)
|
|
||||||
*/
|
|
||||||
-#define OPENSSL_VERSION_NUMBER 0x10000004L
|
|
||||||
+#define OPENSSL_VERSION_NUMBER 0x10000003L
|
|
||||||
#ifdef OPENSSL_FIPS
|
|
||||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0-fips-beta4 10 Nov 2009"
|
|
||||||
#else
|
|
11
openssl-1.1.0-issuer-hash.patch
Normal file
11
openssl-1.1.0-issuer-hash.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
diff -up openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash openssl-1.1.0-pre5/crypto/x509/x509_cmp.c
|
||||||
|
--- openssl-1.1.0-pre5/crypto/x509/x509_cmp.c.issuer-hash 2016-07-18 15:16:32.788881100 +0200
|
||||||
|
+++ openssl-1.1.0-pre5/crypto/x509/x509_cmp.c 2016-07-18 15:17:16.671871840 +0200
|
||||||
|
@@ -87,6 +87,7 @@ unsigned long X509_issuer_and_serial_has
|
||||||
|
|
||||||
|
if (ctx == NULL)
|
||||||
|
goto err;
|
||||||
|
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
|
||||||
|
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
|
||||||
|
if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))
|
||||||
|
goto err;
|
27
openssl-1.1.1-alpn-cb.patch
Normal file
27
openssl-1.1.1-alpn-cb.patch
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
commit 9e885a707d604e9528b5491b78fb9c00f41193fc
|
||||||
|
Author: Tomas Mraz <tmraz@fedoraproject.org>
|
||||||
|
Date: Thu Mar 26 15:59:00 2020 +0100
|
||||||
|
|
||||||
|
s_server: Properly indicate ALPN protocol mismatch
|
||||||
|
|
||||||
|
Return SSL_TLSEXT_ERR_ALERT_FATAL from alpn_select_cb so that
|
||||||
|
an alert is sent to the client on ALPN protocol mismatch.
|
||||||
|
|
||||||
|
Fixes: #2708
|
||||||
|
|
||||||
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
||||||
|
(Merged from https://github.com/openssl/openssl/pull/11415)
|
||||||
|
|
||||||
|
diff --git a/apps/s_server.c b/apps/s_server.c
|
||||||
|
index bcc83e562c..591c6c19c5 100644
|
||||||
|
--- a/apps/s_server.c
|
||||||
|
+++ b/apps/s_server.c
|
||||||
|
@@ -707,7 +707,7 @@ static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
|
||||||
|
if (SSL_select_next_proto
|
||||||
|
((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in,
|
||||||
|
inlen) != OPENSSL_NPN_NEGOTIATED) {
|
||||||
|
- return SSL_TLSEXT_ERR_NOACK;
|
||||||
|
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!s_quiet) {
|
12
openssl-1.1.1-apps-dgst.patch
Normal file
12
openssl-1.1.1-apps-dgst.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up openssl-1.1.1b/apps/ca.c.dgst openssl-1.1.1b/apps/ca.c
|
||||||
|
--- openssl-1.1.1b/apps/ca.c.dgst 2019-02-26 15:15:30.000000000 +0100
|
||||||
|
+++ openssl-1.1.1b/apps/ca.c 2019-03-15 15:53:46.622267688 +0100
|
||||||
|
@@ -169,7 +169,7 @@ const OPTIONS ca_options[] = {
|
||||||
|
{"enddate", OPT_ENDDATE, 's',
|
||||||
|
"YYMMDDHHMMSSZ cert notAfter (overrides -days)"},
|
||||||
|
{"days", OPT_DAYS, 'p', "Number of days to certify the cert for"},
|
||||||
|
- {"md", OPT_MD, 's', "md to use; one of md2, md5, sha or sha1"},
|
||||||
|
+ {"md", OPT_MD, 's', "md to use; see openssl help for list"},
|
||||||
|
{"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
|
||||||
|
{"keyfile", OPT_KEYFILE, 's', "Private key"},
|
||||||
|
{"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},
|
1434
openssl-1.1.1-arm-update.patch
Normal file
1434
openssl-1.1.1-arm-update.patch
Normal file
File diff suppressed because it is too large
Load Diff
40
openssl-1.1.1-build.patch
Normal file
40
openssl-1.1.1-build.patch
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
diff -up openssl-1.1.1f/Configurations/10-main.conf.build openssl-1.1.1f/Configurations/10-main.conf
|
||||||
|
--- openssl-1.1.1f/Configurations/10-main.conf.build 2020-03-31 14:17:45.000000000 +0200
|
||||||
|
+++ openssl-1.1.1f/Configurations/10-main.conf 2020-04-07 16:42:10.920546387 +0200
|
||||||
|
@@ -678,6 +678,7 @@ my %targets = (
|
||||||
|
cxxflags => add("-m64"),
|
||||||
|
lib_cppflags => add("-DL_ENDIAN"),
|
||||||
|
perlasm_scheme => "linux64le",
|
||||||
|
+ multilib => "64",
|
||||||
|
},
|
||||||
|
|
||||||
|
"linux-armv4" => {
|
||||||
|
@@ -718,6 +719,7 @@ my %targets = (
|
||||||
|
"linux-aarch64" => {
|
||||||
|
inherit_from => [ "linux-generic64", asm("aarch64_asm") ],
|
||||||
|
perlasm_scheme => "linux64",
|
||||||
|
+ multilib => "64",
|
||||||
|
},
|
||||||
|
"linux-arm64ilp32" => { # https://wiki.linaro.org/Platform/arm64-ilp32
|
||||||
|
inherit_from => [ "linux-generic32", asm("aarch64_asm") ],
|
||||||
|
diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||||
|
--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.build 2020-04-07 16:42:10.920546387 +0200
|
||||||
|
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:44:23.539142108 +0200
|
||||||
|
@@ -823,7 +823,7 @@ uninstall_runtime_libs:
|
||||||
|
install_man_docs:
|
||||||
|
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
||||||
|
@$(ECHO) "*** Installing manpages"
|
||||||
|
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
"--destdir=$(DESTDIR)$(MANDIR)" --type=man --suffix=$(MANSUFFIX)
|
||||||
|
|
||||||
|
uninstall_man_docs:
|
||||||
|
@@ -835,7 +835,7 @@ uninstall_man_docs:
|
||||||
|
install_html_docs:
|
||||||
|
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
|
||||||
|
@$(ECHO) "*** Installing HTML manpages"
|
||||||
|
- $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
+ TZ=UTC $(PERL) $(SRCDIR)/util/process_docs.pl \
|
||||||
|
"--destdir=$(DESTDIR)$(HTMLDIR)" --type=html
|
||||||
|
|
||||||
|
uninstall_html_docs:
|
56
openssl-1.1.1-conf-paths.patch
Normal file
56
openssl-1.1.1-conf-paths.patch
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
diff -up openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths openssl-1.1.1-pre8/apps/CA.pl.in
|
||||||
|
--- openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths 2018-06-20 16:48:09.000000000 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/apps/CA.pl.in 2018-07-25 17:26:58.388624296 +0200
|
||||||
|
@@ -33,7 +33,7 @@ my $X509 = "$openssl x509";
|
||||||
|
my $PKCS12 = "$openssl pkcs12";
|
||||||
|
|
||||||
|
# default openssl.cnf file has setup as per the following
|
||||||
|
-my $CATOP = "./demoCA";
|
||||||
|
+my $CATOP = "/etc/pki/CA";
|
||||||
|
my $CAKEY = "cakey.pem";
|
||||||
|
my $CAREQ = "careq.pem";
|
||||||
|
my $CACERT = "cacert.pem";
|
||||||
|
diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/openssl.cnf
|
||||||
|
--- openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths 2018-07-25 17:26:58.378624057 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/apps/openssl.cnf 2018-07-27 13:20:08.198513471 +0200
|
||||||
|
@@ -23,6 +23,22 @@ oid_section = new_oids
|
||||||
|
# (Alternatively, use a configuration file that has only
|
||||||
|
# X.509v3 extensions in its main [= default] section.)
|
||||||
|
|
||||||
|
+# Load default TLS policy configuration
|
||||||
|
+
|
||||||
|
+openssl_conf = default_modules
|
||||||
|
+
|
||||||
|
+[ default_modules ]
|
||||||
|
+
|
||||||
|
+ssl_conf = ssl_module
|
||||||
|
+
|
||||||
|
+[ ssl_module ]
|
||||||
|
+
|
||||||
|
+system_default = crypto_policy
|
||||||
|
+
|
||||||
|
+[ crypto_policy ]
|
||||||
|
+
|
||||||
|
+.include = /etc/crypto-policies/back-ends/opensslcnf.config
|
||||||
|
+
|
||||||
|
[ new_oids ]
|
||||||
|
|
||||||
|
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
|
||||||
|
@@ -43,7 +59,7 @@ default_ca = CA_default # The default c
|
||||||
|
####################################################################
|
||||||
|
[ CA_default ]
|
||||||
|
|
||||||
|
-dir = ./demoCA # Where everything is kept
|
||||||
|
+dir = /etc/pki/CA # Where everything is kept
|
||||||
|
certs = $dir/certs # Where the issued certs are kept
|
||||||
|
crl_dir = $dir/crl # Where the issued crl are kept
|
||||||
|
database = $dir/index.txt # database index file.
|
||||||
|
@@ -329,7 +345,7 @@ default_tsa = tsa_config1 # the default
|
||||||
|
[ tsa_config1 ]
|
||||||
|
|
||||||
|
# These are used by the TSA reply generation only.
|
||||||
|
-dir = ./demoCA # TSA root directory
|
||||||
|
+dir = /etc/pki/CA # TSA root directory
|
||||||
|
serial = $dir/tsaserial # The current serial number (mandatory)
|
||||||
|
crypto_device = builtin # OpenSSL engine to use for signing
|
||||||
|
signer_cert = $dir/tsacert.pem # The TSA signing certificate
|
@ -1,17 +1,24 @@
|
|||||||
diff -up openssl-1.0.0-beta3/apps/openssl.cnf.defaults openssl-1.0.0-beta3/apps/openssl.cnf
|
diff -up openssl-1.1.1a/apps/openssl.cnf.defaults openssl-1.1.1a/apps/openssl.cnf
|
||||||
--- openssl-1.0.0-beta3/apps/openssl.cnf.defaults 2009-04-04 20:09:43.000000000 +0200
|
--- openssl-1.1.1a/apps/openssl.cnf.defaults 2018-11-20 14:35:37.000000000 +0100
|
||||||
+++ openssl-1.0.0-beta3/apps/openssl.cnf 2009-08-04 22:57:16.000000000 +0200
|
+++ openssl-1.1.1a/apps/openssl.cnf 2019-01-15 13:56:50.841719776 +0100
|
||||||
@@ -103,7 +103,8 @@ emailAddress = optional
|
@@ -74,7 +74,7 @@ cert_opt = ca_default # Certificate fi
|
||||||
|
|
||||||
|
default_days = 365 # how long to certify for
|
||||||
|
default_crl_days= 30 # how long before next CRL
|
||||||
|
-default_md = default # use public key default MD
|
||||||
|
+default_md = sha256 # use SHA-256 by default
|
||||||
|
preserve = no # keep passed DN ordering
|
||||||
|
|
||||||
|
# A few difference way of specifying how similar the request should look
|
||||||
|
@@ -106,6 +106,7 @@ emailAddress = optional
|
||||||
####################################################################
|
####################################################################
|
||||||
[ req ]
|
[ req ]
|
||||||
-default_bits = 1024
|
default_bits = 2048
|
||||||
+default_bits = 2048
|
+default_md = sha256
|
||||||
+default_md = sha1
|
|
||||||
default_keyfile = privkey.pem
|
default_keyfile = privkey.pem
|
||||||
distinguished_name = req_distinguished_name
|
distinguished_name = req_distinguished_name
|
||||||
attributes = req_attributes
|
attributes = req_attributes
|
||||||
@@ -126,17 +127,18 @@ string_mask = utf8only
|
@@ -128,17 +129,18 @@ string_mask = utf8only
|
||||||
|
|
||||||
[ req_distinguished_name ]
|
[ req_distinguished_name ]
|
||||||
countryName = Country Name (2 letter code)
|
countryName = Country Name (2 letter code)
|
||||||
@ -25,7 +32,7 @@ diff -up openssl-1.0.0-beta3/apps/openssl.cnf.defaults openssl-1.0.0-beta3/apps/
|
|||||||
+#stateOrProvinceName_default = Default Province
|
+#stateOrProvinceName_default = Default Province
|
||||||
|
|
||||||
localityName = Locality Name (eg, city)
|
localityName = Locality Name (eg, city)
|
||||||
+localityName_default = Default City
|
+localityName_default = Default City
|
||||||
|
|
||||||
0.organizationName = Organization Name (eg, company)
|
0.organizationName = Organization Name (eg, company)
|
||||||
-0.organizationName_default = Internet Widgits Pty Ltd
|
-0.organizationName_default = Internet Widgits Pty Ltd
|
||||||
@ -33,11 +40,11 @@ diff -up openssl-1.0.0-beta3/apps/openssl.cnf.defaults openssl-1.0.0-beta3/apps/
|
|||||||
|
|
||||||
# we can do this but it is not needed normally :-)
|
# we can do this but it is not needed normally :-)
|
||||||
#1.organizationName = Second Organization Name (eg, company)
|
#1.organizationName = Second Organization Name (eg, company)
|
||||||
@@ -145,7 +147,7 @@ localityName = Locality Name (eg, city
|
@@ -147,7 +149,7 @@ localityName = Locality Name (eg, city
|
||||||
organizationalUnitName = Organizational Unit Name (eg, section)
|
organizationalUnitName = Organizational Unit Name (eg, section)
|
||||||
#organizationalUnitName_default =
|
#organizationalUnitName_default =
|
||||||
|
|
||||||
-commonName = Common Name (eg, YOUR name)
|
-commonName = Common Name (e.g. server FQDN or YOUR name)
|
||||||
+commonName = Common Name (eg, your name or your server\'s hostname)
|
+commonName = Common Name (eg, your name or your server\'s hostname)
|
||||||
commonName_max = 64
|
commonName_max = 64
|
||||||
|
|
91
openssl-1.1.1-disable-ssl3.patch
Normal file
91
openssl-1.1.1-disable-ssl3.patch
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
diff -up openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_client.c
|
||||||
|
--- openssl-1.1.1-pre8/apps/s_client.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/apps/s_client.c 2018-07-16 18:16:40.070186323 +0200
|
||||||
|
@@ -1681,6 +1681,9 @@ int s_client_main(int argc, char **argv)
|
||||||
|
if (sdebug)
|
||||||
|
ssl_ctx_security_debug(ctx, sdebug);
|
||||||
|
|
||||||
|
+ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
|
||||||
|
+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+
|
||||||
|
if (!config_ctx(cctx, ssl_args, ctx))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 openssl-1.1.1-pre8/apps/s_server.c
|
||||||
|
--- openssl-1.1.1-pre8/apps/s_server.c.disable-ssl3 2018-07-16 18:08:20.000487628 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/apps/s_server.c 2018-07-16 18:17:17.300055551 +0200
|
||||||
|
@@ -1760,6 +1760,9 @@ int s_server_main(int argc, char *argv[]
|
||||||
|
if (sdebug)
|
||||||
|
ssl_ctx_security_debug(ctx, sdebug);
|
||||||
|
|
||||||
|
+ if (min_version == SSL3_VERSION && max_version == SSL3_VERSION)
|
||||||
|
+ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+
|
||||||
|
if (!config_ctx(cctx, ssl_args, ctx))
|
||||||
|
goto end;
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 openssl-1.1.1-pre8/ssl/ssl_lib.c
|
||||||
|
--- openssl-1.1.1-pre8/ssl/ssl_lib.c.disable-ssl3 2018-06-20 16:48:13.000000000 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/ssl/ssl_lib.c 2018-07-16 18:08:20.001487652 +0200
|
||||||
|
@@ -3016,6 +3016,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||||
|
*/
|
||||||
|
ret->options |= SSL_OP_NO_COMPRESSION | SSL_OP_ENABLE_MIDDLEBOX_COMPAT;
|
||||||
|
|
||||||
|
+ if (meth->version != SSL3_VERSION) {
|
||||||
|
+ /*
|
||||||
|
+ * Disable SSLv3 by default. Applications can
|
||||||
|
+ * re-enable it by configuring
|
||||||
|
+ * SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+ * or by using the SSL_CONF API.
|
||||||
|
+ */
|
||||||
|
+ ret->options |= SSL_OP_NO_SSLv3;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
ret->ext.status_type = TLSEXT_STATUSTYPE_nothing;
|
||||||
|
|
||||||
|
/*
|
||||||
|
diff -up openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 openssl-1.1.1-pre8/test/ssl_test.c
|
||||||
|
--- openssl-1.1.1-pre8/test/ssl_test.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/test/ssl_test.c 2018-07-16 18:18:34.806865121 +0200
|
||||||
|
@@ -443,6 +443,7 @@ static int test_handshake(int idx)
|
||||||
|
SSL_TEST_SERVERNAME_CB_NONE) {
|
||||||
|
if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method())))
|
||||||
|
goto err;
|
||||||
|
+ SSL_CTX_clear_options(server2_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx,
|
||||||
|
TLS_MAX_VERSION)))
|
||||||
|
goto err;
|
||||||
|
@@ -464,6 +465,8 @@ static int test_handshake(int idx)
|
||||||
|
if (!TEST_ptr(resume_server_ctx)
|
||||||
|
|| !TEST_ptr(resume_client_ctx))
|
||||||
|
goto err;
|
||||||
|
+ SSL_CTX_clear_options(resume_server_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+ SSL_CTX_clear_options(resume_client_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -477,6 +480,9 @@ static int test_handshake(int idx)
|
||||||
|
|| !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
+ SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+ SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+
|
||||||
|
if (!SSL_CTX_config(server_ctx, "server")
|
||||||
|
|| !SSL_CTX_config(client_ctx, "client")) {
|
||||||
|
goto err;
|
||||||
|
diff -up openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 openssl-1.1.1-pre8/test/ssltest_old.c
|
||||||
|
--- openssl-1.1.1-pre8/test/ssltest_old.c.disable-ssl3 2018-06-20 16:48:15.000000000 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/test/ssltest_old.c 2018-07-16 18:08:20.002487676 +0200
|
||||||
|
@@ -1358,6 +1358,11 @@ int main(int argc, char *argv[])
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ SSL_CTX_clear_options(c_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+ SSL_CTX_clear_options(s_ctx, SSL_OP_NO_SSLv3);
|
||||||
|
+ SSL_CTX_clear_options(s_ctx2, SSL_OP_NO_SSLv3);
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Since we will use low security ciphersuites and keys for testing set
|
||||||
|
* security level to zero by default. Tests can override this by adding
|
266
openssl-1.1.1-ec-curves.patch
Normal file
266
openssl-1.1.1-ec-curves.patch
Normal file
@ -0,0 +1,266 @@
|
|||||||
|
diff -up openssl-1.1.1h/apps/speed.c.curves openssl-1.1.1h/apps/speed.c
|
||||||
|
--- openssl-1.1.1h/apps/speed.c.curves 2020-09-22 14:55:07.000000000 +0200
|
||||||
|
+++ openssl-1.1.1h/apps/speed.c 2020-11-06 13:27:15.659288431 +0100
|
||||||
|
@@ -490,90 +490,30 @@ static double rsa_results[RSA_NUM][2];
|
||||||
|
#endif /* OPENSSL_NO_RSA */
|
||||||
|
|
||||||
|
enum {
|
||||||
|
- R_EC_P160,
|
||||||
|
- R_EC_P192,
|
||||||
|
R_EC_P224,
|
||||||
|
R_EC_P256,
|
||||||
|
R_EC_P384,
|
||||||
|
R_EC_P521,
|
||||||
|
-#ifndef OPENSSL_NO_EC2M
|
||||||
|
- R_EC_K163,
|
||||||
|
- R_EC_K233,
|
||||||
|
- R_EC_K283,
|
||||||
|
- R_EC_K409,
|
||||||
|
- R_EC_K571,
|
||||||
|
- R_EC_B163,
|
||||||
|
- R_EC_B233,
|
||||||
|
- R_EC_B283,
|
||||||
|
- R_EC_B409,
|
||||||
|
- R_EC_B571,
|
||||||
|
-#endif
|
||||||
|
- R_EC_BRP256R1,
|
||||||
|
- R_EC_BRP256T1,
|
||||||
|
- R_EC_BRP384R1,
|
||||||
|
- R_EC_BRP384T1,
|
||||||
|
- R_EC_BRP512R1,
|
||||||
|
- R_EC_BRP512T1,
|
||||||
|
R_EC_X25519,
|
||||||
|
R_EC_X448
|
||||||
|
};
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
static OPT_PAIR ecdsa_choices[] = {
|
||||||
|
- {"ecdsap160", R_EC_P160},
|
||||||
|
- {"ecdsap192", R_EC_P192},
|
||||||
|
{"ecdsap224", R_EC_P224},
|
||||||
|
{"ecdsap256", R_EC_P256},
|
||||||
|
{"ecdsap384", R_EC_P384},
|
||||||
|
{"ecdsap521", R_EC_P521},
|
||||||
|
-# ifndef OPENSSL_NO_EC2M
|
||||||
|
- {"ecdsak163", R_EC_K163},
|
||||||
|
- {"ecdsak233", R_EC_K233},
|
||||||
|
- {"ecdsak283", R_EC_K283},
|
||||||
|
- {"ecdsak409", R_EC_K409},
|
||||||
|
- {"ecdsak571", R_EC_K571},
|
||||||
|
- {"ecdsab163", R_EC_B163},
|
||||||
|
- {"ecdsab233", R_EC_B233},
|
||||||
|
- {"ecdsab283", R_EC_B283},
|
||||||
|
- {"ecdsab409", R_EC_B409},
|
||||||
|
- {"ecdsab571", R_EC_B571},
|
||||||
|
-# endif
|
||||||
|
- {"ecdsabrp256r1", R_EC_BRP256R1},
|
||||||
|
- {"ecdsabrp256t1", R_EC_BRP256T1},
|
||||||
|
- {"ecdsabrp384r1", R_EC_BRP384R1},
|
||||||
|
- {"ecdsabrp384t1", R_EC_BRP384T1},
|
||||||
|
- {"ecdsabrp512r1", R_EC_BRP512R1},
|
||||||
|
- {"ecdsabrp512t1", R_EC_BRP512T1}
|
||||||
|
};
|
||||||
|
# define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
|
||||||
|
|
||||||
|
static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
|
||||||
|
|
||||||
|
static const OPT_PAIR ecdh_choices[] = {
|
||||||
|
- {"ecdhp160", R_EC_P160},
|
||||||
|
- {"ecdhp192", R_EC_P192},
|
||||||
|
{"ecdhp224", R_EC_P224},
|
||||||
|
{"ecdhp256", R_EC_P256},
|
||||||
|
{"ecdhp384", R_EC_P384},
|
||||||
|
{"ecdhp521", R_EC_P521},
|
||||||
|
-# ifndef OPENSSL_NO_EC2M
|
||||||
|
- {"ecdhk163", R_EC_K163},
|
||||||
|
- {"ecdhk233", R_EC_K233},
|
||||||
|
- {"ecdhk283", R_EC_K283},
|
||||||
|
- {"ecdhk409", R_EC_K409},
|
||||||
|
- {"ecdhk571", R_EC_K571},
|
||||||
|
- {"ecdhb163", R_EC_B163},
|
||||||
|
- {"ecdhb233", R_EC_B233},
|
||||||
|
- {"ecdhb283", R_EC_B283},
|
||||||
|
- {"ecdhb409", R_EC_B409},
|
||||||
|
- {"ecdhb571", R_EC_B571},
|
||||||
|
-# endif
|
||||||
|
- {"ecdhbrp256r1", R_EC_BRP256R1},
|
||||||
|
- {"ecdhbrp256t1", R_EC_BRP256T1},
|
||||||
|
- {"ecdhbrp384r1", R_EC_BRP384R1},
|
||||||
|
- {"ecdhbrp384t1", R_EC_BRP384T1},
|
||||||
|
- {"ecdhbrp512r1", R_EC_BRP512R1},
|
||||||
|
- {"ecdhbrp512t1", R_EC_BRP512T1},
|
||||||
|
{"ecdhx25519", R_EC_X25519},
|
||||||
|
{"ecdhx448", R_EC_X448}
|
||||||
|
};
|
||||||
|
@@ -1502,31 +1442,10 @@ int speed_main(int argc, char **argv)
|
||||||
|
unsigned int bits;
|
||||||
|
} test_curves[] = {
|
||||||
|
/* Prime Curves */
|
||||||
|
- {"secp160r1", NID_secp160r1, 160},
|
||||||
|
- {"nistp192", NID_X9_62_prime192v1, 192},
|
||||||
|
{"nistp224", NID_secp224r1, 224},
|
||||||
|
{"nistp256", NID_X9_62_prime256v1, 256},
|
||||||
|
{"nistp384", NID_secp384r1, 384},
|
||||||
|
{"nistp521", NID_secp521r1, 521},
|
||||||
|
-# ifndef OPENSSL_NO_EC2M
|
||||||
|
- /* Binary Curves */
|
||||||
|
- {"nistk163", NID_sect163k1, 163},
|
||||||
|
- {"nistk233", NID_sect233k1, 233},
|
||||||
|
- {"nistk283", NID_sect283k1, 283},
|
||||||
|
- {"nistk409", NID_sect409k1, 409},
|
||||||
|
- {"nistk571", NID_sect571k1, 571},
|
||||||
|
- {"nistb163", NID_sect163r2, 163},
|
||||||
|
- {"nistb233", NID_sect233r1, 233},
|
||||||
|
- {"nistb283", NID_sect283r1, 283},
|
||||||
|
- {"nistb409", NID_sect409r1, 409},
|
||||||
|
- {"nistb571", NID_sect571r1, 571},
|
||||||
|
-# endif
|
||||||
|
- {"brainpoolP256r1", NID_brainpoolP256r1, 256},
|
||||||
|
- {"brainpoolP256t1", NID_brainpoolP256t1, 256},
|
||||||
|
- {"brainpoolP384r1", NID_brainpoolP384r1, 384},
|
||||||
|
- {"brainpoolP384t1", NID_brainpoolP384t1, 384},
|
||||||
|
- {"brainpoolP512r1", NID_brainpoolP512r1, 512},
|
||||||
|
- {"brainpoolP512t1", NID_brainpoolP512t1, 512},
|
||||||
|
/* Other and ECDH only ones */
|
||||||
|
{"X25519", NID_X25519, 253},
|
||||||
|
{"X448", NID_X448, 448}
|
||||||
|
@@ -2026,9 +1945,9 @@ int speed_main(int argc, char **argv)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
- ecdsa_c[R_EC_P160][0] = count / 1000;
|
||||||
|
- ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
|
||||||
|
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
||||||
|
+ ecdsa_c[R_EC_P224][0] = count / 1000;
|
||||||
|
+ ecdsa_c[R_EC_P224][1] = count / 1000 / 2;
|
||||||
|
+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
|
||||||
|
ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
|
||||||
|
ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
|
||||||
|
if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
|
||||||
|
@@ -2040,7 +1959,7 @@ int speed_main(int argc, char **argv)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-# ifndef OPENSSL_NO_EC2M
|
||||||
|
+# if 0
|
||||||
|
ecdsa_c[R_EC_K163][0] = count / 1000;
|
||||||
|
ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
|
||||||
|
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
||||||
|
@@ -2071,8 +1990,8 @@ int speed_main(int argc, char **argv)
|
||||||
|
}
|
||||||
|
# endif
|
||||||
|
|
||||||
|
- ecdh_c[R_EC_P160][0] = count / 1000;
|
||||||
|
- for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
||||||
|
+ ecdh_c[R_EC_P224][0] = count / 1000;
|
||||||
|
+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
|
||||||
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
||||||
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
||||||
|
ecdh_doit[i] = 0;
|
||||||
|
@@ -2082,7 +2001,7 @@ int speed_main(int argc, char **argv)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-# ifndef OPENSSL_NO_EC2M
|
||||||
|
+# if 0
|
||||||
|
ecdh_c[R_EC_K163][0] = count / 1000;
|
||||||
|
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
||||||
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
||||||
|
diff -up openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves openssl-1.1.1h/crypto/ec/ecp_smpl.c
|
||||||
|
--- openssl-1.1.1h/crypto/ec/ecp_smpl.c.curves 2020-09-22 14:55:07.000000000 +0200
|
||||||
|
+++ openssl-1.1.1h/crypto/ec/ecp_smpl.c 2020-11-06 13:27:15.659288431 +0100
|
||||||
|
@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (BN_num_bits(p) < 224) {
|
||||||
|
+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (ctx == NULL) {
|
||||||
|
ctx = new_ctx = BN_CTX_new();
|
||||||
|
if (ctx == NULL)
|
||||||
|
diff -up openssl-1.1.1h/test/ecdsatest.h.curves openssl-1.1.1h/test/ecdsatest.h
|
||||||
|
--- openssl-1.1.1h/test/ecdsatest.h.curves 2020-11-06 13:27:15.627288114 +0100
|
||||||
|
+++ openssl-1.1.1h/test/ecdsatest.h 2020-11-06 13:27:15.660288441 +0100
|
||||||
|
@@ -32,23 +32,6 @@ typedef struct {
|
||||||
|
} ecdsa_cavs_kat_t;
|
||||||
|
|
||||||
|
static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = {
|
||||||
|
- /* prime KATs from X9.62 */
|
||||||
|
- {NID_X9_62_prime192v1, NID_sha1,
|
||||||
|
- "616263", /* "abc" */
|
||||||
|
- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb",
|
||||||
|
- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e"
|
||||||
|
- "5ca5c0d69716dfcb3474373902",
|
||||||
|
- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e",
|
||||||
|
- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead",
|
||||||
|
- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"},
|
||||||
|
- {NID_X9_62_prime239v1, NID_sha1,
|
||||||
|
- "616263", /* "abc" */
|
||||||
|
- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d",
|
||||||
|
- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e"
|
||||||
|
- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee",
|
||||||
|
- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af",
|
||||||
|
- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0",
|
||||||
|
- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"},
|
||||||
|
/* prime KATs from NIST CAVP */
|
||||||
|
{NID_secp224r1, NID_sha224,
|
||||||
|
"699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1"
|
||||||
|
--- openssl-1.1.1h/test/recipes/15-test_genec.t.ec-curves 2020-11-06 13:58:36.402895540 +0100
|
||||||
|
+++ openssl-1.1.1h/test/recipes/15-test_genec.t 2020-11-06 13:59:38.508484498 +0100
|
||||||
|
@@ -20,45 +20,11 @@ plan skip_all => "This test is unsupport
|
||||||
|
if disabled("ec");
|
||||||
|
|
||||||
|
my @prime_curves = qw(
|
||||||
|
- secp112r1
|
||||||
|
- secp112r2
|
||||||
|
- secp128r1
|
||||||
|
- secp128r2
|
||||||
|
- secp160k1
|
||||||
|
- secp160r1
|
||||||
|
- secp160r2
|
||||||
|
- secp192k1
|
||||||
|
- secp224k1
|
||||||
|
secp224r1
|
||||||
|
secp256k1
|
||||||
|
secp384r1
|
||||||
|
secp521r1
|
||||||
|
- prime192v1
|
||||||
|
- prime192v2
|
||||||
|
- prime192v3
|
||||||
|
- prime239v1
|
||||||
|
- prime239v2
|
||||||
|
- prime239v3
|
||||||
|
prime256v1
|
||||||
|
- wap-wsg-idm-ecid-wtls6
|
||||||
|
- wap-wsg-idm-ecid-wtls7
|
||||||
|
- wap-wsg-idm-ecid-wtls8
|
||||||
|
- wap-wsg-idm-ecid-wtls9
|
||||||
|
- wap-wsg-idm-ecid-wtls12
|
||||||
|
- brainpoolP160r1
|
||||||
|
- brainpoolP160t1
|
||||||
|
- brainpoolP192r1
|
||||||
|
- brainpoolP192t1
|
||||||
|
- brainpoolP224r1
|
||||||
|
- brainpoolP224t1
|
||||||
|
- brainpoolP256r1
|
||||||
|
- brainpoolP256t1
|
||||||
|
- brainpoolP320r1
|
||||||
|
- brainpoolP320t1
|
||||||
|
- brainpoolP384r1
|
||||||
|
- brainpoolP384t1
|
||||||
|
- brainpoolP512r1
|
||||||
|
- brainpoolP512t1
|
||||||
|
);
|
||||||
|
|
||||||
|
my @binary_curves = qw(
|
||||||
|
@@ -115,7 +81,6 @@ push(@other_curves, 'SM2')
|
||||||
|
if !disabled("sm2");
|
||||||
|
|
||||||
|
my @curve_aliases = qw(
|
||||||
|
- P-192
|
||||||
|
P-224
|
||||||
|
P-256
|
||||||
|
P-384
|
57
openssl-1.1.1-edk2-build.patch
Normal file
57
openssl-1.1.1-edk2-build.patch
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c
|
||||||
|
--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build 2020-05-18 12:55:53.299548432 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/evp/pkey_kdf.c 2020-05-18 12:55:53.340548788 +0200
|
||||||
|
@@ -12,6 +12,7 @@
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/kdf.h>
|
||||||
|
+#include "internal/numbers.h"
|
||||||
|
#include "crypto/evp.h"
|
||||||
|
|
||||||
|
static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
|
||||||
|
diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c
|
||||||
|
--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build 2020-05-18 12:55:53.340548788 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/kdf/hkdf.c 2020-05-18 12:57:18.648288904 +0200
|
||||||
|
@@ -13,6 +13,7 @@
|
||||||
|
#include <openssl/hmac.h>
|
||||||
|
#include <openssl/kdf.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
+#include "internal/numbers.h"
|
||||||
|
#include "internal/cryptlib.h"
|
||||||
|
#include "crypto/evp.h"
|
||||||
|
#include "kdf_local.h"
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build 2020-05-18 12:56:05.646655554 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-18 12:58:51.088090896 +0200
|
||||||
|
@@ -20,7 +20,7 @@
|
||||||
|
#include "crypto/fips.h"
|
||||||
|
#include <stdio.h>
|
||||||
|
#include "internal/dso.h"
|
||||||
|
-#ifdef __linux
|
||||||
|
+#if defined(__linux) && !defined(OPENSSL_SYS_UEFI)
|
||||||
|
# include <sys/syscall.h>
|
||||||
|
# include <sys/random.h>
|
||||||
|
# ifdef DEVRANDOM_WAIT
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/fips.h.edk2-build 2020-05-18 12:55:53.296548406 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/fips.h 2020-05-18 12:55:53.340548788 +0200
|
||||||
|
@@ -50,10 +50,6 @@
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
-#ifndef OPENSSL_FIPS
|
||||||
|
-# error FIPS is disabled.
|
||||||
|
-#endif
|
||||||
|
-
|
||||||
|
#ifdef OPENSSL_FIPS
|
||||||
|
|
||||||
|
int FIPS_module_mode_set(int onoff);
|
||||||
|
@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void);
|
||||||
|
|
||||||
|
void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
|
||||||
|
|
||||||
|
+#else
|
||||||
|
+
|
||||||
|
+# define fips_in_post() 0
|
||||||
|
+
|
||||||
|
#endif
|
5238
openssl-1.1.1-evp-kdf.patch
Normal file
5238
openssl-1.1.1-evp-kdf.patch
Normal file
File diff suppressed because it is too large
Load Diff
408
openssl-1.1.1-fips-crng-test.patch
Normal file
408
openssl-1.1.1-fips-crng-test.patch
Normal file
@ -0,0 +1,408 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/rand/build.info.crng-test openssl-1.1.1g/crypto/rand/build.info
|
||||||
|
--- openssl-1.1.1g/crypto/rand/build.info.crng-test 2020-04-23 13:30:45.863389837 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:31:55.847069892 +0200
|
||||||
|
@@ -1,6 +1,6 @@
|
||||||
|
LIBS=../../libcrypto
|
||||||
|
SOURCE[../../libcrypto]=\
|
||||||
|
- randfile.c rand_lib.c rand_err.c rand_egd.c \
|
||||||
|
+ randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
||||||
|
rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
||||||
|
|
||||||
|
INCLUDE[drbg_ctr.o]=../modes
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test openssl-1.1.1g/crypto/rand/drbg_lib.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/drbg_lib.c.crng-test 2020-04-23 13:30:45.818390686 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/drbg_lib.c 2020-04-23 13:30:45.864389819 +0200
|
||||||
|
@@ -67,7 +67,7 @@ static CRYPTO_THREAD_LOCAL private_drbg;
|
||||||
|
|
||||||
|
|
||||||
|
/* NIST SP 800-90A DRBG recommends the use of a personalization string. */
|
||||||
|
-static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG";
|
||||||
|
+static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING;
|
||||||
|
|
||||||
|
static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT;
|
||||||
|
|
||||||
|
@@ -201,8 +201,13 @@ static RAND_DRBG *rand_drbg_new(int secu
|
||||||
|
drbg->parent = parent;
|
||||||
|
|
||||||
|
if (parent == NULL) {
|
||||||
|
+#ifdef OPENSSL_FIPS
|
||||||
|
+ drbg->get_entropy = rand_crngt_get_entropy;
|
||||||
|
+ drbg->cleanup_entropy = rand_crngt_cleanup_entropy;
|
||||||
|
+#else
|
||||||
|
drbg->get_entropy = rand_drbg_get_entropy;
|
||||||
|
drbg->cleanup_entropy = rand_drbg_cleanup_entropy;
|
||||||
|
+#endif
|
||||||
|
#ifndef RAND_DRBG_GET_RANDOM_NONCE
|
||||||
|
drbg->get_nonce = rand_drbg_get_nonce;
|
||||||
|
drbg->cleanup_nonce = rand_drbg_cleanup_nonce;
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test openssl-1.1.1g/crypto/rand/rand_crng_test.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/rand_crng_test.c.crng-test 2020-04-23 13:30:45.864389819 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/rand_crng_test.c 2020-04-23 13:30:45.864389819 +0200
|
||||||
|
@@ -0,0 +1,118 @@
|
||||||
|
+/*
|
||||||
|
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
|
+ *
|
||||||
|
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
|
+ * this file except in compliance with the License. You can obtain a copy
|
||||||
|
+ * in the file LICENSE in the source distribution or at
|
||||||
|
+ * https://www.openssl.org/source/license.html
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Implementation of the FIPS 140-2 section 4.9.2 Conditional Tests.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <openssl/evp.h>
|
||||||
|
+#include "crypto/rand.h"
|
||||||
|
+#include "internal/thread_once.h"
|
||||||
|
+#include "rand_local.h"
|
||||||
|
+
|
||||||
|
+static RAND_POOL *crngt_pool;
|
||||||
|
+static unsigned char crngt_prev[EVP_MAX_MD_SIZE];
|
||||||
|
+
|
||||||
|
+int (*crngt_get_entropy)(unsigned char *, unsigned char *, unsigned int *)
|
||||||
|
+ = &rand_crngt_get_entropy_cb;
|
||||||
|
+
|
||||||
|
+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
|
||||||
|
+ unsigned int *md_size)
|
||||||
|
+{
|
||||||
|
+ int r;
|
||||||
|
+ size_t n;
|
||||||
|
+ unsigned char *p;
|
||||||
|
+
|
||||||
|
+ n = rand_pool_acquire_entropy(crngt_pool);
|
||||||
|
+ if (n >= CRNGT_BUFSIZ) {
|
||||||
|
+ p = rand_pool_detach(crngt_pool);
|
||||||
|
+ r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
|
||||||
|
+ if (r != 0)
|
||||||
|
+ memcpy(buf, p, CRNGT_BUFSIZ);
|
||||||
|
+ rand_pool_reattach(crngt_pool, p);
|
||||||
|
+ return r;
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void rand_crngt_cleanup(void)
|
||||||
|
+{
|
||||||
|
+ rand_pool_free(crngt_pool);
|
||||||
|
+ crngt_pool = NULL;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int rand_crngt_init(void)
|
||||||
|
+{
|
||||||
|
+ unsigned char buf[CRNGT_BUFSIZ];
|
||||||
|
+
|
||||||
|
+ if ((crngt_pool = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL)
|
||||||
|
+ return 0;
|
||||||
|
+ if (crngt_get_entropy(buf, crngt_prev, NULL)) {
|
||||||
|
+ OPENSSL_cleanse(buf, sizeof(buf));
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ rand_crngt_cleanup();
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static CRYPTO_ONCE rand_crngt_init_flag = CRYPTO_ONCE_STATIC_INIT;
|
||||||
|
+DEFINE_RUN_ONCE_STATIC(do_rand_crngt_init)
|
||||||
|
+{
|
||||||
|
+ return OPENSSL_init_crypto(0, NULL)
|
||||||
|
+ && rand_crngt_init()
|
||||||
|
+ && OPENSSL_atexit(&rand_crngt_cleanup);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int rand_crngt_single_init(void)
|
||||||
|
+{
|
||||||
|
+ return RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
|
||||||
|
+ unsigned char **pout,
|
||||||
|
+ int entropy, size_t min_len, size_t max_len,
|
||||||
|
+ int prediction_resistance)
|
||||||
|
+{
|
||||||
|
+ unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE];
|
||||||
|
+ unsigned int sz;
|
||||||
|
+ RAND_POOL *pool;
|
||||||
|
+ size_t q, r = 0, s, t = 0;
|
||||||
|
+ int attempts = 3;
|
||||||
|
+
|
||||||
|
+ if (!RUN_ONCE(&rand_crngt_init_flag, do_rand_crngt_init))
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) {
|
||||||
|
+ s = q > sizeof(buf) ? sizeof(buf) : q;
|
||||||
|
+ if (!crngt_get_entropy(buf, md, &sz)
|
||||||
|
+ || memcmp(crngt_prev, md, sz) == 0
|
||||||
|
+ || !rand_pool_add(pool, buf, s, s * 8))
|
||||||
|
+ goto err;
|
||||||
|
+ memcpy(crngt_prev, md, sz);
|
||||||
|
+ t += s;
|
||||||
|
+ attempts++;
|
||||||
|
+ }
|
||||||
|
+ r = t;
|
||||||
|
+ *pout = rand_pool_detach(pool);
|
||||||
|
+err:
|
||||||
|
+ OPENSSL_cleanse(buf, sizeof(buf));
|
||||||
|
+ rand_pool_free(pool);
|
||||||
|
+ return r;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
|
||||||
|
+ unsigned char *out, size_t outlen)
|
||||||
|
+{
|
||||||
|
+ OPENSSL_secure_clear_free(out, outlen);
|
||||||
|
+}
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/rand_local.h.crng-test openssl-1.1.1g/crypto/rand/rand_local.h
|
||||||
|
--- openssl-1.1.1g/crypto/rand/rand_local.h.crng-test 2020-04-23 13:30:45.470397250 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/rand_local.h 2020-04-23 13:30:45.864389819 +0200
|
||||||
|
@@ -33,7 +33,15 @@
|
||||||
|
# define MASTER_RESEED_TIME_INTERVAL (60*60) /* 1 hour */
|
||||||
|
# define SLAVE_RESEED_TIME_INTERVAL (7*60) /* 7 minutes */
|
||||||
|
|
||||||
|
-
|
||||||
|
+/*
|
||||||
|
+ * The number of bytes that constitutes an atomic lump of entropy with respect
|
||||||
|
+ * to the FIPS 140-2 section 4.9.2 Conditional Tests. The size is somewhat
|
||||||
|
+ * arbitrary, the smaller the value, the less entropy is consumed on first
|
||||||
|
+ * read but the higher the probability of the test failing by accident.
|
||||||
|
+ *
|
||||||
|
+ * The value is in bytes.
|
||||||
|
+ */
|
||||||
|
+#define CRNGT_BUFSIZ 16
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Maximum input size for the DRBG (entropy, nonce, personalization string)
|
||||||
|
@@ -44,6 +52,8 @@
|
||||||
|
*/
|
||||||
|
# define DRBG_MAX_LENGTH INT32_MAX
|
||||||
|
|
||||||
|
+/* The default nonce */
|
||||||
|
+# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Maximum allocation size for RANDOM_POOL buffers
|
||||||
|
@@ -296,4 +306,22 @@ int rand_drbg_enable_locking(RAND_DRBG *
|
||||||
|
/* initializes the AES-CTR DRBG implementation */
|
||||||
|
int drbg_ctr_init(RAND_DRBG *drbg);
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * Entropy call back for the FIPS 140-2 section 4.9.2 Conditional Tests.
|
||||||
|
+ * These need to be exposed for the unit tests.
|
||||||
|
+ */
|
||||||
|
+int rand_crngt_get_entropy_cb(unsigned char *buf, unsigned char *md,
|
||||||
|
+ unsigned int *md_size);
|
||||||
|
+extern int (*crngt_get_entropy)(unsigned char *buf, unsigned char *md,
|
||||||
|
+ unsigned int *md_size);
|
||||||
|
+int rand_crngt_init(void);
|
||||||
|
+void rand_crngt_cleanup(void);
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Expose the run once initialisation function for the unit tests because.
|
||||||
|
+ * they need to restart from scratch to validate the first block is skipped
|
||||||
|
+ * properly.
|
||||||
|
+ */
|
||||||
|
+int rand_crngt_single_init(void);
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/rand.h.crng-test openssl-1.1.1g/include/crypto/rand.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/rand.h.crng-test 2020-04-23 13:30:45.824390573 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:30:45.864389819 +0200
|
||||||
|
@@ -49,6 +49,14 @@ size_t rand_drbg_get_additional_data(RAN
|
||||||
|
|
||||||
|
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
|
||||||
|
|
||||||
|
+/* CRNG test entropy filter callbacks. */
|
||||||
|
+size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
|
||||||
|
+ unsigned char **pout,
|
||||||
|
+ int entropy, size_t min_len, size_t max_len,
|
||||||
|
+ int prediction_resistance);
|
||||||
|
+void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
|
||||||
|
+ unsigned char *out, size_t outlen);
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* RAND_POOL functions
|
||||||
|
*/
|
||||||
|
diff -up openssl-1.1.1g/test/drbgtest.c.crng-test openssl-1.1.1g/test/drbgtest.c
|
||||||
|
--- openssl-1.1.1g/test/drbgtest.c.crng-test 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/test/drbgtest.c 2020-04-23 13:30:45.865389800 +0200
|
||||||
|
@@ -150,6 +150,31 @@ static size_t kat_nonce(RAND_DRBG *drbg,
|
||||||
|
return t->noncelen;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /*
|
||||||
|
+ * Disable CRNG testing if it is enabled.
|
||||||
|
+ * If the DRBG is ready or in an error state, this means an instantiate cycle
|
||||||
|
+ * for which the default personalisation string is used.
|
||||||
|
+ */
|
||||||
|
+static int disable_crngt(RAND_DRBG *drbg)
|
||||||
|
+{
|
||||||
|
+ static const char pers[] = DRBG_DEFAULT_PERS_STRING;
|
||||||
|
+ const int instantiate = drbg->state != DRBG_UNINITIALISED;
|
||||||
|
+
|
||||||
|
+ if (drbg->get_entropy != rand_crngt_get_entropy)
|
||||||
|
+ return 1;
|
||||||
|
+
|
||||||
|
+ if ((instantiate && !RAND_DRBG_uninstantiate(drbg))
|
||||||
|
+ || !TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_drbg_get_entropy,
|
||||||
|
+ &rand_drbg_cleanup_entropy,
|
||||||
|
+ &rand_drbg_get_nonce,
|
||||||
|
+ &rand_drbg_cleanup_nonce))
|
||||||
|
+ || (instantiate
|
||||||
|
+ && !RAND_DRBG_instantiate(drbg, (const unsigned char *)pers,
|
||||||
|
+ sizeof(pers) - 1)))
|
||||||
|
+ return 0;
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static int uninstantiate(RAND_DRBG *drbg)
|
||||||
|
{
|
||||||
|
int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg);
|
||||||
|
@@ -175,7 +200,8 @@ static int single_kat(DRBG_SELFTEST_DATA
|
||||||
|
if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
|
||||||
|
return 0;
|
||||||
|
if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||||
|
- kat_nonce, NULL))) {
|
||||||
|
+ kat_nonce, NULL))
|
||||||
|
+ || !TEST_true(disable_crngt(drbg))) {
|
||||||
|
failures++;
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
@@ -293,7 +319,8 @@ static int error_check(DRBG_SELFTEST_DAT
|
||||||
|
unsigned int reseed_counter_tmp;
|
||||||
|
int ret = 0;
|
||||||
|
|
||||||
|
- if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)))
|
||||||
|
+ if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))
|
||||||
|
+ || !TEST_true(disable_crngt(drbg)))
|
||||||
|
goto err;
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -740,6 +767,10 @@ static int test_rand_drbg_reseed(void)
|
||||||
|
|| !TEST_ptr_eq(private->parent, master))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
+ /* Disable CRNG testing for the master DRBG */
|
||||||
|
+ if (!TEST_true(disable_crngt(master)))
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
/* uninstantiate the three global DRBGs */
|
||||||
|
RAND_DRBG_uninstantiate(private);
|
||||||
|
RAND_DRBG_uninstantiate(public);
|
||||||
|
@@ -964,7 +995,8 @@ static int test_rand_seed(void)
|
||||||
|
size_t rand_buflen;
|
||||||
|
size_t required_seed_buflen = 0;
|
||||||
|
|
||||||
|
- if (!TEST_ptr(master = RAND_DRBG_get0_master()))
|
||||||
|
+ if (!TEST_ptr(master = RAND_DRBG_get0_master())
|
||||||
|
+ || !TEST_true(disable_crngt(master)))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
#ifdef OPENSSL_RAND_SEED_NONE
|
||||||
|
@@ -1013,6 +1045,95 @@ static int test_rand_add(void)
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * A list of the FIPS DRGB types.
|
||||||
|
+ */
|
||||||
|
+static const struct s_drgb_types {
|
||||||
|
+ int nid;
|
||||||
|
+ int flags;
|
||||||
|
+} drgb_types[] = {
|
||||||
|
+ { NID_aes_128_ctr, 0 },
|
||||||
|
+ { NID_aes_192_ctr, 0 },
|
||||||
|
+ { NID_aes_256_ctr, 0 },
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+/* Six cases for each covers seed sizes up to 32 bytes */
|
||||||
|
+static const size_t crngt_num_cases = 6;
|
||||||
|
+
|
||||||
|
+static size_t crngt_case, crngt_idx;
|
||||||
|
+
|
||||||
|
+static int crngt_entropy_cb(unsigned char *buf, unsigned char *md,
|
||||||
|
+ unsigned int *md_size)
|
||||||
|
+{
|
||||||
|
+ size_t i, z;
|
||||||
|
+
|
||||||
|
+ if (!TEST_int_lt(crngt_idx, crngt_num_cases))
|
||||||
|
+ return 0;
|
||||||
|
+ /* Generate a block of unique data unless this is the duplication point */
|
||||||
|
+ z = crngt_idx++;
|
||||||
|
+ if (z > 0 && crngt_case == z)
|
||||||
|
+ z--;
|
||||||
|
+ for (i = 0; i < CRNGT_BUFSIZ; i++)
|
||||||
|
+ buf[i] = (unsigned char)(i + 'A' + z);
|
||||||
|
+ return EVP_Digest(buf, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int test_crngt(int n)
|
||||||
|
+{
|
||||||
|
+ const struct s_drgb_types *dt = drgb_types + n / crngt_num_cases;
|
||||||
|
+ RAND_DRBG *drbg = NULL;
|
||||||
|
+ unsigned char buff[100];
|
||||||
|
+ size_t ent;
|
||||||
|
+ int res = 0;
|
||||||
|
+ int expect;
|
||||||
|
+
|
||||||
|
+ if (!TEST_true(rand_crngt_single_init()))
|
||||||
|
+ return 0;
|
||||||
|
+ rand_crngt_cleanup();
|
||||||
|
+
|
||||||
|
+ if (!TEST_ptr(drbg = RAND_DRBG_new(dt->nid, dt->flags, NULL)))
|
||||||
|
+ return 0;
|
||||||
|
+ ent = (drbg->min_entropylen + CRNGT_BUFSIZ - 1) / CRNGT_BUFSIZ;
|
||||||
|
+ crngt_case = n % crngt_num_cases;
|
||||||
|
+ crngt_idx = 0;
|
||||||
|
+ crngt_get_entropy = &crngt_entropy_cb;
|
||||||
|
+ if (!TEST_true(rand_crngt_init()))
|
||||||
|
+ goto err;
|
||||||
|
+#ifndef OPENSSL_FIPS
|
||||||
|
+ if (!TEST_true(RAND_DRBG_set_callbacks(drbg, &rand_crngt_get_entropy,
|
||||||
|
+ &rand_crngt_cleanup_entropy,
|
||||||
|
+ &rand_drbg_get_nonce,
|
||||||
|
+ &rand_drbg_cleanup_nonce)))
|
||||||
|
+ goto err;
|
||||||
|
+#endif
|
||||||
|
+ expect = crngt_case == 0 || crngt_case > ent;
|
||||||
|
+ if (!TEST_int_eq(RAND_DRBG_instantiate(drbg, NULL, 0), expect))
|
||||||
|
+ goto err;
|
||||||
|
+ if (!expect)
|
||||||
|
+ goto fin;
|
||||||
|
+ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0)))
|
||||||
|
+ goto err;
|
||||||
|
+
|
||||||
|
+ expect = crngt_case == 0 || crngt_case > 2 * ent;
|
||||||
|
+ if (!TEST_int_eq(RAND_DRBG_reseed(drbg, NULL, 0, 0), expect))
|
||||||
|
+ goto err;
|
||||||
|
+ if (!expect)
|
||||||
|
+ goto fin;
|
||||||
|
+ if (!TEST_true(RAND_DRBG_generate(drbg, buff, sizeof(buff), 0, NULL, 0)))
|
||||||
|
+ goto err;
|
||||||
|
+
|
||||||
|
+fin:
|
||||||
|
+ res = 1;
|
||||||
|
+err:
|
||||||
|
+ if (!res)
|
||||||
|
+ TEST_note("DRBG %zd case %zd block %zd", n / crngt_num_cases,
|
||||||
|
+ crngt_case, crngt_idx);
|
||||||
|
+ uninstantiate(drbg);
|
||||||
|
+ RAND_DRBG_free(drbg);
|
||||||
|
+ crngt_get_entropy = &rand_crngt_get_entropy_cb;
|
||||||
|
+ return res;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
int setup_tests(void)
|
||||||
|
{
|
||||||
|
app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
|
||||||
|
@@ -1025,5 +1146,6 @@ int setup_tests(void)
|
||||||
|
#if defined(OPENSSL_THREADS)
|
||||||
|
ADD_TEST(test_multi_thread);
|
||||||
|
#endif
|
||||||
|
+ ADD_ALL_TESTS(test_crngt, crngt_num_cases * OSSL_NELEM(drgb_types));
|
||||||
|
return 1;
|
||||||
|
}
|
200
openssl-1.1.1-fips-curves.patch
Normal file
200
openssl-1.1.1-fips-curves.patch
Normal file
@ -0,0 +1,200 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves openssl-1.1.1g/crypto/ec/ec_curve.c
|
||||||
|
--- openssl-1.1.1g/crypto/ec/ec_curve.c.fips-curves 2020-05-18 12:59:54.839643980 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/ec/ec_curve.c 2020-05-18 12:59:54.852644093 +0200
|
||||||
|
@@ -13,6 +13,7 @@
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/obj_mac.h>
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
+#include <openssl/crypto.h>
|
||||||
|
#include "internal/nelem.h"
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
@@ -237,6 +238,7 @@ static const struct {
|
||||||
|
|
||||||
|
typedef struct _ec_list_element_st {
|
||||||
|
int nid;
|
||||||
|
+ int fips_allowed;
|
||||||
|
const EC_CURVE_DATA *data;
|
||||||
|
const EC_METHOD *(*meth) (void);
|
||||||
|
const char *comment;
|
||||||
|
@@ -246,23 +248,23 @@ static const ec_list_element curve_list[
|
||||||
|
/* prime field curves */
|
||||||
|
/* secg curves */
|
||||||
|
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
- {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||||
|
+ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
|
||||||
|
"NIST/SECG curve over a 224 bit prime field"},
|
||||||
|
#else
|
||||||
|
- {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
|
||||||
|
+ {NID_secp224r1, 1, &_EC_NIST_PRIME_224.h, 0,
|
||||||
|
"NIST/SECG curve over a 224 bit prime field"},
|
||||||
|
#endif
|
||||||
|
- {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
|
||||||
|
+ {NID_secp256k1, 0, &_EC_SECG_PRIME_256K1.h, 0,
|
||||||
|
"SECG curve over a 256 bit prime field"},
|
||||||
|
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
|
||||||
|
- {NID_secp384r1, &_EC_NIST_PRIME_384.h,
|
||||||
|
+ {NID_secp384r1, 1, &_EC_NIST_PRIME_384.h,
|
||||||
|
# if defined(S390X_EC_ASM)
|
||||||
|
EC_GFp_s390x_nistp384_method,
|
||||||
|
# else
|
||||||
|
0,
|
||||||
|
# endif
|
||||||
|
"NIST/SECG curve over a 384 bit prime field"},
|
||||||
|
- {NID_secp521r1, &_EC_NIST_PRIME_521.h,
|
||||||
|
+ {NID_secp521r1, 1, &_EC_NIST_PRIME_521.h,
|
||||||
|
# if defined(S390X_EC_ASM)
|
||||||
|
EC_GFp_s390x_nistp521_method,
|
||||||
|
# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
|
||||||
|
@@ -272,7 +274,7 @@ static const ec_list_element curve_list[
|
||||||
|
# endif
|
||||||
|
"NIST/SECG curve over a 521 bit prime field"},
|
||||||
|
/* X9.62 curves */
|
||||||
|
- {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
|
||||||
|
+ {NID_X9_62_prime256v1, 1, &_EC_X9_62_PRIME_256V1.h,
|
||||||
|
#if defined(ECP_NISTZ256_ASM)
|
||||||
|
EC_GFp_nistz256_method,
|
||||||
|
# elif defined(S390X_EC_ASM)
|
||||||
|
@@ -404,6 +406,10 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int
|
||||||
|
|
||||||
|
for (i = 0; i < curve_list_length; i++)
|
||||||
|
if (curve_list[i].nid == nid) {
|
||||||
|
+ if (!curve_list[i].fips_allowed && FIPS_mode()) {
|
||||||
|
+ ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_NOT_A_NIST_PRIME);
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
ret = ec_group_new_from_data(curve_list[i]);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
@@ -418,19 +424,31 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int
|
||||||
|
|
||||||
|
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
|
||||||
|
{
|
||||||
|
- size_t i, min;
|
||||||
|
+ size_t i, j, num;
|
||||||
|
+ int fips_mode = FIPS_mode();
|
||||||
|
|
||||||
|
- if (r == NULL || nitems == 0)
|
||||||
|
- return curve_list_length;
|
||||||
|
+ num = curve_list_length;
|
||||||
|
+ if (fips_mode)
|
||||||
|
+ for (i = 0; i < curve_list_length; i++) {
|
||||||
|
+ if (!curve_list[i].fips_allowed)
|
||||||
|
+ --num;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- min = nitems < curve_list_length ? nitems : curve_list_length;
|
||||||
|
+ if (r == NULL || nitems == 0) {
|
||||||
|
+ return num;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- for (i = 0; i < min; i++) {
|
||||||
|
- r[i].nid = curve_list[i].nid;
|
||||||
|
- r[i].comment = curve_list[i].comment;
|
||||||
|
+ for (i = 0, j = 0; i < curve_list_length; i++) {
|
||||||
|
+ if (j >= nitems)
|
||||||
|
+ break;
|
||||||
|
+ if (!fips_mode || curve_list[i].fips_allowed) {
|
||||||
|
+ r[j].nid = curve_list[i].nid;
|
||||||
|
+ r[j].comment = curve_list[i].comment;
|
||||||
|
+ ++j;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
- return curve_list_length;
|
||||||
|
+ return num;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Functions to translate between common NIST curve names and NIDs */
|
||||||
|
diff -up openssl-1.1.1g/ssl/t1_lib.c.fips-curves openssl-1.1.1g/ssl/t1_lib.c
|
||||||
|
--- openssl-1.1.1g/ssl/t1_lib.c.fips-curves 2020-05-18 12:59:54.797643616 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/t1_lib.c 2020-05-18 13:03:54.748725463 +0200
|
||||||
|
@@ -678,6 +678,36 @@ static const uint16_t tls12_sigalgs[] =
|
||||||
|
#endif
|
||||||
|
};
|
||||||
|
|
||||||
|
+static const uint16_t tls12_fips_sigalgs[] = {
|
||||||
|
+#ifndef OPENSSL_NO_EC
|
||||||
|
+ TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
|
||||||
|
+ TLSEXT_SIGALG_ecdsa_secp384r1_sha384,
|
||||||
|
+ TLSEXT_SIGALG_ecdsa_secp521r1_sha512,
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+ TLSEXT_SIGALG_rsa_pss_pss_sha256,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pss_pss_sha384,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pss_pss_sha512,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pss_rsae_sha256,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pss_rsae_sha384,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pss_rsae_sha512,
|
||||||
|
+
|
||||||
|
+ TLSEXT_SIGALG_rsa_pkcs1_sha256,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pkcs1_sha384,
|
||||||
|
+ TLSEXT_SIGALG_rsa_pkcs1_sha512,
|
||||||
|
+
|
||||||
|
+#ifndef OPENSSL_NO_EC
|
||||||
|
+ TLSEXT_SIGALG_ecdsa_sha224,
|
||||||
|
+#endif
|
||||||
|
+ TLSEXT_SIGALG_rsa_pkcs1_sha224,
|
||||||
|
+#ifndef OPENSSL_NO_DSA
|
||||||
|
+ TLSEXT_SIGALG_dsa_sha224,
|
||||||
|
+ TLSEXT_SIGALG_dsa_sha256,
|
||||||
|
+ TLSEXT_SIGALG_dsa_sha384,
|
||||||
|
+ TLSEXT_SIGALG_dsa_sha512,
|
||||||
|
+#endif
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
static const uint16_t suiteb_sigalgs[] = {
|
||||||
|
TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
|
||||||
|
@@ -894,6 +924,8 @@ static const SIGALG_LOOKUP *tls1_get_leg
|
||||||
|
}
|
||||||
|
if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg))
|
||||||
|
return NULL;
|
||||||
|
+ if (FIPS_mode()) /* We do not allow legacy SHA1 signatures in FIPS mode */
|
||||||
|
+ return NULL;
|
||||||
|
if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
|
||||||
|
const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(tls_default_sigalg[idx]);
|
||||||
|
|
||||||
|
@@ -954,6 +986,9 @@ size_t tls12_get_psigalgs(SSL *s, int se
|
||||||
|
} else if (s->cert->conf_sigalgs) {
|
||||||
|
*psigs = s->cert->conf_sigalgs;
|
||||||
|
return s->cert->conf_sigalgslen;
|
||||||
|
+ } else if (FIPS_mode()) {
|
||||||
|
+ *psigs = tls12_fips_sigalgs;
|
||||||
|
+ return OSSL_NELEM(tls12_fips_sigalgs);
|
||||||
|
} else {
|
||||||
|
*psigs = tls12_sigalgs;
|
||||||
|
return OSSL_NELEM(tls12_sigalgs);
|
||||||
|
@@ -973,6 +1008,9 @@ int tls_check_sigalg_curve(const SSL *s,
|
||||||
|
if (s->cert->conf_sigalgs) {
|
||||||
|
sigs = s->cert->conf_sigalgs;
|
||||||
|
siglen = s->cert->conf_sigalgslen;
|
||||||
|
+ } else if (FIPS_mode()) {
|
||||||
|
+ sigs = tls12_fips_sigalgs;
|
||||||
|
+ siglen = OSSL_NELEM(tls12_fips_sigalgs);
|
||||||
|
} else {
|
||||||
|
sigs = tls12_sigalgs;
|
||||||
|
siglen = OSSL_NELEM(tls12_sigalgs);
|
||||||
|
@@ -1617,6 +1655,8 @@ static int tls12_sigalg_allowed(const SS
|
||||||
|
if (lu->sig == NID_id_GostR3410_2012_256
|
||||||
|
|| lu->sig == NID_id_GostR3410_2012_512
|
||||||
|
|| lu->sig == NID_id_GostR3410_2001) {
|
||||||
|
+ if (FIPS_mode())
|
||||||
|
+ return 0;
|
||||||
|
/* We never allow GOST sig algs on the server with TLSv1.3 */
|
||||||
|
if (s->server && SSL_IS_TLS13(s))
|
||||||
|
return 0;
|
||||||
|
@@ -2842,6 +2882,13 @@ int tls_choose_sigalg(SSL *s, int fatale
|
||||||
|
const uint16_t *sent_sigs;
|
||||||
|
size_t sent_sigslen;
|
||||||
|
|
||||||
|
+ if (fatalerrs && FIPS_mode()) {
|
||||||
|
+ /* There are no suitable legacy algorithms in FIPS mode */
|
||||||
|
+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
|
||||||
|
+ SSL_F_TLS_CHOOSE_SIGALG,
|
||||||
|
+ SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
if ((lu = tls1_get_legacy_sigalg(s, -1)) == NULL) {
|
||||||
|
if (!fatalerrs)
|
||||||
|
return 1;
|
2731
openssl-1.1.1-fips-dh.patch
Normal file
2731
openssl-1.1.1-fips-dh.patch
Normal file
File diff suppressed because it is too large
Load Diff
587
openssl-1.1.1-fips-drbg-selftest.patch
Normal file
587
openssl-1.1.1-fips-drbg-selftest.patch
Normal file
@ -0,0 +1,587 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest openssl-1.1.1g/crypto/fips/fips_post.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_post.c.drbg-selftest 2020-04-23 13:33:12.500624151 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-04-23 13:33:12.618621925 +0200
|
||||||
|
@@ -67,12 +67,18 @@
|
||||||
|
|
||||||
|
# include <openssl/fips.h>
|
||||||
|
# include "crypto/fips.h"
|
||||||
|
+# include "crypto/rand.h"
|
||||||
|
# include "fips_locl.h"
|
||||||
|
|
||||||
|
/* Run all selftests */
|
||||||
|
int FIPS_selftest(void)
|
||||||
|
{
|
||||||
|
int rv = 1;
|
||||||
|
+ if (!rand_drbg_selftest()) {
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_SELFTEST, FIPS_R_TEST_FAILURE);
|
||||||
|
+ ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
|
||||||
|
+ rv = 0;
|
||||||
|
+ }
|
||||||
|
if (!FIPS_selftest_drbg())
|
||||||
|
rv = 0;
|
||||||
|
if (!FIPS_selftest_sha1())
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/build.info.drbg-selftest openssl-1.1.1g/crypto/rand/build.info
|
||||||
|
--- openssl-1.1.1g/crypto/rand/build.info.drbg-selftest 2020-04-23 13:33:12.619621907 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/build.info 2020-04-23 13:34:10.857523497 +0200
|
||||||
|
@@ -1,6 +1,6 @@
|
||||||
|
LIBS=../../libcrypto
|
||||||
|
SOURCE[../../libcrypto]=\
|
||||||
|
randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
|
||||||
|
- rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c
|
||||||
|
+ rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c drbg_selftest.c
|
||||||
|
|
||||||
|
INCLUDE[drbg_ctr.o]=../modes
|
||||||
|
diff -up openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest openssl-1.1.1g/crypto/rand/drbg_selftest.c
|
||||||
|
--- openssl-1.1.1g/crypto/rand/drbg_selftest.c.drbg-selftest 2020-04-23 13:33:12.619621907 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/rand/drbg_selftest.c 2020-04-23 13:33:12.619621907 +0200
|
||||||
|
@@ -0,0 +1,537 @@
|
||||||
|
+/*
|
||||||
|
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
+ *
|
||||||
|
+ * Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
+ * this file except in compliance with the License. You can obtain a copy
|
||||||
|
+ * in the file LICENSE in the source distribution or at
|
||||||
|
+ * https://www.openssl.org/source/license.html
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <stddef.h>
|
||||||
|
+#include "internal/nelem.h"
|
||||||
|
+#include <openssl/crypto.h>
|
||||||
|
+#include <openssl/err.h>
|
||||||
|
+#include <openssl/rand_drbg.h>
|
||||||
|
+#include <openssl/obj_mac.h>
|
||||||
|
+#include "internal/thread_once.h"
|
||||||
|
+#include "crypto/rand.h"
|
||||||
|
+
|
||||||
|
+typedef struct test_ctx_st {
|
||||||
|
+ const unsigned char *entropy;
|
||||||
|
+ size_t entropylen;
|
||||||
|
+ int entropycnt;
|
||||||
|
+ const unsigned char *nonce;
|
||||||
|
+ size_t noncelen;
|
||||||
|
+ int noncecnt;
|
||||||
|
+} TEST_CTX;
|
||||||
|
+
|
||||||
|
+static int app_data_index = -1;
|
||||||
|
+static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT;
|
||||||
|
+DEFINE_RUN_ONCE_STATIC(drbg_app_data_index_init)
|
||||||
|
+{
|
||||||
|
+ app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
|
||||||
|
+
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+enum drbg_kat_type {
|
||||||
|
+ NO_RESEED,
|
||||||
|
+ PR_FALSE,
|
||||||
|
+ PR_TRUE
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+enum drbg_df {
|
||||||
|
+ USE_DF,
|
||||||
|
+ NO_DF,
|
||||||
|
+ NA
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+struct drbg_kat_no_reseed {
|
||||||
|
+ size_t count;
|
||||||
|
+ const unsigned char *entropyin;
|
||||||
|
+ const unsigned char *nonce;
|
||||||
|
+ const unsigned char *persstr;
|
||||||
|
+ const unsigned char *addin1;
|
||||||
|
+ const unsigned char *addin2;
|
||||||
|
+ const unsigned char *retbytes;
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+struct drbg_kat_pr_false {
|
||||||
|
+ size_t count;
|
||||||
|
+ const unsigned char *entropyin;
|
||||||
|
+ const unsigned char *nonce;
|
||||||
|
+ const unsigned char *persstr;
|
||||||
|
+ const unsigned char *entropyinreseed;
|
||||||
|
+ const unsigned char *addinreseed;
|
||||||
|
+ const unsigned char *addin1;
|
||||||
|
+ const unsigned char *addin2;
|
||||||
|
+ const unsigned char *retbytes;
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+struct drbg_kat_pr_true {
|
||||||
|
+ size_t count;
|
||||||
|
+ const unsigned char *entropyin;
|
||||||
|
+ const unsigned char *nonce;
|
||||||
|
+ const unsigned char *persstr;
|
||||||
|
+ const unsigned char *entropyinpr1;
|
||||||
|
+ const unsigned char *addin1;
|
||||||
|
+ const unsigned char *entropyinpr2;
|
||||||
|
+ const unsigned char *addin2;
|
||||||
|
+ const unsigned char *retbytes;
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+struct drbg_kat {
|
||||||
|
+ enum drbg_kat_type type;
|
||||||
|
+ enum drbg_df df;
|
||||||
|
+ int nid;
|
||||||
|
+
|
||||||
|
+ size_t entropyinlen;
|
||||||
|
+ size_t noncelen;
|
||||||
|
+ size_t persstrlen;
|
||||||
|
+ size_t addinlen;
|
||||||
|
+ size_t retbyteslen;
|
||||||
|
+
|
||||||
|
+ const void *t;
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Excerpt from test/drbg_cavs_data.c
|
||||||
|
+ * DRBG test vectors from:
|
||||||
|
+ * https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+static const unsigned char kat1308_entropyin[] = {
|
||||||
|
+ 0x7c, 0x5d, 0x90, 0x70, 0x3b, 0x8a, 0xc7, 0x0f, 0x23, 0x73, 0x24, 0x9c,
|
||||||
|
+ 0xa7, 0x15, 0x41, 0x71, 0x7a, 0x31, 0xea, 0x32, 0xfc, 0x28, 0x0d, 0xd7,
|
||||||
|
+ 0x5b, 0x09, 0x01, 0x98, 0x1b, 0xe2, 0xa5, 0x53, 0xd9, 0x05, 0x32, 0x97,
|
||||||
|
+ 0xec, 0xbe, 0x86, 0xfd, 0x1c, 0x1c, 0x71, 0x4c, 0x52, 0x29, 0x9e, 0x52,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1308_nonce[] = {0};
|
||||||
|
+static const unsigned char kat1308_persstr[] = {
|
||||||
|
+ 0xdc, 0x07, 0x2f, 0x68, 0xfa, 0x77, 0x03, 0x23, 0x42, 0xb0, 0xf5, 0xa2,
|
||||||
|
+ 0xd9, 0xad, 0xa1, 0xd0, 0xad, 0xa2, 0x14, 0xb4, 0xd0, 0x8e, 0xfb, 0x39,
|
||||||
|
+ 0xdd, 0xc2, 0xac, 0xfb, 0x98, 0xdf, 0x7f, 0xce, 0x4c, 0x75, 0x56, 0x45,
|
||||||
|
+ 0xcd, 0x86, 0x93, 0x74, 0x90, 0x6e, 0xf6, 0x9e, 0x85, 0x7e, 0xfb, 0xc3,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1308_addin0[] = {
|
||||||
|
+ 0x52, 0x25, 0xc4, 0x2f, 0x03, 0xce, 0x29, 0x71, 0xc5, 0x0b, 0xc3, 0x4e,
|
||||||
|
+ 0xad, 0x8d, 0x6f, 0x17, 0x82, 0xe1, 0xf3, 0xfd, 0xfd, 0x9b, 0x94, 0x9a,
|
||||||
|
+ 0x1d, 0xac, 0xd0, 0xd4, 0x3f, 0x2b, 0xe3, 0xab, 0x7c, 0x3d, 0x3e, 0x5a,
|
||||||
|
+ 0x68, 0xbb, 0xa4, 0x74, 0x68, 0x1a, 0xc6, 0x27, 0xff, 0xe0, 0xc0, 0x6c,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1308_addin1[] = {
|
||||||
|
+ 0xdc, 0x91, 0xd7, 0xb7, 0xb9, 0x94, 0x79, 0x0f, 0x06, 0xc4, 0x70, 0x19,
|
||||||
|
+ 0x33, 0x25, 0x7c, 0x96, 0x01, 0xa0, 0x62, 0xb0, 0x50, 0xe6, 0xc0, 0x3a,
|
||||||
|
+ 0x56, 0x8f, 0xc5, 0x50, 0x48, 0xc6, 0xf4, 0x49, 0xe5, 0x70, 0x16, 0x2e,
|
||||||
|
+ 0xae, 0xf2, 0x99, 0xb4, 0x2d, 0x70, 0x18, 0x16, 0xcd, 0xe0, 0x24, 0xe4,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1308_retbits[] = {
|
||||||
|
+ 0xde, 0xf8, 0x91, 0x1b, 0xf1, 0xe1, 0xa9, 0x97, 0xd8, 0x61, 0x84, 0xe2,
|
||||||
|
+ 0xdb, 0x83, 0x3e, 0x60, 0x45, 0xcd, 0xc8, 0x66, 0x93, 0x28, 0xc8, 0x92,
|
||||||
|
+ 0xbc, 0x25, 0xae, 0xe8, 0xb0, 0xed, 0xed, 0x16, 0x3d, 0xa5, 0xf9, 0x0f,
|
||||||
|
+ 0xb3, 0x72, 0x08, 0x84, 0xac, 0x3c, 0x3b, 0xaa, 0x5f, 0xf9, 0x7d, 0x63,
|
||||||
|
+ 0x3e, 0xde, 0x59, 0x37, 0x0e, 0x40, 0x12, 0x2b, 0xbc, 0x6c, 0x96, 0x53,
|
||||||
|
+ 0x26, 0x32, 0xd0, 0xb8,
|
||||||
|
+};
|
||||||
|
+static const struct drbg_kat_no_reseed kat1308_t = {
|
||||||
|
+ 2, kat1308_entropyin, kat1308_nonce, kat1308_persstr,
|
||||||
|
+ kat1308_addin0, kat1308_addin1, kat1308_retbits
|
||||||
|
+};
|
||||||
|
+static const struct drbg_kat kat1308 = {
|
||||||
|
+ NO_RESEED, NO_DF, NID_aes_256_ctr, 48, 0, 48, 48, 64, &kat1308_t
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+static const unsigned char kat1465_entropyin[] = {
|
||||||
|
+ 0xc9, 0x96, 0x3a, 0x15, 0x51, 0x76, 0x4f, 0xe0, 0x45, 0x82, 0x8a, 0x64,
|
||||||
|
+ 0x87, 0xbe, 0xaa, 0xc0,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1465_nonce[] = {
|
||||||
|
+ 0x08, 0xcd, 0x69, 0x39, 0xf8, 0x58, 0x9a, 0x85,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1465_persstr[] = {0};
|
||||||
|
+static const unsigned char kat1465_entropyinreseed[] = {
|
||||||
|
+ 0x16, 0xcc, 0x35, 0x15, 0xb1, 0x17, 0xf5, 0x33, 0x80, 0x9a, 0x80, 0xc5,
|
||||||
|
+ 0x1f, 0x4b, 0x7b, 0x51,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1465_addinreseed[] = {
|
||||||
|
+ 0xf5, 0x3d, 0xf1, 0x2e, 0xdb, 0x28, 0x1c, 0x00, 0x7b, 0xcb, 0xb6, 0x12,
|
||||||
|
+ 0x61, 0x9f, 0x26, 0x5f,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1465_addin0[] = {
|
||||||
|
+ 0xe2, 0x67, 0x06, 0x62, 0x09, 0xa7, 0xcf, 0xd6, 0x84, 0x8c, 0x20, 0xf6,
|
||||||
|
+ 0x10, 0x5a, 0x73, 0x9c,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1465_addin1[] = {
|
||||||
|
+ 0x26, 0xfa, 0x50, 0xe1, 0xb3, 0xcb, 0x65, 0xed, 0xbc, 0x6d, 0xda, 0x18,
|
||||||
|
+ 0x47, 0x99, 0x1f, 0xeb,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat1465_retbits[] = {
|
||||||
|
+ 0xf9, 0x47, 0xc6, 0xb0, 0x58, 0xa8, 0x66, 0x8a, 0xf5, 0x2b, 0x2a, 0x6d,
|
||||||
|
+ 0x4e, 0x24, 0x6f, 0x65, 0xbf, 0x51, 0x22, 0xbf, 0xe8, 0x8d, 0x6c, 0xeb,
|
||||||
|
+ 0xf9, 0x68, 0x7f, 0xed, 0x3b, 0xdd, 0x6b, 0xd5, 0x28, 0x47, 0x56, 0x52,
|
||||||
|
+ 0xda, 0x50, 0xf0, 0x90, 0x73, 0x95, 0x06, 0x58, 0xaf, 0x08, 0x98, 0x6e,
|
||||||
|
+ 0x24, 0x18, 0xfd, 0x2f, 0x48, 0x72, 0x57, 0xd6, 0x59, 0xab, 0xe9, 0x41,
|
||||||
|
+ 0x58, 0xdb, 0x27, 0xba,
|
||||||
|
+};
|
||||||
|
+static const struct drbg_kat_pr_false kat1465_t = {
|
||||||
|
+ 9, kat1465_entropyin, kat1465_nonce, kat1465_persstr,
|
||||||
|
+ kat1465_entropyinreseed, kat1465_addinreseed, kat1465_addin0,
|
||||||
|
+ kat1465_addin1, kat1465_retbits
|
||||||
|
+};
|
||||||
|
+static const struct drbg_kat kat1465 = {
|
||||||
|
+ PR_FALSE, USE_DF, NID_aes_128_ctr, 16, 8, 0, 16, 64, &kat1465_t
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+static const unsigned char kat3146_entropyin[] = {
|
||||||
|
+ 0xd7, 0x08, 0x42, 0x82, 0xc2, 0xd2, 0xd1, 0xde, 0x01, 0xb4, 0x36, 0xb3,
|
||||||
|
+ 0x7f, 0xbd, 0xd3, 0xdd, 0xb3, 0xc4, 0x31, 0x4f, 0x8f, 0xa7, 0x10, 0xf4,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat3146_nonce[] = {
|
||||||
|
+ 0x7b, 0x9e, 0xcd, 0x49, 0x4f, 0x46, 0xa0, 0x08, 0x32, 0xff, 0x2e, 0xc3,
|
||||||
|
+ 0x50, 0x86, 0xca, 0xca,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat3146_persstr[] = {0};
|
||||||
|
+static const unsigned char kat3146_entropyinpr1[] = {
|
||||||
|
+ 0x68, 0xd0, 0x7b, 0xa4, 0xe7, 0x22, 0x19, 0xe6, 0xb6, 0x46, 0x6a, 0xda,
|
||||||
|
+ 0x8e, 0x67, 0xea, 0x63, 0x3f, 0xaf, 0x2f, 0x6c, 0x9d, 0x5e, 0x48, 0x15,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat3146_addinpr1[] = {
|
||||||
|
+ 0x70, 0x0f, 0x54, 0xf4, 0x53, 0xde, 0xca, 0x61, 0x5c, 0x49, 0x51, 0xd1,
|
||||||
|
+ 0x41, 0xc4, 0xf1, 0x2f, 0x65, 0xfb, 0x7e, 0xbc, 0x9b, 0x14, 0xba, 0x90,
|
||||||
|
+ 0x05, 0x33, 0x7e, 0x64, 0xb7, 0x2b, 0xaf, 0x99,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat3146_entropyinpr2[] = {
|
||||||
|
+ 0xeb, 0x77, 0xb0, 0xe9, 0x2d, 0x31, 0xc8, 0x66, 0xc5, 0xc4, 0xa7, 0xf7,
|
||||||
|
+ 0x6c, 0xb2, 0x74, 0x36, 0x4b, 0x25, 0x78, 0x04, 0xd8, 0xd7, 0xd2, 0x34,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat3146_addinpr2[] = {
|
||||||
|
+ 0x05, 0xcd, 0x2a, 0x97, 0x5a, 0x5d, 0xfb, 0x98, 0xc1, 0xf1, 0x00, 0x0c,
|
||||||
|
+ 0xed, 0xe6, 0x2a, 0xba, 0xf0, 0x89, 0x1f, 0x5a, 0x4f, 0xd7, 0x48, 0xb3,
|
||||||
|
+ 0x24, 0xc0, 0x8a, 0x3d, 0x60, 0x59, 0x5d, 0xb6,
|
||||||
|
+};
|
||||||
|
+static const unsigned char kat3146_retbits[] = {
|
||||||
|
+ 0x29, 0x94, 0xa4, 0xa8, 0x17, 0x3e, 0x62, 0x2f, 0x94, 0xdd, 0x40, 0x1f,
|
||||||
|
+ 0xe3, 0x7e, 0x77, 0xd4, 0x38, 0xbc, 0x0e, 0x49, 0x46, 0xf6, 0x0e, 0x28,
|
||||||
|
+ 0x91, 0xc6, 0x9c, 0xc4, 0xa6, 0xa1, 0xf8, 0x9a, 0x64, 0x5e, 0x99, 0x76,
|
||||||
|
+ 0xd0, 0x2d, 0xee, 0xde, 0xe1, 0x2c, 0x93, 0x29, 0x4b, 0x12, 0xcf, 0x87,
|
||||||
|
+ 0x03, 0x98, 0xb9, 0x74, 0x41, 0xdb, 0x3a, 0x49, 0x9f, 0x92, 0xd0, 0x45,
|
||||||
|
+ 0xd4, 0x30, 0x73, 0xbb,
|
||||||
|
+};
|
||||||
|
+static const struct drbg_kat_pr_true kat3146_t = {
|
||||||
|
+ 10, kat3146_entropyin, kat3146_nonce, kat3146_persstr,
|
||||||
|
+ kat3146_entropyinpr1, kat3146_addinpr1, kat3146_entropyinpr2,
|
||||||
|
+ kat3146_addinpr2, kat3146_retbits
|
||||||
|
+};
|
||||||
|
+static const struct drbg_kat kat3146 = {
|
||||||
|
+ PR_TRUE, USE_DF, NID_aes_192_ctr, 24, 16, 0, 32, 64, &kat3146_t
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+static const struct drbg_kat *drbg_test[] = { &kat1308, &kat1465, &kat3146 };
|
||||||
|
+
|
||||||
|
+static const size_t drbg_test_nelem = OSSL_NELEM(drbg_test);
|
||||||
|
+
|
||||||
|
+static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
|
||||||
|
+ int entropy, size_t min_len, size_t max_len,
|
||||||
|
+ int prediction_resistance)
|
||||||
|
+{
|
||||||
|
+ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
|
||||||
|
+
|
||||||
|
+ t->entropycnt++;
|
||||||
|
+ *pout = (unsigned char *)t->entropy;
|
||||||
|
+ return t->entropylen;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
|
||||||
|
+ int entropy, size_t min_len, size_t max_len)
|
||||||
|
+{
|
||||||
|
+ TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
|
||||||
|
+
|
||||||
|
+ t->noncecnt++;
|
||||||
|
+ *pout = (unsigned char *)t->nonce;
|
||||||
|
+ return t->noncelen;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Do a single NO_RESEED KAT:
|
||||||
|
+ *
|
||||||
|
+ * Instantiate
|
||||||
|
+ * Generate Random Bits (pr=false)
|
||||||
|
+ * Generate Random Bits (pr=false)
|
||||||
|
+ * Uninstantiate
|
||||||
|
+ *
|
||||||
|
+ * Return 0 on failure.
|
||||||
|
+ */
|
||||||
|
+static int single_kat_no_reseed(const struct drbg_kat *td)
|
||||||
|
+{
|
||||||
|
+ struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t;
|
||||||
|
+ RAND_DRBG *drbg = NULL;
|
||||||
|
+ unsigned char *buff = NULL;
|
||||||
|
+ unsigned int flags = 0;
|
||||||
|
+ int failures = 0;
|
||||||
|
+ TEST_CTX t;
|
||||||
|
+
|
||||||
|
+ if (td->df != USE_DF)
|
||||||
|
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||||
|
+
|
||||||
|
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||||
|
+ kat_nonce, NULL)) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ memset(&t, 0, sizeof(t));
|
||||||
|
+ t.entropy = data->entropyin;
|
||||||
|
+ t.entropylen = td->entropyinlen;
|
||||||
|
+ t.nonce = data->nonce;
|
||||||
|
+ t.noncelen = td->noncelen;
|
||||||
|
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||||
|
+
|
||||||
|
+ buff = OPENSSL_malloc(td->retbyteslen);
|
||||||
|
+ if (buff == NULL) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)
|
||||||
|
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||||
|
+ data->addin1, td->addinlen)
|
||||||
|
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||||
|
+ data->addin2, td->addinlen)
|
||||||
|
+ || memcmp(data->retbytes, buff,
|
||||||
|
+ td->retbyteslen) != 0)
|
||||||
|
+ failures++;
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ OPENSSL_free(buff);
|
||||||
|
+ RAND_DRBG_uninstantiate(drbg);
|
||||||
|
+ RAND_DRBG_free(drbg);
|
||||||
|
+ return failures == 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*-
|
||||||
|
+ * Do a single PR_FALSE KAT:
|
||||||
|
+ *
|
||||||
|
+ * Instantiate
|
||||||
|
+ * Reseed
|
||||||
|
+ * Generate Random Bits (pr=false)
|
||||||
|
+ * Generate Random Bits (pr=false)
|
||||||
|
+ * Uninstantiate
|
||||||
|
+ *
|
||||||
|
+ * Return 0 on failure.
|
||||||
|
+ */
|
||||||
|
+static int single_kat_pr_false(const struct drbg_kat *td)
|
||||||
|
+{
|
||||||
|
+ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
|
||||||
|
+ RAND_DRBG *drbg = NULL;
|
||||||
|
+ unsigned char *buff = NULL;
|
||||||
|
+ unsigned int flags = 0;
|
||||||
|
+ int failures = 0;
|
||||||
|
+ TEST_CTX t;
|
||||||
|
+
|
||||||
|
+ if (td->df != USE_DF)
|
||||||
|
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||||
|
+
|
||||||
|
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||||
|
+ kat_nonce, NULL)) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ memset(&t, 0, sizeof(t));
|
||||||
|
+ t.entropy = data->entropyin;
|
||||||
|
+ t.entropylen = td->entropyinlen;
|
||||||
|
+ t.nonce = data->nonce;
|
||||||
|
+ t.noncelen = td->noncelen;
|
||||||
|
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||||
|
+
|
||||||
|
+ buff = OPENSSL_malloc(td->retbyteslen);
|
||||||
|
+ if (buff == NULL) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
|
||||||
|
+ failures++;
|
||||||
|
+
|
||||||
|
+ t.entropy = data->entropyinreseed;
|
||||||
|
+ t.entropylen = td->entropyinlen;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0)
|
||||||
|
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||||
|
+ data->addin1, td->addinlen)
|
||||||
|
+ || !RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
|
||||||
|
+ data->addin2, td->addinlen)
|
||||||
|
+ || memcmp(data->retbytes, buff,
|
||||||
|
+ td->retbyteslen) != 0)
|
||||||
|
+ failures++;
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ OPENSSL_free(buff);
|
||||||
|
+ RAND_DRBG_uninstantiate(drbg);
|
||||||
|
+ RAND_DRBG_free(drbg);
|
||||||
|
+ return failures == 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*-
|
||||||
|
+ * Do a single PR_TRUE KAT:
|
||||||
|
+ *
|
||||||
|
+ * Instantiate
|
||||||
|
+ * Generate Random Bits (pr=true)
|
||||||
|
+ * Generate Random Bits (pr=true)
|
||||||
|
+ * Uninstantiate
|
||||||
|
+ *
|
||||||
|
+ * Return 0 on failure.
|
||||||
|
+ */
|
||||||
|
+static int single_kat_pr_true(const struct drbg_kat *td)
|
||||||
|
+{
|
||||||
|
+ struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t;
|
||||||
|
+ RAND_DRBG *drbg = NULL;
|
||||||
|
+ unsigned char *buff = NULL;
|
||||||
|
+ unsigned int flags = 0;
|
||||||
|
+ int failures = 0;
|
||||||
|
+ TEST_CTX t;
|
||||||
|
+
|
||||||
|
+ if (td->df != USE_DF)
|
||||||
|
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||||
|
+
|
||||||
|
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||||
|
+ kat_nonce, NULL)) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ memset(&t, 0, sizeof(t));
|
||||||
|
+ t.nonce = data->nonce;
|
||||||
|
+ t.noncelen = td->noncelen;
|
||||||
|
+ t.entropy = data->entropyin;
|
||||||
|
+ t.entropylen = td->entropyinlen;
|
||||||
|
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||||
|
+
|
||||||
|
+ buff = OPENSSL_malloc(td->retbyteslen);
|
||||||
|
+ if (buff == NULL) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
|
||||||
|
+ failures++;
|
||||||
|
+
|
||||||
|
+ t.entropy = data->entropyinpr1;
|
||||||
|
+ t.entropylen = td->entropyinlen;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
|
||||||
|
+ data->addin1, td->addinlen))
|
||||||
|
+ failures++;
|
||||||
|
+
|
||||||
|
+ t.entropy = data->entropyinpr2;
|
||||||
|
+ t.entropylen = td->entropyinlen;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
|
||||||
|
+ data->addin2, td->addinlen)
|
||||||
|
+ || memcmp(data->retbytes, buff,
|
||||||
|
+ td->retbyteslen) != 0)
|
||||||
|
+ failures++;
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ OPENSSL_free(buff);
|
||||||
|
+ RAND_DRBG_uninstantiate(drbg);
|
||||||
|
+ RAND_DRBG_free(drbg);
|
||||||
|
+ return failures == 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int test_kats(int i)
|
||||||
|
+{
|
||||||
|
+ const struct drbg_kat *td = drbg_test[i];
|
||||||
|
+ int rv = 0;
|
||||||
|
+
|
||||||
|
+ switch (td->type) {
|
||||||
|
+ case NO_RESEED:
|
||||||
|
+ if (!single_kat_no_reseed(td))
|
||||||
|
+ goto err;
|
||||||
|
+ break;
|
||||||
|
+ case PR_FALSE:
|
||||||
|
+ if (!single_kat_pr_false(td))
|
||||||
|
+ goto err;
|
||||||
|
+ break;
|
||||||
|
+ case PR_TRUE:
|
||||||
|
+ if (!single_kat_pr_true(td))
|
||||||
|
+ goto err;
|
||||||
|
+ break;
|
||||||
|
+ default: /* cant happen */
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ rv = 1;
|
||||||
|
+err:
|
||||||
|
+ return rv;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*-
|
||||||
|
+ * Do one expected-error test:
|
||||||
|
+ *
|
||||||
|
+ * Instantiate with no entropy supplied
|
||||||
|
+ *
|
||||||
|
+ * Return 0 on failure.
|
||||||
|
+ */
|
||||||
|
+static int test_drbg_sanity(const struct drbg_kat *td)
|
||||||
|
+{
|
||||||
|
+ struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
|
||||||
|
+ RAND_DRBG *drbg = NULL;
|
||||||
|
+ unsigned int flags = 0;
|
||||||
|
+ int failures = 0;
|
||||||
|
+ TEST_CTX t;
|
||||||
|
+
|
||||||
|
+ if (td->df != USE_DF)
|
||||||
|
+ flags |= RAND_DRBG_FLAG_CTR_NO_DF;
|
||||||
|
+
|
||||||
|
+ if ((drbg = RAND_DRBG_new(td->nid, flags, NULL)) == NULL)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if (!RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
|
||||||
|
+ kat_nonce, NULL)) {
|
||||||
|
+ failures++;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ memset(&t, 0, sizeof(t));
|
||||||
|
+ t.entropy = data->entropyin;
|
||||||
|
+ t.entropylen = 0; /* No entropy */
|
||||||
|
+ t.nonce = data->nonce;
|
||||||
|
+ t.noncelen = td->noncelen;
|
||||||
|
+ RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
|
||||||
|
+
|
||||||
|
+ ERR_set_mark();
|
||||||
|
+ /* This must fail. */
|
||||||
|
+ if (RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
|
||||||
|
+ failures++;
|
||||||
|
+ RAND_DRBG_uninstantiate(drbg);
|
||||||
|
+ ERR_pop_to_mark();
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ RAND_DRBG_free(drbg);
|
||||||
|
+ return failures == 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+int rand_drbg_selftest(void)
|
||||||
|
+{
|
||||||
|
+ int i;
|
||||||
|
+
|
||||||
|
+ if (!RUN_ONCE(&get_index_once, drbg_app_data_index_init))
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ for (i = 0; i < drbg_test_nelem; i++) {
|
||||||
|
+ if (test_kats(i) <= 0)
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (test_drbg_sanity(&kat1465) <= 0)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/rand.h.drbg-selftest openssl-1.1.1g/include/crypto/rand.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/rand.h.drbg-selftest 2020-04-23 13:33:12.587622510 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/rand.h 2020-04-23 13:33:12.619621907 +0200
|
||||||
|
@@ -140,4 +140,9 @@ void rand_pool_cleanup(void);
|
||||||
|
*/
|
||||||
|
void rand_pool_keep_random_devices_open(int keep);
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * Perform the DRBG KAT selftests
|
||||||
|
+ */
|
||||||
|
+int rand_drbg_selftest(void);
|
||||||
|
+
|
||||||
|
#endif
|
189
openssl-1.1.1-fips-post-rand.patch
Normal file
189
openssl-1.1.1-fips-post-rand.patch
Normal file
@ -0,0 +1,189 @@
|
|||||||
|
diff -up openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand openssl-1.1.1e/crypto/fips/fips.c
|
||||||
|
--- openssl-1.1.1e/crypto/fips/fips.c.fips-post-rand 2020-03-17 18:06:16.822418854 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 18:06:16.861418172 +0100
|
||||||
|
@@ -68,6 +68,7 @@
|
||||||
|
|
||||||
|
# include <openssl/fips.h>
|
||||||
|
# include "internal/thread_once.h"
|
||||||
|
+# include "crypto/rand.h"
|
||||||
|
|
||||||
|
# ifndef PATH_MAX
|
||||||
|
# define PATH_MAX 1024
|
||||||
|
@@ -76,6 +77,7 @@
|
||||||
|
static int fips_selftest_fail = 0;
|
||||||
|
static int fips_mode = 0;
|
||||||
|
static int fips_started = 0;
|
||||||
|
+static int fips_post = 0;
|
||||||
|
|
||||||
|
static int fips_is_owning_thread(void);
|
||||||
|
static int fips_set_owning_thread(void);
|
||||||
|
@@ -158,6 +160,11 @@ void fips_set_selftest_fail(void)
|
||||||
|
fips_selftest_fail = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+int fips_in_post(void)
|
||||||
|
+{
|
||||||
|
+ return fips_post;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* we implement what libfipscheck does ourselves */
|
||||||
|
|
||||||
|
static int
|
||||||
|
@@ -445,6 +452,8 @@ int FIPS_module_mode_set(int onoff)
|
||||||
|
}
|
||||||
|
# endif
|
||||||
|
|
||||||
|
+ fips_post = 1;
|
||||||
|
+
|
||||||
|
if (!FIPS_selftest()) {
|
||||||
|
fips_selftest_fail = 1;
|
||||||
|
ret = 0;
|
||||||
|
@@ -459,7 +468,12 @@ int FIPS_module_mode_set(int onoff)
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ fips_post = 0;
|
||||||
|
+
|
||||||
|
fips_set_mode(onoff);
|
||||||
|
+ /* force RNG reseed with entropy from getrandom() on next call */
|
||||||
|
+ rand_force_reseed();
|
||||||
|
+
|
||||||
|
ret = 1;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
diff -up openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand openssl-1.1.1e/crypto/rand/drbg_lib.c
|
||||||
|
--- openssl-1.1.1e/crypto/rand/drbg_lib.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/rand/drbg_lib.c 2020-03-17 18:07:35.305045521 +0100
|
||||||
|
@@ -1009,6 +1009,20 @@ size_t rand_drbg_seedlen(RAND_DRBG *drbg
|
||||||
|
return min_entropy > min_entropylen ? min_entropy : min_entropylen;
|
||||||
|
}
|
||||||
|
|
||||||
|
+void rand_force_reseed(void)
|
||||||
|
+{
|
||||||
|
+ RAND_DRBG *drbg;
|
||||||
|
+
|
||||||
|
+ drbg = RAND_DRBG_get0_master();
|
||||||
|
+ drbg->fork_id = 0;
|
||||||
|
+
|
||||||
|
+ drbg = RAND_DRBG_get0_private();
|
||||||
|
+ drbg->fork_id = 0;
|
||||||
|
+
|
||||||
|
+ drbg = RAND_DRBG_get0_public();
|
||||||
|
+ drbg->fork_id = 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* Implements the default OpenSSL RAND_add() method */
|
||||||
|
static int drbg_add(const void *buf, int num, double randomness)
|
||||||
|
{
|
||||||
|
diff -up openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand openssl-1.1.1e/crypto/rand/rand_unix.c
|
||||||
|
--- openssl-1.1.1e/crypto/rand/rand_unix.c.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/rand/rand_unix.c 2020-03-17 18:09:01.503537189 +0100
|
||||||
|
@@ -17,10 +17,12 @@
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include "rand_local.h"
|
||||||
|
#include "crypto/rand.h"
|
||||||
|
+#include "crypto/fips.h"
|
||||||
|
#include <stdio.h>
|
||||||
|
#include "internal/dso.h"
|
||||||
|
#ifdef __linux
|
||||||
|
# include <sys/syscall.h>
|
||||||
|
+# include <sys/random.h>
|
||||||
|
# ifdef DEVRANDOM_WAIT
|
||||||
|
# include <sys/shm.h>
|
||||||
|
# include <sys/utsname.h>
|
||||||
|
@@ -342,7 +344,7 @@ static ssize_t sysctl_random(char *buf,
|
||||||
|
* syscall_random(): Try to get random data using a system call
|
||||||
|
* returns the number of bytes returned in buf, or < 0 on error.
|
||||||
|
*/
|
||||||
|
-static ssize_t syscall_random(void *buf, size_t buflen)
|
||||||
|
+static ssize_t syscall_random(void *buf, size_t buflen, int nonblock)
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* Note: 'buflen' equals the size of the buffer which is used by the
|
||||||
|
@@ -364,6 +366,7 @@ static ssize_t syscall_random(void *buf,
|
||||||
|
* - Linux since 3.17 with glibc 2.25
|
||||||
|
* - FreeBSD since 12.0 (1200061)
|
||||||
|
*/
|
||||||
|
+# if 0
|
||||||
|
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
|
||||||
|
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
|
||||||
|
|
||||||
|
@@ -385,10 +388,10 @@ static ssize_t syscall_random(void *buf,
|
||||||
|
if (p_getentropy.p != NULL)
|
||||||
|
return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1;
|
||||||
|
# endif
|
||||||
|
-
|
||||||
|
+# endif
|
||||||
|
/* Linux supports this since version 3.17 */
|
||||||
|
-# if defined(__linux) && defined(__NR_getrandom)
|
||||||
|
- return syscall(__NR_getrandom, buf, buflen, 0);
|
||||||
|
+# if defined(__linux) && defined(SYS_getrandom)
|
||||||
|
+ return syscall(SYS_getrandom, buf, buflen, nonblock?GRND_NONBLOCK:0);
|
||||||
|
# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
|
||||||
|
return sysctl_random(buf, buflen);
|
||||||
|
# else
|
||||||
|
@@ -623,6 +626,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
|
size_t entropy_available;
|
||||||
|
|
||||||
|
# if defined(OPENSSL_RAND_SEED_GETRANDOM)
|
||||||
|
+ int in_post;
|
||||||
|
+
|
||||||
|
+ for (in_post = fips_in_post(); in_post >= 0; --in_post) {
|
||||||
|
{
|
||||||
|
size_t bytes_needed;
|
||||||
|
unsigned char *buffer;
|
||||||
|
@@ -633,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
|
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
|
||||||
|
while (bytes_needed != 0 && attempts-- > 0) {
|
||||||
|
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||||
|
- bytes = syscall_random(buffer, bytes_needed);
|
||||||
|
+ bytes = syscall_random(buffer, bytes_needed, in_post);
|
||||||
|
if (bytes > 0) {
|
||||||
|
rand_pool_add_end(pool, bytes, 8 * bytes);
|
||||||
|
bytes_needed -= bytes;
|
||||||
|
@@ -668,8 +674,10 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
|
int attempts = 3;
|
||||||
|
const int fd = get_random_device(i);
|
||||||
|
|
||||||
|
- if (fd == -1)
|
||||||
|
+ if (fd == -1) {
|
||||||
|
+ OPENSSL_showfatal("Random device %s cannot be opened.\n", random_device_paths[i]);
|
||||||
|
continue;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
while (bytes_needed != 0 && attempts-- > 0) {
|
||||||
|
buffer = rand_pool_add_begin(pool, bytes_needed);
|
||||||
|
@@ -732,7 +740,9 @@ size_t rand_pool_acquire_entropy(RAND_PO
|
||||||
|
return entropy_available;
|
||||||
|
}
|
||||||
|
# endif
|
||||||
|
-
|
||||||
|
+# ifdef OPENSSL_RAND_SEED_GETRANDOM
|
||||||
|
+ }
|
||||||
|
+# endif
|
||||||
|
return rand_pool_entropy_available(pool);
|
||||||
|
# endif
|
||||||
|
}
|
||||||
|
diff -up openssl-1.1.1e/include/crypto/fips.h.fips-post-rand openssl-1.1.1e/include/crypto/fips.h
|
||||||
|
--- openssl-1.1.1e/include/crypto/fips.h.fips-post-rand 2020-03-17 18:06:16.831418696 +0100
|
||||||
|
+++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 18:06:16.861418172 +0100
|
||||||
|
@@ -77,6 +77,8 @@ int FIPS_selftest_hmac(void);
|
||||||
|
int FIPS_selftest_drbg(void);
|
||||||
|
int FIPS_selftest_cmac(void);
|
||||||
|
|
||||||
|
+int fips_in_post(void);
|
||||||
|
+
|
||||||
|
int fips_pkey_signature_test(EVP_PKEY *pkey,
|
||||||
|
const unsigned char *tbs, int tbslen,
|
||||||
|
const unsigned char *kat,
|
||||||
|
diff -up openssl-1.1.1e/include/crypto/rand.h.fips-post-rand openssl-1.1.1e/include/crypto/rand.h
|
||||||
|
--- openssl-1.1.1e/include/crypto/rand.h.fips-post-rand 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/include/crypto/rand.h 2020-03-17 18:07:35.303045555 +0100
|
||||||
|
@@ -24,6 +24,7 @@
|
||||||
|
typedef struct rand_pool_st RAND_POOL;
|
||||||
|
|
||||||
|
void rand_cleanup_int(void);
|
||||||
|
+void rand_force_reseed(void);
|
||||||
|
void rand_drbg_cleanup_int(void);
|
||||||
|
void drbg_delete_thread_state(void);
|
||||||
|
|
11655
openssl-1.1.1-fips.patch
Normal file
11655
openssl-1.1.1-fips.patch
Normal file
File diff suppressed because it is too large
Load Diff
500
openssl-1.1.1-intel-cet.patch
Normal file
500
openssl-1.1.1-intel-cet.patch
Normal file
@ -0,0 +1,500 @@
|
|||||||
|
diff -up openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/aes/asm/aesni-x86_64.pl 2020-03-19 17:07:02.626522694 +0100
|
||||||
|
@@ -275,6 +275,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
movups ($inp),$inout0 # load input
|
||||||
|
mov 240($key),$rounds # key->rounds
|
||||||
|
___
|
||||||
|
@@ -293,6 +294,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
movups ($inp),$inout0 # load input
|
||||||
|
mov 240($key),$rounds # key->rounds
|
||||||
|
___
|
||||||
|
@@ -613,6 +615,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ecb_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0x58(%rsp),%rsp
|
||||||
|
@@ -985,6 +988,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ccm64_encrypt_blocks:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0x58(%rsp),%rsp
|
||||||
|
@@ -1077,6 +1081,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ccm64_decrypt_blocks:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0x58(%rsp),%rsp
|
||||||
|
@@ -1203,6 +1208,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_ctr32_encrypt_blocks:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
cmp \$1,$len
|
||||||
|
jne .Lctr32_bulk
|
||||||
|
|
||||||
|
@@ -1775,6 +1781,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_xts_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%r11 # frame pointer
|
||||||
|
.cfi_def_cfa_register %r11
|
||||||
|
push %rbp
|
||||||
|
@@ -2258,6 +2265,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
aesni_xts_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%r11 # frame pointer
|
||||||
|
.cfi_def_cfa_register %r11
|
||||||
|
push %rbp
|
||||||
|
@@ -2783,6 +2791,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
aesni_ocb_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%rax
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
@@ -3249,6 +3258,7 @@ __ocb_encrypt1:
|
||||||
|
.align 32
|
||||||
|
aesni_ocb_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea (%rsp),%rax
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
@@ -3737,6 +3747,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_cbc_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
test $len,$len # check length
|
||||||
|
jz .Lcbc_ret
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/aes/asm/vpaes-x86_64.pl 2020-03-19 17:00:15.974621757 +0100
|
||||||
|
@@ -696,6 +696,7 @@ _vpaes_schedule_mangle:
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_set_encrypt_key:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -746,6 +747,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_set_decrypt_key:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -801,6 +803,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -846,6 +849,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_decrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
lea -0xb8(%rsp),%rsp
|
||||||
|
@@ -897,6 +901,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
${PREFIX}_cbc_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xchg $key,$len
|
||||||
|
___
|
||||||
|
($len,$key)=($key,$len);
|
||||||
|
diff -up openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.c
|
||||||
|
--- openssl-1.1.1e/crypto/async/arch/async_posix.c.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/async/arch/async_posix.c 2020-03-19 17:00:15.974621757 +0100
|
||||||
|
@@ -34,7 +34,9 @@ void async_local_cleanup(void)
|
||||||
|
|
||||||
|
int async_fibre_makecontext(async_fibre *fibre)
|
||||||
|
{
|
||||||
|
+#ifndef USE_SWAPCONTEXT
|
||||||
|
fibre->env_init = 0;
|
||||||
|
+#endif
|
||||||
|
if (getcontext(&fibre->fibre) == 0) {
|
||||||
|
fibre->fibre.uc_stack.ss_sp = OPENSSL_malloc(STACKSIZE);
|
||||||
|
if (fibre->fibre.uc_stack.ss_sp != NULL) {
|
||||||
|
diff -up openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet openssl-1.1.1e/crypto/async/arch/async_posix.h
|
||||||
|
--- openssl-1.1.1e/crypto/async/arch/async_posix.h.intel-cet 2020-03-19 17:00:15.435631166 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/async/arch/async_posix.h 2020-03-19 17:00:15.975621739 +0100
|
||||||
|
@@ -25,17 +25,33 @@
|
||||||
|
# define ASYNC_POSIX
|
||||||
|
# define ASYNC_ARCH
|
||||||
|
|
||||||
|
+# ifdef __CET__
|
||||||
|
+/*
|
||||||
|
+ * When Intel CET is enabled, makecontext will create a different
|
||||||
|
+ * shadow stack for each context. async_fibre_swapcontext cannot
|
||||||
|
+ * use _longjmp. It must call swapcontext to swap shadow stack as
|
||||||
|
+ * well as normal stack.
|
||||||
|
+ */
|
||||||
|
+# define USE_SWAPCONTEXT
|
||||||
|
+# endif
|
||||||
|
# include <ucontext.h>
|
||||||
|
-# include <setjmp.h>
|
||||||
|
+# ifndef USE_SWAPCONTEXT
|
||||||
|
+# include <setjmp.h>
|
||||||
|
+# endif
|
||||||
|
|
||||||
|
typedef struct async_fibre_st {
|
||||||
|
ucontext_t fibre;
|
||||||
|
+# ifndef USE_SWAPCONTEXT
|
||||||
|
jmp_buf env;
|
||||||
|
int env_init;
|
||||||
|
+# endif
|
||||||
|
} async_fibre;
|
||||||
|
|
||||||
|
static ossl_inline int async_fibre_swapcontext(async_fibre *o, async_fibre *n, int r)
|
||||||
|
{
|
||||||
|
+# ifdef USE_SWAPCONTEXT
|
||||||
|
+ swapcontext(&o->fibre, &n->fibre);
|
||||||
|
+# else
|
||||||
|
o->env_init = 1;
|
||||||
|
|
||||||
|
if (!r || !_setjmp(o->env)) {
|
||||||
|
@@ -44,6 +60,7 @@ static ossl_inline int async_fibre_swapc
|
||||||
|
else
|
||||||
|
setcontext(&n->fibre);
|
||||||
|
}
|
||||||
|
+# endif
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
diff -up openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/camellia/asm/cmll-x86_64.pl 2020-03-19 17:00:15.975621739 +0100
|
||||||
|
@@ -685,6 +685,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
Camellia_cbc_encrypt:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
cmp \$0,%rdx
|
||||||
|
je .Lcbc_abort
|
||||||
|
push %rbx
|
||||||
|
diff -up openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/modes/asm/ghash-x86_64.pl 2020-03-19 17:00:15.975621739 +0100
|
||||||
|
@@ -239,6 +239,7 @@ $code=<<___;
|
||||||
|
.align 16
|
||||||
|
gcm_gmult_4bit:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
push %rbp # %rbp and others are pushed exclusively in
|
||||||
|
@@ -286,6 +287,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
gcm_ghash_4bit:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
push %rbx
|
||||||
|
.cfi_push %rbx
|
||||||
|
push %rbp
|
||||||
|
@@ -612,6 +614,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
gcm_gmult_clmul:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
.L_gmult_clmul:
|
||||||
|
movdqu ($Xip),$Xi
|
||||||
|
movdqa .Lbswap_mask(%rip),$T3
|
||||||
|
@@ -663,6 +666,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
gcm_ghash_clmul:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
.L_ghash_clmul:
|
||||||
|
___
|
||||||
|
$code.=<<___ if ($win64);
|
||||||
|
@@ -1166,6 +1170,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
gcm_gmult_avx:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
jmp .L_gmult_clmul
|
||||||
|
.cfi_endproc
|
||||||
|
.size gcm_gmult_avx,.-gcm_gmult_avx
|
||||||
|
@@ -1177,6 +1182,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
gcm_ghash_avx:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
___
|
||||||
|
if ($avx) {
|
||||||
|
my ($Xip,$Htbl,$inp,$len)=@_4args;
|
||||||
|
diff -up openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet openssl-1.1.1e/crypto/perlasm/cbc.pl
|
||||||
|
--- openssl-1.1.1e/crypto/perlasm/cbc.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/perlasm/cbc.pl 2020-03-19 17:00:15.976621722 +0100
|
||||||
|
@@ -165,21 +165,28 @@ sub cbc
|
||||||
|
&jmp_ptr($count);
|
||||||
|
|
||||||
|
&set_label("ej7");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("edx"), &BP(6,$in,"",0));
|
||||||
|
&shl("edx",8);
|
||||||
|
&set_label("ej6");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("edx"), &BP(5,$in,"",0));
|
||||||
|
&set_label("ej5");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&LB("edx"), &BP(4,$in,"",0));
|
||||||
|
&set_label("ej4");
|
||||||
|
+ &endbranch()
|
||||||
|
&mov("ecx", &DWP(0,$in,"",0));
|
||||||
|
&jmp(&label("ejend"));
|
||||||
|
&set_label("ej3");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("ecx"), &BP(2,$in,"",0));
|
||||||
|
&shl("ecx",8);
|
||||||
|
&set_label("ej2");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&HB("ecx"), &BP(1,$in,"",0));
|
||||||
|
&set_label("ej1");
|
||||||
|
+ &endbranch()
|
||||||
|
&movb(&LB("ecx"), &BP(0,$in,"",0));
|
||||||
|
&set_label("ejend");
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl
|
||||||
|
--- openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/perlasm/x86_64-xlate.pl 2020-03-19 17:00:15.984621582 +0100
|
||||||
|
@@ -101,6 +101,33 @@ elsif (!$gas)
|
||||||
|
$decor="\$L\$";
|
||||||
|
}
|
||||||
|
|
||||||
|
+my $cet_property;
|
||||||
|
+if ($flavour =~ /elf/) {
|
||||||
|
+ # Always generate .note.gnu.property section for ELF outputs to
|
||||||
|
+ # mark Intel CET support since all input files must be marked
|
||||||
|
+ # with Intel CET support in order for linker to mark output with
|
||||||
|
+ # Intel CET support.
|
||||||
|
+ my $p2align=3; $p2align=2 if ($flavour eq "elf32");
|
||||||
|
+ $cet_property = <<_____;
|
||||||
|
+ .section ".note.gnu.property", "a"
|
||||||
|
+ .p2align $p2align
|
||||||
|
+ .long 1f - 0f
|
||||||
|
+ .long 4f - 1f
|
||||||
|
+ .long 5
|
||||||
|
+0:
|
||||||
|
+ .asciz "GNU"
|
||||||
|
+1:
|
||||||
|
+ .p2align $p2align
|
||||||
|
+ .long 0xc0000002
|
||||||
|
+ .long 3f - 2f
|
||||||
|
+2:
|
||||||
|
+ .long 3
|
||||||
|
+3:
|
||||||
|
+ .p2align $p2align
|
||||||
|
+4:
|
||||||
|
+_____
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
my $current_segment;
|
||||||
|
my $current_function;
|
||||||
|
my %globals;
|
||||||
|
@@ -1213,6 +1240,7 @@ while(defined(my $line=<>)) {
|
||||||
|
print $line,"\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
+print "$cet_property" if ($cet_property);
|
||||||
|
print "\n$current_segment\tENDS\n" if ($current_segment && $masm);
|
||||||
|
print "END\n" if ($masm);
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet openssl-1.1.1e/crypto/perlasm/x86gas.pl
|
||||||
|
--- openssl-1.1.1e/crypto/perlasm/x86gas.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/perlasm/x86gas.pl 2020-03-19 17:00:15.985621565 +0100
|
||||||
|
@@ -124,6 +124,7 @@ sub ::function_begin_B
|
||||||
|
push(@out,".align\t$align\n");
|
||||||
|
push(@out,"$func:\n");
|
||||||
|
push(@out,"$begin:\n") if ($global);
|
||||||
|
+ &::endbranch();
|
||||||
|
$::stack=4;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -172,6 +173,26 @@ sub ::file_end
|
||||||
|
else { push (@out,"$tmp\n"); }
|
||||||
|
}
|
||||||
|
push(@out,$initseg) if ($initseg);
|
||||||
|
+ if ($::elf) {
|
||||||
|
+ push(@out,"
|
||||||
|
+ .section \".note.gnu.property\", \"a\"
|
||||||
|
+ .p2align 2
|
||||||
|
+ .long 1f - 0f
|
||||||
|
+ .long 4f - 1f
|
||||||
|
+ .long 5
|
||||||
|
+0:
|
||||||
|
+ .asciz \"GNU\"
|
||||||
|
+1:
|
||||||
|
+ .p2align 2
|
||||||
|
+ .long 0xc0000002
|
||||||
|
+ .long 3f - 2f
|
||||||
|
+2:
|
||||||
|
+ .long 3
|
||||||
|
+3:
|
||||||
|
+ .p2align 2
|
||||||
|
+4:
|
||||||
|
+");
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); }
|
||||||
|
diff -up openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl.intel-cet 2020-03-19 17:00:38.185234015 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/poly1305/asm/poly1305-x86_64.pl 2020-03-19 17:05:46.575850341 +0100
|
||||||
|
@@ -2806,6 +2806,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
poly1305_blocks_vpmadd52:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
shr \$4,$len
|
||||||
|
jz .Lno_data_vpmadd52 # too short
|
||||||
|
|
||||||
|
@@ -3739,6 +3740,7 @@ $code.=<<___;
|
||||||
|
.align 32
|
||||||
|
poly1305_emit_base2_44:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov 0($ctx),%r8 # load hash value
|
||||||
|
mov 8($ctx),%r9
|
||||||
|
mov 16($ctx),%r10
|
||||||
|
diff -up openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl
|
||||||
|
--- openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl.intel-cet 2020-03-19 17:00:38.190233928 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/rc4/asm/rc4-x86_64.pl 2020-03-19 17:05:02.598618064 +0100
|
||||||
|
@@ -140,6 +140,7 @@ $code=<<___;
|
||||||
|
.align 16
|
||||||
|
RC4:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
or $len,$len
|
||||||
|
jne .Lentry
|
||||||
|
ret
|
||||||
|
@@ -455,6 +456,7 @@ $code.=<<___;
|
||||||
|
.align 16
|
||||||
|
RC4_set_key:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea 8($dat),$dat
|
||||||
|
lea ($inp,$len),$inp
|
||||||
|
neg $len
|
||||||
|
@@ -529,6 +531,7 @@ RC4_set_key:
|
||||||
|
.align 16
|
||||||
|
RC4_options:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
lea .Lopts(%rip),%rax
|
||||||
|
mov OPENSSL_ia32cap_P(%rip),%edx
|
||||||
|
bt \$20,%edx
|
||||||
|
diff -up openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet openssl-1.1.1e/crypto/x86_64cpuid.pl
|
||||||
|
--- openssl-1.1.1e/crypto/x86_64cpuid.pl.intel-cet 2020-03-17 15:31:17.000000000 +0100
|
||||||
|
+++ openssl-1.1.1e/crypto/x86_64cpuid.pl 2020-03-19 17:03:58.172742775 +0100
|
||||||
|
@@ -40,6 +40,7 @@ print<<___;
|
||||||
|
.align 16
|
||||||
|
OPENSSL_atomic_add:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
movl ($arg1),%eax
|
||||||
|
.Lspin: leaq ($arg2,%rax),%r8
|
||||||
|
.byte 0xf0 # lock
|
||||||
|
@@ -56,6 +57,7 @@ OPENSSL_atomic_add:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_rdtsc:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
rdtsc
|
||||||
|
shl \$32,%rdx
|
||||||
|
or %rdx,%rax
|
||||||
|
@@ -68,6 +70,7 @@ OPENSSL_rdtsc:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_ia32_cpuid:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov %rbx,%r8 # save %rbx
|
||||||
|
.cfi_register %rbx,%r8
|
||||||
|
|
||||||
|
@@ -237,6 +240,7 @@ OPENSSL_ia32_cpuid:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_cleanse:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xor %rax,%rax
|
||||||
|
cmp \$15,$arg2
|
||||||
|
jae .Lot
|
||||||
|
@@ -274,6 +278,7 @@ OPENSSL_cleanse:
|
||||||
|
.align 16
|
||||||
|
CRYPTO_memcmp:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xor %rax,%rax
|
||||||
|
xor %r10,%r10
|
||||||
|
cmp \$0,$arg3
|
||||||
|
@@ -312,6 +317,7 @@ print<<___ if (!$win64);
|
||||||
|
.align 16
|
||||||
|
OPENSSL_wipe_cpu:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
pxor %xmm0,%xmm0
|
||||||
|
pxor %xmm1,%xmm1
|
||||||
|
pxor %xmm2,%xmm2
|
||||||
|
@@ -346,6 +352,8 @@ print<<___ if ($win64);
|
||||||
|
.type OPENSSL_wipe_cpu,\@abi-omnipotent
|
||||||
|
.align 16
|
||||||
|
OPENSSL_wipe_cpu:
|
||||||
|
+.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
pxor %xmm0,%xmm0
|
||||||
|
pxor %xmm1,%xmm1
|
||||||
|
pxor %xmm2,%xmm2
|
||||||
|
@@ -376,6 +384,7 @@ print<<___;
|
||||||
|
.align 16
|
||||||
|
OPENSSL_instrument_bus:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov $arg1,$out # tribute to Win64
|
||||||
|
mov $arg2,$cnt
|
||||||
|
mov $arg2,$max
|
||||||
|
@@ -410,6 +419,7 @@ OPENSSL_instrument_bus:
|
||||||
|
.align 16
|
||||||
|
OPENSSL_instrument_bus2:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
mov $arg1,$out # tribute to Win64
|
||||||
|
mov $arg2,$cnt
|
||||||
|
mov $arg3,$max
|
||||||
|
@@ -465,6 +475,7 @@ print<<___;
|
||||||
|
.align 16
|
||||||
|
OPENSSL_ia32_${rdop}_bytes:
|
||||||
|
.cfi_startproc
|
||||||
|
+ endbranch
|
||||||
|
xor %rax, %rax # return value
|
||||||
|
cmp \$0,$arg2
|
||||||
|
je .Ldone_${rdop}_bytes
|
170
openssl-1.1.1-kdf-selftest.patch
Normal file
170
openssl-1.1.1-kdf-selftest.patch
Normal file
@ -0,0 +1,170 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/fips/build.info.kdf-selftest openssl-1.1.1g/crypto/fips/build.info
|
||||||
|
--- openssl-1.1.1g/crypto/fips/build.info.kdf-selftest 2020-06-03 16:08:36.274849058 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/build.info 2020-06-03 16:11:05.609079372 +0200
|
||||||
|
@@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\
|
||||||
|
fips_post.c fips_drbg_ctr.c fips_drbg_hash.c fips_drbg_hmac.c \
|
||||||
|
fips_drbg_lib.c fips_drbg_rand.c fips_drbg_selftest.c fips_rand_lib.c \
|
||||||
|
fips_cmac_selftest.c fips_ecdh_selftest.c fips_ecdsa_selftest.c \
|
||||||
|
- fips_dh_selftest.c fips_ers.c
|
||||||
|
+ fips_dh_selftest.c fips_kdf_selftest.c fips_ers.c
|
||||||
|
|
||||||
|
PROGRAMS_NO_INST=\
|
||||||
|
fips_standalone_hmac
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c.kdf-selftest 2020-06-03 16:08:36.337849577 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_kdf_selftest.c 2020-06-03 16:08:36.337849577 +0200
|
||||||
|
@@ -0,0 +1,117 @@
|
||||||
|
+/*
|
||||||
|
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
+ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
|
||||||
|
+ *
|
||||||
|
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
|
+ * this file except in compliance with the License. You can obtain a copy
|
||||||
|
+ * in the file LICENSE in the source distribution or at
|
||||||
|
+ * https://www.openssl.org/source/license.html
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <openssl/err.h>
|
||||||
|
+#include <openssl/fips.h>
|
||||||
|
+#include "crypto/fips.h"
|
||||||
|
+
|
||||||
|
+#include <openssl/evp.h>
|
||||||
|
+#include <openssl/kdf.h>
|
||||||
|
+
|
||||||
|
+#ifdef OPENSSL_FIPS
|
||||||
|
+int FIPS_selftest_pbkdf2(void)
|
||||||
|
+{
|
||||||
|
+ int ret = 0;
|
||||||
|
+ EVP_KDF_CTX *kctx;
|
||||||
|
+ unsigned char out[32];
|
||||||
|
+
|
||||||
|
+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2)) == NULL) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password", (size_t)8) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt", (size_t)4) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ {
|
||||||
|
+ const unsigned char expected[sizeof(out)] = {
|
||||||
|
+ 0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
|
||||||
|
+ 0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
|
||||||
|
+ 0x2a, 0x30, 0x3f, 0x8e, 0xf3, 0xc2, 0x51, 0xdf,
|
||||||
|
+ 0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
|
||||||
|
+ };
|
||||||
|
+ if (memcmp(out, expected, sizeof(expected))) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ ret = 1;
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ if (!ret)
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_SELFTEST_PBKDF2, FIPS_R_SELFTEST_FAILED);
|
||||||
|
+ EVP_KDF_CTX_free(kctx);
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/* Test vector from RFC 8009 (AES Encryption with HMAC-SHA2 for Kerberos
|
||||||
|
+ * 5) appendix A. */
|
||||||
|
+int FIPS_selftest_kbkdf(void)
|
||||||
|
+{
|
||||||
|
+ int ret = 0;
|
||||||
|
+ EVP_KDF_CTX *kctx;
|
||||||
|
+ char *label = "prf", *prf_input = "test";
|
||||||
|
+ static unsigned char input_key[] = {
|
||||||
|
+ 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
|
||||||
|
+ 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
|
||||||
|
+ };
|
||||||
|
+ static unsigned char output[] = {
|
||||||
|
+ 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
|
||||||
|
+ 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
|
||||||
|
+ 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
|
||||||
|
+ 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
|
||||||
|
+ };
|
||||||
|
+ unsigned char result[sizeof(output)] = { 0 };
|
||||||
|
+
|
||||||
|
+ if ((kctx = EVP_KDF_CTX_new_id(EVP_KDF_KB)) == NULL) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_MAC_TYPE, EVP_KDF_KB_MAC_TYPE_HMAC) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, input_key, sizeof(input_key)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, label, strlen(label)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KB_INFO, prf_input, strlen(prf_input)) <= 0) {
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ ret = EVP_KDF_derive(kctx, result, sizeof(result)) > 0
|
||||||
|
+ && memcmp(result, output, sizeof(output)) == 0;
|
||||||
|
+err:
|
||||||
|
+
|
||||||
|
+ if (!ret)
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_SELFTEST_KBKDF, FIPS_R_SELFTEST_FAILED);
|
||||||
|
+ EVP_KDF_CTX_free(kctx);
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int FIPS_selftest_kdf(void)
|
||||||
|
+{
|
||||||
|
+ return FIPS_selftest_pbkdf2() && FIPS_selftest_kbkdf();
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#endif
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest openssl-1.1.1g/crypto/fips/fips_post.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_post.c.kdf-selftest 2020-06-03 16:08:36.332849536 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-03 16:08:36.338849585 +0200
|
||||||
|
@@ -111,6 +111,8 @@ int FIPS_selftest(void)
|
||||||
|
rv = 0;
|
||||||
|
if (!FIPS_selftest_ecdh())
|
||||||
|
rv = 0;
|
||||||
|
+ if (!FIPS_selftest_kdf())
|
||||||
|
+ rv = 0;
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/include/crypto/fips.h.kdf-selftest openssl-1.1.1g/include/crypto/fips.h
|
||||||
|
--- openssl-1.1.1g/include/crypto/fips.h.kdf-selftest 2020-06-03 16:08:36.330849519 +0200
|
||||||
|
+++ openssl-1.1.1g/include/crypto/fips.h 2020-06-03 16:08:36.338849585 +0200
|
||||||
|
@@ -72,6 +72,9 @@ void FIPS_drbg_stick(int onoff);
|
||||||
|
int FIPS_selftest_hmac(void);
|
||||||
|
int FIPS_selftest_drbg(void);
|
||||||
|
int FIPS_selftest_cmac(void);
|
||||||
|
+int FIPS_selftest_kbkdf(void);
|
||||||
|
+int FIPS_selftest_pbkdf2(void);
|
||||||
|
+int FIPS_selftest_kdf(void);
|
||||||
|
|
||||||
|
int fips_in_post(void);
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/include/openssl/fips.h.kdf-selftest openssl-1.1.1g/include/openssl/fips.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/fips.h.kdf-selftest 2020-06-03 16:08:36.282849124 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-03 16:08:36.338849585 +0200
|
||||||
|
@@ -123,6 +123,8 @@ extern "C" {
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_DSA 112
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_ECDSA 133
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_HMAC 113
|
||||||
|
+# define FIPS_F_FIPS_SELFTEST_KBKDF 151
|
||||||
|
+# define FIPS_F_FIPS_SELFTEST_PBKDF2 152
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_SHA1 115
|
||||||
|
# define FIPS_F_FIPS_SELFTEST_SHA2 105
|
||||||
|
# define FIPS_F_OSSL_ECDSA_SIGN_SIG 143
|
3030
openssl-1.1.1-krb5-kdf.patch
Normal file
3030
openssl-1.1.1-krb5-kdf.patch
Normal file
File diff suppressed because it is too large
Load Diff
19
openssl-1.1.1-man-rename.patch
Normal file
19
openssl-1.1.1-man-rename.patch
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
diff -up openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename openssl-1.1.1-pre9/doc/man1/openssl.pod
|
||||||
|
--- openssl-1.1.1-pre9/doc/man1/openssl.pod.man-rename 2018-08-21 14:14:13.000000000 +0200
|
||||||
|
+++ openssl-1.1.1-pre9/doc/man1/openssl.pod 2018-08-22 12:13:04.092568064 +0200
|
||||||
|
@@ -482,13 +482,13 @@ L<dhparam(1)>, L<dsa(1)>, L<dsaparam(1)>
|
||||||
|
L<ec(1)>, L<ecparam(1)>,
|
||||||
|
L<enc(1)>, L<engine(1)>, L<errstr(1)>, L<gendsa(1)>, L<genpkey(1)>,
|
||||||
|
L<genrsa(1)>, L<nseq(1)>, L<ocsp(1)>,
|
||||||
|
-L<passwd(1)>,
|
||||||
|
L<pkcs12(1)>, L<pkcs7(1)>, L<pkcs8(1)>,
|
||||||
|
L<pkey(1)>, L<pkeyparam(1)>, L<pkeyutl(1)>, L<prime(1)>,
|
||||||
|
-L<rand(1)>, L<rehash(1)>, L<req(1)>, L<rsa(1)>,
|
||||||
|
+L<rehash(1)>, L<req(1)>, L<rsa(1)>,
|
||||||
|
L<rsautl(1)>, L<s_client(1)>,
|
||||||
|
L<s_server(1)>, L<s_time(1)>, L<sess_id(1)>,
|
||||||
|
L<smime(1)>, L<speed(1)>, L<spkac(1)>, L<srp(1)>, L<storeutl(1)>,
|
||||||
|
+L<sslpasswd(1)>, L<sslrand(1)>,
|
||||||
|
L<ts(1)>,
|
||||||
|
L<verify(1)>, L<version(1)>, L<x509(1)>,
|
||||||
|
L<crypto(7)>, L<ssl(7)>, L<x509v3_config(5)>
|
112
openssl-1.1.1-no-brainpool.patch
Normal file
112
openssl-1.1.1-no-brainpool.patch
Normal file
@ -0,0 +1,112 @@
|
|||||||
|
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in
|
||||||
|
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-09-10 15:13:07.000000000 +0200
|
||||||
|
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in 2019-09-13 15:11:07.358687169 +0200
|
||||||
|
@@ -147,22 +147,22 @@ our @tests = (
|
||||||
|
{
|
||||||
|
name => "ECDSA with brainpool",
|
||||||
|
server => {
|
||||||
|
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
||||||
|
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
||||||
|
- "Groups" => "brainpoolP256r1",
|
||||||
|
+ "Certificate" => test_pem("server-ecdsa-cert.pem"),
|
||||||
|
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"),
|
||||||
|
+# "Groups" => "brainpoolP256r1",
|
||||||
|
},
|
||||||
|
client => {
|
||||||
|
#We don't restrict this to TLSv1.2, although use of brainpool
|
||||||
|
#should force this anyway so that this should succeed
|
||||||
|
"CipherString" => "aECDSA",
|
||||||
|
"RequestCAFile" => test_pem("root-cert.pem"),
|
||||||
|
- "Groups" => "brainpoolP256r1",
|
||||||
|
+# "Groups" => "brainpoolP256r1",
|
||||||
|
},
|
||||||
|
test => {
|
||||||
|
- "ExpectedServerCertType" =>, "brainpoolP256r1",
|
||||||
|
- "ExpectedServerSignType" =>, "EC",
|
||||||
|
+# "ExpectedServerCertType" =>, "brainpoolP256r1",
|
||||||
|
+# "ExpectedServerSignType" =>, "EC",
|
||||||
|
# Note: certificate_authorities not sent for TLS < 1.3
|
||||||
|
- "ExpectedServerCANames" =>, "empty",
|
||||||
|
+# "ExpectedServerCANames" =>, "empty",
|
||||||
|
"ExpectedResult" => "Success"
|
||||||
|
},
|
||||||
|
},
|
||||||
|
@@ -853,18 +853,18 @@ my @tests_tls_1_3 = (
|
||||||
|
{
|
||||||
|
name => "TLS 1.3 ECDSA with brainpool",
|
||||||
|
server => {
|
||||||
|
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
|
||||||
|
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
|
||||||
|
- "Groups" => "brainpoolP256r1",
|
||||||
|
+ "Certificate" => test_pem("server-ecdsa-cert.pem"),
|
||||||
|
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"),
|
||||||
|
+# "Groups" => "brainpoolP256r1",
|
||||||
|
},
|
||||||
|
client => {
|
||||||
|
"RequestCAFile" => test_pem("root-cert.pem"),
|
||||||
|
- "Groups" => "brainpoolP256r1",
|
||||||
|
+# "Groups" => "brainpoolP256r1",
|
||||||
|
"MinProtocol" => "TLSv1.3",
|
||||||
|
"MaxProtocol" => "TLSv1.3"
|
||||||
|
},
|
||||||
|
test => {
|
||||||
|
- "ExpectedResult" => "ServerFail"
|
||||||
|
+ "ExpectedResult" => "Success"
|
||||||
|
},
|
||||||
|
},
|
||||||
|
);
|
||||||
|
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf
|
||||||
|
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-09-10 15:13:07.000000000 +0200
|
||||||
|
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf 2019-09-13 15:12:27.380288469 +0200
|
||||||
|
@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server
|
||||||
|
client = 5-ECDSA with brainpool-client
|
||||||
|
|
||||||
|
[5-ECDSA with brainpool-server]
|
||||||
|
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
||||||
|
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
||||||
|
CipherString = DEFAULT
|
||||||
|
-Groups = brainpoolP256r1
|
||||||
|
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
||||||
|
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
||||||
|
|
||||||
|
[5-ECDSA with brainpool-client]
|
||||||
|
CipherString = aECDSA
|
||||||
|
-Groups = brainpoolP256r1
|
||||||
|
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||||
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||||
|
VerifyMode = Peer
|
||||||
|
|
||||||
|
[test-5]
|
||||||
|
ExpectedResult = Success
|
||||||
|
-ExpectedServerCANames = empty
|
||||||
|
-ExpectedServerCertType = brainpoolP256r1
|
||||||
|
-ExpectedServerSignType = EC
|
||||||
|
|
||||||
|
|
||||||
|
# ===========================================================
|
||||||
|
@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool
|
||||||
|
client = 52-TLS 1.3 ECDSA with brainpool-client
|
||||||
|
|
||||||
|
[52-TLS 1.3 ECDSA with brainpool-server]
|
||||||
|
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
|
||||||
|
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
||||||
|
CipherString = DEFAULT
|
||||||
|
-Groups = brainpoolP256r1
|
||||||
|
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
|
||||||
|
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
||||||
|
|
||||||
|
[52-TLS 1.3 ECDSA with brainpool-client]
|
||||||
|
CipherString = DEFAULT
|
||||||
|
-Groups = brainpoolP256r1
|
||||||
|
MaxProtocol = TLSv1.3
|
||||||
|
MinProtocol = TLSv1.3
|
||||||
|
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||||
|
@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
|
||||||
|
VerifyMode = Peer
|
||||||
|
|
||||||
|
[test-52]
|
||||||
|
-ExpectedResult = ServerFail
|
||||||
|
+ExpectedResult = Success
|
||||||
|
|
||||||
|
|
||||||
|
# ===========================================================
|
12
openssl-1.1.1-no-html.patch
Normal file
12
openssl-1.1.1-no-html.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html openssl-1.1.1f/Configurations/unix-Makefile.tmpl
|
||||||
|
--- openssl-1.1.1f/Configurations/unix-Makefile.tmpl.no-html 2020-04-07 16:45:21.904083989 +0200
|
||||||
|
+++ openssl-1.1.1f/Configurations/unix-Makefile.tmpl 2020-04-07 16:45:56.218461895 +0200
|
||||||
|
@@ -544,7 +544,7 @@ install_sw: install_dev install_engines
|
||||||
|
|
||||||
|
uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
|
||||||
|
|
||||||
|
-install_docs: install_man_docs install_html_docs
|
||||||
|
+install_docs: install_man_docs
|
||||||
|
|
||||||
|
uninstall_docs: uninstall_man_docs uninstall_html_docs
|
||||||
|
$(RM) -r "$(DESTDIR)$(DOCDIR)"
|
26
openssl-1.1.1-no-weak-verify.patch
Normal file
26
openssl-1.1.1-no-weak-verify.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
diff -up openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify openssl-1.1.1b/crypto/asn1/a_verify.c
|
||||||
|
--- openssl-1.1.1b/crypto/asn1/a_verify.c.no-weak-verify 2019-02-26 15:15:30.000000000 +0100
|
||||||
|
+++ openssl-1.1.1b/crypto/asn1/a_verify.c 2019-02-28 11:25:31.531862873 +0100
|
||||||
|
@@ -7,6 +7,9 @@
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
+/* for secure_getenv */
|
||||||
|
+#define _GNU_SOURCE
|
||||||
|
+
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
@@ -130,6 +133,12 @@ int ASN1_item_verify(const ASN1_ITEM *it
|
||||||
|
if (ret != 2)
|
||||||
|
goto err;
|
||||||
|
ret = -1;
|
||||||
|
+ } else if ((mdnid == NID_md5
|
||||||
|
+ && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) ||
|
||||||
|
+ mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) {
|
||||||
|
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
|
||||||
|
+ ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
|
||||||
|
+ goto err;
|
||||||
|
} else {
|
||||||
|
const EVP_MD *type = EVP_get_digestbynid(mdnid);
|
||||||
|
|
170
openssl-1.1.1-rewire-fips-drbg.patch
Normal file
170
openssl-1.1.1-rewire-fips-drbg.patch
Normal file
@ -0,0 +1,170 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_lib.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_drbg_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_drbg_lib.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -337,6 +337,19 @@ static int drbg_reseed(DRBG_CTX *dctx,
|
||||||
|
int FIPS_drbg_reseed(DRBG_CTX *dctx,
|
||||||
|
const unsigned char *adin, size_t adinlen)
|
||||||
|
{
|
||||||
|
+ int len = (int)adinlen;
|
||||||
|
+
|
||||||
|
+ if (len < 0 || (size_t)len != adinlen) {
|
||||||
|
+ FIPSerr(FIPS_F_DRBG_RESEED, FIPS_R_ADDITIONAL_INPUT_TOO_LONG);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ RAND_seed(adin, len);
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int FIPS_drbg_reseed_internal(DRBG_CTX *dctx,
|
||||||
|
+ const unsigned char *adin, size_t adinlen)
|
||||||
|
+{
|
||||||
|
return drbg_reseed(dctx, adin, adinlen, 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -358,6 +371,19 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, u
|
||||||
|
int prediction_resistance,
|
||||||
|
const unsigned char *adin, size_t adinlen)
|
||||||
|
{
|
||||||
|
+ int len = (int)outlen;
|
||||||
|
+
|
||||||
|
+ if (len < 0 || (size_t)len != outlen) {
|
||||||
|
+ FIPSerr(FIPS_F_FIPS_DRBG_GENERATE, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ return RAND_bytes(out, len);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int FIPS_drbg_generate_internal(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
|
||||||
|
+ int prediction_resistance,
|
||||||
|
+ const unsigned char *adin, size_t adinlen)
|
||||||
|
+{
|
||||||
|
int r = 0;
|
||||||
|
|
||||||
|
if (FIPS_selftest_failed()) {
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_rand.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_drbg_rand.c.rewire-fips-drbg 2020-06-22 13:32:47.611852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_drbg_rand.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -57,6 +57,8 @@
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
|
||||||
|
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
|
||||||
|
#include <openssl/fips_rand.h>
|
||||||
|
#include "fips_rand_lcl.h"
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c.rewire-fips-drbg 2020-06-22 13:32:47.612852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_drbg_selftest.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -55,6 +55,8 @@
|
||||||
|
#include <openssl/crypto.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/fips.h>
|
||||||
|
+#define FIPS_DRBG_generate FIPS_DRBG_generate_internal
|
||||||
|
+#define FIPS_DRBG_reseed FIPS_DRBG_reseed_internal
|
||||||
|
#include <openssl/fips_rand.h>
|
||||||
|
#include "fips_rand_lcl.h"
|
||||||
|
#include "fips_locl.h"
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_post.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_post.c.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_post.c 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -79,8 +79,6 @@ int FIPS_selftest(void)
|
||||||
|
ERR_add_error_data(2, "Type=", "rand_drbg_selftest");
|
||||||
|
rv = 0;
|
||||||
|
}
|
||||||
|
- if (!FIPS_selftest_drbg())
|
||||||
|
- rv = 0;
|
||||||
|
if (!FIPS_selftest_sha1())
|
||||||
|
rv = 0;
|
||||||
|
if (!FIPS_selftest_sha2())
|
||||||
|
diff -up openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg openssl-1.1.1g/crypto/fips/fips_rand_lib.c
|
||||||
|
--- openssl-1.1.1g/crypto/fips/fips_rand_lib.c.rewire-fips-drbg 2020-06-22 13:32:47.613852927 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/fips/fips_rand_lib.c 2020-06-22 13:36:28.722817967 +0200
|
||||||
|
@@ -120,6 +120,7 @@ void FIPS_rand_reset(void)
|
||||||
|
|
||||||
|
int FIPS_rand_seed(const void *buf, int num)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||||
|
FIPSerr(FIPS_F_FIPS_RAND_SEED, FIPS_R_NON_FIPS_METHOD);
|
||||||
|
return 0;
|
||||||
|
@@ -127,10 +128,15 @@ int FIPS_rand_seed(const void *buf, int
|
||||||
|
if (fips_rand_meth && fips_rand_meth->seed)
|
||||||
|
fips_rand_meth->seed(buf, num);
|
||||||
|
return 1;
|
||||||
|
+#else
|
||||||
|
+ RAND_seed(buf, num);
|
||||||
|
+ return 1;
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
int FIPS_rand_bytes(unsigned char *buf, int num)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||||
|
FIPSerr(FIPS_F_FIPS_RAND_BYTES, FIPS_R_NON_FIPS_METHOD);
|
||||||
|
return 0;
|
||||||
|
@@ -138,10 +144,14 @@ int FIPS_rand_bytes(unsigned char *buf,
|
||||||
|
if (fips_rand_meth && fips_rand_meth->bytes)
|
||||||
|
return fips_rand_meth->bytes(buf, num);
|
||||||
|
return 0;
|
||||||
|
+#else
|
||||||
|
+ return RAND_bytes(buf, num);
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
int FIPS_rand_status(void)
|
||||||
|
{
|
||||||
|
+#if 0
|
||||||
|
if (!fips_approved_rand_meth && FIPS_module_mode()) {
|
||||||
|
FIPSerr(FIPS_F_FIPS_RAND_STATUS, FIPS_R_NON_FIPS_METHOD);
|
||||||
|
return 0;
|
||||||
|
@@ -149,6 +159,9 @@ int FIPS_rand_status(void)
|
||||||
|
if (fips_rand_meth && fips_rand_meth->status)
|
||||||
|
return fips_rand_meth->status();
|
||||||
|
return 0;
|
||||||
|
+#else
|
||||||
|
+ return RAND_status();
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Return instantiated strength of PRNG. For DRBG this is an internal
|
||||||
|
diff -up openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/fips.h.rewire-fips-drbg 2020-06-22 13:32:47.672852918 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/fips.h 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -64,6 +64,11 @@ extern "C" {
|
||||||
|
|
||||||
|
int FIPS_selftest(void);
|
||||||
|
int FIPS_selftest_failed(void);
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ * This function is deprecated as it performs selftest of the old FIPS drbg
|
||||||
|
+ * implementation that is not validated.
|
||||||
|
+ */
|
||||||
|
int FIPS_selftest_drbg_all(void);
|
||||||
|
|
||||||
|
int FIPS_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
|
||||||
|
diff -up openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg openssl-1.1.1g/include/openssl/fips_rand.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/fips_rand.h.rewire-fips-drbg 2020-06-22 13:32:47.617852926 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/fips_rand.h 2020-06-22 13:32:47.675852917 +0200
|
||||||
|
@@ -60,6 +60,20 @@
|
||||||
|
# ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
# endif
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * IMPORTANT NOTE:
|
||||||
|
+ * All functions in this header file are deprecated and should not be used
|
||||||
|
+ * as they use the old FIPS_drbg implementation that is not FIPS validated
|
||||||
|
+ * anymore.
|
||||||
|
+ * To provide backwards compatibility for applications that need FIPS compliant
|
||||||
|
+ * RNG number generation and use FIPS_drbg_generate, this function was
|
||||||
|
+ * re-wired to call the FIPS validated DRBG instance instead through
|
||||||
|
+ * the RAND_bytes() call.
|
||||||
|
+ *
|
||||||
|
+ * All these functions will be removed in future.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
typedef struct drbg_ctx_st DRBG_CTX;
|
||||||
|
/* DRBG external flags */
|
||||||
|
/* Flag for CTR mode only: use derivation function ctr_df */
|
2306
openssl-1.1.1-s390x-ecc.patch
Normal file
2306
openssl-1.1.1-s390x-ecc.patch
Normal file
File diff suppressed because it is too large
Load Diff
5502
openssl-1.1.1-s390x-update.patch
Normal file
5502
openssl-1.1.1-s390x-update.patch
Normal file
File diff suppressed because it is too large
Load Diff
160
openssl-1.1.1-seclevel.patch
Normal file
160
openssl-1.1.1-seclevel.patch
Normal file
@ -0,0 +1,160 @@
|
|||||||
|
diff -up openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel openssl-1.1.1g/crypto/x509/x509_vfy.c
|
||||||
|
--- openssl-1.1.1g/crypto/x509/x509_vfy.c.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/crypto/x509/x509_vfy.c 2020-06-05 17:16:54.835536823 +0200
|
||||||
|
@@ -3225,6 +3225,7 @@ static int build_chain(X509_STORE_CTX *c
|
||||||
|
}
|
||||||
|
|
||||||
|
static const int minbits_table[] = { 80, 112, 128, 192, 256 };
|
||||||
|
+static const int minbits_digest_table[] = { 80, 80, 128, 192, 256 };
|
||||||
|
static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -3276,6 +3277,11 @@ static int check_sig_level(X509_STORE_CT
|
||||||
|
|
||||||
|
if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
|
||||||
|
return 0;
|
||||||
|
-
|
||||||
|
- return secbits >= minbits_table[level - 1];
|
||||||
|
+ /*
|
||||||
|
+ * Allow SHA1 in SECLEVEL 2 in non-FIPS mode or when the magic
|
||||||
|
+ * disable SHA1 flag is not set.
|
||||||
|
+ */
|
||||||
|
+ if ((ctx->param->flags & 0x40000000) || FIPS_mode())
|
||||||
|
+ return secbits >= minbits_table[level - 1];
|
||||||
|
+ return secbits >= minbits_digest_table[level - 1];
|
||||||
|
}
|
||||||
|
diff -up openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod
|
||||||
|
--- openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/doc/man3/SSL_CTX_set_security_level.pod 2020-06-04 15:48:01.608178833 +0200
|
||||||
|
@@ -81,8 +81,10 @@ using MD5 for the MAC is also prohibited
|
||||||
|
|
||||||
|
=item B<Level 2>
|
||||||
|
|
||||||
|
-Security level set to 112 bits of security. As a result RSA, DSA and DH keys
|
||||||
|
-shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited.
|
||||||
|
+Security level set to 112 bits of security with the exception of SHA1 allowed
|
||||||
|
+for signatures.
|
||||||
|
+As a result RSA, DSA and DH keys shorter than 2048 bits and ECC keys
|
||||||
|
+shorter than 224 bits are prohibited.
|
||||||
|
In addition to the level 1 exclusions any cipher suite using RC4 is also
|
||||||
|
prohibited. SSL version 3 is also not allowed. Compression is disabled.
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1g/ssl/ssl_cert.c.seclevel openssl-1.1.1g/ssl/ssl_cert.c
|
||||||
|
--- openssl-1.1.1g/ssl/ssl_cert.c.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/ssl_cert.c 2020-06-05 17:10:11.842198401 +0200
|
||||||
|
@@ -27,6 +27,7 @@
|
||||||
|
static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
|
||||||
|
int op, int bits, int nid, void *other,
|
||||||
|
void *ex);
|
||||||
|
+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx);
|
||||||
|
|
||||||
|
static CRYPTO_ONCE ssl_x509_store_ctx_once = CRYPTO_ONCE_STATIC_INIT;
|
||||||
|
static volatile int ssl_x509_store_ctx_idx = -1;
|
||||||
|
@@ -396,7 +397,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_
|
||||||
|
X509_VERIFY_PARAM_set_auth_level(param, SSL_get_security_level(s));
|
||||||
|
|
||||||
|
/* Set suite B flags if needed */
|
||||||
|
- X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s));
|
||||||
|
+ X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s) | sha1_disable(s, NULL));
|
||||||
|
if (!X509_STORE_CTX_set_ex_data
|
||||||
|
(ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s)) {
|
||||||
|
goto end;
|
||||||
|
@@ -953,12 +954,33 @@ static int ssl_security_default_callback
|
||||||
|
return 0;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
+ /* allow SHA1 in SECLEVEL 2 in non FIPS mode */
|
||||||
|
+ if (nid == NID_sha1 && minbits == 112 && !sha1_disable(s, ctx))
|
||||||
|
+ break;
|
||||||
|
if (bits < minbits)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static unsigned long sha1_disable(const SSL *s, const SSL_CTX *ctx)
|
||||||
|
+{
|
||||||
|
+ unsigned long ret = 0x40000000; /* a magical internal value used by X509_VERIFY_PARAM */
|
||||||
|
+ const CERT *c;
|
||||||
|
+
|
||||||
|
+ if (FIPS_mode())
|
||||||
|
+ return ret;
|
||||||
|
+
|
||||||
|
+ if (ctx != NULL) {
|
||||||
|
+ c = ctx->cert;
|
||||||
|
+ } else {
|
||||||
|
+ c = s->cert;
|
||||||
|
+ }
|
||||||
|
+ if (tls1_cert_sigalgs_have_sha1(c))
|
||||||
|
+ return 0;
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
int ssl_security(const SSL *s, int op, int bits, int nid, void *other)
|
||||||
|
{
|
||||||
|
return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex);
|
||||||
|
diff -up openssl-1.1.1g/ssl/ssl_local.h.seclevel openssl-1.1.1g/ssl/ssl_local.h
|
||||||
|
--- openssl-1.1.1g/ssl/ssl_local.h.seclevel 2020-06-04 15:48:01.602178783 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/ssl_local.h 2020-06-05 17:02:22.666313410 +0200
|
||||||
|
@@ -2576,6 +2576,7 @@ __owur int tls1_save_sigalgs(SSL *s, PAC
|
||||||
|
__owur int tls1_process_sigalgs(SSL *s);
|
||||||
|
__owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
|
||||||
|
__owur int tls1_lookup_md(const SIGALG_LOOKUP *lu, const EVP_MD **pmd);
|
||||||
|
+int tls1_cert_sigalgs_have_sha1(const CERT *c);
|
||||||
|
__owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
__owur int tls_check_sigalg_curve(const SSL *s, int curve);
|
||||||
|
diff -up openssl-1.1.1g/ssl/t1_lib.c.seclevel openssl-1.1.1g/ssl/t1_lib.c
|
||||||
|
--- openssl-1.1.1g/ssl/t1_lib.c.seclevel 2020-06-04 15:48:01.654179221 +0200
|
||||||
|
+++ openssl-1.1.1g/ssl/t1_lib.c 2020-06-05 17:02:40.268459157 +0200
|
||||||
|
@@ -2145,6 +2145,36 @@ int tls1_set_sigalgs(CERT *c, const int
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int tls1_sigalgs_have_sha1(const uint16_t *sigalgs, size_t sigalgslen)
|
||||||
|
+{
|
||||||
|
+ size_t i;
|
||||||
|
+
|
||||||
|
+ for (i = 0; i < sigalgslen; i++, sigalgs++) {
|
||||||
|
+ const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs);
|
||||||
|
+
|
||||||
|
+ if (lu == NULL)
|
||||||
|
+ continue;
|
||||||
|
+ if (lu->hash == NID_sha1)
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+int tls1_cert_sigalgs_have_sha1(const CERT *c)
|
||||||
|
+{
|
||||||
|
+ if (c->client_sigalgs != NULL) {
|
||||||
|
+ if (tls1_sigalgs_have_sha1(c->client_sigalgs, c->client_sigalgslen))
|
||||||
|
+ return 1;
|
||||||
|
+ }
|
||||||
|
+ if (c->conf_sigalgs != NULL) {
|
||||||
|
+ if (tls1_sigalgs_have_sha1(c->conf_sigalgs, c->conf_sigalgslen))
|
||||||
|
+ return 1;
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
|
||||||
|
{
|
||||||
|
int sig_nid, use_pc_sigalgs = 0;
|
||||||
|
diff -up openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel openssl-1.1.1g/test/recipes/25-test_verify.t
|
||||||
|
--- openssl-1.1.1g/test/recipes/25-test_verify.t.seclevel 2020-04-21 14:22:39.000000000 +0200
|
||||||
|
+++ openssl-1.1.1g/test/recipes/25-test_verify.t 2020-06-04 15:48:01.608178833 +0200
|
||||||
|
@@ -346,8 +346,8 @@ ok(verify("ee-pss-sha1-cert", "sslserver
|
||||||
|
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),
|
||||||
|
"CA with PSS signature using SHA256");
|
||||||
|
|
||||||
|
-ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
||||||
|
- "Reject PSS signature using SHA1 and auth level 2");
|
||||||
|
+ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"),
|
||||||
|
+ "Reject PSS signature using SHA1 and auth level 3");
|
||||||
|
|
||||||
|
ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),
|
||||||
|
"PSS signature using SHA256 and auth level 2");
|
5612
openssl-1.1.1-ssh-kdf.patch
Normal file
5612
openssl-1.1.1-ssh-kdf.patch
Normal file
File diff suppressed because it is too large
Load Diff
310
openssl-1.1.1-system-cipherlist.patch
Normal file
310
openssl-1.1.1-system-cipherlist.patch
Normal file
@ -0,0 +1,310 @@
|
|||||||
|
diff -up openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.1c/Configurations/unix-Makefile.tmpl
|
||||||
|
--- openssl-1.1.1c/Configurations/unix-Makefile.tmpl.system-cipherlist 2019-05-29 15:42:27.951329271 +0200
|
||||||
|
+++ openssl-1.1.1c/Configurations/unix-Makefile.tmpl 2019-05-29 15:42:27.974328867 +0200
|
||||||
|
@@ -180,6 +180,10 @@ MANDIR=$(INSTALLTOP)/share/man
|
||||||
|
DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
|
||||||
|
HTMLDIR=$(DOCDIR)/html
|
||||||
|
|
||||||
|
+{- output_off() if $config{system_ciphers_file} eq ""; "" -}
|
||||||
|
+SYSTEM_CIPHERS_FILE_DEFINE=-DSYSTEM_CIPHERS_FILE="\"{- $config{system_ciphers_file} -}\""
|
||||||
|
+{- output_on() if $config{system_ciphers_file} eq ""; "" -}
|
||||||
|
+
|
||||||
|
# MANSUFFIX is for the benefit of anyone who may want to have a suffix
|
||||||
|
# appended after the manpage file section number. "ssl" is popular,
|
||||||
|
# resulting in files such as config.5ssl rather than config.5.
|
||||||
|
@@ -203,6 +207,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -}
|
||||||
|
CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -}
|
||||||
|
CPPFLAGS={- our $cppflags1 = join(" ",
|
||||||
|
(map { "-D".$_} @{$config{CPPDEFINES}}),
|
||||||
|
+ "\$(SYSTEM_CIPHERS_FILE_DEFINE)",
|
||||||
|
(map { "-I".$_} @{$config{CPPINCLUDES}}),
|
||||||
|
@{$config{CPPFLAGS}}) -}
|
||||||
|
CFLAGS={- join(' ', @{$config{CFLAGS}}) -}
|
||||||
|
diff -up openssl-1.1.1c/Configure.system-cipherlist openssl-1.1.1c/Configure
|
||||||
|
--- openssl-1.1.1c/Configure.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||||
|
+++ openssl-1.1.1c/Configure 2019-05-29 15:45:10.465469533 +0200
|
||||||
|
@@ -24,7 +24,7 @@ use OpenSSL::Glob;
|
||||||
|
my $orig_death_handler = $SIG{__DIE__};
|
||||||
|
$SIG{__DIE__} = \&death_handler;
|
||||||
|
|
||||||
|
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||||
|
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
|
||||||
|
|
||||||
|
# Options:
|
||||||
|
#
|
||||||
|
@@ -41,6 +41,9 @@ my $usage="Usage: Configure [no-<cipher>
|
||||||
|
# This becomes the value of OPENSSLDIR in Makefile and in C.
|
||||||
|
# (Default: PREFIX/ssl)
|
||||||
|
#
|
||||||
|
+# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM
|
||||||
|
+# cipher is specified (default).
|
||||||
|
+#
|
||||||
|
# --cross-compile-prefix Add specified prefix to binutils components.
|
||||||
|
#
|
||||||
|
# --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for
|
||||||
|
@@ -295,6 +298,7 @@ $config{prefix}="";
|
||||||
|
$config{openssldir}="";
|
||||||
|
$config{processor}="";
|
||||||
|
$config{libdir}="";
|
||||||
|
+$config{system_ciphers_file}="";
|
||||||
|
my $auto_threads=1; # enable threads automatically? true by default
|
||||||
|
my $default_ranlib;
|
||||||
|
|
||||||
|
@@ -824,6 +828,10 @@ while (@argvcopy)
|
||||||
|
push @seed_sources, $x;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+ elsif (/^--system-ciphers-file=(.*)$/)
|
||||||
|
+ {
|
||||||
|
+ $config{system_ciphers_file}=$1;
|
||||||
|
+ }
|
||||||
|
elsif (/^--cross-compile-prefix=(.*)$/)
|
||||||
|
{
|
||||||
|
$user{CROSS_COMPILE}=$1;
|
||||||
|
@@ -1016,6 +1024,8 @@ if ($target eq "HASH") {
|
||||||
|
exit 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+chop $config{system_ciphers_file} if $config{system_ciphers_file} =~ /\/$/;
|
||||||
|
+
|
||||||
|
print "Configuring OpenSSL version $config{version} ($config{version_num}) ";
|
||||||
|
print "for $target\n";
|
||||||
|
|
||||||
|
diff -up openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist openssl-1.1.1c/doc/man1/ciphers.pod
|
||||||
|
--- openssl-1.1.1c/doc/man1/ciphers.pod.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||||
|
+++ openssl-1.1.1c/doc/man1/ciphers.pod 2019-05-29 15:42:27.975328849 +0200
|
||||||
|
@@ -182,6 +182,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher s
|
||||||
|
|
||||||
|
The cipher suites not enabled by B<ALL>, currently B<eNULL>.
|
||||||
|
|
||||||
|
+=item B<PROFILE=SYSTEM>
|
||||||
|
+
|
||||||
|
+The list of enabled cipher suites will be loaded from the system crypto policy
|
||||||
|
+configuration file B</etc/crypto-policies/back-ends/openssl.config>.
|
||||||
|
+See also L<update-crypto-policies(8)>.
|
||||||
|
+This is the default behavior unless an application explicitly sets a cipher
|
||||||
|
+list. If used in a cipher list configuration value this string must be at the
|
||||||
|
+beginning of the cipher list, otherwise it will not be recognized.
|
||||||
|
+
|
||||||
|
=item B<HIGH>
|
||||||
|
|
||||||
|
"High" encryption cipher suites. This currently means those with key lengths
|
||||||
|
diff -up openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist openssl-1.1.1c/include/openssl/ssl.h
|
||||||
|
--- openssl-1.1.1c/include/openssl/ssl.h.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||||
|
+++ openssl-1.1.1c/include/openssl/ssl.h 2019-05-29 15:42:27.975328849 +0200
|
||||||
|
@@ -186,6 +186,11 @@ extern "C" {
|
||||||
|
* throwing out anonymous and unencrypted ciphersuites! (The latter are not
|
||||||
|
* actually enabled by ALL, but "ALL:RSA" would enable some of them.)
|
||||||
|
*/
|
||||||
|
+# ifdef SYSTEM_CIPHERS_FILE
|
||||||
|
+# define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
|
||||||
|
+# else
|
||||||
|
+# define SSL_SYSTEM_DEFAULT_CIPHER_LIST SSL_DEFAULT_CIPHER_LIST
|
||||||
|
+# endif
|
||||||
|
|
||||||
|
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
|
||||||
|
# define SSL_SENT_SHUTDOWN 1
|
||||||
|
diff -up openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.1c/ssl/ssl_ciph.c
|
||||||
|
--- openssl-1.1.1c/ssl/ssl_ciph.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||||
|
+++ openssl-1.1.1c/ssl/ssl_ciph.c 2019-05-29 15:42:27.976328831 +0200
|
||||||
|
@@ -9,6 +9,8 @@
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
+/* for secure_getenv */
|
||||||
|
+#define _GNU_SOURCE
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <ctype.h>
|
||||||
|
#include <openssl/objects.h>
|
||||||
|
@@ -1399,6 +1401,53 @@ int SSL_set_ciphersuites(SSL *s, const c
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef SYSTEM_CIPHERS_FILE
|
||||||
|
+static char *load_system_str(const char *suffix)
|
||||||
|
+{
|
||||||
|
+ FILE *fp;
|
||||||
|
+ char buf[1024];
|
||||||
|
+ char *new_rules;
|
||||||
|
+ const char *ciphers_path;
|
||||||
|
+ unsigned len, slen;
|
||||||
|
+
|
||||||
|
+ if ((ciphers_path = secure_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL)
|
||||||
|
+ ciphers_path = SYSTEM_CIPHERS_FILE;
|
||||||
|
+ fp = fopen(ciphers_path, "r");
|
||||||
|
+ if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL) {
|
||||||
|
+ /* cannot open or file is empty */
|
||||||
|
+ snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (fp)
|
||||||
|
+ fclose(fp);
|
||||||
|
+
|
||||||
|
+ slen = strlen(suffix);
|
||||||
|
+ len = strlen(buf);
|
||||||
|
+
|
||||||
|
+ if (buf[len - 1] == '\n') {
|
||||||
|
+ len--;
|
||||||
|
+ buf[len] = 0;
|
||||||
|
+ }
|
||||||
|
+ if (buf[len - 1] == '\r') {
|
||||||
|
+ len--;
|
||||||
|
+ buf[len] = 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ new_rules = OPENSSL_malloc(len + slen + 1);
|
||||||
|
+ if (new_rules == 0)
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
+ memcpy(new_rules, buf, len);
|
||||||
|
+ if (slen > 0) {
|
||||||
|
+ memcpy(&new_rules[len], suffix, slen);
|
||||||
|
+ len += slen;
|
||||||
|
+ }
|
||||||
|
+ new_rules[len] = 0;
|
||||||
|
+
|
||||||
|
+ return new_rules;
|
||||||
|
+}
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
||||||
|
STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
|
||||||
|
STACK_OF(SSL_CIPHER) **cipher_list,
|
||||||
|
@@ -1412,15 +1461,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
const char *rule_p;
|
||||||
|
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
|
||||||
|
const SSL_CIPHER **ca_list = NULL;
|
||||||
|
+#ifdef SYSTEM_CIPHERS_FILE
|
||||||
|
+ char *new_rules = NULL;
|
||||||
|
+
|
||||||
|
+ if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) {
|
||||||
|
+ char *p = rule_str + 14;
|
||||||
|
+
|
||||||
|
+ new_rules = load_system_str(p);
|
||||||
|
+ rule_str = new_rules;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Return with error if nothing to do.
|
||||||
|
*/
|
||||||
|
if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
|
||||||
|
- return NULL;
|
||||||
|
+ goto err;
|
||||||
|
#ifndef OPENSSL_NO_EC
|
||||||
|
if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
|
||||||
|
- return NULL;
|
||||||
|
+ goto err;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -1443,7 +1502,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
|
||||||
|
if (co_list == NULL) {
|
||||||
|
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
|
||||||
|
- return NULL; /* Failure */
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
|
||||||
|
@@ -1509,8 +1568,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
* in force within each class
|
||||||
|
*/
|
||||||
|
if (!ssl_cipher_strength_sort(&head, &tail)) {
|
||||||
|
- OPENSSL_free(co_list);
|
||||||
|
- return NULL;
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -1555,9 +1613,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
|
||||||
|
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
|
||||||
|
if (ca_list == NULL) {
|
||||||
|
- OPENSSL_free(co_list);
|
||||||
|
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
|
||||||
|
- return NULL; /* Failure */
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
|
||||||
|
disabled_mkey, disabled_auth, disabled_enc,
|
||||||
|
@@ -1583,8 +1640,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
OPENSSL_free(ca_list); /* Not needed anymore */
|
||||||
|
|
||||||
|
if (!ok) { /* Rule processing failure */
|
||||||
|
- OPENSSL_free(co_list);
|
||||||
|
- return NULL;
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -1592,14 +1648,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
* if we cannot get one.
|
||||||
|
*/
|
||||||
|
if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
|
||||||
|
- OPENSSL_free(co_list);
|
||||||
|
- return NULL;
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef SYSTEM_CIPHERS_FILE
|
||||||
|
+ OPENSSL_free(new_rules); /* Not needed anymore */
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Add TLSv1.3 ciphers first - we always prefer those if possible */
|
||||||
|
for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
|
||||||
|
if (!sk_SSL_CIPHER_push(cipherstack,
|
||||||
|
sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
|
||||||
|
+ OPENSSL_free(co_list);
|
||||||
|
sk_SSL_CIPHER_free(cipherstack);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
@@ -1631,6 +1691,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
|
||||||
|
*cipher_list = cipherstack;
|
||||||
|
|
||||||
|
return cipherstack;
|
||||||
|
+
|
||||||
|
+err:
|
||||||
|
+ OPENSSL_free(co_list);
|
||||||
|
+#ifdef SYSTEM_CIPHERS_FILE
|
||||||
|
+ OPENSSL_free(new_rules);
|
||||||
|
+#endif
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
}
|
||||||
|
|
||||||
|
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
||||||
|
diff -up openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist openssl-1.1.1c/ssl/ssl_lib.c
|
||||||
|
--- openssl-1.1.1c/ssl/ssl_lib.c.system-cipherlist 2019-05-29 15:42:27.970328937 +0200
|
||||||
|
+++ openssl-1.1.1c/ssl/ssl_lib.c 2019-05-29 15:42:27.977328814 +0200
|
||||||
|
@@ -662,7 +662,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
|
||||||
|
ctx->tls13_ciphersuites,
|
||||||
|
&(ctx->cipher_list),
|
||||||
|
&(ctx->cipher_list_by_id),
|
||||||
|
- SSL_DEFAULT_CIPHER_LIST, ctx->cert);
|
||||||
|
+ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ctx->cert);
|
||||||
|
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
|
||||||
|
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
|
||||||
|
return 0;
|
||||||
|
@@ -2954,7 +2954,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
||||||
|
if (!ssl_create_cipher_list(ret->method,
|
||||||
|
ret->tls13_ciphersuites,
|
||||||
|
&ret->cipher_list, &ret->cipher_list_by_id,
|
||||||
|
- SSL_DEFAULT_CIPHER_LIST, ret->cert)
|
||||||
|
+ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert)
|
||||||
|
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
|
||||||
|
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
|
||||||
|
goto err2;
|
||||||
|
diff -up openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist openssl-1.1.1c/test/cipherlist_test.c
|
||||||
|
--- openssl-1.1.1c/test/cipherlist_test.c.system-cipherlist 2019-05-28 15:12:21.000000000 +0200
|
||||||
|
+++ openssl-1.1.1c/test/cipherlist_test.c 2019-05-29 15:42:27.977328814 +0200
|
||||||
|
@@ -251,7 +251,9 @@ end:
|
||||||
|
|
||||||
|
int setup_tests(void)
|
||||||
|
{
|
||||||
|
+#ifndef SYSTEM_CIPHERS_FILE
|
||||||
|
ADD_TEST(test_default_cipherlist_implicit);
|
||||||
|
+#endif
|
||||||
|
ADD_TEST(test_default_cipherlist_explicit);
|
||||||
|
ADD_TEST(test_default_cipherlist_clear);
|
||||||
|
return 1;
|
70
openssl-1.1.1-ts-sha256-default.patch
Normal file
70
openssl-1.1.1-ts-sha256-default.patch
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
diff -up openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default openssl-1.1.1h/apps/openssl.cnf
|
||||||
|
--- openssl-1.1.1h/apps/openssl.cnf.ts-sha256-default 2020-11-06 11:07:28.850100899 +0100
|
||||||
|
+++ openssl-1.1.1h/apps/openssl.cnf 2020-11-06 11:11:28.042913791 +0100
|
||||||
|
@@ -364,5 +348,5 @@ tsa_name = yes # Must the TSA name be i
|
||||||
|
# (optional, default: no)
|
||||||
|
ess_cert_id_chain = no # Must the ESS cert id chain be included?
|
||||||
|
# (optional, default: no)
|
||||||
|
-ess_cert_id_alg = sha1 # algorithm to compute certificate
|
||||||
|
+ess_cert_id_alg = sha256 # algorithm to compute certificate
|
||||||
|
# identifier (optional, default: sha1)
|
||||||
|
diff -up openssl-1.1.1h/apps/ts.c.ts-sha256-default openssl-1.1.1h/apps/ts.c
|
||||||
|
--- openssl-1.1.1h/apps/ts.c.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200
|
||||||
|
+++ openssl-1.1.1h/apps/ts.c 2020-11-06 11:07:28.883101220 +0100
|
||||||
|
@@ -423,7 +423,7 @@ static TS_REQ *create_query(BIO *data_bi
|
||||||
|
ASN1_OBJECT *policy_obj = NULL;
|
||||||
|
ASN1_INTEGER *nonce_asn1 = NULL;
|
||||||
|
|
||||||
|
- if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
|
||||||
|
+ if (md == NULL && (md = EVP_get_digestbyname("sha256")) == NULL)
|
||||||
|
goto err;
|
||||||
|
if ((ts_req = TS_REQ_new()) == NULL)
|
||||||
|
goto err;
|
||||||
|
diff -up openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default openssl-1.1.1h/crypto/ts/ts_conf.c
|
||||||
|
--- openssl-1.1.1h/crypto/ts/ts_conf.c.ts-sha256-default 2020-11-06 12:03:51.226372867 +0100
|
||||||
|
+++ openssl-1.1.1h/crypto/ts/ts_conf.c 2020-11-06 12:04:01.713488990 +0100
|
||||||
|
@@ -476,7 +476,7 @@ int TS_CONF_set_ess_cert_id_digest(CONF
|
||||||
|
const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG);
|
||||||
|
|
||||||
|
if (md == NULL)
|
||||||
|
- md = "sha1";
|
||||||
|
+ md = "sha256";
|
||||||
|
|
||||||
|
cert_md = EVP_get_digestbyname(md);
|
||||||
|
if (cert_md == NULL) {
|
||||||
|
diff -up openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default openssl-1.1.1h/doc/man1/ts.pod
|
||||||
|
--- openssl-1.1.1h/doc/man1/ts.pod.ts-sha256-default 2020-09-22 14:55:07.000000000 +0200
|
||||||
|
+++ openssl-1.1.1h/doc/man1/ts.pod 2020-11-06 11:07:28.883101220 +0100
|
||||||
|
@@ -518,7 +518,7 @@ included. Default is no. (Optional)
|
||||||
|
=item B<ess_cert_id_alg>
|
||||||
|
|
||||||
|
This option specifies the hash function to be used to calculate the TSA's
|
||||||
|
-public key certificate identifier. Default is sha1. (Optional)
|
||||||
|
+public key certificate identifier. Default is sha256. (Optional)
|
||||||
|
|
||||||
|
=back
|
||||||
|
|
||||||
|
@@ -530,7 +530,7 @@ openssl/apps/openssl.cnf will do.
|
||||||
|
|
||||||
|
=head2 Time Stamp Request
|
||||||
|
|
||||||
|
-To create a timestamp request for design1.txt with SHA-1
|
||||||
|
+To create a timestamp request for design1.txt with SHA-256
|
||||||
|
without nonce and policy and no certificate is required in the response:
|
||||||
|
|
||||||
|
openssl ts -query -data design1.txt -no_nonce \
|
||||||
|
@@ -546,12 +546,12 @@ To print the content of the previous req
|
||||||
|
|
||||||
|
openssl ts -query -in design1.tsq -text
|
||||||
|
|
||||||
|
-To create a timestamp request which includes the MD-5 digest
|
||||||
|
+To create a timestamp request which includes the SHA-512 digest
|
||||||
|
of design2.txt, requests the signer certificate and nonce,
|
||||||
|
specifies a policy id (assuming the tsa_policy1 name is defined in the
|
||||||
|
OID section of the config file):
|
||||||
|
|
||||||
|
- openssl ts -query -data design2.txt -md5 \
|
||||||
|
+ openssl ts -query -data design2.txt -sha512 \
|
||||||
|
-tspolicy tsa_policy1 -cert -out design2.tsq
|
||||||
|
|
||||||
|
=head2 Time Stamp Response
|
38
openssl-1.1.1-version-add-engines.patch
Normal file
38
openssl-1.1.1-version-add-engines.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
diff -up openssl-1.1.1-pre8/apps/version.c.version-add-engines openssl-1.1.1-pre8/apps/version.c
|
||||||
|
--- openssl-1.1.1-pre8/apps/version.c.version-add-engines 2018-06-20 16:48:09.000000000 +0200
|
||||||
|
+++ openssl-1.1.1-pre8/apps/version.c 2018-07-16 18:00:40.608624346 +0200
|
||||||
|
@@ -64,7 +64,7 @@ int version_main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
int ret = 1, dirty = 0, seed = 0;
|
||||||
|
int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;
|
||||||
|
- int engdir = 0;
|
||||||
|
+ int engdir = 0, engines = 0;
|
||||||
|
char *prog;
|
||||||
|
OPTION_CHOICE o;
|
||||||
|
|
||||||
|
@@ -106,7 +106,7 @@ opthelp:
|
||||||
|
break;
|
||||||
|
case OPT_A:
|
||||||
|
seed = options = cflags = version = date = platform = dir = engdir
|
||||||
|
- = 1;
|
||||||
|
+ = engines = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -188,6 +188,16 @@ opthelp:
|
||||||
|
#endif
|
||||||
|
printf("\n");
|
||||||
|
}
|
||||||
|
+ if (engines) {
|
||||||
|
+ ENGINE *e;
|
||||||
|
+ printf("engines: ");
|
||||||
|
+ e = ENGINE_get_first();
|
||||||
|
+ while (e) {
|
||||||
|
+ printf("%s ", ENGINE_get_id(e));
|
||||||
|
+ e = ENGINE_get_next(e);
|
||||||
|
+ }
|
||||||
|
+ printf("\n");
|
||||||
|
+ }
|
||||||
|
ret = 0;
|
||||||
|
end:
|
||||||
|
return ret;
|
12
openssl-1.1.1-version-override.patch
Normal file
12
openssl-1.1.1-version-override.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up openssl-1.1.1g/include/openssl/opensslv.h.version-override openssl-1.1.1g/include/openssl/opensslv.h
|
||||||
|
--- openssl-1.1.1g/include/openssl/opensslv.h.version-override 2020-04-23 13:29:37.802673513 +0200
|
||||||
|
+++ openssl-1.1.1g/include/openssl/opensslv.h 2020-04-23 13:30:13.064008458 +0200
|
||||||
|
@@ -40,7 +40,7 @@ extern "C" {
|
||||||
|
* major minor fix final patch/beta)
|
||||||
|
*/
|
||||||
|
# define OPENSSL_VERSION_NUMBER 0x1010108fL
|
||||||
|
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h 22 Sep 2020"
|
||||||
|
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1h FIPS 22 Sep 2020"
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* The macros below are to be used for shared library (.so, .dll, ...)
|
57
openssl-1.1.1-weak-ciphers.patch
Normal file
57
openssl-1.1.1-weak-ciphers.patch
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
diff -up openssl-1.1.1/ssl/s3_lib.c.weak-ciphers openssl-1.1.1/ssl/s3_lib.c
|
||||||
|
--- openssl-1.1.1/ssl/s3_lib.c.weak-ciphers 2018-09-11 14:48:23.000000000 +0200
|
||||||
|
+++ openssl-1.1.1/ssl/s3_lib.c 2018-09-17 12:53:33.850637181 +0200
|
||||||
|
@@ -2612,7 +2612,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||||
|
SSL_GOST89MAC,
|
||||||
|
TLS1_VERSION, TLS1_2_VERSION,
|
||||||
|
0, 0,
|
||||||
|
- SSL_HIGH,
|
||||||
|
+ SSL_MEDIUM,
|
||||||
|
SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
|
||||||
|
256,
|
||||||
|
256,
|
||||||
|
@@ -2644,7 +2644,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||||
|
SSL_GOST89MAC12,
|
||||||
|
TLS1_VERSION, TLS1_2_VERSION,
|
||||||
|
0, 0,
|
||||||
|
- SSL_HIGH,
|
||||||
|
+ SSL_MEDIUM,
|
||||||
|
SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
|
||||||
|
256,
|
||||||
|
256,
|
||||||
|
@@ -2753,7 +2753,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||||
|
},
|
||||||
|
#endif /* OPENSSL_NO_SEED */
|
||||||
|
|
||||||
|
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||||
|
+#if 0 /* No MD5 ciphersuites */
|
||||||
|
{
|
||||||
|
1,
|
||||||
|
SSL3_TXT_RSA_RC4_128_MD5,
|
||||||
|
@@ -2770,6 +2770,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||||
|
128,
|
||||||
|
128,
|
||||||
|
},
|
||||||
|
+#endif
|
||||||
|
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||||
|
{
|
||||||
|
1,
|
||||||
|
SSL3_TXT_RSA_RC4_128_SHA,
|
||||||
|
@@ -2786,6 +2788,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||||
|
128,
|
||||||
|
128,
|
||||||
|
},
|
||||||
|
+#endif
|
||||||
|
+#if 0
|
||||||
|
{
|
||||||
|
1,
|
||||||
|
SSL3_TXT_ADH_RC4_128_MD5,
|
||||||
|
@@ -2802,6 +2806,8 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
||||||
|
128,
|
||||||
|
128,
|
||||||
|
},
|
||||||
|
+#endif
|
||||||
|
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
|
||||||
|
{
|
||||||
|
1,
|
||||||
|
TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
|
@ -1,400 +0,0 @@
|
|||||||
/* Test program to verify that RSA signing is thread-safe in OpenSSL. */
|
|
||||||
|
|
||||||
#include <assert.h>
|
|
||||||
#include <errno.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#include <limits.h>
|
|
||||||
#include <pthread.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <string.h>
|
|
||||||
#include <unistd.h>
|
|
||||||
|
|
||||||
#include <openssl/crypto.h>
|
|
||||||
#include <openssl/err.h>
|
|
||||||
#include <openssl/objects.h>
|
|
||||||
#include <openssl/rand.h>
|
|
||||||
#include <openssl/rsa.h>
|
|
||||||
#include <openssl/md5.h>
|
|
||||||
#include <openssl/ssl.h>
|
|
||||||
|
|
||||||
/* Just assume we want to do engine stuff if we're using 0.9.6b or
|
|
||||||
* higher. This assumption is only valid for versions bundled with RHL. */
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x0090602fL
|
|
||||||
#include <openssl/engine.h>
|
|
||||||
#define USE_ENGINE
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define MAX_THREAD_COUNT 10000
|
|
||||||
#define ITERATION_COUNT 10
|
|
||||||
#define MAIN_COUNT 100
|
|
||||||
|
|
||||||
/* OpenSSL requires us to provide thread ID and locking primitives. */
|
|
||||||
pthread_mutex_t *mutex_locks = NULL;
|
|
||||||
static unsigned long
|
|
||||||
thread_id_cb(void)
|
|
||||||
{
|
|
||||||
return (unsigned long) pthread_self();
|
|
||||||
}
|
|
||||||
static void
|
|
||||||
lock_cb(int mode, int n, const char *file, int line)
|
|
||||||
{
|
|
||||||
if (mode & CRYPTO_LOCK) {
|
|
||||||
pthread_mutex_lock(&mutex_locks[n]);
|
|
||||||
} else {
|
|
||||||
pthread_mutex_unlock(&mutex_locks[n]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
struct thread_args {
|
|
||||||
RSA *rsa;
|
|
||||||
int digest_type;
|
|
||||||
unsigned char *digest;
|
|
||||||
unsigned int digest_len;
|
|
||||||
unsigned char *signature;
|
|
||||||
unsigned int signature_len;
|
|
||||||
pthread_t main_thread;
|
|
||||||
};
|
|
||||||
|
|
||||||
static int print = 0;
|
|
||||||
|
|
||||||
pthread_mutex_t sign_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
||||||
static int locked_sign = 0;
|
|
||||||
static void SIGN_LOCK() {if (locked_sign) pthread_mutex_lock(&sign_lock);}
|
|
||||||
static void SIGN_UNLOCK() {if (locked_sign) pthread_mutex_unlock(&sign_lock);}
|
|
||||||
|
|
||||||
pthread_mutex_t verify_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
||||||
static int locked_verify = 0;
|
|
||||||
static void VERIFY_LOCK() {if (locked_verify) pthread_mutex_lock(&verify_lock);}
|
|
||||||
static void VERIFY_UNLOCK() {if (locked_verify) pthread_mutex_unlock(&verify_lock);}
|
|
||||||
|
|
||||||
pthread_mutex_t failure_count_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
||||||
long failure_count = 0;
|
|
||||||
static void
|
|
||||||
failure()
|
|
||||||
{
|
|
||||||
pthread_mutex_lock(&failure_count_lock);
|
|
||||||
failure_count++;
|
|
||||||
pthread_mutex_unlock(&failure_count_lock);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void *
|
|
||||||
thread_main(void *argp)
|
|
||||||
{
|
|
||||||
struct thread_args *args = argp;
|
|
||||||
unsigned char *signature;
|
|
||||||
unsigned int signature_len, signature_alloc_len;
|
|
||||||
int ret, i;
|
|
||||||
|
|
||||||
signature_alloc_len = args->signature_len;
|
|
||||||
if (RSA_size(args->rsa) > signature_alloc_len) {
|
|
||||||
signature_alloc_len = RSA_size(args->rsa);
|
|
||||||
}
|
|
||||||
signature = malloc(signature_alloc_len);
|
|
||||||
if (signature == NULL) {
|
|
||||||
fprintf(stderr, "Skipping checks in thread %lu -- %s.\n",
|
|
||||||
(unsigned long) pthread_self(), strerror(errno));
|
|
||||||
pthread_exit(0);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
for (i = 0; i < ITERATION_COUNT; i++) {
|
|
||||||
signature_len = signature_alloc_len;
|
|
||||||
SIGN_LOCK();
|
|
||||||
ret = RSA_check_key(args->rsa);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
if (ret != 1) {
|
|
||||||
failure();
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
ret = RSA_sign(args->digest_type,
|
|
||||||
args->digest,
|
|
||||||
args->digest_len,
|
|
||||||
signature, &signature_len,
|
|
||||||
args->rsa);
|
|
||||||
SIGN_UNLOCK();
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
if (ret != 1) {
|
|
||||||
failure();
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
VERIFY_LOCK();
|
|
||||||
ret = RSA_verify(args->digest_type,
|
|
||||||
args->digest,
|
|
||||||
args->digest_len,
|
|
||||||
signature, signature_len,
|
|
||||||
args->rsa);
|
|
||||||
VERIFY_UNLOCK();
|
|
||||||
if (ret != 1) {
|
|
||||||
fprintf(stderr,
|
|
||||||
"Signature from thread %lu(%d) fails "
|
|
||||||
"verification (passed in thread #%lu)!\n",
|
|
||||||
(long) pthread_self(), i,
|
|
||||||
(long) args->main_thread);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
failure();
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, ">%d\n", i);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
free(signature);
|
|
||||||
|
|
||||||
pthread_exit(0);
|
|
||||||
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
unsigned char *
|
|
||||||
xmemdup(unsigned char *s, size_t len)
|
|
||||||
{
|
|
||||||
unsigned char *r;
|
|
||||||
r = malloc(len);
|
|
||||||
if (r == NULL) {
|
|
||||||
fprintf(stderr, "Out of memory.\n");
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
assert(r != NULL);
|
|
||||||
}
|
|
||||||
memcpy(r, s, len);
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
|
||||||
main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
RSA *rsa;
|
|
||||||
MD5_CTX md5;
|
|
||||||
int fd, i;
|
|
||||||
pthread_t threads[MAX_THREAD_COUNT];
|
|
||||||
int thread_count = 1000;
|
|
||||||
unsigned char *message, *digest;
|
|
||||||
unsigned int message_len, digest_len;
|
|
||||||
unsigned char *correct_signature;
|
|
||||||
unsigned int correct_siglen, ret;
|
|
||||||
struct thread_args master_args, *args;
|
|
||||||
int sync = 0, seed = 0;
|
|
||||||
int again = 1;
|
|
||||||
#ifdef USE_ENGINE
|
|
||||||
char *engine = NULL;
|
|
||||||
ENGINE *e = NULL;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
pthread_mutex_init(&failure_count_lock, NULL);
|
|
||||||
|
|
||||||
for (i = 1; i < argc; i++) {
|
|
||||||
if (strcmp(argv[i], "--seed") == 0) {
|
|
||||||
printf("Seeding PRNG.\n");
|
|
||||||
seed++;
|
|
||||||
} else
|
|
||||||
if (strcmp(argv[i], "--sync") == 0) {
|
|
||||||
printf("Running synchronized.\n");
|
|
||||||
sync++;
|
|
||||||
} else
|
|
||||||
if ((strcmp(argv[i], "--threads") == 0) && (i < argc - 1)) {
|
|
||||||
i++;
|
|
||||||
thread_count = atol(argv[i]);
|
|
||||||
if (thread_count > MAX_THREAD_COUNT) {
|
|
||||||
thread_count = MAX_THREAD_COUNT;
|
|
||||||
}
|
|
||||||
printf("Starting %d threads.\n", thread_count);
|
|
||||||
sync++;
|
|
||||||
} else
|
|
||||||
if (strcmp(argv[i], "--sign") == 0) {
|
|
||||||
printf("Locking signing.\n");
|
|
||||||
locked_sign++;
|
|
||||||
} else
|
|
||||||
if (strcmp(argv[i], "--verify") == 0) {
|
|
||||||
printf("Locking verifies.\n");
|
|
||||||
locked_verify++;
|
|
||||||
} else
|
|
||||||
if (strcmp(argv[i], "--print") == 0) {
|
|
||||||
printf("Tracing.\n");
|
|
||||||
print++;
|
|
||||||
#ifdef USE_ENGINE
|
|
||||||
} else
|
|
||||||
if ((strcmp(argv[i], "--engine") == 0) && (i < argc - 1)) {
|
|
||||||
printf("Using engine \"%s\".\n", argv[i + 1]);
|
|
||||||
engine = argv[i + 1];
|
|
||||||
i++;
|
|
||||||
#endif
|
|
||||||
} else {
|
|
||||||
printf("Bad argument: %s\n", argv[i]);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Get some random data to sign. */
|
|
||||||
fd = open("/dev/urandom", O_RDONLY);
|
|
||||||
if (fd == -1) {
|
|
||||||
fprintf(stderr, "Error opening /dev/urandom: %s\n",
|
|
||||||
strerror(errno));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Reading random data.\n");
|
|
||||||
}
|
|
||||||
message = malloc(message_len = 9371);
|
|
||||||
read(fd, message, message_len);
|
|
||||||
close(fd);
|
|
||||||
|
|
||||||
/* Initialize the SSL library and set up thread-safe locking. */
|
|
||||||
ERR_load_crypto_strings();
|
|
||||||
SSL_library_init();
|
|
||||||
mutex_locks = malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
|
|
||||||
for (i = 0; i < CRYPTO_num_locks(); i++) {
|
|
||||||
pthread_mutex_init(&mutex_locks[i], NULL);
|
|
||||||
}
|
|
||||||
CRYPTO_set_id_callback(thread_id_cb);
|
|
||||||
CRYPTO_set_locking_callback(lock_cb);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
|
|
||||||
/* Seed the PRNG if we were asked to do so. */
|
|
||||||
if (seed) {
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Seeding PRNG.\n");
|
|
||||||
}
|
|
||||||
RAND_add(message, message_len, message_len);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Turn on a hardware crypto device if asked to do so. */
|
|
||||||
#ifdef USE_ENGINE
|
|
||||||
if (engine) {
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
|
|
||||||
ENGINE_load_builtin_engines();
|
|
||||||
#endif
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Initializing \"%s\" engine.\n",
|
|
||||||
engine);
|
|
||||||
}
|
|
||||||
e = ENGINE_by_id(engine);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
if (e) {
|
|
||||||
i = ENGINE_init(e);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
i = ENGINE_set_default_RSA(e);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Compute the digest for the signature. */
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Computing digest.\n");
|
|
||||||
}
|
|
||||||
digest = malloc(digest_len = MD5_DIGEST_LENGTH);
|
|
||||||
MD5_Init(&md5);
|
|
||||||
MD5_Update(&md5, message, message_len);
|
|
||||||
MD5_Final(digest, &md5);
|
|
||||||
|
|
||||||
/* Generate a signing key. */
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Generating key.\n");
|
|
||||||
}
|
|
||||||
rsa = RSA_generate_key(4096, 3, NULL, NULL);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
if (rsa == NULL) {
|
|
||||||
_exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Sign the data. */
|
|
||||||
correct_siglen = RSA_size(rsa);
|
|
||||||
correct_signature = malloc(correct_siglen);
|
|
||||||
for (i = 0; i < MAIN_COUNT; i++) {
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Signing data (%d).\n", i);
|
|
||||||
}
|
|
||||||
ret = RSA_check_key(rsa);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
if (ret != 1) {
|
|
||||||
failure();
|
|
||||||
}
|
|
||||||
correct_siglen = RSA_size(rsa);
|
|
||||||
ret = RSA_sign(NID_md5, digest, digest_len,
|
|
||||||
correct_signature, &correct_siglen,
|
|
||||||
rsa);
|
|
||||||
ERR_print_errors_fp(stdout);
|
|
||||||
if (ret != 1) {
|
|
||||||
_exit(2);
|
|
||||||
}
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Verifying data (%d).\n", i);
|
|
||||||
}
|
|
||||||
ret = RSA_verify(NID_md5, digest, digest_len,
|
|
||||||
correct_signature, correct_siglen,
|
|
||||||
rsa);
|
|
||||||
if (ret != 1) {
|
|
||||||
_exit(2);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Collect up the inforamtion which other threads will need for
|
|
||||||
* comparing their signature results with ours. */
|
|
||||||
master_args.rsa = rsa;
|
|
||||||
master_args.digest_type = NID_md5;
|
|
||||||
master_args.digest = digest;
|
|
||||||
master_args.digest_len = digest_len;
|
|
||||||
master_args.signature = correct_signature;
|
|
||||||
master_args.signature_len = correct_siglen;
|
|
||||||
master_args.main_thread = pthread_self();
|
|
||||||
|
|
||||||
fprintf(stdout, "Performing %d signatures in each of %d threads "
|
|
||||||
"(%d, %d).\n", ITERATION_COUNT, thread_count,
|
|
||||||
digest_len, correct_siglen);
|
|
||||||
fflush(NULL);
|
|
||||||
|
|
||||||
/* Start up all of the threads. */
|
|
||||||
for (i = 0; i < thread_count; i++) {
|
|
||||||
args = malloc(sizeof(struct thread_args));
|
|
||||||
args->rsa = RSAPrivateKey_dup(master_args.rsa);
|
|
||||||
args->digest_type = master_args.digest_type;
|
|
||||||
args->digest_len = master_args.digest_len;
|
|
||||||
args->digest = xmemdup(master_args.digest, args->digest_len);
|
|
||||||
args->signature_len = master_args.signature_len;
|
|
||||||
args->signature = xmemdup(master_args.signature,
|
|
||||||
args->signature_len);
|
|
||||||
args->main_thread = pthread_self();
|
|
||||||
ret = pthread_create(&threads[i], NULL, thread_main, args);
|
|
||||||
while ((ret != 0) && (errno == EAGAIN)) {
|
|
||||||
ret = pthread_create(&threads[i], NULL,
|
|
||||||
thread_main, &args);
|
|
||||||
fprintf(stderr, "Thread limit hit at %d.\n", i);
|
|
||||||
}
|
|
||||||
if (ret != 0) {
|
|
||||||
fprintf(stderr, "Unable to create thread %d: %s.\n",
|
|
||||||
i, strerror(errno));
|
|
||||||
threads[i] = -1;
|
|
||||||
} else {
|
|
||||||
if (sync) {
|
|
||||||
ret = pthread_join(threads[i], NULL);
|
|
||||||
assert(ret == 0);
|
|
||||||
}
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "%d\n", i);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Wait for all threads to complete. So long as we can find an
|
|
||||||
* unjoined thread, keep joining threads. */
|
|
||||||
do {
|
|
||||||
again = 0;
|
|
||||||
for (i = 0; i < thread_count; i++) {
|
|
||||||
/* If we have an unterminated thread, join it. */
|
|
||||||
if (threads[i] != -1) {
|
|
||||||
again = 1;
|
|
||||||
if (print) {
|
|
||||||
fprintf(stderr, "Joining thread %d.\n",
|
|
||||||
i);
|
|
||||||
}
|
|
||||||
pthread_join(threads[i], NULL);
|
|
||||||
threads[i] = -1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} while (again == 1);
|
|
||||||
|
|
||||||
fprintf(stderr, "%ld failures\n", failure_count);
|
|
||||||
|
|
||||||
return (failure_count != 0);
|
|
||||||
}
|
|
1342
openssl.spec
1342
openssl.spec
File diff suppressed because it is too large
Load Diff
@ -13,8 +13,21 @@
|
|||||||
#include "opensslconf-i386.h"
|
#include "opensslconf-i386.h"
|
||||||
#elif defined(__ia64__)
|
#elif defined(__ia64__)
|
||||||
#include "opensslconf-ia64.h"
|
#include "opensslconf-ia64.h"
|
||||||
|
#elif defined(__mips64) && defined(__MIPSEL__)
|
||||||
|
#include "opensslconf-mips64el.h"
|
||||||
|
#elif defined(__mips64)
|
||||||
|
#include "opensslconf-mips64.h"
|
||||||
|
#elif defined(__mips) && defined(__MIPSEL__)
|
||||||
|
#include "opensslconf-mipsel.h"
|
||||||
|
#elif defined(__mips)
|
||||||
|
#include "opensslconf-mips.h"
|
||||||
#elif defined(__powerpc64__)
|
#elif defined(__powerpc64__)
|
||||||
|
#include <endian.h>
|
||||||
|
#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
||||||
#include "opensslconf-ppc64.h"
|
#include "opensslconf-ppc64.h"
|
||||||
|
#else
|
||||||
|
#include "opensslconf-ppc64le.h"
|
||||||
|
#endif
|
||||||
#elif defined(__powerpc__)
|
#elif defined(__powerpc__)
|
||||||
#include "opensslconf-ppc.h"
|
#include "opensslconf-ppc.h"
|
||||||
#elif defined(__s390x__)
|
#elif defined(__s390x__)
|
||||||
|
39
renew-dummy-cert
Executable file
39
renew-dummy-cert
Executable file
@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [ $# -eq 0 ]; then
|
||||||
|
echo $"Usage: `basename $0` filename" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
PEM=$1
|
||||||
|
REQ=`/bin/mktemp /tmp/openssl.XXXXXX`
|
||||||
|
KEY=`/bin/mktemp /tmp/openssl.XXXXXX`
|
||||||
|
CRT=`/bin/mktemp /tmp/openssl.XXXXXX`
|
||||||
|
NEW=${PEM}_
|
||||||
|
|
||||||
|
trap "rm -f $REQ $KEY $CRT $NEW" SIGINT
|
||||||
|
|
||||||
|
if [ ! -f $PEM ]; then
|
||||||
|
echo "$PEM: file not found" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
umask 077
|
||||||
|
|
||||||
|
OWNER=`ls -l $PEM | awk '{ printf "%s.%s", $3, $4; }'`
|
||||||
|
|
||||||
|
openssl rsa -inform pem -in $PEM -out $KEY
|
||||||
|
openssl x509 -x509toreq -in $PEM -signkey $KEY -out $REQ
|
||||||
|
openssl x509 -req -in $REQ -signkey $KEY -days 365 \
|
||||||
|
-extfile /etc/pki/tls/openssl.cnf -extensions v3_ca -out $CRT
|
||||||
|
|
||||||
|
(cat $KEY ; echo "" ; cat $CRT) > $NEW
|
||||||
|
|
||||||
|
chown $OWNER $NEW
|
||||||
|
|
||||||
|
mv -f $NEW $PEM
|
||||||
|
|
||||||
|
rm -f $REQ $KEY $CRT
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
1fc0e41c230d0698f834413dfba864ad openssl-1.0.0-beta4-usa.tar.bz2
|
SHA512 (openssl-1.1.1h-hobbled.tar.xz) = 75e1d3f34f93462b97db92aa6538fd4f2f091ad717438e51d147508738be720d7d0bf4a9b1fda3a1943a4c13aae2a39da3add05f7da833b3c6de40a97bc97908
|
||||||
|
63
tests/simple-rsapss-test/Makefile
Normal file
63
tests/simple-rsapss-test/Makefile
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Makefile of /CoreOS/openssl/Sanity/simple-rsapss-test
|
||||||
|
# Description: Test if RSA-PSS signature scheme is supported
|
||||||
|
# Author: Hubert Kario <hkario@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2013 Red Hat, Inc. All rights reserved.
|
||||||
|
#
|
||||||
|
# This copyrighted material is made available to anyone wishing
|
||||||
|
# to use, modify, copy, or redistribute it subject to the terms
|
||||||
|
# and conditions of the GNU General Public License version 2.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public
|
||||||
|
# License along with this program; if not, write to the Free
|
||||||
|
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
# Boston, MA 02110-1301, USA.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
export TEST=/CoreOS/openssl/Sanity/simple-rsapss-test
|
||||||
|
export TESTVERSION=1.0
|
||||||
|
|
||||||
|
BUILT_FILES=
|
||||||
|
|
||||||
|
FILES=$(METADATA) runtest.sh Makefile PURPOSE
|
||||||
|
|
||||||
|
.PHONY: all install download clean
|
||||||
|
|
||||||
|
run: $(FILES) build
|
||||||
|
./runtest.sh
|
||||||
|
|
||||||
|
build: $(BUILT_FILES)
|
||||||
|
test -x runtest.sh || chmod a+x runtest.sh
|
||||||
|
|
||||||
|
clean:
|
||||||
|
rm -f *~ $(BUILT_FILES)
|
||||||
|
|
||||||
|
|
||||||
|
-include /usr/share/rhts/lib/rhts-make.include
|
||||||
|
|
||||||
|
$(METADATA): Makefile
|
||||||
|
@echo "Owner: Hubert Kario <hkario@redhat.com>" > $(METADATA)
|
||||||
|
@echo "Name: $(TEST)" >> $(METADATA)
|
||||||
|
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||||
|
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||||
|
@echo "Description: Test if RSA-PSS signature scheme is supported" >> $(METADATA)
|
||||||
|
@echo "Type: Sanity" >> $(METADATA)
|
||||||
|
@echo "TestTime: 1m" >> $(METADATA)
|
||||||
|
@echo "RunFor: openssl" >> $(METADATA)
|
||||||
|
@echo "Requires: openssl man man-db" >> $(METADATA)
|
||||||
|
@echo "Priority: Normal" >> $(METADATA)
|
||||||
|
@echo "License: GPLv2" >> $(METADATA)
|
||||||
|
@echo "Confidential: no" >> $(METADATA)
|
||||||
|
@echo "Destructive: no" >> $(METADATA)
|
||||||
|
|
||||||
|
rhts-lint $(METADATA)
|
3
tests/simple-rsapss-test/PURPOSE
Normal file
3
tests/simple-rsapss-test/PURPOSE
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
PURPOSE of /CoreOS/openssl/Sanity/simple-rsapss-test
|
||||||
|
Description: Test if RSA-PSS signature scheme is supported
|
||||||
|
Author: Hubert Kario <hkario@redhat.com>
|
74
tests/simple-rsapss-test/runtest.sh
Executable file
74
tests/simple-rsapss-test/runtest.sh
Executable file
@ -0,0 +1,74 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# runtest.sh of /CoreOS/openssl/Sanity/simple-rsapss-test
|
||||||
|
# Description: Test if RSA-PSS signature scheme is supported
|
||||||
|
# Author: Hubert Kario <hkario@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2013 Red Hat, Inc. All rights reserved.
|
||||||
|
#
|
||||||
|
# This copyrighted material is made available to anyone wishing
|
||||||
|
# to use, modify, copy, or redistribute it subject to the terms
|
||||||
|
# and conditions of the GNU General Public License version 2.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public
|
||||||
|
# License along with this program; if not, write to the Free
|
||||||
|
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
# Boston, MA 02110-1301, USA.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
# Include Beaker environment
|
||||||
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||||
|
|
||||||
|
PACKAGE="openssl"
|
||||||
|
|
||||||
|
PUB_KEY="rsa_pubkey.pem"
|
||||||
|
PRIV_KEY="rsa_key.pem"
|
||||||
|
FILE="text.txt"
|
||||||
|
SIG="text.sig"
|
||||||
|
|
||||||
|
rlJournalStart
|
||||||
|
rlPhaseStartSetup
|
||||||
|
rlAssertRpm $PACKAGE
|
||||||
|
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
||||||
|
rlRun "pushd $TmpDir"
|
||||||
|
rlRun "openssl genrsa -out $PRIV_KEY 2048" 0 "Generate RSA key"
|
||||||
|
rlRun "openssl rsa -in $PRIV_KEY -out $PUB_KEY -pubout" 0 "Split the public key from private key"
|
||||||
|
rlRun "echo 'sign me!' > $FILE" 0 "Create file for signing"
|
||||||
|
rlAssertExists $FILE
|
||||||
|
rlAssertExists $PRIV_KEY
|
||||||
|
rlAssertExists $PUB_KEY
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Test RSA-PSS padding mode"
|
||||||
|
set -o pipefail
|
||||||
|
rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -out $SIG -sign $PRIV_KEY $FILE" 0 "Sign the file"
|
||||||
|
rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file"
|
||||||
|
rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file"
|
||||||
|
rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -prverify $PRIV_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using the private key file without specifying salt length"
|
||||||
|
rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verified OK'" 0 "Verify the signature using public key file without specifying salt length"
|
||||||
|
set +o pipefail
|
||||||
|
rlRun "sed -i 's/sign/Sign/' $FILE" 0 "Modify signed file"
|
||||||
|
rlRun "openssl dgst -sha256 -sigopt rsa_padding_mode:pss -verify $PUB_KEY -signature $SIG $FILE | grep 'Verification Failure'" 0 "Verify that the signature is no longer valid"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest "Documentation check"
|
||||||
|
[ -e "$(rpm -ql openssl | grep dgst)"] && rlRun "man dgst | col -b | grep -- -sigopt" 0 "Check if -sigopt option is described in man page"
|
||||||
|
rlRun "openssl dgst -help 2>&1 | grep -- -sigopt" 0 "Check if -sigopt option is present in help message"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartCleanup
|
||||||
|
rlRun "popd"
|
||||||
|
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
||||||
|
rlPhaseEnd
|
||||||
|
rlJournalPrintText
|
||||||
|
rlJournalEnd
|
15
tests/tests.yml
Normal file
15
tests/tests.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
# This first play always runs on the local staging system
|
||||||
|
- hosts: localhost
|
||||||
|
roles:
|
||||||
|
- role: standard-test-beakerlib
|
||||||
|
tags:
|
||||||
|
- classic
|
||||||
|
- container
|
||||||
|
tests:
|
||||||
|
- simple-rsapss-test
|
||||||
|
required_packages:
|
||||||
|
- findutils # beakerlib needs find command
|
||||||
|
- man # needed by simple-rsapss-test
|
||||||
|
- man-db # needed by simple-rsapss-test
|
||||||
|
- openssl # needed by simple-rsapss-test
|
18
tests/tests_python.yml
Normal file
18
tests/tests_python.yml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
---
|
||||||
|
- hosts: localhost
|
||||||
|
roles:
|
||||||
|
- role: standard-test-basic
|
||||||
|
tags:
|
||||||
|
- classic
|
||||||
|
repositories:
|
||||||
|
- repo: "https://src.fedoraproject.org/tests/python.git"
|
||||||
|
dest: "python"
|
||||||
|
tests:
|
||||||
|
- python_selftest:
|
||||||
|
dir: python/selftest
|
||||||
|
run: X="test_ssl test_asyncio test_hashlib test_ftplib test_httplib test_imaplib test_logging test_nntplib test_poplib test_urllib2_localnet test_urllib test_xmlrpc" ./parallel.sh
|
||||||
|
required_packages:
|
||||||
|
- gcc # for extension building in venv and selftest
|
||||||
|
- python3-tkinter # for selftest
|
||||||
|
- python3-test # for selftest
|
||||||
|
- python3-rpm-macros # for dynamic python version
|
Loading…
Reference in New Issue
Block a user