Commit 2d32091f9c5df3ef3605ce9130e8d52dcfb44342 - openssl

+157

-0

CHANGES.md less more

26	26	breaking changes, and mappings for the large list of deprecated functions.
27	27
28	28	[Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
	29
	30	### Changes between 3.0.6 and 3.0.7 [1 Nov 2022]
	31
	32	* Fixed two buffer overflows in punycode decoding functions.
	33
	34	A buffer overrun can be triggered in X.509 certificate verification,
	35	specifically in name constraint checking. Note that this occurs after
	36	certificate chain signature verification and requires either a CA to
	37	have signed the malicious certificate or for the application to continue
	38	certificate verification despite failure to construct a path to a trusted
	39	issuer.
	40
	41	In a TLS client, this can be triggered by connecting to a malicious
	42	server. In a TLS server, this can be triggered if the server requests
	43	client authentication and a malicious client connects.
	44
	45	An attacker can craft a malicious email address to overflow
	46	an arbitrary number of bytes containing the `.` character (decimal 46)
	47	on the stack. This buffer overflow could result in a crash (causing a
	48	denial of service).
	49	([CVE-2022-3786])
	50
	51	An attacker can craft a malicious email address to overflow four
	52	attacker-controlled bytes on the stack. This buffer overflow could
	53	result in a crash (causing a denial of service) or potentially remote code
	54	execution depending on stack layout for any given platform/compiler.
	55	([CVE-2022-3602])
	56
	57	Paul Dale
	58
	59	* Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT
	60	parameters in OpenSSL code.
	61	Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR,
	62	OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT.
	63	Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead.
	64	Using these invalid names may cause algorithms to use slower methods
	65	that ignore the CRT parameters.
	66
	67	Shane Lontis
	68
	69	* Fixed a regression introduced in 3.0.6 version raising errors on some stack
	70	operations.
	71
	72	Tomáš Mráz
	73
	74	* Fixed a regression introduced in 3.0.6 version not refreshing the certificate
	75	data to be signed before signing the certificate.
	76
	77	Gibeom Gwon
	78
	79	* Added RIPEMD160 to the default provider.
	80
	81	Paul Dale
	82
	83	* Ensured that the key share group sent or accepted for the key exchange
	84	is allowed for the protocol version.
	85
	86	Matt Caswell
	87
	88	### Changes between 3.0.5 and 3.0.6 [11 Oct 2022]
	89
	90	* OpenSSL supports creating a custom cipher via the legacy
	91	EVP_CIPHER_meth_new() function and associated function calls. This function
	92	was deprecated in OpenSSL 3.0 and application authors are instead encouraged
	93	to use the new provider mechanism in order to implement custom ciphers.
	94
	95	OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers
	96	passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and
	97	EVP_CipherInit_ex2() functions (as well as other similarly named encryption
	98	and decryption initialisation functions). Instead of using the custom cipher
	99	directly it incorrectly tries to fetch an equivalent cipher from the
	100	available providers. An equivalent cipher is found based on the NID passed to
	101	EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a
	102	given cipher. However it is possible for an application to incorrectly pass
	103	NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef
	104	is used in this way the OpenSSL encryption/decryption initialisation function
	105	will match the NULL cipher as being equivalent and will fetch this from the
	106	available providers. This will succeed if the default provider has been
	107	loaded (or if a third party provider has been loaded that offers this
	108	cipher). Using the NULL cipher means that the plaintext is emitted as the
	109	ciphertext.
	110
	111	Applications are only affected by this issue if they call
	112	EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an
	113	encryption/decryption initialisation function. Applications that only use
	114	SSL/TLS are not impacted by this issue.
	115	([CVE-2022-3358])
	116
	117	Matt Caswell
	118
	119	* Fix LLVM vs Apple LLVM version numbering confusion that caused build failures
	120	on MacOS 10.11
	121
	122	Richard Levitte
	123
	124	* Fixed the linux-mips64 Configure target which was missing the
	125	SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
	126	platform.
	127
	128	Adam Joseph
	129
	130	* Fix handling of a ticket key callback that returns 0 in TLSv1.3 to not send a
	131	ticket
	132
	133	Matt Caswell
	134
	135	* Correctly handle a retransmitted ClientHello in DTLS
	136
	137	Matt Caswell
	138
	139	* Fixed detection of ktls support in cross-compile environment on Linux
	140
	141	Tomas Mraz
	142
	143	* Fixed some regressions and test failures when running the 3.0.0 FIPS provider
	144	against 3.0.x
	145
	146	Paul Dale
	147
	148	* Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
	149	report correct results in some cases
	150
	151	Matt Caswell
	152
	153	* Fix UWP builds by defining VirtualLock
	154
	155	Charles Milette
	156
	157	* For known safe primes use the minimum key length according to RFC 7919.
	158	Longer private key sizes unnecessarily raise the cycles needed to compute the
	159	shared secret without any increase of the real security. This fixes a
	160	regression from 1.1.1 where these shorter keys were generated for the known
	161	safe primes.
	162
	163	Tomas Mraz
	164
	165	* Added the loongarch64 target
	166
	167	Shi Pujin
	168
	169	* Fixed EC ASM flag passing. Flags for ASM implementations of EC curves were
	170	only passed to the FIPS provider and not to the default or legacy provider.
	171
	172	Juergen Christ
	173
	174	* Fixed reported performance degradation on aarch64. Restored the
	175	implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
	176	32-bit lane assignment in CTR mode") for 64bit targets only, since it is
	177	reportedly 2-17% slower and the silicon errata only affects 32bit targets.
	178	The new algorithm is still used for 32 bit targets.
	179
	180	Bernd Edlinger
	181
	182	* Added a missing header for memcmp that caused compilation failure on some
	183	platforms
	184
	185	Gregor Jasny
29	186
30	187	### Changes between 3.0.4 and 3.0.5 [5 Jul 2022]
31	188

+10

-3

Configurations/10-main.conf less more

796	796	inherit_from => [ "linux-latomic" ],
797	797	cflags => add("-mabi=n32"),
798	798	cxxflags => add("-mabi=n32"),
799		bn_ops => "RC4_CHAR",
	799	bn_ops => "RC4_CHAR SIXTY_FOUR_BIT",
800	800	asm_arch => 'mips64',
801	801	perlasm_scheme => "n32",
802	802	multilib => "32",

813	813	# riscv64 below refers to contemporary RISCV Architecture
814	814	# specifications,
815	815	"linux64-riscv64" => {
	816	inherit_from => [ "linux-generic64"],
	817	perlasm_scheme => "linux64",
	818	},
	819
	820	# loongarch64 below refers to contemporary LoongArch Architecture
	821	# specifications,
	822	"linux64-loongarch64" => {
816	823	inherit_from => [ "linux-generic64"],
817	824	perlasm_scheme => "linux64",
818	825	},

1301	1308	inherit_from => [ "BASE_Windows" ],
1302	1309	template => 1,
1303	1310	CC => "cl",
1304		CPP => '"$(CC)" /EP /C',
	1311	CPP => '$(CC) /EP /C',
1305	1312	CFLAGS => "/W3 /wd4090 /nologo",
1306	1313	coutflag => "/Fo",
1307	1314	LD => "link",

1310	1317	ldpostoutflag => "",
1311	1318	ld_resp_delim => "\n",
1312	1319	bin_lflags => "setargv.obj",
1313		makedepcmd => '"$(CC)" /Zs /showIncludes',
	1320	makedepcmd => '$(CC) /Zs /showIncludes',
1314	1321	makedep_scheme => 'VC',
1315	1322	AR => "lib",
1316	1323	ARFLAGS => "/nologo",

+1

-0

Configurations/50-djgpp.conf less more

3	3
4	4	my %targets = (
5	5	"DJGPP" => {
	6	inherit_from => [ "BASE_unix" ],
6	7	CC => "gcc",
7	8	CFLAGS => "-fomit-frame-pointer -O2 -Wall",
8	9	cflags => "-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN",

+3

-3

Configurations/windows-makefile.tmpl less more

499	499	{- output_off() if $disabled{fips}; "" -}
500	500	install_fips: build_sw $(INSTALL_FIPSMODULECONF)
501	501	# @[ -n "$(INSTALLTOP)" ] \|\| (echo INSTALLTOP should not be empty; exit 1)
502		@$(PERL) $(SRCDIR)\util\mkdir-p.pl $(MODULESDIR)
503		@$(PERL) $(SRCDIR)\util\mkdir-p.pl $(OPENSSLDIR)
	502	@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(MODULESDIR)"
	503	@"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(OPENSSLDIR)"
504	504	@$(ECHO) "*** Installing FIPS module"
505	505	@$(ECHO) "install $(INSTALL_FIPSMODULE) -> $(MODULESDIR)\$(FIPSMODULENAME)"
506	506	@"$(PERL)" "$(SRCDIR)\util\copy.pl" "$(INSTALL_FIPSMODULE)" "$(MODULESDIR)"

741	741	rel2abs($config{builddir}));
742	742	my $ord_ver = $args{intent} eq 'lib' ? ' --version $(VERSION_NUMBER)' : '';
743	743	my $ord_name =
744		$args{generator}->[1] \|\| platform->dsoname($args{product});
	744	$args{generator}->[1] \|\| basename(platform->dsoname($args{product}));
745	745	return <<"EOF";
746	746	$target: $gen0 $deps $mkdef
747	747	"\$(PERL)" "$mkdef"$ord_ver --type $args{intent} --ordinals $gen0 --name $ord_name --OS windows > $target

+18

-67

Configure less more

16	16	use File::Basename;
17	17	use File::Spec::Functions qw/:DEFAULT abs2rel rel2abs splitdir/;
18	18	use File::Path qw/mkpath/;
19		use File::Compare qw(compare_text);
20	19	use OpenSSL::fallback "$FindBin::Bin/external/perl/MODULES.txt";
21	20	use OpenSSL::Glob;
22	21	use OpenSSL::Template;

1502	1501	}
1503	1502
1504	1503	unless ($disabled{ubsan} \|\| defined $detected_sanitizers{ubsan}) {
1505		# -DPEDANTIC or -fnosanitize=alignment may also be required on some
1506		# platforms.
1507		push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all";
	1504	push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all", "-DPEDANTIC";
1508	1505	}
1509	1506
1510	1507	unless ($disabled{msan} \|\| defined $detected_sanitizers{msan}) {

1716	1713
1717	1714	unless ($disabled{ktls}) {
1718	1715	$config{ktls}="";
	1716	my $cc = $config{CROSS_COMPILE}.$config{CC};
1719	1717	if ($target =~ m/^linux/) {
1720		my $usr = "/usr/$config{cross_compile_prefix}";
1721		chop($usr);
1722		if ($config{cross_compile_prefix} eq "") {
1723		$usr = "/usr";
1724		}
1725		my $minver = (4 << 16) + (13 << 8) + 0;
1726		my @verstr = split(" ",`cat $usr/include/linux/version.h \| grep LINUX_VERSION_CODE`);
1727
1728		if ($verstr[2] < $minver) {
	1718	system("printf '#include <sys/types.h>\n#include <linux/tls.h>' \| $cc -E - >/dev/null 2>&1");
	1719	if ($? != 0) {
1729	1720	disable('too-old-kernel', 'ktls');
1730	1721	}
1731	1722	} elsif ($target =~ m/^BSD/) {
1732		my $cc = $config{CROSS_COMPILE}.$config{CC};
1733	1723	system("printf '#include <sys/types.h>\n#include <sys/ktls.h>' \| $cc -E - >/dev/null 2>&1");
1734	1724	if ($? != 0) {
1735	1725	disable('too-old-freebsd', 'ktls');

2848	2838	) or die $Text::Template::ERROR;
2849	2839	close CONFIGDATA;
2850	2840
2851		# When using stat() on Windows, we can get it to perform better by avoid some
2852		# data. This doesn't affect the mtime field, so we're not losing anything...
2853		${^WIN32_SLOPPY_STAT} = 1;
2854
2855		my $update_configdata = 0;
2856		my $run_configdata = 0;
2857		if (-f $configdata_outname) {
2858		my $Configure_mtime = (stat($0))[9];
2859		my $configdata_mtime = (stat($configdata_outname))[9];
2860
2861		# If this script was updated after the last configdata.pm, or if
2862		# configdata.pm.new differs from configdata.pm, we update configdata.pm
2863		if ($configdata_mtime < $Configure_mtime
2864		\|\| compare_text("$configdata_outname.new", $configdata_outname) != 0) {
2865		$update_configdata = 1;
2866		} else {
2867		# If nothing has changed, let's just drop the new one and pretend
2868		# like nothing happened
2869		unlink "$configdata_outname.new";
2870
2871		# We still run configdata.pm if one of the build file (Makefile) or
2872		# the configuration header file are missing
2873		$run_configdata =
2874		!( -f $target{build_file} )
2875		\|\| !( -f catfile('include', 'openssl', 'configuration.h') );
2876		}
2877		} else {
2878		$update_configdata = 1;
2879		}
2880
2881		if ($update_configdata) {
2882		# If something did change, or there was no previous configdata.pm, we
2883		# rename the new one, set permissions as needed, and run it.
2884		rename "$configdata_outname.new", $configdata_outname;
2885		if ($builder_platform eq 'unix') {
2886		my $mode = (0755 & ~umask);
2887		chmod $mode, 'configdata.pm'
2888		or warn sprintf("WARNING: Couldn't change mode for 'configdata.pm' to 0%03o: %s\n",$mode,$!);
2889		}
2890		$run_configdata = 1;
2891		print "Created $configdata_outname\n";
2892		}
2893
2894		if ($run_configdata) {
2895		print "Running $configdata_outname\n";
2896		my $perlcmd = (quotify("maybeshell", $config{PERL}))[0];
2897		my $cmd = "$perlcmd $configdata_outname";
2898		#print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n";
2899		system($cmd);
2900		exit 1 if $? != 0;
2901		} else {
2902		print "No changes in $configdata_outname, no need to run it\n";
2903		}
	2841	rename "$configdata_outname.new", $configdata_outname;
	2842	if ($builder_platform eq 'unix') {
	2843	my $mode = (0755 & ~umask);
	2844	chmod $mode, 'configdata.pm'
	2845	or warn sprintf("WARNING: Couldn't change mode for 'configdata.pm' to 0%03o: %s\n",$mode,$!);
	2846	}
	2847	print "Created $configdata_outname\n";
	2848
	2849	print "Running $configdata_outname\n";
	2850	my $perlcmd = (quotify("maybeshell", $config{PERL}))[0];
	2851	my $cmd = "$perlcmd $configdata_outname";
	2852	#print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n";
	2853	system($cmd);
	2854	exit 1 if $? != 0;
2904	2855
2905	2856	$SIG{__DIE__} = $orig_death_handler;
2906	2857

+1

-1

INSTALL.md less more

973	973
974	974	### no-{protocol}-method
975	975
976		no-{ssl\|ssl3\|tls\|tls1\|tls1_1\|tls1_2\|tls1_3\|dtls\|dtls1\|dtls1_2}-method
	976	no-{ssl3\|tls1\|tls1_1\|tls1_2\|dtls1\|dtls1_2}-method
977	977
978	978	Analogous to `no-{protocol}` but in addition do not build the methods for
979	979	applications to explicitly select individual protocol versions. Note that there

+12

-1

NEWS.md less more

17	17	OpenSSL 3.0
18	18	-----------
19	19
	20	### Major changes between OpenSSL 3.0.6 and OpenSSL 3.0.7 [1 Nov 2022]
	21
	22	* Added RIPEMD160 to the default provider.
	23	* Fixed regressions introduced in 3.0.6 version.
	24	* Fixed two buffer overflows in punycode decoding functions.
	25	([CVE-2022-3786]) and ([CVE-2022-3602])
	26
	27	### Major changes between OpenSSL 3.0.5 and OpenSSL 3.0.6 [11 Oct 2022]
	28
	29	* Fix for custom ciphers to prevent accidental use of NULL encryption
	30	([CVE-2022-3358])
	31
20	32	### Major changes between OpenSSL 3.0.4 and OpenSSL 3.0.5 [5 Jul 2022]
21	33
22	34	* Fixed heap memory corruption with RSA private key operation
23	35	([CVE-2022-2274])
24	36	* Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
25	37	([CVE-2022-2097])
26
27	38
28	39	### Major changes between OpenSSL 3.0.3 and OpenSSL 3.0.4 [21 Jun 2022]
29	40

+0

-1

README-ENGINES.md less more

313	313	A quick test done right before the release showed that trying "openssl speed
314	314	-engine cswift" generated errors. If the DSO gets enabled, an attempt is made
315	315	to write at memory address 0x00000002.
316

+2

-2

VERSION.dat less more

0	0	MAJOR=3
1	1	MINOR=0
2		PATCH=5
	2	PATCH=7
3	3	PRE_RELEASE_TAG=
4	4	BUILD_METADATA=
5		RELEASE_DATE="5 Jul 2022"
	5	RELEASE_DATE="1 Nov 2022"
6	6	SHLIB_VERSION=3

+4

-2

apps/ca.c less more

921	921	goto end;
922	922	}
923	923	} else {
924		if ((serial = load_serial(serialfile, create_ser, NULL)) == NULL) {
	924	serial = load_serial(serialfile, NULL, create_ser, NULL);
	925	if (serial == NULL) {
925	926	BIO_printf(bio_err, "error while loading serial number\n");
926	927	goto end;
927	928	}

1161	1162
1162	1163	if ((crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER))
1163	1164	!= NULL)
1164		if ((crlnumber = load_serial(crlnumberfile, 0, NULL)) == NULL) {
	1165	if ((crlnumber = load_serial(crlnumberfile, NULL, 0, NULL))
	1166	== NULL) {
1165	1167	BIO_printf(bio_err, "error while loading CRL number\n");
1166	1168	goto end;
1167	1169	}

+7

-0

apps/ciphers.c less more

226	226	if (!verbose) {
227	227	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
228	228	const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
	229
	230	if (!ossl_assert(c != NULL))
	231	continue;
	232
229	233	p = SSL_CIPHER_get_name(c);
230	234	if (p == NULL)
231	235	break;

240	244	const SSL_CIPHER *c;
241	245
242	246	c = sk_SSL_CIPHER_value(sk, i);
	247
	248	if (!ossl_assert(c != NULL))
	249	continue;
243	250
244	251	if (Verbose) {
245	252	unsigned long id = SSL_CIPHER_get_id(c);

+12

-6

apps/cmp.c less more

1922	1922	if ((info = OPENSSL_zalloc(sizeof(*info))) == NULL)
1923	1923	goto err;
1924	1924	(void)OSSL_CMP_CTX_set_http_cb_arg(ctx, info);
1925		/* info will be freed along with CMP ctx */
1926	1925	info->server = opt_server;
1927	1926	info->port = server_port;
1928	1927	/* workaround for callback design flaw, see #17088: */

3000	2999	if (ret != 1)
3001	3000	OSSL_CMP_CTX_print_errors(cmp_ctx);
3002	3001
3003		ossl_cmp_mock_srv_free(OSSL_CMP_CTX_get_transfer_cb_arg(cmp_ctx));
	3002	if (cmp_ctx != NULL) {
3004	3003	#ifndef OPENSSL_NO_SOCK
3005		APP_HTTP_TLS_INFO_free(OSSL_CMP_CTX_get_http_cb_arg(cmp_ctx));
3006		#endif
3007		X509_STORE_free(OSSL_CMP_CTX_get_certConf_cb_arg(cmp_ctx));
3008		OSSL_CMP_CTX_free(cmp_ctx);
	3004	APP_HTTP_TLS_INFO *info = OSSL_CMP_CTX_get_http_cb_arg(cmp_ctx);
	3005
	3006	#endif
	3007	ossl_cmp_mock_srv_free(OSSL_CMP_CTX_get_transfer_cb_arg(cmp_ctx));
	3008	X509_STORE_free(OSSL_CMP_CTX_get_certConf_cb_arg(cmp_ctx));
	3009	/* cannot free info already here, as it may be used indirectly by: */
	3010	OSSL_CMP_CTX_free(cmp_ctx);
	3011	#ifndef OPENSSL_NO_SOCK
	3012	APP_HTTP_TLS_INFO_free(info);
	3013	#endif
	3014	}
3009	3015	X509_VERIFY_PARAM_free(vpm);
3010	3016	release_engine(engine);
3011	3017

+23

-6

apps/dgst.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

65	65	{"keyform", OPT_KEYFORM, 'f', "Key file format (ENGINE, other values ignored)"},
66	66	{"hex", OPT_HEX, '-', "Print as hex dump"},
67	67	{"binary", OPT_BINARY, '-', "Print in binary form"},
68		{"xoflen", OPT_XOFLEN, 'p', "Output length for XOF algorithms"},
	68	{"xoflen", OPT_XOFLEN, 'p', "Output length for XOF algorithms. To obtain the maximum security strength set this to 32 (or greater) for SHAKE128, and 64 (or greater) for SHAKE256"},
69	69	{"d", OPT_DEBUG, '-', "Print debug info"},
70	70	{"debug", OPT_DEBUG, '-', "Print debug info"},
71	71

320	320	}
321	321
322	322	if (hmac_key != NULL) {
323		if (md == NULL)
	323	if (md == NULL) {
324	324	md = (EVP_MD *)EVP_sha256();
	325	digestname = SN_sha256;
	326	}
325	327	sigkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, impl,
326	328	(unsigned char *)hmac_key,
327	329	strlen(hmac_key));

339	341	goto end;
340	342	}
341	343	if (do_verify)
342		res = EVP_DigestVerifyInit(mctx, &pctx, md, impl, sigkey);
	344	if (impl == NULL)
	345	res = EVP_DigestVerifyInit_ex(mctx, &pctx, digestname,
	346	app_get0_libctx(),
	347	app_get0_propq(), sigkey, NULL);
	348	else
	349	res = EVP_DigestVerifyInit(mctx, &pctx, md, impl, sigkey);
343	350	else
344		res = EVP_DigestSignInit(mctx, &pctx, md, impl, sigkey);
	351	if (impl == NULL)
	352	res = EVP_DigestSignInit_ex(mctx, &pctx, digestname,
	353	app_get0_libctx(),
	354	app_get0_propq(), sigkey, NULL);
	355	else
	356	res = EVP_DigestSignInit(mctx, &pctx, md, impl, sigkey);
345	357	if (res == 0) {
346	358	BIO_printf(bio_err, "Error setting context\n");
347	359	goto end;

405	417	BIO_printf(bio_err, "Length can only be specified for XOF\n");
406	418	goto end;
407	419	}
	420	/*
	421	* Signing using XOF is not supported by any algorithms currently since
	422	* each algorithm only calls EVP_DigestFinal_ex() in their sign_final
	423	* and verify_final methods.
	424	*/
408	425	if (sigkey != NULL) {
409	426	BIO_printf(bio_err, "Signing key cannot be specified for XOF\n");
410	427	goto end;

466	483	return;
467	484
468	485	/* Filter out message digests that we cannot use */
469		md = EVP_get_digestbyname(name->name);
	486	md = EVP_MD_fetch(app_get0_libctx(), name->name, app_get0_propq());
470	487	if (md == NULL)
471	488	return;
472	489

+3

-3

apps/dhparam.c less more

184	184	BIO_printf(bio_err, "Warning, input file %s ignored\n", infile);
185	185	}
186	186
187		ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
	187	ctx = EVP_PKEY_CTX_new_from_name(app_get0_libctx(), alg, app_get0_propq());
188	188	if (ctx == NULL) {
189	189	BIO_printf(bio_err,
190	190	"Error, %s param generation context allocation failed\n",

312	312	EVP_PKEY_print_params(out, pkey, 4, NULL);
313	313
314	314	if (check) {
315		ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);
	315	ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(), pkey, app_get0_propq());
316	316	if (ctx == NULL) {
317	317	BIO_printf(bio_err, "Error, failed to check DH parameters\n");
318	318	goto end;

384	384	goto err;
385	385	}
386	386
387		ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
	387	ctx = EVP_PKEY_CTX_new_from_name(app_get0_libctx(), "DHX", app_get0_propq());
388	388	if (ctx == NULL
389	389	\|\| EVP_PKEY_fromdata_init(ctx) <= 0
390	390	\|\| EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) {

+8

-4

apps/ecparam.c less more

229	229	*p = OSSL_PARAM_construct_end();
230	230
231	231	if (OPENSSL_strcasecmp(curve_name, "SM2") == 0)
232		gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "sm2", NULL);
	232	gctx_params = EVP_PKEY_CTX_new_from_name(app_get0_libctx(), "sm2",
	233	app_get0_propq());
233	234	else
234		gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "ec", NULL);
	235	gctx_params = EVP_PKEY_CTX_new_from_name(app_get0_libctx(), "ec",
	236	app_get0_propq());
235	237	if (gctx_params == NULL
236	238	\|\| EVP_PKEY_keygen_init(gctx_params) <= 0
237	239	\|\| EVP_PKEY_CTX_set_params(gctx_params, params) <= 0

282	284	BIO_printf(bio_err, "unable to set check_type\n");
283	285	goto end;
284	286	}
285		pctx = EVP_PKEY_CTX_new_from_pkey(NULL, params_key, NULL);
	287	pctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(), params_key,
	288	app_get0_propq());
286	289	if (pctx == NULL \|\| EVP_PKEY_param_check(pctx) <= 0) {
287	290	BIO_printf(bio_err, "failed\n");
288	291	goto end;

312	315	* EVP_PKEY_CTX_set_group_name(gctx, curvename);
313	316	* EVP_PKEY_keygen(gctx, &key) <= 0)
314	317	*/
315		gctx_key = EVP_PKEY_CTX_new_from_pkey(NULL, params_key, NULL);
	318	gctx_key = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(), params_key,
	319	app_get0_propq());
316	320	if (EVP_PKEY_keygen_init(gctx_key) <= 0
317	321	\|\| EVP_PKEY_keygen(gctx_key, &key) <= 0) {
318	322	BIO_printf(bio_err, "unable to generate key\n");

+3

-2

apps/genrsa.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

178	178	if (out == NULL)
179	179	goto end;
180	180
181		if (!init_gen_str(&ctx, "RSA", eng, 0, NULL, NULL))
	181	if (!init_gen_str(&ctx, "RSA", eng, 0, app_get0_libctx(),
	182	app_get0_propq()))
182	183	goto end;
183	184
184	185	EVP_PKEY_CTX_set_cb(ctx, genrsa_cb);

+9

-4

apps/include/apps.h less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

12	12	# include "e_os.h" /* struct timeval for DTLS */
13	13	# include "internal/nelem.h"
14	14	# include "internal/sockets.h" /* for openssl_fdset() */
	15	# include "internal/cryptlib.h" /* ossl_assert() */
15	16	# include <assert.h>
16	17
17	18	# include <stdarg.h>

218	219
219	220	void app_bail_out(char *fmt, ...);
220	221	void app_malloc(size_t sz, const char what);
221		BIGNUM load_serial(const char serialfile, int create, ASN1_INTEGER **retai);
222		int save_serial(const char serialfile, const char suffix, const BIGNUM *serial,
223		ASN1_INTEGER **retai);
	222
	223	/* load_serial, save_serial, and rotate_serial are also used for CRL numbers */
	224	BIGNUM load_serial(const char serialfile, int *exists, int create,
	225	ASN1_INTEGER **retai);
	226	int save_serial(const char serialfile, const char suffix,
	227	const BIGNUM serial, ASN1_INTEGER *retai);
224	228	int rotate_serial(const char serialfile, const char new_suffix,
225	229	const char *old_suffix);
226	230	int rand_serial(BIGNUM b, ASN1_INTEGER ai);
	231
227	232	CA_DB load_index(const char dbfile, DB_ATTR *dbattr);
228	233	int index_index(CA_DB *db);
229	234	int save_index(const char dbfile, const char suffix, CA_DB *db);

+26

-6

apps/lib/apps.c less more

1455	1455	static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
1456	1456	#undef BSIZE
1457	1457	#define BSIZE 256
1458		BIGNUM load_serial(const char serialfile, int create, ASN1_INTEGER **retai)
	1458	BIGNUM load_serial(const char serialfile, int *exists, int create,
	1459	ASN1_INTEGER **retai)
1459	1460	{
1460	1461	BIO *in = NULL;
1461	1462	BIGNUM *ret = NULL;

1467	1468	goto err;
1468	1469
1469	1470	in = BIO_new_file(serialfile, "r");
	1471	if (exists != NULL)
	1472	*exists = in != NULL;
1470	1473	if (in == NULL) {
1471	1474	if (!create) {
1472	1475	perror(serialfile);

1474	1477	}
1475	1478	ERR_clear_error();
1476	1479	ret = BN_new();
1477		if (ret == NULL \|\| !rand_serial(ret, ai))
	1480	if (ret == NULL) {
1478	1481	BIO_printf(bio_err, "Out of memory\n");
	1482	} else if (!rand_serial(ret, ai)) {
	1483	BIO_printf(bio_err, "Error creating random number to store in %s\n",
	1484	serialfile);
	1485	BN_free(ret);
	1486	ret = NULL;
	1487	}
1479	1488	} else {
1480	1489	if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
1481	1490	BIO_printf(bio_err, "Unable to load number from %s\n",

1489	1498	}
1490	1499	}
1491	1500
1492		if (ret && retai) {
	1501	if (ret != NULL && retai != NULL) {
1493	1502	*retai = ai;
1494	1503	ai = NULL;
1495	1504	}
1496	1505	err:
1497		ERR_print_errors(bio_err);
	1506	if (ret == NULL)
	1507	ERR_print_errors(bio_err);
1498	1508	BIO_free(in);
1499	1509	ASN1_INTEGER_free(ai);
1500	1510	return ret;

2457	2467	APP_HTTP_TLS_INFO info = (APP_HTTP_TLS_INFO )arg;
2458	2468	SSL_CTX *ssl_ctx = info->ssl_ctx;
2459	2469
2460		if (connect && detail) { /* connecting with TLS */
	2470	if (ssl_ctx == NULL) /* not using TLS */
	2471	return bio;
	2472	if (connect) {
2461	2473	SSL *ssl;
2462	2474	BIO *sbio = NULL;
2463	2475

2535	2547	if (use_ssl && ssl_ctx == NULL) {
2536	2548	ERR_raise_data(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER,
2537	2549	"missing SSL_CTX");
	2550	goto end;
	2551	}
	2552	if (!use_ssl && ssl_ctx != NULL) {
	2553	ERR_raise_data(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT,
	2554	"SSL_CTX given but use_ssl == 0");
2538	2555	goto end;
2539	2556	}
2540	2557

2918	2935	BIO_NOCLOSE \| (FMT_istext(format) ? BIO_FP_TEXT : 0));
2919	2936	void *prefix = NULL;
2920	2937
	2938	if (b == NULL)
	2939	return NULL;
	2940
2921	2941	#ifdef OPENSSL_SYS_VMS
2922	2942	if (FMT_istext(format))
2923	2943	b = BIO_push(BIO_new(BIO_f_linebuffer()), b);

2937	2957	BIO *b = BIO_new_fp(stderr,
2938	2958	BIO_NOCLOSE \| (FMT_istext(format) ? BIO_FP_TEXT : 0));
2939	2959	#ifdef OPENSSL_SYS_VMS
2940		if (FMT_istext(format))
	2960	if (b != NULL && FMT_istext(format))
2941	2961	b = BIO_push(BIO_new(BIO_f_linebuffer()), b);
2942	2962	#endif
2943	2963	return b;

+17

-11

apps/lib/s_cb.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

75	75	}
76	76	switch (err) {
77	77	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
78		BIO_puts(bio_err, "issuer= ");
79		X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
80		0, get_nameopt());
81		BIO_puts(bio_err, "\n");
	78	if (err_cert != NULL) {
	79	BIO_puts(bio_err, "issuer= ");
	80	X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
	81	0, get_nameopt());
	82	BIO_puts(bio_err, "\n");
	83	}
82	84	break;
83	85	case X509_V_ERR_CERT_NOT_YET_VALID:
84	86	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
85		BIO_printf(bio_err, "notBefore=");
86		ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert));
87		BIO_printf(bio_err, "\n");
	87	if (err_cert != NULL) {
	88	BIO_printf(bio_err, "notBefore=");
	89	ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert));
	90	BIO_printf(bio_err, "\n");
	91	}
88	92	break;
89	93	case X509_V_ERR_CERT_HAS_EXPIRED:
90	94	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
91		BIO_printf(bio_err, "notAfter=");
92		ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert));
93		BIO_printf(bio_err, "\n");
	95	if (err_cert != NULL) {
	96	BIO_printf(bio_err, "notAfter=");
	97	ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert));
	98	BIO_printf(bio_err, "\n");
	99	}
94	100	break;
95	101	case X509_V_ERR_NO_EXPLICIT_POLICY:
96	102	if (!verify_args.quiet)

+1

-1

apps/list.c less more

1473	1473	"List of cipher commands (deprecated)"},
1474	1474	#endif
1475	1475	{"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-',
1476		"List of cipher algorithms"},
	1476	"List of symmetric cipher algorithms"},
1477	1477	{"encoders", OPT_ENCODERS, '-', "List of encoding methods" },
1478	1478	{"decoders", OPT_DECODERS, '-', "List of decoding methods" },
1479	1479	{"key-managers", OPT_KEYMANAGERS, '-', "List of key managers" },

+1

-4

apps/mac.c less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

169	169	goto err;
170	170	}
171	171
172		/* Use text mode for stdin */
173		if (infile == NULL \|\| strcmp(infile, "-") == 0)
174		inform = FORMAT_TEXT;
175	172	in = bio_open_default(infile, 'r', inform);
176	173	if (in == NULL)
177	174	goto err;

+1

-1

apps/ocsp.c less more

134	134	{"no_certs", OPT_NO_CERTS, '-',
135	135	"Don't include any certificates in signed request"},
136	136	{"badsig", OPT_BADSIG, '-',
137		"Corrupt last byte of loaded OSCP response signature (for test)"},
	137	"Corrupt last byte of loaded OCSP response signature (for test)"},
138	138	{"CA", OPT_CA, '<', "CA certificate"},
139	139	{"nmin", OPT_NMIN, 'p', "Number of minutes before next update"},
140	140	{"nrequest", OPT_REQUEST, 'p',

+2

-2

apps/openssl.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

306	306	BIO_free(bio_in);
307	307	BIO_free_all(bio_out);
308	308	apps_shutdown();
309		BIO_free(bio_err);
	309	BIO_free_all(bio_err);
310	310	EXIT(ret);
311	311	}
312	312

+2

-2

apps/pkcs12.c less more

0	0	/*
1		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

142	142	"Encrypt output with 3DES (default PBES2 with PBKDF2 and AES-256 CBC)"},
143	143	#endif
144	144	{"macalg", OPT_MACALG, 's',
145		"Digest algorithm to use in MAC (default SHA1)"},
	145	"Digest algorithm to use in MAC (default SHA256)"},
146	146	{"iter", OPT_ITER, 'p', "Specify the iteration count for encryption and MAC"},
147	147	{"noiter", OPT_NOITER, '-', "Don't use encryption iteration"},
148	148	{"nomaciter", OPT_NOMACITER, '-', "Don't use MAC iteration)"},

+8

-3

apps/pkeyparam.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

100	100	out = bio_open_default(outfile, 'w', FORMAT_PEM);
101	101	if (out == NULL)
102	102	goto end;
103		pkey = PEM_read_bio_Parameters(in, NULL);
	103	pkey = PEM_read_bio_Parameters_ex(in, NULL, app_get0_libctx(),
	104	app_get0_propq());
104	105	if (pkey == NULL) {
105	106	BIO_printf(bio_err, "Error reading parameters\n");
106	107	ERR_print_errors(bio_err);

108	109	}
109	110
110	111	if (check) {
111		ctx = EVP_PKEY_CTX_new(pkey, e);
	112	if (e == NULL)
	113	ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(), pkey,
	114	app_get0_propq());
	115	else
	116	ctx = EVP_PKEY_CTX_new(pkey, e);
112	117	if (ctx == NULL) {
113	118	ERR_print_errors(bio_err);
114	119	goto end;

+1

-1

apps/rsa.c less more

60	60
61	61	OPT_SECTION("Input"),
62	62	{"in", OPT_IN, 's', "Input file"},
63		{"inform", OPT_INFORM, 'f', "Input format (DER/PEM/P12/ENGINE"},
	63	{"inform", OPT_INFORM, 'f', "Input format (DER/PEM/P12/ENGINE)"},
64	64	{"pubin", OPT_PUBIN, '-', "Expect a public key in input file"},
65	65	{"RSAPublicKey_in", OPT_RSAPUBKEY_IN, '-', "Input is an RSAPublicKey"},
66	66	{"passin", OPT_PASSIN, 's', "Input file pass phrase source"},

+23

-4

apps/speed.c less more

66	66	# define HAVE_FORK 0
67	67	# else
68	68	# define HAVE_FORK 1
	69	# include <sys/wait.h>
69	70	# endif
70	71	#endif
71	72

874	875	loopargs_t tempargs = (loopargs_t **) args;
875	876	EVP_PKEY_CTX *ffdh_ctx = tempargs->ffdh_ctx[testnum];
876	877	unsigned char *derived_secret = tempargs->secret_ff_a;
877		size_t outlen = MAX_FFDH_SIZE;
878	878	int count;
879	879
880		for (count = 0; COND(ffdh_c[testnum][0]); count++)
	880	for (count = 0; COND(ffdh_c[testnum][0]); count++) {
	881	/* outlen can be overwritten with a too small value (no padding used) */
	882	size_t outlen = MAX_FFDH_SIZE;
	883
881	884	EVP_PKEY_derive(ffdh_ctx, derived_secret, &outlen);
	885	}
882	886	return count;
883	887	}
884	888	#endif /* OPENSSL_NO_DH */

2003	2007	goto end;
2004	2008
2005	2009	if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params))
2006		goto end;
	2010	goto skip_hmac; /* Digest not found */
2007	2011	}
2008	2012	for (testnum = 0; testnum < size_num; testnum++) {
2009	2013	print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],

2020	2024	EVP_MAC_free(mac);
2021	2025	mac = NULL;
2022	2026	}
2023
	2027	skip_hmac:
2024	2028	if (doit[D_CBC_DES]) {
2025	2029	int st = 1;
2026	2030

3415	3419	int n;
3416	3420	int fd[2];
3417	3421	int *fds;
	3422	int status;
3418	3423	static char sep[] = ":";
3419	3424
3420	3425	fds = app_malloc(sizeof(fds) multi, "fd buffer for do_multi");

3573	3578	fclose(f);
3574	3579	}
3575	3580	OPENSSL_free(fds);
	3581	for (n = 0; n < multi; ++n) {
	3582	while (wait(&status) == -1)
	3583	if (errno != EINTR) {
	3584	BIO_printf(bio_err, "Waitng for child failed with 0x%x\n",
	3585	errno);
	3586	return 1;
	3587	}
	3588	if (WIFEXITED(status) && WEXITSTATUS(status)) {
	3589	BIO_printf(bio_err, "Child exited with %d\n", WEXITSTATUS(status));
	3590	} else if (WIFSIGNALED(status)) {
	3591	BIO_printf(bio_err, "Child terminated by signal %d\n",
	3592	WTERMSIG(status));
	3593	}
	3594	}
3576	3595	return 1;
3577	3596	}
3578	3597	#endif

+24

-10

apps/x509.c less more

533	533	aliasout = ++num;
534	534	break;
535	535	case OPT_CACREATESERIAL:
536		CA_createserial = ++num;
	536	CA_createserial = 1;
537	537	break;
538	538	case OPT_CLREXT:
539	539	clrext = 1;

659	659	BIO_printf(bio_err, "Cannot use both -key/-signkey and -CA option\n");
660	660	goto end;
661	661	}
662		} else if (CAkeyfile != NULL) {
663		BIO_printf(bio_err,
664		"Warning: ignoring -CAkey option since no -CA option is given\n");
	662	} else {
	663	#define WARN_NO_CA(opt) BIO_printf(bio_err, \
	664	"Warning: ignoring " opt " option since -CA option is not given\n");
	665	if (CAkeyfile != NULL)
	666	WARN_NO_CA("-CAkey");
	667	if (CAkeyformat != FORMAT_UNDEF)
	668	WARN_NO_CA("-CAkeyform");
	669	if (CAformat != FORMAT_UNDEF)
	670	WARN_NO_CA("-CAform");
	671	if (CAserial != NULL)
	672	WARN_NO_CA("-CAserial");
	673	if (CA_createserial)
	674	WARN_NO_CA("-CAcreateserial");
665	675	}
666	676
667	677	if (extfile == NULL) {

724	734	}
725	735	if ((x = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
726	736	goto end;
727		if (sno == NULL) {
	737	if (CAfile == NULL && sno == NULL) {
728	738	sno = ASN1_INTEGER_new();
729	739	if (sno == NULL \|\| !rand_serial(NULL, sno))
730	740	goto end;

1080	1090	char *buf = NULL;
1081	1091	ASN1_INTEGER *bs = NULL;
1082	1092	BIGNUM *serial = NULL;
	1093	int defaultfile = 0, file_exists;
1083	1094
1084	1095	if (serialfile == NULL) {
1085	1096	const char *p = strrchr(CAfile, '.');

1089	1100	memcpy(buf, CAfile, len);
1090	1101	memcpy(buf + len, POSTFIX, sizeof(POSTFIX));
1091	1102	serialfile = buf;
1092		}
1093
1094		serial = load_serial(serialfile, create, NULL);
	1103	defaultfile = 1;
	1104	}
	1105
	1106	serial = load_serial(serialfile, &file_exists, create \|\| defaultfile, NULL);
1095	1107	if (serial == NULL)
1096	1108	goto end;
1097	1109

1100	1112	goto end;
1101	1113	}
1102	1114
1103		if (!save_serial(serialfile, NULL, serial, &bs))
1104		goto end;
	1115	if (file_exists \|\| create)
	1116	save_serial(serialfile, NULL, serial, &bs);
	1117	else
	1118	bs = BN_to_ASN1_INTEGER(serial, NULL);
1105	1119
1106	1120	end:
1107	1121	OPENSSL_free(buf);

+62

-2

crypto/aes/asm/aesv8-armx.pl less more

0	0	#! /usr/bin/env perl
1		# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

1796	1796	#ifndef __ARMEB__
1797	1797	rev $ctr, $ctr
1798	1798	#endif
	1799	___
	1800	$code.=<<___ if ($flavour =~ /64/);
	1801	vorr $dat1,$dat0,$dat0
	1802	add $tctr1, $ctr, #1
	1803	vorr $dat2,$dat0,$dat0
	1804	add $ctr, $ctr, #2
	1805	vorr $ivec,$dat0,$dat0
	1806	rev $tctr1, $tctr1
	1807	vmov.32 ${dat1}[3],$tctr1
	1808	b.ls .Lctr32_tail
	1809	rev $tctr2, $ctr
	1810	sub $len,$len,#3 // bias
	1811	vmov.32 ${dat2}[3],$tctr2
	1812	___
	1813	$code.=<<___ if ($flavour !~ /64/);
1799	1814	add $tctr1, $ctr, #1
1800	1815	vorr $ivec,$dat0,$dat0
1801	1816	rev $tctr1, $tctr1

1809	1824	vorr $dat2,$ivec,$ivec
1810	1825	___
1811	1826	$code.=<<___ if ($flavour =~ /64/);
1812		cmp $len,#2
	1827	cmp $len,#32
1813	1828	b.lo .Loop3x_ctr32
1814	1829
1815	1830	add w13,$ctr,#1

2002	2017	aese $dat1,q8
2003	2018	aesmc $tmp1,$dat1
2004	2019	vld1.8 {$in0},[$inp],#16
	2020	___
	2021	$code.=<<___ if ($flavour =~ /64/);
	2022	vorr $dat0,$ivec,$ivec
	2023	___
	2024	$code.=<<___ if ($flavour !~ /64/);
2005	2025	add $tctr0,$ctr,#1
	2026	___
	2027	$code.=<<___;
2006	2028	aese $dat2,q8
2007	2029	aesmc $dat2,$dat2
2008	2030	vld1.8 {$in1},[$inp],#16
	2031	___
	2032	$code.=<<___ if ($flavour =~ /64/);
	2033	vorr $dat1,$ivec,$ivec
	2034	___
	2035	$code.=<<___ if ($flavour !~ /64/);
2009	2036	rev $tctr0,$tctr0
	2037	___
	2038	$code.=<<___;
2010	2039	aese $tmp0,q9
2011	2040	aesmc $tmp0,$tmp0
2012	2041	aese $tmp1,q9

2015	2044	mov $key_,$key
2016	2045	aese $dat2,q9
2017	2046	aesmc $tmp2,$dat2
	2047	___
	2048	$code.=<<___ if ($flavour =~ /64/);
	2049	vorr $dat2,$ivec,$ivec
	2050	add $tctr0,$ctr,#1
	2051	___
	2052	$code.=<<___;
2018	2053	aese $tmp0,q12
2019	2054	aesmc $tmp0,$tmp0
2020	2055	aese $tmp1,q12

2030	2065	aese $tmp1,q13
2031	2066	aesmc $tmp1,$tmp1
2032	2067	veor $in2,$in2,$rndlast
	2068	___
	2069	$code.=<<___ if ($flavour =~ /64/);
	2070	rev $tctr0,$tctr0
	2071	aese $tmp2,q13
	2072	aesmc $tmp2,$tmp2
	2073	vmov.32 ${dat0}[3], $tctr0
	2074	___
	2075	$code.=<<___ if ($flavour !~ /64/);
2033	2076	vmov.32 ${ivec}[3], $tctr0
2034	2077	aese $tmp2,q13
2035	2078	aesmc $tmp2,$tmp2
2036	2079	vorr $dat0,$ivec,$ivec
	2080	___
	2081	$code.=<<___;
2037	2082	rev $tctr1,$tctr1
2038	2083	aese $tmp0,q14
2039	2084	aesmc $tmp0,$tmp0
	2085	___
	2086	$code.=<<___ if ($flavour !~ /64/);
2040	2087	vmov.32 ${ivec}[3], $tctr1
2041	2088	rev $tctr2,$ctr
	2089	___
	2090	$code.=<<___;
2042	2091	aese $tmp1,q14
2043	2092	aesmc $tmp1,$tmp1
	2093	___
	2094	$code.=<<___ if ($flavour =~ /64/);
	2095	vmov.32 ${dat1}[3], $tctr1
	2096	rev $tctr2,$ctr
	2097	aese $tmp2,q14
	2098	aesmc $tmp2,$tmp2
	2099	vmov.32 ${dat2}[3], $tctr2
	2100	___
	2101	$code.=<<___ if ($flavour !~ /64/);
2044	2102	vorr $dat1,$ivec,$ivec
2045	2103	vmov.32 ${ivec}[3], $tctr2
2046	2104	aese $tmp2,q14
2047	2105	aesmc $tmp2,$tmp2
2048	2106	vorr $dat2,$ivec,$ivec
	2107	___
	2108	$code.=<<___;
2049	2109	subs $len,$len,#3
2050	2110	aese $tmp0,q15
2051	2111	aese $tmp1,q15

+5

-5

crypto/arm_arch.h less more

0	0	/*
1		* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2011-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

99	99	# define ARM_CPU_PART_N1 0xD0C
100	100
101	101	# define MIDR_PARTNUM_SHIFT 4
102		# define MIDR_PARTNUM_MASK (0xfff << MIDR_PARTNUM_SHIFT)
	102	# define MIDR_PARTNUM_MASK (0xfffU << MIDR_PARTNUM_SHIFT)
103	103	# define MIDR_PARTNUM(midr) \
104	104	(((midr) & MIDR_PARTNUM_MASK) >> MIDR_PARTNUM_SHIFT)
105	105
106	106	# define MIDR_IMPLEMENTER_SHIFT 24
107		# define MIDR_IMPLEMENTER_MASK (0xff << MIDR_IMPLEMENTER_SHIFT)
	107	# define MIDR_IMPLEMENTER_MASK (0xffU << MIDR_IMPLEMENTER_SHIFT)
108	108	# define MIDR_IMPLEMENTER(midr) \
109	109	(((midr) & MIDR_IMPLEMENTER_MASK) >> MIDR_IMPLEMENTER_SHIFT)
110	110
111	111	# define MIDR_ARCHITECTURE_SHIFT 16
112		# define MIDR_ARCHITECTURE_MASK (0xf << MIDR_ARCHITECTURE_SHIFT)
	112	# define MIDR_ARCHITECTURE_MASK (0xfU << MIDR_ARCHITECTURE_SHIFT)
113	113	# define MIDR_ARCHITECTURE(midr) \
114	114	(((midr) & MIDR_ARCHITECTURE_MASK) >> MIDR_ARCHITECTURE_SHIFT)
115	115

120	120
121	121	# define MIDR_CPU_MODEL(imp, partnum) \
122	122	(((imp) << MIDR_IMPLEMENTER_SHIFT) \| \
123		(0xf << MIDR_ARCHITECTURE_SHIFT) \| \
	123	(0xfU << MIDR_ARCHITECTURE_SHIFT) \| \
124	124	((partnum) << MIDR_PARTNUM_SHIFT))
125	125
126	126	# define MIDR_IS_CPU_MODEL(midr, imp, partnum) \

+6

-6

crypto/armcap.c less more

0	0	/*
1		* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2011-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

256	256	}
257	257	# endif
258	258
259		/* Things that getauxval didn't tell us */
260		if (sigsetjmp(ill_jmp, 1) == 0) {
261		_armv7_tick();
262		OPENSSL_armcap_P \|= ARMV7_TICK;
263		}
	259	/*
	260	* Probing for ARMV7_TICK is known to produce unreliable results,
	261	* so we will only use the feature when the user explicitly enables
	262	* it with OPENSSL_armcap.
	263	*/
264	264
265	265	sigaction(SIGILL, &ill_oact, NULL);
266	266	sigprocmask(SIG_SETMASK, &oset, NULL);

+15

-8

crypto/asn1/asn_mime.c less more

0	0	/*
1		* Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

68	68	int i2d_ASN1_bio_stream(BIO out, ASN1_VALUE val, BIO *in, int flags,
69	69	const ASN1_ITEM *it)
70	70	{
	71	int rv = 1;
	72
71	73	/* If streaming create stream BIO and copy all content through it */
72	74	if (flags & SMIME_STREAM) {
73	75	BIO bio, tbio;

76	78	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
77	79	return 0;
78	80	}
79		SMIME_crlf_copy(in, bio, flags);
	81	if (!SMIME_crlf_copy(in, bio, flags)) {
	82	rv = 0;
	83	}
	84
80	85	(void)BIO_flush(bio);
81	86	/* Free up successive BIOs until we hit the old output BIO */
82	87	do {

91	96	*/
92	97	else
93	98	ASN1_item_i2d_bio(it, out, val);
94		return 1;
	99	return rv;
95	100	}
96	101
97	102	/* Base 64 read and write of ASN1 structure */

345	350	* set up to finalise when it is written through.
346	351	*/
347	352	if (!(flags & SMIME_DETACHED) \|\| (flags & PKCS7_REUSE_DIGEST)) {
348		SMIME_crlf_copy(data, out, flags);
349		return 1;
	353	return SMIME_crlf_copy(data, out, flags);
350	354	}
351	355
352	356	if (!aux \|\| !aux->asn1_cb) {

364	368	return 0;
365	369
366	370	/* Copy data across, passing through filter BIOs for processing */
367		SMIME_crlf_copy(data, sarg.ndef_bio, flags);
	371	if (!SMIME_crlf_copy(data, sarg.ndef_bio, flags))
	372	rv = 0;
368	373
369	374	/* Finalize structure */
370	375	if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)

514	519	* when streaming as we don't end up with one OCTET STRING per line.
515	520	*/
516	521	bf = BIO_new(BIO_f_buffer());
517		if (bf == NULL)
518		return 0;
	522	if (bf == NULL) {
	523	ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
	524	return 0;
	525	}
519	526	out = BIO_push(bf, out);
520	527	if (flags & SMIME_BINARY) {
521	528	while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)

+20

-3

crypto/bio/bio_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

11	11	#include <stdio.h>
12	12	#include <errno.h>
13	13	#include <openssl/crypto.h>
	14	#include "internal/numbers.h"
14	15	#include "bio_local.h"
15	16
16	17	/*

619	620	*/
620	621	size_t BIO_ctrl_pending(BIO *bio)
621	622	{
622		return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
	623	long ret = BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
	624
	625	if (ret < 0)
	626	ret = 0;
	627	#if LONG_MAX > SIZE_MAX
	628	if (ret > SIZE_MAX)
	629	ret = SIZE_MAX;
	630	#endif
	631	return (size_t)ret;
623	632	}
624	633
625	634	size_t BIO_ctrl_wpending(BIO *bio)
626	635	{
627		return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
	636	long ret = BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
	637
	638	if (ret < 0)
	639	ret = 0;
	640	#if LONG_MAX > SIZE_MAX
	641	if (ret > SIZE_MAX)
	642	ret = SIZE_MAX;
	643	#endif
	644	return (size_t)ret;
628	645	}
629	646
630	647	/* put the 'bio' on the end of b's list of operators */

+2

-1

crypto/bio/bss_dgram.c less more

1913	1913	t->tv_sec = (long)(now_ul / 10000000);
1914	1914	t->tv_usec = ((int)(now_ul % 10000000)) / 10;
1915	1915	# else
1916		gettimeofday(t, NULL);
	1916	if (gettimeofday(t, NULL) < 0)
	1917	perror("gettimeofday");
1917	1918	# endif
1918	1919	}
1919	1920

+12

-3

crypto/bn/asm/rsaz-avx512.pl less more

0		# Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	0	# Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
1	1	# Copyright (c) 2020, Intel Corporation. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use

47	47	$avx512ifma = ($1==2.11 && $2>=8) + ($1>=2.12);
48	48	}
49	49
50		if (!$avx512 && `$ENV{CC} -v 2>&1` =~ /((?:clang\|LLVM) version\|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
51		$avx512ifma = ($2>=7.0);
	50	if (!$avx512 && `$ENV{CC} -v 2>&1`
	51	=~ /(Apple)?\s((?:clang\|LLVM) version\|.based on LLVM) ([0-9]+)\.([0-9]+)\.([0-9]+)?/) {
	52	my $ver = $3 + $4/100.0 + $5/10000.0; # 3.1.0->3.01, 3.10.1->3.1001
	53	if ($1) {
	54	# Apple conditions, they use a different version series, see
	55	# https://en.wikipedia.org/wiki/Xcode#Xcode_7.0_-_10.x_(since_Free_On-Device_Development)_2
	56	# clang 7.0.0 is Apple clang 10.0.1
	57	$avx512ifma = ($ver>=10.0001)
	58	} else {
	59	$avx512ifma = ($3>=7.0);
	60	}
52	61	}
53	62
54	63	open OUT,"\| \"$^X\" \"$xlate\" $flavour \"$output\""

+5

-4

crypto/bn/bn_prime.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

307	307	goto err;
308	308	#endif
309	309
310		ret = ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status);
311		if (!ret)
312		goto err;
	310	if (!ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status)) {
	311	ret = -1;
	312	goto err;
	313	}
313	314	ret = (status == BN_PRIMETEST_PROBABLY_PRIME);
314	315	err:
315	316	#ifndef FIPS_MODULE

+6

-1

crypto/bn/bn_rand.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

134	134	{
135	135	int n;
136	136	int count = 100;
	137
	138	if (r == NULL) {
	139	ERR_raise(ERR_LIB_BN, ERR_R_PASSED_NULL_PARAMETER);
	140	return 0;
	141	}
137	142
138	143	if (range->neg \|\| BN_is_zero(range)) {
139	144	ERR_raise(ERR_LIB_BN, BN_R_INVALID_RANGE);

+14

-4

crypto/bn/rsaz_exp_x2.c less more

30	30	# define ALIGN64
31	31	# endif
32	32
	33	# if defined(__GNUC__)
	34	# define ALIGN1 __attribute__((aligned(1)))
	35	# elif defined(_MSC_VER)
	36	# define ALIGN1 __declspec(align(1))
	37	# else
	38	# define ALIGN1
	39	# endif
	40
33	41	# define ALIGN_OF(ptr, boundary) \
34	42	((unsigned char *)(ptr) + (boundary - (((size_t)(ptr)) & (boundary - 1))))
35	43

40	48
41	49	# define BITS2WORD8_SIZE(x) (((x) + 7) >> 3)
42	50	# define BITS2WORD64_SIZE(x) (((x) + 63) >> 6)
	51
	52	typedef uint64_t ALIGN1 uint64_t_align1;
43	53
44	54	static ossl_inline uint64_t get_digit52(const uint8_t *in, int in_len);
45	55	static ossl_inline void put_digit52(uint8_t *out, int out_len, uint64_t digit);

467	477	in_str = (uint8_t *)in;
468	478
469	479	for (; in_bitsize >= (2 * DIGIT_SIZE); in_bitsize -= (2 * DIGIT_SIZE), out += 2) {
470		out[0] = ((uint64_t )in_str) & DIGIT_MASK;
	480	out[0] = ((uint64_t_align1 )in_str) & DIGIT_MASK;
471	481	in_str += 6;
472		out[1] = (((uint64_t )in_str) >> 4) & DIGIT_MASK;
	482	out[1] = (((uint64_t_align1 )in_str) >> 4) & DIGIT_MASK;
473	483	in_str += 7;
474	484	out_len -= 2;
475	485	}

526	536	uint8_t out_str = (uint8_t )out;
527	537
528	538	for (; out_bitsize >= (2 * DIGIT_SIZE); out_bitsize -= (2 * DIGIT_SIZE), in += 2) {
529		((uint64_t )out_str) = in[0];
	539	((uint64_t_align1 )out_str) = in[0];
530	540	out_str += 6;
531		((uint64_t )out_str) ^= in[1] << 4;
	541	((uint64_t_align1 )out_str) ^= in[1] << 4;
532	542	out_str += 7;
533	543	}
534	544

+5

-2

crypto/cmp/cmp_http.c less more

0	0	/*
1		* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright Nokia 2007-2019
3	3	* Copyright Siemens AG 2015-2019
4	4	*

30	30	static int keep_alive(int keep_alive, int body_type)
31	31	{
32	32	if (keep_alive != 0
33		/* Ask for persistent connection only if may need more round trips */
	33	/*
	34	* Ask for persistent connection only if may need more round trips.
	35	* Do so even with disableConfirm because polling might be needed.
	36	*/
34	37	&& body_type != OSSL_CMP_PKIBODY_IR
35	38	&& body_type != OSSL_CMP_PKIBODY_CR
36	39	&& body_type != OSSL_CMP_PKIBODY_P10CR

+7

-8

crypto/cmp/cmp_msg.c less more

252	252	(sk_GENERAL_NAME_num((ctx)->subjectAltNames) > 0 \
253	253	\|\| OSSL_CMP_CTX_reqExtensions_have_SAN(ctx) == 1)
254	254
255		static const X509_NAME determine_subj(OSSL_CMP_CTX ctx,
256		const X509_NAME *ref_subj,
257		int for_KUR)
	255	static const X509_NAME determine_subj(OSSL_CMP_CTX ctx, int for_KUR,
	256	const X509_NAME *ref_subj)
258	257	{
259	258	if (ctx->subjectName != NULL)
260	259	return IS_NULL_DN(ctx->subjectName) ? NULL : ctx->subjectName;
261
262		if (ref_subj != NULL && (ctx->p10CSR != NULL \|\| for_KUR \|\| !HAS_SAN(ctx)))
	260	if (ctx->p10CSR != NULL) /* first default is from any given CSR */
	261	return X509_REQ_get_subject_name(ctx->p10CSR);
	262	if (for_KUR \|\| !HAS_SAN(ctx))
263	263	/*
264		* For KUR, copy subject from the reference.
	264	* For KUR, copy subject from any reference cert as fallback.
265	265	* For IR or CR, do the same only if there is no subjectAltName.
266	266	*/
267	267	return ref_subj;

276	276	EVP_PKEY *rkey = OSSL_CMP_CTX_get0_newPkey(ctx, 0);
277	277	STACK_OF(GENERAL_NAME) *default_sans = NULL;
278	278	const X509_NAME *ref_subj =
279		ctx->p10CSR != NULL ? X509_REQ_get_subject_name(ctx->p10CSR) :
280	279	refcert != NULL ? X509_get_subject_name(refcert) : NULL;
281		const X509_NAME *subject = determine_subj(ctx, ref_subj, for_KUR);
	280	const X509_NAME *subject = determine_subj(ctx, for_KUR, ref_subj);
282	281	const X509_NAME *issuer = ctx->issuer != NULL \|\| refcert == NULL
283	282	? (IS_NULL_DN(ctx->issuer) ? NULL : ctx->issuer)
284	283	: X509_get_issuer_name(refcert);

+3

-3

crypto/cmp/cmp_util.c less more

0	0	/*
1		* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright Nokia 2007-2019
3	3	* Copyright Siemens AG 2015-2019
4	4	*

100	100	*file = OPENSSL_strndup(p_file, p_line - 1 - p_file);
101	101	/* no real problem if OPENSSL_strndup() returns NULL */
102	102	*line = (int)line_number;
103		msg = strchr(p_level, ':') + 1;
104		if (*msg == ' ')
	103	msg = strchr(p_level, ':');
	104	if (msg != NULL && *++msg == ' ')
105	105	msg++;
106	106	}
107	107	}

+6

-1

crypto/cms/cms_enc.c less more

0	0	/*
1		* Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

82	82	calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_get_type(ctx));
83	83	/* Generate a random IV if we need one */
84	84	ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
	85	if (ivlen < 0) {
	86	ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
	87	goto err;
	88	}
	89
85	90	if (ivlen > 0) {
86	91	if (RAND_bytes_ex(libctx, iv, ivlen, 0) <= 0)
87	92	goto err;

+5

-2

crypto/cms/cms_lib.c less more

0	0	/*
1		* Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

33	33	(CMS_ContentInfo_it()),
34	34	ossl_cms_ctx_get0_libctx(ctx),
35	35	ossl_cms_ctx_get0_propq(ctx));
36		if (ci != NULL)
	36	if (ci != NULL) {
	37	ERR_set_mark();
37	38	ossl_cms_resolve_libctx(ci);
	39	ERR_pop_to_mark();
	40	}
38	41	return ci;
39	42	}
40	43

+5

-1

crypto/cms/cms_pwri.c less more

0	0	/*
1		* Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

95	95	}
96	96
97	97	ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
	98	if (ivlen < 0) {
	99	ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
	100	goto err;
	101	}
98	102
99	103	if (ivlen > 0) {
100	104	if (RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), iv, ivlen, 0) <= 0)

+8

-2

crypto/cms/cms_smime.c less more

431	431	* Don't use SMIME_TEXT for verify: it adds headers and we want to
432	432	* remove them.
433	433	*/
434		SMIME_crlf_copy(dcont, cmsbio, flags & ~SMIME_TEXT);
	434	if (!SMIME_crlf_copy(dcont, cmsbio, flags & ~SMIME_TEXT))
	435	goto err;
435	436
436	437	if (flags & CMS_TEXT) {
437	438	if (!SMIME_text(tmpout, out)) {

881	882	return 0;
882	883	}
883	884
884		ret = SMIME_crlf_copy(data, cmsbio, flags);
	885	if (!SMIME_crlf_copy(data, cmsbio, flags)) {
	886	goto err;
	887	}
885	888
886	889	(void)BIO_flush(cmsbio);
887	890

889	892	ERR_raise(ERR_LIB_CMS, CMS_R_CMS_DATAFINAL_ERROR);
890	893	goto err;
891	894	}
	895
	896	ret = 1;
	897
892	898	err:
893	899	do_free_upto(cmsbio, dcont);
894	900

+5

-1

crypto/conf/conf_sap.c less more

0	0	/*
1		* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

43	43	int ossl_config_int(const OPENSSL_INIT_SETTINGS *settings)
44	44	{
45	45	int ret = 0;
	46	#if defined(OPENSSL_INIT_DEBUG) \|\| !defined(OPENSSL_SYS_UEFI)
46	47	const char *filename;
47	48	const char *appname;
48	49	unsigned long flags;
	50	#endif
49	51
50	52	if (openssl_configured)
51	53	return 1;
52	54
	55	#if defined(OPENSSL_INIT_DEBUG) \|\| !defined(OPENSSL_SYS_UEFI)
53	56	filename = settings ? settings->filename : NULL;
54	57	appname = settings ? settings->appname : NULL;
55	58	flags = settings ? settings->flags : DEFAULT_CONF_MFLAGS;
	59	#endif
56	60
57	61	#ifdef OPENSSL_INIT_DEBUG
58	62	fprintf(stderr, "OPENSSL_INIT: ossl_config_int(%s, %s, %lu)\n",

+21

-5

crypto/core_algorithm.c less more

17	17	int operation_id; /* May be zero for finding them all */
18	18	int (pre)(OSSL_PROVIDER , int operation_id, int no_store, void *data,
19	19	int *result);
	20	int (reserve_store)(int no_store, void data);
20	21	void (fn)(OSSL_PROVIDER , const OSSL_ALGORITHM *, int no_store,
21	22	void *data);
	23	int (unreserve_store)(void data);
22	24	int (post)(OSSL_PROVIDER , int operation_id, int no_store, void *data,
23	25	int *result);
24	26	void *data;

42	44	struct algorithm_data_st *data = cbdata;
43	45	int ret = 0;
44	46
	47	if (!data->reserve_store(no_store, data->data))
	48	/* Error, bail out! */
	49	return -1;
	50
45	51	/* Do we fulfill pre-conditions? */
46	52	if (data->pre == NULL) {
47	53	/* If there is no pre-condition function, assume "yes" */

49	55	} else if (!data->pre(provider, cur_operation, no_store, data->data,
50	56	&ret)) {
51	57	/* Error, bail out! */
52		return -1;
	58	ret = -1;
	59	goto end;
53	60	}
54	61
55	62	/*

57	64	* but do continue with the next. This simply means that another thread
58	65	* got to it first.
59	66	*/
60		if (ret == 0)
61		return 1;
	67	if (ret == 0) {
	68	ret = 1;
	69	goto end;
	70	}
62	71
63	72	if (map != NULL) {
64	73	const OSSL_ALGORITHM *thismap;

74	83	} else if (!data->post(provider, cur_operation, no_store, data->data,
75	84	&ret)) {
76	85	/* Error, bail out! */
77		return -1;
	86	ret = -1;
78	87	}
	88
	89	end:
	90	data->unreserve_store(data->data);
79	91
80	92	return ret;
81	93	}

102	114	cur_operation++) {
103	115	int no_store = 0; /* Assume caching is ok */
104	116	const OSSL_ALGORITHM *map = NULL;
105		int ret;
	117	int ret = 0;
106	118
107	119	map = ossl_provider_query_operation(provider, cur_operation,
108	120	&no_store);

125	137	OSSL_PROVIDER *provider,
126	138	int (pre)(OSSL_PROVIDER , int operation_id,
127	139	int no_store, void data, int result),
	140	int (reserve_store)(int no_store, void data),
128	141	void (fn)(OSSL_PROVIDER provider,
129	142	const OSSL_ALGORITHM *algo,
130	143	int no_store, void *data),
	144	int (unreserve_store)(void data),
131	145	int (post)(OSSL_PROVIDER , int operation_id,
132	146	int no_store, void data, int result),
133	147	void *data)

137	151	cbdata.libctx = libctx;
138	152	cbdata.operation_id = operation_id;
139	153	cbdata.pre = pre;
	154	cbdata.reserve_store = reserve_store;
140	155	cbdata.fn = fn;
	156	cbdata.unreserve_store = unreserve_store;
141	157	cbdata.post = post;
142	158	cbdata.data = data;
143	159

+29

-18

crypto/core_fetch.c less more

28	28	struct construct_data_st *data = cbdata;
29	29
30	30	return no_store && !data->force_store;
	31	}
	32
	33	static int ossl_method_construct_reserve_store(int no_store, void *cbdata)
	34	{
	35	struct construct_data_st *data = cbdata;
	36
	37	if (is_temporary_method_store(no_store, data) && data->store == NULL) {
	38	/*
	39	* If we have been told not to store the method "permanently", we
	40	* ask for a temporary store, and store the method there.
	41	* The owner of \|data->mcm\| is completely responsible for managing
	42	* that temporary store.
	43	*/
	44	if ((data->store = data->mcm->get_tmp_store(data->mcm_data)) == NULL)
	45	return 0;
	46	}
	47
	48	return data->mcm->lock_store(data->store, data->mcm_data);
	49	}
	50
	51	static int ossl_method_construct_unreserve_store(void *cbdata)
	52	{
	53	struct construct_data_st *data = cbdata;
	54
	55	return data->mcm->unlock_store(data->store, data->mcm_data);
31	56	}
32	57
33	58	static int ossl_method_construct_precondition(OSSL_PROVIDER *provider,

94	119	* It is expected that the put function increments the refcnt
95	120	* of the passed method.
96	121	*/
97
98		if (!is_temporary_method_store(no_store, data)) {
99		/* If we haven't been told not to store, add to the global store */
100		data->mcm->put(NULL, method, provider, algo->algorithm_names,
101		algo->property_definition, data->mcm_data);
102		} else {
103		/*
104		* If we have been told not to store the method "permanently", we
105		* ask for a temporary store, and store the method there.
106		* The owner of \|data->mcm\| is completely responsible for managing
107		* that temporary store.
108		*/
109		if ((data->store = data->mcm->get_tmp_store(data->mcm_data)) == NULL)
110		return;
111
112		data->mcm->put(data->store, method, provider, algo->algorithm_names,
113		algo->property_definition, data->mcm_data);
114		}
	122	data->mcm->put(data->store, method, provider, algo->algorithm_names,
	123	algo->property_definition, data->mcm_data);
115	124
116	125	/* refcnt-- because we're dropping the reference */
117	126	data->mcm->destruct(method, data->mcm_data);

142	151	cbdata.mcm_data = mcm_data;
143	152	ossl_algorithm_do_all(libctx, operation_id, provider,
144	153	ossl_method_construct_precondition,
	154	ossl_method_construct_reserve_store,
145	155	ossl_method_construct_this,
	156	ossl_method_construct_unreserve_store,
146	157	ossl_method_construct_postcondition,
147	158	&cbdata);
148	159

+3

-2

crypto/dh/dh_group_params.c less more

30	30	if (dh == NULL)
31	31	return NULL;
32	32
33		ossl_ffc_named_group_set_pqg(&dh->params, group);
	33	ossl_ffc_named_group_set(&dh->params, group);
34	34	dh->params.nid = ossl_ffc_named_group_get_uid(group);
35	35	dh->dirty_cnt++;
36	36	return dh;

71	71	dh->params.g)) != NULL) {
72	72	if (dh->params.q == NULL)
73	73	dh->params.q = (BIGNUM *)ossl_ffc_named_group_get_q(group);
74		/* cache the nid */
	74	/* cache the nid and default key length */
75	75	dh->params.nid = ossl_ffc_named_group_get_uid(group);
	76	dh->params.keylength = ossl_ffc_named_group_get_keylength(group);
76	77	dh->dirty_cnt++;
77	78	}
78	79	}

+3

-2

crypto/dh/dh_pmeth.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

431	431	else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
432	432
433	433	unsigned char *Z = NULL;
434		size_t Zlen = 0;
	434	int Zlen = 0;
	435
435	436	if (!dctx->kdf_outlen \|\| !dctx->kdf_oid)
436	437	return 0;
437	438	if (key == NULL) {

+8

-0

crypto/ec/build.info less more

70	70	# need to be applied to all affected libraries and modules.
71	71	DEFINE[../../libcrypto]=$ECDEF
72	72	DEFINE[../../providers/libfips.a]=$ECDEF
	73	DEFINE[../../providers/libdefault.a]=$ECDEF
	74	# We only need to include the ECDEF stuff in the legacy provider when
	75	# it's a separate module and it's dynamically linked with libcrypto.
	76	# Otherwise, it already gets everything that the static libcrypto.a
	77	# has, and doesn't need it added again.
	78	IF[{- !$disabled{module} && !$disabled{shared} -}]
	79	DEFINE[../providers/liblegacy.a]=$ECDEF
	80	ENDIF
73	81
74	82	GENERATE[ecp_nistz256-x86.S]=asm/ecp_nistz256-x86.pl
75	83

+12

-12

crypto/ec/ec_ameth.c less more

41	41	ASN1_OBJECT *asn1obj = OBJ_nid2obj(nid);
42	42
43	43	if (asn1obj == NULL \|\| OBJ_length(asn1obj) == 0) {
44		ASN1_OBJECT_free(asn1obj);
45	44	ERR_raise(ERR_LIB_EC, EC_R_MISSING_OID);
46	45	return 0;
47	46	}

91	90	ptype, pval, penc, penclen))
92	91	return 1;
93	92	err:
94		if (ptype == V_ASN1_OBJECT)
95		ASN1_OBJECT_free(pval);
96		else
	93	if (ptype == V_ASN1_SEQUENCE)
97	94	ASN1_STRING_free(pval);
98	95	OPENSSL_free(penc);
99	96	return 0;

186	183	eplen = i2d_ECPrivateKey(&ec_key, &ep);
187	184	if (eplen <= 0) {
188	185	ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
189		ASN1_STRING_free(pval);
190		return 0;
	186	goto err;
191	187	}
192	188
193	189	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
194	190	ptype, pval, ep, eplen)) {
195		ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB);
	191	ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB);
	192	OPENSSL_clear_free(ep, eplen);
	193	goto err;
	194	}
	195
	196	return 1;
	197
	198	err:
	199	if (ptype == V_ASN1_SEQUENCE)
196	200	ASN1_STRING_free(pval);
197		OPENSSL_clear_free(ep, eplen);
198		return 0;
199		}
200
201		return 1;
	201	return 0;
202	202	}
203	203
204	204	static int int_ec_size(const EVP_PKEY *pkey)

+10

-0

crypto/ec/ec_key.c less more

718	718	if (key->meth->set_private != NULL
719	719	&& key->meth->set_private(key, priv_key) == 0)
720	720	return 0;
	721
	722	/*
	723	* Return `0` to comply with legacy behavior for this function, see
	724	* https://github.com/openssl/openssl/issues/18744#issuecomment-1195175696
	725	*/
	726	if (priv_key == NULL) {
	727	BN_clear_free(key->priv_key);
	728	key->priv_key = NULL;
	729	return 0; /* intentional for legacy compatibility */
	730	}
721	731
722	732	/*
723	733	* We should never leak the bit length of the secret scalar in the key,

+8

-12

crypto/ec/ecx_meth.c less more

1159	1159	{
1160	1160	const unsigned char privkey, pubkey;
1161	1161
1162		if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey))
1163		return 0;
1164
1165		if (key != NULL)
1166		return s390x_x25519_mul(key, pubkey, privkey);
1167
	1162	if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey)
	1163	\|\| (key != NULL
	1164	&& s390x_x25519_mul(key, privkey, pubkey) == 0))
	1165	return 0;
1168	1166	*keylen = X25519_KEYLEN;
1169	1167	return 1;
1170	1168	}

1174	1172	{
1175	1173	const unsigned char privkey, pubkey;
1176	1174
1177		if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey))
1178		return 0;
1179
1180		if (key != NULL)
1181		return s390x_x448_mul(key, pubkey, privkey);
1182
	1175	if (!validate_ecx_derive(ctx, key, keylen, &privkey, &pubkey)
	1176	\|\| (key != NULL
	1177	&& s390x_x448_mul(key, pubkey, privkey) == 0))
	1178	return 0;
1183	1179	*keylen = X448_KEYLEN;
1184	1180	return 1;
1185	1181	}

+24

-0

crypto/encode_decode/decoder_meth.c less more

121	121	{
122	122	return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_DECODER_STORE_INDEX,
123	123	&decoder_store_method);
	124	}
	125
	126	static int reserve_decoder_store(void store, void data)
	127	{
	128	struct decoder_data_st *methdata = data;
	129
	130	if (store == NULL
	131	&& (store = get_decoder_store(methdata->libctx)) == NULL)
	132	return 0;
	133
	134	return ossl_method_lock_store(store);
	135	}
	136
	137	static int unreserve_decoder_store(void store, void data)
	138	{
	139	struct decoder_data_st *methdata = data;
	140
	141	if (store == NULL
	142	&& (store = get_decoder_store(methdata->libctx)) == NULL)
	143	return 0;
	144
	145	return ossl_method_unlock_store(store);
124	146	}
125	147
126	148	/* Get decoder methods from a store, or put one in */

373	395	\|\| !ossl_method_store_cache_get(store, NULL, id, propq, &method)) {
374	396	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
375	397	get_tmp_decoder_store,
	398	reserve_decoder_store,
	399	unreserve_decoder_store,
376	400	get_decoder_from_store,
377	401	put_decoder_in_store,
378	402	construct_decoder,

+24

-0

crypto/encode_decode/encoder_meth.c less more

121	121	{
122	122	return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_ENCODER_STORE_INDEX,
123	123	&encoder_store_method);
	124	}
	125
	126	static int reserve_encoder_store(void store, void data)
	127	{
	128	struct encoder_data_st *methdata = data;
	129
	130	if (store == NULL
	131	&& (store = get_encoder_store(methdata->libctx)) == NULL)
	132	return 0;
	133
	134	return ossl_method_lock_store(store);
	135	}
	136
	137	static int unreserve_encoder_store(void store, void data)
	138	{
	139	struct encoder_data_st *methdata = data;
	140
	141	if (store == NULL
	142	&& (store = get_encoder_store(methdata->libctx)) == NULL)
	143	return 0;
	144
	145	return ossl_method_unlock_store(store);
124	146	}
125	147
126	148	/* Get encoder methods from a store, or put one in */

383	405	\|\| !ossl_method_store_cache_get(store, NULL, id, propq, &method)) {
384	406	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
385	407	get_tmp_encoder_store,
	408	reserve_encoder_store,
	409	unreserve_encoder_store,
386	410	get_encoder_from_store,
387	411	put_encoder_in_store,
388	412	construct_encoder,

+36

-1

crypto/evp/ctrl_params_translate.c less more

1954	1954	IMPL_GET_RSA_PAYLOAD_COEFFICIENT(8)
1955	1955	IMPL_GET_RSA_PAYLOAD_COEFFICIENT(9)
1956	1956
	1957	static int fix_group_ecx(enum state state,
	1958	const struct translation_st *translation,
	1959	struct translation_ctx_st *ctx)
	1960	{
	1961	const char *value = NULL;
	1962
	1963	switch (state) {
	1964	case PRE_PARAMS_TO_CTRL:
	1965	if (!EVP_PKEY_CTX_IS_GEN_OP(ctx->pctx))
	1966	return 0;
	1967	ctx->action_type = NONE;
	1968	return 1;
	1969	case POST_PARAMS_TO_CTRL:
	1970	if (OSSL_PARAM_get_utf8_string_ptr(ctx->params, &value) == 0 \|\|
	1971	OPENSSL_strcasecmp(ctx->pctx->keytype, value) != 0) {
	1972	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
	1973	ctx->p1 = 0;
	1974	return 0;
	1975	}
	1976	ctx->p1 = 1;
	1977	return 1;
	1978	default:
	1979	return 0;
	1980	}
	1981	}
	1982
1957	1983	/*-
1958	1984	* The translation table itself
1959	1985	* ============================

2273	2299	{ GET, -1, -1, EVP_PKEY_OP_TYPE_SIG,
2274	2300	EVP_PKEY_CTRL_GET_MD, NULL, NULL,
2275	2301	OSSL_SIGNATURE_PARAM_DIGEST, OSSL_PARAM_UTF8_STRING, fix_md },
	2302
	2303	/*-
	2304	* ECX
	2305	* ===
	2306	*/
	2307	{ SET, EVP_PKEY_X25519, EVP_PKEY_X25519, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
	2308	OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
	2309	{ SET, EVP_PKEY_X448, EVP_PKEY_X448, EVP_PKEY_OP_KEYGEN, -1, NULL, NULL,
	2310	OSSL_PKEY_PARAM_GROUP_NAME, OSSL_PARAM_UTF8_STRING, fix_group_ecx },
2276	2311	};
2277	2312
2278	2313	static const struct translation_st evp_pkey_translations[] = {

2691	2726
2692	2727	ret = fixup(PRE_PARAMS_TO_CTRL, translation, &ctx);
2693	2728
2694		if (ret > 0 && action_type != NONE)
	2729	if (ret > 0 && ctx.action_type != NONE)
2695	2730	ret = EVP_PKEY_CTX_ctrl(pctx, keytype, optype,
2696	2731	ctx.ctrl_cmd, ctx.p1, ctx.p2);
2697	2732

+3

-1

crypto/evp/digest.c less more

224	224	\|\| tmpimpl != NULL
225	225	#endif
226	226	\|\| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0
227		\|\| type->origin == EVP_ORIG_METH) {
	227	\|\| (type != NULL && type->origin == EVP_ORIG_METH)
	228	\|\| (type == NULL && ctx->digest != NULL
	229	&& ctx->digest->origin == EVP_ORIG_METH)) {
228	230	if (ctx->digest == ctx->fetched_digest)
229	231	ctx->digest = NULL;
230	232	EVP_MD_free(ctx->fetched_digest);

+16

-3

crypto/evp/evp_enc.c less more

42	42	if (ctx->fetched_cipher != NULL)
43	43	EVP_CIPHER_free(ctx->fetched_cipher);
44	44	memset(ctx, 0, sizeof(*ctx));
	45	ctx->iv_len = -1;
45	46
46	47	return 1;
47	48

60	61	ENGINE_finish(ctx->engine);
61	62	#endif
62	63	memset(ctx, 0, sizeof(*ctx));
	64	ctx->iv_len = -1;
63	65	return 1;
64	66	}
65	67

86	88	#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
87	89	ENGINE *tmpimpl = NULL;
88	90	#endif
	91
	92	ctx->iv_len = -1;
	93
89	94	/*
90	95	* enc == 1 means we are encrypting.
91	96	* enc == 0 means we are decrypting.

130	135	#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
131	136	\|\| tmpimpl != NULL
132	137	#endif
133		\|\| impl != NULL) {
	138	\|\| impl != NULL
	139	\|\| (cipher != NULL && cipher->origin == EVP_ORIG_METH)
	140	\|\| (cipher == NULL && ctx->cipher != NULL
	141	&& ctx->cipher->origin == EVP_ORIG_METH)) {
134	142	if (ctx->cipher == ctx->fetched_cipher)
135	143	ctx->cipher = NULL;
136	144	EVP_CIPHER_free(ctx->fetched_cipher);

142	150	* (legacy code)
143	151	*/
144	152	if (cipher != NULL && ctx->cipher != NULL) {
	153	if (ctx->cipher->cleanup != NULL && !ctx->cipher->cleanup(ctx))
	154	return 0;
145	155	OPENSSL_clear_free(ctx->cipher_data, ctx->cipher->ctx_size);
146	156	ctx->cipher_data = NULL;
147	157	}
148
149	158
150	159	/* Start of non-legacy code below */
151	160

1084	1093	if (arg < 0)
1085	1094	return 0;
1086	1095	params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz);
	1096	ctx->iv_len = -1;
1087	1097	break;
1088	1098	case EVP_CTRL_CCM_SET_L:
1089	1099	if (arg < 2 \|\| arg > 8)
1090	1100	return 0;
1091	1101	sz = 15 - arg;
1092	1102	params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz);
	1103	ctx->iv_len = -1;
1093	1104	break;
1094	1105	case EVP_CTRL_AEAD_SET_IV_FIXED:
1095	1106	params[0] = OSSL_PARAM_construct_octet_string(

1253	1264
1254	1265	int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[])
1255	1266	{
1256		if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL)
	1267	if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL) {
	1268	ctx->iv_len = -1;
1257	1269	return ctx->cipher->set_ctx_params(ctx->algctx, params);
	1270	}
1258	1271	return 0;
1259	1272	}
1260	1273

+24

-0

crypto/evp/evp_fetch.c less more

80	80	{
81	81	return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX,
82	82	&evp_method_store_method);
	83	}
	84
	85	static int reserve_evp_method_store(void store, void data)
	86	{
	87	struct evp_method_data_st *methdata = data;
	88
	89	if (store == NULL
	90	&& (store = get_evp_method_store(methdata->libctx)) == NULL)
	91	return 0;
	92
	93	return ossl_method_lock_store(store);
	94	}
	95
	96	static int unreserve_evp_method_store(void store, void data)
	97	{
	98	struct evp_method_data_st *methdata = data;
	99
	100	if (store == NULL
	101	&& (store = get_evp_method_store(methdata->libctx)) == NULL)
	102	return 0;
	103
	104	return ossl_method_unlock_store(store);
83	105	}
84	106
85	107	/*

302	324	\|\| !ossl_method_store_cache_get(store, prov, meth_id, propq, &method)) {
303	325	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
304	326	get_tmp_evp_method_store,
	327	reserve_evp_method_store,
	328	unreserve_evp_method_store,
305	329	get_evp_method_from_store,
306	330	put_evp_method_in_store,
307	331	construct_evp_method,

+36

-17

crypto/evp/evp_lib.c less more

503	503
504	504	int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
505	505	{
506		int rv, len = EVP_CIPHER_get_iv_length(ctx->cipher);
507		size_t v = len;
508		OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
509
510		params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
511		rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
512		if (rv == EVP_CTRL_RET_UNSUPPORTED)
513		goto legacy;
514		return rv != 0 ? (int)v : -1;
515		/* Code below to be removed when legacy support is dropped. */
516		legacy:
517		if ((EVP_CIPHER_get_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
518		rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
519		0, &len);
520		return (rv == 1) ? len : -1;
521		}
522		return len;
	506	if (ctx->iv_len < 0) {
	507	int rv, len = EVP_CIPHER_get_iv_length(ctx->cipher);
	508	size_t v = len;
	509	OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
	510
	511	if (ctx->cipher->get_ctx_params != NULL) {
	512	params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN,
	513	&v);
	514	rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
	515	if (rv > 0) {
	516	if (OSSL_PARAM_modified(params)
	517	&& !OSSL_PARAM_get_int(params, &len))
	518	return -1;
	519	} else if (rv != EVP_CTRL_RET_UNSUPPORTED) {
	520	return -1;
	521	}
	522	}
	523	/* Code below to be removed when legacy support is dropped. */
	524	else if ((EVP_CIPHER_get_flags(ctx->cipher)
	525	& EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
	526	rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
	527	0, &len);
	528	if (rv <= 0)
	529	return -1;
	530	}
	531	/*-
	532	* Casting away the const is annoying but required here. We need to
	533	* cache the result for performance reasons.
	534	*/
	535	((EVP_CIPHER_CTX *)ctx)->iv_len = len;
	536	}
	537	return ctx->iv_len;
523	538	}
524	539
525	540	int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx)

658	673
659	674	int EVP_CIPHER_is_a(const EVP_CIPHER cipher, const char name)
660	675	{
	676	if (cipher == NULL)
	677	return 0;
661	678	if (cipher->prov != NULL)
662	679	return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
663	680	return evp_is_a(NULL, 0, EVP_CIPHER_get0_name(cipher), name);

712	729
713	730	int EVP_MD_is_a(const EVP_MD md, const char name)
714	731	{
	732	if (md == NULL)
	733	return 0;
715	734	if (md->prov != NULL)
716	735	return evp_is_a(md->prov, md->name_id, NULL, name);
717	736	return evp_is_a(NULL, 0, EVP_MD_get0_name(md), name);

+1

-0

crypto/evp/evp_local.h less more

45	45	/* FIXME: Should this even exist? It appears unused */
46	46	void app_data; / application stuff */
47	47	int key_len; /* May change for variable length cipher */
	48	int iv_len; /* IV length */
48	49	unsigned long flags; /* Various flags */
49	50	void cipher_data; / per EVP data */
50	51	int final_used;

+2

-2

crypto/evp/evp_rand.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

304	304
305	305	int EVP_RAND_is_a(const EVP_RAND rand, const char name)
306	306	{
307		return evp_is_a(rand->prov, rand->name_id, NULL, name);
	307	return rand != NULL && evp_is_a(rand->prov, rand->name_id, NULL, name);
308	308	}
309	309
310	310	const OSSL_PROVIDER EVP_RAND_get0_provider(const EVP_RAND rand)

+2

-1

crypto/evp/exchange.c less more

549	549
550	550	int EVP_KEYEXCH_is_a(const EVP_KEYEXCH keyexch, const char name)
551	551	{
552		return evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
	552	return keyexch != NULL
	553	&& evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
553	554	}
554	555
555	556	void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,

+2

-2

crypto/evp/kdf_lib.c less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

96	96
97	97	int EVP_KDF_is_a(const EVP_KDF kdf, const char name)
98	98	{
99		return evp_is_a(kdf->prov, kdf->name_id, NULL, name);
	99	return kdf != NULL && evp_is_a(kdf->prov, kdf->name_id, NULL, name);
100	100	}
101	101
102	102	const OSSL_PROVIDER EVP_KDF_get0_provider(const EVP_KDF kdf)

+2

-2

crypto/evp/kem.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

420	420
421	421	int EVP_KEM_is_a(const EVP_KEM kem, const char name)
422	422	{
423		return evp_is_a(kem->prov, kem->name_id, NULL, name);
	423	return kem != NULL && evp_is_a(kem->prov, kem->name_id, NULL, name);
424	424	}
425	425
426	426	int evp_kem_get_number(const EVP_KEM *kem)

+3

-2

crypto/evp/keymgmt_meth.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

278	278
279	279	int EVP_KEYMGMT_is_a(const EVP_KEYMGMT keymgmt, const char name)
280	280	{
281		return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
	281	return keymgmt != NULL
	282	&& evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
282	283	}
283	284
284	285	void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,

+2

-2

crypto/evp/mac_lib.c less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

225	225
226	226	int EVP_MAC_is_a(const EVP_MAC mac, const char name)
227	227	{
228		return evp_is_a(mac->prov, mac->name_id, NULL, name);
	228	return mac != NULL && evp_is_a(mac->prov, mac->name_id, NULL, name);
229	229	}
230	230
231	231	int EVP_MAC_names_do_all(const EVP_MAC *mac,

+22

-11

crypto/evp/p_lib.c less more

338	338	if (a == NULL \|\| b == NULL)
339	339	return 0;
340	340
341		if (a->keymgmt != NULL \|\| b->keymgmt != NULL)
342		return evp_pkey_cmp_any(a, b, (SELECT_PARAMETERS
343		\| OSSL_KEYMGMT_SELECT_KEYPAIR));
	341	if (a->keymgmt != NULL \|\| b->keymgmt != NULL) {
	342	int selection = SELECT_PARAMETERS;
	343
	344	if (evp_keymgmt_util_has((EVP_PKEY *)a, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)
	345	&& evp_keymgmt_util_has((EVP_PKEY *)b, OSSL_KEYMGMT_SELECT_PUBLIC_KEY))
	346	selection \|= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
	347	else
	348	selection \|= OSSL_KEYMGMT_SELECT_KEYPAIR;
	349	return evp_pkey_cmp_any(a, b, selection);
	350	}
344	351
345	352	/* All legacy keys */
346	353	if (a->type != b->type)

1038	1045
1039	1046	int EVP_PKEY_is_a(const EVP_PKEY pkey, const char name)
1040	1047	{
1041		if (pkey->keymgmt == NULL) {
1042		int type = evp_pkey_name2type(name);
1043
1044		return pkey->type == type;
1045		}
	1048	if (pkey == NULL)
	1049	return 0;
	1050	if (pkey->keymgmt == NULL)
	1051	return pkey->type == evp_pkey_name2type(name);
1046	1052	return EVP_KEYMGMT_is_a(pkey->keymgmt, name);
1047	1053	}
1048	1054

1388	1394
1389	1395	if (pkey != NULL && evp_pkey_is_provided(pkey)) {
1390	1396	size_t return_size = OSSL_PARAM_UNMODIFIED;
	1397	unsigned char *buf;
1391	1398
1392	1399	/*
1393	1400	* We know that this is going to fail, but it will give us a size

1399	1406	if (return_size == OSSL_PARAM_UNMODIFIED)
1400	1407	return 0;
1401	1408
1402		*ppub = OPENSSL_malloc(return_size);
1403		if (*ppub == NULL)
	1409	*ppub = NULL;
	1410	buf = OPENSSL_malloc(return_size);
	1411	if (buf == NULL)
1404	1412	return 0;
1405	1413
1406	1414	if (!EVP_PKEY_get_octet_string_param(pkey,
1407	1415	OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY,
1408		*ppub, return_size, NULL))
	1416	buf, return_size, NULL)) {
	1417	OPENSSL_free(buf);
1409	1418	return 0;
	1419	}
	1420	*ppub = buf;
1410	1421	return return_size;
1411	1422	}
1412	1423

+3

-2

crypto/evp/signature.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

326	326
327	327	int EVP_SIGNATURE_is_a(const EVP_SIGNATURE signature, const char name)
328	328	{
329		return evp_is_a(signature->prov, signature->name_id, NULL, name);
	329	return signature != NULL
	330	&& evp_is_a(signature->prov, signature->name_id, NULL, name);
330	331	}
331	332
332	333	int evp_signature_get_number(const EVP_SIGNATURE *signature)

+1

-1

crypto/ffc/ffc_backend.c less more

38	38	if (prm->data_type != OSSL_PARAM_UTF8_STRING
39	39	\|\| prm->data == NULL
40	40	\|\| (group = ossl_ffc_name_to_dh_named_group(prm->data)) == NULL
41		\|\| !ossl_ffc_named_group_set_pqg(ffc, group))
	41	\|\| !ossl_ffc_named_group_set(ffc, group))
42	42	#endif
43	43	goto err;
44	44	}

+33

-16

crypto/ffc/ffc_dh.c less more

12	12
13	13	#ifndef OPENSSL_NO_DH
14	14
15		# define FFDHE(sz) { \
	15	# define FFDHE(sz, keylength) { \
16	16	SN_ffdhe##sz, NID_ffdhe##sz, \
17	17	sz, \
	18	keylength, \
18	19	&ossl_bignum_ffdhe##sz##_p, &ossl_bignum_ffdhe##sz##_q, \
19	20	&ossl_bignum_const_2, \
20	21	}
21	22
22		# define MODP(sz) { \
	23	# define MODP(sz, keylength) { \
23	24	SN_modp_##sz, NID_modp_##sz, \
24	25	sz, \
	26	keylength, \
25	27	&ossl_bignum_modp_##sz##_p, &ossl_bignum_modp_##sz##_q, \
26	28	&ossl_bignum_const_2 \
27	29	}

29	31	# define RFC5114(name, uid, sz, tag) { \
30	32	name, uid, \
31	33	sz, \
	34	0, \
32	35	&ossl_bignum_dh##tag##_p, &ossl_bignum_dh##tag##_q, \
33	36	&ossl_bignum_dh##tag##_g \
34	37	}
35	38
36	39	#else
37	40
38		# define FFDHE(sz) { SN_ffdhe##sz, NID_ffdhe##sz }
39		# define MODP(sz) { SN_modp_##sz, NID_modp_##sz }
	41	# define FFDHE(sz, keylength) { SN_ffdhe##sz, NID_ffdhe##sz }
	42	# define MODP(sz, keylength) { SN_modp_##sz, NID_modp_##sz }
40	43	# define RFC5114(name, uid, sz, tag) { name, uid }
41	44
42	45	#endif

46	49	int uid;
47	50	#ifndef OPENSSL_NO_DH
48	51	int32_t nbits;
	52	int keylength;
49	53	const BIGNUM *p;
50	54	const BIGNUM *q;
51	55	const BIGNUM *g;
52	56	#endif
53	57	};
54	58
	59	/*
	60	* The private key length values are taken from RFC7919 with the values for
	61	* MODP primes given the same lengths as the equivalent FFDHE.
	62	* The MODP 1536 value is approximated.
	63	*/
55	64	static const DH_NAMED_GROUP dh_named_groups[] = {
56		FFDHE(2048),
57		FFDHE(3072),
58		FFDHE(4096),
59		FFDHE(6144),
60		FFDHE(8192),
	65	FFDHE(2048, 225),
	66	FFDHE(3072, 275),
	67	FFDHE(4096, 325),
	68	FFDHE(6144, 375),
	69	FFDHE(8192, 400),
61	70	#ifndef FIPS_MODULE
62		MODP(1536),
	71	MODP(1536, 200),
63	72	#endif
64		MODP(2048),
65		MODP(3072),
66		MODP(4096),
67		MODP(6144),
68		MODP(8192),
	73	MODP(2048, 225),
	74	MODP(3072, 275),
	75	MODP(4096, 325),
	76	MODP(6144, 375),
	77	MODP(8192, 400),
69	78	/*
70	79	* Additional dh named groups from RFC 5114 that have a different g.
71	80	* The uid can be any unique identifier.

133	142	}
134	143
135	144	#ifndef OPENSSL_NO_DH
	145	int ossl_ffc_named_group_get_keylength(const DH_NAMED_GROUP *group)
	146	{
	147	if (group == NULL)
	148	return 0;
	149	return group->keylength;
	150	}
	151
136	152	const BIGNUM ossl_ffc_named_group_get_q(const DH_NAMED_GROUP group)
137	153	{
138	154	if (group == NULL)

140	156	return group->q;
141	157	}
142	158
143		int ossl_ffc_named_group_set_pqg(FFC_PARAMS ffc, const DH_NAMED_GROUP group)
	159	int ossl_ffc_named_group_set(FFC_PARAMS ffc, const DH_NAMED_GROUP group)
144	160	{
145	161	if (ffc == NULL \|\| group == NULL)
146	162	return 0;
147	163
148	164	ossl_ffc_params_set0_pqg(ffc, (BIGNUM )group->p, (BIGNUM )group->q,
149	165	(BIGNUM *)group->g);
	166	ffc->keylength = group->keylength;
150	167
151	168	/* flush the cached nid, The DH layer is responsible for caching */
152	169	ffc->nid = NID_undef;

+5

-5

crypto/ffc/ffc_key_generate.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

24	24	int ret = 0, qbits = BN_num_bits(params->q);
25	25	BIGNUM m, two_powN = NULL;
26	26
27		/* Deal with the edge case where the value of N is not set */
	27	/* Deal with the edge cases where the value of N and/or s is not set */
	28	if (s == 0)
	29	goto err;
28	30	if (N == 0)
29		N = qbits;
30		if (s == 0)
31		s = N / 2;
	31	N = params->keylength ? params->keylength : 2 * s;
32	32
33	33	/* Step (2) : check range of N */
34	34	if (N < 2 * s \|\| N > qbits)

+1

-0

crypto/ffc/ffc_params.c less more

195	195	dst->h = src->h;
196	196	dst->gindex = src->gindex;
197	197	dst->flags = src->flags;
	198	dst->keylength = src->keylength;
198	199	return 1;
199	200	}
200	201

+39

-12

crypto/http/http_client.c less more

52	52	char proxy; / Optional proxy name or URI */
53	53	char server; / Optional server host name */
54	54	char port; / Optional server port */
55		BIO mem; / Memory BIO holding request/response header */
	55	BIO mem; / Mem BIO holding request header or response */
56	56	BIO req; / BIO holding the request provided by caller */
57	57	int method_POST; /* HTTP method is POST (else GET) */
58	58	char expected_ct; / Optional expected Content-Type */

265	265	static int set1_content(OSSL_HTTP_REQ_CTX *rctx,
266	266	const char content_type, BIO req)
267	267	{
268		long req_len;
	268	long req_len = 0;
	269	#ifndef OPENSSL_NO_STDIO
	270	FILE *fp = NULL;
	271	#endif
269	272
270	273	if (rctx == NULL \|\| (req == NULL && content_type != NULL)) {
271	274	ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);

289	292	&& BIO_printf(rctx->mem, "Content-Type: %s\r\n", content_type) <= 0)
290	293	return 0;
291	294
292		/* streaming BIO may not support querying size */
293		if (((req_len = BIO_ctrl(req, BIO_CTRL_INFO, 0, NULL)) <= 0
294		\|\| BIO_printf(rctx->mem, "Content-Length: %ld\r\n", req_len) > 0)
295		&& BIO_up_ref(req)) {
296		rctx->req = req;
297		return 1;
298		}
299		return 0;
	295	/*
	296	* BIO_CTRL_INFO yields the data length at least for memory BIOs, but for
	297	* file-based BIOs it gives the current position, which is not what we need.
	298	*/
	299	if (BIO_method_type(req) == BIO_TYPE_FILE) {
	300	#ifndef OPENSSL_NO_STDIO
	301	if (BIO_get_fp(req, &fp) == 1 && fseek(fp, 0, SEEK_END) == 0) {
	302	req_len = ftell(fp);
	303	(void)fseek(fp, 0, SEEK_SET);
	304	} else {
	305	fp = NULL;
	306	}
	307	#endif
	308	} else {
	309	req_len = BIO_ctrl(req, BIO_CTRL_INFO, 0, NULL);
	310	/*
	311	* Streaming BIOs likely will not support querying the size at all,
	312	* and we assume we got a correct value if req_len > 0.
	313	*/
	314	}
	315	if ((
	316	#ifndef OPENSSL_NO_STDIO
	317	fp != NULL /* definitely correct req_len */ \|\|
	318	#endif
	319	req_len > 0)
	320	&& BIO_printf(rctx->mem, "Content-Length: %ld\r\n", req_len) < 0)
	321	return 0;
	322
	323	if (!BIO_up_ref(req))
	324	return 0;
	325	rctx->req = req;
	326	return 1;
300	327	}
301	328
302	329	int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX rctx, const char content_type,

566	593	if (rctx->req != NULL && !BIO_eof(rctx->req)) {
567	594	n = BIO_read(rctx->req, rctx->buf, rctx->buf_size);
568	595	if (n <= 0) {
569		if (BIO_should_retry(rctx->rbio))
	596	if (BIO_should_retry(rctx->req))
570	597	return -1;
571	598	ERR_raise(ERR_LIB_HTTP, HTTP_R_FAILED_READING_DATA);
572	599	return 0;

951	978	if (bio_update_fn != NULL) {
952	979	BIO *orig_bio = cbio;
953	980
954		cbio = (bio_update_fn)(cbio, arg, 1 / connect */, use_ssl);
	981	cbio = (bio_update_fn)(cbio, arg, 1 / connect */, use_ssl != 0);
955	982	if (cbio == NULL) {
956	983	if (bio == NULL) /* cbio was not provided by caller */
957	984	BIO_free_all(orig_bio);

+30

-28

crypto/init.c less more

658	658	#if !defined(OPENSSL_USE_NODELETE)\
659	659	&& !defined(OPENSSL_NO_PINSHARED)
660	660	{
	661	# if defined(DSO_WIN32) && !defined(_WIN32_WCE)
	662	HMODULE handle = NULL;
	663	BOOL ret;
661	664	union {
662	665	void *sym;
663	666	void (*func)(void);
664	667	} handlersym;
665	668
666	669	handlersym.func = handler;
667		# if defined(DSO_WIN32) && !defined(_WIN32_WCE)
668		{
669		HMODULE handle = NULL;
670		BOOL ret;
671
672		/*
673		* We don't use the DSO route for WIN32 because there is a better
674		* way
675		*/
676		ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
677		\| GET_MODULE_HANDLE_EX_FLAG_PIN,
678		handlersym.sym, &handle);
679
680		if (!ret)
681		return 0;
682		}
	670
	671	/*
	672	* We don't use the DSO route for WIN32 because there is a better
	673	* way
	674	*/
	675	ret = GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS
	676	\| GET_MODULE_HANDLE_EX_FLAG_PIN,
	677	handlersym.sym, &handle);
	678
	679	if (!ret)
	680	return 0;
683	681	# elif !defined(DSO_NONE)
684	682	/*
685	683	* Deliberately leak a reference to the handler. This will force the

687	685	* atexit handler. If -znodelete has been used then this is
688	686	* unnecessary.
689	687	*/
690		{
691		DSO *dso = NULL;
692
693		ERR_set_mark();
694		dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
695		/* See same code above in ossl_init_base() for an explanation. */
696		OSSL_TRACE1(INIT,
697		"atexit: obtained DSO reference? %s\n",
698		(dso == NULL ? "No!" : "Yes."));
699		DSO_free(dso);
700		ERR_pop_to_mark();
701		}
	688	DSO *dso = NULL;
	689	union {
	690	void *sym;
	691	void (*func)(void);
	692	} handlersym;
	693
	694	handlersym.func = handler;
	695
	696	ERR_set_mark();
	697	dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE);
	698	/* See same code above in ossl_init_base() for an explanation. */
	699	OSSL_TRACE1(INIT,
	700	"atexit: obtained DSO reference? %s\n",
	701	(dso == NULL ? "No!" : "Yes."));
	702	DSO_free(dso);
	703	ERR_pop_to_mark();
702	704	# endif
703	705	}
704	706	#endif

+2

-2

crypto/mem.c less more

284	284	int CRYPTO_mem_debug_push(const char info, const char file, int line)
285	285	{
286	286	(void)info; (void)file; (void)line;
287		return -1;
	287	return 0;
288	288	}
289	289
290	290	int CRYPTO_mem_debug_pop(void)
291	291	{
292		return -1;
	292	return 0;
293	293	}
294	294
295	295	void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,

+15

-1

crypto/mem_sec.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2004-2014, Akamai Technologies. All Rights Reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

22	22	#ifndef OPENSSL_NO_SECURE_MEMORY
23	23	# if defined(_WIN32)
24	24	# include <windows.h>
	25	# if defined(WINAPI_FAMILY_PARTITION) \
	26	&& !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP \| WINAPI_PARTITION_SYSTEM)
	27	/*
	28	* While VirtualLock is available under the app partition (e.g. UWP),
	29	* the headers do not define the API. Define it ourselves instead.
	30	*/
	31	WINBASEAPI
	32	BOOL
	33	WINAPI
	34	VirtualLock(
	35	_In_ LPVOID lpAddress,
	36	_In_ SIZE_T dwSize
	37	);
	38	# endif
25	39	# endif
26	40	# include <stdlib.h>
27	41	# include <assert.h>

+4

-1

crypto/objects/obj_dat.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

712	712	}
713	713
714	714	tmpoid->nid = OBJ_new_nid(1);
	715	if (tmpoid->nid == NID_undef)
	716	goto err;
	717
715	718	tmpoid->sn = (char *)sn;
716	719	tmpoid->ln = (char *)ln;
717	720

+4

-4

crypto/packet.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

206	206	}
207	207
208	208	/* Store the \|value\| of length \|len\| at location \|data\| */
209		static int put_value(unsigned char *data, size_t value, size_t len)
	209	static int put_value(unsigned char *data, uint64_t value, size_t len)
210	210	{
211	211	if (data == NULL)
212	212	return 1;

378	378	return WPACKET_start_sub_packet_len__(pkt, 0);
379	379	}
380	380
381		int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size)
	381	int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size)
382	382	{
383	383	unsigned char *data;
384	384
385	385	/* Internal API, so should not fail */
386		if (!ossl_assert(size <= sizeof(unsigned int))
	386	if (!ossl_assert(size <= sizeof(uint64_t))
387	387	\|\| !WPACKET_allocate_bytes(pkt, size, &data)
388	388	\|\| !put_value(data, val, size))
389	389	return 0;

+3

-3

crypto/pem/pem_lib.c less more

626	626	(BIO_write(bp, "-----\n", 6) != 6))
627	627	goto err;
628	628
629		i = strlen(header);
	629	i = header != NULL ? strlen(header) : 0;
630	630	if (i > 0) {
631	631	if ((BIO_write(bp, header, i) != i) \|\| (BIO_write(bp, "\n", 1) != 1))
632	632	goto err;

809	809	{
810	810	BIO tmp = header;
811	811	char linebuf, p;
812		int len, line, ret = 0, end = 0, prev_partial_line_read = 0, partial_line_read = 0;
	812	int len, ret = 0, end = 0, prev_partial_line_read = 0, partial_line_read = 0;
813	813	/* 0 if not seen (yet), 1 if reading header, 2 if finished header */
814	814	enum header_status got_header = MAYBE_HEADER;
815	815	unsigned int flags_mask;

823	823	return 0;
824	824	}
825	825
826		for (line = 0; ; line++) {
	826	while(1) {
827	827	flags_mask = ~0u;
828	828	len = BIO_gets(bp, linebuf, LINESIZE);
829	829	if (len <= 0) {

+3

-1

crypto/pkcs12/p12_decr.c less more

0	0	/*
1		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

93	93	if (EVP_CIPHER_CTX_is_encrypting(ctx)) {
94	94	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
95	95	(int)mac_len, out+outlen) < 0) {
	96	OPENSSL_free(out);
	97	out = NULL;
96	98	ERR_raise(ERR_LIB_PKCS12, ERR_R_INTERNAL_ERROR);
97	99	goto err;
98	100	}

+4

-2

crypto/pkcs7/pk7_smime.c less more

80	80	return 0;
81	81	}
82	82
83		SMIME_crlf_copy(data, p7bio, flags);
	83	if (!SMIME_crlf_copy(data, p7bio, flags))
	84	goto err;
84	85
85	86	(void)BIO_flush(p7bio);
86	87

278	279	ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB);
279	280	goto err;
280	281	}
281		X509_STORE_CTX_set_default(cert_ctx, "smime_sign");
	282	if (!X509_STORE_CTX_set_default(cert_ctx, "smime_sign"))
	283	goto err;
282	284	} else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) {
283	285	ERR_raise(ERR_LIB_PKCS7, ERR_R_X509_LIB);
284	286	goto err;

+42

-11

crypto/property/property.c less more

14	14	#include "internal/core.h"
15	15	#include "internal/property.h"
16	16	#include "internal/provider.h"
	17	#include "internal/tsan_assist.h"
17	18	#include "crypto/ctype.h"
18	19	#include <openssl/lhash.h>
19	20	#include <openssl/rand.h>

61	62	struct ossl_method_store_st {
62	63	OSSL_LIB_CTX *ctx;
63	64	SPARSE_ARRAY_OF(ALGORITHM) *algs;
	65	/*
	66	* Lock to protect the \|algs\| array from concurrent writing, when
	67	* individual implementations or queries are inserted. This is used
	68	* by the appropriate functions here.
	69	*/
64	70	CRYPTO_RWLOCK *lock;
	71	/*
	72	* Lock to reserve the whole store. This is used when fetching a set
	73	* of algorithms, via these functions, found in crypto/core_fetch.c:
	74	* ossl_method_construct_reserve_store()
	75	* ossl_method_construct_unreserve_store()
	76	*/
	77	CRYPTO_RWLOCK *biglock;
65	78
66	79	/* query cache specific values */
67	80

76	89	LHASH_OF(QUERY) *cache;
77	90	size_t nelem;
78	91	uint32_t seed;
	92	unsigned char using_global_seed;
79	93	} IMPL_CACHE_FLUSH;
80	94
81	95	DEFINE_SPARSE_ARRAY_OF(ALGORITHM);

237	251	res = OPENSSL_zalloc(sizeof(*res));
238	252	if (res != NULL) {
239	253	res->ctx = ctx;
240		if ((res->algs = ossl_sa_ALGORITHM_new()) == NULL) {
241		OPENSSL_free(res);
	254	if ((res->algs = ossl_sa_ALGORITHM_new()) == NULL
	255	\|\| (res->lock = CRYPTO_THREAD_lock_new()) == NULL
	256	\|\| (res->biglock = CRYPTO_THREAD_lock_new()) == NULL) {
	257	ossl_method_store_free(res);
242	258	return NULL;
243	259	}
244		if ((res->lock = CRYPTO_THREAD_lock_new()) == NULL) {
245		ossl_sa_ALGORITHM_free(res->algs);
246		OPENSSL_free(res);
247		return NULL;
248		}
249	260	}
250	261	return res;
251	262	}

253	264	void ossl_method_store_free(OSSL_METHOD_STORE *store)
254	265	{
255	266	if (store != NULL) {
256		ossl_sa_ALGORITHM_doall_arg(store->algs, &alg_cleanup, store);
	267	if (store->algs != NULL)
	268	ossl_sa_ALGORITHM_doall_arg(store->algs, &alg_cleanup, store);
257	269	ossl_sa_ALGORITHM_free(store->algs);
258	270	CRYPTO_THREAD_lock_free(store->lock);
	271	CRYPTO_THREAD_lock_free(store->biglock);
259	272	OPENSSL_free(store);
260	273	}
261	274	}
262	275
	276	int ossl_method_lock_store(OSSL_METHOD_STORE *store)
	277	{
	278	return store != NULL ? CRYPTO_THREAD_write_lock(store->biglock) : 0;
	279	}
	280
	281	int ossl_method_unlock_store(OSSL_METHOD_STORE *store)
	282	{
	283	return store != NULL ? CRYPTO_THREAD_unlock(store->biglock) : 0;
	284	}
	285
263	286	static ALGORITHM ossl_method_store_retrieve(OSSL_METHOD_STORE store, int nid)
264	287	{
265	288	return ossl_sa_ALGORITHM_get(store->algs, nid);

267	290
268	291	static int ossl_method_store_insert(OSSL_METHOD_STORE store, ALGORITHM alg)
269	292	{
270		return ossl_sa_ALGORITHM_set(store->algs, alg->nid, alg);
	293	return ossl_sa_ALGORITHM_set(store->algs, alg->nid, alg);
271	294	}
272	295
273	296	int ossl_method_store_add(OSSL_METHOD_STORE store, const OSSL_PROVIDER prov,

635	658	static void ossl_method_cache_flush_some(OSSL_METHOD_STORE *store)
636	659	{
637	660	IMPL_CACHE_FLUSH state;
	661	static TSAN_QUALIFIER uint32_t global_seed = 1;
638	662
639	663	state.nelem = 0;
640		if ((state.seed = OPENSSL_rdtsc()) == 0)
641		state.seed = 1;
	664	state.using_global_seed = 0;
	665	if ((state.seed = OPENSSL_rdtsc()) == 0) {
	666	/* If there is no timer available, seed another way */
	667	state.using_global_seed = 1;
	668	state.seed = tsan_load(&global_seed);
	669	}
642	670	store->cache_need_flush = 0;
643	671	ossl_sa_ALGORITHM_doall_arg(store->algs, &impl_cache_flush_one_alg, &state);
644	672	store->cache_nelem = state.nelem;
	673	/* Without a timer, update the global seed */
	674	if (state.using_global_seed)
	675	tsan_store(&global_seed, state.seed);
645	676	}
646	677
647	678	int ossl_method_store_cache_get(OSSL_METHOD_STORE store, OSSL_PROVIDER prov,

+101

-19

crypto/provider_core.c less more

906	906	OPENSSL_free(allocated_load_dir);
907	907	}
908	908
909		if (prov->module != NULL)
910		prov->init_function = (OSSL_provider_init_fn *)
911		DSO_bind_func(prov->module, "OSSL_provider_init");
912		#endif
913		}
914
915		/* Call the initialise function for the provider. */
916		if (prov->init_function == NULL
917		\|\| !prov->init_function((OSSL_CORE_HANDLE *)prov, core_dispatch,
918		&provider_dispatch, &tmp_provctx)) {
	909	if (prov->module == NULL) {
	910	/* DSO has already recorded errors, this is just a tracepoint */
	911	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_DSO_LIB,
	912	"name=%s", prov->name);
	913	goto end;
	914	}
	915
	916	prov->init_function = (OSSL_provider_init_fn *)
	917	DSO_bind_func(prov->module, "OSSL_provider_init");
	918	#endif
	919	}
	920
	921	/* Check for and call the initialise function for the provider. */
	922	if (prov->init_function == NULL) {
	923	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_UNSUPPORTED,
	924	"name=%s, provider has no provider init function",
	925	prov->name);
	926	goto end;
	927	}
	928
	929	if (!prov->init_function((OSSL_CORE_HANDLE *)prov, core_dispatch,
	930	&provider_dispatch, &tmp_provctx)) {
919	931	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_INIT_FAIL,
920	932	"name=%s", prov->name);
921	933	goto end;

1203	1215	if (!freeing) {
1204	1216	int acc;
1205	1217
1206		if (!CRYPTO_THREAD_read_lock(prov->opbits_lock))
	1218	if (!CRYPTO_THREAD_write_lock(prov->opbits_lock))
1207	1219	return 0;
1208	1220	OPENSSL_free(prov->operation_bits);
1209	1221	prov->operation_bits = NULL;

1259	1271
1260	1272	void ossl_provider_ctx(const OSSL_PROVIDER prov)
1261	1273	{
1262		return prov->provctx;
	1274	return prov != NULL ? prov->provctx : NULL;
1263	1275	}
1264	1276
1265	1277	/*

1839	1851	*/
1840	1852	static OSSL_FUNC_core_gettable_params_fn core_gettable_params;
1841	1853	static OSSL_FUNC_core_get_params_fn core_get_params;
	1854	static OSSL_FUNC_core_get_libctx_fn core_get_libctx;
1842	1855	static OSSL_FUNC_core_thread_start_fn core_thread_start;
1843		static OSSL_FUNC_core_get_libctx_fn core_get_libctx;
1844	1856	#ifndef FIPS_MODULE
1845	1857	static OSSL_FUNC_core_new_error_fn core_new_error;
1846	1858	static OSSL_FUNC_core_set_error_debug_fn core_set_error_debug;

1848	1860	static OSSL_FUNC_core_set_error_mark_fn core_set_error_mark;
1849	1861	static OSSL_FUNC_core_clear_last_error_mark_fn core_clear_last_error_mark;
1850	1862	static OSSL_FUNC_core_pop_error_to_mark_fn core_pop_error_to_mark;
	1863	OSSL_FUNC_BIO_new_file_fn ossl_core_bio_new_file;
	1864	OSSL_FUNC_BIO_new_membuf_fn ossl_core_bio_new_mem_buf;
	1865	OSSL_FUNC_BIO_read_ex_fn ossl_core_bio_read_ex;
	1866	OSSL_FUNC_BIO_write_ex_fn ossl_core_bio_write_ex;
	1867	OSSL_FUNC_BIO_gets_fn ossl_core_bio_gets;
	1868	OSSL_FUNC_BIO_puts_fn ossl_core_bio_puts;
	1869	OSSL_FUNC_BIO_up_ref_fn ossl_core_bio_up_ref;
	1870	OSSL_FUNC_BIO_free_fn ossl_core_bio_free;
	1871	OSSL_FUNC_BIO_vprintf_fn ossl_core_bio_vprintf;
	1872	OSSL_FUNC_BIO_vsnprintf_fn BIO_vsnprintf;
	1873	static OSSL_FUNC_self_test_cb_fn core_self_test_get_callback;
	1874	OSSL_FUNC_get_entropy_fn ossl_rand_get_entropy;
	1875	OSSL_FUNC_cleanup_entropy_fn ossl_rand_cleanup_entropy;
	1876	OSSL_FUNC_get_nonce_fn ossl_rand_get_nonce;
	1877	OSSL_FUNC_cleanup_nonce_fn ossl_rand_cleanup_nonce;
	1878	#endif
	1879	OSSL_FUNC_CRYPTO_malloc_fn CRYPTO_malloc;
	1880	OSSL_FUNC_CRYPTO_zalloc_fn CRYPTO_zalloc;
	1881	OSSL_FUNC_CRYPTO_free_fn CRYPTO_free;
	1882	OSSL_FUNC_CRYPTO_clear_free_fn CRYPTO_clear_free;
	1883	OSSL_FUNC_CRYPTO_realloc_fn CRYPTO_realloc;
	1884	OSSL_FUNC_CRYPTO_clear_realloc_fn CRYPTO_clear_realloc;
	1885	OSSL_FUNC_CRYPTO_secure_malloc_fn CRYPTO_secure_malloc;
	1886	OSSL_FUNC_CRYPTO_secure_zalloc_fn CRYPTO_secure_zalloc;
	1887	OSSL_FUNC_CRYPTO_secure_free_fn CRYPTO_secure_free;
	1888	OSSL_FUNC_CRYPTO_secure_clear_free_fn CRYPTO_secure_clear_free;
	1889	OSSL_FUNC_CRYPTO_secure_allocated_fn CRYPTO_secure_allocated;
	1890	OSSL_FUNC_OPENSSL_cleanse_fn OPENSSL_cleanse;
	1891	#ifndef FIPS_MODULE
	1892	OSSL_FUNC_provider_register_child_cb_fn ossl_provider_register_child_cb;
	1893	OSSL_FUNC_provider_deregister_child_cb_fn ossl_provider_deregister_child_cb;
	1894	static OSSL_FUNC_provider_name_fn core_provider_get0_name;
	1895	static OSSL_FUNC_provider_get0_provider_ctx_fn core_provider_get0_provider_ctx;
	1896	static OSSL_FUNC_provider_get0_dispatch_fn core_provider_get0_dispatch;
	1897	static OSSL_FUNC_provider_up_ref_fn core_provider_up_ref_intern;
	1898	static OSSL_FUNC_provider_free_fn core_provider_free_intern;
1851	1899	static OSSL_FUNC_core_obj_add_sigid_fn core_obj_add_sigid;
1852	1900	static OSSL_FUNC_core_obj_create_fn core_obj_create;
1853	1901	#endif

1979	2027	static int core_pop_error_to_mark(const OSSL_CORE_HANDLE *handle)
1980	2028	{
1981	2029	return ERR_pop_to_mark();
	2030	}
	2031
	2032	static void core_self_test_get_callback(OPENSSL_CORE_CTX *libctx,
	2033	OSSL_CALLBACK cb, void cbarg)
	2034	{
	2035	OSSL_SELF_TEST_get_callback((OSSL_LIB_CTX *)libctx, cb, cbarg);
	2036	}
	2037
	2038	static const char core_provider_get0_name(const OSSL_CORE_HANDLE prov)
	2039	{
	2040	return OSSL_PROVIDER_get0_name((const OSSL_PROVIDER *)prov);
	2041	}
	2042
	2043	static void core_provider_get0_provider_ctx(const OSSL_CORE_HANDLE prov)
	2044	{
	2045	return OSSL_PROVIDER_get0_provider_ctx((const OSSL_PROVIDER *)prov);
	2046	}
	2047
	2048	static const OSSL_DISPATCH *
	2049	core_provider_get0_dispatch(const OSSL_CORE_HANDLE *prov)
	2050	{
	2051	return OSSL_PROVIDER_get0_dispatch((const OSSL_PROVIDER *)prov);
	2052	}
	2053
	2054	static int core_provider_up_ref_intern(const OSSL_CORE_HANDLE *prov,
	2055	int activate)
	2056	{
	2057	return provider_up_ref_intern((OSSL_PROVIDER *)prov, activate);
	2058	}
	2059
	2060	static int core_provider_free_intern(const OSSL_CORE_HANDLE *prov,
	2061	int deactivate)
	2062	{
	2063	return provider_free_intern((OSSL_PROVIDER *)prov, deactivate);
1982	2064	}
1983	2065
1984	2066	static int core_obj_add_sigid(const OSSL_CORE_HANDLE *prov,

2045	2127	{ OSSL_FUNC_BIO_FREE, (void (*)(void))ossl_core_bio_free },
2046	2128	{ OSSL_FUNC_BIO_VPRINTF, (void (*)(void))ossl_core_bio_vprintf },
2047	2129	{ OSSL_FUNC_BIO_VSNPRINTF, (void (*)(void))BIO_vsnprintf },
2048		{ OSSL_FUNC_SELF_TEST_CB, (void (*)(void))OSSL_SELF_TEST_get_callback },
	2130	{ OSSL_FUNC_SELF_TEST_CB, (void (*)(void))core_self_test_get_callback },
2049	2131	{ OSSL_FUNC_GET_ENTROPY, (void (*)(void))ossl_rand_get_entropy },
2050	2132	{ OSSL_FUNC_CLEANUP_ENTROPY, (void (*)(void))ossl_rand_cleanup_entropy },
2051	2133	{ OSSL_FUNC_GET_NONCE, (void (*)(void))ossl_rand_get_nonce },

2071	2153	{ OSSL_FUNC_PROVIDER_DEREGISTER_CHILD_CB,
2072	2154	(void (*)(void))ossl_provider_deregister_child_cb },
2073	2155	{ OSSL_FUNC_PROVIDER_NAME,
2074		(void (*)(void))OSSL_PROVIDER_get0_name },
	2156	(void (*)(void))core_provider_get0_name },
2075	2157	{ OSSL_FUNC_PROVIDER_GET0_PROVIDER_CTX,
2076		(void (*)(void))OSSL_PROVIDER_get0_provider_ctx },
	2158	(void (*)(void))core_provider_get0_provider_ctx },
2077	2159	{ OSSL_FUNC_PROVIDER_GET0_DISPATCH,
2078		(void (*)(void))OSSL_PROVIDER_get0_dispatch },
	2160	(void (*)(void))core_provider_get0_dispatch },
2079	2161	{ OSSL_FUNC_PROVIDER_UP_REF,
2080		(void (*)(void))provider_up_ref_intern },
	2162	(void (*)(void))core_provider_up_ref_intern },
2081	2163	{ OSSL_FUNC_PROVIDER_FREE,
2082		(void (*)(void))provider_free_intern },
	2164	(void (*)(void))core_provider_free_intern },
2083	2165	{ OSSL_FUNC_CORE_OBJ_ADD_SIGID, (void (*)(void))core_obj_add_sigid },
2084	2166	{ OSSL_FUNC_CORE_OBJ_CREATE, (void (*)(void))core_obj_create },
2085	2167	#endif

+34

-40

crypto/punycode.c less more

0	0	/*
1		* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

122	122	unsigned int bias = initial_bias;
123	123	size_t processed_in = 0, written_out = 0;
124	124	unsigned int max_out = *pout_length;
125
126	125	unsigned int basic_count = 0;
127	126	unsigned int loop;
128	127

180	179	n = n + i / (written_out + 1);
181	180	i %= (written_out + 1);
182	181
183		if (written_out > max_out)
	182	if (written_out >= max_out)
184	183	return 0;
185	184
186	185	memmove(pDecoded + i + 1, pDecoded + i,
187		(written_out - i) * sizeof *pDecoded);
	186	(written_out - i) * sizeof(*pDecoded));
188	187	pDecoded[i] = n;
189	188	i++;
190	189	written_out++;

254	253	*/
255	254	char *outptr = out;
256	255	const char *inptr = in;
257		size_t size = 0;
	256	size_t size = 0, maxsize;
258	257	int result = 1;
259
	258	unsigned int i, j;
260	259	unsigned int buf[LABEL_BUF_SIZE]; /* It's a hostname */
261		if (out == NULL)
	260
	261	if (out == NULL) {
262	262	result = 0;
	263	maxsize = 0;
	264	} else {
	265	maxsize = *outlen;
	266	}
	267
	268	#define PUSHC(c) \
	269	do \
	270	if (size++ < maxsize) \
	271	*outptr++ = c; \
	272	else \
	273	result = 0; \
	274	while (0)
263	275
264	276	while (1) {
265	277	char *tmpptr = strchr(inptr, '.');
266		size_t delta = (tmpptr) ? (size_t)(tmpptr - inptr) : strlen(inptr);
	278	size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr);
267	279
268	280	if (strncmp(inptr, "xn--", 4) != 0) {
269		size += delta + 1;
270
271		if (size >= *outlen - 1)
272		result = 0;
273
274		if (result > 0) {
275		memcpy(outptr, inptr, delta + 1);
276		outptr += delta + 1;
277		}
	281	for (i = 0; i < delta + 1; i++)
	282	PUSHC(inptr[i]);
278	283	} else {
279	284	unsigned int bufsize = LABEL_BUF_SIZE;
280		unsigned int i;
281	285
282	286	if (ossl_punycode_decode(inptr + 4, delta - 4, buf, &bufsize) <= 0)
283	287	return -1;

285	289	for (i = 0; i < bufsize; i++) {
286	290	unsigned char seed[6];
287	291	size_t utfsize = codepoint2utf8(seed, buf[i]);
	292
288	293	if (utfsize == 0)
289	294	return -1;
290	295
291		size += utfsize;
292		if (size >= *outlen - 1)
293		result = 0;
294
295		if (result > 0) {
296		memcpy(outptr, seed, utfsize);
297		outptr += utfsize;
298		}
	296	for (j = 0; j < utfsize; j++)
	297	PUSHC(seed[j]);
299	298	}
300	299
301		if (tmpptr != NULL) {
302		*outptr = '.';
303		outptr++;
304		size++;
305		if (size >= *outlen - 1)
306		result = 0;
307		}
	300	PUSHC(tmpptr != NULL ? '.' : '\0');
308	301	}
309	302
310	303	if (tmpptr == NULL)

312	305
313	306	inptr = tmpptr + 1;
314	307	}
315
	308	#undef PUSHC
	309
	310	*outlen = size;
316	311	return result;
317	312	}
318	313

326	321
327	322	int ossl_a2ucompare(const char a, const char u)
328	323	{
329		char a_ulabel[LABEL_BUF_SIZE];
	324	char a_ulabel[LABEL_BUF_SIZE + 1];
330	325	size_t a_size = sizeof(a_ulabel);
331	326
332		if (ossl_a2ulabel(a, a_ulabel, &a_size) <= 0) {
	327	if (ossl_a2ulabel(a, a_ulabel, &a_size) <= 0)
333	328	return -1;
334		}
335
336		return (strcmp(a_ulabel, u) == 0) ? 0 : 1;
337		}
	329
	330	return strcmp(a_ulabel, u) != 0;
	331	}

+5

-5

crypto/rand/prov_seed.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

11	11	#include <openssl/core_dispatch.h>
12	12	#include <openssl/err.h>
13	13
14		size_t ossl_rand_get_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
	14	size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle,
15	15	unsigned char **pout, int entropy,
16	16	size_t min_len, size_t max_len)
17	17	{

37	37	return ret;
38	38	}
39	39
40		void ossl_rand_cleanup_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
	40	void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle,
41	41	unsigned char *buf, size_t len)
42	42	{
43	43	OPENSSL_secure_clear_free(buf, len);
44	44	}
45	45
46		size_t ossl_rand_get_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
	46	size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle,
47	47	unsigned char **pout, size_t min_len, size_t max_len,
48	48	const void *salt, size_t salt_len)
49	49	{

68	68	return ret;
69	69	}
70	70
71		void ossl_rand_cleanup_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
	71	void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle,
72	72	unsigned char *buf, size_t len)
73	73	{
74	74	OPENSSL_clear_free(buf, len);

+1

-1

crypto/ripemd/build.info less more

19	19
20	20	# When all deprecated symbols are removed, libcrypto doesn't export the
21	21	# RIPEMD160 functions, so we must include them directly in liblegacy.a
22		IF[{- $disabled{'deprecated-3.0'} -}]
	22	IF[{- $disabled{'deprecated-3.0'} && !$disabled{'module'} -}]
23	23	SOURCE[../../providers/liblegacy.a]=rmd_dgst.c rmd_one.c $RMD160ASM
24	24	DEFINE[../../providers/liblegacy.a]=$RMD160DEF
25	25	ENDIF

+8

-0

crypto/sha/build.info less more

81	81	# need to be applied to all affected libraries and modules.
82	82	DEFINE[../../libcrypto]=$SHA1DEF $KECCAK1600DEF
83	83	DEFINE[../../providers/libfips.a]=$SHA1DEF $KECCAK1600DEF
	84	DEFINE[../../providers/libdefault.a]=$SHA1DEF $KECCAK1600DEF
	85	# We only need to include the SHA1DEF and KECCAK1600DEF stuff in the
	86	# legacy provider when it's a separate module and it's dynamically
	87	# linked with libcrypto. Otherwise, it already gets everything that
	88	# the static libcrypto.a has, and doesn't need it added again.
	89	IF[{- !$disabled{module} && !$disabled{shared} -}]
	90	DEFINE[../providers/liblegacy.a]=$SHA1DEF $KECCAK1600DEF
	91	ENDIF
84	92
85	93	GENERATE[sha1-586.S]=asm/sha1-586.pl
86	94	DEPEND[sha1-586.S]=../perlasm/x86asm.pl

+4

-2

crypto/sparse_array.c less more

108	108
109	109	void ossl_sa_free(OPENSSL_SA *sa)
110	110	{
111		sa_doall(sa, &sa_free_node, NULL, NULL);
112		OPENSSL_free(sa);
	111	if (sa != NULL) {
	112	sa_doall(sa, &sa_free_node, NULL, NULL);
	113	OPENSSL_free(sa);
	114	}
113	115	}
114	116
115	117	void ossl_sa_free_leaves(OPENSSL_SA *sa)

+49

-22

crypto/stack/stack.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

18	18	*/
19	19	static const int min_nodes = 4;
20	20	static const int max_nodes = SIZE_MAX / sizeof(void *) < INT_MAX
21		? (int)(SIZE_MAX / sizeof(void *))
22		: INT_MAX;
	21	? (int)(SIZE_MAX / sizeof(void *)) : INT_MAX;
23	22
24	23	struct stack_st {
25	24	int num;

29	28	OPENSSL_sk_compfunc comp;
30	29	};
31	30
32		OPENSSL_sk_compfunc OPENSSL_sk_set_cmp_func(OPENSSL_STACK *sk, OPENSSL_sk_compfunc c)
	31	OPENSSL_sk_compfunc OPENSSL_sk_set_cmp_func(OPENSSL_STACK *sk,
	32	OPENSSL_sk_compfunc c)
33	33	{
34	34	OPENSSL_sk_compfunc old = sk->comp;
35	35

64	64	}
65	65
66	66	/* duplicate \|sk->data\| content */
67		if ((ret->data = OPENSSL_malloc(sizeof(ret->data) sk->num_alloc)) == NULL)
	67	ret->data = OPENSSL_malloc(sizeof(ret->data) sk->num_alloc);
	68	if (ret->data == NULL)
68	69	goto err;
69	70	memcpy(ret->data, sk->data, sizeof(void ) sk->num);
70	71	return ret;

76	77	}
77	78
78	79	OPENSSL_STACK OPENSSL_sk_deep_copy(const OPENSSL_STACK sk,
79		OPENSSL_sk_copyfunc copy_func,
80		OPENSSL_sk_freefunc free_func)
	80	OPENSSL_sk_copyfunc copy_func,
	81	OPENSSL_sk_freefunc free_func)
81	82	{
82	83	OPENSSL_STACK *ret;
83	84	int i;

174	175	int num_alloc;
175	176
176	177	/* Check to see the reservation isn't exceeding the hard limit */
177		if (n > max_nodes - st->num)
178		return 0;
	178	if (n > max_nodes - st->num) {
	179	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_RECORDS);
	180	return 0;
	181	}
179	182
180	183	/* Figure out the new size */
181	184	num_alloc = st->num + n;

200	203	if (num_alloc <= st->num_alloc)
201	204	return 1;
202	205	num_alloc = compute_growth(num_alloc, st->num_alloc);
203		if (num_alloc == 0)
	206	if (num_alloc == 0) {
	207	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_RECORDS);
204	208	return 0;
	209	}
205	210	} else if (num_alloc == st->num_alloc) {
206	211	return 1;
207	212	}
208	213
209	214	tmpdata = OPENSSL_realloc((void )st->data, sizeof(void ) * num_alloc);
210		if (tmpdata == NULL)
211		return 0;
	215	if (tmpdata == NULL) {
	216	ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
	217	return 0;
	218	}
212	219
213	220	st->data = tmpdata;
214	221	st->num_alloc = num_alloc;

219	226	{
220	227	OPENSSL_STACK *st = OPENSSL_zalloc(sizeof(OPENSSL_STACK));
221	228
222		if (st == NULL)
223		return NULL;
	229	if (st == NULL) {
	230	ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
	231	return NULL;
	232	}
224	233
225	234	st->comp = c;
226	235

237	246
238	247	int OPENSSL_sk_reserve(OPENSSL_STACK *st, int n)
239	248	{
240		if (st == NULL)
241		return 0;
	249	if (st == NULL) {
	250	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
	251	return 0;
	252	}
242	253
243	254	if (n < 0)
244	255	return 1;

247	258
248	259	int OPENSSL_sk_insert(OPENSSL_STACK st, const void data, int loc)
249	260	{
250		if (st == NULL \|\| st->num == max_nodes)
251		return 0;
	261	if (st == NULL) {
	262	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
	263	return 0;
	264	}
	265	if (st->num == max_nodes) {
	266	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_RECORDS);
	267	return 0;
	268	}
252	269
253	270	if (!sk_reserve(st, 1, 0))
254	271	return 0;

270	287	const void *ret = st->data[loc];
271	288
272	289	if (loc != st->num - 1)
273		memmove(&st->data[loc], &st->data[loc + 1],
274		sizeof(st->data[0]) * (st->num - loc - 1));
	290	memmove(&st->data[loc], &st->data[loc + 1],
	291	sizeof(st->data[0]) * (st->num - loc - 1));
275	292	st->num--;
276	293
277	294	return (void *)ret;

280	297	void OPENSSL_sk_delete_ptr(OPENSSL_STACK st, const void *p)
281	298	{
282	299	int i;
	300
	301	if (st == NULL)
	302	return NULL;
283	303
284	304	for (i = 0; i < st->num; i++)
285	305	if (st->data[i] == p)

428	448
429	449	void OPENSSL_sk_set(OPENSSL_STACK st, int i, const void *data)
430	450	{
431		if (st == NULL \|\| i < 0 \|\| i >= st->num)
432		return NULL;
	451	if (st == NULL) {
	452	ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER);
	453	return NULL;
	454	}
	455	if (i < 0 \|\| i >= st->num) {
	456	ERR_raise_data(ERR_LIB_CRYPTO, ERR_R_PASSED_INVALID_ARGUMENT,
	457	"i=%d", i);
	458	return NULL;
	459	}
433	460	st->data[i] = data;
434	461	st->sorted = 0;
435	462	return (void *)st->data[i];

+24

-0

crypto/store/store_meth.c less more

124	124	{
125	125	return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX,
126	126	&loader_store_method);
	127	}
	128
	129	static int reserve_loader_store(void store, void data)
	130	{
	131	struct loader_data_st *methdata = data;
	132
	133	if (store == NULL
	134	&& (store = get_loader_store(methdata->libctx)) == NULL)
	135	return 0;
	136
	137	return ossl_method_lock_store(store);
	138	}
	139
	140	static int unreserve_loader_store(void store, void data)
	141	{
	142	struct loader_data_st *methdata = data;
	143
	144	if (store == NULL
	145	&& (store = get_loader_store(methdata->libctx)) == NULL)
	146	return 0;
	147
	148	return ossl_method_unlock_store(store);
127	149	}
128	150
129	151	/* Get loader methods from a store, or put one in */

312	334	\|\| !ossl_method_store_cache_get(store, NULL, id, propq, &method)) {
313	335	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
314	336	get_tmp_loader_store,
	337	reserve_loader_store,
	338	unreserve_loader_store,
315	339	get_loader_from_store,
316	340	put_loader_in_store,
317	341	construct_loader,

+35

-1

crypto/threads_win.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

11	11	# if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600
12	12	# define USE_RWLOCK
13	13	# endif
	14	#endif
	15
	16	/*
	17	* VC++ 2008 or earlier x86 compilers do not have an inline implementation
	18	* of InterlockedOr64 for 32bit and will fail to run on Windows XP 32bit.
	19	* https://docs.microsoft.com/en-us/cpp/intrinsics/interlockedor-intrinsic-functions#requirements
	20	* To work around this problem, we implement a manual locking mechanism for
	21	* only VC++ 2008 or earlier x86 compilers.
	22	*/
	23
	24	#if (defined(_MSC_VER) && defined(_M_IX86) && _MSC_VER <= 1500)
	25	# define NO_INTERLOCKEDOR64
14	26	#endif
15	27
16	28	#include <openssl/crypto.h>

206	218	int CRYPTO_atomic_or(uint64_t val, uint64_t op, uint64_t ret,
207	219	CRYPTO_RWLOCK *lock)
208	220	{
	221	#if (defined(NO_INTERLOCKEDOR64))
	222	if (lock == NULL \|\| !CRYPTO_THREAD_write_lock(lock))
	223	return 0;
	224	*val \|= op;
	225	ret = val;
	226
	227	if (!CRYPTO_THREAD_unlock(lock))
	228	return 0;
	229
	230	return 1;
	231	#else
209	232	ret = (uint64_t)InterlockedOr64((LONG64 volatile )val, (LONG64)op) \| op;
210	233	return 1;
	234	#endif
211	235	}
212	236
213	237	int CRYPTO_atomic_load(uint64_t val, uint64_t ret, CRYPTO_RWLOCK *lock)
214	238	{
	239	#if (defined(NO_INTERLOCKEDOR64))
	240	if (lock == NULL \|\| !CRYPTO_THREAD_read_lock(lock))
	241	return 0;
	242	ret = val;
	243	if (!CRYPTO_THREAD_unlock(lock))
	244	return 0;
	245
	246	return 1;
	247	#else
215	248	ret = (uint64_t)InterlockedOr64((LONG64 volatile )val, 0);
216	249	return 1;
	250	#endif
217	251	}
218	252
219	253	int openssl_init_fork_handlers(void)

+1

-3

crypto/txt_db/txt_db.c less more

0	0	/*
1		* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

20	20	{
21	21	TXT_DB *ret = NULL;
22	22	int esc = 0;
23		long ln = 0;
24	23	int i, add, n;
25	24	int size = BUFSIZE;
26	25	int offset = 0;

60	59	}
61	60	buf->data[offset] = '\0';
62	61	BIO_gets(in, &(buf->data[offset]), size - offset);
63		ln++;
64	62	if (buf->data[offset] == '\0')
65	63	break;
66	64	if ((offset == 0) && (buf->data[0] == '#'))

+12

-5

crypto/x509/v3_addr.c less more

392	392	/*
393	393	* Construct a prefix.
394	394	*/
395		static int make_addressPrefix(IPAddressOrRange **result,
396		unsigned char *addr, const int prefixlen)
	395	static int make_addressPrefix(IPAddressOrRange *result, unsigned char addr,
	396	const int prefixlen, const int afilen)
397	397	{
398	398	int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
399	399	IPAddressOrRange *aor = IPAddressOrRange_new();
400	400
	401	if (prefixlen < 0 \|\| prefixlen > (afilen * 8))
	402	return 0;
401	403	if (aor == NULL)
402	404	return 0;
403	405	aor->type = IPAddressOrRange_addressPrefix;

437	439	return 0;
438	440
439	441	if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
440		return make_addressPrefix(result, min, prefixlen);
	442	return make_addressPrefix(result, min, prefixlen, length);
441	443
442	444	if ((aor = IPAddressOrRange_new()) == NULL)
443	445	return 0;

599	601	{
600	602	IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
601	603	IPAddressOrRange *aor;
602		if (aors == NULL \|\| !make_addressPrefix(&aor, a, prefixlen))
	604
	605	if (aors == NULL
	606	\|\| !make_addressPrefix(&aor, a, prefixlen, length_from_afi(afi)))
603	607	return 0;
604	608	if (sk_IPAddressOrRange_push(aors, aor))
605	609	return 1;

994	998	switch (delim) {
995	999	case '/':
996	1000	prefixlen = (int)strtoul(s + i2, &t, 10);
997		if (t == s + i2 \|\| *t != '\0') {
	1001	if (t == s + i2
	1002	\|\| *t != '\0'
	1003	\|\| prefixlen > (length * 8)
	1004	\|\| prefixlen < 0) {
998	1005	ERR_raise(ERR_LIB_X509V3, X509V3_R_EXTENSION_VALUE_ERROR);
999	1006	X509V3_conf_add_error_name_value(val);
1000	1007	goto err;

+4

-2

crypto/x509/v3_lib.c less more

0	0	/*
1		* Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

241	241	}
242	242	/* If delete, just delete it */
243	243	if (ext_op == X509V3_ADD_DELETE) {
244		if (!sk_X509_EXTENSION_delete(*x, extidx))
	244	extmp = sk_X509_EXTENSION_delete(*x, extidx);
	245	if (extmp == NULL)
245	246	return -1;
	247	X509_EXTENSION_free(extmp);
246	248	return 1;
247	249	}
248	250	} else {

+53

-19

crypto/x509/x509_req.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

115	115	int X509_REQ_extension_nid(int req_nid)
116	116	{
117	117	int i, nid;
	118
118	119	for (i = 0;; i++) {
119	120	nid = ext_nids[i];
120	121	if (nid == NID_undef)

141	142	int idx, *pnid;
142	143	const unsigned char *p;
143	144
144		if ((req == NULL) \|\| !ext_nids)
	145	if (req == NULL \|\| !ext_nids)
145	146	return NULL;
146	147	for (pnid = ext_nids; *pnid != NID_undef; pnid++) {
147	148	idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);

213	214
214	215	X509_ATTRIBUTE X509_REQ_delete_attr(X509_REQ req, int loc)
215	216	{
216		return X509at_delete_attr(req->req_info.attributes, loc);
	217	X509_ATTRIBUTE *attr;
	218
	219	if (req == NULL) {
	220	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	221	return 0;
	222	}
	223	attr = X509at_delete_attr(req->req_info.attributes, loc);
	224	if (attr != NULL)
	225	req->req_info.enc.modified = 1;
	226	return attr;
217	227	}
218	228
219	229	int X509_REQ_add1_attr(X509_REQ req, X509_ATTRIBUTE attr)
220	230	{
221		if (X509at_add1_attr(&req->req_info.attributes, attr))
222		return 1;
223		return 0;
	231	if (req == NULL) {
	232	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	233	return 0;
	234	}
	235	if (!X509at_add1_attr(&req->req_info.attributes, attr))
	236	return 0;
	237	req->req_info.enc.modified = 1;
	238	return 1;
224	239	}
225	240
226	241	int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
227	242	const ASN1_OBJECT *obj, int type,
228	243	const unsigned char *bytes, int len)
229	244	{
230		if (X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
231		type, bytes, len))
232		return 1;
233		return 0;
	245	if (req == NULL) {
	246	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	247	return 0;
	248	}
	249	if (!X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj,
	250	type, bytes, len))
	251	return 0;
	252	req->req_info.enc.modified = 1;
	253	return 1;
234	254	}
235	255
236	256	int X509_REQ_add1_attr_by_NID(X509_REQ *req,
237	257	int nid, int type,
238	258	const unsigned char *bytes, int len)
239	259	{
240		if (X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
241		type, bytes, len))
242		return 1;
243		return 0;
	260	if (req == NULL) {
	261	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	262	return 0;
	263	}
	264	if (!X509at_add1_attr_by_NID(&req->req_info.attributes, nid,
	265	type, bytes, len))
	266	return 0;
	267	req->req_info.enc.modified = 1;
	268	return 1;
244	269	}
245	270
246	271	int X509_REQ_add1_attr_by_txt(X509_REQ *req,
247	272	const char *attrname, int type,
248	273	const unsigned char *bytes, int len)
249	274	{
250		if (X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
251		type, bytes, len))
252		return 1;
253		return 0;
	275	if (req == NULL) {
	276	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	277	return 0;
	278	}
	279	if (!X509at_add1_attr_by_txt(&req->req_info.attributes, attrname,
	280	type, bytes, len))
	281	return 0;
	282	req->req_info.enc.modified = 1;
	283	return 1;
254	284	}
255	285
256	286	long X509_REQ_get_version(const X509_REQ *req)

275	305	void X509_REQ_set0_signature(X509_REQ req, ASN1_BIT_STRING psig)
276	306	{
277	307	if (req->signature)
278		ASN1_BIT_STRING_free(req->signature);
	308	ASN1_BIT_STRING_free(req->signature);
279	309	req->signature = psig;
280	310	}
281	311

291	321
292	322	int i2d_re_X509_REQ_tbs(X509_REQ req, unsigned char *pp)
293	323	{
	324	if (req == NULL) {
	325	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	326	return 0;
	327	}
294	328	req->req_info.enc.modified = 1;
295	329	return i2d_X509_REQ_INFO(&req->req_info, pp);
296	330	}

+10

-21

crypto/x509/x509_vfy.c less more

350	350	* SUBJECT_ISSUER_MISMATCH just means 'x' is clearly not issued by 'issuer'.
351	351	* Every other error code likely indicates a real error.
352	352	*/
353		if (err != X509_V_ERR_SUBJECT_ISSUER_MISMATCH)
354		ctx->error = err;
355	353	return 0;
356	354	}
357	355

1008	1006	time_t *ptime;
1009	1007	int i;
1010	1008
1011		if (notify)
1012		ctx->current_crl = crl;
1013	1009	if ((ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) != 0)
1014	1010	ptime = &ctx->param->check_time;
1015	1011	else if ((ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME) != 0)
1016	1012	return 1;
1017	1013	else
1018	1014	ptime = NULL;
	1015	if (notify)
	1016	ctx->current_crl = crl;
1019	1017
1020	1018	i = X509_cmp_time(X509_CRL_get0_lastUpdate(crl), ptime);
1021	1019	if (i == 0) {

2314	2312	int X509_STORE_CTX_init(X509_STORE_CTX ctx, X509_STORE store, X509 *x509,
2315	2313	STACK_OF(X509) *chain)
2316	2314	{
2317		int ret = 1;
2318
2319	2315	if (ctx == NULL) {
2320	2316	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
2321	2317	return 0;

2413	2409	}
2414	2410
2415	2411	/* Inherit callbacks and flags from X509_STORE if not set use defaults. */
2416		if (store != NULL)
2417		ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
2418		else
	2412	if (store == NULL)
2419	2413	ctx->param->inh_flags \|= X509_VP_FLAG_DEFAULT \| X509_VP_FLAG_ONCE;
2420
2421		if (ret)
2422		ret = X509_VERIFY_PARAM_inherit(ctx->param,
2423		X509_VERIFY_PARAM_lookup("default"));
2424
2425		if (ret == 0) {
2426		ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
	2414	else if (X509_VERIFY_PARAM_inherit(ctx->param, store->param) == 0)
2427	2415	goto err;
2428		}
	2416
	2417	if (!X509_STORE_CTX_set_default(ctx, "default"))
	2418	goto err;
2429	2419
2430	2420	/*
2431	2421	* XXX: For now, continue to inherit trust from VPM, but infer from the

2627	2617	const X509_VERIFY_PARAM *param;
2628	2618
2629	2619	param = X509_VERIFY_PARAM_lookup(name);
2630		if (param == NULL)
	2620	if (param == NULL) {
	2621	ERR_raise_data(ERR_LIB_X509, X509_R_UNKNOWN_PURPOSE_ID, "name=%s", name);
2631	2622	return 0;
	2623	}
2632	2624	return X509_VERIFY_PARAM_inherit(ctx->param, param);
2633	2625	}
2634	2626

2996	2988	int alt_untrusted = 0;
2997	2989	int max_depth;
2998	2990	int ok = 0;
2999		int prev_error = ctx->error;
3000	2991	int i;
3001	2992
3002	2993	/* Our chain starts with a single untrusted element. */

3278	3269
3279	3270	switch (trust) {
3280	3271	case X509_TRUST_TRUSTED:
3281		/* Must restore any previous error value for backward compatibility */
3282		ctx->error = prev_error;
3283	3272	return 1;
3284	3273	case X509_TRUST_REJECTED:
3285	3274	/* Callback already issued */

+46

-44

crypto/x509/x509_vpm.c less more

0	0	/*
1		* Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2004-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

43	43	*/
44	44	if (namelen == 0 \|\| name == NULL)
45	45	namelen = name ? strlen(name) : 0;
46		else if (name && memchr(name, '\0', namelen > 1 ? namelen - 1 : namelen))
	46	else if (name != NULL
	47	&& memchr(name, '\0', namelen > 1 ? namelen - 1 : namelen) != NULL)
47	48	return 0;
48	49	if (namelen > 0 && name[namelen - 1] == '\0')
49	50	--namelen;

76	77
77	78	return 1;
78	79	}
79
80	80
81	81	X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
82	82	{

141	141	/* Macro to test if a field should be copied from src to dest */
142	142
143	143	#define test_x509_verify_param_copy(field, def) \
144		(to_overwrite \
145		\|\| ((src->field != def) && (to_default \|\| (dest->field == def))))
	144	(to_overwrite \|\| (src->field != def && (to_default \|\| dest->field == def)))
146	145
147	146	/* Macro to test and copy a field if necessary */
148	147

155	154	{
156	155	unsigned long inh_flags;
157	156	int to_default, to_overwrite;
158		if (!src)
	157
	158	if (src == NULL)
159	159	return 1;
160	160	inh_flags = dest->inh_flags \| src->inh_flags;
161	161
162		if (inh_flags & X509_VP_FLAG_ONCE)
	162	if ((inh_flags & X509_VP_FLAG_ONCE) != 0)
163	163	dest->inh_flags = 0;
164	164
165		if (inh_flags & X509_VP_FLAG_LOCKED)
	165	if ((inh_flags & X509_VP_FLAG_LOCKED) != 0)
166	166	return 1;
167	167
168		if (inh_flags & X509_VP_FLAG_DEFAULT)
169		to_default = 1;
170		else
171		to_default = 0;
172
173		if (inh_flags & X509_VP_FLAG_OVERWRITE)
174		to_overwrite = 1;
175		else
176		to_overwrite = 0;
	168	to_default = (inh_flags & X509_VP_FLAG_DEFAULT) != 0;
	169	to_overwrite = (inh_flags & X509_VP_FLAG_OVERWRITE) != 0;
177	170
178	171	x509_verify_param_copy(purpose, 0);
179	172	x509_verify_param_copy(trust, X509_TRUST_DEFAULT);

182	175
183	176	/* If overwrite or check time not set, copy across */
184	177
185		if (to_overwrite \|\| !(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) {
	178	if (to_overwrite \|\| (dest->flags & X509_V_FLAG_USE_CHECK_TIME) == 0) {
186	179	dest->check_time = src->check_time;
187	180	dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME;
188	181	/* Don't need to copy flag: that is done below */
189	182	}
190	183
191		if (inh_flags & X509_VP_FLAG_RESET_FLAGS)
	184	if ((inh_flags & X509_VP_FLAG_RESET_FLAGS) != 0)
192	185	dest->flags = 0;
193	186
194	187	dest->flags \|= src->flags;

203	196	if (test_x509_verify_param_copy(hosts, NULL)) {
204	197	sk_OPENSSL_STRING_pop_free(dest->hosts, str_free);
205	198	dest->hosts = NULL;
206		if (src->hosts) {
	199	if (src->hosts != NULL) {
207	200	dest->hosts =
208	201	sk_OPENSSL_STRING_deep_copy(src->hosts, str_copy, str_free);
209	202	if (dest->hosts == NULL)

227	220	int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
228	221	const X509_VERIFY_PARAM *from)
229	222	{
230		unsigned long save_flags = to->inh_flags;
	223	unsigned long save_flags;
231	224	int ret;
	225
	226	if (to == NULL) {
	227	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	228	return 0;
	229	}
	230	save_flags = to->inh_flags;
232	231	to->inh_flags \|= X509_VP_FLAG_DEFAULT;
233	232	ret = X509_VERIFY_PARAM_inherit(to, from);
234	233	to->inh_flags = save_flags;

239	238	const char *src, size_t srclen)
240	239	{
241	240	char *tmp;
242		if (src) {
	241
	242	if (src != NULL) {
243	243	if (srclen == 0)
244	244	srclen = strlen(src);
245	245

263	263	{
264	264	OPENSSL_free(param->name);
265	265	param->name = OPENSSL_strdup(name);
266		if (param->name)
267		return 1;
268		return 0;
	266	return param->name != NULL;
269	267	}
270	268
271	269	int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
272	270	{
273	271	param->flags \|= flags;
274		if (flags & X509_V_FLAG_POLICY_MASK)
	272	if ((flags & X509_V_FLAG_POLICY_MASK) != 0)
275	273	param->flags \|= X509_V_FLAG_POLICY_CHECK;
276	274	return 1;
277	275	}

338	336	if (param->policies == NULL)
339	337	return 0;
340	338	}
341		if (!sk_ASN1_OBJECT_push(param->policies, policy))
342		return 0;
343		return 1;
	339	return sk_ASN1_OBJECT_push(param->policies, policy);
344	340	}
345	341
346	342	int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,

349	345	int i;
350	346	ASN1_OBJECT oid, doid;
351	347
352		if (param == NULL)
353		return 0;
	348	if (param == NULL) {
	349	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	350	return 0;
	351	}
354	352	sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
355	353
356	354	if (policies == NULL) {

365	363	for (i = 0; i < sk_ASN1_OBJECT_num(policies); i++) {
366	364	oid = sk_ASN1_OBJECT_value(policies, i);
367	365	doid = OBJ_dup(oid);
368		if (!doid)
	366	if (doid == NULL)
369	367	return 0;
370	368	if (!sk_ASN1_OBJECT_push(param->policies, doid)) {
371	369	ASN1_OBJECT_free(doid);

423	421	OPENSSL_free(to->peername);
424	422	to->peername = peername;
425	423	}
426		if (from)
	424	if (from != NULL)
427	425	from->peername = NULL;
428	426	}
429	427

442	440	static unsigned char
443	441	int_X509_VERIFY_PARAM_get0_ip(X509_VERIFY_PARAM param, size_t *plen)
444	442	{
445		if (param == NULL \|\| param->ip == NULL)
	443	if (param == NULL \|\| param->ip == NULL) {
	444	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
446	445	return NULL;
	446	}
447	447	if (plen != NULL)
448	448	*plen = param->iplen;
449	449	return param->ip;

454	454	size_t iplen;
455	455	unsigned char *ip = int_X509_VERIFY_PARAM_get0_ip(param, &iplen);
456	456
457		return ip == NULL ? NULL : ossl_ipaddr_to_asc(ip, iplen);
	457	return ip == NULL ? NULL : ossl_ipaddr_to_asc(ip, iplen);
458	458	}
459	459
460	460	int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
461	461	const unsigned char *ip, size_t iplen)
462	462	{
463		if (iplen != 0 && iplen != 4 && iplen != 16)
464		return 0;
	463	if (iplen != 0 && iplen != 4 && iplen != 16) {
	464	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_INVALID_ARGUMENT);
	465	return 0;
	466	}
465	467	return int_x509_param_set1((char **)&param->ip, &param->iplen,
466	468	(char *)ip, iplen);
467	469	}

469	471	int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM param, const char ipasc)
470	472	{
471	473	unsigned char ipout[16];
472		size_t iplen;
473
474		iplen = (size_t)ossl_a2i_ipadd(ipout, ipasc);
	474	size_t iplen = (size_t)ossl_a2i_ipadd(ipout, ipasc);
	475
475	476	if (iplen == 0)
476	477	return 0;
477	478	return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen);

578	579	{
579	580	int idx;
580	581	X509_VERIFY_PARAM *ptmp;
	582
581	583	if (param_table == NULL) {
582	584	param_table = sk_X509_VERIFY_PARAM_new(param_cmp);
583	585	if (param_table == NULL)

589	591	X509_VERIFY_PARAM_free(ptmp);
590	592	}
591	593	}
592		if (!sk_X509_VERIFY_PARAM_push(param_table, param))
593		return 0;
594		return 1;
	594	return sk_X509_VERIFY_PARAM_push(param_table, param);
595	595	}
596	596
597	597	int X509_VERIFY_PARAM_get_count(void)
598	598	{
599	599	int num = OSSL_NELEM(default_table);
600		if (param_table)
	600
	601	if (param_table != NULL)
601	602	num += sk_X509_VERIFY_PARAM_num(param_table);
602	603	return num;
603	604	}

605	606	const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id)
606	607	{
607	608	int num = OSSL_NELEM(default_table);
	609
608	610	if (id < num)
609	611	return default_table + id;
610	612	return sk_X509_VERIFY_PARAM_value(param_table, id - num);

+44

-10

crypto/x509/x_all.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

29	29
30	30	int X509_verify(X509 a, EVP_PKEY r)
31	31	{
32		if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
	32	if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature) != 0)
33	33	return 0;
34	34
35	35	return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,

58	58
59	59	int X509_sign(X509 x, EVP_PKEY pkey, const EVP_MD *md)
60	60	{
	61	if (x == NULL) {
	62	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	63	return 0;
	64	}
	65
	66	/*
	67	* Setting the modified flag before signing it. This makes the cached
	68	* encoding to be ignored, so even if the certificate fields have changed,
	69	* they are signed correctly.
	70	* The X509_sign_ctx, X509_REQ_sign{,_ctx}, X509_CRL_sign{,_ctx} functions
	71	* which exist below are the same.
	72	*/
61	73	x->cert_info.enc.modified = 1;
62	74	return ASN1_item_sign_ex(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature,
63	75	&x->sig_alg, &x->signature, &x->cert_info, NULL,

66	78
67	79	int X509_sign_ctx(X509 x, EVP_MD_CTX ctx)
68	80	{
	81	if (x == NULL) {
	82	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	83	return 0;
	84	}
69	85	x->cert_info.enc.modified = 1;
70	86	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
71	87	&x->cert_info.signature,

76	92	int timeout, const ASN1_ITEM *it)
77	93	{
78	94	BIO mem = OSSL_HTTP_get(url, NULL / proxy /, NULL / no_proxy */,
79		bio, rbio, NULL /* cb / , NULL / arg */,
	95	bio, rbio, NULL /* cb /, NULL / arg */,
80	96	1024 /* buf_size /, NULL / headers */,
81	97	NULL /* expected_ct /, 1 / expect_asn1 */,
82	98	OSSL_HTTP_DEFAULT_MAX_RESP_LEN, timeout);

94	110
95	111	int X509_REQ_sign(X509_REQ x, EVP_PKEY pkey, const EVP_MD *md)
96	112	{
	113	if (x == NULL) {
	114	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	115	return 0;
	116	}
	117	x->req_info.enc.modified = 1;
97	118	return ASN1_item_sign_ex(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL,
98	119	x->signature, &x->req_info, NULL,
99	120	pkey, md, x->libctx, x->propq);

101	122
102	123	int X509_REQ_sign_ctx(X509_REQ x, EVP_MD_CTX ctx)
103	124	{
	125	if (x == NULL) {
	126	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	127	return 0;
	128	}
	129	x->req_info.enc.modified = 1;
104	130	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
105	131	&x->sig_alg, NULL, x->signature, &x->req_info,
106	132	ctx);

108	134
109	135	int X509_CRL_sign(X509_CRL x, EVP_PKEY pkey, const EVP_MD *md)
110	136	{
	137	if (x == NULL) {
	138	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	139	return 0;
	140	}
111	141	x->crl.enc.modified = 1;
112	142	return ASN1_item_sign_ex(ASN1_ITEM_rptr(X509_CRL_INFO), &x->crl.sig_alg,
113	143	&x->sig_alg, &x->signature, &x->crl, NULL,

116	146
117	147	int X509_CRL_sign_ctx(X509_CRL x, EVP_MD_CTX ctx)
118	148	{
	149	if (x == NULL) {
	150	ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
	151	return 0;
	152	}
119	153	x->crl.enc.modified = 1;
120	154	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
121	155	&x->crl.sig_alg, &x->sig_alg, &x->signature,

130	164
131	165	int NETSCAPE_SPKI_sign(NETSCAPE_SPKI x, EVP_PKEY pkey, const EVP_MD *md)
132	166	{
133		return ASN1_item_sign_ex(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
	167	return
	168	ASN1_item_sign_ex(ASN1_ITEM_rptr(NETSCAPE_SPKAC), &x->sig_algor, NULL,
134	169	x->signature, x->spkac, NULL, pkey, md, NULL, NULL);
135	170	}
136	171

213	248	propq = (*p7)->ctx.propq;
214	249	}
215	250
216
217	251	ret = ASN1_item_d2i_bio_ex(ASN1_ITEM_rptr(PKCS7), bp, p7, libctx, propq);
218	252	if (ret != NULL)
219	253	ossl_pkcs7_resolve_libctx(ret);

410	444	int X509_pubkey_digest(const X509 data, const EVP_MD type,
411	445	unsigned char md, unsigned int len)
412	446	{
413		ASN1_BIT_STRING *key;
414		key = X509_get0_pubkey_bitstr(data);
415		if (!key)
	447	ASN1_BIT_STRING *key = X509_get0_pubkey_bitstr(data);
	448
	449	if (key == NULL)
416	450	return 0;
417	451	return EVP_Digest(key->data, key->length, md, len, type, NULL);
418	452	}

468	502	\|\| !ossl_rsa_pss_get_param_unverified(pss, &mmd, &mgf1md,
469	503	&saltlen,
470	504	&trailerfield)
471		\|\| mmd == NULL) {
	505	\|\| mmd == NULL) {
472	506	RSA_PSS_PARAMS_free(pss);
473	507	ERR_raise(ERR_LIB_X509, X509_R_UNSUPPORTED_ALGORITHM);
474	508	return NULL;

511	545	if (!X509_digest(cert, md, hash, &len)
512	546	\|\| (new = ASN1_OCTET_STRING_new()) == NULL)
513	547	goto err;
514		if ((ASN1_OCTET_STRING_set(new, hash, len))) {
	548	if (ASN1_OCTET_STRING_set(new, hash, len)) {
515	549	if (md_used != NULL)
516	550	*md_used = md;
517	551	else

+2

-6

crypto/x509/x_name.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

498	498	int X509_NAME_print(BIO bp, const X509_NAME name, int obase)
499	499	{
500	500	char s, c, *b;
501		int l, i;
502
503		l = 80 - 2 - obase;
	501	int i;
504	502
505	503	b = X509_NAME_oneline(name, NULL, 0);
506	504	if (b == NULL)

526	524	if (BIO_write(bp, ", ", 2) != 2)
527	525	goto err;
528	526	}
529		l--;
530	527	}
531	528	if (*s == '\0')
532	529	break;
533	530	s++;
534		l--;
535	531	}
536	532
537	533	OPENSSL_free(b);

+6

-3

demos/cipher/Makefile less more

6	6	#
7	7	# LD_LIBRARY_PATH=../.. ./aesccm
8	8	# LD_LIBRARY_PATH=../.. ./aesgcm
	9	# LD_LIBRARY_PATH=../.. ./aeskeywrap
	10	# LD_LIBRARY_PATH=../.. ./ariacbc
9	11
10	12	CFLAGS = $(OPENSSL_INCS_LOCATION)
11	13	LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto
12	14
13		all: aesccm aesgcm ariacbc
	15	all: aesccm aesgcm aeskeywrap ariacbc
14	16
15	17	aesccm: aesccm.o
16	18	aesgcm: aesgcm.o
	19	aeskeywrap: aeskeywrap.o
17	20	ariacbc: ariacbc.o
18	21
19		aesccm aesgcm ariacbc:
	22	aesccm aesgcm aeskeywrap ariacbc:
20	23	$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
21	24
22	25	clean:
23		$(RM) aesccm aesgcm ariacbc *.o
	26	$(RM) aesccm aesgcm aeskeywrap ariacbc *.o

+181

-0

demos/cipher/aeskeywrap.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	/*
	10	* Simple aes wrap encryption demonstration program.
	11	*/
	12
	13	#include <stdio.h>
	14	#include <openssl/err.h>
	15	#include <openssl/bio.h>
	16	#include <openssl/evp.h>
	17	#include <openssl/crypto.h>
	18	#include <openssl/core_names.h>
	19
	20	/* aes key */
	21	static const unsigned char wrap_key[] = {
	22	0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66,
	23	0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
	24	0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
	25	};
	26
	27	/* Unique initialisation vector */
	28	static const unsigned char wrap_iv[] = {
	29	0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84,
	30	0x99, 0xaa, 0x3e, 0x68,
	31	};
	32
	33	/* Example plaintext to encrypt */
	34	static const unsigned char wrap_pt[] = {
	35	0xad, 0x4f, 0xc9, 0xfc, 0x77, 0x69, 0xc9, 0xea, 0xfc, 0xdf, 0x00, 0xac,
	36	0x34, 0xec, 0x40, 0xbc, 0x28, 0x3f, 0xa4, 0x5e, 0xd8, 0x99, 0xe4, 0x5d,
	37	0x5e, 0x7a, 0xc4, 0xe6, 0xca, 0x7b, 0xa5, 0xb7,
	38	};
	39
	40	/* Expected ciphertext value */
	41	static const unsigned char wrap_ct[] = {
	42	0x97, 0x99, 0x55, 0xca, 0xf6, 0x3e, 0x95, 0x54, 0x39, 0xd6, 0xaf, 0x63, 0xff, 0x2c, 0xe3, 0x96,
	43	0xf7, 0x0d, 0x2c, 0x9c, 0xc7, 0x43, 0xc0, 0xb6, 0x31, 0x43, 0xb9, 0x20, 0xac, 0x6b, 0xd3, 0x67,
	44	0xad, 0x01, 0xaf, 0xa7, 0x32, 0x74, 0x26, 0x92,
	45	};
	46
	47	/*
	48	* A library context and property query can be used to select & filter
	49	* algorithm implementations. If they are NULL then the default library
	50	* context and properties are used.
	51	*/
	52	OSSL_LIB_CTX *libctx = NULL;
	53	const char *propq = NULL;
	54
	55	int aes_wrap_encrypt(void)
	56	{
	57	int ret = 0;
	58	EVP_CIPHER_CTX *ctx;
	59	EVP_CIPHER *cipher = NULL;
	60	int outlen, tmplen;
	61	unsigned char outbuf[1024];
	62
	63	printf("aes wrap Encrypt:\n");
	64	printf("Plaintext:\n");
	65	BIO_dump_fp(stdout, wrap_pt, sizeof(wrap_pt));
	66
	67	/* Create a context for the encrypt operation */
	68	if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
	69	goto err;
	70
	71	EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
	72
	73	/* Fetch the cipher implementation */
	74	if ((cipher = EVP_CIPHER_fetch(libctx, "AES-256-WRAP", propq)) == NULL)
	75	goto err;
	76
	77	/*
	78	* Initialise an encrypt operation with the cipher/mode, key and IV.
	79	* We are not setting any custom params so let params be just NULL.
	80	*/
	81	if (!EVP_EncryptInit_ex2(ctx, cipher, wrap_key, wrap_iv, /* params */ NULL))
	82	goto err;
	83
	84	/* Encrypt plaintext */
	85	if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, wrap_pt, sizeof(wrap_pt)))
	86	goto err;
	87
	88	/* Finalise: there can be some additional output from padding */
	89	if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
	90	goto err;
	91	outlen += tmplen;
	92
	93	/* Output encrypted block */
	94	printf("Ciphertext (outlen:%d):\n", outlen);
	95	BIO_dump_fp(stdout, outbuf, outlen);
	96
	97	if (sizeof(wrap_ct) == outlen && !CRYPTO_memcmp(outbuf, wrap_ct, outlen))
	98	printf("Final ciphertext matches expected ciphertext\n");
	99	else
	100	printf("Final ciphertext differs from expected ciphertext\n");
	101
	102	ret = 1;
	103	err:
	104	if (!ret)
	105	ERR_print_errors_fp(stderr);
	106
	107	EVP_CIPHER_free(cipher);
	108	EVP_CIPHER_CTX_free(ctx);
	109
	110	return ret;
	111	}
	112
	113	int aes_wrap_decrypt(void)
	114	{
	115	int ret = 0;
	116	EVP_CIPHER_CTX *ctx;
	117	EVP_CIPHER *cipher = NULL;
	118	int outlen, tmplen;
	119	unsigned char outbuf[1024];
	120
	121	printf("aes wrap Decrypt:\n");
	122	printf("Ciphertext:\n");
	123	BIO_dump_fp(stdout, wrap_ct, sizeof(wrap_ct));
	124
	125	if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
	126	goto err;
	127
	128	EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
	129
	130	/* Fetch the cipher implementation */
	131	if ((cipher = EVP_CIPHER_fetch(libctx, "aes-256-wrap", propq)) == NULL)
	132	goto err;
	133
	134	/*
	135	* Initialise an encrypt operation with the cipher/mode, key and IV.
	136	* We are not setting any custom params so let params be just NULL.
	137	*/
	138	if (!EVP_DecryptInit_ex2(ctx, cipher, wrap_key, wrap_iv, /* params */ NULL))
	139	goto err;
	140
	141	/* Decrypt plaintext */
	142	if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, wrap_ct, sizeof(wrap_ct)))
	143	goto err;
	144
	145	/* Finalise: there can be some additional output from padding */
	146	if (!EVP_DecryptFinal_ex(ctx, outbuf + outlen, &tmplen))
	147	goto err;
	148	outlen += tmplen;
	149
	150	/* Output decrypted block */
	151	printf("Plaintext (outlen:%d):\n", outlen);
	152	BIO_dump_fp(stdout, outbuf, outlen);
	153
	154	if (sizeof(wrap_pt) == outlen && !CRYPTO_memcmp(outbuf, wrap_pt, outlen))
	155	printf("Final plaintext matches original plaintext\n");
	156	else
	157	printf("Final plaintext differs from original plaintext\n");
	158
	159	ret = 1;
	160	err:
	161	if (!ret)
	162	ERR_print_errors_fp(stderr);
	163
	164	EVP_CIPHER_free(cipher);
	165	EVP_CIPHER_CTX_free(ctx);
	166
	167	return ret;
	168	}
	169
	170	int main(int argc, char **argv)
	171	{
	172	if (!aes_wrap_encrypt())
	173	return 1;
	174
	175	if (!aes_wrap_decrypt())
	176	return 1;
	177
	178	return 0;
	179	}
	180

+20

-0

demos/encode/Makefile less more

	0	#
	1	# To run the demos when linked with a shared library (default):
	2	#
	3	# LD_LIBRARY_PATH=../.. ./rsa_encode
	4
	5	CFLAGS = -I../../include -g -Wall
	6	LDFLAGS = -L../..
	7	LDLIBS = -lcrypto
	8
	9	all: ec_encode rsa_encode
	10
	11	%.o: %.c
	12	$(CC) $(CFLAGS) -c $<
	13
	14	%_encode: %_encode.o
	15
	16	test: ;
	17
	18	clean:
	19	$(RM) *.o rsa_encode ec_encode

+205

-0

demos/encode/ec_encode.c less more

	0	/*-
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8	#include <string.h>
	9	#include <openssl/decoder.h>
	10	#include <openssl/encoder.h>
	11	#include <openssl/evp.h>
	12
	13	/*
	14	* Example showing the encoding and decoding of EC public and private keys. A
	15	* PEM-encoded EC key is read in from stdin, decoded, and then re-encoded and
	16	* output for demonstration purposes. Both public and private keys are accepted.
	17	*
	18	* This can be used to load EC keys from a file or save EC keys to a file.
	19	*/
	20
	21	/* A property query used for selecting algorithm implementations. */
	22	static const char *propq = NULL;
	23
	24	/*
	25	* Load a PEM-encoded EC key from a file, optionally decrypting it with a
	26	* supplied passphrase.
	27	*/
	28	static EVP_PKEY load_key(OSSL_LIB_CTX libctx, FILE f, const char passphrase)
	29	{
	30	int rv = 0;
	31	EVP_PKEY *pkey = NULL;
	32	OSSL_DECODER_CTX *dctx = NULL;
	33	int selection = 0;
	34
	35	/*
	36	* Create PEM decoder context expecting an EC key.
	37	*
	38	* For raw (non-PEM-encoded) keys, change "PEM" to "DER".
	39	*
	40	* The selection argument here specifies whether we are willing to accept a
	41	* public key, private key, or either. If it is set to zero, either will be
	42	* accepted. If set to EVP_PKEY_KEYPAIR, a private key will be required, and
	43	* if set to EVP_PKEY_PUBLIC_KEY, a public key will be required.
	44	*/
	45	dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "PEM", NULL, "EC",
	46	selection,
	47	libctx, propq);
	48	if (dctx == NULL) {
	49	fprintf(stderr, "OSSL_DECODER_CTX_new_for_pkey() failed\n");
	50	goto cleanup;
	51	}
	52
	53	/*
	54	* Set passphrase if provided; needed to decrypt encrypted PEM files.
	55	* If the input is not encrypted, any passphrase provided is ignored.
	56	*
	57	* Alternative methods for specifying passphrases exist, such as a callback
	58	* (see OSSL_DECODER_CTX_set_passphrase_cb(3)), which may be more useful for
	59	* interactive applications which do not know if a passphrase should be
	60	* prompted for in advance, or for GUI applications.
	61	*/
	62	if (passphrase != NULL) {
	63	if (OSSL_DECODER_CTX_set_passphrase(dctx,
	64	(const unsigned char *)passphrase,
	65	strlen(passphrase)) == 0) {
	66	fprintf(stderr, "OSSL_DECODER_CTX_set_passphrase() failed\n");
	67	goto cleanup;
	68	}
	69	}
	70
	71	/* Do the decode, reading from file. */
	72	if (OSSL_DECODER_from_fp(dctx, f) == 0) {
	73	fprintf(stderr, "OSSL_DECODER_from_fp() failed\n");
	74	goto cleanup;
	75	}
	76
	77	rv = 1;
	78	cleanup:
	79	OSSL_DECODER_CTX_free(dctx);
	80
	81	/*
	82	* pkey is created by OSSL_DECODER_CTX_new_for_pkey, but we
	83	* might fail subsequently, so ensure it's properly freed
	84	* in this case.
	85	*/
	86	if (rv == 0) {
	87	EVP_PKEY_free(pkey);
	88	pkey = NULL;
	89	}
	90
	91	return pkey;
	92	}
	93
	94	/*
	95	* Store a EC public or private key to a file using PEM encoding.
	96	*
	97	* If a passphrase is supplied, the file is encrypted, otherwise
	98	* it is unencrypted.
	99	*/
	100	static int store_key(EVP_PKEY pkey, FILE f, const char *passphrase)
	101	{
	102	int rv = 0;
	103	int selection;
	104	OSSL_ENCODER_CTX *ectx = NULL;
	105
	106	/*
	107	* Create a PEM encoder context.
	108	*
	109	* For raw (non-PEM-encoded) output, change "PEM" to "DER".
	110	*
	111	* The selection argument controls whether the private key is exported
	112	* (EVP_PKEY_KEYPAIR), or only the public key (EVP_PKEY_PUBLIC_KEY). The
	113	* former will fail if we only have a public key.
	114	*
	115	* Note that unlike the decode API, you cannot specify zero here.
	116	*
	117	* Purely for the sake of demonstration, here we choose to export the whole
	118	* key if a passphrase is provided and the public key otherwise.
	119	*/
	120	selection = (passphrase != NULL)
	121	? EVP_PKEY_KEYPAIR
	122	: EVP_PKEY_PUBLIC_KEY;
	123
	124	ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, "PEM", NULL, propq);
	125	if (ectx == NULL) {
	126	fprintf(stderr, "OSSL_ENCODER_CTX_new_for_pkey() failed\n");
	127	goto cleanup;
	128	}
	129
	130	/*
	131	* Set passphrase if provided; the encoded output will then be encrypted
	132	* using the passphrase.
	133	*
	134	* Alternative methods for specifying passphrases exist, such as a callback
	135	* (see OSSL_ENCODER_CTX_set_passphrase_cb(3), just as for OSSL_DECODER_CTX;
	136	* however you are less likely to need them as you presumably know whether
	137	* encryption is desired in advance.
	138	*
	139	* Note that specifying a passphrase alone is not enough to cause the
	140	* key to be encrypted. You must set both a cipher and a passphrase.
	141	*/
	142	if (passphrase != NULL) {
	143	/*
	144	* Set cipher. Let's use AES-256-CBC, because it is
	145	* more quantum resistant.
	146	*/
	147	if (OSSL_ENCODER_CTX_set_cipher(ectx, "AES-256-CBC", propq) == 0) {
	148	fprintf(stderr, "OSSL_ENCODER_CTX_set_cipher() failed\n");
	149	goto cleanup;
	150	}
	151
	152	/* Set passphrase. */
	153	if (OSSL_ENCODER_CTX_set_passphrase(ectx,
	154	(const unsigned char *)passphrase,
	155	strlen(passphrase)) == 0) {
	156	fprintf(stderr, "OSSL_ENCODER_CTX_set_passphrase() failed\n");
	157	goto cleanup;
	158	}
	159	}
	160
	161	/* Do the encode, writing to the given file. */
	162	if (OSSL_ENCODER_to_fp(ectx, f) == 0) {
	163	fprintf(stderr, "OSSL_ENCODER_to_fp() failed\n");
	164	goto cleanup;
	165	}
	166
	167	rv = 1;
	168	cleanup:
	169	OSSL_ENCODER_CTX_free(ectx);
	170	return rv;
	171	}
	172
	173	int main(int argc, char **argv)
	174	{
	175	int rv = 1;
	176	OSSL_LIB_CTX *libctx = NULL;
	177	EVP_PKEY *pkey = NULL;
	178	const char passphrase_in = NULL, passphrase_out = NULL;
	179
	180	/* usage: ec_encode <passphrase-in> <passphrase-out> */
	181	if (argc > 1 && argv[1][0])
	182	passphrase_in = argv[1];
	183
	184	if (argc > 2 && argv[2][0])
	185	passphrase_out = argv[2];
	186
	187	/* Decode PEM key from stdin and then PEM encode it to stdout. */
	188	pkey = load_key(libctx, stdin, passphrase_in);
	189	if (pkey == NULL) {
	190	fprintf(stderr, "Failed to decode key\n");
	191	goto cleanup;
	192	}
	193
	194	if (store_key(pkey, stdout, passphrase_out) == 0) {
	195	fprintf(stderr, "Failed to encode key\n");
	196	goto cleanup;
	197	}
	198
	199	rv = 0;
	200	cleanup:
	201	EVP_PKEY_free(pkey);
	202	OSSL_LIB_CTX_free(libctx);
	203	return rv;
	204	}

+5

-3

demos/mac/Makefile less more

10	10	CFLAGS = $(OPENSSL_INCS_LOCATION) -Wall
11	11	LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto
12	12
13		all: gmac poly1305
	13	all: gmac hmac-sha512 cmac-aes256 poly1305
14	14
15	15	gmac: gmac.o
	16	hmac-sha512: hmac-sha512.o
	17	cmac-aes256: cmac-aes256.o
16	18	poly1305: poly1305.o
17	19
18		gmac poly1305:
	20	gmac hmac-sha512 cmac-aes256 poly1305:
19	21	$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
20	22
21	23	clean:
22		$(RM) gmac poly1305 *.o
	24	$(RM) gmac hmac-sha512 cmac-aes256 poly1305 *.o

+154

-0

demos/mac/cmac-aes256.c less more

	0	/*-
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	/*
	10	* Example of using EVP_MAC_ methods to calculate
	11	* a CMAC of static buffers
	12	*/
	13
	14	#include <string.h>
	15	#include <stdio.h>
	16	#include <openssl/crypto.h>
	17	#include <openssl/core_names.h>
	18	#include <openssl/err.h>
	19	#include <openssl/evp.h>
	20	#include <openssl/cmac.h>
	21	#include <openssl/params.h>
	22
	23	/*
	24	* Hard coding the key into an application is very bad.
	25	* It is done here solely for educational purposes.
	26	*/
	27	static unsigned char key[] = {
	28	0x6c, 0xde, 0x14, 0xf5, 0xd5, 0x2a, 0x4a, 0xdf,
	29	0x12, 0x39, 0x1e, 0xbf, 0x36, 0xf9, 0x6a, 0x46,
	30	0x48, 0xd0, 0xb6, 0x51, 0x89, 0xfc, 0x24, 0x85,
	31	0xa8, 0x8d, 0xdf, 0x7e, 0x80, 0x14, 0xc8, 0xce,
	32	};
	33
	34	static const unsigned char data[] =
	35	"To be, or not to be, that is the question,\n"
	36	"Whether tis nobler in the minde to suffer\n"
	37	"The ſlings and arrowes of outragious fortune,\n"
	38	"Or to take Armes again in a sea of troubles,\n"
	39	"And by opposing, end them, to die to sleep;\n"
	40	"No more, and by a sleep, to say we end\n"
	41	"The heart-ache, and the thousand natural shocks\n"
	42	"That flesh is heir to? tis a consumation\n"
	43	"Devoutly to be wished. To die to sleep,\n"
	44	"To sleepe, perchance to dreame, Aye, there's the rub,\n"
	45	"For in that sleep of death what dreams may come\n"
	46	"When we haue shuffled off this mortal coil\n"
	47	"Must give us pause. There's the respect\n"
	48	"That makes calamity of so long life:\n"
	49	"For who would bear the Ships and Scorns of time,\n"
	50	"The oppressor's wrong, the proud man's Contumely,\n"
	51	"The pangs of dispised love, the Law's delay,\n"
	52	;
	53
	54	/* The known value of the CMAC/AES256 MAC of the above soliloqy */
	55	static const unsigned char expected_output[] = {
	56	0x67, 0x92, 0x32, 0x23, 0x50, 0x3d, 0xc5, 0xba,
	57	0x78, 0xd4, 0x6d, 0x63, 0xf2, 0x2b, 0xe9, 0x56,
	58	};
	59
	60	/*
	61	* A property query used for selecting the MAC implementation.
	62	*/
	63	static const char *propq = NULL;
	64
	65	int main(void)
	66	{
	67	int rv = EXIT_FAILURE;
	68	OSSL_LIB_CTX *library_context = NULL;
	69	EVP_MAC *mac = NULL;
	70	EVP_MAC_CTX *mctx = NULL;
	71	unsigned char *out = NULL;
	72	size_t out_len = 0;
	73	OSSL_PARAM params[4], *p = params;
	74	char cipher_name[] = "aes256";
	75
	76	library_context = OSSL_LIB_CTX_new();
	77	if (library_context == NULL) {
	78	fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
	79	goto end;
	80	}
	81
	82	/* Fetch the CMAC implementation */
	83	mac = EVP_MAC_fetch(library_context, "CMAC", propq);
	84	if (mac == NULL) {
	85	fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
	86	goto end;
	87	}
	88
	89	/* Create a context for the CMAC operation */
	90	mctx = EVP_MAC_CTX_new(mac);
	91	if (mctx == NULL) {
	92	fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
	93	goto end;
	94	}
	95
	96	/* The underlying cipher to be used */
	97	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, cipher_name,
	98	sizeof(cipher_name));
	99	*p = OSSL_PARAM_construct_end();
	100
	101	/* Initialise the CMAC operation */
	102	if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
	103	fprintf(stderr, "EVP_MAC_init() failed\n");
	104	goto end;
	105	}
	106
	107	/* Make one or more calls to process the data to be authenticated */
	108	if (!EVP_MAC_update(mctx, data, sizeof(data))) {
	109	fprintf(stderr, "EVP_MAC_update() failed\n");
	110	goto end;
	111	}
	112
	113	/* Make a call to the final with a NULL buffer to get the length of the MAC */
	114	if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) {
	115	fprintf(stderr, "EVP_MAC_final() failed\n");
	116	goto end;
	117	}
	118	out = OPENSSL_malloc(out_len);
	119	if (out == NULL) {
	120	fprintf(stderr, "malloc failed\n");
	121	goto end;
	122	}
	123	/* Make one call to the final to get the MAC */
	124	if (!EVP_MAC_final(mctx, out, &out_len, out_len)) {
	125	fprintf(stderr, "EVP_MAC_final() failed\n");
	126	goto end;
	127	}
	128
	129	printf("Generated MAC:\n");
	130	BIO_dump_indent_fp(stdout, out, out_len, 2);
	131	putchar('\n');
	132
	133	if (out_len != sizeof(expected_output)) {
	134	fprintf(stderr, "Generated MAC has an unexpected length\n");
	135	goto end;
	136	}
	137
	138	if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
	139	fprintf(stderr, "Generated MAC does not match expected value\n");
	140	goto end;
	141	}
	142
	143	rv = EXIT_SUCCESS;
	144	end:
	145	if (rv != EXIT_SUCCESS)
	146	ERR_print_errors_fp(stderr);
	147	/* OpenSSL free functions will ignore NULL arguments */
	148	OPENSSL_free(out);
	149	EVP_MAC_CTX_free(mctx);
	150	EVP_MAC_free(mac);
	151	OSSL_LIB_CTX_free(library_context);
	152	return rv;
	153	}

+166

-0

demos/mac/hmac-sha512.c less more

	0	/*-
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	/*
	10	* Example of using EVP_MAC_ methods to calculate
	11	* a HMAC of static buffers
	12	*/
	13
	14	#include <string.h>
	15	#include <stdio.h>
	16	#include <openssl/crypto.h>
	17	#include <openssl/core_names.h>
	18	#include <openssl/err.h>
	19	#include <openssl/evp.h>
	20	#include <openssl/hmac.h>
	21	#include <openssl/params.h>
	22
	23	/*
	24	* Hard coding the key into an application is very bad.
	25	* It is done here solely for educational purposes.
	26	*/
	27	static unsigned char key[] = {
	28	0x25, 0xfd, 0x12, 0x99, 0xdf, 0xad, 0x1a, 0x03,
	29	0x0a, 0x81, 0x3c, 0x2d, 0xcc, 0x05, 0xd1, 0x5c,
	30	0x17, 0x7a, 0x36, 0x73, 0x17, 0xef, 0x41, 0x75,
	31	0x71, 0x18, 0xe0, 0x1a, 0xda, 0x99, 0xc3, 0x61,
	32	0x38, 0xb5, 0xb1, 0xe0, 0x82, 0x2c, 0x70, 0xa4,
	33	0xc0, 0x8e, 0x5e, 0xf9, 0x93, 0x9f, 0xcf, 0xf7,
	34	0x32, 0x4d, 0x0c, 0xbd, 0x31, 0x12, 0x0f, 0x9a,
	35	0x15, 0xee, 0x82, 0xdb, 0x8d, 0x29, 0x54, 0x14,
	36	};
	37
	38	static const unsigned char data[] =
	39	"To be, or not to be, that is the question,\n"
	40	"Whether tis nobler in the minde to suffer\n"
	41	"The ſlings and arrowes of outragious fortune,\n"
	42	"Or to take Armes again in a sea of troubles,\n"
	43	"And by opposing, end them, to die to sleep;\n"
	44	"No more, and by a sleep, to say we end\n"
	45	"The heart-ache, and the thousand natural shocks\n"
	46	"That flesh is heir to? tis a consumation\n"
	47	"Devoutly to be wished. To die to sleep,\n"
	48	"To sleepe, perchance to dreame, Aye, there's the rub,\n"
	49	"For in that sleep of death what dreams may come\n"
	50	"When we haue shuffled off this mortal coil\n"
	51	"Must give us pause. There's the respect\n"
	52	"That makes calamity of so long life:\n"
	53	"For who would bear the Ships and Scorns of time,\n"
	54	"The oppressor's wrong, the proud man's Contumely,\n"
	55	"The pangs of dispised love, the Law's delay,\n"
	56	;
	57
	58	/* The known value of the HMAC/SHA3-512 MAC of the above soliloqy */
	59	static const unsigned char expected_output[] = {
	60	0x3b, 0x77, 0x5f, 0xf1, 0x4f, 0x9e, 0xb9, 0x23,
	61	0x8f, 0xdc, 0xa0, 0x68, 0x15, 0x7b, 0x8a, 0xf1,
	62	0x96, 0x23, 0xaa, 0x3c, 0x1f, 0xe9, 0xdc, 0x89,
	63	0x11, 0x7d, 0x58, 0x07, 0xe7, 0x96, 0x17, 0xe3,
	64	0x44, 0x8b, 0x03, 0x37, 0x91, 0xc0, 0x6e, 0x06,
	65	0x7c, 0x54, 0xe4, 0xa4, 0xcc, 0xd5, 0x16, 0xbb,
	66	0x5e, 0x4d, 0x64, 0x7d, 0x88, 0x23, 0xc9, 0xb7,
	67	0x25, 0xda, 0xbe, 0x4b, 0xe4, 0xd5, 0x34, 0x30,
	68	};
	69
	70	/*
	71	* A property query used for selecting the MAC implementation.
	72	*/
	73	static const char *propq = NULL;
	74
	75	int main(void)
	76	{
	77	int rv = EXIT_FAILURE;
	78	OSSL_LIB_CTX *library_context = NULL;
	79	EVP_MAC *mac = NULL;
	80	EVP_MAC_CTX *mctx = NULL;
	81	EVP_MD_CTX *digest_context = NULL;
	82	unsigned char *out = NULL;
	83	size_t out_len = 0;
	84	OSSL_PARAM params[4], *p = params;
	85	char digest_name[] = "SHA3-512";
	86
	87	library_context = OSSL_LIB_CTX_new();
	88	if (library_context == NULL) {
	89	fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
	90	goto end;
	91	}
	92
	93	/* Fetch the HMAC implementation */
	94	mac = EVP_MAC_fetch(library_context, "HMAC", propq);
	95	if (mac == NULL) {
	96	fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
	97	goto end;
	98	}
	99
	100	/* Create a context for the HMAC operation */
	101	mctx = EVP_MAC_CTX_new(mac);
	102	if (mctx == NULL) {
	103	fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
	104	goto end;
	105	}
	106
	107	/* The underlying digest to be used */
	108	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, digest_name,
	109	sizeof(digest_name));
	110	*p = OSSL_PARAM_construct_end();
	111
	112	/* Initialise the HMAC operation */
	113	if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
	114	fprintf(stderr, "EVP_MAC_init() failed\n");
	115	goto end;
	116	}
	117
	118	/* Make one or more calls to process the data to be authenticated */
	119	if (!EVP_MAC_update(mctx, data, sizeof(data))) {
	120	fprintf(stderr, "EVP_MAC_update() failed\n");
	121	goto end;
	122	}
	123
	124	/* Make a call to the final with a NULL buffer to get the length of the MAC */
	125	if (!EVP_MAC_final(mctx, NULL, &out_len, 0)) {
	126	fprintf(stderr, "EVP_MAC_final() failed\n");
	127	goto end;
	128	}
	129	out = OPENSSL_malloc(out_len);
	130	if (out == NULL) {
	131	fprintf(stderr, "malloc failed\n");
	132	goto end;
	133	}
	134	/* Make one call to the final to get the MAC */
	135	if (!EVP_MAC_final(mctx, out, &out_len, out_len)) {
	136	fprintf(stderr, "EVP_MAC_final() failed\n");
	137	goto end;
	138	}
	139
	140	printf("Generated MAC:\n");
	141	BIO_dump_indent_fp(stdout, out, out_len, 2);
	142	putchar('\n');
	143
	144	if (out_len != sizeof(expected_output)) {
	145	fprintf(stderr, "Generated MAC has an unexpected length\n");
	146	goto end;
	147	}
	148
	149	if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
	150	fprintf(stderr, "Generated MAC does not match expected value\n");
	151	goto end;
	152	}
	153
	154	rv = EXIT_SUCCESS;
	155	end:
	156	if (rv != EXIT_SUCCESS)
	157	ERR_print_errors_fp(stderr);
	158	/* OpenSSL free functions will ignore NULL arguments */
	159	OPENSSL_free(out);
	160	EVP_MD_CTX_free(digest_context);
	161	EVP_MAC_CTX_free(mctx);
	162	EVP_MAC_free(mac);
	163	OSSL_LIB_CTX_free(library_context);
	164	return rv;
	165	}

+6

-0

doc/build.info less more

1494	1494	GENERATE[html/man3/OPENSSL_fork_prepare.html]=man3/OPENSSL_fork_prepare.pod
1495	1495	DEPEND[man/man3/OPENSSL_fork_prepare.3]=man3/OPENSSL_fork_prepare.pod
1496	1496	GENERATE[man/man3/OPENSSL_fork_prepare.3]=man3/OPENSSL_fork_prepare.pod
	1497	DEPEND[html/man3/OPENSSL_gmtime.html]=man3/OPENSSL_gmtime.pod
	1498	GENERATE[html/man3/OPENSSL_gmtime.html]=man3/OPENSSL_gmtime.pod
	1499	DEPEND[man/man3/OPENSSL_gmtime.3]=man3/OPENSSL_gmtime.pod
	1500	GENERATE[man/man3/OPENSSL_gmtime.3]=man3/OPENSSL_gmtime.pod
1497	1501	DEPEND[html/man3/OPENSSL_hexchar2int.html]=man3/OPENSSL_hexchar2int.pod
1498	1502	GENERATE[html/man3/OPENSSL_hexchar2int.html]=man3/OPENSSL_hexchar2int.pod
1499	1503	DEPEND[man/man3/OPENSSL_hexchar2int.3]=man3/OPENSSL_hexchar2int.pod

3104	3108	html/man3/OPENSSL_LH_stats.html \
3105	3109	html/man3/OPENSSL_config.html \
3106	3110	html/man3/OPENSSL_fork_prepare.html \
	3111	html/man3/OPENSSL_gmtime.html \
3107	3112	html/man3/OPENSSL_hexchar2int.html \
3108	3113	html/man3/OPENSSL_ia32cap.html \
3109	3114	html/man3/OPENSSL_init_crypto.html \

3699	3704	man/man3/OPENSSL_LH_stats.3 \
3700	3705	man/man3/OPENSSL_config.3 \
3701	3706	man/man3/OPENSSL_fork_prepare.3 \
	3707	man/man3/OPENSSL_gmtime.3 \
3702	3708	man/man3/OPENSSL_hexchar2int.3 \
3703	3709	man/man3/OPENSSL_ia32cap.3 \
3704	3710	man/man3/OPENSSL_init_crypto.3 \

+3

-1

doc/man1/openssl-cmds.pod.in less more

7	7	asn1parse,
8	8	ca,
9	9	ciphers,
	10	cmp,
10	11	cms,
11	12	crl,
12	13	crl2pkcs7,

87	88	L<openssl-asn1parse(1)>,
88	89	L<openssl-ca(1)>,
89	90	L<openssl-ciphers(1)>,
	91	L<openssl-cmp(1)>,
90	92	L<openssl-cms(1)>,
91	93	L<openssl-crl(1)>,
92	94	L<openssl-crl2pkcs7(1)>,

149	151
150	152	=head1 COPYRIGHT
151	153
152		Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
	154	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
153	155
154	156	Licensed under the Apache License 2.0 (the "License"). You may not use
155	157	this file except in compliance with the License. You can obtain a copy

+7

-6

doc/man1/openssl-cmp.pod.in less more

265	265
266	266	X509 Distinguished Name (DN) of subject to use in the requested certificate
267	267	template.
268		For KUR, it defaults to the public key
269		in the PKCS#10 CSR given with the B<-csr> option, if provided,
270		or of the reference certificate (see B<-oldcert>) if provided.
271		This default is used for IR and CR only if no SANs are set.
272	268	If the NULL-DN (C<"/">) is given then no subject is placed in the template.
	269	Default is the subject DN of any PKCS#10 CSR given with the B<-csr> option.
	270	For KUR, a further fallback is the subject DN
	271	of the reference certificate (see B<-oldcert>) if provided.
	272	This fallback is used for IR and CR only if no SANs are set.
273	273
274	274	If provided and neither B<-cert> nor B<-oldcert> is given,
275	275	the subject DN is used as fallback sender of outgoing CMP messages.

353	353
354	354	PKCS#10 CSR in PEM or DER format containing a certificate request.
355	355	With B<-cmd> I<p10cr> it is used directly in a legacy P10CR message.
356		When used with B<-cmd> I<ir>, I<cr>, or I<kur>, it is transformed into the
357		respective regular CMP request.
	356	When used with B<-cmd> I<ir>, I<cr>, or I<kur>,
	357	it is transformed into the respective regular CMP request,
	358	while its public key is ignored if I<-newkey> is given.
358	359	It may also be used with B<-cmd> I<rr> to specify the certificate to be revoked
359	360	via the included subject name and public key.
360	361

+14

-1

doc/man1/openssl-dgst.pod.in less more

85	85
86	86	=item B<-xoflen> I<length>
87	87
88		Set the output length for XOF algorithms, such as B<shake128>.
	88	Set the output length for XOF algorithms, such as B<shake128> and B<shake256>.
	89	This option is not supported for signing operations.
	90
	91	For OpenSSL providers it is recommended to set this value for shake algorithms,
	92	since the default values are set to only supply half of the maximum security
	93	strength.
	94
	95	For backwards compatibility reasons the default xoflen length for B<shake128> is
	96	16 (bytes) which results in a security strength of only 64 bits. To ensure the
	97	maximum security strength of 128 bits, the xoflen should be set to at least 32.
	98
	99	For backwards compatibility reasons the default xoflen length for B<shake256> is
	100	32 (bytes) which results in a security strength of only 128 bits. To ensure the
	101	maximum security strength of 256 bits, the xoflen should be set to at least 64.
89	102
90	103	=item B<-r>
91	104

+3

-3

doc/man1/openssl-ec.pod.in less more

117	117	=item B<-conv_form> I<arg>
118	118
119	119	This specifies how the points on the elliptic curve are converted
120		into octet strings. Possible values are: B<compressed> (the default
121		value), B<uncompressed> and B<hybrid>. For more information regarding
	120	into octet strings. Possible values are: B<compressed>, B<uncompressed> (the
	121	default value) and B<hybrid>. For more information regarding
122	122	the point conversion forms please read the X9.62 standard.
123	123	B<Note> Due to patent issues the B<compressed> option is disabled
124	124	by default for binary curves and can be enabled by defining

197	197
198	198	=head1 COPYRIGHT
199	199
200		Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
	200	Copyright 2003-2022 The OpenSSL Project Authors. All Rights Reserved.
201	201
202	202	Licensed under the Apache License 2.0 (the "License"). You may not use
203	203	this file except in compliance with the License. You can obtain a copy

+5

-5

doc/man1/openssl-list.pod.in less more

93	93	Display a list of cipher commands, which are typically used as input
94	94	to the L<openssl-enc(1)> or L<openssl-speed(1)> commands.
95	95
96		=item B<-digest-algorithms>, B<-kdf-algorithms>, B<-mac-algorithms>,
97		B<-cipher-algorithms>
98
99		Display a list of cipher, digest, kdf and mac algorithms.
	96	=item B<-cipher-algorithms>, B<-digest-algorithms>, B<-kdf-algorithms>,
	97	B<-mac-algorithms>,
	98
	99	Display a list of symmetric cipher, digest, kdf and mac algorithms.
100	100	See L</Display of algorithm names> for a description of how names are
101	101	displayed.
102	102

236	236
237	237	=head1 COPYRIGHT
238	238
239		Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	239	Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
240	240
241	241	Licensed under the Apache License 2.0 (the "License"). You may not use
242	242	this file except in compliance with the License. You can obtain a copy

+2

-3

doc/man1/openssl-mac.pod.in less more

34	34
35	35	Input filename to calculate a MAC for, or standard input by default.
36	36	Standard input is used if the filename is '-'.
37		Files are expected to be in binary format, standard input uses hexadecimal text
38		format.
	37	Files and standard input are expected to be in binary format.
39	38
40	39	=item B<-out> I<filename>
41	40

165	164
166	165	=head1 COPYRIGHT
167	166
168		Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	167	Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
169	168
170	169	Licensed under the Apache License 2.0 (the "License"). You may not use
171	170	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man1/openssl-pkcs12.pod.in less more

340	340
341	341	=item B<-macalg> I<digest>
342	342
343		Specify the MAC digest algorithm. If not included SHA1 will be used.
	343	Specify the MAC digest algorithm. If not included SHA256 will be used.
344	344
345	345	=item B<-iter> I<count>
346	346

459	459
460	460	=head1 COPYRIGHT
461	461
462		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	462	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
463	463
464	464	Licensed under the Apache License 2.0 (the "License"). You may not use
465	465	this file except in compliance with the License. You can obtain a copy

+14

-10

doc/man1/openssl-x509.pod.in less more

495	495
496	496	Sets the CA serial number file to use.
497	497
498		When the B<-CA> option is used to sign a certificate it uses a serial
499		number specified in a file. This file consists of one line containing
500		an even number of hex digits with the serial number to use. After each
501		use the serial number is incremented and written out to the file again.
	498	When creating a certificate with this option and with the B<-CA> option,
	499	the certificate serial number is stored in the given file.
	500	This file consists of one line containing
	501	an even number of hex digits with the serial number used last time.
	502	After reading this number, it is incremented and used, and the file is updated.
502	503
503	504	The default filename consists of the CA certificate file base name with
504	505	F<.srl> appended. For example if the CA certificate file is called
505	506	F<mycacert.pem> it expects to find a serial number file called
506	507	F<mycacert.srl>.
507	508
	509	If the B<-CA> option is specified and neither <-CAserial> or <-CAcreateserial>
	510	is given and the default serial number file does not exist,
	511	a random number is generated; this is the recommended practice.
	512
508	513	=item B<-CAcreateserial>
509	514
510		With this option the CA serial number file is created if it does not exist:
511		it will contain the serial number "02" and the certificate being signed will
512		have the 1 as its serial number. If the B<-CA> option is specified
513		and the serial number file does not exist a random number is generated;
514		this is the recommended practice.
	515	With this option and the B<-CA> option
	516	the CA serial number file is created if it does not exist.
	517	A random number is generated, used for the certificate,
	518	and saved into the serial number file determined as described above.
515	519
516	520	=back
517	521

779	783
780	784	=head1 COPYRIGHT
781	785
782		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	786	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
783	787
784	788	Licensed under the Apache License 2.0 (the "License"). You may not use
785	789	this file except in compliance with the License. You can obtain a copy

+36

-34

doc/man1/openssl.pod less more

9	9	I<command>
10	10	[ I<options> ... ]
11	11	[ I<parameters> ... ]
12
13		B<openssl>
14		B<list>
15		B<standard-commands> \|
16		B<digest-commands> \|
17		B<cipher-commands> \|
18		B<cipher-algorithms> \|
19		B<digest-algorithms> \|
20		B<mac-algorithms> \|
21		B<public-key-algorithms>
22	12
23	13	B<openssl> B<no->I<XXX> [ I<options> ]
24	14

49	39	I<options> and I<parameters>.
50	40
51	41	Detailed documentation and use cases for most standard subcommands are available
52		(e.g., L<openssl-x509(1)>).
53
54		The list options B<-standard-commands>, B<-digest-commands>,
55		and B<-cipher-commands> output a list (one entry per line) of the names
56		of all standard commands, message digest commands, or cipher commands,
57		respectively, that are available.
58
59		The list parameters B<-cipher-algorithms>, B<-digest-algorithms>,
60		and B<-mac-algorithms> list all cipher, message digest, and message
61		authentication code names, one entry per line. Aliases are listed as:
62
63		from => to
64
65		The list parameter B<-public-key-algorithms> lists all supported public
66		key algorithms.
	42	(e.g., L<openssl-x509(1)>). The subcommand L<openssl-list(1)> may be used to list
	43	subcommands.
67	44
68	45	The command B<no->I<XXX> tests whether a command of the
69	46	specified name is available. If no command named I<XXX> exists, it

703	680
704	681	=item B<TRACE>
705	682
706		The tracing functionality.
	683	Traces the OpenSSL trace API itself.
	684
	685	=item B<INIT>
	686
	687	Traces OpenSSL library initialization and cleanup.
707	688
708	689	=item B<TLS>
709	690
710		General SSL/TLS.
	691	Traces the TLS/SSL protocol.
711	692
712	693	=item B<TLS_CIPHER>
713	694
714		SSL/TLS cipher.
	695	Traces the ciphers used by the TLS/SSL protocol.
715	696
716	697	=item B<CONF>
717	698

730	711
731	712	=item B<PKCS5V2>
732	713
733		PKCS#5 v2 keygen.
	714	Traces PKCS#5 v2 key generation.
734	715
735	716	=item B<PKCS12_KEYGEN>
736	717
737		PKCS#12 key generation.
	718	Traces PKCS#12 key generation.
738	719
739	720	=item B<PKCS12_DECRYPT>
740	721
741		PKCS#12 decryption.
	722	Traces PKCS#12 decryption.
742	723
743	724	=item B<X509V3_POLICY>
744	725
745		Generates the complete policy tree at various point during X.509 v3
	726	Generates the complete policy tree at various points during X.509 v3
746	727	policy evaluation.
747	728
748	729	=item B<BN_CTX>
749	730
750		BIGNUM context.
	731	Traces BIGNUM context operations.
	732
	733	=item B<CMP>
	734
	735	Traces CMP client and server activity.
	736
	737	=item B<STORE>
	738
	739	Traces STORE operations.
	740
	741	=item B<DECODER>
	742
	743	Traces decoder operations.
	744
	745	=item B<ENCODER>
	746
	747	Traces encoder operations.
	748
	749	=item B<REF_COUNT>
	750
	751	Traces decrementing certain ASN.1 structure references.
751	752
752	753	=back
753	754

774	775	L<openssl-genpkey(1)>,
775	776	L<openssl-genrsa(1)>,
776	777	L<openssl-kdf(1)>,
	778	L<openssl-list(1)>,
777	779	L<openssl-mac(1)>,
778	780	L<openssl-nseq(1)>,
779	781	L<openssl-ocsp(1)>,

828	830
829	831	=head1 COPYRIGHT
830	832
831		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	833	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
832	834
833	835	Licensed under the Apache License 2.0 (the "License"). You may not use
834	836	this file except in compliance with the License. You can obtain a copy

+6

-1

doc/man3/BIO_ctrl.pod less more

99	99	returns other negative values if an error occurs.
100	100
101	101	BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
102		return the amount of pending data.
	102	return the amount of pending data. BIO_pending() and BIO_wpending() return
	103	negative value or 0 on error. BIO_ctrl_pending() and BIO_ctrl_wpending() return
	104	0 on error.
103	105
104	106	BIO_get_ktls_send() returns 1 if the BIO is using the Kernel TLS data-path for
105	107	sending. Otherwise, it returns zero.

138	140	supported, if an error occurred, if EOF has not been reached and in
139	141	the case of BIO_seek() on a file BIO for a successful operation.
140	142
	143	In older versions of OpenSSL the BIO_ctrl_pending() and
	144	BIO_ctrl_wpending() could return values greater than INT_MAX on error.
	145
141	146	=head1 HISTORY
142	147
143	148	The BIO_get_ktls_send() and BIO_get_ktls_recv() macros were added in

+9

-2

doc/man3/BIO_f_ssl.pod less more

242	242	BIO_set_accept_bios(acpt, sbio);
243	243	out = BIO_new_fp(stdout, BIO_NOCLOSE);
244	244
245		/* Setup accept BIO */
	245	/* First call to BIO_do_accept() sets up accept BIO */
246	246	if (BIO_do_accept(acpt) <= 0) {
247	247	fprintf(stderr, "Error setting up accept BIO\n");
248	248	ERR_print_errors_fp(stderr);
249	249	exit(1);
	250	}
	251
	252	/* Second call to BIO_do_accept() waits for incoming connection */
	253	if (BIO_do_accept(acpt) <= 0) {
	254	fprintf(stderr, "Error accepting connection\n");
	255	ERR_print_errors_fp(stderr);
	256	exit(1);
250	257	}
251	258
252	259	/* We only want one connection so remove and free accept BIO */

290	297
291	298	=head1 COPYRIGHT
292	299
293		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	300	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
294	301
295	302	Licensed under the Apache License 2.0 (the "License"). You may not use
296	303	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man3/BIO_s_accept.pod less more

188	188
189	189	BIO abio, cbio, *cbio2;
190	190
191		/* First call to BIO_accept() sets up accept BIO */
	191	/* First call to BIO_do_accept() sets up accept BIO */
192	192	abio = BIO_new_accept("4444");
193	193	if (BIO_do_accept(abio) <= 0) {
194	194	fprintf(stderr, "Error setting up accept\n");

231	231
232	232	=head1 COPYRIGHT
233	233
234		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	234	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
235	235
236	236	Licensed under the Apache License 2.0 (the "License"). You may not use
237	237	this file except in compliance with the License. You can obtain a copy

+20

-12

doc/man3/CMS_add0_cert.pod less more

18	18
19	19	=head1 DESCRIPTION
20	20
21		CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
22		must be of type signed data or enveloped data.
	21	CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms>.
	22	I<cms> must be of type signed data or (authenticated) enveloped data.
	23	For signed data, such a certificate can be used when signing or verifying
	24	to fill in the signer certificate or to provide an extra CA certificate
	25	that may be needed for chain building in certificate validation.
23	26
24		CMS_get1_certs() returns all certificates in B<cms>.
	27	CMS_get1_certs() returns all certificates in I<cms>.
25	28
26		CMS_add0_crl() and CMS_add1_crl() add CRL B<crl> to B<cms>. CMS_get1_crls()
27		returns any CRLs in B<cms>.
	29	CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>.
	30	I<cms> must be of type signed data or (authenticated) enveloped data.
	31	For signed data, such a CRL may be used in certificate validation.
	32	It may be given both for inclusion when signing a CMS message
	33	and when verifying a signed CMS message.
	34
	35	CMS_get1_crls() returns all CRLs in I<cms>.
28	36
29	37	=head1 NOTES
30	38
31		The CMS_ContentInfo structure B<cms> must be of type signed data or enveloped
	39	The CMS_ContentInfo structure I<cms> must be of type signed data or enveloped
32	40	data or an error will be returned.
33	41
34		For signed data certificates and CRLs are added to the B<certificates> and
35		B<crls> fields of SignedData structure. For enveloped data they are added to
	42	For signed data certificates and CRLs are added to the I<certificates> and
	43	I<crls> fields of SignedData structure. For enveloped data they are added to
36	44	B<OriginatorInfo>.
37	45
38		As the B<0> implies CMS_add0_cert() adds B<cert> internally to B<cms> and it
39		must not be freed up after the call as opposed to CMS_add1_cert() where B<cert>
	46	As the I<0> implies CMS_add0_cert() adds I<cert> internally to I<cms> and it
	47	must not be freed up after the call as opposed to CMS_add1_cert() where I<cert>
40	48	must be freed up.
41	49
42	50	The same certificate or CRL must not be added to the same cms structure more

49	57
50	58	CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
51	59	or NULL if there are none or an error occurs. The only error which will occur
52		in practice is if the B<cms> type is invalid.
	60	in practice is if the I<cms> type is invalid.
53	61
54	62	=head1 SEE ALSO
55	63

59	67
60	68	=head1 COPYRIGHT
61	69
62		Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
	70	Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
63	71
64	72	Licensed under the Apache License 2.0 (the "License"). You may not use
65	73	this file except in compliance with the License. You can obtain a copy

+44

-36

doc/man3/CMS_verify.pod less more

14	14
15	15	=head1 DESCRIPTION
16	16
17		CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
18		structure to verify. B<certs> is a set of certificates in which to search for
19		the signing certificate(s). B<store> is a trusted certificate store used for
20		chain verification. B<indata> is the detached content if the content is not
21		present in B<cms>. The content is written to B<out> if it is not NULL.
	17	CMS_verify() is very similar to L<PKCS7_verify(3)>. It verifies a
	18	B<CMS SignedData> structure contained in a structure of type B<CMS_ContentInfo>.
	19	I<cms> points to the B<CMS_ContentInfo> structure to verify.
	20	The optional I<certs> parameter refers to a set of certificates
	21	in which to search for signing certificates.
	22	I<cms> may contain extra untrusted CA certificates that may be used for
	23	chain building as well as CRLs that may be used for certificate validation.
	24	I<store> may be NULL or point to
	25	the trusted certificate store to use for chain verification.
	26	I<indata> refers to the signed data if the content is detached from I<cms>.
	27	Otherwise I<indata> should be NULL and the signed data must be in I<cms>.
	28	The content is written to the BIO I<out> unless it is NULL.
	29	I<flags> is an optional set of flags, which can be used to modify the operation.
22	30
23		B<flags> is an optional set of flags, which can be used to modify the verify
24		operation.
25
26		CMS_get0_signers() retrieves the signing certificate(s) from B<cms>, it may only
	31	CMS_get0_signers() retrieves the signing certificate(s) from I<cms>, it may only
27	32	be called after a successful CMS_verify() operation.
28	33
29	34	=head1 VERIFY PROCESS
30	35
31	36	Normally the verify process proceeds as follows.
32	37
33		Initially some sanity checks are performed on B<cms>. The type of B<cms> must
	38	Initially some sanity checks are performed on I<cms>. The type of I<cms> must
34	39	be SignedData. There must be at least one signature on the data and if
35		the content is detached B<indata> cannot be B<NULL>.
	40	the content is detached I<indata> cannot be NULL.
36	41
37	42	An attempt is made to locate all the signing certificate(s), first looking in
38		the B<certs> parameter (if it is not NULL) and then looking in any
39		certificates contained in the B<cms> structure itself. If any signing
40		certificate cannot be located the operation fails.
	43	the I<certs> parameter (if it is not NULL) and then looking in any
	44	certificates contained in the I<cms> structure unless B<CMS_NOINTERN> is set.
	45	If any signing certificate cannot be located the operation fails.
41	46
42		Each signing certificate is chain verified using the B<smimesign> purpose and
43		the supplied trusted certificate store. Any internal certificates in the message
44		are used as untrusted CAs. If CRL checking is enabled in B<store> any internal
45		CRLs are used in addition to attempting to look them up in B<store>. If any
46		chain verify fails an error code is returned.
	47	Each signing certificate is chain verified using the I<smimesign> purpose and
	48	using the trusted certificate store I<store> if supplied.
	49	Any internal certificates in the message, which may have been added using
	50	L<CMS_add1_cert(3)>, are used as untrusted CAs.
	51	If CRL checking is enabled in I<store> and B<CMS_NOCRL> is not set,
	52	any internal CRLs, which may have been added using L<CMS_add1_crl(3)>,
	53	are used in addition to attempting to look them up in I<store>.
	54	If I<store> is not NULL and any chain verify fails an error code is returned.
47	55
48		Finally the signed content is read (and written to B<out> if it is not NULL)
49		and the signature's checked.
	56	Finally the signed content is read (and written to I<out> unless it is NULL)
	57	and the signature is checked.
50	58
51		If all signature's verify correctly then the function is successful.
	59	If all signatures verify correctly then the function is successful.
52	60
53		Any of the following flags (ored together) can be passed in the B<flags>
	61	Any of the following flags (ored together) can be passed in the I<flags>
54	62	parameter to change the default verify behaviour.
55	63
56	64	If B<CMS_NOINTERN> is set the certificates in the message itself are not
57		searched when locating the signing certificate(s). This means that all the
58		signing certificates must be in the B<certs> parameter.
	65	searched when locating the signing certificate(s).
	66	This means that all the signing certificates must be in the I<certs> parameter.
59	67
60		If B<CMS_NOCRL> is set and CRL checking is enabled in B<store> then any
	68	If B<CMS_NOCRL> is set and CRL checking is enabled in I<store> then any
61	69	CRLs in the message itself are ignored.
62	70
63	71	If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted

65	73	returned.
66	74
67	75	If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
68		verified, unless CMS_CADES flag is also set.
	76	chain verified, unless B<CMS_CADES> flag is also set.
69	77
70	78	If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not
71	79	verified, unless CMS_CADES flag is also set.

80	88
81	89	One application of B<CMS_NOINTERN> is to only accept messages signed by
82	90	a small number of certificates. The acceptable certificates would be passed
83		in the B<certs> parameter. In this case if the signer is not one of the
84		certificates supplied in B<certs> then the verify will fail because the
	91	in the I<certs> parameter. In this case if the signer certificate is not one
	92	of the certificates supplied in I<certs> then the verify will fail because the
85	93	signer cannot be found.
86	94
87	95	In some cases the standard techniques for looking up and validating
88	96	certificates are not appropriate: for example an application may wish to
89	97	lookup certificates in a database or perform customised verification. This
90		can be achieved by setting and verifying the signers certificates manually
	98	can be achieved by setting and verifying the signer certificates manually
91	99	using the signed data utility functions.
92	100
93	101	Care should be taken when modifying the default verify behaviour, for example
94	102	setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification
95	103	and any modified content will be considered valid. This combination is however
96		useful if one merely wishes to write the content to B<out> and its validity
	104	useful if one merely wishes to write the content to I<out> and its validity
97	105	is not considered important.
98	106
99	107	Chain verification should arguably be performed using the signing time rather

103	111
104	112	=head1 RETURN VALUES
105	113
106		CMS_verify() returns 1 for a successful verification and zero if an error
107		occurred.
	114	CMS_verify() returns 1 for a successful verification and 0 if an error occurred.
108	115
109	116	CMS_get0_signers() returns all signers or NULL if an error occurred.
110	117

112	119
113	120	=head1 BUGS
114	121
115		The trusted certificate store is not searched for the signing certificate,
116		this is primarily due to the inadequacies of the current B<X509_STORE>
	122	The trusted certificate store is not searched for the signing certificate.
	123	This is primarily due to the inadequacies of the current B<X509_STORE>
117	124	functionality.
118	125
119	126	The lack of single pass processing means that the signed content must all

121	128
122	129	=head1 SEE ALSO
123	130
	131	L<PKCS7_verify(3)>, L<CMS_add1_cert(3)>, L<CMS_add1_crl(3)>,
124	132	L<OSSL_ESS_check_signing_certs(3)>,
125	133	L<ERR_get_error(3)>, L<CMS_sign(3)>
126	134
127	135	=head1 COPYRIGHT
128	136
129		Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
	137	Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
130	138
131	139	Licensed under the Apache License 2.0 (the "License"). You may not use
132	140	this file except in compliance with the License. You can obtain a copy

+8

-1

doc/man3/DEFINE_STACK_OF.pod less more

228	228	STACK_OF(), DEFINE_STACK_OF(), DEFINE_STACK_OF_CONST(), and
229	229	DEFINE_SPECIAL_STACK_OF() are implemented as macros.
230	230
	231	It is not an error to call B<sk_I<TYPE>_num>(), B<sk_I<TYPE>_value>(),
	232	B<sk_I<TYPE>_free>(), B<sk_I<TYPE>_zero>(), B<sk_I<TYPE>_pop_free>(),
	233	B<sk_I<TYPE>_delete>(), B<sk_I<TYPE>_delete_ptr>(), B<sk_I<TYPE>_pop>(),
	234	B<sk_I<TYPE>_shift>(), B<sk_I<TYPE>_find>(), B<sk_I<TYPE>_find_ex>(),
	235	and B<sk_I<TYPE>_find_all>() on a NULL stack, empty stack, or with
	236	an invalid index. An error is not raised in these conditions.
	237
231	238	The underlying utility B<OPENSSL_sk_> API should not be used directly.
232	239	It defines these functions: OPENSSL_sk_deep_copy(),
233	240	OPENSSL_sk_delete(), OPENSSL_sk_delete_ptr(), OPENSSL_sk_dup(),

289	296
290	297	=head1 COPYRIGHT
291	298
292		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	299	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
293	300
294	301	Licensed under the Apache License 2.0 (the "License"). You may not use
295	302	this file except in compliance with the License. You can obtain a copy

+13

-2

doc/man3/DH_new.pod less more

6	6	=head1 SYNOPSIS
7	7
8	8	#include <openssl/dh.h>
	9
	10	The following functions have been deprecated since OpenSSL 3.0, and can be
	11	hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
	12	see L<openssl_user_macros(7)>:
9	13
10	14	DH* DH_new(void);
11	15

31	35
32	36	L<DH_new(3)>, L<ERR_get_error(3)>,
33	37	L<DH_generate_parameters(3)>,
34		L<DH_generate_key(3)>
	38	L<DH_generate_key(3)>,
	39	L<EVP_PKEY-DH(7)>
	40
	41	=head1 HISTORY
	42
	43	All of these functions were deprecated in OpenSSL 3.0.
	44
	45	For replacement see EVP_PKEY-DH(7).
35	46
36	47	=head1 COPYRIGHT
37	48
38		Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
	49	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
39	50
40	51	Licensed under the Apache License 2.0 (the "License"). You may not use
41	52	this file except in compliance with the License. You can obtain a copy

+4

-3

doc/man3/DH_new_by_nid.pod less more

6	6	=head1 SYNOPSIS
7	7
8	8	#include <openssl/dh.h>
9		DH *DH_new_by_nid(int nid);
10	9
11	10	The following functions have been deprecated since OpenSSL 3.0, and can be
12	11	hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
13	12	see L<openssl_user_macros(7)>:
	13
	14	DH *DH_new_by_nid(int nid);
14	15
15	16	int DH_get_nid(const DH *dh);
16	17

36	37
37	38	=head1 HISTORY
38	39
39		The DH_get_nid() function was deprecated in OpenSSL 3.0.
	40	All of these functions were deprecated in OpenSSL 3.0.
40	41
41	42	=head1 COPYRIGHT
42	43
43		Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	44	Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
44	45
45	46	Licensed under the Apache License 2.0 (the "License"). You may not use
46	47	this file except in compliance with the License. You can obtain a copy

+13

-7

doc/man3/EC_KEY_new.pod less more

42	42	const EC_GROUP EC_KEY_get0_group(const EC_KEY key);
43	43	int EC_KEY_set_group(EC_KEY key, const EC_GROUP group);
44	44	const BIGNUM EC_KEY_get0_private_key(const EC_KEY key);
45		int EC_KEY_set_private_key(EC_KEY key, const BIGNUM prv);
	45	int EC_KEY_set_private_key(EC_KEY key, const BIGNUM priv_key);
46	46	const EC_POINT EC_KEY_get0_public_key(const EC_KEY key);
47	47	int EC_KEY_set_public_key(EC_KEY key, const EC_POINT pub);
48	48	point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);

135	135	The functions EC_KEY_get0_group(), EC_KEY_set_group(),
136	136	EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(),
137	137	and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key,
138		and the EC_POINT public key for the I<key> respectively.
	138	and the EC_POINT public key for the B<key> respectively. The function
	139	EC_KEY_set_private_key() accepts NULL as the priv_key argument to securely clear
	140	the private key component from the EC_KEY.
139	141
140	142	The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the
141	143	point_conversion_form for the I<key>. For a description of

196	198
197	199	EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn't set.
198	200
199		EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(),
200		EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(),
201		EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(),
202		EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error.
	201	EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_public_key(),
	202	EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(),
	203	EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and
	204	EC_KEY_oct2priv() return 1 on success or 0 on error.
	205
	206	EC_KEY_set_private_key() returns 1 on success or 0 on error except when the
	207	priv_key argument is NULL, in that case it returns 0, for legacy compatibility,
	208	and should not be treated as an error.
203	209
204	210	EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY.
205	211

228	234
229	235	=head1 COPYRIGHT
230	236
231		Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
	237	Copyright 2013-2022 The OpenSSL Project Authors. All Rights Reserved.
232	238
233	239	Licensed under the Apache License 2.0 (the "License"). You may not use
234	240	this file except in compliance with the License. You can obtain a copy

+14

-2

doc/man3/EVP_PBE_CipherInit.pod less more

2	2	=head1 NAME
3	3
4	4	EVP_PBE_CipherInit, EVP_PBE_CipherInit_ex,
5		EVP_PBE_find, EVP_PBE_find_ex - Password based encryption routines
	5	EVP_PBE_find, EVP_PBE_find_ex,
	6	EVP_PBE_alg_add_type, EVP_PBE_alg_add - Password based encryption routines
6	7
7	8	=head1 SYNOPSIS
8	9

18	19	EVP_PBE_KEYGEN **pkeygen);
19	20	int EVP_PBE_find_ex(int type, int pbe_nid, int pcnid, int pmnid,
20	21	EVP_PBE_KEYGEN pkeygen, EVP_PBE_KEYGEN_EX keygen_ex);
	22
	23	int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
	24	int md_nid, EVP_PBE_KEYGEN *keygen);
	25	int EVP_PBE_alg_add(int nid, const EVP_CIPHER cipher, const EVP_MD md,
	26	EVP_PBE_KEYGEN *keygen);
21	27
22	28	=head1 DESCRIPTION
23	29

65	71	If a NULL is supplied for any of I<pcnid>, I<pmnid>, I<pkeygen> or I<pkeygen_ex>
66	72	then this parameter is not returned.
67	73
	74	=head2 PBE algorithm add
	75
	76	EVP_PBE_alg_add_type() and EVP_PBE_alg_add() add an algorithm to the list
	77	of known algorithms. Their parameters have the same meaning as for
	78	EVP_PBE_find() and EVP_PBE_find_ex() functions.
	79
68	80	=head1 NOTES
69	81
70	82	The arguments I<pbe_obj> and I<param> to EVP_PBE_CipherInit() and EVP_PBE_CipherInit_ex()

88	100
89	101	=head1 COPYRIGHT
90	102
91		Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	103	Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
92	104
93	105	Licensed under the Apache License 2.0 (the "License"). You may not use
94	106	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod less more

98	98
99	99	EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
100	100
101		The total length of the info buffer cannot exceed 1024 bytes in length: this
	101	The total length of the info buffer cannot exceed 2048 bytes in length: this
102	102	should be more than enough for any normal use of HKDF.
103	103
104	104	The output length of an HKDF expand operation is specified via the length

158	158
159	159	=head1 COPYRIGHT
160	160
161		Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	161	Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
162	162
163	163	Licensed under the Apache License 2.0 (the "License"). You may not use
164	164	this file except in compliance with the License. You can obtain a copy

+4

-1

doc/man3/EVP_PKEY_fromdata.pod less more

51	51	the settable parameters that can be used with EVP_PKEY_fromdata().
52	52	I<selection> is described in L</Selections>.
53	53	See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
	54
	55	Parameters in the I<params> array that are not among the settable parameters
	56	for the given I<selection> are ignored.
54	57
55	58	=head2 Selections
56	59

266	269
267	270	=head1 COPYRIGHT
268	271
269		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	272	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
270	273
271	274	Licensed under the Apache License 2.0 (the "License"). You may not use
272	275	this file except in compliance with the License. You can obtain a copy

+1

-2

doc/man3/EVP_PKEY_gettable_params.pod less more

91	91
92	92	#include <openssl/evp.h>
93	93
94		char *curve_name[64];
	94	char curve_name[64];
95	95	unsigned char pub[256];
96	96	BIGNUM *bn_priv = NULL;
97	97

111	111	if (!EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_PRIV_KEY, &bn_priv)) {
112	112	/* Error */
113	113	}
114
115	114
116	115	BN_clear_free(bn_priv);
117	116

+2

-2

doc/man3/OPENSSL_LH_COMPFUNC.pod less more

27	27
28	28	TYPE lh_TYPE_insert(LHASH_OF(TYPE) table, TYPE *data);
29	29	TYPE lh_TYPE_delete(LHASH_OF(TYPE) table, TYPE *data);
30		TYPE lh_retrieve(LHASH_OF(TYPE) table, TYPE *data);
	30	TYPE lh_TYPE_retrieve(LHASH_OF(TYPE) table, TYPE *data);
31	31
32	32	void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func);
33	33	void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func,

269	269
270	270	=head1 COPYRIGHT
271	271
272		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	272	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
273	273
274	274	Licensed under the Apache License 2.0 (the "License"). You may not use
275	275	this file except in compliance with the License. You can obtain a copy

+62

-0

doc/man3/OPENSSL_gmtime.pod less more

	0	=pod
	1
	2	=head1 NAME
	3
	4	OPENSSL_gmtime,
	5	OPENSSL_gmtime_adj,
	6	OPENSSL_gmtime_diff - platform-agnostic OpenSSL time routines
	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/crypto.h>
	11
	12	struct tm OPENSSL_gmtime(const time_t timer, struct tm *result);
	13	int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
	14	int OPENSSL_gmtime_diff(int pday, int psec,
	15	const struct tm from, const struct tm to);
	16
	17	=head1 DESCRIPTION
	18
	19	OPENSSL_gmtime() returns the UTC time specified by I<timer> into the provided
	20	I<result> argument.
	21
	22	OPENSSL_gmtime_adj() adds the offsets in I<offset_day> and I<offset_sec> to I<tm>.
	23
	24	OPENSSL_gmtime_diff() calculates the difference between I<from> and I<to>.
	25
	26	=head1 NOTES
	27
	28	It is an error to call OPENSSL_gmtime() with I<result> equal to NULL. The
	29	contents of the time_t given by I<timer> are stored into the I<result>. Calling
	30	with I<timer> equal to NULL means use the current time.
	31
	32	OPENSSL_gmtime_adj() converts I<tm> into a days and seconds value, adds the
	33	offsets, then converts back into a I<struct tm> specified by I<tm>. Leap seconds
	34	are not considered.
	35
	36	OPENSSL_gmtime_diff() calculates the difference between the two I<struct tm>
	37	structures I<from> and I<to>. The difference in days is placed into I<*pday>,
	38	the remaining seconds are placed to I<psec>. The value in I<psec> will be less
	39	than the number of seconds per day (3600). Leap seconds are not considered.
	40
	41	=head1 RETURN VALUES
	42
	43	OPENSSL_gmtime() returns NULL on error, or I<result> on success.
	44
	45	OPENSSL_gmtime_adj() and OPENSSL_gmtime_diff() return 0 on error, and 1 on success.
	46
	47	=head1 HISTORY
	48
	49	OPENSSL_gmtime(), OPENSSL_gmtime_adj() and OPENSSL_gmtime_diff() have been
	50	in OpenSSL since 1.0.0.
	51
	52	=head1 COPYRIGHT
	53
	54	Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	55
	56	Licensed under the Apache License 2.0 (the "License"). You may not use
	57	this file except in compliance with the License. You can obtain a copy
	58	in the file LICENSE in the source distribution or at
	59	L<https://www.openssl.org/source/license.html>.
	60
	61	=cut

+2

-2

doc/man3/OPENSSL_init_crypto.pod less more

81	81	With this option the library will automatically load and make available all
82	82	libcrypto digests. This option is a default option. Once selected subsequent
83	83	calls to OPENSSL_init_crypto() with the option
84		B<OPENSSL_INIT_NO_ADD_ALL_CIPHERS> will be ignored.
	84	B<OPENSSL_INIT_NO_ADD_ALL_DIGESTS> will be ignored.
85	85
86	86	=item OPENSSL_INIT_NO_ADD_ALL_CIPHERS
87	87

288	288
289	289	=head1 COPYRIGHT
290	290
291		Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
	291	Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
292	292
293	293	Licensed under the Apache License 2.0 (the "License"). You may not use
294	294	this file except in compliance with the License. You can obtain a copy

+10

-9

doc/man3/OPENSSL_malloc.pod less more

148	148	failing.
149	149
150	150	If the variable B<OPENSSL_MALLOC_FD> is parsed as a positive integer, then
151		it is taken as an open file descriptor, and a record of all allocations is
152		written to that descriptor. If an allocation will fail, and the platform
153		supports it, then a backtrace will be written to the descriptor. This can
154		be useful because a malloc may fail but not be checked, and problems will
155		only occur later. The following example in classic shell syntax shows how
156		to use this (will not work on all platforms):
	151	it is taken as an open file descriptor. This is used in conjunction with
	152	B<OPENSSL_MALLOC_FAILURES> described above. For every allocation it will log
	153	details about how many allocations there have been so far, what percentage
	154	chance there is for this allocation failing, and whether it has actually failed.
	155	The following example in classic shell syntax shows how to use this (will not
	156	work on all platforms):
157	157
158	158	OPENSSL_MALLOC_FAILURES='200;@10'
159	159	export OPENSSL_MALLOC_FAILURES

178	178	always because allocations have already happened).
179	179
180	180	CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(), CRYPTO_mem_leaks_cb(),
181		CRYPTO_set_mem_debug(), and CRYPTO_mem_ctrl() are deprecated and return -1.
	181	CRYPTO_set_mem_debug(), and CRYPTO_mem_ctrl() are deprecated and are no-ops that
	182	always return -1.
182	183	OPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(),
183	184	CRYPTO_mem_debug_push(), and CRYPTO_mem_debug_pop()
184		are deprecated and return 0.
	185	are deprecated and are no-ops that always return 0.
185	186
186	187	=head1 HISTORY
187	188

196	197
197	198	=head1 COPYRIGHT
198	199
199		Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	200	Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
200	201
201	202	Licensed under the Apache License 2.0 (the "License"). You may not use
202	203	this file except in compliance with the License. You can obtain a copy

+15

-6

doc/man3/OSSL_CMP_MSG_get0_header.pod less more

44	44
45	45	=over 4
46	46
47		=item any subject name in I<ctx> set via L<OSSL_CMP_CTX_set1_subjectName(3)>,
	47	=item any subject name in I<ctx> set via L<OSSL_CMP_CTX_set1_subjectName(3)> -
	48	if it is the NULL-DN (i.e., any empty sequence of RDNs), no subject is included,
48	49
49		=item the subject field of any PKCS#10 CSR is given in I<ctx>, or
	50	=item the subject field of any PKCS#10 CSR set in I<ctx>
	51	via L<OSSL_CMP_CTX_set1_p10CSR(3)>,
50	52
51	53	=item the subject field of any reference certificate given in I<ctx>
52		(see L<OSSL_CMP_CTX_set1_oldCert(3)>), if I<for_KUR> is nonzero
	54	(see L<OSSL_CMP_CTX_set1_oldCert(3)>), but only if I<for_KUR> is nonzero
53	55	or the I<ctx> does not include a Subject Alternative Name.
54	56
55	57	=back

60	62
61	63	=item the public key derived from any key set via L<OSSL_CMP_CTX_set0_newPkey(3)>,
62	64
63		=item the public key of any PKCS#10 CSR is given in I<ctx>,
	65	=item the public key of any PKCS#10 CSR given in I<ctx>,
64	66
65		=item the public key of any reference certificate given in I<ctx>, or
	67	=item the public key of any reference certificate given in I<ctx>,
66	68
67	69	=item the public key derived from any client's private key
68	70	set via L<OSSL_CMP_CTX_set1_pkey(3)>.

107	109
108	110	OSSL_CMP_MSG_get_bodytype() returns the body type or -1 on error.
109	111
110		OSSL_CMP_CTX_setup_CRM() returns a pointer to a OSSL_CRMF_MSG on success,
	112	OSSL_CMP_CTX_setup_CRM() returns a pointer to a B<OSSL_CRMF_MSG> on success,
111	113	NULL on error.
112	114
113	115	d2i_OSSL_CMP_MSG_bio() returns the parsed message or NULL on error.

119	121	the number of bytes successfully encoded or a negative value if an error occurs.
120	122
121	123	OSSL_CMP_MSG_update_transactionID() returns 1 on success, 0 on error.
	124
	125	=head1 SEE ALSO
	126
	127	L<OSSL_CMP_CTX_set1_subjectName(3)>, L<OSSL_CMP_CTX_set1_p10CSR(3)>,
	128	L<OSSL_CMP_CTX_set1_oldCert(3)>, L<OSSL_CMP_CTX_set0_newPkey(3)>,
	129	L<OSSL_CMP_CTX_set1_pkey(3)>, L<OSSL_CMP_CTX_set0_reqExtensions(3)>,
	130	L<OSSL_CMP_CTX_push1_subjectAltName(3)>, L<OSSL_CMP_CTX_push0_policy(3)>
122	131
123	132	=head1 HISTORY
124	133

+14

-14

doc/man3/OSSL_HTTP_REQ_CTX.pod less more

65	65	A value <= 0 indicates that
66	66	the B<OSSL_HTTP_DEFAULT_MAX_LINE_LEN> of 4KiB should be used.
67	67	I<buf_size> is also used as the number of content bytes that are read at a time.
68		The allocated context structure is also populated with an internal allocated
69		memory B<BIO>, which collects the HTTP request and additional headers as text.
	68	The allocated context structure includes an internal memory B<BIO>,
	69	which collects the HTTP request header lines.
70	70
71	71	OSSL_HTTP_REQ_CTX_free() frees up the HTTP request context I<rctx>.
72	72	The I<rbio> is not free'd, I<wbio> will be free'd if I<free_wbio> is set.

79	79	I<path> is the HTTP request path; if left NULL, C</> is used.
80	80
81	81	OSSL_HTTP_REQ_CTX_add1_header() adds header I<name> with value I<value> to the
82		context I<rctx>. It can be called more than once to add multiple headers.
	82	context I<rctx>. It can be called more than once to add multiple header lines.
83	83	For example, to add a C<Host> header for C<example.com> you would call:
84	84
85	85	OSSL_HTTP_REQ_CTX_add1_header(ctx, "Host", "example.com");

95	95	expected as the response content and input streaming is disabled. This means
96	96	that an ASN.1 sequence header is required, its length field is checked, and
97	97	OSSL_HTTP_REQ_CTX_get0_mem_bio() should be used to get the buffered response.
98		Otherwise any input format is allowed without length checks, which is the default.
	98	Otherwise (by default) any input format is allowed without length checks.
99	99	In this case the BIO given as I<rbio> argument to OSSL_HTTP_REQ_CTX_new() should
100	100	be used directly to read the response contents, which may support streaming.
101	101	If the I<timeout> parameter is > 0 this indicates the maximum number of seconds

123	123	I<content_type> must be NULL if I<req> is NULL.
124	124	If I<content_type> isn't NULL,
125	125	the HTTP header C<Content-Type> is also added with the given string value.
126		All of this ends up in the internal memory B<BIO>.
	126	The header lines are added to the internal memory B<BIO> for the request header.
127	127
128	128	OSSL_HTTP_REQ_CTX_nbio() attempts to send the request prepared in I<rctx>
129	129	and to gather the response via HTTP, using the I<wbio> and I<rbio>

142	142	If an ASN.1-encoded response was expected, this is the BIO
143	143	returned by OSSL_HTTP_REQ_CTX_get0_mem_bio() when called after the exchange.
144	144	This memory BIO does not support streaming.
145		Otherwise it may be the I<rbio> given when calling OSSL_HTTP_REQ_CTX_new(),
146		and this BIO has been read past the end of the response headers,
147		such that the actual response body can be read via this BIO,
	145	Otherwise the returned BIO is the I<rbio> given to OSSL_HTTP_REQ_CTX_new(),
148	146	which may support streaming.
149		The returned BIO pointer must not be freed by the caller.
	147	When this BIO is returned, it has been read past the end of the response header,
	148	such that the actual response body can be read from it.
	149	The returned BIO pointer MUST NOT be freed by the caller.
150	150
151	151	OSSL_HTTP_REQ_CTX_get0_mem_bio() returns the internal memory B<BIO>.
152		Before sending the request, this could used to modify the HTTP request text.
	152	Before the HTTP request is sent, this could be used to adapt its header lines.
153	153	I<Use with caution!>
154	154	After receiving a response via HTTP, the BIO represents the current state of
155		reading the response headers. If the response was expected to be ASN.1 encoded,
	155	reading the response header. If the response was expected to be ASN.1 encoded,
156	156	its contents can be read via this BIO, which does not support streaming.
157	157	The returned BIO pointer must not be freed by the caller.
158	158

199	199
200	200	=item 2.
201	201
202		Adding extra headers with OSSL_HTTP_REQ_CTX_add1_header().
	202	Adding extra header lines with OSSL_HTTP_REQ_CTX_add1_header().
203	203	This is optional and may be done multiple times with different names.
204	204
205	205	=item 3.

228	228	return 1 for success, 0 on error or redirection, -1 if retry is needed.
229	229
230	230	OSSL_HTTP_REQ_CTX_exchange() and OSSL_HTTP_REQ_CTX_get0_mem_bio()
231		return a pointer to a B<BIO> on success and NULL on failure.
	231	return a pointer to a B<BIO> on success as described above or NULL on failure.
232	232	The returned BIO must not be freed by the caller.
233	233
234	234	OSSL_HTTP_REQ_CTX_get_resp_len() returns the size of the response contents

255	255
256	256	=head1 COPYRIGHT
257	257
258		Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	258	Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
259	259
260	260	Licensed under the Apache License 2.0 (the "License"). You may not use
261	261	this file except in compliance with the License. You can obtain a copy

+6

-6

doc/man3/OSSL_HTTP_transfer.pod less more

101	101	whereby it may make use of a custom defined argument I<arg>,
102	102	which may for instance point to an B<SSL_CTX> structure.
103	103	During connection establishment, just after calling BIO_do_connect_retry(), the
104		callback function is invoked with the I<connect> argument being 1 and the I<detail>
105		argument being 1 if HTTPS is requested, i.e., SSL/TLS should be enabled, else 0.
	104	callback function is invoked with the I<connect> argument being 1 and
	105	I<detail> being 1 if I<use_ssl> is nonzero (i.e., HTTPS is requested), else 0.
106	106	On disconnect I<connect> is 0 and I<detail> is 1 if no error occurred, else 0.
107	107	For instance, on connect the callback may push an SSL BIO to implement HTTPS;
108	108	after disconnect it may do some diagnostic output and pop and free the SSL BIO.

201	201	the length indications received are checked for consistency
202	202	and for not exceeding any given maximum response length.
203	203	If an ASN.1-encoded response is expected, the function returns on success
204		the contents as a memory BIO, which does not support streaming.
	204	the contents buffered in a memory BIO, which does not support streaming.
205	205	Otherwise it returns directly the read BIO that holds the response contents,
206	206	which allows a response of indefinite length and may support streaming.
207	207	The caller is responsible for freeing the BIO pointer obtained.

252	252	return 1 on success, 0 on error.
253	253
254	254	On success, OSSL_HTTP_exchange(), OSSL_HTTP_get(), and OSSL_HTTP_transfer()
255		return a memory BIO containing the data received if an ASN.1-encoded response
256		is expected, else a BIO that may support streaming.
	255	return a memory BIO that buffers all the data received if an ASN.1-encoded
	256	response is expected, otherwise a BIO that may support streaming.
257	257	The BIO must be freed by the caller.
258	258	On failure, they return NULL.
259	259	Failure conditions include connection/transfer timeout, parse errors, etc.

273	273
274	274	=head1 COPYRIGHT
275	275
276		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	276	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
277	277
278	278	Licensed under the Apache License 2.0 (the "License"). You may not use
279	279	this file except in compliance with the License. You can obtain a copy

+4

-2

doc/man3/OSSL_LIB_CTX.pod less more

82	82	application's library context and will be similarly mirrored in the child
83	83	library context.
84	84
85		OSSL_LIB_CTX_load_config() loads a configuration file using the given C<ctx>.
	85	OSSL_LIB_CTX_load_config() loads a configuration file using the given I<ctx>.
86	86	This can be used to associate a library context with providers that are loaded
87	87	from a configuration.
88	88

117	117
118	118	OSSL_LIB_CTX_free() doesn't return any value.
119	119
	120	OSSL_LIB_CTX_load_config() returns 1 on success, 0 on error.
	121
120	122	=head1 HISTORY
121	123
122	124	All of the functions described on this page were added in OpenSSL 3.0.
123	125
124	126	=head1 COPYRIGHT
125	127
126		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	128	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
127	129
128	130	Licensed under the Apache License 2.0 (the "License"). You may not use
129	131	this file except in compliance with the License. You can obtain a copy

+13

-8

doc/man3/OSSL_PARAM_BLD.pod less more

133	133	Both examples creating an OSSL_PARAM array that contains an RSA key.
134	134	For both, the predefined key variables are:
135	135
136		BIGNUM p, q; /* both prime */
137		BIGNUM n; / = p * q */
138		unsigned int e; /* exponent, usually 65537 */
139		BIGNUM d; / e^-1 */
	136	BIGNUM n; / modulus */
	137	unsigned int e; /* public exponent */
	138	BIGNUM d; / private exponent */
	139	BIGNUM p, q; /* first two prime factors */
	140	BIGNUM dmp1, dmq1; /* first two CRT exponents */
	141	BIGNUM iqmp; / first CRT coefficient */
140	142
141	143	=head2 Example 1
142	144

147	149	OSSL_PARAM *params = NULL;
148	150
149	151	if (bld == NULL
150		\|\| !OSSL_PARAM_BLD_push_BN(bld, "p", p)
151		\|\| !OSSL_PARAM_BLD_push_BN(bld, "q", q)
	152	\|\| !OSSL_PARAM_BLD_push_BN(bld, "n", n)
152	153	\|\| !OSSL_PARAM_BLD_push_uint(bld, "e", e)
153		\|\| !OSSL_PARAM_BLD_push_BN(bld, "n", n)
154	154	\|\| !OSSL_PARAM_BLD_push_BN(bld, "d", d)
	155	\|\| !OSSL_PARAM_BLD_push_BN(bld, "rsa-factor1", p)
	156	\|\| !OSSL_PARAM_BLD_push_BN(bld, "rsa-factor2", q)
	157	\|\| !OSSL_PARAM_BLD_push_BN(bld, "rsa-exponent1", dmp1)
	158	\|\| !OSSL_PARAM_BLD_push_BN(bld, "rsa-exponent2", dmq1)
	159	\|\| !OSSL_PARAM_BLD_push_BN(bld, "rsa-coefficient1", iqmp)
155	160	\|\| (params = OSSL_PARAM_BLD_to_param(bld)) == NULL)
156	161	goto err;
157	162	OSSL_PARAM_BLD_free(bld);

169	174
170	175	if (nld == NULL
171	176	\|\| !OSSL_PARAM_BLD_push_BN(bld, "n", n)
172		\|\| !OSSL_PARAM_BLD_push_BN(bld, "e", e)
	177	\|\| !OSSL_PARAM_BLD_push_uint(bld, "e", e)
173	178	\|\| (params = OSSL_PARAM_BLD_to_param(bld)) == NULL)
174	179	goto err;
175	180	OSSL_PARAM_BLD_free(bld);

+4

-3

doc/man3/OSSL_PROVIDER.pod less more

17	17
18	18	typedef struct ossl_provider_st OSSL_PROVIDER;
19	19
20		void OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
21		const char *path);
	20	int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
	21	const char *path);
22	22
23	23	OSSL_PROVIDER OSSL_PROVIDER_load(OSSL_LIB_CTX libctx, const char *name);
24	24	OSSL_PROVIDER OSSL_PROVIDER_try_load(OSSL_LIB_CTX libctx, const char *name,

156	156
157	157	=head1 RETURN VALUES
158	158
159		OSSL_PROVIDER_add(), OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and
	159	OSSL_PROVIDER_set_default_search_path(), OSSL_PROVIDER_add(),
	160	OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and
160	161	OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on error.
161	162
162	163	OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a

+24

-4

doc/man3/OSSL_trace_set_channel.pod less more

135	135
136	136	Traces the ciphers used by the TLS/SSL protocol.
137	137
	138	=item B<OSSL_TRACE_CATEGORY_CONF>
	139
	140	Traces details about the provider and engine configuration.
	141
138	142	=item B<OSSL_TRACE_CATEGORY_ENGINE_TABLE>
139	143
140	144	Traces the ENGINE algorithm table selection.

174	178
175	179	Traces BIGNUM context operations.
176	180
177		=item B<OSSL_TRACE_CATEGORY_CONF>
178
179		Traces details about the provider and engine configuration.
	181	=item B<OSSL_TRACE_CATEGORY_CMP>
	182
	183	Traces CMP client and server activity.
	184
	185	=item B<OSSL_TRACE_CATEGORY_STORE>
	186
	187	Traces STORE operations.
	188
	189	=item B<OSSL_TRACE_CATEGORY_DECODER>
	190
	191	Traces decoder operations.
	192
	193	=item B<OSSL_TRACE_CATEGORY_ENCODER>
	194
	195	Traces encoder operations.
	196
	197	=item B<OSSL_TRACE_CATEGORY_REF_COUNT>
	198
	199	Traces decrementing certain ASN.1 structure references.
180	200
181	201	=back
182	202

299	319
300	320	=head1 COPYRIGHT
301	321
302		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	322	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
303	323
304	324	Licensed under the Apache License 2.0 (the "License"). You may not use
305	325	this file except in compliance with the License. You can obtain a copy

+24

-23

doc/man3/PKCS7_sign.pod less more

17	17	=head1 DESCRIPTION
18	18
19	19	PKCS7_sign_ex() creates and returns a PKCS#7 signedData structure.
20		I<igncert> is the certificate to sign with, Ipkey> is the corresponding
21		private key. I<certs> is an optional additional set of certificates to include
22		in the PKCS#7 structure (for example any intermediate CAs in the chain). The
23		library context I<libctx> and property query I<propq> are used when
	20	I<signcert> is the certificate to sign with, I<pkey> is the corresponding
	21	private key. I<certs> is an optional set of extra certificates to include
	22	in the PKCS#7 structure (for example any intermediate CAs in the chain).
	23	The library context I<libctx> and property query I<propq> are used when
24	24	retrieving algorithms from providers.
25	25
26		The data to be signed is read from BIO B<data>.
	26	The data to be signed is read from BIO I<data>.
27	27
28		B<flags> is an optional set of flags.
	28	I<flags> is an optional set of flags.
29	29
30		Any of the following flags (ored together) can be passed in the B<flags>
	30	Any of the following flags (ored together) can be passed in the I<flags>
31	31	parameter.
32	32
33	33	Many S/MIME clients expect the signed content to include valid MIME headers. If
34		the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
	34	the B<PKCS7_TEXT> flag is set MIME headers for type C<text/plain> are prepended
35	35	to the data.
36	36
37		If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
38		PKCS7 structure, the signer's certificate must still be supplied in the
39		B<signcert> parameter though. This can reduce the size of the signature if the
40		signers certificate can be obtained by other means: for example a previously
41		signed message.
	37	If B<PKCS7_NOCERTS> is set the signer's certificate and the extra I<certs>
	38	will not be included in the PKCS7 structure.
	39	The signer's certificate must still be supplied in the I<signcert> parameter
	40	though. This can reduce the size of the signatures if the signer's certificates
	41	can be obtained by other means: for example a previously signed message.
42	42
43	43	The data being signed is included in the PKCS7 structure, unless
44	44	B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7

62	62
63	63	If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
64	64	just initialized ready to perform the signing operation. The signing is however
65		B<not> performed and the data to be signed is not read from the B<data>
	65	B<not> performed and the data to be signed is not read from the I<data>
66	66	parameter. Signing is deferred until after the data has been written. In this
67	67	way data can be signed in a single pass.
68	68

81	81	If a signer is specified it will use the default digest for the signing
82	82	algorithm. This is B<SHA1> for both RSA and DSA keys.
83	83
84		The B<certs>, B<signcert> and B<pkey> parameters can all be
85		B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
	84	The I<certs>, I<signcert> and I<pkey> parameters can all be
	85	NULL if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
86	86	using the function PKCS7_sign_add_signer(). PKCS7_final() must also be
87	87	called to finalize the structure if streaming is not enabled. Alternative
88	88	signing digests can also be specified using this method.
89	89
90		If B<signcert> and B<pkey> are NULL then a certificates only
	90	If I<signcert> and I<pkey> are NULL then a certificates only
91	91	PKCS#7 structure is output.
92	92
93		In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
94		B<NOT> be NULL.
	93	In versions of OpenSSL before 1.0.0 the I<signcert> and I<pkey> parameters must
	94	not be NULL.
95	95
96		PKCS7_sign() is similar to PKCS7_sign_ex() but uses default values of
	96	PKCS7_sign() is like PKCS7_sign_ex() except that it uses default values of
97	97	NULL for the library context I<libctx> and the property query I<propq>.
	98	This is retained for API backward compatibiliy.
98	99
99	100	=head1 BUGS
100	101

113	114
114	115	The function PKCS7_sign_ex() was added in OpenSSL 3.0.
115	116
116		The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
117		and B<pkey> parameters to be B<NULL> were added in OpenSSL 1.0.0.
	117	The B<PKCS7_PARTIAL> flag, and the ability for I<certs>, I<signcert>,
	118	and I<pkey> parameters to be NULL were added in OpenSSL 1.0.0.
118	119
119	120	The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
120	121
121	122	=head1 COPYRIGHT
122	123
123		Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
	124	Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
124	125
125	126	Licensed under the Apache License 2.0 (the "License"). You may not use
126	127	this file except in compliance with the License. You can obtain a copy

+34

-21

doc/man3/PKCS7_sign_add_signer.pod less more

1	1
2	2	=head1 NAME
3	3
4		PKCS7_sign_add_signer - add a signer PKCS7 signed data structure
	4	PKCS7_sign_add_signer,
	5	PKCS7_add_certificate, PKCS7_add_crl - add information to PKCS7 structure
5	6
6	7	=head1 SYNOPSIS
7	8

9	10
10	11	PKCS7_SIGNER_INFO PKCS7_sign_add_signer(PKCS7 p7, X509 *signcert,
11	12	EVP_PKEY pkey, const EVP_MD md, int flags);
12
	13	int PKCS7_add_certificate(PKCS7 p7, X509 cert);
	14	int PKCS7_add_crl(PKCS7 p7, X509_CRL crl);
13	15
14	16	=head1 DESCRIPTION
15	17
16		PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
17		key B<pkey> using message digest B<md> to a PKCS7 signed data structure
18		B<p7>.
	18	PKCS7_sign_add_signer() adds a signer with certificate I<signcert> and private
	19	key I<pkey> using message digest I<md> to a PKCS7 signed data structure I<p7>.
19	20
20		The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
21		with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
	21	The B<PKCS7> structure should be obtained from an initial call to PKCS7_sign()
	22	with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS#7
22	23	signed data structure.
23	24
24		If the B<md> parameter is B<NULL> then the default digest for the public
	25	If the I<md> parameter is NULL then the default digest for the public
25	26	key algorithm will be used.
26	27
27		Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
	28	Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned B<PKCS7> structure
28	29	is not complete and must be finalized either by streaming (if applicable) or
29	30	a call to PKCS7_final().
30	31

36	37	not appropriate. For example if multiple signers or non default digest
37	38	algorithms are needed.
38	39
39		Any of the following flags (ored together) can be passed in the B<flags>
	40	Any of the following flags (ored together) can be passed in the I<flags>
40	41	parameter.
41	42
42	43	If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
43		digest value from the PKCS7 structure: to add a signer to an existing structure.
	44	digest value from the B<PKCS7> structure: to add a signer to an existing structure.
44	45	An error occurs if a matching digest value cannot be found to copy. The
45		returned PKCS7 structure will be valid and finalized when this flag is set.
	46	returned B<PKCS7> structure will be valid and finalized when this flag is set.
46	47
47	48	If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
48	49	B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes

50	51	needed to finalize it.
51	52
52	53	If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
53		PKCS7 structure, the signer's certificate must still be supplied in the
54		B<signcert> parameter though. This can reduce the size of the signature if the
	54	B<PKCS7> structure, the signer's certificate must still be supplied in the
	55	I<signcert> parameter though. This can reduce the size of the signature if the
55	56	signers certificate can be obtained by other means: for example a previously
56	57	signed message.
57	58

65	66	algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
66	67	these algorithms is disabled then it will not be included.
67	68
	69	PKCS7_sign_add_signers() returns an internal pointer to the B<PKCS7_SIGNER_INFO>
	70	structure just added, which can be used to set additional attributes
	71	before it is finalized.
68	72
69		PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
70		structure just added, this can be used to set additional attributes
71		before it is finalized.
	73	PKCS7_add_certificate() adds to the B<PKCS7> structure I<p7> the certificate
	74	I<cert>, which may be an end-entity (signer) certificate
	75	or a CA certificate useful for chain building.
	76	This is done internally by L<PKCS7_sign_ex(3)> and similar signing functions.
	77	It may have to be used before calling L<PKCS7_verify(3)>
	78	in order to provide any missing certificate(s) needed for verification.
	79
	80	PKCS7_add_crl() adds the CRL I<crl> to the B<PKCS7> structure I<p7>.
	81	This may be called to provide certificate status information
	82	to be included when signing or to use when verifying the B<PKCS7> structure.
72	83
73	84	=head1 RETURN VALUES
74	85
75		PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
	86	PKCS7_sign_add_signers() returns an internal pointer to the B<PKCS7_SIGNER_INFO>
76	87	structure just added or NULL if an error occurs.
	88
	89	PKCS7_add_certificate() and PKCS7_add_crl() return 1 on success, 0 on error.
77	90
78	91	=head1 SEE ALSO
79	92
80		L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
81		L<PKCS7_final(3)>,
	93	L<ERR_get_error(3)>, L<PKCS7_sign_ex(3)>,
	94	L<PKCS7_final(3)>, L<PKCS7_verify(3)>
82	95
83	96	=head1 HISTORY
84	97

86	99
87	100	=head1 COPYRIGHT
88	101
89		Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
	102	Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
90	103
91	104	Licensed under the Apache License 2.0 (the "License"). You may not use
92	105	this file except in compliance with the License. You can obtain a copy

+57

-45

doc/man3/PKCS7_verify.pod less more

14	14
15	15	=head1 DESCRIPTION
16	16
17		PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7
18		structure to verify. B<certs> is a set of certificates in which to search for
19		the signer's certificate. B<store> is a trusted certificate store (used for
20		chain verification). B<indata> is the signed data if the content is not
21		present in B<p7> (that is it is detached). The content is written to B<out>
22		if it is not NULL.
	17	PKCS7_verify() is very similar to L<CMS_verify(3)>.
	18	It verifies a PKCS#7 signedData structure given in I<p7>.
	19	The optional I<certs> parameter refers to a set of certificates
	20	in which to search for signer's certificates.
	21	I<p7> may contain extra untrusted CA certificates that may be used for
	22	chain building as well as CRLs that may be used for certificate validation.
	23	I<store> may be NULL or point to
	24	the trusted certificate store to use for chain verification.
	25	I<indata> refers to the signed data if the content is detached from I<p7>.
	26	Otherwise I<indata> should be NULL, and then the signed data must be in I<p7>.
	27	The content is written to the BIO I<out> unless it is NULL.
	28	I<flags> is an optional set of flags, which can be used to modify the operation.
23	29
24		B<flags> is an optional set of flags, which can be used to modify the verify
25		operation.
26
27		PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
28		B<not> check their validity or whether any signatures are valid. The B<certs>
29		and B<flags> parameters have the same meanings as in PKCS7_verify().
	30	PKCS7_get0_signers() retrieves the signer's certificates from I<p7>, it does
	31	B<not> check their validity or whether any signatures are valid. The I<certs>
	32	and I<flags> parameters have the same meanings as in PKCS7_verify().
30	33
31	34	=head1 VERIFY PROCESS
32	35
33	36	Normally the verify process proceeds as follows.
34	37
35		Initially some sanity checks are performed on B<p7>. The type of B<p7> must
36		be signedData. There must be at least one signature on the data and if
37		the content is detached B<indata> cannot be B<NULL>. If the content is
38		not detached and B<indata> is not B<NULL>, then the structure has both
	38	Initially some sanity checks are performed on I<p7>. The type of I<p7> must
	39	be SignedData. There must be at least one signature on the data and if
	40	the content is detached I<indata> cannot be NULL. If the content is
	41	not detached and I<indata> is not NULL then the structure has both
39	42	embedded and external content. To treat this as an error, use the flag
40	43	B<PKCS7_NO_DUAL_CONTENT>.
41	44	The default behavior allows this, for compatibility with older
42	45	versions of OpenSSL.
43	46
44	47	An attempt is made to locate all the signer's certificates, first looking in
45		the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates
46		contained in the B<p7> structure itself. If any signer's certificates cannot be
47		located the operation fails.
	48	the I<certs> parameter (if it is not NULL). Then they are looked up in any
	49	certificates contained in the I<p7> structure unless B<PKCS7_NOINTERN> is set.
	50	If any signer's certificates cannot be located the operation fails.
48	51
49	52	Each signer's certificate is chain verified using the B<smimesign> purpose and
50		the supplied trusted certificate store. Any internal certificates in the message
51		are used as untrusted CAs. If any chain verify fails an error code is returned.
	53	using the trusted certificate store I<store> if supplied.
	54	Any internal certificates in the message, which may have been added using
	55	L<PKCS7_add_certificate(3)>, are used as untrusted CAs unless B<PKCS7_NOCHAIN>
	56	is set.
	57	If CRL checking is enabled in I<store> and B<PKCS7_NOCRL> is not set,
	58	any internal CRLs, which may have been added using L<PKCS7_add_crl(3)>,
	59	are used in addition to attempting to look them up in I<store>.
	60	If I<store> is not NULL and any chain verify fails an error code is returned.
52	61
53		Finally the signed content is read (and written to B<out> is it is not NULL) and
54		the signature's checked.
	62	Finally the signed content is read (and written to I<out> unless it is NULL)
	63	and the signature is checked.
55	64
56		If all signature's verify correctly then the function is successful.
	65	If all signatures verify correctly then the function is successful.
57	66
58		Any of the following flags (ored together) can be passed in the B<flags> parameter
59		to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
60		meaningful to PKCS7_get0_signers().
	67	Any of the following flags (ored together) can be passed in the I<flags>
	68	parameter to change the default verify behaviour.
	69	Only the flag B<PKCS7_NOINTERN> is meaningful to PKCS7_get0_signers().
61	70
62	71	If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
63		searched when locating the signer's certificate. This means that all the signers
64		certificates must be in the B<certs> parameter.
	72	searched when locating the signer's certificates.
	73	This means that all the signer's certificates must be in the I<certs> parameter.
65	74
66		If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
67		from the content. If the content is not of type B<text/plain> then an error is
	75	If B<PKCS7_NOCRL> is set and CRL checking is enabled in I<store> then any
	76	CRLs in the message itself are ignored.
	77
	78	If the B<PKCS7_TEXT> flag is set MIME headers for type C<text/plain> are deleted
	79	from the content. If the content is not of type C<text/plain> then an error is
68	80	returned.
69	81
70	82	If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
71	83
72	84	If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
73	85	not used as untrusted CAs. This means that the whole verify chain (apart from
74		the signer's certificate) must be contained in the trusted store.
	86	the signer's certificates) must be contained in the trusted store.
75	87
76	88	If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
77	89

79	91
80	92	One application of B<PKCS7_NOINTERN> is to only accept messages signed by
81	93	a small number of certificates. The acceptable certificates would be passed
82		in the B<certs> parameter. In this case if the signer is not one of the
83		certificates supplied in B<certs> then the verify will fail because the
	94	in the I<certs> parameter. In this case if the signer's certificate is not one
	95	of the certificates supplied in I<certs> then the verify will fail because the
84	96	signer cannot be found.
85	97
86	98	Care should be taken when modifying the default verify behaviour, for example
87	99	setting C<PKCS7_NOVERIFY\|PKCS7_NOSIGS> will totally disable all verification
88	100	and any signed message will be considered valid. This combination is however
89		useful if one merely wishes to write the content to B<out> and its validity
	101	useful if one merely wishes to write the content to I<out> and its validity
90	102	is not considered important.
91	103
92		Chain verification should arguably be performed using the signing time rather
	104	Chain verification should arguably be performed using the signing time rather
93	105	than the current time. However, since the signing time is supplied by the
94	106	signer it cannot be trusted without additional evidence (such as a trusted
95	107	timestamp).
96	108
97	109	=head1 RETURN VALUES
98	110
99		PKCS7_verify() returns one for a successful verification and zero
100		if an error occurs.
	111	PKCS7_verify() returns 1 for a successful verification and 0 if an error occurs.
101	112
102		PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
	113	PKCS7_get0_signers() returns all signers or NULL if an error occurred.
103	114
104		The error can be obtained from L<ERR_get_error(3)>
	115	The error can be obtained from L<ERR_get_error(3)>.
105	116
106	117	=head1 BUGS
107	118
108		The trusted certificate store is not searched for the signers certificate,
109		this is primarily due to the inadequacies of the current B<X509_STORE>
	119	The trusted certificate store is not searched for the signer's certificates.
	120	This is primarily due to the inadequacies of the current B<X509_STORE>
110	121	functionality.
111	122
112		The lack of single pass processing and need to hold all data in memory as
113		mentioned in PKCS7_sign() also applies to PKCS7_verify().
	123	The lack of single pass processing means that the signed content must all
	124	be held in memory if it is not detached.
114	125
115	126	=head1 SEE ALSO
116	127
	128	L<CMS_verify(3)>, L<PKCS7_add_certificate(3)>, L<PKCS7_add_crl(3)>,
117	129	L<ERR_get_error(3)>, L<PKCS7_sign(3)>
118	130
119	131	=head1 COPYRIGHT
120	132
121		Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
	133	Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
122	134
123	135	Licensed under the Apache License 2.0 (the "License"). You may not use
124	136	this file except in compliance with the License. You can obtain a copy

+7

-6

doc/man3/SSL_CTX_use_certificate.pod less more

91	91	SSL_CTX_use_RSAPrivateKey() adds the private key B<rsa> of type RSA
92	92	to B<ctx>. SSL_use_PrivateKey() adds B<pkey> as private key to B<ssl>;
93	93	SSL_use_RSAPrivateKey() adds B<rsa> as private key of type RSA to B<ssl>.
94		If a certificate has already been set and the private does not belong
95		to the certificate an error is returned. To change a certificate, private
96		key pair the new certificate needs to be set with SSL_use_certificate()
97		or SSL_CTX_use_certificate() before setting the private key with
	94	If a certificate has already been set and the private key does not belong
	95	to the certificate an error is returned. To change a [certificate/private-key]
	96	pair, the new certificate needs to be set first with SSL_use_certificate() or
	97	SSL_CTX_use_certificate() before setting the private key with
98	98	SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().
99	99
100	100	SSL_CTX_use_cert_and_key() and SSL_use_cert_and_key() assign the X.509

148	148
149	149	SSL_CTX_use_certificate_chain_file() adds the first certificate found
150	150	in the file to the certificate store. The other certificates are added
151		to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)>. Note: versions of OpenSSL before 1.0.2 only had a single
	151	to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)>.
	152	Note: versions of OpenSSL before 1.0.2 only had a single
152	153	certificate chain store for all certificate types, OpenSSL 1.0.2 and later
153	154	have a separate chain store for each type. SSL_CTX_use_certificate_chain_file()
154	155	should be used instead of the SSL_CTX_use_certificate_file() function in order

193	194
194	195	=head1 COPYRIGHT
195	196
196		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	197	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
197	198
198	199	Licensed under the Apache License 2.0 (the "License"). You may not use
199	200	this file except in compliance with the License. You can obtain a copy

+30

-27

doc/man3/X509V3_get_d2i.pod less more

18	18	int crit, unsigned long flags);
19	19
20	20	void X509V3_EXT_d2i(X509_EXTENSION ext);
21		X509_EXTENSION X509V3_EXT_i2d(int ext_nid, int crit, void ext);
	21	X509_EXTENSION X509V3_EXT_i2d(int ext_nid, int crit, void ext_struc);
22	22
23	23	void X509_get_ext_d2i(const X509 x, int nid, int crit, int idx);
24	24	int X509_add1_ext_i2d(X509 x, int nid, void value, int crit,

40	40
41	41	X509V3_get_d2i() looks for an extension with OID I<nid> in the extensions
42	42	I<x> and, if found, decodes it. If I<idx> is NULL then only one
43		occurrence of an extension is permissible otherwise the first extension after
	43	occurrence of an extension is permissible, otherwise the first extension after
44	44	index I<idx> is returned and I<idx> updated to the location of the extension.
45	45	If I<crit> is not NULL then I<*crit> is set to a status value: -2 if the
46	46	extension occurs multiple times (this is only returned if I<idx> is NULL),

56	56	I<ext> and returns a pointer to an extension specific structure or NULL
57	57	if the extension could not be decoded (invalid syntax or not supported).
58	58
59		X509V3_EXT_i2d() encodes the extension specific structure I<ext>
	59	X509V3_EXT_i2d() encodes the extension specific structure I<ext_struc>
60	60	with OID I<ext_nid> and criticality I<crit>.
61	61
62	62	X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of
63		certificate I<x>, they are otherwise identical to X509V3_get_d2i() and
64		X509V3_add_i2d().
	63	certificate I<x>. They are otherwise identical to X509V3_get_d2i() and
	64	X509V3_add1_i2d().
65	65
66	66	X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions
67		of CRL I<crl>, they are otherwise identical to X509V3_get_d2i() and
68		X509V3_add_i2d().
	67	of CRL I<crl>. They are otherwise identical to X509V3_get_d2i() and
	68	X509V3_add1_i2d().
69	69
70	70	X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the
71		extensions of B<X509_REVOKED> structure I<r> (i.e for CRL entry extensions),
72		they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().
	71	extensions of B<X509_REVOKED> structure I<r> (i.e for CRL entry extensions).
	72	They are otherwise identical to X509V3_get_d2i() and X509V3_add1_i2d().
73	73
74	74	X509_get0_extensions(), X509_CRL_get0_extensions() and
75		X509_REVOKED_get0_extensions() return a stack of all the extensions
76		of a certificate a CRL or a CRL entry respectively.
	75	X509_REVOKED_get0_extensions() return a STACK of all the extensions
	76	of a certificate, a CRL or a CRL entry respectively.
77	77
78	78	=head1 NOTES
79	79

83	83	The I<flags> parameter may be one of the following values.
84	84
85	85	B<X509V3_ADD_DEFAULT> appends a new extension only if the extension does
86		not already exist. An error is returned if the extension does already
87		exist.
	86	not exist. An error is returned if the extension exists.
88	87
89	88	B<X509V3_ADD_APPEND> appends a new extension, ignoring whether the extension
90		already exists.
91
92		B<X509V3_ADD_REPLACE> replaces an extension if it exists otherwise appends
93		a new extension.
94
95		B<X509V3_ADD_REPLACE_EXISTING> replaces an existing extension if it exists
96		otherwise returns an error.
	89	exists.
	90
	91	B<X509V3_ADD_REPLACE> replaces an existing extension. If the extension does
	92	not exist, appends a new extension.
	93
	94	B<X509V3_ADD_REPLACE_EXISTING> replaces an existing extension. If the
	95	extension does not exist, returns an error.
97	96
98	97	B<X509V3_ADD_KEEP_EXISTING> appends a new extension only if the extension does
99		not already exist. An error B<is not> returned if the extension does already
100		exist.
101
102		B<X509V3_ADD_DELETE> extension I<nid> is deleted: no new extension is added.
103
104		If B<X509V3_ADD_SILENT> is ored with I<flags>: any error returned will not
105		be added to the error queue.
	98	not exist. An error is B<not> returned if the extension exists.
	99
	100	B<X509V3_ADD_DELETE> deletes and frees an existing extension. If the extension
	101	does not exist, returns an error. No new extension is added.
	102
	103	If B<X509V3_ADD_SILENT> is bitwise ORed with I<flags>: any error returned
	104	will not be added to the error queue.
106	105
107	106	The function X509V3_get_d2i() and its variants
108	107	will return NULL if the extension is not
109	108	found, occurs multiple times or cannot be decoded. It is possible to
110	109	determine the precise reason by checking the value of I<*crit>.
	110
	111	The function X509V3_add1_i2d() and its variants allocate B<X509_EXTENSION>
	112	objects on STACK I<*x> depending on I<flags>. The B<X509_EXTENSION> objects
	113	must be explicitly freed using X509_EXTENSION_free().
111	114
112	115	=head1 SUPPORTED EXTENSIONS
113	116

+25

-25

doc/man3/X509_CRL_get0_by_serial.pod less more

29	29
30	30	=head1 DESCRIPTION
31	31
32		X509_CRL_get0_by_serial() attempts to find a revoked entry in B<crl> for
33		serial number B<serial>. If it is successful it sets B<*ret> to the internal
34		pointer of the matching entry, as a result B<*ret> must not be freed up
	32	X509_CRL_get0_by_serial() attempts to find a revoked entry in I<crl> for
	33	serial number I<serial>. If it is successful, it sets I<*ret> to the internal
	34	pointer of the matching entry. As a result, I<*ret> B<MUST NOT> be freed
35	35	after the call.
36	36
37	37	X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it
38		looks for a revoked entry using the serial number of certificate B<x>.
	38	looks for a revoked entry using the serial number of certificate I<x>.
39	39
40		X509_CRL_get_REVOKED() returns an internal pointer to a stack of all
41		revoked entries for B<crl>.
	40	X509_CRL_get_REVOKED() returns an internal pointer to a STACK of all
	41	revoked entries for I<crl>.
42	42
43	43	X509_REVOKED_get0_serialNumber() returns an internal pointer to the
44		serial number of B<r>.
	44	serial number of I<r>.
45	45
46	46	X509_REVOKED_get0_revocationDate() returns an internal pointer to the
47		revocation date of B<r>.
	47	revocation date of I<r>.
48	48
49		X509_REVOKED_set_serialNumber() sets the serial number of B<r> to B<serial>.
50		The supplied B<serial> pointer is not used internally so it should be
51		freed up after use.
	49	X509_REVOKED_set_serialNumber() sets the serial number of I<r> to I<serial>.
	50	The supplied I<serial> pointer is not used internally so it should be
	51	freed after use.
52	52
53		X509_REVOKED_set_revocationDate() sets the revocation date of B<r> to
54		B<tm>. The supplied B<tm> pointer is not used internally so it should be
55		freed up after use.
	53	X509_REVOKED_set_revocationDate() sets the revocation date of I<r> to
	54	I<tm>. The supplied I<tm> pointer is not used internally so it should be
	55	freed after use.
56	56
57		X509_CRL_add0_revoked() appends revoked entry B<rev> to CRL B<crl>. The
58		pointer B<rev> is used internally so it must not be freed up after the call:
	57	X509_CRL_add0_revoked() appends revoked entry I<rev> to CRL I<crl>. The
	58	pointer I<rev> is used internally so it B<MUST NOT> be freed after the call:
59	59	it is freed when the parent CRL is freed.
60	60
61		X509_CRL_sort() sorts the revoked entries of B<crl> into ascending serial
	61	X509_CRL_sort() sorts the revoked entries of I<crl> into ascending serial
62	62	number order.
63	63
64	64	=head1 NOTES
65	65
66	66	Applications can determine the number of revoked entries returned by
67		X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one
	67	X509_CRL_get_REVOKED() using sk_X509_REVOKED_num() and examine each one
68	68	in turn using sk_X509_REVOKED_value().
69	69
70	70	=head1 RETURN VALUES

73	73	1 on success except if the revoked entry has the reason C<removeFromCRL> (8),
74	74	in which case 2 is returned.
75	75
	76	X509_CRL_get_REVOKED() returns a STACK of revoked entries.
	77
	78	X509_REVOKED_get0_serialNumber() returns an B<ASN1_INTEGER> structure.
	79
	80	X509_REVOKED_get0_revocationDate() returns an B<ASN1_TIME> structure.
	81
76	82	X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(),
77	83	X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for
78	84	failure.
79
80		X509_REVOKED_get0_serialNumber() returns an B<ASN1_INTEGER> pointer.
81
82		X509_REVOKED_get0_revocationDate() returns an B<ASN1_TIME> value.
83
84		X509_CRL_get_REVOKED() returns a STACK of revoked entries.
85	85
86	86	=head1 SEE ALSO
87	87

104	104
105	105	=head1 COPYRIGHT
106	106
107		Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
	107	Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
108	108
109	109	Licensed under the Apache License 2.0 (the "License"). You may not use
110	110	this file except in compliance with the License. You can obtain a copy

+7

-3

doc/man3/X509_STORE_CTX_new.pod less more

209	209	X509_STORE_CTX_purpose_inherit() directly. Typically applications should call
210	210	X509_STORE_CTX_set_purpose() or X509_STORE_CTX_set_trust() instead. Using this
211	211	function it is possible to set the purpose and trust values for the I<ctx> at
212		the same time. The I<def_purpose> and I<purpose> arguments can have the same
	212	the same time.
	213	Both I<ctx> and its internal verification parameter pointer must not be NULL.
	214	The I<def_purpose> and I<purpose> arguments can have the same
213	215	purpose values as described for X509_STORE_CTX_set_purpose() above. The I<trust>
214	216	argument can have the same trust values as described in
215	217	X509_STORE_CTX_set_trust() above. Any of the I<def_purpose>, I<purpose> or
216	218	I<trust> values may also have the value 0 to indicate that the supplied
217	219	parameter should be ignored. After calling this function the purpose to be used
218		for verification is set from the I<purpose> argument, and the trust is set from
219		the I<trust> argument. If I<trust> is 0 then the trust value will be set from
	220	for verification is set from the I<purpose> argument unless the purpose was
	221	already set in I<ctx> before, and the trust is set from the I<trust> argument
	222	unless the trust was already set in I<ctx> before.
	223	If I<trust> is 0 then the trust value will be set from
220	224	the default trust value for I<purpose>. If the default trust value for the
221	225	purpose is I<X509_TRUST_DEFAULT> and I<trust> is 0 then the default trust value
222	226	associated with the I<def_purpose> value is used for the trust setting instead.

+2

-2

doc/man3/X509_STORE_add_cert.pod less more

114	114	uses NULL for the library context I<libctx> and property query I<propq>.
115	115
116	116	X509_STORE_load_locations_ex() combines
117		X509_STORE_load_file_ex() and X509_STORE_load_dir() for a given file
	117	X509_STORE_load_file_ex() and X509_STORE_load_path() for a given file
118	118	and/or directory path.
119	119	It is permitted to specify just a file, just a directory, or both
120	120	paths.

161	161
162	162	=head1 COPYRIGHT
163	163
164		Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	164	Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
165	165
166	166	Licensed under the Apache License 2.0 (the "License"). You may not use
167	167	this file except in compliance with the License. You can obtain a copy

+22

-17

doc/man3/X509_cmp_time.pod less more

2	2	=head1 NAME
3	3
4	4	X509_cmp_time, X509_cmp_current_time, X509_cmp_timeframe,
5		X509_time_adj, X509_time_adj_ex
	5	X509_time_adj, X509_time_adj_ex, X509_gmtime_adj
6	6	- X509 time functions
7	7
8	8	=head1 SYNOPSIS

14	14	ASN1_TIME X509_time_adj(ASN1_TIME asn1_time, long offset_sec, time_t *in_tm);
15	15	ASN1_TIME X509_time_adj_ex(ASN1_TIME asn1_time, int offset_day, long
16	16	offset_sec, time_t *in_tm);
	17	ASN1_TIME X509_gmtime_adj(ASN1_TIME asn1_time, long offset_sec);
17	18
18	19	=head1 DESCRIPTION
19	20
20		X509_cmp_time() compares the ASN1_TIME in B<asn1_time> with the time
	21	X509_cmp_time() compares the ASN1_TIME in I<asn1_time> with the time
21	22	in <in_tm>.
22	23
23	24	X509_cmp_current_time() compares the ASN1_TIME in
24		B<asn1_time> with the current time, expressed as time_t.
	25	I<asn1_time> with the current time, expressed as time_t.
25	26
26	27	X509_cmp_timeframe() compares the given time period with the reference time
27		included in the verification parameters B<vpm> if they are not NULL and contain
	28	included in the verification parameters I<vpm> if they are not NULL and contain
28	29	B<X509_V_FLAG_USE_CHECK_TIME>; else the current time is used as reference time.
29	30
30		X509_time_adj_ex() sets the ASN1_TIME structure B<asn1_time> to the time
31		B<offset_day> and B<offset_sec> after B<in_tm>.
	31	X509_time_adj_ex() sets the ASN1_TIME structure I<asn1_time> to the time
	32	I<offset_day> and I<offset_sec> after I<in_tm>.
32	33
33		X509_time_adj() sets the ASN1_TIME structure B<asn1_time> to the time
34		B<offset_sec> after B<in_tm>. This method can only handle second
	34	X509_time_adj() sets the ASN1_TIME structure I<asn1_time> to the time
	35	I<offset_sec> after I<in_tm>. This method can only handle second
35	36	offsets up to the capacity of long, so the newer X509_time_adj_ex()
36	37	API should be preferred.
37	38
38		In both methods, if B<asn1_time> is NULL, a new ASN1_TIME structure
	39	In both methods, if I<asn1_time> is NULL, a new ASN1_TIME structure
39	40	is allocated and returned.
40	41
41		In all methods, if B<in_tm> is NULL, the current time, expressed as
	42	In all methods, if I<in_tm> is NULL, the current time, expressed as
42	43	time_t, is used.
43	44
44		B<asn1_time> must satisfy the ASN1_TIME format mandated by RFC 5280,
	45	I<asn1_time> must satisfy the ASN1_TIME format mandated by RFC 5280,
45	46	i.e., its format must be either YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ.
	47
	48	X509_gmtime_adj() sets the ASN1_TIME structure I<asn1_time> to the time
	49	I<offset_sec> after the current time. It is equivalent to calling
	50	X509_time_adj() with the last parameter as NULL.
46	51
47	52	=head1 BUGS
48	53

51	56
52	57	=head1 RETURN VALUES
53	58
54		X509_cmp_time() and X509_cmp_current_time() return -1 if B<asn1_time>
55		is earlier than, or equal to, B<in_tm> (resp. current time), and 1
	59	X509_cmp_time() and X509_cmp_current_time() return -1 if I<asn1_time>
	60	is earlier than, or equal to, I<in_tm> (resp. current time), and 1
56	61	otherwise. These methods return 0 on error.
57	62
58		X509_cmp_timeframe() returns 0 if B<vpm> is not NULL and the verification
	63	X509_cmp_timeframe() returns 0 if I<vpm> is not NULL and the verification
59	64	parameters do not contain B<X509_V_FLAG_USE_CHECK_TIME>
60	65	but do contain B<X509_V_FLAG_NO_CHECK_TIME>. Otherwise it returns
61	66	1 if the end time is not NULL and the reference time (which has determined as

63	68	reference time is before, else 0 to indicate that the reference time is in range
64	69	(implying that the end time is not before the start time if both are present).
65	70
66		X509_time_adj() and X509_time_adj_ex() return a pointer to the updated
67		ASN1_TIME structure, and NULL on error.
	71	X509_time_adj(), X509_time_adj_ex() and X509_gmtime_adj() return a pointer to
	72	the updated ASN1_TIME structure, and NULL on error.
68	73
69	74	=head1 HISTORY
70	75

72	77
73	78	=head1 COPYRIGHT
74	79
75		Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
	80	Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
76	81
77	82	Licensed under the Apache License 2.0 (the "License"). You may not use
78	83	this file except in compliance with the License. You can obtain a copy

+36

-33

doc/man3/X509v3_get_ext_by_NID.pod less more

40	40	int X509_CRL_get_ext_count(const X509_CRL *x);
41	41	X509_EXTENSION X509_CRL_get_ext(const X509_CRL x, int loc);
42	42	int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
43		int X509_CRL_get_ext_by_OBJ(const X509_CRL x, const ASN1_OBJECT obj, int lastpos);
	43	int X509_CRL_get_ext_by_OBJ(const X509_CRL x, const ASN1_OBJECT obj,
	44	int lastpos);
44	45	int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
45	46	X509_EXTENSION X509_CRL_delete_ext(X509_CRL x, int loc);
46	47	int X509_CRL_add_ext(X509_CRL x, X509_EXTENSION ex, int loc);

56	57
57	58	=head1 DESCRIPTION
58	59
59		X509v3_get_ext_count() retrieves the number of extensions in B<x>.
	60	X509v3_get_ext_count() retrieves the number of extensions in I<x>.
60	61
61		X509v3_get_ext() retrieves extension B<loc> from B<x>. The index B<loc>
62		can take any value from B<0> to X509_get_ext_count(x) - 1. The returned
63		extension is an internal pointer which B<must not> be freed up by the
	62	X509v3_get_ext() retrieves extension I<loc> from I<x>. The index I<loc>
	63	can take any value from 0 to X509_get_ext_count(I<x>) - 1. The returned
	64	extension is an internal pointer which B<MUST NOT> be freed by the
64	65	application.
65	66
66	67	X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension
67		with B<nid> or B<obj> from extension stack B<x>. The search starts from the
68		extension after B<lastpos> or from the beginning if <lastpos> is B<-1>. If
69		the extension is found its index is returned otherwise B<-1> is returned.
	68	with I<nid> or I<obj> from extension STACK I<x>. The search starts from the
	69	extension after I<lastpos> or from the beginning if I<lastpos> is -1. If
	70	the extension is found, its index is returned, otherwise -1 is returned.
70	71
71	72	X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it
72		looks for an extension of criticality B<crit>. A zero value for B<crit>
73		looks for a non-critical extension a nonzero value looks for a critical
	73	looks for an extension of criticality I<crit>. A zero value for I<crit>
	74	looks for a non-critical extension. A nonzero value looks for a critical
74	75	extension.
75	76
76		X509v3_delete_ext() deletes the extension with index B<loc> from B<x>.
	77	X509v3_delete_ext() deletes the extension with index I<loc> from I<x>.
77	78	The deleted extension is returned and must be freed by the caller.
78		If B<loc> is in invalid index value B<NULL> is returned.
	79	If I<loc> is an invalid index value, NULL is returned.
79	80
80		X509v3_add_ext() adds extension B<ex> to stack B<*x> at position B<loc>. If
81		B<loc> is B<-1> the new extension is added to the end. If B<*x> is B<NULL>
82		a new stack will be allocated. The passed extension B<ex> is duplicated
	81	X509v3_add_ext() adds extension I<ex> to STACK I<*x> at position I<loc>. If
	82	I<loc> is -1, the new extension is added to the end. If I<*x> is NULL,
	83	a new STACK will be allocated. The passed extension I<ex> is duplicated
83	84	internally so it must be freed after use.
84	85
85	86	X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(),
86	87	X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext()
87		and X509_add_ext() operate on the extensions of certificate B<x> they are
	88	and X509_add_ext() operate on the extensions of certificate I<x>. They are
88	89	otherwise identical to the X509v3 functions.
89	90
90	91	X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(),
91	92	X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(),
92	93	X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of
93		CRL B<x> they are otherwise identical to the X509v3 functions.
	94	CRL I<x>. They are otherwise identical to the X509v3 functions.
94	95
95	96	X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(),
96	97	X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(),
97	98	X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and
98		X509_REVOKED_add_ext() operate on the extensions of CRL entry B<x>
99		they are otherwise identical to the X509v3 functions.
	99	X509_REVOKED_add_ext() operate on the extensions of CRL entry I<x>.
	100	They are otherwise identical to the X509v3 functions.
100	101
101	102	=head1 NOTES
102	103
103		These functions are used to examine stacks of extensions directly. Many
104		applications will want to parse or encode and add an extension: they should
105		use the extension encode and decode functions instead such as
	104	These functions are used to examine stacks of extensions directly.
	105	Applications that want to parse or encode and add an extension should
	106	use the extension encode and decode functions instead, such as
106	107	X509_add1_ext_i2d() and X509_get_ext_d2i().
107	108
108		Extension indices start from zero, so a zero index return value is B<not> an
109		error. These search functions start from the extension B<after> the B<lastpos>
110		parameter so it should initially be set to B<-1>, if it is set to zero the
111		initial extension will not be checked.
112
113		=head1 BUGS
	109	For X509v3_get_ext_by_NID(), X509v3_get_ext_by_OBJ(),
	110	X509v3_get_ext_by_critical() and its variants, a zero index return value
	111	is not an error since extension STACK I<x> indices start from zero.
	112	These search functions start from the extension B<after> the I<lastpos> parameter
	113	so it should initially be set to -1. If it is set to zero, the initial extension
	114	will not be checked.
114	115
115	116	X509v3_delete_ext() and its variants are a bit counter-intuitive
116	117	because these functions do not free the extension they delete.
	118	They return an B<X509_EXTENSION> object which must be explicitly freed
	119	using X509_EXTENSION_free().
117	120
118	121	=head1 RETURN VALUES
119	122
120	123	X509v3_get_ext_count() returns the extension count.
121	124
122	125	X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an
123		B<X509_EXTENSION> pointer or B<NULL> if an error occurs.
	126	B<X509_EXTENSION> structure or NULL if an error occurs.
124	127
125		X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and
126		X509v3_get_ext_by_critical() return the an extension index or B<-1> if an
	128	X509v3_get_ext_by_NID(), X509v3_get_ext_by_OBJ() and
	129	X509v3_get_ext_by_critical() return the extension index or -1 if an
127	130	error occurs.
128	131
129		X509v3_add_ext() returns a stack of extensions or B<NULL> on error.
	132	X509v3_add_ext() returns a STACK of extensions or NULL on error.
130	133
131	134	X509_add_ext() returns 1 on success and 0 on error.
132	135

136	139
137	140	=head1 COPYRIGHT
138	141
139		Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	142	Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
140	143
141	144	Licensed under the Apache License 2.0 (the "License"). You may not use
142	145	this file except in compliance with the License. You can obtain a copy

+3

-3

doc/man7/EVP_CIPHER-AES.pod less more

26	26
27	27	=item "AES-128-ECB", "AES-192-ECB" and "AES-256-ECB"
28	28
29		=item "AES-192-OCB", "AES-128-OCB" and "AES-256-OCB"
	29	=item "AES-192-OFB", "AES-128-OFB" and "AES-256-OFB"
30	30
31	31	=item "AES-128-SIV", "AES-192-SIV" and "AES-256-SIV"
32	32

51	51
52	52	=over 4
53	53
54		=item "AES-128-OFB", "AES-192-OFB" and "AES-256-OFB"
	54	=item "AES-128-OCB", "AES-192-OCB" and "AES-256-OCB"
55	55
56	56	=back
57	57

66	66
67	67	=head1 COPYRIGHT
68	68
69		Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	69	Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
70	70
71	71	Licensed under the Apache License 2.0 (the "License"). You may not use
72	72	this file except in compliance with the License. You can obtain a copy

+3

-3

doc/man7/EVP_KDF-X942-ASN1.pod less more

29	29
30	30	These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.
31	31
32		=item "key" (B<OSSL_KDF_PARAM_KEY>) <octet string>
	32	=item "secret" (B<OSSL_KDF_PARAM_SECRET>) <octet string>
33	33
34	34	The shared secret used for key derivation. This parameter sets the secret.
35	35

59	59	An optional octet string containing some additional, mutually-known public
60	60	information. Setting this value also sets "use-keybits" to 0.
61	61
62		=item "use-keybits" (B<OSSL_KDF_PARAM_X942_SUPP_PRIVINFO>) <integer>
	62	=item "use-keybits" (B<OSSL_KDF_PARAM_X942_USE_KEYBITS>) <integer>
63	63
64	64	The default value of 1 will use the KEK key length (in bits) as the
65	65	"supp-pubinfo". A value of 0 disables setting the "supp-pubinfo".

140	140
141	141	=head1 COPYRIGHT
142	142
143		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	143	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
144	144
145	145	Licensed under the Apache License 2.0 (the "License"). You may not use
146	146	this file except in compliance with the License. You can obtain a copy

+6

-2

doc/man7/EVP_MD-RIPEMD160.pod less more

9	9
10	10	=head2 Identities
11	11
12		This implementation is only available with the legacy provider, and is
	12	This implementation is available in both the default and legacy providers, and is
13	13	identified with any of the names "RIPEMD-160", "RIPEMD160", "RIPEMD" and
14	14	"RMD160".
15	15

22	22
23	23	L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
24	24
	25	=head1 HISTORY
	26
	27	This digest was added to the default provider in OpenSSL 3.0.7.
	28
25	29	=head1 COPYRIGHT
26	30
27		Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
	31	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
28	32
29	33	Licensed under the Apache License 2.0 (the "License"). You may not use
30	34	this file except in compliance with the License. You can obtain a copy

+13

-3

doc/man7/EVP_MD-SHAKE.pod less more

14	14
15	15	=head2 Identities
16	16
17		This implementation is only available with the default provider, and
18		includes the following varieties:
	17	This implementation is available in the FIPS provider as well as the default
	18	provider, and includes the following varieties:
19	19
20	20	=over 4
21	21
22	22	=item KECCAK-KMAC-128
23	23
24	24	Known names are "KECCAK-KMAC-128" and "KECCAK-KMAC128"
	25	This is used by L<EVP_MAC-KMAC128(7)>
25	26
26	27	=item KECCAK-KMAC-256
27	28
28	29	Known names are "KECCAK-KMAC-256" and "KECCAK-KMAC256"
	30	This is used by L<EVP_MAC-KMAC256(7)>
29	31
30	32	=item SHAKE-128
31	33

54	56	Sets the digest length for extendable output functions.
55	57	The length of the "xoflen" parameter should not exceed that of a B<size_t>.
56	58
	59	For backwards compatibility reasons the default xoflen length for SHAKE-128 is
	60	16 (bytes) which results in a security strength of only 64 bits. To ensure the
	61	maximum security strength of 128 bits, the xoflen should be set to at least 32.
	62
	63	For backwards compatibility reasons the default xoflen length for SHAKE-256 is
	64	32 (bytes) which results in a security strength of only 128 bits. To ensure the
	65	maximum security strength of 256 bits, the xoflen should be set to at least 64.
	66
57	67	=back
58	68
59	69	=head1 SEE ALSO

62	72
63	73	=head1 COPYRIGHT
64	74
65		Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
	75	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
66	76
67	77	Licensed under the Apache License 2.0 (the "License"). You may not use
68	78	this file except in compliance with the License. You can obtain a copy

+3

-1

doc/man7/EVP_PKEY-EC.pod less more

109	109
110	110	=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>
111	111
112		The public key value in EC point format.
	112	The public key value in encoded EC point format. This parameter is used
	113	when importing or exporting the public key value with the EVP_PKEY_fromdata()
	114	and EVP_PKEY_todata() functions.
113	115
114	116	=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <unsigned integer>
115	117

+6

-4

doc/man7/EVP_SIGNATURE-RSA.pod less more

48	48	Sets the name of the property query associated with the "mgf1-digest" algorithm.
49	49	NULL is used if this optional value is not set.
50	50
51		=item "pss-saltlen" (B<OSSL_SIGNATURE_PARAM_PSS_SALTLEN>) <UTF8 string>
	51	=item "saltlen" (B<OSSL_SIGNATURE_PARAM_PSS_SALTLEN>) <integer> or <UTF8 string>
52	52
53		Set or get the "pss" mode minimum salt length. The value can either be a string
54		value representing a number or one of the following:
	53	The "pss" mode minimum salt length. The value can either be an integer,
	54	a string value representing a number or one of the following string values:
55	55
56	56	=over 4
57	57

86	86
87	87	=item "mgf1-digest" (B<OSSL_SIGNATURE_PARAM_MGF1_DIGEST>) <UTF8 string>
88	88
	89	=item "saltlen" (B<OSSL_SIGNATURE_PARAM_PSS_SALTLEN>) <integer> or <UTF8 string>
	90
89	91	These parameters are as described above.
90	92
91	93	=back

99	101
100	102	=head1 COPYRIGHT
101	103
102		Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	104	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
103	105
104	106	Licensed under the Apache License 2.0 (the "License"). You may not use
105	107	this file except in compliance with the License. You can obtain a copy

+6

-0

doc/man7/OSSL_PROVIDER-default.pod less more

68	68
69	69	=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
70	70
	71	=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)>
	72
71	73	=back
72	74
73	75	=head2 Symmetric Ciphers

239	241
240	242	L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>,
241	243	L<OSSL_PROVIDER-base(7)>
	244
	245	=head1 HISTORY
	246
	247	The RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7.
242	248
243	249	=head1 COPYRIGHT
244	250

+1

-1

doc/man7/migration_guide.pod less more

1193	1193
1194	1194	BN_is_prime_ex(), BN_is_prime_fasttest_ex()
1195	1195
1196		Use L<BN_check_prime(3)> which that avoids possible misuse and always uses at least
	1196	Use L<BN_check_prime(3)> which avoids possible misuse and always uses at least
1197	1197	64 rounds of the Miller-Rabin primality test.
1198	1198
1199	1199	=item *

+1

-1

e_os.h less more

286	286	/* end vxworks */
287	287
288	288	/* system-specific variants defining ossl_sleep() */
289		#ifdef OPENSSL_SYS_UNIX
	289	#if defined(OPENSSL_SYS_UNIX) \|\| defined(__DJGPP__)
290	290	# include <unistd.h>
291	291	static ossl_inline void ossl_sleep(unsigned long millis)
292	292	{

+1

-1

include/crypto/evp.h less more

364	364	return 1;\
365	365	}
366	366
367		#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
	367	#define EVP_MAXCHUNK ((size_t)1 << 30)
368	368
369	369	#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
370	370	static int cname##_ofb_cipher(EVP_CIPHER_CTX ctx, unsigned char out, const unsigned char *in, size_t inl) \

+5

-5

include/crypto/rand.h less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

107	107	/*
108	108	* Get and cleanup random seed material.
109	109	*/
110		size_t ossl_rand_get_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
	110	size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle,
111	111	unsigned char **pout, int entropy,
112	112	size_t min_len, size_t max_len);
113		void ossl_rand_cleanup_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
	113	void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle,
114	114	unsigned char *buf, size_t len);
115		size_t ossl_rand_get_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
	115	size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle,
116	116	unsigned char **pout, size_t min_len, size_t max_len,
117	117	const void *salt, size_t salt_len);
118		void ossl_rand_cleanup_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
	118	void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle,
119	119	unsigned char *buf, size_t len);
120	120
121	121	/*

+6

-0

include/internal/core.h less more

29	29	typedef struct ossl_method_construct_method_st {
30	30	/* Get a temporary store */
31	31	void (get_tmp_store)(void *data);
	32	/* Reserve the appropriate method store */
	33	int (lock_store)(void store, void *data);
	34	/* Unreserve the appropriate method store */
	35	int (unlock_store)(void store, void *data);
32	36	/* Get an already existing method from a store */
33	37	void (get)(void store, const OSSL_PROVIDER prov, void data);
34	38	/* Store a method in a store */

49	53	OSSL_PROVIDER *provider,
50	54	int (pre)(OSSL_PROVIDER , int operation_id,
51	55	int no_store, void data, int result),
	56	int (reserve_store)(int no_store, void data),
52	57	void (fn)(OSSL_PROVIDER provider,
53	58	const OSSL_ALGORITHM *algo,
54	59	int no_store, void *data),
	60	int (unreserve_store)(void data),
55	61	int (post)(OSSL_PROVIDER , int operation_id,
56	62	int no_store, void data, int result),
57	63	void *data);

+5

-2

include/internal/ffc.h less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

111	111	*/
112	112	const char *mdname;
113	113	const char *mdprops;
	114	/* Default key length for known named groups according to RFC7919 */
	115	int keylength;
114	116	} FFC_PARAMS;
115	117
116	118	void ossl_ffc_params_init(FFC_PARAMS *params);

204	206	int ossl_ffc_named_group_get_uid(const DH_NAMED_GROUP *group);
205	207	const char ossl_ffc_named_group_get_name(const DH_NAMED_GROUP );
206	208	#ifndef OPENSSL_NO_DH
	209	int ossl_ffc_named_group_get_keylength(const DH_NAMED_GROUP *group);
207	210	const BIGNUM ossl_ffc_named_group_get_q(const DH_NAMED_GROUP group);
208		int ossl_ffc_named_group_set_pqg(FFC_PARAMS ffc, const DH_NAMED_GROUP group);
	211	int ossl_ffc_named_group_set(FFC_PARAMS ffc, const DH_NAMED_GROUP group);
209	212	#endif
210	213
211	214	#endif /* OSSL_INTERNAL_FFC_H */

+37

-2

include/internal/packet.h less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

227	227	return 1;
228	228	}
229	229
	230	/*
	231	* Peek ahead at 8 bytes in network order from \|pkt\| and store the value in
	232	* \|*data\|
	233	*/
	234	__owur static ossl_inline int PACKET_peek_net_8(const PACKET *pkt,
	235	uint64_t *data)
	236	{
	237	if (PACKET_remaining(pkt) < 8)
	238	return 0;
	239
	240	data = ((uint64_t)(pkt->curr)) << 56;
	241	data \|= ((uint64_t)((pkt->curr + 1))) << 48;
	242	data \|= ((uint64_t)((pkt->curr + 2))) << 40;
	243	data \|= ((uint64_t)((pkt->curr + 3))) << 32;
	244	data \|= ((uint64_t)((pkt->curr + 4))) << 24;
	245	data \|= ((uint64_t)((pkt->curr + 5))) << 16;
	246	data \|= ((uint64_t)((pkt->curr + 6))) << 8;
	247	data \|= (pkt->curr + 7);
	248
	249	return 1;
	250	}
	251
230	252	/* Equivalent of n2l */
231	253	/* Get 4 bytes in network order from \|pkt\| and store the value in \|data\| /
232	254	__owur static ossl_inline int PACKET_get_net_4(PACKET pkt, unsigned long data)

249	271	*data = (size_t)i;
250	272
251	273	return ret;
	274	}
	275
	276	/* Get 8 bytes in network order from \|pkt\| and store the value in \|data\| /
	277	__owur static ossl_inline int PACKET_get_net_8(PACKET pkt, uint64_t data)
	278	{
	279	if (!PACKET_peek_net_8(pkt, data))
	280	return 0;
	281
	282	packet_forward(pkt, 8);
	283
	284	return 1;
252	285	}
253	286
254	287	/* Peek ahead at 1 byte from \|pkt\| and store the value in \|data\| /

832	865	* 1 byte will fail. Don't call this directly. Use the convenience macros below
833	866	* instead.
834	867	*/
835		int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t bytes);
	868	int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t bytes);
836	869
837	870	/*
838	871	* Convenience macros for calling WPACKET_put_bytes with different

846	879	WPACKET_put_bytes__((pkt), (val), 3)
847	880	#define WPACKET_put_bytes_u32(pkt, val) \
848	881	WPACKET_put_bytes__((pkt), (val), 4)
	882	#define WPACKET_put_bytes_u64(pkt, val) \
	883	WPACKET_put_bytes__((pkt), (val), 8)
849	884
850	885	/* Set a maximum size that we will not allow the WPACKET to grow beyond */
851	886	int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize);

+4

-0

include/internal/property.h less more

51	51	/* Implementation store functions */
52	52	OSSL_METHOD_STORE ossl_method_store_new(OSSL_LIB_CTX ctx);
53	53	void ossl_method_store_free(OSSL_METHOD_STORE *store);
	54
	55	int ossl_method_lock_store(OSSL_METHOD_STORE *store);
	56	int ossl_method_unlock_store(OSSL_METHOD_STORE *store);
	57
54	58	int ossl_method_store_add(OSSL_METHOD_STORE store, const OSSL_PROVIDER prov,
55	59	int nid, const char properties, void method,
56	60	int (method_up_ref)(void ),

+2

-2

include/internal/sockets.h less more

27	27
28	28	# elif defined(OPENSSL_SYS_WINDOWS) \|\| defined(OPENSSL_SYS_MSDOS)
29	29	# if defined(__DJGPP__)
	30	# define WATT32
	31	# define WATT32_NO_OLDIES
30	32	# include <sys/socket.h>
31	33	# include <sys/un.h>
32	34	# include <tcp.h>

133	135	# define readsocket(s,b,n) recv((s),(b),(n),0)
134	136	# define writesocket(s,b,n) send((s),(b),(n),0)
135	137	# elif defined(__DJGPP__)
136		# define WATT32
137		# define WATT32_NO_OLDIES
138	138	# define closesocket(s) close_s(s)
139	139	# define readsocket(s,b,n) read_s(s,b,n)
140	140	# define writesocket(s,b,n) send(s,b,n,0)

+1

-0

include/openssl/bio.h.in less more

795	795
796	796	# define ossl_bio__attr__(x)
797	797	# if defined(__GNUC__) && defined(__STDC_VERSION__) \
	798	&& !defined(__MINGW32__) && !defined(__MINGW64__) \
798	799	&& !defined(__APPLE__)
799	800	/*
800	801	* Because we support the 'z' modifier, which made its appearance in C99,

+13

-1

include/openssl/err.h.in less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

324	324	# define ERR_R_DSA_LIB (ERR_LIB_DSA/* 10 */ \| ERR_RFLAG_COMMON)
325	325	# define ERR_R_X509_LIB (ERR_LIB_X509/* 11 */ \| ERR_RFLAG_COMMON)
326	326	# define ERR_R_ASN1_LIB (ERR_LIB_ASN1/* 13 */ \| ERR_RFLAG_COMMON)
	327	# define ERR_R_CONF_LIB (ERR_LIB_CONF/* 14 */ \| ERR_RFLAG_COMMON)
327	328	# define ERR_R_CRYPTO_LIB (ERR_LIB_CRYPTO/* 15 */ \| ERR_RFLAG_COMMON)
328	329	# define ERR_R_EC_LIB (ERR_LIB_EC/* 16 */ \| ERR_RFLAG_COMMON)
	330	# define ERR_R_SSL_LIB (ERR_LIB_SSL/* 20 */ \| ERR_RFLAG_COMMON)
329	331	# define ERR_R_BIO_LIB (ERR_LIB_BIO/* 32 */ \| ERR_RFLAG_COMMON)
330	332	# define ERR_R_PKCS7_LIB (ERR_LIB_PKCS7/* 33 */ \| ERR_RFLAG_COMMON)
331	333	# define ERR_R_X509V3_LIB (ERR_LIB_X509V3/* 34 */ \| ERR_RFLAG_COMMON)
	334	# define ERR_R_PKCS12_LIB (ERR_LIB_PKCS12/* 35 */ \| ERR_RFLAG_COMMON)
	335	# define ERR_R_RAND_LIB (ERR_LIB_RAND/* 36 */ \| ERR_RFLAG_COMMON)
	336	# define ERR_R_DSO_LIB (ERR_LIB_DSO/* 37 */ \| ERR_RFLAG_COMMON)
332	337	# define ERR_R_ENGINE_LIB (ERR_LIB_ENGINE/* 38 */ \| ERR_RFLAG_COMMON)
333	338	# define ERR_R_UI_LIB (ERR_LIB_UI/* 40 */ \| ERR_RFLAG_COMMON)
334	339	# define ERR_R_ECDSA_LIB (ERR_LIB_ECDSA/* 42 */ \| ERR_RFLAG_COMMON)
335	340	# define ERR_R_OSSL_STORE_LIB (ERR_LIB_OSSL_STORE/* 44 */ \| ERR_RFLAG_COMMON)
	341	# define ERR_R_CMS_LIB (ERR_LIB_CMS/* 46 */ \| ERR_RFLAG_COMMON)
	342	# define ERR_R_TS_LIB (ERR_LIB_TS/* 47 */ \| ERR_RFLAG_COMMON)
	343	# define ERR_R_CT_LIB (ERR_LIB_CT/* 50 */ \| ERR_RFLAG_COMMON)
	344	# define ERR_R_PROV_LIB (ERR_LIB_PROV/* 57 */ \| ERR_RFLAG_COMMON)
	345	# define ERR_R_ESS_LIB (ERR_LIB_ESS/* 54 */ \| ERR_RFLAG_COMMON)
	346	# define ERR_R_CMP_LIB (ERR_LIB_CMP/* 58 */ \| ERR_RFLAG_COMMON)
	347	# define ERR_R_OSSL_ENCODER_LIB (ERR_LIB_OSSL_ENCODER/* 59 */ \| ERR_RFLAG_COMMON)
336	348	# define ERR_R_OSSL_DECODER_LIB (ERR_LIB_OSSL_DECODER/* 60 */ \| ERR_RFLAG_COMMON)
337	349
338	350	/* Other common error codes, range 256..2^ERR_RFLAGS_OFFSET-1 */

+5

-1

providers/defltprov.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

146	146	{ PROV_NAMES_MD5, "provider=default", ossl_md5_functions },
147	147	{ PROV_NAMES_MD5_SHA1, "provider=default", ossl_md5_sha1_functions },
148	148	#endif /* OPENSSL_NO_MD5 */
	149
	150	#ifndef OPENSSL_NO_RMD160
	151	{ PROV_NAMES_RIPEMD_160, "provider=default", ossl_ripemd160_functions },
	152	#endif /* OPENSSL_NO_RMD160 */
149	153
150	154	{ PROV_NAMES_NULL, "provider=default", ossl_nullmd_functions },
151	155	{ NULL, NULL, NULL }

+2

-2

providers/fips/self_test.c less more

103	103	return TRUE;
104	104	}
105	105
106		#elif defined(__GNUC__)
	106	#elif defined(__GNUC__) && !defined(_AIX)
107	107	# undef DEP_INIT_ATTRIBUTE
108	108	# undef DEP_FINI_ATTRIBUTE
109	109	# define DEP_INIT_ATTRIBUTE static __attribute__((constructor))

113	113	# pragma init(init)
114	114	# pragma fini(cleanup)
115	115
116		#elif defined(_AIX)
	116	#elif defined(_AIX) && !defined(__GNUC__)
117	117	void _init(void);
118	118	void _cleanup(void);
119	119	# pragma init(_init)

+5

-5

providers/fips/self_test_data.inc less more

1269	1269	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1270	1270	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1271	1271	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1272		ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
1273		ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
1274		ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
1275		ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
1276		ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
	1272	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p),
	1273	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q),
	1274	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp),
	1275	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq),
	1276	ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv),
1277	1277	ST_KAT_PARAM_END()
1278	1278	};
1279	1279

+47

-47

providers/fips-sources.checksums less more

20	20	c7c6694480bb5319690f94826139a93f5c460ebea6dba101b520a76cb956ec93 crypto/aes/asm/aesni-x86_64.pl
21	21	f3a8f3c960c0f47aaa8fc2633d18b14e7c7feeccc536b0115a08bc58333122b6 crypto/aes/asm/aesp8-ppc.pl
22	22	e397a5781893e97dd90a5a52049633be12a43f379ec5751bca2a6350c39444c8 crypto/aes/asm/aest4-sparcv9.pl
23		fbee40f89882019c0f03072f92fccd5cfc79bfebea2ff675909e731d0e71d622 crypto/aes/asm/aesv8-armx.pl
	23	90d53250761de35280f57463855b1a41403c68dfe22771b2f622c5c9b3418eb4 crypto/aes/asm/aesv8-armx.pl
24	24	15cf92ba0ea6fb216c75bb0c134fa1e1b4159a3f9d3c571b2a8319252c4ae633 crypto/aes/asm/bsaes-armv7.pl
25	25	0726a2c4c15c27a12b2f7d5e16863df4a1b1daa7b7d9b728f621b2b224d290e6 crypto/aes/asm/bsaes-x86_64.pl
26	26	1ff94d6bf6c8ae4809f64657eb89260fe3cb22137f649d3c73f72cb190258196 crypto/aes/asm/vpaes-armv8.pl

45	45	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 crypto/bn/asm/ppc64-mont-fixed.pl
46	46	a25be64867ab837d93855af232e2bfa71b85b2c6f00e35e620fdc5618187fb6f crypto/bn/asm/ppc64-mont.pl
47	47	231579e532443665020d4d522d9f11713d9c5d5c814b95b434b0f65452e16de4 crypto/bn/asm/rsaz-avx2.pl
48		8e193a1457ca30823f6172c9ec4568c1628c57c10ee12b88c7656adcc5f54491 crypto/bn/asm/rsaz-avx512.pl
	48	1657600d320ea549b527b2d878a7658533d60d26eeb38f42ea470fc612f9bb53 crypto/bn/asm/rsaz-avx512.pl
49	49	31e84dc905b13e38850071528d3abbfcaf8910bbc8b46f38d19c2b386a5f838e crypto/bn/asm/rsaz-x86_64.pl
50	50	30fedf48dfc5fec1c2044b6c226dd9fc42a92522cc589797a23a79d452bdd2cf crypto/bn/asm/s390x-gf2m.pl
51	51	590388d69d7ac3a0e9af4014792f4f0fdb9552719e8fb48ebc7e5dfca2a491d4 crypto/bn/asm/s390x-mont.pl

85	85	2da73a76b746a47d8cf8ec8b3e0708c2a34e810abde4b4f1241a49e7f5bb2b60 crypto/bn/bn_mpi.c
86	86	76982b18b0803d59b33168b260677e7412970757d3b9513de5c80025290f211d crypto/bn/bn_mul.c
87	87	4e3bf49a788ec36cd1d919475bc410a743931aa144e7c60d603e9c0b448faab4 crypto/bn/bn_nist.c
88		0d85203a3bd9ba7ebf711885cfb621eefb27002f5cb4ef2adfe4f49c7dd7b4a6 crypto/bn/bn_prime.c
	88	c6760a724d696b7209f0a71f8483fabcf4f081f7e93e2628284c32ef78f69365 crypto/bn/bn_prime.c
89	89	c56ad3073108a0de21c5820a48beae2bccdbf5aa8075ec21738878222eb9adc3 crypto/bn/bn_prime.h
90		18779263932eb2bf50728b9758fc83b1e721a1d22aa75d6443c80591ccd9bb79 crypto/bn/bn_rand.c
	90	eeeb2f85b60ae10e00907335032724f6ce198eb319e7a81f8eddaef0f67db6e3 crypto/bn/bn_rand.c
91	91	1f6e13da1d9965b341f81bc0842a987a7db9b7de0fa7f7040d49be01b92d282b crypto/bn/bn_recp.c
92	92	626226d4dae8e19530a60d8a94b270b262740550787fc46f686b301a043c705b crypto/bn/bn_rsa_fips186_4.c
93	93	704b0b4723e5c9e9bae5f3e35f9ae8ae8dca3383929e954de9e5169845abfdb2 crypto/bn/bn_shift.c

96	96	24e62baa56e02f2db6454e10168b7c7fa7638db9221b9acda1803d43f38f36e0 crypto/bn/bn_word.c
97	97	be27115efd36f0077a3ec26b1ff1f586b0b8969ba05d8ffa34b2ff4badf227bf crypto/bn/rsaz_exp.c
98	98	c4d64da1cdc732ea918fccd6a7bb2746b03365dd26f7ba1e74e08c307ca4c58e crypto/bn/rsaz_exp.h
99		933eec28f16b82d3ef56fe01e99b81d7b40cf49caecee4fa4a69389ea101dc4f crypto/bn/rsaz_exp_x2.c
	99	d231fa689f53994616b9ef1f661e4f90333184deae324d5d4a218aad891c500d crypto/bn/rsaz_exp_x2.c
100	100	834db8ff36006e5cb53e09ca6c44290124bd23692f4341ea6563b66fcade4cea crypto/bsearch.c
101	101	c39334b70e1394e43f378ae8d31b6e6dc125e4d9181e6536d38e649c4eaadb75 crypto/buffer/buffer.c
102	102	0e1a41a2d81b5765bca3df448f60bf1fad91e485fe89dd65a7300ffc419e316d crypto/cmac/cmac.c
103	103	58068d6533fed9359b164ddc9711b2dd7b2a76f32ad94103d91dbe3462ac95d8 crypto/context.c
104		a6bfcf4960a0d2dc4d4888bbd3d558d8d1464d219721b6739cc7ef67191f0a11 crypto/core_algorithm.c
105		9f5ac75f2f84160ca11e7b630f4f6ab0398a1d11267a4984e66e3a4d4624beb5 crypto/core_fetch.c
	104	c309d81ea991ddf5be4337afad2fd132169f7443c76f863349d3f3c82f3374e4 crypto/core_algorithm.c
	105	f0fd9eb38bf7f196bbb4d26ce8fdf86d0a4f9db219157e66b2c0ffefb4f42005 crypto/core_fetch.c
106	106	02670d631bf0f34cca1e3477079d7fe5de4e03c391cf3992986f44f55319597c crypto/core_namemap.c
107	107	469e2f53b5f76cd487a60d3d4c44c8fc3a6c4d08405597ba664661ba485508d3 crypto/cpuid.c
108	108	71f0fff881eb4c5505fb17662f0ea4bbff24c6858c045a013ad8f786b07da5c4 crypto/cryptlib.c

118	118	816472a54c273906d0a2b58650e0b9d28cc2c8023d120f0d77160f1fe34c4ca3 crypto/dh/dh_backend.c
119	119	d2d0569bea2598bd405f23b60e5283a6ce353f1145a25ff8f28cf15711743156 crypto/dh/dh_check.c
120	120	7838e9a35870b0fbcba0aff2f52a2439f64d026e9922bce6e5978c2f22c51120 crypto/dh/dh_gen.c
121		129ee295875e68ad444070b0676f1021eb254cbd87ab22d6baaf7e4e6e59a40b crypto/dh/dh_group_params.c
	121	6b17861887b2535159b9e6ca4f927767dad3e71b6e8be50055bc784f78e92d64 crypto/dh/dh_group_params.c
122	122	a5cf5cb464b40f1bc5457dc2a6f2c5ec0f050196603cd2ba7037a23ab64adbf7 crypto/dh/dh_kdf.c
123	123	0afa7dd237f9b21b0cfb0de10505facd57eb07ded905d888d43a1de2356d4002 crypto/dh/dh_key.c
124	124	b0046b2c4e1d74ff4e93f2486a00f63728909b8a75cbdd29b9100e607f97995c crypto/dh/dh_lib.c

164	164	86e2becf9b3870979e2abefa1bd318e1a31820d275e2b50e03b17fc287abb20a crypto/ec/ec_check.c
165	165	265f911b9d4aada326a2d52cd8a589b556935c8b641598dcd36c6f85d29ce655 crypto/ec/ec_curve.c
166	166	8cfd0dcfb5acbf6105691a2d5e2826dba1ff3906707bc9dd6ff9bffcc306468f crypto/ec/ec_cvt.c
167		32eea77301ce2a10bbe6f4a0b638770526d073b5c4b7c2efd540f9d1d9b7c7c4 crypto/ec/ec_key.c
	167	95ce53663ab8a1d05bd6f4999f30113e1edce771fb6d218a772fe02de7bdaf4d crypto/ec/ec_key.c
168	168	7e40fc646863e0675bbb90f075b809f61bdf0600d8095c8366858d9533ab7700 crypto/ec/ec_kmeth.c
169	169	bbd6f618c3dfe425ce0ba1c6710fe59418130e06351881162a590475e6438c44 crypto/ec/ec_lib.c
170	170	a8a4690e42b4af60aad822aa8b16196df337906af53ea4db926707f7b596ff27 crypto/ec/ec_local.h

185	185	22c44f561ab42d1bd7fd3a3c538ebaba375a704f98056b035e7949d73963c580 crypto/ec/ecx_key.c
186	186	28abc295dad8888b5482eb61d31cd78dd80545ecb67dc6f9446a36deb8c40a5e crypto/evp/asymcipher.c
187	187	0e75a058dcbbb62cfe39fec6c4a85385dc1a8fce794e4278ce6cebb29763b82b crypto/evp/dh_support.c
188		7fca5ec7c5723b799a7d84d5803071b8f495511e1baf89d430e6800a5228cdad crypto/evp/digest.c
	188	59d514629005748901718e82f2646ecb1d7fbedbc872726749ce9a5af0d205f2 crypto/evp/digest.c
189	189	838277f228cd3025cf95a9cd435e5606ad1fb5d207bbb057aa29892e6a657c55 crypto/evp/ec_support.c
190		8b28b8637ef4d0236b0126c0327dd80b4db102eb783a13d3c9b43300dae5229b crypto/evp/evp_enc.c
191		303dd2567f616c27287af33692f68787a473857f98066a0e2057d1b3169714cd crypto/evp/evp_fetch.c
192		180d533070c843d9cdcc0ddac1c2228d7e0c4ec28685387b67d582ae4dab5858 crypto/evp/evp_lib.c
193		bde9125e5ff6f7a9705e42039e8e879ff32b5244275fe7262deeeea1f1cf387d crypto/evp/evp_local.h
194		e822c16fc4dc30f2c86e8598c721a9ddfe46d318ce78f4e8e883cdcf8b936221 crypto/evp/evp_rand.c
	190	1c3d1b1f800b1f1f5adb1fdbdd67cdf37ca7ea93b264d1468c72a63c140873ce crypto/evp/evp_enc.c
	191	7f10367f9b6191c4a8c01784130d26b2d778485a41cdac5fa17c9a1c4096f132 crypto/evp/evp_fetch.c
	192	d2b6c0e2736f20e4db4b7b8dd2b372de861624f3fed1290ee4c6dde383842071 crypto/evp/evp_lib.c
	193	78f07bf50b6999611a4e9414ab3a20b219b0ab29ca2bd05002d6919a3f67b8eb crypto/evp/evp_local.h
	194	117e679d49d2ae87e49d3c942ff0ce768959e8b9713f84a99025cabba462ccd5 crypto/evp/evp_rand.c
195	195	2a128617ec0178e9eeacbe41d75a5530755f41ea524cd124607543cf73456a0c crypto/evp/evp_utils.c
196		06442eff7fd25971d247fa3a769c6df56f5eb8cdedbd764cd2daa7e0c7ab3f2f crypto/evp/exchange.c
197		a3164e3247e2a38f4f9a20db463779b5260e4e6639ac8eec6e960b265fc8cce5 crypto/evp/kdf_lib.c
	196	ca8c6cfd30efd53f2e5d1f19bcf09a3a3d0dff6d8947c3943d07a3f4b354aa86 crypto/evp/exchange.c
	197	9e25042581b73e295c059c6217f3ecf809134d518eb79b1b67f34e3ca9145677 crypto/evp/kdf_lib.c
198	198	1d72f5506984df1df8606e8c7045f041cf517223e2e1b50c4da8ba8bf1c6c186 crypto/evp/kdf_meth.c
199		38715a14f202e7d24602e5cc19d2f78abbd9f5fa3dde8d7b2bfded907690e18f crypto/evp/kem.c
	199	5179624b8e03615dc9caedc9ec16d094fa081495613dd552d71c2c39475bcd83 crypto/evp/kem.c
200	200	724d2ac784d6f22cb0a382abc23ac0f2d76f2f6831fcd09e101f6f27d0c3e4ed crypto/evp/keymgmt_lib.c
201		3d0a2c5fea0d9bb01a09e1eabc041e3bc76ba4ee90bc0af54ef414e7ca3a531f crypto/evp/keymgmt_meth.c
	201	a976cf4e7bfb61e06a147360b748238010d23efb069d191fd023abc38d9a2af9 crypto/evp/keymgmt_meth.c
202	202	e1a052839b8b70dca20dbac1282d61abd1c415bf4fb6afb56b811e8770d8a2e1 crypto/evp/m_sigver.c
203		5b8b0bcd4b720b66ce6bc54090ec333891126bb7f6cce4502daf2333668c3db9 crypto/evp/mac_lib.c
	203	4290c95f63b43688a8da57690d122add5161a6811f9753da1444d28f46739961 crypto/evp/mac_lib.c
204	204	e7e8eb5683cd3fbd409df888020dc353b65ac291361829cc4131d5bc86c9fcb3 crypto/evp/mac_meth.c
205	205	9c5ef2f0b513ad1b8458146efbff80c2b6185626d0571e5aa6a31e471d37d615 crypto/evp/p_lib.c
206	206	3b4228b92eebd04616ecc3ee58684095313dd5ffd1b43cf698a7d6c202cb4622 crypto/evp/pmeth_check.c
207	207	1f0e9e94e9b0ad322956521b438b78d44cfcd8eb974e8921d05f9e21ba1c05cf crypto/evp/pmeth_gn.c
208	208	76511fba789089a50ef87774817a5482c33633a76a94ecf7b6e8eb915585575d crypto/evp/pmeth_lib.c
209		f3a5cbbccb1078cf1fafd74c4caa9f30827081832fbe6dfa5579b17ef809776c crypto/evp/signature.c
	209	4b2dbddf0f9ceed34c3822347138be754fb194febca1c21c46bcc3a5cce33674 crypto/evp/signature.c
210	210	b06cb8fd4bd95aae1f66e1e145269c82169257f1a60ef0f78f80a3d4c5131fac crypto/ex_data.c
211		324feb067d0f8deb4334f3e6518f570114cb388c85b24f9232bd931a64ff0a9e crypto/ffc/ffc_backend.c
212		5fe89ce2ce34848b832a2b5a7ac42c161d7ec214a641b7fb11fb1153f2186f74 crypto/ffc/ffc_dh.c
213		82abf1f9645336b7dff5e3fa153899280ecaa27b3dad50e6a9ba94d871961888 crypto/ffc/ffc_key_generate.c
	211	709d40d5096497349b8b9e2917e949a0a75e6065df62798d1816866ca7e7b4ca crypto/ffc/ffc_backend.c
	212	a12af33e605315cdddd6d759e70cd9632f0f33682b9aa7103ed1ecd354fc7e55 crypto/ffc/ffc_dh.c
	213	854378f57707e31ad02cca6eec94369f91f327288d3665713e249c12f7b13211 crypto/ffc/ffc_key_generate.c
214	214	084ae8e68a9df5785376bb961a998036336ed13092ffd1c4258b56e6a7e0478b crypto/ffc/ffc_key_validate.c
215		ecc0d737ccece492f86262dd45f8f03eef2beacafce8022f91939a372f68ac90 crypto/ffc/ffc_params.c
	215	b18d5d7cfc95163defea41f5a081e90f6a7163a6b81c6cfadb8b470ef2e83fc5 crypto/ffc/ffc_params.c
216	216	5174e008f44909724e0ee7109095ee353e67e9ba77e1ab3bedfcf6eaecab7b6c crypto/ffc/ffc_params_generate.c
217	217	73dac805abab36cd9df53a421221c71d06a366a4ce479fa788be777f11b47159 crypto/ffc/ffc_params_validate.c
218	218	0a4fc92e408b0562cf95c480df93a9907a318a2c92356642903a5d50ed04fd88 crypto/hmac/hmac.c

243	243	e55a816c356b2d526bc6e40c8b81afa02576e4d44c7d7b6bbe444fb8b01aad41 crypto/modes/wrap128.c
244	244	608a04f387be2a509b4d4ad414b7015ab833e56b85020e692e193160f36883a2 crypto/modes/xts128.c
245	245	8aa2504f84a0637b5122f0c963c9d82773ba248bad972ab92be7169995d162b5 crypto/o_str.c
246		7b8d9f5dfe00460df5fbcfd4a5f2f36128020ebd2ced85ff5071b91f98740b2e crypto/packet.c
	246	8ddbbdf43131c10dcd4428aef0eff2b1e98b0410accada0fad41a4925868beef crypto/packet.c
247	247	cc4483ec9ba7a30908e3a433a6817e2f211d4c1f69c206e6bae24bbd39a68281 crypto/param_build.c
248	248	c2fe815fb3fd5efe9a6544cae55f9469063a0f6fb728361737b927f6182ae0bb crypto/param_build_set.c
249	249	02dfeb286c85567bb1b6323a53c089ba66447db97695cc78eceb6677fbc76bf9 crypto/params.c
250	250	4fda13f6af05d80b0ab89ec4f5813c274a21a9b4565be958a02d006236cef05c crypto/params_dup.c
251	251	a0097ff2da8955fe15ba204cb54f3fd48a06f846e2b9826f507b26acf65715c3 crypto/params_from_text.c
252	252	48c20b804e18ede5e45697a766e7dbe6ef6b3da9f58c7b37bd8f293df2ac7d34 crypto/property/defn_cache.c
253		71ad129266bce870fd4a3bd9b6bdab7b0d670674da3bab2d1ad0c05c733a1999 crypto/property/property.c
	253	32539c14a8e4a0992b001e99a79f112746fd518d51edab57ccdec3516715ed4b crypto/property/property.c
254	254	a2c69527b60692a8b07cfdfe7e75f654daa092411d5de5e02b446a4ef3752855 crypto/property/property_local.h
255	255	921305e62749aec22da4843738bee3448b61e7e30d5309beddc7141ad07a8004 crypto/property/property_parse.c
256	256	a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c
257	257	065698c8d88a5facc0cbc02a3bd0c642c94687a8c5dd79901c942138b406067d crypto/property/property_string.c
258		56b4012330c71701f9f1a883723d7a906a07243bf5a678c89245d19864312188 crypto/provider_core.c
	258	9653ec9c1476350a94b9cc7f8be3d99961fd803870c9ac03315298d2909a6a8e crypto/provider_core.c
259	259	d0af10d4091b2032aac1b7db80f8c2e14fa7176592716b25b9437ab6b53c0a89 crypto/provider_local.h
260	260	5ba2e1c74ddcd0453d02e32612299d1eef18eff8493a7606c15d0dc3738ad1d9 crypto/provider_predefined.c
261	261	4e6b7d1d8278067c18bcb5e3ac9b7fe7e9b1d0d03bc5a276275483f541d1a12c crypto/rand/rand_lib.c

327	327	3d972a11be18bfbfcd45790028635d63548bfe0a2e45d2fc56b6051b759d22f0 crypto/sha/sha3.c
328	328	8038a5a97f826f519424db634be5b082b3f7eca3ccb89875ca40fa6bd7dfdcfd crypto/sha/sha512.c
329	329	6c6f0e6069ac98e407a5810b84deace2d1396d252c584703bcd154d1a015c3ea crypto/sha/sha_local.h
330		4f6b66f811144648d6cb6bc26e08779529acbbd563519590c726d0e51699fe96 crypto/sparse_array.c
331		b39e5ba863af36e455cc5864fe8c5d0fc05a6aaef0d528a115951d1248e8fa8b crypto/stack/stack.c
	330	c50c584c55e56347bb43aca4b796b5344d70daece3061f586b79c871c21f5d1a crypto/sparse_array.c
	331	8da78169fa8c09dc3c29c9bf1602b22e88c5eac4815e274ba1864c166e31584b crypto/stack/stack.c
332	332	7b4efa594d8d1f3ecbf4605cf54f72fb296a3b1d951bdc69e415aaa08f34e5c8 crypto/threads_lib.c
333	333	a41ae93a755e2ec89b3cb5b4932e2b508fdda92ace2e025a2650a6da0e9e972c crypto/threads_none.c
334	334	2637a8727dee790812b000f2e02b336f7907949df633dda72938bbaafdb204fe crypto/threads_pthread.c
335		68e1cdeb948d3a106b5a27b76bcddbae6bb053b2bdc4a21a1fec9797a00cd904 crypto/threads_win.c
	335	7959c65c27280cdb1166a30a27c931befd6cfa4ed109094c40eb5a6d253c790c crypto/threads_win.c
336	336	fd6c27cf7c6b5449b17f2b725f4203c4c10207f1973db09fd41571efe5de08fd crypto/x86_64cpuid.pl
337		468184a0f6923228df9f13e76dd8011b76fc47982579c3db36de2715573d5692 e_os.h
	337	0a9c484f640d96e918921f57f592e82e99ccdbe35d3138d64b10c7af839e9a07 e_os.h
338	338	6f353dc7c8c4d8f24f7ffbf920668ccb224ebb5810805a7c80d96770cd858005 include/crypto/aes_platform.h
339	339	8c6f308c1ca774e6127e325c3b80511dbcdc99631f032694d8db53a5c02364ee include/crypto/asn1_dsa.h
340	340	8ce1b35c6924555ef316c7c51d6c27656869e6da7f513f45b7a7051579e3e54d include/crypto/bn.h

347	347	20d99c9a740e4d7d67e23fa4ae4c6a39d114e486c66ad41b65d91a8244cd1dea include/crypto/dsa.h
348	348	2ea47c059e84ce9d14cc31f4faf45f64d631de9e2937aa1d7a83de5571c63574 include/crypto/ec.h
349	349	edbfae8720502a4708983b60eac72aa04f031059f197ada31627cb5e72812858 include/crypto/ecx.h
350		96bc39bfe3f79e81bc22f64a62c16d26c3770a5a3b38cdcec6803e8c064653bf include/crypto/evp.h
	350	41974ef3d365c608cf35310f99f7006f7995f8cc380f316ab4a280772cd092ae include/crypto/evp.h
351	351	bbe5e52d84e65449a13e42cd2d6adce59b8ed6e73d6950917aa77dc1f3f5dff6 include/crypto/lhash.h
352	352	162812058c69f65a824906193057cd3edeabc22f51a4220aea7cb9064379a9b6 include/crypto/md32_common.h
353	353	f12bfc145290444bcc7bf408874bded348e742443c145b8b5bc70ae558d96c31 include/crypto/modes.h
354		0e4472433ca4008aa4fc9234761be70f323a22a4519bb9d62728dc001d606f04 include/crypto/rand.h
	354	8aa4f71ebd9753baceed428e323d5f550d74aff43ab9a55eda7c096d838b8f49 include/crypto/rand.h
355	355	90930fc8788d6e04e57829346e0405293ac7a678c3cef23d0692c742e9586d09 include/crypto/rand_pool.h
356	356	306abf9d327a9e63fff2cdef730275abc4d2781254a032b1f370f3428eb5a2ef include/crypto/rsa.h
357	357	32f0149ab1d82fddbdfbbc44e3078b4a4cc6936d35187e0f8d02cc0bc19f2401 include/crypto/security_bits.h

360	360	5bfeea62d21b7cb43d9a819c5cd2800f02ea019687a8331abf313d615889ad37 include/crypto/types.h
361	361	782a83d4e489fd865e2768a20bfa31e78c2071fd0ceeb9eb077276ae2bcc6590 include/internal/bio.h
362	362	92aacb3e49288f91b44f97e41933e88fe455706e1dd21a365683c2ab545db131 include/internal/constant_time.h
363		b9e3b1e43de2a8b6d9f4b3f153bc78053853763d598082882e85d3b7684c2832 include/internal/core.h
	363	c5bb97f654984130c8b44c09a52395bce0b22985d5dbc9c4d9377d86283f11f8 include/internal/core.h
364	364	d7ddeab97434a21cb2cad1935a3cb130f6cd0b3c75322463d431c5eab3ab1ae1 include/internal/cryptlib.h
365	365	9571cfd3d5666749084b354a6d65adee443deeb5713a58c098c7b03bc69dbc63 include/internal/deprecated.h
366	366	3325b895d15c0a6341f456a8d866a0f83e80fc8a31a01c34fcfd717715b33075 include/internal/der.h
367	367	fd1722d6b79520ee4ac477280d5131eb1b744c3b422fd15f5e737ef966a97c3b include/internal/dso.h
368	368	f144daebef828a5bd4416466257a50f06b894e0ce0adf1601aa381f34f25a9e7 include/internal/dsoerr.h
369	369	70d3e0d5a1bd8db58dcc57bea4d1c3ed816c735fe0e6b2f4b07073712d2dc5ef include/internal/endian.h
370		f3ff7911d2ca3c229ff39aecd21c98c92cd4b7eae2e853175b3abb5b97d24a2e include/internal/ffc.h
	370	557aa7985c8cde8fd9fa59a49f47fa955ec36b36f6fe9edd4bfd3872e3b13a9a include/internal/ffc.h
371	371	100053a1bad1a85a98c5b919cf81ace0ee147b2164732963e40474d7b5fbbb99 include/internal/namemap.h
372	372	b02701592960eb4608bb83b297eed90184004828c7fc03ea81568062f347623d include/internal/nelem.h
373	373	ae41a2fb41bf592bbb47e4855cf4efd9ef85fc11f910a7e195ceef78fb4321dc include/internal/numbers.h
374		ea1bec4f1fff37aef8d4a62745bb451baa3e3ad20ba1bc68920a24f5cbb2f0a7 include/internal/packet.h
	374	b89cca3b727d4526b459246de11e768a20333555bf3a9ed9a9b8beb2b565dc7f include/internal/packet.h
375	375	dd7ddecf30bef3002313e6b776ce34d660931e783b2f6edacf64c7c6e729e688 include/internal/param_build_set.h
376		33cc89d81a36f7df51701e26c6266bc15a680d3bbc42851947ca24f5a61ca37b include/internal/property.h
	376	d4ac19b28ea61f03383364cfad1e941cac44fc36787d80882c5b76ecc9d34e29 include/internal/property.h
377	377	727326afb3d33fdffdf26471e313f27892708318c0934089369e4b28267e2635 include/internal/propertyerr.h
378	378	6a899ef3e360c7144d84d3c3dbbd14aa457f5d38b83b13c0be7ec7f372076595 include/internal/provider.h
379	379	5af9a40c44def13576fe2c0eb082fb73c3565c5e00f902d51b1ed1593d481ccb include/internal/refcount.h

387	387	98aa2fc5eae9ef2a36d3d0053212696d58893baa083fa1fcf720660fb4bc0a9f include/openssl/asn1.h.in
388	388	d4733dcd490b3a2554eaf859d1ea964fe76f7d24f78e42be1094bdad6dee7429 include/openssl/asn1err.h
389	389	1550474ee05423896ec4abfb6346f1bc44c7be22329efac9ea25de10e81d549c include/openssl/asn1t.h.in
390		2998b9b522c88cea61c17d31382b99b2760796bd54332a6fb643ff356c3c0db5 include/openssl/bio.h.in
	390	2cd8163cdc6c93386bc05e8ed983e5ca604d0bf9da65500cab736cfa8bc2b048 include/openssl/bio.h.in
391	391	0a26138aaded05cafe2326e11fdc19b28408e054cfe3dda40d45ef95ce8136b0 include/openssl/bioerr.h
392	392	7d1f9880976a926ba6e0cad08e8de6f326aae48d8350b499aa79127f63d4d108 include/openssl/bn.h
393	393	9ad8b04764797f5138f01f549ba18b44cf698ffc7fe795fef42c1822d84a6ff4 include/openssl/bnerr.h

415	415	dad1943d309aaadb800be4a3056096abec611d81982b83c601b482405e11d5c0 include/openssl/ecerr.h
416	416	61c76ee3f12ed0e42503a56421ca00f1cb9a0f4caa5f9c4421c374bcd45917d7 include/openssl/encoder.h
417	417	69dd983f45b8ccd551f084796519446552963a18c52b70470d978b597c81b2dc include/openssl/encodererr.h
418		0bb50eda4fe2600c20779d5e3c49668cf2dd8f295104549a33e57bc95a9219eb include/openssl/err.h.in
	418	c6ee8f17d7252bdd0807a124dc6d50a95c32c04e17688b7c2e061998570b7028 include/openssl/err.h.in
419	419	12ec111c0e22581e0169be5e1838353a085fb51e3042ef59a7db1cee7da73c5b include/openssl/evp.h
420	420	5bd1b5dcd14067a1fe490d49df911002793c0b4f0bd4492cd8f71cfed7bf9f2a include/openssl/evperr.h
421	421	5381d96fe867a4ee0ebc09b9e3a262a0d7a27edc5f91dccfb010c7d713cd0820 include/openssl/fips_names.h

482	482	527eda471e26763a5fcf123b2d290234d5c836de7b8ef6eef2166ef439919d82 providers/common/securitycheck_fips.c
483	483	abd5997bc33b681a4ab275978b92aebca0806a4a3f0c2f41dacf11b3b6f4e101 providers/fips/fips_entry.c
484	484	0f761a26c8fa6ad8d5a15c817afe1741352b21769b2164a2eb7dd50e1f6fe04f providers/fips/fipsprov.c
485		24a2e1a855de57b9d970727fcc11ebe7e06c0d4884d3cedbacf59fa471f91e72 providers/fips/self_test.c
	485	52b48aece6aa3592593c94b53326410c75efb95ac480697ce414679446b49943 providers/fips/self_test.c
486	486	f822a03138e8b83ccaa910b89d72f31691da6778bf6638181f993ec7ae1167e3 providers/fips/self_test.h
487		5b3379a3d382c4dad37841dbd58b77ed5ff712b0a37c485771b828fa9b39c351 providers/fips/self_test_data.inc
	487	d3c95c9c6cc4e3b1a5e4b2bfb2ae735a4109d763bcda7b1e9b8f9eb253f79820 providers/fips/self_test_data.inc
488	488	629f619ad055723e42624230c08430a3ef53e17ab405dc0fd35499e9ca4e389c providers/fips/self_test_kats.c
489		f054b24ea53ad5db41dd7f37f20f42166ed68b832121a94858cb0173b1aaeb1d providers/implementations/asymciphers/rsa_enc.c
	489	6b082c1af446ef9a2bfe68a9ee4362dfa4f1f09f975f11f9ba2e5010493039c6 providers/implementations/asymciphers/rsa_enc.c
490	490	4db1826ecce8b60cb641bcd7a61430ec8cef73d2fe3cbc06aa33526afe1c954a providers/implementations/ciphers/cipher_aes.c
491	491	f9d4b30e7110c90064b990c07430bb79061f4436b06ccaa981b25c306cfbfaa2 providers/implementations/ciphers/cipher_aes.h
492	492	89378cce6d31e8c2f221f9f29d0b17622624eb83e4ecec8465f7641f68352917 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c

522	522	dd72ea861edf70b94197821ceb00e07165d550934a2e851d62afa5034b79f468 providers/implementations/ciphers/ciphercommon_block.c
523	523	4b4106f85e36eb2c07acc5a3ca5ccd77b736b3ac46cc4af786cf57405ecd54b2 providers/implementations/ciphers/ciphercommon_ccm.c
524	524	8b6828f188c2590c7d9c6cac13fa0eb6d38a522b0f2859e7c8a766580fa9b66e providers/implementations/ciphers/ciphercommon_ccm_hw.c
525		f0e15648f42621d24c28f3165437bb9a49b6f4a666381688b954fe2633a40adf providers/implementations/ciphers/ciphercommon_gcm.c
	525	3b83f58d6ff1ae77de1ae8bee8a44ea2e5e4491c802b156fa77783ddebd44598 providers/implementations/ciphers/ciphercommon_gcm.c
526	526	bb67eaa7a98494ca938726f9218213870fc97dd87b56bda950626cc794baf20b providers/implementations/ciphers/ciphercommon_gcm_hw.c
527	527	23fd89e3239e596c325a8c5d23eb1fe157a8d23aa4d90ed2c574bf06dfabd693 providers/implementations/ciphers/ciphercommon_hw.c
528	528	c4b1cb143de15acc396ce2e03fdd165defd25ebc831de9cdfacf408ea883c666 providers/implementations/ciphers/ciphercommon_local.h

533	533	9c46dc0d859875fcc0bc3d61a7b610cd3520b1bf63718775c1124f54a1fe5f24 providers/implementations/exchange/ecdh_exch.c
534	534	9bf87b8429398a6465c7e9f749a33b84974303a458736b56f3359b30726d3969 providers/implementations/exchange/ecx_exch.c
535	535	0cc02005660c5c340660123decac838c59b7460ef1003d9d50edc604cfd8e375 providers/implementations/exchange/kdf_exch.c
536		0832bd4dd2d125754a87aef5b1f188017bcd7ee909cf62f8228ac4c5c68397be providers/implementations/include/prov/ciphercommon.h
	536	31d3dba3d2e6b043b0d14a74caf6bf1a6c550471fb992a495ab7d3337081a526 providers/implementations/include/prov/ciphercommon.h
537	537	6dc876a1a785420e84210f085be6e4c7aca407ffb5433dbca4cd3f1c11bb7f06 providers/implementations/include/prov/ciphercommon_aead.h
538	538	dd07797d61988fd4124cfb920616df672938da80649fac5977bfd061c981edc5 providers/implementations/include/prov/ciphercommon_ccm.h
539	539	0c1e99d70155402a790e4de65923228c8df8ad970741caccfe8b513837457d7f providers/implementations/include/prov/ciphercommon_gcm.h

555	555	6b6c776b12664164f3cb54c21df61e1c4477c7855d89431a16fb338cdae58d43 providers/implementations/kem/rsa_kem.c
556	556	6ac9f9b04d195bd545d2357fad1769c098b84896c188d19de0b7f747b2db0ff6 providers/implementations/keymgmt/dh_kmgmt.c
557	557	5db963d0b3d86912b8234d90f2d8d15438c3e9710572b9d6a8d911a5bcd29836 providers/implementations/keymgmt/dsa_kmgmt.c
558		dfeacd5e4cb8ddcc09a40e4ac47b838de5671c9d5246004474ddba245e7599d7 providers/implementations/keymgmt/ec_kmgmt.c
	558	c7ff403834b8ead9c4b0f3fdbaae72500c350a51529af4205a61cef92612dd19 providers/implementations/keymgmt/ec_kmgmt.c
559	559	258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251 providers/implementations/keymgmt/ec_kmgmt_imexport.inc
560	560	d77ece2494e6b12a6201a2806ee5fb24a6dc2fa3e1891a46012a870e0b781ab1 providers/implementations/keymgmt/ecx_kmgmt.c
561	561	053a2be39a87f50b877ebdbbf799cf5faf8b2de33b04311d819d212ee1ea329b providers/implementations/keymgmt/kdf_legacy_kmgmt.c

574	574	04339b66c10017229ef368cb48077f58a252ebfda9ab12b9f919e4149b1036ed providers/implementations/rands/test_rng.c
575	575	cafb9e6f54ad15889fcebddac6df61336bff7d78936f7de3bb5aab8aee5728d2 providers/implementations/signature/dsa_sig.c
576	576	a30dc6308de0ca33406e7ce909f3bcf7580fb84d863b0976b275839f866258df providers/implementations/signature/ecdsa_sig.c
577		b057870cf8be1fd28834670fb092f0e6f202424c7ae19282fe9df4e52c9ce036 providers/implementations/signature/eddsa_sig.c
	577	effdaa4a7b8f6c2326994ba1578a77af5e60a9ed89a5b8fab876950657366da0 providers/implementations/signature/eddsa_sig.c
578	578	3bb0f342b4cc1b4594ed0986adc47791c0a7b5c1ae7b1888c1fb5edb268a78d9 providers/implementations/signature/mac_legacy_sig.c
579	579	2334c8bba705032b8c1db5dd28e024a45a73b72cae82a2d815fe855445a49d10 providers/implementations/signature/rsa_sig.c
580	580	a14e901b02fe095713624db4080b3aa3ca685d43f9ebec03041f992240973346 ssl/record/tls_pad.c

+1

-1

providers/fips.checksum less more

0		cdcf539402f37a9ae18871827c858ce0fce9d2dd443c71f7fb94b5f6d8ec56b0 providers/fips-sources.checksums
	0	674597de1e7bfa5782d42c044d5475e6fd473c737008a297e8e90746eafb97d9 providers/fips-sources.checksums

+6

-4

providers/implementations/asymciphers/rsa_enc.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

424	424	const OSSL_PARAM *p;
425	425	char mdname[OSSL_MAX_NAME_SIZE];
426	426	char mdprops[OSSL_MAX_PROPQUERY_SIZE] = { '\0' };
427		char *str = mdname;
	427	char *str = NULL;
428	428
429	429	if (prsactx == NULL)
430	430	return 0;

433	433
434	434	p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST);
435	435	if (p != NULL) {
	436	str = mdname;
436	437	if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdname)))
437	438	return 0;
438	439
439		str = mdprops;
440	440	p = OSSL_PARAM_locate_const(params,
441	441	OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS);
442	442	if (p != NULL) {
	443	str = mdprops;
443	444	if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
444	445	return 0;
445	446	}

495	496
496	497	p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST);
497	498	if (p != NULL) {
	499	str = mdname;
498	500	if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdname)))
499	501	return 0;
500	502
501		str = mdprops;
502	503	p = OSSL_PARAM_locate_const(params,
503	504	OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS);
504	505	if (p != NULL) {
	506	str = mdprops;
505	507	if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
506	508	return 0;
507	509	} else {

+9

-2

providers/implementations/ciphers/ciphercommon_gcm.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

24	24	size_t padlen, const unsigned char in,
25	25	size_t len);
26	26
	27	/*
	28	* Called from EVP_CipherInit when there is currently no context via
	29	* the new_ctx() function
	30	*/
27	31	void ossl_gcm_initctx(void provctx, PROV_GCM_CTX ctx, size_t keybits,
28	32	const PROV_GCM_HW *hw)
29	33	{

37	41	ctx->libctx = PROV_LIBCTX_OF(provctx);
38	42	}
39	43
	44	/*
	45	* Called by EVP_CipherInit via the _einit and _dinit functions
	46	*/
40	47	static int gcm_init(void vctx, const unsigned char key, size_t keylen,
41	48	const unsigned char *iv, size_t ivlen,
42	49	const OSSL_PARAM params[], int enc)

65	72	}
66	73	if (!ctx->hw->setkey(ctx, key, ctx->keylen))
67	74	return 0;
	75	ctx->tls_enc_records = 0;
68	76	}
69	77	return ossl_gcm_set_ctx_params(ctx, params);
70	78	}

446	454	buf = dat->buf;
447	455	memcpy(buf, aad, aad_len);
448	456	dat->tls_aad_len = aad_len;
449		dat->tls_enc_records = 0;
450	457
451	458	len = buf[aad_len - 2] << 8 \| buf[aad_len - 1];
452	459	/* Correct length for explicit iv. */

+5

-1

providers/implementations/digests/build.info less more

14	14	$MD4_GOAL=../../liblegacy.a
15	15	$MDC2_GOAL=../../liblegacy.a
16	16	$WHIRLPOOL_GOAL=../../liblegacy.a
17		$RIPEMD_GOAL=../../liblegacy.a
	17	IF[{- !$disabled{module} -}]
	18	$RIPEMD_GOAL=../../libdefault.a ../../liblegacy.a
	19	ELSE
	20	$RIPEMD_GOAL=../../libdefault.a
	21	ENDIF
18	22
19	23	# This source is common for all digests in all our providers.
20	24	SOURCE[$COMMON_GOAL]=digestcommon.c

+6

-0

providers/implementations/encode_decode/encode_key2text.c less more

219	219	const BIGNUM priv_key = NULL, pub_key = NULL;
220	220	const FFC_PARAMS *params = NULL;
221	221	const BIGNUM *p = NULL;
	222	long length;
222	223
223	224	if (out == NULL \|\| dh == NULL) {
224	225	ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);

270	271	return 0;
271	272	if (params != NULL
272	273	&& !ffc_params_to_text(out, params))
	274	return 0;
	275	length = DH_get_length(dh);
	276	if (length > 0
	277	&& BIO_printf(out, "recommended-private-length: %ld bits\n",
	278	length) <= 0)
273	279	return 0;
274	280
275	281	return 1;

+3

-3

providers/implementations/include/prov/ciphercommon.h less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

13	13	#include "internal/cryptlib.h"
14	14	#include "crypto/modes.h"
15	15
16		#define MAXCHUNK ((size_t)1 << (sizeof(long) * 8 - 2))
17		#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4))
	16	# define MAXCHUNK ((size_t)1 << 30)
	17	# define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4))
18	18
19	19	#define GENERIC_BLOCK_SIZE 16
20	20	#define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */

+11

-4

providers/implementations/keymgmt/ec_kmgmt.c less more

636	636	BN_CTX *bnctx = NULL;
637	637
638	638	ecg = EC_KEY_get0_group(eck);
639		if (ecg == NULL)
640		return 0;
	639	if (ecg == NULL) {
	640	ERR_raise(ERR_LIB_PROV, PROV_R_NO_PARAMETERS_SET);
	641	return 0;
	642	}
641	643
642	644	libctx = ossl_ec_key_get_libctx(eck);
643	645	propq = ossl_ec_key_get0_propq(eck);

726	728	}
727	729	if ((p = OSSL_PARAM_locate(params,
728	730	OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) {
729		p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key),
730		EC_KEY_get0_public_key(key),
	731	const EC_POINT *ecp = EC_KEY_get0_public_key(key);
	732
	733	if (ecp == NULL) {
	734	ERR_raise(ERR_LIB_PROV, PROV_R_NOT_A_PUBLIC_KEY);
	735	goto err;
	736	}
	737	p->return_size = EC_POINT_point2oct(ecg, ecp,
731	738	POINT_CONVERSION_UNCOMPRESSED,
732	739	p->data, p->return_size, bnctx);
733	740	if (p->return_size == 0)

+39

-39

providers/implementations/rands/seeding/rand_vms.c less more

0	0	/*
1		* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

473	473	return ossl_rand_pool_entropy_available(pool);
474	474	}
475	475
476		int ossl_pool_add_nonce_data(RAND_POOL *pool)
477		{
478		struct {
479		pid_t pid;
480		CRYPTO_THREAD_ID tid;
481		unsigned __int64 time;
482		} data;
483
484		/* Erase the entire structure including any padding */
485		memset(&data, 0, sizeof(data));
486
487		/*
488		* Add process id, thread id, and a high resolution timestamp
489		* (where available, which is OpenVMS v8.4 and up) to ensure that
490		* the nonce is unique with high probability for different process
491		* instances.
492		*/
493		data.pid = getpid();
494		data.tid = CRYPTO_THREAD_get_current_id();
495		#if __CRTL_VER >= 80400000
496		sys$gettim_prec(&data.time);
497		#else
498		sys$gettim((void*)&data.time);
499		#endif
500
501		return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
502		}
503
504	476	/*
505	477	* SYS$GET_ENTROPY METHOD
506	478	* ======================

574	546	return data_collect_method(pool);
575	547	}
576	548
577
578		int ossl_rand_pool_add_additional_data(RAND_POOL *pool)
579		{
	549	int ossl_pool_add_nonce_data(RAND_POOL *pool)
	550	{
	551	/*
	552	* Two variables to ensure that two nonces won't ever be the same
	553	*/
	554	static unsigned __int64 last_time = 0;
	555	static unsigned __int32 last_seq = 0;
	556
580	557	struct {
	558	pid_t pid;
581	559	CRYPTO_THREAD_ID tid;
582	560	unsigned __int64 time;
	561	unsigned __int32 seq;
583	562	} data;
584	563
585	564	/* Erase the entire structure including any padding */
586	565	memset(&data, 0, sizeof(data));
587	566
588	567	/*
589		* Add some noise from the thread id and a high resolution timer.
590		* The thread id adds a little randomness if the drbg is accessed
591		* concurrently (which is the case for the <master> drbg).
	568	* Add process id, thread id, a timestamp, and a sequence number in case
	569	* the same time stamp is repeated, to ensure that the nonce is unique
	570	* with high probability for different process instances.
	571	*
	572	* The normal OpenVMS time is specified to be high granularity (100ns),
	573	* but the time update granularity given by sys$gettim() may be lower.
	574	*
	575	* OpenVMS version 8.4 (which is the latest for Alpha and Itanium) and
	576	* on have sys$gettim_prec() as well, which is supposedly having a better
	577	* time update granularity, but tests on Itanium (and even Alpha) have
	578	* shown that compared with sys$gettim(), the difference is marginal,
	579	* so of very little significance in terms of entropy.
	580	* Given that, and that it's a high ask to expect everyone to have
	581	* upgraded to OpenVMS version 8.4, only sys$gettim() is used, and a
	582	* sequence number is added as well, in case sys$gettim() returns the
	583	* same time value more than once.
	584	*
	585	* This function is assumed to be called under thread lock, and does
	586	* therefore not take concurrency into account.
592	587	*/
	588	data.pid = getpid();
593	589	data.tid = CRYPTO_THREAD_get_current_id();
594		#if __CRTL_VER >= 80400000
595		sys$gettim_prec(&data.time);
596		#else
	590	data.seq = 0;
597	591	sys$gettim((void*)&data.time);
598		#endif
	592
	593	if (data.time == last_time) {
	594	data.seq = ++last_seq;
	595	} else {
	596	last_time = data.time;
	597	last_seq = 0;
	598	}
599	599
600	600	return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
601	601	}

+4

-2

providers/implementations/rands/seeding/rand_win.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

27	27
28	28	# ifdef USE_BCRYPTGENRANDOM
29	29	# include <bcrypt.h>
30		# pragma comment(lib, "bcrypt.lib")
	30	# ifdef _MSC_VER
	31	# pragma comment(lib, "bcrypt.lib")
	32	# endif
31	33	# ifndef STATUS_SUCCESS
32	34	# define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
33	35	# endif

+17

-5

providers/implementations/signature/eddsa_sig.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

164	164	return 0;
165	165	}
166	166	#ifdef S390X_EC_ASM
167		if (S390X_CAN_SIGN(ED25519))
168		return s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen);
	167	if (S390X_CAN_SIGN(ED25519)) {
	168	if (s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen) == 0) {
	169	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN);
	170	return 0;
	171	}
	172	*siglen = ED25519_SIGSIZE;
	173	return 1;
	174	}
169	175	#endif /* S390X_EC_ASM */
170	176	if (ossl_ed25519_sign(sigret, tbs, tbslen, edkey->pubkey, edkey->privkey,
171	177	peddsactx->libctx, NULL) == 0) {

195	201	return 0;
196	202	}
197	203	#ifdef S390X_EC_ASM
198		if (S390X_CAN_SIGN(ED448))
199		return s390x_ed448_digestsign(edkey, sigret, tbs, tbslen);
	204	if (S390X_CAN_SIGN(ED448)) {
	205	if (s390x_ed448_digestsign(edkey, sigret, tbs, tbslen) == 0) {
	206	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN);
	207	return 0;
	208	}
	209	*siglen = ED448_SIGSIZE;
	210	return 1;
	211	}
200	212	#endif /* S390X_EC_ASM */
201	213	if (ossl_ed448_sign(peddsactx->libctx, sigret, tbs, tbslen, edkey->pubkey,
202	214	edkey->privkey, NULL, 0, edkey->propq) == 0) {

+5

-2

ssl/ktls.c less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

65	65	case SSL_AES128GCM:
66	66	case SSL_AES256GCM:
67	67	crypto_info->cipher_algorithm = CRYPTO_AES_NIST_GCM_16;
68		if (s->version == TLS1_3_VERSION)
	68	if (s->version == TLS1_3_VERSION) {
69	69	crypto_info->iv_len = EVP_CIPHER_CTX_get_iv_length(dd);
	70	if (crypto_info->iv_len < 0)
	71	return 0;
	72	}
70	73	else
71	74	crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
72	75	break;

+4

-0

ssl/record/rec_layer_d1.c less more

873	873	int mode = EVP_CIPHER_CTX_get_mode(s->enc_write_ctx);
874	874	if (mode == EVP_CIPH_CBC_MODE) {
875	875	eivlen = EVP_CIPHER_CTX_get_iv_length(s->enc_write_ctx);
	876	if (eivlen < 0) {
	877	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
	878	return -1;
	879	}
876	880	if (eivlen <= 1)
877	881	eivlen = 0;
878	882	}

+18

-2

ssl/record/rec_layer_s3.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

114	114	if (s->rlayer.rstate == SSL_ST_READ_BODY)
115	115	return 0;
116	116
	117	/* Take into account DTLS buffered app data */
	118	if (SSL_IS_DTLS(s)) {
	119	DTLS1_RECORD_DATA *rdata;
	120	pitem item, iter;
	121
	122	iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q);
	123	while ((item = pqueue_next(&iter)) != NULL) {
	124	rdata = item->data;
	125	num += rdata->rrec.length;
	126	}
	127	}
	128
117	129	for (i = 0; i < RECORD_LAYER_get_numrpipes(&s->rlayer); i++) {
118	130	if (SSL3_RECORD_get_type(&s->rlayer.rrec[i])
119	131	!= SSL3_RT_APPLICATION_DATA)
120		return 0;
	132	return num;
121	133	num += SSL3_RECORD_get_length(&s->rlayer.rrec[i]);
122	134	}
123	135

831	843	int mode = EVP_CIPHER_CTX_get_mode(s->enc_write_ctx);
832	844	if (mode == EVP_CIPH_CBC_MODE) {
833	845	eivlen = EVP_CIPHER_CTX_get_iv_length(s->enc_write_ctx);
	846	if (eivlen < 0) {
	847	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
	848	goto err;
	849	}
834	850	if (eivlen <= 1)
835	851	eivlen = 0;
836	852	} else if (mode == EVP_CIPH_GCM_MODE) {

+7

-2

ssl/record/ssl3_record_tls13.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

24	24	{
25	25	EVP_CIPHER_CTX *ctx;
26	26	unsigned char iv[EVP_MAX_IV_LENGTH], recheader[SSL3_RT_HEADER_LENGTH];
27		size_t ivlen, taglen, offset, loop, hdrlen;
	27	size_t taglen, offset, loop, hdrlen;
	28	int ivlen;
28	29	unsigned char *staticiv;
29	30	unsigned char *seq;
30	31	int lenu, lenf;

61	62	}
62	63
63	64	ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
	65	if (ivlen < 0) {
	66	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
	67	return 0;
	68	}
64	69
65	70	if (s->early_data_state == SSL_EARLY_DATA_WRITING
66	71	\|\| s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {

+4

-3

ssl/s3_lib.c less more

4300	4300
4301	4301	if (prefer_sha256) {
4302	4302	const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4303
4304		if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2),
4305		OSSL_DIGEST_NAME_SHA2_256)) {
	4303	const EVP_MD *md = ssl_md(s->ctx, tmp->algorithm2);
	4304
	4305	if (md != NULL
	4306	&& EVP_MD_is_a(md, OSSL_DIGEST_NAME_SHA2_256)) {
4306	4307	ret = tmp;
4307	4308	break;
4308	4309	}

+9

-7

ssl/ssl_ciph.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

531	531	ctmp.id = s->compress_meth;
532	532	if (ssl_comp_methods != NULL) {
533	533	i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
534		*comp = sk_SSL_COMP_value(ssl_comp_methods, i);
	534	if (i >= 0)
	535	*comp = sk_SSL_COMP_value(ssl_comp_methods, i);
535	536	}
536	537	/* If were only interested in comp then return success */
537	538	if ((enc == NULL) && (md == NULL))

554	555	if (c->algorithm_mac == SSL_AEAD)
555	556	mac_pkey_type = NULL;
556	557	} else {
557		if (!ssl_evp_md_up_ref(ctx->ssl_digest_methods[i])) {
	558	const EVP_MD *digest = ctx->ssl_digest_methods[i];
	559
	560	if (digest == NULL
	561	\|\| !ssl_evp_md_up_ref(digest)) {
558	562	ssl_evp_cipher_free(*enc);
559	563	return 0;
560	564	}
561		*md = ctx->ssl_digest_methods[i];
	565	*md = digest;
562	566	if (mac_pkey_type != NULL)
563	567	*mac_pkey_type = ctx->ssl_mac_pkey_id[i];
564	568	if (mac_secret_size != NULL)

1058	1062	* alphanumeric, so we call this an error.
1059	1063	*/
1060	1064	ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_COMMAND);
1061		retval = found = 0;
1062		l++;
1063		break;
	1065	return 0;
1064	1066	}
1065	1067
1066	1068	if (rule == CIPHER_SPECIAL) {

+19

-5

ssl/ssl_lib.c less more

1549	1549	{
1550	1550	/*
1551	1551	* Similar to SSL_pending() but returns a 1 to indicate that we have
1552		* unprocessed data available or 0 otherwise (as opposed to the number of
1553		* bytes available). Unlike SSL_pending() this will take into account
1554		* read_ahead data. A 1 return simply indicates that we have unprocessed
1555		* data. That data may not result in any application data, or we may fail
1556		* to parse the records for some reason.
	1552	* processed or unprocessed data available or 0 otherwise (as opposed to the
	1553	* number of bytes available). Unlike SSL_pending() this will take into
	1554	* account read_ahead data. A 1 return simply indicates that we have data.
	1555	* That data may not result in any application data, or we may fail to parse
	1556	* the records for some reason.
1557	1557	*/
	1558
	1559	/* Check buffered app data if any first */
	1560	if (SSL_IS_DTLS(s)) {
	1561	DTLS1_RECORD_DATA *rdata;
	1562	pitem item, iter;
	1563
	1564	iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q);
	1565	while ((item = pqueue_next(&iter)) != NULL) {
	1566	rdata = item->data;
	1567	if (rdata->rrec.length > 0)
	1568	return 1;
	1569	}
	1570	}
	1571
1558	1572	if (RECORD_LAYER_processed_read_pending(&s->rlayer))
1559	1573	return 1;
1560	1574

+2

-0

ssl/ssl_local.h less more

2751	2751	#define CLIENT_HANDSHAKE_LABEL "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
2752	2752	#define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET"
2753	2753	#define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0"
	2754	#define CLIENT_APPLICATION_N_LABEL "CLIENT_TRAFFIC_SECRET_N"
2754	2755	#define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0"
	2756	#define SERVER_APPLICATION_N_LABEL "SERVER_TRAFFIC_SECRET_N"
2755	2757	#define EARLY_EXPORTER_SECRET_LABEL "EARLY_EXPORTER_SECRET"
2756	2758	#define EXPORTER_SECRET_LABEL "EXPORTER_SECRET"
2757	2759

+60

-21

ssl/ssl_rsa.c less more

702	702	return 1;
703	703	}
704	704
	705	static size_t extension_contextoff(unsigned int version)
	706	{
	707	return version == SSL_SERVERINFOV1 ? 4 : 0;
	708	}
	709
	710	static size_t extension_append_length(unsigned int version, size_t extension_length)
	711	{
	712	return extension_length + extension_contextoff(version);
	713	}
	714
	715	static void extension_append(unsigned int version,
	716	const unsigned char *extension,
	717	const size_t extension_length,
	718	unsigned char *serverinfo)
	719	{
	720	const size_t contextoff = extension_contextoff(version);
	721
	722	if (contextoff > 0) {
	723	/* We know this only uses the last 2 bytes */
	724	serverinfo[0] = 0;
	725	serverinfo[1] = 0;
	726	serverinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
	727	serverinfo[3] = SYNTHV1CONTEXT & 0xff;
	728	}
	729
	730	memcpy(serverinfo + contextoff, extension, extension_length);
	731	}
	732
705	733	int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
706	734	const unsigned char *serverinfo,
707	735	size_t serverinfo_length)
708	736	{
709		unsigned char *new_serverinfo;
	737	unsigned char *new_serverinfo = NULL;
710	738
711	739	if (ctx == NULL \|\| serverinfo == NULL \|\| serverinfo_length == 0) {
712	740	ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
713	741	return 0;
	742	}
	743	if (version == SSL_SERVERINFOV1) {
	744	/*
	745	* Convert serverinfo version v1 to v2 and call yourself recursively
	746	* over the converted serverinfo.
	747	*/
	748	const size_t sinfo_length = extension_append_length(SSL_SERVERINFOV1,
	749	serverinfo_length);
	750	unsigned char *sinfo;
	751	int ret;
	752
	753	sinfo = OPENSSL_malloc(sinfo_length);
	754	if (sinfo == NULL) {
	755	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
	756	return 0;
	757	}
	758
	759	extension_append(SSL_SERVERINFOV1, serverinfo, serverinfo_length, sinfo);
	760
	761	ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, sinfo,
	762	sinfo_length);
	763
	764	OPENSSL_free(sinfo);
	765	return ret;
714	766	}
715	767	if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length,
716	768	NULL)) {

764	816	unsigned int name_len;
765	817	int ret = 0;
766	818	BIO *bin = NULL;
767		size_t num_extensions = 0, contextoff = 0;
	819	size_t num_extensions = 0;
768	820
769	821	if (ctx == NULL \|\| file == NULL) {
770	822	ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);

783	835
784	836	for (num_extensions = 0;; num_extensions++) {
785	837	unsigned int version;
	838	size_t append_length;
786	839
787	840	if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
788	841	== 0) {

825	878	ERR_raise(ERR_LIB_SSL, SSL_R_BAD_DATA);
826	879	goto end;
827	880	}
828		/*
829		* File does not have a context value so we must take account of
830		* this later.
831		*/
832		contextoff = 4;
833	881	} else {
834	882	/* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */
835	883	if (extension_length < 8

840	888	}
841	889	}
842	890	/* Append the decoded extension to the serverinfo buffer */
843		tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length
844		+ contextoff);
	891	append_length = extension_append_length(version, extension_length);
	892	tmp = OPENSSL_realloc(serverinfo, serverinfo_length + append_length);
845	893	if (tmp == NULL) {
846	894	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
847	895	goto end;
848	896	}
849	897	serverinfo = tmp;
850		if (contextoff > 0) {
851		unsigned char *sinfo = serverinfo + serverinfo_length;
852
853		/* We know this only uses the last 2 bytes */
854		sinfo[0] = 0;
855		sinfo[1] = 0;
856		sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff;
857		sinfo[3] = SYNTHV1CONTEXT & 0xff;
858		}
859		memcpy(serverinfo + serverinfo_length + contextoff,
860		extension, extension_length);
861		serverinfo_length += extension_length + contextoff;
	898	extension_append(version, extension, extension_length,
	899	serverinfo + serverinfo_length);
	900	serverinfo_length += append_length;
862	901
863	902	OPENSSL_free(name);
864	903	name = NULL;

+19

-15

ssl/ssl_sess.c less more

747	747	c->time = time(NULL);
748	748	ssl_session_calculate_timeout(c);
749	749	}
	750
	751	if (s == NULL) {
	752	/*
	753	* new cache entry -- remove old ones if cache has become too large
	754	* delete cache entry before add, so we don't remove the one we're adding!
	755	*/
	756
	757	ret = 1;
	758
	759	if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
	760	while (SSL_CTX_sess_number(ctx) >= SSL_CTX_sess_get_cache_size(ctx)) {
	761	if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
	762	break;
	763	else
	764	ssl_tsan_counter(ctx, &ctx->stats.sess_cache_full);
	765	}
	766	}
	767	}
	768
750	769	SSL_SESSION_list_add(ctx, c);
751	770
752	771	if (s != NULL) {

757	776
758	777	SSL_SESSION_free(s); /* s == c */
759	778	ret = 0;
760		} else {
761		/*
762		* new cache entry -- remove old ones if cache has become too large
763		*/
764
765		ret = 1;
766
767		if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
768		while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
769		if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
770		break;
771		else
772		ssl_tsan_counter(ctx, &ctx->stats.sess_cache_full);
773		}
774		}
775	779	}
776	780	CRYPTO_THREAD_unlock(ctx->lock);
777	781	return ret;

+15

-1

ssl/statem/extensions.c less more

97	97	* Definitions of all built-in extensions. NOTE: Changes in the number or order
98	98	* of these extensions should be mirrored with equivalent changes to the
99	99	* indexes ( TLSEXT_IDX_* ) defined in ssl_local.h.
	100	* Extensions should be added to test/ext_internal_test.c as well, as that
	101	* tests the ordering of the extensions.
	102	*
100	103	* Each extension has an initialiser, a client and
101	104	* server side parser and a finaliser. The initialiser is called (if the
102	105	* extension is relevant to the given context) even if we did not see the

117	120	* NOTE: WebSphere Application Server 7+ cannot handle empty extensions at
118	121	* the end, keep these extensions before signature_algorithm.
119	122	*/
120		#define INVALID_EXTENSION { 0x10000, 0, NULL, NULL, NULL, NULL, NULL, NULL }
	123	#define INVALID_EXTENSION { TLSEXT_TYPE_invalid, 0, NULL, NULL, NULL, NULL, NULL, NULL }
121	124	static const EXTENSION_DEFINITION ext_defs[] = {
122	125	{
123	126	TLSEXT_TYPE_renegotiate,

383	386	tls_construct_ctos_psk, final_psk
384	387	}
385	388	};
	389
	390	/* Returns a TLSEXT_TYPE for the given index */
	391	unsigned int ossl_get_extension_type(size_t idx)
	392	{
	393	size_t num_exts = OSSL_NELEM(ext_defs);
	394
	395	if (idx >= num_exts)
	396	return TLSEXT_TYPE_out_of_range;
	397
	398	return ext_defs[idx].type;
	399	}
386	400
387	401	/* Check whether an extension's context matches the current context */
388	402	static int validate_context(SSL *s, unsigned int extctx, unsigned int thisctx)

+9

-4

ssl/statem/extensions_clnt.c less more

676	676	for (i = 0; i < num_groups; i++) {
677	677
678	678	if (!tls_group_allowed(s, pgroups[i], SSL_SECOP_CURVE_SUPPORTED))
	679	continue;
	680
	681	if (!tls_valid_group(s, pgroups[i], TLS1_3_VERSION, TLS1_3_VERSION,
	682	0, NULL))
679	683	continue;
680	684
681	685	curve_id = pgroups[i];

973	977	X509 *x, size_t chainidx)
974	978	{
975	979	#ifndef OPENSSL_NO_TLS1_3
976		uint32_t now, agesec, agems = 0;
	980	uint32_t agesec, agems = 0;
977	981	size_t reshashsize = 0, pskhashsize = 0, binderoffset, msglen;
978	982	unsigned char resbinder = NULL, pskbinder = NULL, *msgstart = NULL;
979	983	const EVP_MD handmd = NULL, mdres = NULL, *mdpsk = NULL;

1029	1033	* this in multiple places in the code, so portability shouldn't be an
1030	1034	* issue.
1031	1035	*/
1032		now = (uint32_t)time(NULL);
1033		agesec = now - (uint32_t)s->session->time;
	1036	agesec = (uint32_t)(time(NULL) - s->session->time);
1034	1037	/*
1035	1038	* We calculate the age in seconds but the server may work in ms. Due to
1036	1039	* rounding errors we could overestimate the age by up to 1s. It is

1775	1778	break;
1776	1779	}
1777	1780	if (i >= num_groups
1778		\|\| !tls_group_allowed(s, group_id, SSL_SECOP_CURVE_SUPPORTED)) {
	1781	\|\| !tls_group_allowed(s, group_id, SSL_SECOP_CURVE_SUPPORTED)
	1782	\|\| !tls_valid_group(s, group_id, TLS1_3_VERSION, TLS1_3_VERSION,
	1783	0, NULL)) {
1779	1784	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
1780	1785	return 0;
1781	1786	}

+21

-11

ssl/statem/extensions_srvr.c less more

11	11	#include "statem_local.h"
12	12	#include "internal/cryptlib.h"
13	13
14		#define COOKIE_STATE_FORMAT_VERSION 0
	14	#define COOKIE_STATE_FORMAT_VERSION 1
15	15
16	16	/*
17	17	* 2 bytes for packet length, 2 bytes for format version, 2 bytes for
18	18	* protocol version, 2 bytes for group id, 2 bytes for cipher id, 1 byte for
19		* key_share present flag, 4 bytes for timestamp, 2 bytes for the hashlen,
	19	* key_share present flag, 8 bytes for timestamp, 2 bytes for the hashlen,
20	20	* EVP_MAX_MD_SIZE for transcript hash, 1 byte for app cookie length, app cookie
21	21	* length bytes, SHA256_DIGEST_LENGTH bytes for the HMAC of the whole thing.
22	22	*/
23		#define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 4 + 2 + EVP_MAX_MD_SIZE + 1 \
	23	#define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 8 + 2 + EVP_MAX_MD_SIZE + 1 \
24	24	+ SSL_COOKIE_LENGTH + SHA256_DIGEST_LENGTH)
25	25
26	26	/*

647	647	}
648	648
649	649	/* Check if this share is for a group we can use */
650		if (!check_in_list(s, group_id, srvrgroups, srvr_num_groups, 1)) {
	650	if (!check_in_list(s, group_id, srvrgroups, srvr_num_groups, 1)
	651	\|\| !tls_group_allowed(s, group_id, SSL_SECOP_CURVE_SUPPORTED)
	652	/*
	653	* We tolerate but ignore a group id that we don't think is
	654	* suitable for TLSv1.3
	655	*/
	656	\|\| !tls_valid_group(s, group_id, TLS1_3_VERSION, TLS1_3_VERSION,
	657	0, NULL)) {
651	658	/* Share not suitable */
652	659	continue;
653	660	}

689	696	unsigned char hmac[SHA256_DIGEST_LENGTH];
690	697	unsigned char hrr[MAX_HRR_SIZE];
691	698	size_t rawlen, hmaclen, hrrlen, ciphlen;
692		unsigned long tm, now;
	699	uint64_t tm, now;
693	700
694	701	/* Ignore any cookie if we're not set up to verify it */
695	702	if (s->ctx->verify_stateless_cookie_cb == NULL

790	797	}
791	798
792	799	if (!PACKET_get_1(&cookie, &key_share)
793		\|\| !PACKET_get_net_4(&cookie, &tm)
	800	\|\| !PACKET_get_net_8(&cookie, &tm)
794	801	\|\| !PACKET_get_length_prefixed_2(&cookie, &chhash)
795	802	\|\| !PACKET_get_length_prefixed_1(&cookie, &appcookie)
796	803	\|\| PACKET_remaining(&cookie) != SHA256_DIGEST_LENGTH) {

799	806	}
800	807
801	808	/* We tolerate a cookie age of up to 10 minutes (= 60 * 10 seconds) */
802		now = (unsigned long)time(NULL);
	809	now = time(NULL);
803	810	if (tm > now \|\| (now - tm) > 600) {
804	811	/* Cookie is stale. Ignore it */
805	812	return 1;

1086	1093	s->ext.early_data_ok = 1;
1087	1094	s->ext.ticket_expected = 1;
1088	1095	} else {
1089		uint32_t ticket_age = 0, now, agesec, agems;
	1096	uint32_t ticket_age = 0, agesec, agems;
1090	1097	int ret;
1091	1098
1092	1099	/*

1126	1133	}
1127	1134
1128	1135	ticket_age = (uint32_t)ticket_agel;
1129		now = (uint32_t)time(NULL);
1130		agesec = now - (uint32_t)sess->time;
	1136	agesec = (uint32_t)(time(NULL) - sess->time);
1131	1137	agems = agesec * (uint32_t)1000;
1132	1138	ticket_age -= sess->ext.tick_age_add;
1133	1139

1153	1159	}
1154	1160
1155	1161	md = ssl_md(s->ctx, sess->cipher->algorithm2);
	1162	if (md == NULL) {
	1163	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
	1164	goto err;
	1165	}
1156	1166	if (!EVP_MD_is_a(md,
1157	1167	EVP_MD_get0_name(ssl_md(s->ctx,
1158	1168	s->s3.tmp.new_cipher->algorithm2)))) {

1736	1746	&ciphlen)
1737	1747	/* Is there a key_share extension present in this HRR? */
1738	1748	\|\| !WPACKET_put_bytes_u8(pkt, s->s3.peer_tmp == NULL)
1739		\|\| !WPACKET_put_bytes_u32(pkt, (unsigned int)time(NULL))
	1749	\|\| !WPACKET_put_bytes_u64(pkt, time(NULL))
1740	1750	\|\| !WPACKET_start_sub_packet_u16(pkt)
1741	1751	\|\| !WPACKET_reserve_bytes(pkt, EVP_MAX_MD_SIZE, &hashval1)) {
1742	1752	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);

+19

-5

ssl/statem/statem.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

848	848	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
849	849	return SUB_STATE_ERROR;
850	850	}
851		if (confunc != NULL && !confunc(s, &pkt)) {
852		WPACKET_cleanup(&pkt);
853		check_fatal(s);
854		return SUB_STATE_ERROR;
	851	if (confunc != NULL) {
	852	int tmpret;
	853
	854	tmpret = confunc(s, &pkt);
	855	if (tmpret <= 0) {
	856	WPACKET_cleanup(&pkt);
	857	check_fatal(s);
	858	return SUB_STATE_ERROR;
	859	} else if (tmpret == 2) {
	860	/*
	861	* The construction function decided not to construct the
	862	* message after all and continue. Skip sending.
	863	*/
	864	WPACKET_cleanup(&pkt);
	865	st->write_state = WRITE_STATE_POST_WORK;
	866	st->write_state_work = WORK_MORE_A;
	867	break;
	868	} /* else success */
855	869	}
856	870	if (!ssl_close_construct_packet(s, &pkt, mt)
857	871	\|\| !WPACKET_finish(&pkt)) {

+4

-2

ssl/statem/statem_clnt.c less more

1345	1345	s->session->cipher_id = s->session->cipher->id;
1346	1346	if (s->hit && (s->session->cipher_id != c->id)) {
1347	1347	if (SSL_IS_TLS13(s)) {
	1348	const EVP_MD *md = ssl_md(s->ctx, c->algorithm2);
	1349
1348	1350	/*
1349	1351	* In TLSv1.3 it is valid for the server to select a different
1350	1352	* ciphersuite as long as the hash is the same.
1351	1353	*/
1352		if (ssl_md(s->ctx, c->algorithm2)
1353		!= ssl_md(s->ctx, s->session->cipher->algorithm2)) {
	1354	if (md == NULL
	1355	\|\| md != ssl_md(s->ctx, s->session->cipher->algorithm2)) {
1354	1356	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
1355	1357	SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED);
1356	1358	return 0;

+86

-11

ssl/statem/statem_dtls.c less more

490	490	* (2) update s->init_num
491	491	*/
492	492	pitem *item;
	493	piterator iter;
493	494	hm_fragment *frag;
494	495	int ret;
495
	496	int chretran = 0;
	497
	498	iter = pqueue_iterator(s->d1->buffered_messages);
496	499	do {
497		item = pqueue_peek(s->d1->buffered_messages);
	500	item = pqueue_next(&iter);
498	501	if (item == NULL)
499	502	return 0;
500	503
501	504	frag = (hm_fragment *)item->data;
502	505
503	506	if (frag->msg_header.seq < s->d1->handshake_read_seq) {
504		/* This is a stale message that has been buffered so clear it */
505		pqueue_pop(s->d1->buffered_messages);
506		dtls1_hm_fragment_free(frag);
507		pitem_free(item);
508		item = NULL;
509		frag = NULL;
	507	pitem *next;
	508	hm_fragment *nextfrag;
	509
	510	if (!s->server
	511	\|\| frag->msg_header.seq != 0
	512	\|\| s->d1->handshake_read_seq != 1
	513	\|\| s->statem.hand_state != DTLS_ST_SW_HELLO_VERIFY_REQUEST) {
	514	/*
	515	* This is a stale message that has been buffered so clear it.
	516	* It is safe to pop this message from the queue even though
	517	* we have an active iterator
	518	*/
	519	pqueue_pop(s->d1->buffered_messages);
	520	dtls1_hm_fragment_free(frag);
	521	pitem_free(item);
	522	item = NULL;
	523	frag = NULL;
	524	} else {
	525	/*
	526	* We have fragments for a ClientHello without a cookie,
	527	* even though we have sent a HelloVerifyRequest. It is possible
	528	* that the HelloVerifyRequest got lost and this is a
	529	* retransmission of the original ClientHello
	530	*/
	531	next = pqueue_next(&iter);
	532	if (next != NULL) {
	533	nextfrag = (hm_fragment *)next->data;
	534	if (nextfrag->msg_header.seq == s->d1->handshake_read_seq) {
	535	/*
	536	* We have fragments for both a ClientHello without
	537	* cookie and one with. Ditch the one without.
	538	*/
	539	pqueue_pop(s->d1->buffered_messages);
	540	dtls1_hm_fragment_free(frag);
	541	pitem_free(item);
	542	item = next;
	543	frag = nextfrag;
	544	} else {
	545	chretran = 1;
	546	}
	547	} else {
	548	chretran = 1;
	549	}
	550	}
510	551	}
511	552	} while (item == NULL);
512	553

514	555	if (frag->reassembly != NULL)
515	556	return 0;
516	557
517		if (s->d1->handshake_read_seq == frag->msg_header.seq) {
	558	if (s->d1->handshake_read_seq == frag->msg_header.seq \|\| chretran) {
518	559	size_t frag_len = frag->msg_header.frag_len;
519	560	pqueue_pop(s->d1->buffered_messages);
520	561

532	573	pitem_free(item);
533	574
534	575	if (ret) {
	576	if (chretran) {
	577	/*
	578	* We got a new ClientHello with a message sequence of 0.
	579	* Reset the read/write sequences back to the beginning.
	580	* We process it like this is the first time we've seen a
	581	* ClientHello from the client.
	582	*/
	583	s->d1->handshake_read_seq = 0;
	584	s->d1->next_handshake_write_seq = 0;
	585	}
535	586	*len = frag_len;
536	587	return 1;
537	588	}

758	809	int i, ret, recvd_type;
759	810	struct hm_header_st msg_hdr;
760	811	size_t readbytes;
	812	int chretran = 0;
761	813
762	814	*errtype = 0;
763	815

827	879	* although we're still expecting seq 0 (ClientHello)
828	880	*/
829	881	if (msg_hdr.seq != s->d1->handshake_read_seq) {
830		*errtype = dtls1_process_out_of_seq_message(s, &msg_hdr);
831		return 0;
	882	if (!s->server
	883	\|\| msg_hdr.seq != 0
	884	\|\| s->d1->handshake_read_seq != 1
	885	\|\| wire[0] != SSL3_MT_CLIENT_HELLO
	886	\|\| s->statem.hand_state != DTLS_ST_SW_HELLO_VERIFY_REQUEST) {
	887	*errtype = dtls1_process_out_of_seq_message(s, &msg_hdr);
	888	return 0;
	889	}
	890	/*
	891	* We received a ClientHello and sent back a HelloVerifyRequest. We
	892	* now seem to have received a retransmitted initial ClientHello. That
	893	* is allowed (possibly our HelloVerifyRequest got lost).
	894	*/
	895	chretran = 1;
832	896	}
833	897
834	898	if (frag_len && frag_len < mlen) {

892	956	if (readbytes != frag_len) {
893	957	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_LENGTH);
894	958	goto f_err;
	959	}
	960
	961	if (chretran) {
	962	/*
	963	* We got a new ClientHello with a message sequence of 0.
	964	* Reset the read/write sequences back to the beginning.
	965	* We process it like this is the first time we've seen a ClientHello
	966	* from the client.
	967	*/
	968	s->d1->handshake_read_seq = 0;
	969	s->d1->next_handshake_write_seq = 0;
895	970	}
896	971
897	972	/*

+6

-1

ssl/statem/statem_local.h less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

35	35
36	36	/* Dummy message type */
37	37	#define SSL3_MT_DUMMY -1
	38
	39	/* Invalid extension ID for non-supported extensions */
	40	#define TLSEXT_TYPE_invalid 0x10000
	41	#define TLSEXT_TYPE_out_of_range 0x10001
	42	unsigned int ossl_get_extension_type(size_t idx);
38	43
39	44	extern const unsigned char hrrrandom[];
40	45

+50

-18

ssl/statem/statem_srvr.c less more

3659	3659	return 1;
3660	3660	}
3661	3661
	3662	/*
	3663	* Returns 1 on success, 0 to abort construction of the ticket (non-fatal), or
	3664	* -1 on fatal error
	3665	*/
3662	3666	static int construct_stateless_ticket(SSL s, WPACKET pkt, uint32_t age_add,
3663	3667	unsigned char *tick_nonce)
3664	3668	{

3673	3677	SSL_CTX *tctx = s->session_ctx;
3674	3678	unsigned char iv[EVP_MAX_IV_LENGTH];
3675	3679	unsigned char key_name[TLSEXT_KEYNAME_LENGTH];
3676		int iv_len, ok = 0;
	3680	int iv_len, ok = -1;
3677	3681	size_t macoffset, macendoffset;
3678	3682
3679	3683	/* get session encoding length */

3754	3758	#endif
3755	3759
3756	3760	if (ret == 0) {
3757
	3761	/*
	3762	* In TLSv1.2 we construct a 0 length ticket. In TLSv1.3 a 0
	3763	* length ticket is not allowed so we abort construction of the
	3764	* ticket
	3765	*/
	3766	if (SSL_IS_TLS13(s)) {
	3767	ok = 0;
	3768	goto err;
	3769	}
3758	3770	/* Put timeout and length */
3759	3771	if (!WPACKET_put_bytes_u32(pkt, 0)
3760	3772	\|\| !WPACKET_put_bytes_u16(pkt, 0)) {

3771	3783	goto err;
3772	3784	}
3773	3785	iv_len = EVP_CIPHER_CTX_get_iv_length(ctx);
	3786	if (iv_len < 0) {
	3787	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
	3788	goto err;
	3789	}
3774	3790	} else {
3775	3791	EVP_CIPHER *cipher = EVP_CIPHER_fetch(s->ctx->libctx, "AES-256-CBC",
3776	3792	s->ctx->propq);

3863	3879	return 1;
3864	3880	}
3865	3881
	3882	static void tls_update_ticket_counts(SSL *s)
	3883	{
	3884	/*
	3885	* Increment both \|sent_tickets\| and \|next_ticket_nonce\|. \|sent_tickets\|
	3886	* gets reset to 0 if we send more tickets following a post-handshake
	3887	* auth, but \|next_ticket_nonce\| does not. If we're sending extra
	3888	* tickets, decrement the count of pending extra tickets.
	3889	*/
	3890	s->sent_tickets++;
	3891	s->next_ticket_nonce++;
	3892	if (s->ext.extra_tickets_expected > 0)
	3893	s->ext.extra_tickets_expected--;
	3894	}
	3895
3866	3896	int tls_construct_new_session_ticket(SSL s, WPACKET pkt)
3867	3897	{
3868	3898	SSL_CTX *tctx = s->session_ctx;

3871	3901	unsigned char age_add_c[sizeof(uint32_t)];
3872	3902	uint32_t age_add;
3873	3903	} age_add_u;
	3904	int ret = 0;
3874	3905
3875	3906	age_add_u.age_add = 0;
3876	3907

3968	3999	/* SSLfatal() already called */
3969	4000	goto err;
3970	4001	}
3971		} else if (!construct_stateless_ticket(s, pkt, age_add_u.age_add,
3972		tick_nonce)) {
3973		/* SSLfatal() already called */
3974		goto err;
	4002	} else {
	4003	int tmpret;
	4004
	4005	tmpret = construct_stateless_ticket(s, pkt, age_add_u.age_add,
	4006	tick_nonce);
	4007	if (tmpret != 1) {
	4008	if (tmpret == 0) {
	4009	ret = 2; /* Non-fatal. Abort construction but continue */
	4010	/* We count this as a success so update the counts anwyay */
	4011	tls_update_ticket_counts(s);
	4012	}
	4013	/* else SSLfatal() already called */
	4014	goto err;
	4015	}
3975	4016	}
3976	4017
3977	4018	if (SSL_IS_TLS13(s)) {

3981	4022	/* SSLfatal() already called */
3982	4023	goto err;
3983	4024	}
3984		/*
3985		* Increment both \|sent_tickets\| and \|next_ticket_nonce\|. \|sent_tickets\|
3986		* gets reset to 0 if we send more tickets following a post-handshake
3987		* auth, but \|next_ticket_nonce\| does not. If we're sending extra
3988		* tickets, decrement the count of pending extra tickets.
3989		*/
3990		s->sent_tickets++;
3991		s->next_ticket_nonce++;
3992		if (s->ext.extra_tickets_expected > 0)
3993		s->ext.extra_tickets_expected--;
	4025	tls_update_ticket_counts(s);
3994	4026	ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
3995	4027	}
3996	4028
3997		return 1;
	4029	ret = 1;
3998	4030	err:
3999		return 0;
	4031	return ret;
4000	4032	}
4001	4033
4002	4034	/*

+10

-5

ssl/t1_lib.c less more

1784	1784	SSL_SESSION *sess = NULL;
1785	1785	unsigned char *sdec;
1786	1786	const unsigned char *p;
1787		int slen, renew_ticket = 0, declen;
	1787	int slen, ivlen, renew_ticket = 0, declen;
1788	1788	SSL_TICKET_STATUS ret = SSL_TICKET_FATAL_ERR_OTHER;
1789	1789	size_t mlen;
1790	1790	unsigned char tick_hmac[EVP_MAX_MD_SIZE];

1897	1897	goto end;
1898	1898	}
1899	1899
	1900	ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
	1901	if (ivlen < 0) {
	1902	ret = SSL_TICKET_FATAL_ERR_OTHER;
	1903	goto end;
	1904	}
	1905
1900	1906	/* Sanity check ticket length: must exceed keyname + IV + HMAC */
1901		if (eticklen <=
1902		TLSEXT_KEYNAME_LENGTH + EVP_CIPHER_CTX_get_iv_length(ctx) + mlen) {
	1907	if (eticklen <= TLSEXT_KEYNAME_LENGTH + ivlen + mlen) {
1903	1908	ret = SSL_TICKET_NO_DECRYPT;
1904	1909	goto end;
1905	1910	}

1917	1922	}
1918	1923	/* Attempt to decrypt session data */
1919	1924	/* Move p after IV to start of encrypted ticket, update length */
1920		p = etick + TLSEXT_KEYNAME_LENGTH + EVP_CIPHER_CTX_get_iv_length(ctx);
1921		eticklen -= TLSEXT_KEYNAME_LENGTH + EVP_CIPHER_CTX_get_iv_length(ctx);
	1925	p = etick + TLSEXT_KEYNAME_LENGTH + ivlen;
	1926	eticklen -= TLSEXT_KEYNAME_LENGTH + ivlen;
1922	1927	sdec = OPENSSL_malloc(eticklen);
1923	1928	if (sdec == NULL \|\| EVP_DecryptUpdate(ctx, sdec, &slen, p,
1924	1929	(int)eticklen) <= 0) {

+26

-7

ssl/tls13_enc.c less more

256	256	size_t tls13_final_finish_mac(SSL s, const char str, size_t slen,
257	257	unsigned char *out)
258	258	{
259		const char *mdname = EVP_MD_get0_name(ssl_handshake_md(s));
	259	const EVP_MD *md = ssl_handshake_md(s);
	260	const char *mdname = EVP_MD_get0_name(md);
260	261	unsigned char hash[EVP_MAX_MD_SIZE];
261	262	unsigned char finsecret[EVP_MAX_MD_SIZE];
262	263	unsigned char *key = NULL;
263	264	size_t len = 0, hashlen;
264	265	OSSL_PARAM params[2], *p = params;
	266
	267	if (md == NULL)
	268	return 0;
265	269
266	270	/* Safe to cast away const here since we're not "getting" any data */
267	271	if (s->ctx->propq != NULL)

280	284	} else if (SSL_IS_FIRST_HANDSHAKE(s)) {
281	285	key = s->client_finished_secret;
282	286	} else {
283		if (!tls13_derive_finishedkey(s, ssl_handshake_md(s),
	287	if (!tls13_derive_finishedkey(s, md,
284	288	s->client_app_traffic_secret,
285	289	finsecret, hashlen))
286	290	goto err;

746	750	static const unsigned char application_traffic[] = "traffic upd";
747	751	#endif
748	752	const EVP_MD *md = ssl_handshake_md(s);
749		size_t hashlen = EVP_MD_get_size(md);
	753	size_t hashlen;
750	754	unsigned char key[EVP_MAX_KEY_LENGTH];
751	755	unsigned char insecret, iv;
752	756	unsigned char secret[EVP_MAX_MD_SIZE];
	757	char *log_label;
753	758	EVP_CIPHER_CTX *ciph_ctx;
754		int ret = 0;
	759	int ret = 0, l;
	760
	761	if ((l = EVP_MD_get_size(md)) <= 0) {
	762	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
	763	return 0;
	764	}
	765	hashlen = (size_t)l;
755	766
756	767	if (s->server == sending)
757	768	insecret = s->server_app_traffic_secret;

769	780	RECORD_LAYER_reset_read_sequence(&s->rlayer);
770	781	}
771	782
772		if (!derive_secret_key_and_iv(s, sending, ssl_handshake_md(s),
	783	if (!derive_secret_key_and_iv(s, sending, md,
773	784	s->s3.tmp.new_sym_enc, insecret, NULL,
774	785	application_traffic,
775	786	sizeof(application_traffic) - 1, secret, key,

779	790	}
780	791
781	792	memcpy(insecret, secret, hashlen);
	793
	794	/* Call Key log on successful traffic secret update */
	795	log_label = s->server == sending ? SERVER_APPLICATION_N_LABEL : CLIENT_APPLICATION_N_LABEL;
	796	if (!ssl_log_secret(s, log_label, secret, hashlen)) {
	797	/* SSLfatal() already called */
	798	goto err;
	799	}
782	800
783	801	s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
784	802	ret = 1;

814	832	unsigned int hashsize, datalen;
815	833	int ret = 0;
816	834
817		if (ctx == NULL \|\| !ossl_statem_export_allowed(s))
	835	if (ctx == NULL \|\| md == NULL \|\| !ossl_statem_export_allowed(s))
818	836	goto err;
819	837
820	838	if (!use_context)

883	901	*
884	902	* Here Transcript-Hash is the cipher suite hash algorithm.
885	903	*/
886		if (EVP_DigestInit_ex(ctx, md, NULL) <= 0
	904	if (md == NULL
	905	\|\| EVP_DigestInit_ex(ctx, md, NULL) <= 0
887	906	\|\| EVP_DigestUpdate(ctx, context, contextlen) <= 0
888	907	\|\| EVP_DigestFinal_ex(ctx, hash, &hashsize) <= 0
889	908	\|\| EVP_DigestInit_ex(ctx, md, NULL) <= 0

+1

-1

ssl/tls_srp.c less more

237	237	BN_clear_free(s->srp_ctx.s);
238	238	s->srp_ctx.s = NULL;
239	239	if (!SRP_create_verifier_BN_ex(user, pass, &s->srp_ctx.s, &s->srp_ctx.v,
240		GN->N, GN->g, s->ctx->libctx,
	240	s->srp_ctx.N, s->srp_ctx.g, s->ctx->libctx,
241	241	s->ctx->propq))
242	242	return -1;
243	243

+0

-4

test/aesgcmtest.c less more

115	115	return ret;
116	116	}
117	117
118		#ifdef FIPS_MODULE
119	118	static int ivgen_test(void)
120	119	{
121	120	unsigned char iv_gen[16];

126	125	return do_encrypt(iv_gen, ct, &ctlen, tag, &taglen)
127	126	&& do_decrypt(iv_gen, ct, ctlen, tag, taglen);
128	127	}
129		#endif /* FIPS_MODULE */
130	128
131	129	int setup_tests(void)
132	130	{
133	131	ADD_TEST(kat_test);
134	132	ADD_TEST(badkeylen_test);
135		#ifdef FIPS_MODULE
136	133	ADD_TEST(ivgen_test);
137		#endif /* FIPS_MODULE */
138	134	return 1;
139	135	}

+2

-1

test/asynctest.c less more

0	0	/*
1		* Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

408	408	ret = 1;
409	409	err:
410	410	ASYNC_WAIT_CTX_free(waitctx);
	411	ASYNC_cleanup_thread();
411	412	OSSL_LIB_CTX_free(libctx);
412	413	return ret;
413	414	}

+15

-5

test/build.info less more

39	39	exptest pbetest localetest evp_pkey_ctx_new_from_name\
40	40	evp_pkey_provided_test evp_test evp_extra_test evp_extra_test2 \
41	41	evp_fetch_prov_test evp_libctx_test ossl_store_test \
42		v3nametest v3ext \
	42	v3nametest v3ext punycode_test \
43	43	evp_pkey_provided_test evp_test evp_extra_test evp_extra_test2 \
44	44	evp_fetch_prov_test v3nametest v3ext \
45	45	crltest danetest bad_dtls_test lhash_test sparse_array_test \

61	61	context_internal_test aesgcmtest params_test evp_pkey_dparams_test \
62	62	keymgmt_internal_test hexstr_test provider_status_test defltfips_test \
63	63	bio_readbuffer_test user_property_test pkcs7_test upcallstest \
64		provfetchtest prov_config_test rand_test
	64	provfetchtest prov_config_test rand_test fips_version_test
65	65
66	66	IF[{- !$disabled{'deprecated-3.0'} -}]
67	67	PROGRAMS{noinst}=enginetest

184	184	SOURCE[evp_fetch_prov_test]=evp_fetch_prov_test.c
185	185	INCLUDE[evp_fetch_prov_test]=../include ../apps/include
186	186	DEPEND[evp_fetch_prov_test]=../libcrypto libtestutil.a
187		IF[{- $disabled{fips} \|\| !$target{dso_scheme} -}]
188		DEFINE[evp_extra_test]=NO_FIPS_MODULE
189		ENDIF
190	187
191	188	SOURCE[provfetchtest]=provfetchtest.c
192	189	INCLUDE[provfetchtest]=../include ../apps/include

291	288	SOURCE[pkcs7_test]=pkcs7_test.c
292	289	INCLUDE[pkcs7_test]=../include ../apps/include
293	290	DEPEND[pkcs7_test]=../libcrypto libtestutil.a
	291
	292	SOURCE[punycode_test]=punycode_test.c
	293	INCLUDE[punycode_test]=../include ../apps/include
	294	DEPEND[punycode_test]=../libcrypto.a libtestutil.a
294	295
295	296	SOURCE[stack_test]=stack_test.c
296	297	INCLUDE[stack_test]=../include ../apps/include

392	393	SOURCE[defltfips_test]=defltfips_test.c
393	394	INCLUDE[defltfips_test]=../include ../apps/include
394	395	DEPEND[defltfips_test]=../libcrypto libtestutil.a
	396
	397	SOURCE[fips_version_test]=fips_version_test.c
	398	INCLUDE[fips_version_test]=../include ../apps/include
	399	DEPEND[fips_version_test]=../libcrypto libtestutil.a
395	400
396	401	SOURCE[ocspapitest]=ocspapitest.c
397	402	INCLUDE[ocspapitest]=../include ../apps/include

775	780	SOURCE[ssl_old_test]=ssl_old_test.c helpers/predefined_dhparams.c
776	781	INCLUDE[ssl_old_test]=.. ../include ../apps/include
777	782	DEPEND[ssl_old_test]=../libcrypto.a ../libssl.a libtestutil.a
	783
	784	PROGRAMS{noinst}=ext_internal_test
	785	SOURCE[ext_internal_test]=ext_internal_test.c
	786	INCLUDE[ext_internal_test]=.. ../include ../apps/include
	787	DEPEND[ext_internal_test]=../libcrypto.a ../libssl.a libtestutil.a
778	788
779	789	PROGRAMS{noinst}=algorithmid_test
780	790	SOURCE[algorithmid_test]=algorithmid_test.c

+2

-2

test/certs/setup.sh less more

9	9	# cross root and root cross cert
10	10	./mkcert.sh genroot "Cross Root" cross-key cross-root
11	11	./mkcert.sh genca "Root CA" root-key root-cross-cert cross-key cross-root
12		# trust variants: +serverAuth -serverAuth +clientAuth -clientAuth,
	12	# trust variants: +serverAuth -serverAuth +clientAuth -clientAuth
13	13	openssl x509 -in root-cert.pem -trustout \
14	14	-addtrust serverAuth -out root+serverAuth.pem
15	15	openssl x509 -in root-cert.pem -trustout \

78	78
79	79	# Primary intermediate ca: ca-cert
80	80	./mkcert.sh genca "CA" ca-key ca-cert root-key root-cert
81		# ca variants: CA:false, key2, DN2, issuer2, expired
	81	# ca variants: CA:false, no bc, key2, DN2, issuer2, expired
82	82	./mkcert.sh genee "CA" ca-key ca-nonca root-key root-cert
83	83	./mkcert.sh gen_nonbc_ca "CA" ca-key ca-nonbc root-key root-cert
84	84	./mkcert.sh genca "CA" ca-key2 ca-cert2 root-key root-cert

+50

-6

test/cmsapitest.c less more

288	288	return ret;
289	289	}
290	290
291		static int test_d2i_CMS_bio_file_encrypted_data(void)
	291	static unsigned char read_all(BIO bio, long *p_len)
	292	{
	293	const int step = 256;
	294	unsigned char *buf = NULL;
	295	unsigned char *tmp = NULL;
	296	int ret;
	297
	298	*p_len = 0;
	299	for (;;) {
	300	tmp = OPENSSL_realloc(buf, *p_len + step);
	301	if (tmp == NULL)
	302	break;
	303	buf = tmp;
	304	ret = BIO_read(bio, buf + *p_len, step);
	305	if (ret < 0)
	306	break;
	307
	308	*p_len += ret;
	309
	310	if (ret < step)
	311	return buf;
	312	}
	313
	314	/* Error */
	315	OPENSSL_free(buf);
	316	*p_len = 0;
	317	return NULL;
	318	}
	319
	320	static int test_d2i_CMS_decode(const int idx)
292	321	{
293	322	BIO *bio = NULL;
294	323	CMS_ContentInfo *cms = NULL;
	324	unsigned char *buf = NULL;
	325	const unsigned char *tmp = NULL;
	326	long buf_len = 0;
295	327	int ret = 0;
296	328
297		ERR_clear_error();
298
299		if (!TEST_ptr(bio = BIO_new_file(derin, "r"))
300		\|\| !TEST_ptr(cms = d2i_CMS_bio(bio, NULL)))
	329	if (!TEST_ptr(bio = BIO_new_file(derin, "r")))
301	330	goto end;
	331
	332	switch (idx) {
	333	case 0:
	334	if (!TEST_ptr(cms = d2i_CMS_bio(bio, NULL)))
	335	goto end;
	336	break;
	337	case 1:
	338	if (!TEST_ptr(buf = read_all(bio, &buf_len)))
	339	goto end;
	340	tmp = buf;
	341	if (!TEST_ptr(cms = d2i_CMS_ContentInfo(NULL, &tmp, buf_len)))
	342	goto end;
	343	break;
	344	}
302	345
303	346	if (!TEST_int_eq(ERR_peek_error(), 0))
304	347	goto end;

307	350	end:
308	351	CMS_ContentInfo_free(cms);
309	352	BIO_free(bio);
	353	OPENSSL_free(buf);
310	354
311	355	return ret;
312	356	}

356	400	ADD_TEST(test_encrypt_decrypt_aes_192_gcm);
357	401	ADD_TEST(test_encrypt_decrypt_aes_256_gcm);
358	402	ADD_TEST(test_d2i_CMS_bio_NULL);
359		ADD_TEST(test_d2i_CMS_bio_file_encrypted_data);
	403	ADD_ALL_TESTS(test_d2i_CMS_decode, 2);
360	404	return 1;
361	405	}
362	406

+22

-33

test/drbgtest.c less more

131	131
132	132	/*
133	133	* When building the FIPS module, it isn't possible to disable the continuous
134		* RNG tests. Tests that require this are skipped.
135		*/
136		static int crngt_skip(void)
137		{
138		#ifdef FIPS_MODULE
139		return 1;
140		#else
141		return 0;
142		#endif
	134	* RNG tests. Tests that require this are skipped and this means a detection
	135	* mechanism for the FIPS provider being in use.
	136	*/
	137	static int using_fips_rng(void)
	138	{
	139	EVP_RAND_CTX *primary = RAND_get0_primary(NULL);
	140	const OSSL_PROVIDER *prov;
	141	const char *name;
	142
	143	if (!TEST_ptr(primary))
	144	return 0;
	145
	146	prov = EVP_RAND_get0_provider(EVP_RAND_CTX_get0_rand(primary));
	147	if (!TEST_ptr(prov))
	148	return 0;
	149	name = OSSL_PROVIDER_get0_name(prov);
	150	return strcmp(name, "OpenSSL FIPS Provider") == 0;
143	151	}
144	152
145	153	/*

268	276	}
269	277
270	278
271		#if defined(OPENSSL_SYS_UNIX)
	279	#if defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_RAND_SEED_EGD)
272	280	/* number of children to fork */
273	281	#define DRBG_FORK_COUNT 9
274	282	/* two results per child, two for the parent */

539	547
540	548	/*
541	549	* Test whether the default rand_method (RAND_OpenSSL()) is
542		* setup correctly, in particular whether reseeding works
	550	* setup correctly, in particular whether reseeding works
543	551	* as designed.
544	552	*/
545	553	static int test_rand_reseed(void)

549	557	int rv = 0;
550	558	time_t before_reseed;
551	559
552		if (crngt_skip())
	560	if (using_fips_rng())
553	561	return TEST_skip("CRNGT cannot be disabled");
554	562
555	563	#ifndef OPENSSL_NO_DEPRECATED_3_0

581	589	EVP_RAND_uninstantiate(private);
582	590	EVP_RAND_uninstantiate(public);
583	591
584
585	592	/*
586	593	* Test initial seeding of shared DRBGs
587	594	*/

590	597	NULL, NULL,
591	598	1, 1, 1, 0)))
592	599	goto error;
593
594	600
595	601	/*
596	602	* Test initial state of shared DRBGs

639	645	/* fill 'randomness' buffer with some arbitrary data */
640	646	memset(rand_add_buf, 'r', sizeof(rand_add_buf));
641	647
642		#ifndef FIPS_MODULE
643	648	/*
644	649	* Test whether all three DRBGs are reseeded by RAND_add().
645	650	* The before_reseed time has to be measured here and passed into the

656	661	1, 1, 1,
657	662	before_reseed)))
658	663	goto error;
659		#else /* FIPS_MODULE */
660		/*
661		* In FIPS mode, random data provided by the application via RAND_add()
662		* is not considered a trusted entropy source. It is only treated as
663		* additional_data and no reseeding is forced. This test assures that
664		* no reseeding occurs.
665		*/
666		before_reseed = time(NULL);
667		RAND_add(rand_add_buf, sizeof(rand_add_buf), sizeof(rand_add_buf));
668		if (!TEST_true(test_drbg_reseed(1,
669		primary, public, private,
670		NULL, NULL,
671		0, 0, 0,
672		before_reseed)))
673		goto error;
674		#endif
675	664
676	665	rv = 1;
677	666

821	810	unsigned char buf1[51], buf2[sizeof(buf1)];
822	811	int ret = 0, xreseed, yreseed, zreseed;
823	812
824		if (crngt_skip())
	813	if (using_fips_rng())
825	814	return TEST_skip("CRNGT cannot be disabled");
826	815
827	816	/* Initialise a three long DRBG chain */

905	894	int setup_tests(void)
906	895	{
907	896	ADD_TEST(test_rand_reseed);
908		#if defined(OPENSSL_SYS_UNIX)
	897	#if defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_RAND_SEED_EGD)
909	898	ADD_ALL_TESTS(test_rand_fork_safety, RANDOM_SIZE);
910	899	#endif
911	900	ADD_TEST(test_rand_prediction_resistance);

+134

-26

test/dtlstest.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

41	41
42	42	#define RECORD_SEQUENCE 10
43	43
	44	static const char dummy_cookie[] = "0123456";
	45
	46	static int generate_cookie_cb(SSL ssl, unsigned char cookie,
	47	unsigned int *cookie_len)
	48	{
	49	memcpy(cookie, dummy_cookie, sizeof(dummy_cookie));
	50	*cookie_len = sizeof(dummy_cookie);
	51	return 1;
	52	}
	53
	54	static int verify_cookie_cb(SSL ssl, const unsigned char cookie,
	55	unsigned int cookie_len)
	56	{
	57	return TEST_mem_eq(cookie, cookie_len, dummy_cookie, sizeof(dummy_cookie));
	58	}
	59
44	60	static unsigned int timer_cb(SSL *s, unsigned int timer_us)
45	61	{
46	62	++timer_cb_count;

125	141
126	142	return testresult;
127	143	}
	144
	145	/* One record for the cookieless initial ClientHello */
	146	#define CLI_TO_SRV_COOKIE_EXCH 1
	147
	148	/*
	149	* In a resumption handshake we use 2 records for the initial ClientHello in
	150	* this test because we are using a very small MTU and the ClientHello is
	151	* bigger than in the non resumption case.
	152	*/
	153	#define CLI_TO_SRV_RESUME_COOKIE_EXCH 2
	154	#define SRV_TO_CLI_COOKIE_EXCH 1
128	155
129	156	#define CLI_TO_SRV_EPOCH_0_RECS 3
130	157	#define CLI_TO_SRV_EPOCH_1_RECS 1

140	167	#endif
141	168	#define SRV_TO_CLI_EPOCH_1_RECS 1
142	169	#define TOTAL_FULL_HAND_RECORDS \
143		(CLI_TO_SRV_EPOCH_0_RECS + CLI_TO_SRV_EPOCH_1_RECS + \
	170	(CLI_TO_SRV_COOKIE_EXCH + SRV_TO_CLI_COOKIE_EXCH + \
	171	CLI_TO_SRV_EPOCH_0_RECS + CLI_TO_SRV_EPOCH_1_RECS + \
144	172	SRV_TO_CLI_EPOCH_0_RECS + SRV_TO_CLI_EPOCH_1_RECS)
145	173
146	174	#define CLI_TO_SRV_RESUME_EPOCH_0_RECS 3

148	176	#define SRV_TO_CLI_RESUME_EPOCH_0_RECS 2
149	177	#define SRV_TO_CLI_RESUME_EPOCH_1_RECS 1
150	178	#define TOTAL_RESUME_HAND_RECORDS \
151		(CLI_TO_SRV_RESUME_EPOCH_0_RECS + CLI_TO_SRV_RESUME_EPOCH_1_RECS + \
	179	(CLI_TO_SRV_RESUME_COOKIE_EXCH + SRV_TO_CLI_COOKIE_EXCH + \
	180	CLI_TO_SRV_RESUME_EPOCH_0_RECS + CLI_TO_SRV_RESUME_EPOCH_1_RECS + \
152	181	SRV_TO_CLI_RESUME_EPOCH_0_RECS + SRV_TO_CLI_RESUME_EPOCH_1_RECS)
153	182
154	183	#define TOTAL_RECORDS (TOTAL_FULL_HAND_RECORDS + TOTAL_RESUME_HAND_RECORDS)

166	195	int testresult = 0;
167	196	int epoch = 0;
168	197	SSL_SESSION *sess = NULL;
169		int cli_to_srv_epoch0, cli_to_srv_epoch1, srv_to_cli_epoch0;
	198	int cli_to_srv_cookie, cli_to_srv_epoch0, cli_to_srv_epoch1;
	199	int srv_to_cli_epoch0;
170	200
171	201	if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(),
172	202	DTLS_client_method(),

184	214
185	215	if (!TEST_true(SSL_CTX_set_dh_auto(sctx, 1)))
186	216	goto end;
	217
	218	SSL_CTX_set_options(sctx, SSL_OP_COOKIE_EXCHANGE);
	219	SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb);
	220	SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb);
187	221
188	222	if (idx >= TOTAL_FULL_HAND_RECORDS) {
189	223	/* We're going to do a resumption handshake. Get a session first. */

203	237	cli_to_srv_epoch0 = CLI_TO_SRV_RESUME_EPOCH_0_RECS;
204	238	cli_to_srv_epoch1 = CLI_TO_SRV_RESUME_EPOCH_1_RECS;
205	239	srv_to_cli_epoch0 = SRV_TO_CLI_RESUME_EPOCH_0_RECS;
	240	cli_to_srv_cookie = CLI_TO_SRV_RESUME_COOKIE_EXCH;
206	241	idx -= TOTAL_FULL_HAND_RECORDS;
207	242	} else {
208	243	cli_to_srv_epoch0 = CLI_TO_SRV_EPOCH_0_RECS;
209	244	cli_to_srv_epoch1 = CLI_TO_SRV_EPOCH_1_RECS;
210	245	srv_to_cli_epoch0 = SRV_TO_CLI_EPOCH_0_RECS;
	246	cli_to_srv_cookie = CLI_TO_SRV_COOKIE_EXCH;
211	247	}
212	248
213	249	c_to_s_fbio = BIO_new(bio_f_tls_dump_filter());

228	264	DTLS_set_timer_cb(serverssl, timer_cb);
229	265
230	266	/* Work out which record to drop based on the test number */
231		if (idx >= cli_to_srv_epoch0 + cli_to_srv_epoch1) {
	267	if (idx >= cli_to_srv_cookie + cli_to_srv_epoch0 + cli_to_srv_epoch1) {
232	268	mempackbio = SSL_get_wbio(serverssl);
233		idx -= cli_to_srv_epoch0 + cli_to_srv_epoch1;
234		if (idx >= srv_to_cli_epoch0) {
	269	idx -= cli_to_srv_cookie + cli_to_srv_epoch0 + cli_to_srv_epoch1;
	270	if (idx >= SRV_TO_CLI_COOKIE_EXCH + srv_to_cli_epoch0) {
235	271	epoch = 1;
236		idx -= srv_to_cli_epoch0;
	272	idx -= SRV_TO_CLI_COOKIE_EXCH + srv_to_cli_epoch0;
237	273	}
238	274	} else {
239	275	mempackbio = SSL_get_wbio(clientssl);
240		if (idx >= cli_to_srv_epoch0) {
	276	if (idx >= cli_to_srv_cookie + cli_to_srv_epoch0) {
241	277	epoch = 1;
242		idx -= cli_to_srv_epoch0;
	278	idx -= cli_to_srv_cookie + cli_to_srv_epoch0;
243	279	}
244	280	mempackbio = BIO_next(mempackbio);
245	281	}

268	304	return testresult;
269	305	}
270	306	#endif /* !defined(OPENSSL_NO_DH) \|\| !defined(OPENSSL_NO_EC) */
271
272		static const char dummy_cookie[] = "0123456";
273
274		static int generate_cookie_cb(SSL ssl, unsigned char cookie,
275		unsigned int *cookie_len)
276		{
277		memcpy(cookie, dummy_cookie, sizeof(dummy_cookie));
278		*cookie_len = sizeof(dummy_cookie);
279		return 1;
280		}
281
282		static int verify_cookie_cb(SSL ssl, const unsigned char cookie,
283		unsigned int cookie_len)
284		{
285		return TEST_mem_eq(cookie, cookie_len, dummy_cookie, sizeof(dummy_cookie));
286		}
287	307
288	308	static int test_cookie(void)
289	309	{

441	461	return testresult;
442	462	}
443	463
	464	/*
	465	* Test that swapping an app data record so that it is received before the
	466	* Finished message still works.
	467	*/
	468	static int test_swap_app_data(void)
	469	{
	470	SSL_CTX sctx = NULL, cctx = NULL;
	471	SSL sssl = NULL, cssl = NULL;
	472	int testresult = 0;
	473	BIO *bio;
	474	char msg[] = { 0x00, 0x01, 0x02, 0x03 };
	475	char buf[10];
	476
	477	if (!TEST_true(create_ssl_ctx_pair(NULL, DTLS_server_method(),
	478	DTLS_client_method(),
	479	DTLS1_VERSION, 0,
	480	&sctx, &cctx, cert, privkey)))
	481	return 0;
	482
	483	#ifndef OPENSSL_NO_DTLS1_2
	484	if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES128-SHA")))
	485	goto end;
	486	#else
	487	/* Default sigalgs are SHA1 based in <DTLS1.2 which is in security level 0 */
	488	if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "AES128-SHA:@SECLEVEL=0"))
	489	\|\| !TEST_true(SSL_CTX_set_cipher_list(cctx,
	490	"AES128-SHA:@SECLEVEL=0")))
	491	goto end;
	492	#endif
	493
	494	if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl,
	495	NULL, NULL)))
	496	goto end;
	497
	498	/* Send flight 1: ClientHello */
	499	if (!TEST_int_le(SSL_connect(cssl), 0))
	500	goto end;
	501
	502	/* Recv flight 1, send flight 2: ServerHello, Certificate, ServerHelloDone */
	503	if (!TEST_int_le(SSL_accept(sssl), 0))
	504	goto end;
	505
	506	/* Recv flight 2, send flight 3: ClientKeyExchange, CCS, Finished */
	507	if (!TEST_int_le(SSL_connect(cssl), 0))
	508	goto end;
	509
	510	/* Recv flight 3, send flight 4: datagram 1(NST, CCS) datagram 2(Finished) */
	511	if (!TEST_int_gt(SSL_accept(sssl), 0))
	512	goto end;
	513
	514	/* Send flight 5: app data */
	515	if (!TEST_int_eq(SSL_write(sssl, msg, sizeof(msg)), (int)sizeof(msg)))
	516	goto end;
	517
	518	bio = SSL_get_wbio(sssl);
	519	if (!TEST_ptr(bio)
	520	\|\| !TEST_true(mempacket_swap_recent(bio)))
	521	goto end;
	522
	523	/*
	524	* Recv flight 4 (datagram 1): NST, CCS, + flight 5: app data
	525	* + flight 4 (datagram 2): Finished
	526	*/
	527	if (!TEST_int_gt(SSL_connect(cssl), 0))
	528	goto end;
	529
	530	/* The app data should be buffered already */
	531	if (!TEST_int_eq(SSL_pending(cssl), (int)sizeof(msg))
	532	\|\| !TEST_true(SSL_has_pending(cssl)))
	533	goto end;
	534
	535	/*
	536	* Recv flight 5 (app data)
	537	* We already buffered this so it should be available.
	538	*/
	539	if (!TEST_int_eq(SSL_read(cssl, buf, sizeof(buf)), (int)sizeof(msg)))
	540	goto end;
	541
	542	testresult = 1;
	543	end:
	544	SSL_free(cssl);
	545	SSL_free(sssl);
	546	SSL_CTX_free(cctx);
	547	SSL_CTX_free(sctx);
	548	return testresult;
	549	}
	550
444	551	OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
445	552
446	553	int setup_tests(void)

461	568	ADD_TEST(test_cookie);
462	569	ADD_TEST(test_dtls_duplicate_records);
463	570	ADD_TEST(test_just_finished);
	571	ADD_TEST(test_swap_app_data);
464	572
465	573	return 1;
466	574	}

+35

-1

test/ec_internal_test.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

259	259	#endif
260	260
261	261	/*
	262	* Tests behavior of the EC_KEY_set_private_key
	263	*/
	264	static int set_private_key(void)
	265	{
	266	EC_KEY key = NULL, aux_key = NULL;
	267	int testresult = 0;
	268
	269	key = EC_KEY_new_by_curve_name(NID_secp224r1);
	270	aux_key = EC_KEY_new_by_curve_name(NID_secp224r1);
	271	if (!TEST_ptr(key)
	272	\|\| !TEST_ptr(aux_key)
	273	\|\| !TEST_int_eq(EC_KEY_generate_key(key), 1)
	274	\|\| !TEST_int_eq(EC_KEY_generate_key(aux_key), 1))
	275	goto err;
	276
	277	/* Test setting a valid private key */
	278	if (!TEST_int_eq(EC_KEY_set_private_key(key, aux_key->priv_key), 1))
	279	goto err;
	280
	281	/* Test compliance with legacy behavior for NULL private keys */
	282	if (!TEST_int_eq(EC_KEY_set_private_key(key, NULL), 0)
	283	\|\| !TEST_ptr_null(key->priv_key))
	284	goto err;
	285
	286	testresult = 1;
	287
	288	err:
	289	EC_KEY_free(key);
	290	EC_KEY_free(aux_key);
	291	return testresult;
	292	}
	293
	294	/*
262	295	* Tests behavior of the decoded_from_explicit_params flag and API
263	296	*/
264	297	static int decoded_flag_test(void)

415	448	#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
416	449	ADD_TEST(underflow_test);
417	450	#endif
	451	ADD_TEST(set_private_key);
418	452	ADD_TEST(decoded_flag_test);
419	453	ADD_ALL_TESTS(ecpkparams_i2d2i_test, crv_len);
420	454

+7

-1

test/endecode_test.c less more

42	42
43	43	static int default_libctx = 1;
44	44	static int is_fips = 0;
	45	static int is_fips_3_0_0 = 0;
45	46
46	47	static OSSL_LIB_CTX *testctx = NULL;
47	48	static OSSL_LIB_CTX *keyctx = NULL;

169	170	output_type, output_structure, pass, pcipher)))
170	171	goto end;
171	172
172		if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips) {
	173	if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips && !is_fips_3_0_0) {
173	174	if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
174	175	encoded_len, output_type, output_structure,
175	176	(flags & FLAG_DECODE_WITH_TYPE ? type : NULL),

1318	1319	return 0;
1319	1320	}
1320	1321
	1322	/* FIPS(3.0.0): provider imports explicit params but they won't work #17998 */
	1323	is_fips_3_0_0 = fips_provider_version_eq(testctx, 3, 0, 0);
	1324	if (is_fips_3_0_0 < 0)
	1325	return 0;
	1326
1321	1327	/* Separate provider/ctx for generating the test data */
1322	1328	if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1323	1329	return 0;

+155

-4

test/evp_extra_test.c less more

896	896	EVP_PKEY *params_and_keypair = NULL;
897	897	BIGNUM *priv = NULL;
898	898	int ret = 0;
	899	unsigned char *encoded = NULL;
899	900
900	901	/*
901	902	* Setup the parameters for our pkey object. For our purposes they don't

1003	1004	\|\| !TEST_int_gt(EVP_PKEY_eq(params_and_keypair, params_and_pub), 0)
1004	1005	\|\| !TEST_int_gt(EVP_PKEY_eq(params_and_keypair, params_and_priv), 0))
1005	1006	goto err;
	1007
	1008	/* Positive and negative testcase for EVP_PKEY_get1_encoded_public_key */
	1009	if (!TEST_int_gt(EVP_PKEY_get1_encoded_public_key(params_and_pub, &encoded), 0))
	1010	goto err;
	1011	OPENSSL_free(encoded);
	1012	encoded = NULL;
	1013	if (!TEST_int_eq(EVP_PKEY_get1_encoded_public_key(just_params, &encoded), 0)) {
	1014	OPENSSL_free(encoded);
	1015	encoded = NULL;
	1016	goto err;
	1017	}
1006	1018
1007	1019	ret = 1;
1008	1020	err:

1799	1811	}
1800	1812	#endif
1801	1813
1802		#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
	1814	#if !defined(OPENSSL_NO_SM2)
1803	1815
1804	1816	static int test_EVP_SM2_verify(void)
1805	1817	{

2735	2747	BN_free(n);
2736	2748	BN_free(e);
2737	2749	BN_free(d);
	2750
	2751	return ret;
	2752	}
	2753
	2754	static int test_RSA_OAEP_set_get_params(void)
	2755	{
	2756	int ret = 0;
	2757	EVP_PKEY *key = NULL;
	2758	EVP_PKEY_CTX *key_ctx = NULL;
	2759
	2760	if (nullprov != NULL)
	2761	return TEST_skip("Test does not support a non-default library context");
	2762
	2763	if (!TEST_ptr(key = load_example_rsa_key())
	2764	\|\| !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(0, key, 0)))
	2765	goto err;
	2766
	2767	{
	2768	int padding = RSA_PKCS1_OAEP_PADDING;
	2769	OSSL_PARAM params[4];
	2770
	2771	params[0] = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PAD_MODE, &padding);
	2772	params[1] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST,
	2773	OSSL_DIGEST_NAME_SHA2_256, 0);
	2774	params[2] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST,
	2775	OSSL_DIGEST_NAME_SHA1, 0);
	2776	params[3] = OSSL_PARAM_construct_end();
	2777
	2778	if (!TEST_int_gt(EVP_PKEY_encrypt_init_ex(key_ctx, params),0))
	2779	goto err;
	2780	}
	2781	{
	2782	OSSL_PARAM params[3];
	2783	char oaepmd[30] = { '\0' };
	2784	char mgf1md[30] = { '\0' };
	2785
	2786	params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST,
	2787	oaepmd, sizeof(oaepmd));
	2788	params[1] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST,
	2789	mgf1md, sizeof(mgf1md));
	2790	params[2] = OSSL_PARAM_construct_end();
	2791
	2792	if (!TEST_true(EVP_PKEY_CTX_get_params(key_ctx, params)))
	2793	goto err;
	2794
	2795	if (!TEST_str_eq(oaepmd, OSSL_DIGEST_NAME_SHA2_256)
	2796	\|\| !TEST_str_eq(mgf1md, OSSL_DIGEST_NAME_SHA1))
	2797	goto err;
	2798	}
	2799
	2800	ret = 1;
	2801
	2802	err:
	2803	EVP_PKEY_free(key);
	2804	EVP_PKEY_CTX_free(key_ctx);
2738	2805
2739	2806	return ret;
2740	2807	}

4277	4344	* library context in this test.
4278	4345	*/
4279	4346	if (testctx != NULL)
4280		return 1;
	4347	return TEST_skip("Non-default libctx");
4281	4348
4282	4349	custom_md_init_called = custom_md_cleanup_called = 0;
4283	4350

4299	4366	/*
4300	4367	* Initing our custom md and then initing another md should
4301	4368	* result in the init and cleanup functions of the custom md
4302		* from being called.
	4369	* being called.
4303	4370	*/
4304	4371	\|\| !TEST_true(EVP_DigestInit_ex(mdctx, tmp, NULL))
4305	4372	\|\| !TEST_true(EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL))

4313	4380	err:
4314	4381	EVP_MD_CTX_free(mdctx);
4315	4382	EVP_MD_meth_free(tmp);
	4383	return testresult;
	4384	}
	4385
	4386	typedef struct {
	4387	int data;
	4388	} custom_ciph_ctx;
	4389
	4390	static int custom_ciph_init_called = 0;
	4391	static int custom_ciph_cleanup_called = 0;
	4392
	4393	static int custom_ciph_init(EVP_CIPHER_CTX ctx, const unsigned char key,
	4394	const unsigned char *iv, int enc)
	4395	{
	4396	custom_ciph_ctx *p = EVP_CIPHER_CTX_get_cipher_data(ctx);
	4397
	4398	if (p == NULL)
	4399	return 0;
	4400
	4401	custom_ciph_init_called++;
	4402	return 1;
	4403	}
	4404
	4405	static int custom_ciph_cleanup(EVP_CIPHER_CTX *ctx)
	4406	{
	4407	custom_ciph_ctx *p = EVP_CIPHER_CTX_get_cipher_data(ctx);
	4408
	4409	if (p == NULL)
	4410	/* Nothing to do */
	4411	return 1;
	4412
	4413	custom_ciph_cleanup_called++;
	4414	return 1;
	4415	}
	4416
	4417	static int test_custom_ciph_meth(void)
	4418	{
	4419	EVP_CIPHER_CTX *ciphctx = NULL;
	4420	EVP_CIPHER *tmp = NULL;
	4421	int testresult = 0;
	4422	int nid;
	4423
	4424	/*
	4425	* We are testing deprecated functions. We don't support a non-default
	4426	* library context in this test.
	4427	*/
	4428	if (testctx != NULL)
	4429	return TEST_skip("Non-default libctx");
	4430
	4431	custom_ciph_init_called = custom_ciph_cleanup_called = 0;
	4432
	4433	nid = OBJ_create("1.3.6.1.4.1.16604.998866.2", "custom-ciph", "custom-ciph");
	4434	if (!TEST_int_ne(nid, NID_undef))
	4435	goto err;
	4436	tmp = EVP_CIPHER_meth_new(nid, 16, 16);
	4437	if (!TEST_ptr(tmp))
	4438	goto err;
	4439
	4440	if (!TEST_true(EVP_CIPHER_meth_set_init(tmp, custom_ciph_init))
	4441	\|\| !TEST_true(EVP_CIPHER_meth_set_flags(tmp, EVP_CIPH_ALWAYS_CALL_INIT))
	4442	\|\| !TEST_true(EVP_CIPHER_meth_set_cleanup(tmp, custom_ciph_cleanup))
	4443	\|\| !TEST_true(EVP_CIPHER_meth_set_impl_ctx_size(tmp,
	4444	sizeof(custom_ciph_ctx))))
	4445	goto err;
	4446
	4447	ciphctx = EVP_CIPHER_CTX_new();
	4448	if (!TEST_ptr(ciphctx)
	4449	/*
	4450	* Initing our custom cipher and then initing another cipher
	4451	* should result in the init and cleanup functions of the custom
	4452	* cipher being called.
	4453	*/
	4454	\|\| !TEST_true(EVP_CipherInit_ex(ciphctx, tmp, NULL, NULL, NULL, 1))
	4455	\|\| !TEST_true(EVP_CipherInit_ex(ciphctx, EVP_aes_128_cbc(), NULL,
	4456	NULL, NULL, 1))
	4457	\|\| !TEST_int_eq(custom_ciph_init_called, 1)
	4458	\|\| !TEST_int_eq(custom_ciph_cleanup_called, 1))
	4459	goto err;
	4460
	4461	testresult = 1;
	4462	err:
	4463	EVP_CIPHER_CTX_free(ciphctx);
	4464	EVP_CIPHER_meth_free(tmp);
4316	4465	return testresult;
4317	4466	}
4318	4467

4539	4688	#ifndef OPENSSL_NO_EC
4540	4689	ADD_ALL_TESTS(test_EC_keygen_with_enc, OSSL_NELEM(ec_encodings));
4541	4690	#endif
4542		#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
	4691	#if !defined(OPENSSL_NO_SM2)
4543	4692	ADD_TEST(test_EVP_SM2);
4544	4693	ADD_TEST(test_EVP_SM2_verify);
4545	4694	#endif

4571	4720	ADD_TEST(test_DSA_priv_pub);
4572	4721	#endif
4573	4722	ADD_TEST(test_RSA_get_set_params);
	4723	ADD_TEST(test_RSA_OAEP_set_get_params);
4574	4724	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
4575	4725	ADD_TEST(test_decrypt_null_chunks);
4576	4726	#endif

4614	4764	ADD_ALL_TESTS(test_custom_pmeth, 12);
4615	4765	ADD_TEST(test_evp_md_cipher_meth);
4616	4766	ADD_TEST(test_custom_md_meth);
	4767	ADD_TEST(test_custom_ciph_meth);
4617	4768
4618	4769	# ifndef OPENSSL_NO_DYNAMIC_ENGINE
4619	4770	/* Tests only support the default libctx */

+42

-0

test/evp_extra_test2.c less more

20	20	#include <openssl/pem.h>
21	21	#include <openssl/provider.h>
22	22	#include <openssl/rsa.h>
	23	#include <openssl/dh.h>
23	24	#include <openssl/core_names.h>
	25
24	26	#include "testutil.h"
25	27	#include "internal/nelem.h"
26	28

332	334	OSSL_PARAM params[2];
333	335	EVP_PKEY *key = NULL;
334	336	EVP_PKEY_CTX *gctx = NULL;
	337	# ifndef OPENSSL_NO_DEPRECATED_3_0
	338	const DH *dhkey;
	339	const BIGNUM *privkey;
	340	# endif
335	341
336	342	params[0] = OSSL_PARAM_construct_utf8_string("group", "ffdhe2048", 0);
337	343	params[1] = OSSL_PARAM_construct_end();

340	346	&& TEST_true(EVP_PKEY_CTX_set_params(gctx, params))
341	347	&& TEST_int_gt(EVP_PKEY_generate(gctx, &key), 0)
342	348	&& TEST_true(do_pkey_tofrom_data_select(key, "DHX"));
	349	# ifndef OPENSSL_NO_DEPRECATED_3_0
	350	ret = ret && TEST_ptr(dhkey = EVP_PKEY_get0_DH(key))
	351	&& TEST_ptr(privkey = DH_get0_priv_key(dhkey))
	352	&& TEST_int_le(BN_num_bits(privkey), 225);
	353	# endif
343	354	EVP_PKEY_free(key);
344	355	EVP_PKEY_CTX_free(gctx);
345	356	return ret;

1048	1059	return ret;
1049	1060	}
1050	1061
	1062	#if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_MD5
	1063	static int test_evp_pbe_alg_add(void)
	1064	{
	1065	int ret = 0;
	1066	int cipher_nid = 0, md_nid = 0;
	1067	EVP_PBE_KEYGEN_EX *keygen_ex = NULL;
	1068	EVP_PBE_KEYGEN *keygen = NULL;
	1069
	1070	if (!TEST_true(EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
	1071	PKCS5_PBE_keyivgen)))
	1072	goto err;
	1073
	1074	if (!TEST_true(EVP_PBE_find_ex(EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
	1075	&cipher_nid, &md_nid, &keygen, &keygen_ex)))
	1076	goto err;
	1077
	1078	if (!TEST_true(keygen != NULL))
	1079	goto err;
	1080	if (!TEST_true(keygen_ex == NULL))
	1081	goto err;
	1082
	1083	ret = 1;
	1084
	1085	err:
	1086	return ret;
	1087	}
	1088	#endif
	1089
1051	1090	int setup_tests(void)
1052	1091	{
1053	1092	if (!test_get_libctx(&mainctx, &nullprov, NULL, NULL, NULL)) {

1084	1123	ADD_TEST(test_rsa_pss_sign);
1085	1124	ADD_TEST(test_evp_md_ctx_copy);
1086	1125	ADD_ALL_TESTS(test_provider_unload_effective, 2);
	1126	#if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_MD5
	1127	ADD_TEST(test_evp_pbe_alg_add);
	1128	#endif
1087	1129	return 1;
1088	1130	}
1089	1131

+63

-25

test/evp_test.c less more

1423	1423	expected->mac_name, expected->alg);
1424	1424
1425	1425	if (expected->alg != NULL) {
	1426	int skip = 0;
	1427
1426	1428	/*
1427	1429	* The underlying algorithm may be a cipher or a digest.
1428	1430	* We don't know which it is, but we can ask the MAC what it

1430	1432	*/
1431	1433	if (OSSL_PARAM_locate_const(defined_params,
1432	1434	OSSL_MAC_PARAM_CIPHER) != NULL) {
1433		params[params_n++] =
1434		OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
1435		expected->alg, 0);
	1435	if (is_cipher_disabled(expected->alg))
	1436	skip = 1;
	1437	else
	1438	params[params_n++] =
	1439	OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
	1440	expected->alg, 0);
1436	1441	} else if (OSSL_PARAM_locate_const(defined_params,
1437	1442	OSSL_MAC_PARAM_DIGEST) != NULL) {
1438		params[params_n++] =
1439		OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
1440		expected->alg, 0);
	1443	if (is_digest_disabled(expected->alg))
	1444	skip = 1;
	1445	else
	1446	params[params_n++] =
	1447	OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
	1448	expected->alg, 0);
1441	1449	} else {
1442	1450	t->err = "MAC_BAD_PARAMS";
	1451	goto err;
	1452	}
	1453	if (skip) {
	1454	TEST_info("skipping, algorithm '%s' is disabled", expected->alg);
	1455	t->skip = 1;
	1456	t->err = NULL;
1443	1457	goto err;
1444	1458	}
1445	1459	}

1560	1574	goto err;
1561	1575	}
1562	1576	}
1563		if (reinit--) {
	1577	/* FIPS(3.0.0): can't reinitialise MAC contexts #18100 */
	1578	if (reinit-- && fips_provider_version_gt(libctx, 3, 0, 0)) {
1564	1579	OSSL_PARAM ivparams[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
1565	1580	int ret;
1566	1581

2867	2882	unsigned char *got = NULL;
2868	2883	size_t got_len = 0;
2869	2884
2870		/* Find out the KDF output size */
2871		if (EVP_PKEY_derive(expected->ctx, NULL, &got_len) <= 0) {
2872		t->err = "INTERNAL_ERROR";
2873		goto err;
2874		}
2875
2876		/*
2877		* We may get an absurd output size, which signals that anything goes.
2878		* If not, we specify a too big buffer for the output, to test that
2879		* EVP_PKEY_derive() can cope with it.
2880		*/
2881		if (got_len == SIZE_MAX \|\| got_len == 0)
	2885	if (fips_provider_version_eq(libctx, 3, 0, 0)) {
	2886	/* FIPS(3.0.0): can't deal with oversized output buffers #18533 */
2882	2887	got_len = expected->output_len;
2883		else
2884		got_len = expected->output_len * 2;
	2888	} else {
	2889	/* Find out the KDF output size */
	2890	if (EVP_PKEY_derive(expected->ctx, NULL, &got_len) <= 0) {
	2891	t->err = "INTERNAL_ERROR";
	2892	goto err;
	2893	}
	2894
	2895	/*
	2896	* We may get an absurd output size, which signals that anything goes.
	2897	* If not, we specify a too big buffer for the output, to test that
	2898	* EVP_PKEY_derive() can cope with it.
	2899	*/
	2900	if (got_len == SIZE_MAX \|\| got_len == 0)
	2901	got_len = expected->output_len;
	2902	else
	2903	got_len = expected->output_len * 2;
	2904	}
2885	2905
2886	2906	if (!TEST_ptr(got = OPENSSL_malloc(got_len == 0 ? 1 : got_len))) {
2887	2907	t->err = "INTERNAL_ERROR";

3284	3304	t->err = "MALLOC_FAILURE";
3285	3305	goto err;
3286	3306	}
	3307	got_len *= 2;
3287	3308	if (!EVP_DigestSignFinal(expected->ctx, got, &got_len)) {
3288	3309	t->err = "DIGESTSIGNFINAL_ERROR";
3289	3310	goto err;

3361	3382	t->err = "MALLOC_FAILURE";
3362	3383	goto err;
3363	3384	}
	3385	got_len *= 2;
3364	3386	if (!EVP_DigestSign(expected->ctx, got, &got_len,
3365	3387	expected->osin, expected->osin_len)) {
3366	3388	t->err = "DIGESTSIGN_ERROR";

3682	3704	KEY_LIST key, *klist;
3683	3705	EVP_PKEY *pkey;
3684	3706	PAIR *pp;
3685		int i, skip_availablein = 0;
	3707	int i, j, skipped = 0;
3686	3708
3687	3709	top:
3688	3710	do {

3769	3791	t->skip = 1;
3770	3792	return 0;
3771	3793	}
3772		skip_availablein++;
	3794	skipped++;
	3795	pp++;
	3796	goto start;
	3797	} else if (strcmp(pp->key, "FIPSversion") == 0) {
	3798	if (prov_available("fips")) {
	3799	j = fips_provider_version_match(libctx, pp->value);
	3800	if (j < 0) {
	3801	TEST_info("Line %d: error matching FIPS versions\n", t->s.curr);
	3802	return 0;
	3803	} else if (j == 0) {
	3804	TEST_info("skipping, FIPS provider incompatible version: %s:%d",
	3805	t->s.test_file, t->s.start);
	3806	t->skip = 1;
	3807	return 0;
	3808	}
	3809	}
	3810	skipped++;
3773	3811	pp++;
3774	3812	goto start;
3775	3813	}

3788	3826	*klist = key;
3789	3827
3790	3828	/* Go back and start a new stanza. */
3791		if ((t->s.numpairs - skip_availablein) != 1)
	3829	if ((t->s.numpairs - skipped) != 1)
3792	3830	TEST_info("Line %d: missing blank line\n", t->s.curr);
3793	3831	goto top;
3794	3832	}

3805	3843	return 0;
3806	3844	}
3807	3845
3808		for (pp++, i = 1; i < (t->s.numpairs - skip_availablein); pp++, i++) {
	3846	for (pp++, i = 1; i < (t->s.numpairs - skipped); pp++, i++) {
3809	3847	if (strcmp(pp->key, "Securitycheck") == 0) {
3810	3848	#if defined(OPENSSL_NO_FIPS_SECURITYCHECKS)
3811	3849	#else

+105

-0

test/ext_internal_test.c less more

	0	/*
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include "internal/nelem.h"
	10	#include "../ssl/ssl_local.h"
	11	#include "../ssl/statem/statem_local.h"
	12	#include "testutil.h"
	13
	14	#define EXT_ENTRY(name) { TLSEXT_IDX_##name, TLSEXT_TYPE_##name, #name }
	15	#define EXT_EXCEPTION(name) { TLSEXT_IDX_##name, TLSEXT_TYPE_invalid, #name }
	16	#define EXT_END(name) { TLSEXT_IDX_##name, TLSEXT_TYPE_out_of_range, #name }
	17
	18	typedef struct {
	19	size_t idx;
	20	unsigned int type;
	21	char *name;
	22	} EXT_LIST;
	23
	24	/* The order here does matter! */
	25	static EXT_LIST ext_list[] = {
	26
	27	EXT_ENTRY(renegotiate),
	28	EXT_ENTRY(server_name),
	29	EXT_ENTRY(max_fragment_length),
	30	#ifndef OPENSSL_NO_SRP
	31	EXT_ENTRY(srp),
	32	#else
	33	EXT_EXCEPTION(srp),
	34	#endif
	35	EXT_ENTRY(ec_point_formats),
	36	EXT_ENTRY(supported_groups),
	37	EXT_ENTRY(session_ticket),
	38	#ifndef OPENSSL_NO_OCSP
	39	EXT_ENTRY(status_request),
	40	#else
	41	EXT_EXCEPTION(status_request),
	42	#endif
	43	#ifndef OPENSSL_NO_NEXTPROTONEG
	44	EXT_ENTRY(next_proto_neg),
	45	#else
	46	EXT_EXCEPTION(next_proto_neg),
	47	#endif
	48	EXT_ENTRY(application_layer_protocol_negotiation),
	49	#ifndef OPENSSL_NO_SRTP
	50	EXT_ENTRY(use_srtp),
	51	#else
	52	EXT_EXCEPTION(use_srtp),
	53	#endif
	54	EXT_ENTRY(encrypt_then_mac),
	55	#ifndef OPENSSL_NO_CT
	56	EXT_ENTRY(signed_certificate_timestamp),
	57	#else
	58	EXT_EXCEPTION(signed_certificate_timestamp),
	59	#endif
	60	EXT_ENTRY(extended_master_secret),
	61	EXT_ENTRY(signature_algorithms_cert),
	62	EXT_ENTRY(post_handshake_auth),
	63	EXT_ENTRY(signature_algorithms),
	64	EXT_ENTRY(supported_versions),
	65	EXT_ENTRY(psk_kex_modes),
	66	EXT_ENTRY(key_share),
	67	EXT_ENTRY(cookie),
	68	EXT_ENTRY(cryptopro_bug),
	69	EXT_ENTRY(early_data),
	70	EXT_ENTRY(certificate_authorities),
	71	EXT_ENTRY(padding),
	72	EXT_ENTRY(psk),
	73	EXT_END(num_builtins)
	74	};
	75
	76	static int test_extension_list(void)
	77	{
	78	size_t n = OSSL_NELEM(ext_list);
	79	size_t i;
	80	unsigned int type;
	81	int retval = 1;
	82
	83	for (i = 0; i < n; i++) {
	84	if (!TEST_size_t_eq(i, ext_list[i].idx)) {
	85	retval = 0;
	86	TEST_error("TLSEXT_IDX_%s=%zd, found at=%zd\n",
	87	ext_list[i].name, ext_list[i].idx, i);
	88	}
	89	type = ossl_get_extension_type(ext_list[i].idx);
	90	if (!TEST_uint_eq(type, ext_list[i].type)) {
	91	retval = 0;
	92	TEST_error("TLSEXT_IDX_%s=%zd expected=0x%05X got=0x%05X",
	93	ext_list[i].name, ext_list[i].idx, ext_list[i].type,
	94	type);
	95	}
	96	}
	97	return retval;
	98	}
	99
	100	int setup_tests(void)
	101	{
	102	ADD_TEST(test_extension_list);
	103	return 1;
	104	}

+43

-4

test/ffc_internal_test.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2019-2020, Oracle and/or its affiliates. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

26	26	#include "testutil.h"
27	27
28	28	#include "internal/ffc.h"
	29	#include "crypto/security_bits.h"
29	30
30	31	#ifndef OPENSSL_NO_DSA
31	32	static const unsigned char dsa_2048_224_sha224_p[] = {

597	598	/* fail since N > len(q) */
598	599	if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N + 1, 112, priv)))
599	600	goto err;
	601	/* s must be always set */
	602	if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N, 0, priv)))
	603	goto err;
600	604	/* pass since 2s <= N <= len(q) */
601	605	if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, N, 112, priv)))
602	606	goto err;

608	612	goto err;
609	613	if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
610	614	goto err;
611
612		/* N and s are ignored in this case */
613		if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, 0, 0, priv)))
	615	/* N is ignored in this case */
	616	if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, 0,
	617	ossl_ifc_ffc_compute_security_bits(BN_num_bits(params->p)),
	618	priv)))
	619	goto err;
	620	if (!TEST_int_le(BN_num_bits(priv), 225))
614	621	goto err;
615	622	if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
616	623	goto err;

620	627	DH_free(dh);
621	628	BN_free(priv);
622	629	BN_CTX_free(ctx);
	630	return ret;
	631	}
	632
	633	static int ffc_params_copy_test(void)
	634	{
	635	int ret = 0;
	636	DH *dh = NULL;
	637	FFC_PARAMS *params, copy;
	638
	639	ossl_ffc_params_init(&copy);
	640
	641	if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe3072)))
	642	goto err;
	643	params = ossl_dh_get0_params(dh);
	644
	645	if (!TEST_int_eq(params->keylength, 275))
	646	goto err;
	647
	648	if (!TEST_true(ossl_ffc_params_copy(&copy, params)))
	649	goto err;
	650
	651	if (!TEST_int_eq(copy.keylength, 275))
	652	goto err;
	653
	654	if (!TEST_true(ossl_ffc_params_cmp(&copy, params, 0)))
	655	goto err;
	656
	657	ret = 1;
	658	err:
	659	ossl_ffc_params_cleanup(&copy);
	660	DH_free(dh);
623	661	return ret;
624	662	}
625	663	#endif /* OPENSSL_NO_DH */

637	675	ADD_TEST(ffc_public_validate_test);
638	676	ADD_TEST(ffc_private_validate_test);
639	677	ADD_ALL_TESTS(ffc_private_gen_test, 10);
	678	ADD_TEST(ffc_params_copy_test);
640	679	#endif /* OPENSSL_NO_DH */
641	680	return 1;
642	681	}

+78

-0

test/fips_version_test.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <openssl/evp.h>
	10	#include <openssl/provider.h>
	11	#include "testutil.h"
	12
	13	static OSSL_LIB_CTX *libctx = NULL;
	14	static OSSL_PROVIDER *libprov = NULL;
	15
	16	typedef enum OPTION_choice {
	17	OPT_ERR = -1,
	18	OPT_EOF = 0,
	19	OPT_CONFIG_FILE,
	20	OPT_TEST_ENUM
	21	} OPTION_CHOICE;
	22
	23	const OPTIONS *test_get_options(void)
	24	{
	25	static const OPTIONS test_options[] = {
	26	OPT_TEST_OPTIONS_DEFAULT_USAGE,
	27	{ "config", OPT_CONFIG_FILE, '<',
	28	"The configuration file to use for the libctx" },
	29	{ NULL }
	30	};
	31	return test_options;
	32	}
	33
	34	static int test_fips_version(int n)
	35	{
	36	const char *version = test_get_argument(n);
	37
	38	if (!TEST_ptr(version))
	39	return 0;
	40	return TEST_int_eq(fips_provider_version_match(libctx, version), 1);
	41	}
	42
	43	int setup_tests(void)
	44	{
	45	char *config_file = NULL;
	46	OPTION_CHOICE o;
	47	int n;
	48
	49	while ((o = opt_next()) != OPT_EOF) {
	50	switch (o) {
	51	case OPT_CONFIG_FILE:
	52	config_file = opt_arg();
	53	break;
	54	case OPT_TEST_CASES:
	55	break;
	56	default:
	57	case OPT_ERR:
	58	return 0;
	59	}
	60	}
	61
	62	if (!test_get_libctx(&libctx, NULL, config_file, &libprov, NULL))
	63	return 0;
	64
	65	n = test_get_argument_count();
	66	if (n == 0)
	67	return 0;
	68
	69	ADD_ALL_TESTS(test_fips_version, n);
	70	return 1;
	71	}
	72
	73	void cleanup_tests(void)
	74	{
	75	OSSL_PROVIDER_unload(libprov);
	76	OSSL_LIB_CTX_free(libctx);
	77	}

+39

-4

test/helpers/ssltestlib.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

349	349	unsigned int seq, offset, len, epoch;
350	350
351	351	BIO_clear_retry_flags(bio);
352		thispkt = sk_MEMPACKET_value(ctx->pkts, 0);
353		if (thispkt == NULL \|\| thispkt->num != ctx->currpkt) {
	352	if ((thispkt = sk_MEMPACKET_value(ctx->pkts, 0)) == NULL
	353	\|\| thispkt->num != ctx->currpkt) {
354	354	/* Probably run out of data */
355	355	BIO_set_retry_read(bio);
356	356	return -1;

409	409	return outl;
410	410	}
411	411
	412	/* Take the last and penultimate packets and swap them around */
	413	int mempacket_swap_recent(BIO *bio)
	414	{
	415	MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio);
	416	MEMPACKET *thispkt;
	417	int numpkts = sk_MEMPACKET_num(ctx->pkts);
	418
	419	/* We need at least 2 packets to be able to swap them */
	420	if (numpkts <= 1)
	421	return 0;
	422
	423	/* Get the penultimate packet */
	424	thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2);
	425	if (thispkt == NULL)
	426	return 0;
	427
	428	if (sk_MEMPACKET_delete(ctx->pkts, numpkts - 2) != thispkt)
	429	return 0;
	430
	431	/* Re-add it to the end of the list */
	432	thispkt->num++;
	433	if (sk_MEMPACKET_insert(ctx->pkts, thispkt, numpkts - 1) <= 0)
	434	return 0;
	435
	436	/* We also have to adjust the packet number of the other packet */
	437	thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2);
	438	if (thispkt == NULL)
	439	return 0;
	440	thispkt->num--;
	441
	442	return 1;
	443	}
	444
412	445	int mempacket_test_inject(BIO bio, const char in, int inl, int pktnum,
413	446	int type)
414	447	{

468	501	thispkt->type = type;
469	502	}
470	503
471		for(i = 0; (looppkt = sk_MEMPACKET_value(ctx->pkts, i)) != NULL; i++) {
	504	for (i = 0; i < sk_MEMPACKET_num(ctx->pkts); i++) {
	505	if (!TEST_ptr(looppkt = sk_MEMPACKET_value(ctx->pkts, i)))
	506	goto err;
472	507	/* Check if we found the right place to insert this packet */
473	508	if (looppkt->num > thispkt->num) {
474	509	if (sk_MEMPACKET_insert(ctx->pkts, thispkt, i) == 0)

+2

-1

test/helpers/ssltestlib.h less more

0	0	/*
1		* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

48	48	#define MEMPACKET_CTRL_GET_DROP_REC (3 << 15)
49	49	#define MEMPACKET_CTRL_SET_DUPLICATE_REC (4 << 15)
50	50
	51	int mempacket_swap_recent(BIO *bio);
51	52	int mempacket_test_inject(BIO bio, const char in, int inl, int pktnum,
52	53	int type);
53	54

+9

-5

test/ocspapitest.c less more

0	0	/*
1		* Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

77	77	ASN1_BIT_STRING *key = ASN1_BIT_STRING_new();
78	78	ASN1_INTEGER *serial = ASN1_INTEGER_new();
79	79
80		if (!X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_ASC,
81		namestr, -1, -1, 1)
82		\|\| !ASN1_BIT_STRING_set(key, keybytes, sizeof(keybytes))
83		\|\| !ASN1_INTEGER_set_uint64(serial, (uint64_t)1))
	80	if (!TEST_ptr(name)
	81	\|\| !TEST_ptr(key)
	82	\|\| !TEST_ptr(serial)
	83	\|\| !TEST_true(X509_NAME_add_entry_by_NID(name, NID_commonName,
	84	MBSTRING_ASC,
	85	namestr, -1, -1, 1))
	86	\|\| !TEST_true(ASN1_BIT_STRING_set(key, keybytes, sizeof(keybytes)))
	87	\|\| !TEST_true(ASN1_INTEGER_set_uint64(serial, (uint64_t)1)))
84	88	goto err;
85	89	cid = OCSP_cert_id_new(EVP_sha256(), name, key, serial);
86	90	if (!TEST_ptr(bs)

+220

-0

test/punycode_test.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <openssl/crypto.h>
	10	#include <string.h>
	11
	12	#include "crypto/punycode.h"
	13	#include "internal/nelem.h"
	14	#include "testutil.h"
	15
	16
	17	static const struct puny_test {
	18	unsigned int raw[50];
	19	const char *encoded;
	20	} puny_cases[] = {
	21	/* Test cases from RFC 3492 */
	22	{ /* Arabic (Egyptian) */
	23	{ 0x0644, 0x064A, 0x0647, 0x0645, 0x0627, 0x0628, 0x062A, 0x0643, 0x0644,
	24	0x0645, 0x0648, 0x0634, 0x0639, 0x0631, 0x0628, 0x064A, 0x061F
	25	},
	26	"egbpdaj6bu4bxfgehfvwxn"
	27	},
	28	{ /* Chinese (simplified) */
	29	{ 0x4ED6, 0x4EEC, 0x4E3A, 0x4EC0, 0x4E48, 0x4E0D, 0x8BF4, 0x4E2D, 0x6587
	30	},
	31	"ihqwcrb4cv8a8dqg056pqjye"
	32	},
	33	{ /* Chinese (traditional) */
	34	{ 0x4ED6, 0x5011, 0x7232, 0x4EC0, 0x9EBD, 0x4E0D, 0x8AAA, 0x4E2D, 0x6587
	35	},
	36	"ihqwctvzc91f659drss3x8bo0yb"
	37	},
	38	{ /* Czech: Pro<ccaron>prost<ecaron>nemluv<iacute><ccaron>esky */
	39	{ 0x0050, 0x0072, 0x006F, 0x010D, 0x0070, 0x0072, 0x006F, 0x0073, 0x0074,
	40	0x011B, 0x006E, 0x0065, 0x006D, 0x006C, 0x0075, 0x0076, 0x00ED, 0x010D,
	41	0x0065, 0x0073, 0x006B, 0x0079
	42	},
	43	"Proprostnemluvesky-uyb24dma41a"
	44	},
	45	{ /* Hebrew */
	46	{ 0x05DC, 0x05DE, 0x05D4, 0x05D4, 0x05DD, 0x05E4, 0x05E9, 0x05D5, 0x05D8,
	47	0x05DC, 0x05D0, 0x05DE, 0x05D3, 0x05D1, 0x05E8, 0x05D9, 0x05DD, 0x05E2,
	48	0x05D1, 0x05E8, 0x05D9, 0x05EA
	49	},
	50	"4dbcagdahymbxekheh6e0a7fei0b"
	51	},
	52	{ /* Hindi (Devanagari) */
	53	{ 0x092F, 0x0939, 0x0932, 0x094B, 0x0917, 0x0939, 0x093F, 0x0928, 0x094D,
	54	0x0926, 0x0940, 0x0915, 0x094D, 0x092F, 0x094B, 0x0902, 0x0928, 0x0939,
	55	0x0940, 0x0902, 0x092C, 0x094B, 0x0932, 0x0938, 0x0915, 0x0924, 0x0947,
	56	0x0939, 0x0948, 0x0902
	57	},
	58	"i1baa7eci9glrd9b2ae1bj0hfcgg6iyaf8o0a1dig0cd"
	59	},
	60	{ /* Japanese (kanji and hiragana) */
	61	{ 0x306A, 0x305C, 0x307F, 0x3093, 0x306A, 0x65E5, 0x672C, 0x8A9E, 0x3092,
	62	0x8A71, 0x3057, 0x3066, 0x304F, 0x308C, 0x306A, 0x3044, 0x306E, 0x304B
	63	},
	64	"n8jok5ay5dzabd5bym9f0cm5685rrjetr6pdxa"
	65	},
	66	{ /* Korean (Hangul syllables) */
	67	{ 0xC138, 0xACC4, 0xC758, 0xBAA8, 0xB4E0, 0xC0AC, 0xB78C, 0xB4E4, 0xC774,
	68	0xD55C, 0xAD6D, 0xC5B4, 0xB97C, 0xC774, 0xD574, 0xD55C, 0xB2E4, 0xBA74,
	69	0xC5BC, 0xB9C8, 0xB098, 0xC88B, 0xC744, 0xAE4C
	70	},
	71	"989aomsvi5e83db1d2a355cv1e0vak1dwrv93d5xbh15a0dt30a5jpsd879ccm6fea98c"
	72	},
	73	{ /* Russian (Cyrillic) */
	74	{ 0x043F, 0x043E, 0x0447, 0x0435, 0x043C, 0x0443, 0x0436, 0x0435, 0x043E,
	75	0x043D, 0x0438, 0x043D, 0x0435, 0x0433, 0x043E, 0x0432, 0x043E, 0x0440,
	76	0x044F, 0x0442, 0x043F, 0x043E, 0x0440, 0x0443, 0x0441, 0x0441, 0x043A,
	77	0x0438
	78	},
	79	"b1abfaaepdrnnbgefbaDotcwatmq2g4l"
	80	},
	81	{ /* Spanish */
	82	{ 0x0050, 0x006F, 0x0072, 0x0071, 0x0075, 0x00E9, 0x006E, 0x006F, 0x0070,
	83	0x0075, 0x0065, 0x0064, 0x0065, 0x006E, 0x0073, 0x0069, 0x006D, 0x0070,
	84	0x006C, 0x0065, 0x006D, 0x0065, 0x006E, 0x0074, 0x0065, 0x0068, 0x0061,
	85	0x0062, 0x006C, 0x0061, 0x0072, 0x0065, 0x006E, 0x0045, 0x0073, 0x0070,
	86	0x0061, 0x00F1, 0x006F, 0x006C
	87	},
	88	"PorqunopuedensimplementehablarenEspaol-fmd56a"
	89	},
	90	{ /* Vietnamese */
	91	{ 0x0054, 0x1EA1, 0x0069, 0x0073, 0x0061, 0x006F, 0x0068, 0x1ECD, 0x006B,
	92	0x0068, 0x00F4, 0x006E, 0x0067, 0x0074, 0x0068, 0x1EC3, 0x0063, 0x0068,
	93	0x1EC9, 0x006E, 0x00F3, 0x0069, 0x0074, 0x0069, 0x1EBF, 0x006E, 0x0067,
	94	0x0056, 0x0069, 0x1EC7, 0x0074
	95	},
	96	"TisaohkhngthchnitingVit-kjcr8268qyxafd2f1b9g"
	97	},
	98	{ /* Japanese: 3<nen>B<gumi><kinpachi><sensei> */
	99	{ 0x0033, 0x5E74, 0x0042, 0x7D44, 0x91D1, 0x516B, 0x5148, 0x751F
	100	},
	101	"3B-ww4c5e180e575a65lsy2b"
	102	},
	103	{ /* Japanese: <amuro><namie>-with-SUPER-MONKEYS */
	104	{ 0x5B89, 0x5BA4, 0x5948, 0x7F8E, 0x6075, 0x002D, 0x0077, 0x0069, 0x0074,
	105	0x0068, 0x002D, 0x0053, 0x0055, 0x0050, 0x0045, 0x0052, 0x002D, 0x004D,
	106	0x004F, 0x004E, 0x004B, 0x0045, 0x0059, 0x0053
	107	},
	108	"-with-SUPER-MONKEYS-pc58ag80a8qai00g7n9n"
	109	},
	110	{ /* Japanese: Hello-Another-Way-<sorezore><no><basho> */
	111	{ 0x0048, 0x0065, 0x006C, 0x006C, 0x006F, 0x002D, 0x0041, 0x006E, 0x006F,
	112	0x0074, 0x0068, 0x0065, 0x0072, 0x002D, 0x0057, 0x0061, 0x0079, 0x002D,
	113	0x305D, 0x308C, 0x305E, 0x308C, 0x306E, 0x5834, 0x6240
	114	},
	115	"Hello-Another-Way--fc4qua05auwb3674vfr0b"
	116	},
	117	{ /* Japanese: <hitotsu><yane><no><shita>2 */
	118	{ 0x3072, 0x3068, 0x3064, 0x5C4B, 0x6839, 0x306E, 0x4E0B, 0x0032
	119	},
	120	"2-u9tlzr9756bt3uc0v"
	121	},
	122	{ /* Japanese: Maji<de>Koi<suru>5<byou><mae> */
	123	{ 0x004D, 0x0061, 0x006A, 0x0069, 0x3067, 0x004B, 0x006F, 0x0069, 0x3059,
	124	0x308B, 0x0035, 0x79D2, 0x524D
	125	},
	126	"MajiKoi5-783gue6qz075azm5e"
	127	},
	128	{ /* Japanese: <pafii>de<runba> */
	129	{ 0x30D1, 0x30D5, 0x30A3, 0x30FC, 0x0064, 0x0065, 0x30EB, 0x30F3, 0x30D0
	130	},
	131	"de-jg4avhby1noc0d"
	132	},
	133	{ /* Japanese: <sono><supiido><de> */
	134	{ 0x305D, 0x306E, 0x30B9, 0x30D4, 0x30FC, 0x30C9, 0x3067
	135	},
	136	"d9juau41awczczp"
	137	},
	138	{ /* -> $1.00 <- */
	139	{ 0x002D, 0x003E, 0x0020, 0x0024, 0x0031, 0x002E, 0x0030, 0x0030, 0x0020,
	140	0x003C, 0x002D
	141	},
	142	"-> $1.00 <--"
	143	}
	144	};
	145
	146	static int test_punycode(int n)
	147	{
	148	const struct puny_test *tc = puny_cases + n;
	149	unsigned int buffer[50];
	150	unsigned int bsize = OSSL_NELEM(buffer);
	151	size_t i;
	152
	153	if (!TEST_true(ossl_punycode_decode(tc->encoded, strlen(tc->encoded),
	154	buffer, &bsize)))
	155	return 0;
	156	for (i = 0; i < sizeof(tc->raw); i++)
	157	if (tc->raw[i] == 0)
	158	break;
	159	if (!TEST_mem_eq(buffer, bsize * sizeof(*buffer),
	160	tc->raw, i * sizeof(*tc->raw)))
	161	return 0;
	162	return 1;
	163	}
	164
	165	static int test_a2ulabel(void)
	166	{
	167	char out[50];
	168	size_t outlen;
	169
	170	/*
	171	* Test that no buffer correctly returns the true length.
	172	* The punycode being passed in and parsed is malformed but we're not
	173	* verifying that behaviour here.
	174	*/
	175	if (!TEST_int_eq(ossl_a2ulabel("xn--a.b.c", NULL, &outlen), 0)
	176	\|\| !TEST_size_t_eq(outlen, 7)
	177	\|\| !TEST_int_eq(ossl_a2ulabel("xn--a.b.c", out, &outlen), 1))
	178	return 0;
	179	/* Test that a short input length returns the true length */
	180	outlen = 1;
	181	if (!TEST_int_eq(ossl_a2ulabel("xn--a.b.c", out, &outlen), 0)
	182	\|\| !TEST_size_t_eq(outlen, 7)
	183	\|\| !TEST_int_eq(ossl_a2ulabel("xn--a.b.c", out, &outlen), 1)
	184	\|\| !TEST_str_eq(out,"\xc2\x80.b.c"))
	185	return 0;
	186	/* Test for an off by one on the buffer size works */
	187	outlen = 6;
	188	if (!TEST_int_eq(ossl_a2ulabel("xn--a.b.c", out, &outlen), 0)
	189	\|\| !TEST_size_t_eq(outlen, 7)
	190	\|\| !TEST_int_eq(ossl_a2ulabel("xn--a.b.c", out, &outlen), 1)
	191	\|\| !TEST_str_eq(out,"\xc2\x80.b.c"))
	192	return 0;
	193	return 1;
	194	}
	195
	196	static int test_puny_overrun(void)
	197	{
	198	static const unsigned int out[] = {
	199	0x0033, 0x5E74, 0x0042, 0x7D44, 0x91D1, 0x516B, 0x5148, 0x751F
	200	};
	201	static const char *in = "3B-ww4c5e180e575a65lsy2b";
	202	unsigned int buf[OSSL_NELEM(out)];
	203	unsigned int bsize = OSSL_NELEM(buf) - 1;
	204
	205	if (!TEST_false(ossl_punycode_decode(in, strlen(in), buf, &bsize))) {
	206	if (TEST_mem_eq(buf, bsize * sizeof(*buf), out, sizeof(out)))
	207	TEST_error("CRITICAL: buffer overrun detected!");
	208	return 0;
	209	}
	210	return 1;
	211	}
	212
	213	int setup_tests(void)
	214	{
	215	ADD_ALL_TESTS(test_punycode, OSSL_NELEM(puny_cases));
	216	ADD_TEST(test_a2ulabel);
	217	ADD_TEST(test_puny_overrun);
	218	return 1;
	219	}

+15

-0

test/recipes/02-test_internal_exts.t less more

	0	#! /usr/bin/env perl
	1	# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	#
	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
	4	# this file except in compliance with the License. You can obtain a copy
	5	# in the file LICENSE in the source distribution or at
	6	# https://www.openssl.org/source/license.html
	7
	8	use strict;
	9	use OpenSSL::Test;
	10	use OpenSSL::Test::Simple;
	11
	12	setup("test_internal_exts");
	13
	14	simple_test("test_internal_exts", "ext_internal_test");

+11

-0

test/recipes/04-test_punycode.t less more

	0	#! /usr/bin/env perl
	1	# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	#
	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
	4	# this file except in compliance with the License. You can obtain a copy
	5	# in the file LICENSE in the source distribution or at
	6	# https://www.openssl.org/source/license.html
	7
	8	use OpenSSL::Test::Simple;
	9
	10	simple_test("test_punycode", "punycode_test");

+26

-2

test/recipes/15-test_ec.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

17	17
18	18	plan skip_all => 'EC is not supported in this build' if disabled('ec');
19	19
20		plan tests => 14;
	20	plan tests => 15;
	21
	22	my $no_fips = disabled('fips') \|\| ($ENV{NO_FIPS} // 0);
21	23
22	24	require_ok(srctop_file('test','recipes','tconversion.pl'));
23	25

84	86	-in => srctop_file("test", "tested448pub.pem"),
85	87	-args => ["pkey", "-pubin", "-pubout"] );
86	88	};
	89
	90	subtest 'Check loading of fips and non-fips keys' => sub {
	91	plan skip_all => "FIPS is disabled"
	92	if $no_fips;
	93
	94	plan tests => 2;
	95
	96	my $fipsconf = srctop_file("test", "fips-and-base.cnf");
	97	$ENV{OPENSSL_CONF} = $fipsconf;
	98
	99	ok(!run(app(['openssl', 'pkey',
	100	'-check', '-in', srctop_file("test", "testec-p112r1.pem")])),
	101	"Checking non-fips curve key fails in FIPS provider");
	102
	103	ok(run(app(['openssl', 'pkey',
	104	'-provider', 'default',
	105	'-propquery', '?fips!=yes',
	106	'-check', '-in', srctop_file("test", "testec-p112r1.pem")])),
	107	"Checking non-fips curve key succeeds with non-fips property query");
	108
	109	delete $ENV{OPENSSL_CONF};
	110	}

+32

-1

test/recipes/15-test_ecparam.t less more

118	118	subtest "Check loading of fips and non-fips params" => sub {
119	119	plan skip_all => "FIPS is disabled"
120	120	if $no_fips;
121		plan tests => 3;
	121	plan tests => 8;
122	122
123	123	my $fipsconf = srctop_file("test", "fips-and-base.cnf");
124	124	my $defaultconf = srctop_file("test", "default.cnf");

140	140	'-check'])),
141	141	"Fail loading named non-fips curve");
142	142
	143	ok(!run(app(['openssl', 'pkeyparam',
	144	'-in', data_file('valid', 'secp112r1-named.pem'),
	145	'-check'])),
	146	"Fail loading named non-fips curve using pkeyparam");
	147
	148	ok(run(app(['openssl', 'ecparam',
	149	'-provider', 'default',
	150	'-propquery', '?fips!=yes',
	151	'-in', data_file('valid', 'secp112r1-named.pem'),
	152	'-check'])),
	153	"Loading named non-fips curve in FIPS mode with non-FIPS property".
	154	" query");
	155
	156	ok(run(app(['openssl', 'pkeyparam',
	157	'-provider', 'default',
	158	'-propquery', '?fips!=yes',
	159	'-in', data_file('valid', 'secp112r1-named.pem'),
	160	'-check'])),
	161	"Loading named non-fips curve in FIPS mode with non-FIPS property".
	162	" query using pkeyparam");
	163
	164	ok(!run(app(['openssl', 'ecparam',
	165	'-genkey', '-name', 'secp112r1'])),
	166	"Fail generating key for named non-fips curve");
	167
	168	ok(run(app(['openssl', 'ecparam',
	169	'-provider', 'default',
	170	'-propquery', '?fips!=yes',
	171	'-genkey', '-name', 'secp112r1'])),
	172	"Generating key for named non-fips curve with non-FIPS property query");
	173
143	174	$ENV{OPENSSL_CONF} = $defaultconf;
144	175	};

+12

-1

test/recipes/15-test_genrsa.t less more

23	23	my $no_fips = disabled('fips') \|\| ($ENV{NO_FIPS} // 0);
24	24
25	25	plan tests =>
26		($no_fips ? 0 : 3) # Extra FIPS related tests
	26	($no_fips ? 0 : 5) # Extra FIPS related tests
27	27	+ 15;
28	28
29	29	# We want to know that an absurdly small number of bits isn't support

128	128	'-out', 'genrsatest3072.pem'])),
129	129	"Generating RSA key with 3072 bits");
130	130
	131	ok(!run(app(['openssl', 'genrsa', @prov, '512'])),
	132	"Generating RSA key with 512 bits should fail in FIPS provider");
	133
	134	ok(!run(app(['openssl', 'genrsa',
	135	@prov,
	136	'-provider', 'default',
	137	'-propquery', '?fips!=yes',
	138	'512'])),
	139	"Generating RSA key with 512 bits should succeed with FIPS provider as".
	140	" default with a non-FIPS property query");
	141
131	142	# We want to know that an absurdly large number of bits fails the RNG check
132	143	is(run(app([ 'openssl', 'genpkey',
133	144	@prov,

+13

-1

test/recipes/20-test_cli_fips.t less more

66	66
67	67	}
68	68
69		my $tsignverify_count = 8;
	69	my $tsignverify_count = 9;
70	70	sub tsignverify {
71	71	my $prefix = shift;
72	72	my $fips_key = shift;

148	148	$testtext);
149	149
150	150	$testtext = $prefix.': '.
	151	'Verify something with a non-FIPS key'.
	152	' in FIPS mode but with a non-FIPS property query';
	153	ok(run(app(['openssl', 'dgst',
	154	'-provider', 'default',
	155	'-propquery', '?fips!=yes',
	156	'-sha256',
	157	'-verify', $nonfips_pub_key,
	158	'-signature', $sigfile,
	159	$tbs_data])),
	160	$testtext);
	161
	162	$testtext = $prefix.': '.
151	163	'Verify a valid signature against the wrong data with a non-FIPS key'.
152	164	' (should fail)';
153	165	ok(!run(app(['openssl', 'dgst', '-sha256',

+27

-1

test/recipes/20-test_dgst.t less more

16	16
17	17	setup("test_dgst");
18	18
19		plan tests => 10;
	19	plan tests => 12;
20	20
21	21	sub tsignverify {
22	22	my $testtext = shift;

177	177	ok($xofdata[1] =~ $expected,
178	178	"XOF: Check second digest value is consistent with the first ($xofdata[1]) vs ($expected)");
179	179	};
	180
	181	subtest "SHAKE digest generation with no xoflen set `dgst` CLI" => sub {
	182	plan tests => 1;
	183
	184	my $testdata = srctop_file('test', 'data.bin');
	185	my @xofdata = run(app(['openssl', 'dgst', '-shake128', $testdata], stderr => "outerr.txt"), capture => 1);
	186	chomp(@xofdata);
	187	my $expected = qr/SHAKE-128$\Q$testdata\E$= bb565dac72640109e1c926ef441d3fa6/;
	188	ok($xofdata[0] =~ $expected, "Check short digest is output");
	189	};
	190
	191	SKIP: {
	192	skip "ECDSA is not supported by this OpenSSL build", 1
	193	if disabled("ec");
	194
	195	subtest "signing with xoflen is not supported `dgst` CLI" => sub {
	196	plan tests => 1;
	197	my $data_to_sign = srctop_file('test', 'data.bin');
	198
	199	ok(!run(app(['openssl', 'dgst', '-shake256', '-xoflen', '64',
	200	'-sign', srctop_file("test","testec-p256.pem"),
	201	'-out', 'test.sig',
	202	srctop_file('test', 'data.bin')])),
	203	"Generating signature with xoflen should fail");
	204	}
	205	}

+33

-3

test/recipes/20-test_dhparam.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

9	9	use strict;
10	10	use warnings;
11	11
12		use OpenSSL::Test qw(:DEFAULT data_file);
	12	use OpenSSL::Test qw(:DEFAULT data_file srctop_file);
13	13	use OpenSSL::Test::Utils;
14	14
15	15	#Tests for the dhparam CLI application

18	18
19	19	plan skip_all => "DH is not supported in this build"
20	20	if disabled("dh");
21		plan tests => 17;
	21	plan tests => 21;
	22
	23	my $fipsconf = srctop_file("test", "fips-and-base.cnf");
22	24
23	25	sub checkdhparams {
24	26	my $file = shift; #Filename containing params

170	172	checkdhparams("gen-x942-0-512.der", "X9.42", 0, "DER", 512);
171	173	};
172	174	}
	175	SKIP: {
	176	skip "Skipping tests that are only supported in a fips build with security ".
	177	"checks", 4 if (disabled("fips") \|\| disabled("fips-securitychecks"));
	178
	179	$ENV{OPENSSL_CONF} = $fipsconf;
	180
	181	ok(!run(app(['openssl', 'dhparam', '-check', '512'])),
	182	"Generating 512 bit DH params should fail in FIPS mode");
	183
	184	ok(run(app(['openssl', 'dhparam', '-provider', 'default', '-propquery',
	185	'?fips!=yes', '-check', '512'])),
	186	"Generating 512 bit DH params should succeed in FIPS mode using".
	187	" non-FIPS property query");
	188
	189	SKIP: {
	190	skip "Skipping tests that require DSA", 2 if disabled("dsa");
	191
	192	ok(!run(app(['openssl', 'dhparam', '-dsaparam', '-check', '512'])),
	193	"Generating 512 bit DSA-style DH params should fail in FIPS mode");
	194
	195	ok(run(app(['openssl', 'dhparam', '-provider', 'default', '-propquery',
	196	'?fips!=yes', '-dsaparam', '-check', '512'])),
	197	"Generating 512 bit DSA-style DH params should succeed in FIPS".
	198	" mode using non-FIPS property query");
	199	}
	200
	201	delete $ENV{OPENSSL_CONF};
	202	}
173	203
174	204	ok(run(app(["openssl", "dhparam", "-noout", "-text"],
175	205	stdin => data_file("pkcs3-2-1024.pem"))),

+9

-3

test/recipes/25-test_verify.t less more

311	311	# Same as above but with base provider used for decoding
312	312	SKIP: {
313	313	my $no_fips = disabled('fips') \|\| ($ENV{NO_FIPS} // 0);
314		skip "EC is not supported or FIPS is disabled", 3
315		if disabled("ec") \|\| $no_fips;
316
317	314	my $provconf = srctop_file("test", "fips-and-base.cnf");
318	315	my $provpath = bldtop_dir("providers");
319	316	my @prov = ("-provider-path", $provpath);
	317
	318	skip "EC is not supported or FIPS is disabled", 3
	319	if disabled("ec") \|\| $no_fips;
	320
	321	run(test(["fips_version_test", "-config", $provconf, ">3.0.0"]),
	322	capture => 1, statusvar => \my $exit);
	323	skip "FIPS provider version is too old", 3
	324	if !$exit;
	325
320	326	$ENV{OPENSSL_CONF} = $provconf;
321	327
322	328	ok(!verify("ee-cert-ec-explicit", "", ["root-cert"],

+56

-1

test/recipes/25-test_x509.t less more

15	15
16	16	setup("test_x509");
17	17
18		plan tests => 21;
	18	plan tests => 28;
19	19
20	20	# Prevent MSys2 filename munging for arguments that look like file paths but
21	21	# aren't

145	145	ok(!run(app(["openssl", "x509", "-noout", "-dates", "-dateopt", "invalid_format",
146	146	"-in", srctop_file("test/certs", "ca-cert.pem")])),
147	147	"Run with invalid -dateopt format");
	148
	149	# extracts issuer from a -text formatted-output
	150	sub get_issuer {
	151	my $f = shift(@_);
	152	my $issuer = "";
	153	open my $fh, $f or die;
	154	while (my $line = <$fh>) {
	155	if ($line =~ /Issuer:/) {
	156	$issuer = $line;
	157	}
	158	}
	159	close $fh;
	160	return $issuer;
	161	}
	162
	163	# Tests for signing certs (broken in 1.1.1o)
	164	my $a_key = "a-key.pem";
	165	my $a_cert = "a-cert.pem";
	166	my $a2_cert = "a2-cert.pem";
	167	my $ca_key = "ca-key.pem";
	168	my $ca_cert = "ca-cert.pem";
	169	my $cnf = srctop_file('apps', 'openssl.cnf');
	170
	171	# Create cert A
	172	ok(run(app(["openssl", "req", "-x509", "-newkey", "rsa:2048",
	173	"-config", $cnf,
	174	"-keyout", $a_key, "-out", $a_cert, "-days", "365",
	175	"-nodes", "-subj", "/CN=test.example.com"])));
	176	# Create cert CA - note key size
	177	ok(run(app(["openssl", "req", "-x509", "-newkey", "rsa:4096",
	178	"-config", $cnf,
	179	"-keyout", $ca_key, "-out", $ca_cert, "-days", "3650",
	180	"-nodes", "-subj", "/CN=ca.example.com"])));
	181	# Sign cert A with CA (errors on 1.1.1o)
	182	ok(run(app(["openssl", "x509", "-in", $a_cert, "-CA", $ca_cert,
	183	"-CAkey", $ca_key, "-set_serial", "1234567890",
	184	"-preserve_dates", "-sha256", "-text", "-out", $a2_cert])));
	185	# verify issuer is CA
	186	ok (get_issuer($a2_cert) =~ /CN = ca.example.com/);
	187
	188	# Tests for issue #16080 (fixed in 1.1.1o)
	189	my $b_key = "b-key.pem";
	190	my $b_csr = "b-cert.csr";
	191	my $b_cert = "b-cert.pem";
	192	# Create the CSR
	193	ok(run(app(["openssl", "req", "-new", "-newkey", "rsa:4096",
	194	"-keyout", $b_key, "-out", $b_csr, "-nodes",
	195	"-config", $cnf,
	196	"-subj", "/CN=b.example.com"])));
	197	# Sign it - position of "-text" matters!
	198	ok(run(app(["openssl", "x509", "-req", "-text", "-CAcreateserial",
	199	"-CA", $ca_cert, "-CAkey", $ca_key,
	200	"-in", $b_csr, "-out", $b_cert])));
	201	# Verify issuer is CA
	202	ok(get_issuer($b_cert) =~ /CN = ca.example.com/);

+2

-1

test/recipes/30-test_evp.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

103	103	evpmac_blake.txt
104	104	evpmac_poly1305.txt
105	105	evpmac_siphash.txt
	106	evpmac_sm3.txt
106	107	evpmd_blake.txt
107	108	evpmd_md.txt
108	109	evpmd_mdc2.txt

+2

-0

test/recipes/30-test_evp_data/evpciph_des3_common.txt less more

21	21	NextIV = 1c673812cfde9675
22	22
23	23	# DES EDE3 ECB test
	24	# FIPS(3.0.0): has a bug in the IV length #17591
	25	FIPSversion = >3.0.0
24	26	Cipher = DES-EDE3-ECB
25	27	Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
26	28	Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000

+1

-2

test/recipes/30-test_evp_data/evpmac_common.txt less more

0	0	#
1		# Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

238	238	Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
239	239	Result = MAC_INIT_ERROR
240	240
241
242	241	Title = CMAC tests (from FIPS module)
243	242
244	243	MAC = CMAC

+38

-0

test/recipes/30-test_evp_data/evpmac_sm3.txt less more

	0	#
	1	# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	#
	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
	4	# this file except in compliance with the License. You can obtain a copy
	5	# in the file LICENSE in the source distribution or at
	6	# https://www.openssl.org/source/license.html
	7
	8	# Tests start with one of these keywords
	9	# Cipher Decrypt Derive Digest Encoding MAC
	10	# and continue until a blank line. Lines starting with a pound sign are ignored.
	11	# The keyword Availablein must appear before the test name if needed.
	12
	13	Title = HMAC-SM3 from GM/T 0042-2015 Appendix D.3
	14
	15	MAC = HMAC
	16	Algorithm = SM3
	17	Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
	18	Key = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20
	19	Output = ca05e144ed05d1857840d1f318a4a8669e559fc8391f414485bfdf7bb408963a
	20
	21	MAC = HMAC
	22	Algorithm = SM3
	23	Input = cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
	24	Key = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425
	25	Output = 220bf579ded555393f0159f66c99877822a3ecf610d1552154b41d44b94db3ae
	26
	27	MAC = HMAC
	28	Algorithm = SM3
	29	Input = "Hi There"
	30	Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
	31	Output = c0ba18c68b90c88bc07de794bfc7d2c8d19ec31ed8773bc2b390c9604e0be11e
	32
	33	MAC = HMAC
	34	Algorithm = SM3
	35	Input = "what do ya want for nothing?"
	36	Key = "Jefe"
	37	Output = 2e87f1d16862e6d964b50a5200bf2b10b764faa9680a296a2405f24bec39f882

+9

-9

test/recipes/30-test_evp_data/evpmd_ripemd.txt less more

0	0	#
1		# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

12	12
13	13	Title = RIPEMD160 tests
14	14
15		Availablein = legacy
	15	Availablein = legacy default
16	16	Digest = RIPEMD160
17	17	Input = ""
18	18	Output = 9c1185a5c5e9fc54612808977ee8f548b2258d31
19	19
20		Availablein = legacy
	20	Availablein = legacy default
21	21	Digest = RIPEMD160
22	22	Input = "a"
23	23	Output = 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
24	24
25		Availablein = legacy
	25	Availablein = legacy default
26	26	Digest = RIPEMD160
27	27	Input = "abc"
28	28	Output = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
29	29
30		Availablein = legacy
	30	Availablein = legacy default
31	31	Digest = RIPEMD160
32	32	Input = "message digest"
33	33	Output = 5d0689ef49d2fae572b881b123a85ffa21595f36
34	34
35		Availablein = legacy
	35	Availablein = legacy default
36	36	Digest = RIPEMD160
37	37	Input = "abcdefghijklmnopqrstuvwxyz"
38	38	Output = f71c27109c692c1b56bbdceb5b9d2865b3708dbc
39	39
40		Availablein = legacy
	40	Availablein = legacy default
41	41	Digest = RIPEMD160
42	42	Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
43	43	Output = 12a053384a9c0c88e405a06c27dcf49ada62eb2b
44	44
45		Availablein = legacy
	45	Availablein = legacy default
46	46	Digest = RIPEMD160
47	47	Input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
48	48	Output = b0e20b6e3116640286ed3a87a5713079b21f5189
49	49
50		Availablein = legacy
	50	Availablein = legacy default
51	51	Digest = RIPEMD160
52	52	Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
53	53	Output = 9b752e45573d4b39f4dbd3323cab82bf63326bfb

+2

-0

test/recipes/30-test_evp_data/evppkey_ffdhe.txt less more

104	104	Ctrl = dh_pad:1
105	105	SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654
106	106
	107	# FIPS(3.0.0): allows the padding to be set, later versions do not #17859
	108	FIPSversion = >3.0.0
107	109	Derive=ffdhe2048-2
108	110	PeerKey=ffdhe2048-1-pub
109	111	KDFType=X942KDF-ASN1

+1

-0

test/recipes/30-test_evp_pkey_provided/DH.priv.txt less more

21	21	a8:ee:72:13:45:65:15:42:17:aa:d8:ab:cf:33:42:
22	22	83:42
23	23	GROUP: ffdhe2048
	24	recommended-private-length: 224 bits

+1

-0

test/recipes/30-test_evp_pkey_provided/DH.pub.txt less more

18	18	a8:ee:72:13:45:65:15:42:17:aa:d8:ab:cf:33:42:
19	19	83:42
20	20	GROUP: ffdhe2048
	21	recommended-private-length: 224 bits

+41

-11

test/recipes/70-test_key_share.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

24	24	ZERO_LEN_KEX_DATA => 9,
25	25	TRAILING_DATA => 10,
26	26	SELECT_X25519 => 11,
27		NO_KEY_SHARES_IN_HRR => 12
	27	NO_KEY_SHARES_IN_HRR => 12,
	28	NON_TLS1_3_KEY_SHARE => 13
28	29	};
29	30
30	31	use constant {

84	85	$proxy->serverflags("-groups P-256");
85	86	}
86	87	$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
87		plan tests => 22;
	88	plan tests => 23;
88	89	ok(TLSProxy::Message->success(), "Success after HRR");
89	90
90	91	#Test 2: The server sending an HRR requesting a group the client already sent

289	290	$proxy->start();
290	291	ok(TLSProxy::Message->fail(), "Server sends HRR with no key_shares");
291	292
	293	SKIP: {
	294	skip "No EC support in this OpenSSL build", 1 if disabled("ec");
	295	#Test 23: Trailing data on key_share in ServerHello should fail
	296	$proxy->clear();
	297	$direction = CLIENT_TO_SERVER;
	298	$proxy->clientflags("-groups secp192r1:P-256:X25519");
	299	$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
	300	$testtype = NON_TLS1_3_KEY_SHARE;
	301	$proxy->start();
	302	my $ishrr = defined ${$proxy->message_list}[2]
	303	&&(${$proxy->message_list}[0]->mt == TLSProxy::Message::MT_CLIENT_HELLO)
	304	&& (${$proxy->message_list}[2]->mt == TLSProxy::Message::MT_CLIENT_HELLO);
	305	ok(TLSProxy::Message->success() && $ishrr,
	306	"Client sends a key_share for a Non TLSv1.3 group");
	307	}
	308
292	309	sub modify_key_shares_filter
293	310	{
294	311	my $proxy = shift;
295	312
296		# We're only interested in the initial ClientHello
	313	# We're only interested in the initial ClientHello/SererHello/HRR
297	314	if (($direction == CLIENT_TO_SERVER && $proxy->flight != 0
298	315	&& ($proxy->flight != 1 \|\| $testtype != NO_KEY_SHARES_IN_HRR))
299	316	\|\| ($direction == SERVER_TO_CLIENT && $proxy->flight != 1)) {

306	323	my $ext;
307	324	my $suppgroups;
308	325
309		#Setup supported groups to include some unrecognised groups
310		$suppgroups = pack "C8",
311		0x00, 0x06, #List Length
312		0xff, 0xfe, #Non existing group 1
313		0xff, 0xff, #Non existing group 2
314		0x00, 0x1d; #x25519
	326	if ($testtype != NON_TLS1_3_KEY_SHARE) {
	327	#Setup supported groups to include some unrecognised groups
	328	$suppgroups = pack "C8",
	329	0x00, 0x06, #List Length
	330	0xff, 0xfe, #Non existing group 1
	331	0xff, 0xff, #Non existing group 2
	332	0x00, 0x1d; #x25519
	333	} else {
	334	$suppgroups = pack "C6",
	335	0x00, 0x04, #List Length
	336	0x00, 0x13,
	337	0x00, 0x1d; #x25519
	338	}
315	339
316	340	if ($testtype == EMPTY_EXTENSION) {
317	341	$ext = pack "C2",

375	399	0x00, 0x17, #P-256
376	400	0x00, 0x01, #key_exchange data length
377	401	0xff; #Dummy key_share data
	402	} elsif ($testtype == NON_TLS1_3_KEY_SHARE) {
	403	$ext = pack "C6H98",
	404	0x00, 0x35, #List Length
	405	0x00, 0x13, #P-192
	406	0x00, 0x31, #key_exchange data length
	407	"04EE3B38D1CB800A1A2B702FC8423599F2AC7161E175C865F8".
	408	"3DAF78BCBAE561464E8144359BE70CB7989D28A2F43F8F2C"; #key_exchange data
378	409	}
379	410
380	411	if ($testtype != EMPTY_EXTENSION

382	413	$message->set_extension(
383	414	TLSProxy::Message::EXT_SUPPORTED_GROUPS, $suppgroups);
384	415	}
385
386	416	if ($testtype == MISSING_EXTENSION) {
387	417	$message->delete_extension(
388	418	TLSProxy::Message::EXT_KEY_SHARE);

+6

-4

test/recipes/80-test_cmp_http.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	# Copyright Nokia 2007-2019
3	3	# Copyright Siemens AG 2015-2019
4	4	#

169	169	# from $BLDTOP/test-runs/test_cmp_http and prepending the input files by SRCTOP.
170	170
171	171	indir data_dir() => sub {
172		plan tests => @server_configurations * @all_aspects
173		+ (grep(/^Mock$/, @server_configurations)
	172	plan tests => 1 + @server_configurations * @all_aspects
	173	- (grep(/^Mock$/, @server_configurations)
174	174	&& grep(/^certstatus$/, @all_aspects));
175	175
176	176	foreach my $server_name (@server_configurations) {

195	195	};
196	196	};
197	197	stop_mock_server($pid) if $pid;
	198	ok(1, "killing mock server");
198	199	}
199	200	}
200	201	};

292	293	my $pid = $_[0];
293	294	print "Killing mock server with pid=$pid\n";
294	295	kill('KILL', $pid);
295		}
	296	waitpid($pid, 0);
	297	}

+10

-5

test/recipes/80-test_ssl_new.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy
5	5	# in the file LICENSE in the source distribution or at
6	6	# https://www.openssl.org/source/license.html
7	7
	8	# For manually running these tests, set specific environment variables like this:
	9	# CTLOG_FILE=test/ct/log_list.cnf
	10	# TEST_CERTS_DIR=test/certs
	11	# For details on the environment variables needed, see test/README.ssltest.md
8	12
9	13	use strict;
10	14	use warnings;

162	166	skip "No tests available; skipping tests", 1 if $skip;
163	167	skip "Stale sources; skipping tests", 1 if !$run_test;
164	168
	169	my $msg = "running CTLOG_FILE=test/ct/log_list.cnf". # $ENV{CTLOG_FILE}.
	170	" TEST_CERTS_DIR=test/certs". # $ENV{TEST_CERTS_DIR}.
	171	" test/ssl_test test/ssl-tests/$conf $provider";
165	172	if ($provider eq "fips") {
166	173	ok(run(test(["ssl_test", $output_file, $provider,
167		srctop_file("test", "fips-and-base.cnf")])),
168		"running ssl_test $conf");
	174	srctop_file("test", "fips-and-base.cnf")])), $msg);
169	175	} else {
170		ok(run(test(["ssl_test", $output_file, $provider])),
171		"running ssl_test $conf");
	176	ok(run(test(["ssl_test", $output_file, $provider])), $msg);
172	177	}
173	178	}
174	179	}

+11

-6

test/recipes/95-test_external_pyca_data/cryptography.sh less more

0	0	#!/bin/sh
1	1	#
2		# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	2	# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
3	3	# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
4	4	#
5	5	# Licensed under the Apache License 2.0 (the "License"). You may not use

38	38	rm -rf venv-cryptography
39	39	python -m venv venv-cryptography
40	40	. ./venv-cryptography/bin/activate
	41	# Upgrade pip to always have latest
	42	pip install -U pip
41	43
42	44	cd pyca-cryptography
43	45
44		pip install .[test]
	46	echo "------------------------------------------------------------------"
	47	echo "Building cryptography and installing test requirements"
	48	echo "------------------------------------------------------------------"
	49	LDFLAGS="-L$O_LIB" CFLAGS="-I$O_BINC -I$O_SINC " pip install .[test]
45	50	pip install -e vectors
46	51
47	52	echo "------------------------------------------------------------------"
48		echo "Building cryptography"
	53	echo "Print linked libraries"
49	54	echo "------------------------------------------------------------------"
50		CFLAGS="-I$O_BINC -I$O_SINC -L$O_LIB" pip install .
	55	ldd $(find ../venv-cryptography/lib/ -iname '*.so')
	56
51	57
52	58	echo "------------------------------------------------------------------"
53	59	echo "Running tests"
54	60	echo "------------------------------------------------------------------"
55
56		CFLAGS="-I$O_BINC -I$O_SINC -L$O_LIB" pytest -n auto tests --wycheproof-root=../wycheproof
	61	pytest -n auto tests --wycheproof-root=../wycheproof
57	62
58	63	cd ../
59	64	deactivate

+1

-3

test/recordlentest.c less more

0	0	/*
1		* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

100	100	return 1;
101	101	#endif
102	102
103		ERR_clear_error();
104
105	103	if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_server_method(),
106	104	TLS_client_method(),
107	105	TLS1_VERSION, 0,

+10

-5

test/rsa_complex.c less more

0	0	/*
1		* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

10	10	* Check to see if there is a conflict between complex.h and openssl/rsa.h.
11	11	* The former defines "I" as a macro and earlier versions of the latter use
12	12	* for function arguments.
	13	*
	14	* Will always succeed on djgpp, since its libc does not have complex.h.
13	15	*/
14		#if defined(__STDC_VERSION__)
15		# if __STDC_VERSION__ >= 199901L
16		# include <complex.h>
	16
	17	#if !defined(__DJGPP__)
	18	# if defined(__STDC_VERSION__)
	19	# if __STDC_VERSION__ >= 199901L
	20	# include <complex.h>
	21	# endif
17	22	# endif
	23	# include <openssl/rsa.h>
18	24	#endif
19		#include <openssl/rsa.h>
20	25	#include <stdlib.h>
21	26
22	27	int main(int argc, char *argv[])

+1174

-399

test/ssl-tests/14-curves.cnf less more

0	0	# Generated with generate_ssl_tests.pl
1	1
2		num_tests = 55
	2	num_tests = 80
3	3
4	4	test-0 = 0-curve-prime256v1
5	5	test-1 = 1-curve-secp384r1

31	31	test-27 = 27-curve-brainpoolP256r1
32	32	test-28 = 28-curve-brainpoolP384r1
33	33	test-29 = 29-curve-brainpoolP512r1
34		test-30 = 30-curve-sect233k1-tls13
35		test-31 = 31-curve-sect233r1-tls13
36		test-32 = 32-curve-sect283k1-tls13
37		test-33 = 33-curve-sect283r1-tls13
38		test-34 = 34-curve-sect409k1-tls13
39		test-35 = 35-curve-sect409r1-tls13
40		test-36 = 36-curve-sect571k1-tls13
41		test-37 = 37-curve-sect571r1-tls13
42		test-38 = 38-curve-secp224r1-tls13
43		test-39 = 39-curve-sect163k1-tls13
44		test-40 = 40-curve-sect163r2-tls13
45		test-41 = 41-curve-prime192v1-tls13
46		test-42 = 42-curve-sect163r1-tls13
47		test-43 = 43-curve-sect193r1-tls13
48		test-44 = 44-curve-sect193r2-tls13
49		test-45 = 45-curve-sect239k1-tls13
50		test-46 = 46-curve-secp160k1-tls13
51		test-47 = 47-curve-secp160r1-tls13
52		test-48 = 48-curve-secp160r2-tls13
53		test-49 = 49-curve-secp192k1-tls13
54		test-50 = 50-curve-secp224k1-tls13
55		test-51 = 51-curve-secp256k1-tls13
56		test-52 = 52-curve-brainpoolP256r1-tls13
57		test-53 = 53-curve-brainpoolP384r1-tls13
58		test-54 = 54-curve-brainpoolP512r1-tls13
	34	test-30 = 30-curve-sect233k1-tls12-in-tls13
	35	test-31 = 31-curve-sect233r1-tls12-in-tls13
	36	test-32 = 32-curve-sect283k1-tls12-in-tls13
	37	test-33 = 33-curve-sect283r1-tls12-in-tls13
	38	test-34 = 34-curve-sect409k1-tls12-in-tls13
	39	test-35 = 35-curve-sect409r1-tls12-in-tls13
	40	test-36 = 36-curve-sect571k1-tls12-in-tls13
	41	test-37 = 37-curve-sect571r1-tls12-in-tls13
	42	test-38 = 38-curve-secp224r1-tls12-in-tls13
	43	test-39 = 39-curve-sect163k1-tls12-in-tls13
	44	test-40 = 40-curve-sect163r2-tls12-in-tls13
	45	test-41 = 41-curve-prime192v1-tls12-in-tls13
	46	test-42 = 42-curve-sect163r1-tls12-in-tls13
	47	test-43 = 43-curve-sect193r1-tls12-in-tls13
	48	test-44 = 44-curve-sect193r2-tls12-in-tls13
	49	test-45 = 45-curve-sect239k1-tls12-in-tls13
	50	test-46 = 46-curve-secp160k1-tls12-in-tls13
	51	test-47 = 47-curve-secp160r1-tls12-in-tls13
	52	test-48 = 48-curve-secp160r2-tls12-in-tls13
	53	test-49 = 49-curve-secp192k1-tls12-in-tls13
	54	test-50 = 50-curve-secp224k1-tls12-in-tls13
	55	test-51 = 51-curve-secp256k1-tls12-in-tls13
	56	test-52 = 52-curve-brainpoolP256r1-tls12-in-tls13
	57	test-53 = 53-curve-brainpoolP384r1-tls12-in-tls13
	58	test-54 = 54-curve-brainpoolP512r1-tls12-in-tls13
	59	test-55 = 55-curve-sect233k1-tls13
	60	test-56 = 56-curve-sect233r1-tls13
	61	test-57 = 57-curve-sect283k1-tls13
	62	test-58 = 58-curve-sect283r1-tls13
	63	test-59 = 59-curve-sect409k1-tls13
	64	test-60 = 60-curve-sect409r1-tls13
	65	test-61 = 61-curve-sect571k1-tls13
	66	test-62 = 62-curve-sect571r1-tls13
	67	test-63 = 63-curve-secp224r1-tls13
	68	test-64 = 64-curve-sect163k1-tls13
	69	test-65 = 65-curve-sect163r2-tls13
	70	test-66 = 66-curve-prime192v1-tls13
	71	test-67 = 67-curve-sect163r1-tls13
	72	test-68 = 68-curve-sect193r1-tls13
	73	test-69 = 69-curve-sect193r2-tls13
	74	test-70 = 70-curve-sect239k1-tls13
	75	test-71 = 71-curve-secp160k1-tls13
	76	test-72 = 72-curve-secp160r1-tls13
	77	test-73 = 73-curve-secp160r2-tls13
	78	test-74 = 74-curve-secp192k1-tls13
	79	test-75 = 75-curve-secp224k1-tls13
	80	test-76 = 76-curve-secp256k1-tls13
	81	test-77 = 77-curve-brainpoolP256r1-tls13
	82	test-78 = 78-curve-brainpoolP384r1-tls13
	83	test-79 = 79-curve-brainpoolP512r1-tls13
59	84	# ===========================================================
60	85
61	86	[0-curve-prime256v1]

928	953
929	954	# ===========================================================
930	955
931		[30-curve-sect233k1-tls13]
932		ssl_conf = 30-curve-sect233k1-tls13-ssl
933
934		[30-curve-sect233k1-tls13-ssl]
935		server = 30-curve-sect233k1-tls13-server
936		client = 30-curve-sect233k1-tls13-client
937
938		[30-curve-sect233k1-tls13-server]
	956	[30-curve-sect233k1-tls12-in-tls13]
	957	ssl_conf = 30-curve-sect233k1-tls12-in-tls13-ssl
	958
	959	[30-curve-sect233k1-tls12-in-tls13-ssl]
	960	server = 30-curve-sect233k1-tls12-in-tls13-server
	961	client = 30-curve-sect233k1-tls12-in-tls13-client
	962
	963	[30-curve-sect233k1-tls12-in-tls13-server]
	964	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	965	CipherString = DEFAULT@SECLEVEL=1
	966	Curves = sect233k1:P-256
	967	MaxProtocol = TLSv1.3
	968	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	969
	970	[30-curve-sect233k1-tls12-in-tls13-client]
	971	CipherString = ECDHE@SECLEVEL=1
	972	Curves = sect233k1:P-256
	973	MaxProtocol = TLSv1.3
	974	MinProtocol = TLSv1.3
	975	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	976	VerifyMode = Peer
	977
	978	[test-30]
	979	ExpectedProtocol = TLSv1.3
	980	ExpectedResult = Success
	981	ExpectedTmpKeyType = P-256
	982
	983
	984	# ===========================================================
	985
	986	[31-curve-sect233r1-tls12-in-tls13]
	987	ssl_conf = 31-curve-sect233r1-tls12-in-tls13-ssl
	988
	989	[31-curve-sect233r1-tls12-in-tls13-ssl]
	990	server = 31-curve-sect233r1-tls12-in-tls13-server
	991	client = 31-curve-sect233r1-tls12-in-tls13-client
	992
	993	[31-curve-sect233r1-tls12-in-tls13-server]
	994	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	995	CipherString = DEFAULT@SECLEVEL=1
	996	Curves = sect233r1:P-256
	997	MaxProtocol = TLSv1.3
	998	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	999
	1000	[31-curve-sect233r1-tls12-in-tls13-client]
	1001	CipherString = ECDHE@SECLEVEL=1
	1002	Curves = sect233r1:P-256
	1003	MaxProtocol = TLSv1.3
	1004	MinProtocol = TLSv1.3
	1005	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1006	VerifyMode = Peer
	1007
	1008	[test-31]
	1009	ExpectedProtocol = TLSv1.3
	1010	ExpectedResult = Success
	1011	ExpectedTmpKeyType = P-256
	1012
	1013
	1014	# ===========================================================
	1015
	1016	[32-curve-sect283k1-tls12-in-tls13]
	1017	ssl_conf = 32-curve-sect283k1-tls12-in-tls13-ssl
	1018
	1019	[32-curve-sect283k1-tls12-in-tls13-ssl]
	1020	server = 32-curve-sect283k1-tls12-in-tls13-server
	1021	client = 32-curve-sect283k1-tls12-in-tls13-client
	1022
	1023	[32-curve-sect283k1-tls12-in-tls13-server]
	1024	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1025	CipherString = DEFAULT@SECLEVEL=1
	1026	Curves = sect283k1:P-256
	1027	MaxProtocol = TLSv1.3
	1028	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1029
	1030	[32-curve-sect283k1-tls12-in-tls13-client]
	1031	CipherString = ECDHE@SECLEVEL=1
	1032	Curves = sect283k1:P-256
	1033	MaxProtocol = TLSv1.3
	1034	MinProtocol = TLSv1.3
	1035	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1036	VerifyMode = Peer
	1037
	1038	[test-32]
	1039	ExpectedProtocol = TLSv1.3
	1040	ExpectedResult = Success
	1041	ExpectedTmpKeyType = P-256
	1042
	1043
	1044	# ===========================================================
	1045
	1046	[33-curve-sect283r1-tls12-in-tls13]
	1047	ssl_conf = 33-curve-sect283r1-tls12-in-tls13-ssl
	1048
	1049	[33-curve-sect283r1-tls12-in-tls13-ssl]
	1050	server = 33-curve-sect283r1-tls12-in-tls13-server
	1051	client = 33-curve-sect283r1-tls12-in-tls13-client
	1052
	1053	[33-curve-sect283r1-tls12-in-tls13-server]
	1054	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1055	CipherString = DEFAULT@SECLEVEL=1
	1056	Curves = sect283r1:P-256
	1057	MaxProtocol = TLSv1.3
	1058	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1059
	1060	[33-curve-sect283r1-tls12-in-tls13-client]
	1061	CipherString = ECDHE@SECLEVEL=1
	1062	Curves = sect283r1:P-256
	1063	MaxProtocol = TLSv1.3
	1064	MinProtocol = TLSv1.3
	1065	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1066	VerifyMode = Peer
	1067
	1068	[test-33]
	1069	ExpectedProtocol = TLSv1.3
	1070	ExpectedResult = Success
	1071	ExpectedTmpKeyType = P-256
	1072
	1073
	1074	# ===========================================================
	1075
	1076	[34-curve-sect409k1-tls12-in-tls13]
	1077	ssl_conf = 34-curve-sect409k1-tls12-in-tls13-ssl
	1078
	1079	[34-curve-sect409k1-tls12-in-tls13-ssl]
	1080	server = 34-curve-sect409k1-tls12-in-tls13-server
	1081	client = 34-curve-sect409k1-tls12-in-tls13-client
	1082
	1083	[34-curve-sect409k1-tls12-in-tls13-server]
	1084	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1085	CipherString = DEFAULT@SECLEVEL=1
	1086	Curves = sect409k1:P-256
	1087	MaxProtocol = TLSv1.3
	1088	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1089
	1090	[34-curve-sect409k1-tls12-in-tls13-client]
	1091	CipherString = ECDHE@SECLEVEL=1
	1092	Curves = sect409k1:P-256
	1093	MaxProtocol = TLSv1.3
	1094	MinProtocol = TLSv1.3
	1095	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1096	VerifyMode = Peer
	1097
	1098	[test-34]
	1099	ExpectedProtocol = TLSv1.3
	1100	ExpectedResult = Success
	1101	ExpectedTmpKeyType = P-256
	1102
	1103
	1104	# ===========================================================
	1105
	1106	[35-curve-sect409r1-tls12-in-tls13]
	1107	ssl_conf = 35-curve-sect409r1-tls12-in-tls13-ssl
	1108
	1109	[35-curve-sect409r1-tls12-in-tls13-ssl]
	1110	server = 35-curve-sect409r1-tls12-in-tls13-server
	1111	client = 35-curve-sect409r1-tls12-in-tls13-client
	1112
	1113	[35-curve-sect409r1-tls12-in-tls13-server]
	1114	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1115	CipherString = DEFAULT@SECLEVEL=1
	1116	Curves = sect409r1:P-256
	1117	MaxProtocol = TLSv1.3
	1118	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1119
	1120	[35-curve-sect409r1-tls12-in-tls13-client]
	1121	CipherString = ECDHE@SECLEVEL=1
	1122	Curves = sect409r1:P-256
	1123	MaxProtocol = TLSv1.3
	1124	MinProtocol = TLSv1.3
	1125	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1126	VerifyMode = Peer
	1127
	1128	[test-35]
	1129	ExpectedProtocol = TLSv1.3
	1130	ExpectedResult = Success
	1131	ExpectedTmpKeyType = P-256
	1132
	1133
	1134	# ===========================================================
	1135
	1136	[36-curve-sect571k1-tls12-in-tls13]
	1137	ssl_conf = 36-curve-sect571k1-tls12-in-tls13-ssl
	1138
	1139	[36-curve-sect571k1-tls12-in-tls13-ssl]
	1140	server = 36-curve-sect571k1-tls12-in-tls13-server
	1141	client = 36-curve-sect571k1-tls12-in-tls13-client
	1142
	1143	[36-curve-sect571k1-tls12-in-tls13-server]
	1144	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1145	CipherString = DEFAULT@SECLEVEL=1
	1146	Curves = sect571k1:P-256
	1147	MaxProtocol = TLSv1.3
	1148	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1149
	1150	[36-curve-sect571k1-tls12-in-tls13-client]
	1151	CipherString = ECDHE@SECLEVEL=1
	1152	Curves = sect571k1:P-256
	1153	MaxProtocol = TLSv1.3
	1154	MinProtocol = TLSv1.3
	1155	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1156	VerifyMode = Peer
	1157
	1158	[test-36]
	1159	ExpectedProtocol = TLSv1.3
	1160	ExpectedResult = Success
	1161	ExpectedTmpKeyType = P-256
	1162
	1163
	1164	# ===========================================================
	1165
	1166	[37-curve-sect571r1-tls12-in-tls13]
	1167	ssl_conf = 37-curve-sect571r1-tls12-in-tls13-ssl
	1168
	1169	[37-curve-sect571r1-tls12-in-tls13-ssl]
	1170	server = 37-curve-sect571r1-tls12-in-tls13-server
	1171	client = 37-curve-sect571r1-tls12-in-tls13-client
	1172
	1173	[37-curve-sect571r1-tls12-in-tls13-server]
	1174	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1175	CipherString = DEFAULT@SECLEVEL=1
	1176	Curves = sect571r1:P-256
	1177	MaxProtocol = TLSv1.3
	1178	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1179
	1180	[37-curve-sect571r1-tls12-in-tls13-client]
	1181	CipherString = ECDHE@SECLEVEL=1
	1182	Curves = sect571r1:P-256
	1183	MaxProtocol = TLSv1.3
	1184	MinProtocol = TLSv1.3
	1185	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1186	VerifyMode = Peer
	1187
	1188	[test-37]
	1189	ExpectedProtocol = TLSv1.3
	1190	ExpectedResult = Success
	1191	ExpectedTmpKeyType = P-256
	1192
	1193
	1194	# ===========================================================
	1195
	1196	[38-curve-secp224r1-tls12-in-tls13]
	1197	ssl_conf = 38-curve-secp224r1-tls12-in-tls13-ssl
	1198
	1199	[38-curve-secp224r1-tls12-in-tls13-ssl]
	1200	server = 38-curve-secp224r1-tls12-in-tls13-server
	1201	client = 38-curve-secp224r1-tls12-in-tls13-client
	1202
	1203	[38-curve-secp224r1-tls12-in-tls13-server]
	1204	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1205	CipherString = DEFAULT@SECLEVEL=1
	1206	Curves = secp224r1:P-256
	1207	MaxProtocol = TLSv1.3
	1208	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1209
	1210	[38-curve-secp224r1-tls12-in-tls13-client]
	1211	CipherString = ECDHE@SECLEVEL=1
	1212	Curves = secp224r1:P-256
	1213	MaxProtocol = TLSv1.3
	1214	MinProtocol = TLSv1.3
	1215	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1216	VerifyMode = Peer
	1217
	1218	[test-38]
	1219	ExpectedProtocol = TLSv1.3
	1220	ExpectedResult = Success
	1221	ExpectedTmpKeyType = P-256
	1222
	1223
	1224	# ===========================================================
	1225
	1226	[39-curve-sect163k1-tls12-in-tls13]
	1227	ssl_conf = 39-curve-sect163k1-tls12-in-tls13-ssl
	1228
	1229	[39-curve-sect163k1-tls12-in-tls13-ssl]
	1230	server = 39-curve-sect163k1-tls12-in-tls13-server
	1231	client = 39-curve-sect163k1-tls12-in-tls13-client
	1232
	1233	[39-curve-sect163k1-tls12-in-tls13-server]
	1234	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1235	CipherString = DEFAULT@SECLEVEL=1
	1236	Curves = sect163k1:P-256
	1237	MaxProtocol = TLSv1.3
	1238	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1239
	1240	[39-curve-sect163k1-tls12-in-tls13-client]
	1241	CipherString = ECDHE@SECLEVEL=1
	1242	Curves = sect163k1:P-256
	1243	MaxProtocol = TLSv1.3
	1244	MinProtocol = TLSv1.3
	1245	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1246	VerifyMode = Peer
	1247
	1248	[test-39]
	1249	ExpectedProtocol = TLSv1.3
	1250	ExpectedResult = Success
	1251	ExpectedTmpKeyType = P-256
	1252
	1253
	1254	# ===========================================================
	1255
	1256	[40-curve-sect163r2-tls12-in-tls13]
	1257	ssl_conf = 40-curve-sect163r2-tls12-in-tls13-ssl
	1258
	1259	[40-curve-sect163r2-tls12-in-tls13-ssl]
	1260	server = 40-curve-sect163r2-tls12-in-tls13-server
	1261	client = 40-curve-sect163r2-tls12-in-tls13-client
	1262
	1263	[40-curve-sect163r2-tls12-in-tls13-server]
	1264	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1265	CipherString = DEFAULT@SECLEVEL=1
	1266	Curves = sect163r2:P-256
	1267	MaxProtocol = TLSv1.3
	1268	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1269
	1270	[40-curve-sect163r2-tls12-in-tls13-client]
	1271	CipherString = ECDHE@SECLEVEL=1
	1272	Curves = sect163r2:P-256
	1273	MaxProtocol = TLSv1.3
	1274	MinProtocol = TLSv1.3
	1275	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1276	VerifyMode = Peer
	1277
	1278	[test-40]
	1279	ExpectedProtocol = TLSv1.3
	1280	ExpectedResult = Success
	1281	ExpectedTmpKeyType = P-256
	1282
	1283
	1284	# ===========================================================
	1285
	1286	[41-curve-prime192v1-tls12-in-tls13]
	1287	ssl_conf = 41-curve-prime192v1-tls12-in-tls13-ssl
	1288
	1289	[41-curve-prime192v1-tls12-in-tls13-ssl]
	1290	server = 41-curve-prime192v1-tls12-in-tls13-server
	1291	client = 41-curve-prime192v1-tls12-in-tls13-client
	1292
	1293	[41-curve-prime192v1-tls12-in-tls13-server]
	1294	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1295	CipherString = DEFAULT@SECLEVEL=1
	1296	Curves = prime192v1:P-256
	1297	MaxProtocol = TLSv1.3
	1298	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1299
	1300	[41-curve-prime192v1-tls12-in-tls13-client]
	1301	CipherString = ECDHE@SECLEVEL=1
	1302	Curves = prime192v1:P-256
	1303	MaxProtocol = TLSv1.3
	1304	MinProtocol = TLSv1.3
	1305	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1306	VerifyMode = Peer
	1307
	1308	[test-41]
	1309	ExpectedProtocol = TLSv1.3
	1310	ExpectedResult = Success
	1311	ExpectedTmpKeyType = P-256
	1312
	1313
	1314	# ===========================================================
	1315
	1316	[42-curve-sect163r1-tls12-in-tls13]
	1317	ssl_conf = 42-curve-sect163r1-tls12-in-tls13-ssl
	1318
	1319	[42-curve-sect163r1-tls12-in-tls13-ssl]
	1320	server = 42-curve-sect163r1-tls12-in-tls13-server
	1321	client = 42-curve-sect163r1-tls12-in-tls13-client
	1322
	1323	[42-curve-sect163r1-tls12-in-tls13-server]
	1324	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1325	CipherString = DEFAULT@SECLEVEL=1
	1326	Curves = sect163r1:P-256
	1327	MaxProtocol = TLSv1.3
	1328	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1329
	1330	[42-curve-sect163r1-tls12-in-tls13-client]
	1331	CipherString = ECDHE@SECLEVEL=1
	1332	Curves = sect163r1:P-256
	1333	MaxProtocol = TLSv1.3
	1334	MinProtocol = TLSv1.3
	1335	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1336	VerifyMode = Peer
	1337
	1338	[test-42]
	1339	ExpectedProtocol = TLSv1.3
	1340	ExpectedResult = Success
	1341	ExpectedTmpKeyType = P-256
	1342
	1343
	1344	# ===========================================================
	1345
	1346	[43-curve-sect193r1-tls12-in-tls13]
	1347	ssl_conf = 43-curve-sect193r1-tls12-in-tls13-ssl
	1348
	1349	[43-curve-sect193r1-tls12-in-tls13-ssl]
	1350	server = 43-curve-sect193r1-tls12-in-tls13-server
	1351	client = 43-curve-sect193r1-tls12-in-tls13-client
	1352
	1353	[43-curve-sect193r1-tls12-in-tls13-server]
	1354	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1355	CipherString = DEFAULT@SECLEVEL=1
	1356	Curves = sect193r1:P-256
	1357	MaxProtocol = TLSv1.3
	1358	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1359
	1360	[43-curve-sect193r1-tls12-in-tls13-client]
	1361	CipherString = ECDHE@SECLEVEL=1
	1362	Curves = sect193r1:P-256
	1363	MaxProtocol = TLSv1.3
	1364	MinProtocol = TLSv1.3
	1365	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1366	VerifyMode = Peer
	1367
	1368	[test-43]
	1369	ExpectedProtocol = TLSv1.3
	1370	ExpectedResult = Success
	1371	ExpectedTmpKeyType = P-256
	1372
	1373
	1374	# ===========================================================
	1375
	1376	[44-curve-sect193r2-tls12-in-tls13]
	1377	ssl_conf = 44-curve-sect193r2-tls12-in-tls13-ssl
	1378
	1379	[44-curve-sect193r2-tls12-in-tls13-ssl]
	1380	server = 44-curve-sect193r2-tls12-in-tls13-server
	1381	client = 44-curve-sect193r2-tls12-in-tls13-client
	1382
	1383	[44-curve-sect193r2-tls12-in-tls13-server]
	1384	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1385	CipherString = DEFAULT@SECLEVEL=1
	1386	Curves = sect193r2:P-256
	1387	MaxProtocol = TLSv1.3
	1388	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1389
	1390	[44-curve-sect193r2-tls12-in-tls13-client]
	1391	CipherString = ECDHE@SECLEVEL=1
	1392	Curves = sect193r2:P-256
	1393	MaxProtocol = TLSv1.3
	1394	MinProtocol = TLSv1.3
	1395	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1396	VerifyMode = Peer
	1397
	1398	[test-44]
	1399	ExpectedProtocol = TLSv1.3
	1400	ExpectedResult = Success
	1401	ExpectedTmpKeyType = P-256
	1402
	1403
	1404	# ===========================================================
	1405
	1406	[45-curve-sect239k1-tls12-in-tls13]
	1407	ssl_conf = 45-curve-sect239k1-tls12-in-tls13-ssl
	1408
	1409	[45-curve-sect239k1-tls12-in-tls13-ssl]
	1410	server = 45-curve-sect239k1-tls12-in-tls13-server
	1411	client = 45-curve-sect239k1-tls12-in-tls13-client
	1412
	1413	[45-curve-sect239k1-tls12-in-tls13-server]
	1414	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1415	CipherString = DEFAULT@SECLEVEL=1
	1416	Curves = sect239k1:P-256
	1417	MaxProtocol = TLSv1.3
	1418	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1419
	1420	[45-curve-sect239k1-tls12-in-tls13-client]
	1421	CipherString = ECDHE@SECLEVEL=1
	1422	Curves = sect239k1:P-256
	1423	MaxProtocol = TLSv1.3
	1424	MinProtocol = TLSv1.3
	1425	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1426	VerifyMode = Peer
	1427
	1428	[test-45]
	1429	ExpectedProtocol = TLSv1.3
	1430	ExpectedResult = Success
	1431	ExpectedTmpKeyType = P-256
	1432
	1433
	1434	# ===========================================================
	1435
	1436	[46-curve-secp160k1-tls12-in-tls13]
	1437	ssl_conf = 46-curve-secp160k1-tls12-in-tls13-ssl
	1438
	1439	[46-curve-secp160k1-tls12-in-tls13-ssl]
	1440	server = 46-curve-secp160k1-tls12-in-tls13-server
	1441	client = 46-curve-secp160k1-tls12-in-tls13-client
	1442
	1443	[46-curve-secp160k1-tls12-in-tls13-server]
	1444	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1445	CipherString = DEFAULT@SECLEVEL=1
	1446	Curves = secp160k1:P-256
	1447	MaxProtocol = TLSv1.3
	1448	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1449
	1450	[46-curve-secp160k1-tls12-in-tls13-client]
	1451	CipherString = ECDHE@SECLEVEL=1
	1452	Curves = secp160k1:P-256
	1453	MaxProtocol = TLSv1.3
	1454	MinProtocol = TLSv1.3
	1455	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1456	VerifyMode = Peer
	1457
	1458	[test-46]
	1459	ExpectedProtocol = TLSv1.3
	1460	ExpectedResult = Success
	1461	ExpectedTmpKeyType = P-256
	1462
	1463
	1464	# ===========================================================
	1465
	1466	[47-curve-secp160r1-tls12-in-tls13]
	1467	ssl_conf = 47-curve-secp160r1-tls12-in-tls13-ssl
	1468
	1469	[47-curve-secp160r1-tls12-in-tls13-ssl]
	1470	server = 47-curve-secp160r1-tls12-in-tls13-server
	1471	client = 47-curve-secp160r1-tls12-in-tls13-client
	1472
	1473	[47-curve-secp160r1-tls12-in-tls13-server]
	1474	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1475	CipherString = DEFAULT@SECLEVEL=1
	1476	Curves = secp160r1:P-256
	1477	MaxProtocol = TLSv1.3
	1478	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1479
	1480	[47-curve-secp160r1-tls12-in-tls13-client]
	1481	CipherString = ECDHE@SECLEVEL=1
	1482	Curves = secp160r1:P-256
	1483	MaxProtocol = TLSv1.3
	1484	MinProtocol = TLSv1.3
	1485	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1486	VerifyMode = Peer
	1487
	1488	[test-47]
	1489	ExpectedProtocol = TLSv1.3
	1490	ExpectedResult = Success
	1491	ExpectedTmpKeyType = P-256
	1492
	1493
	1494	# ===========================================================
	1495
	1496	[48-curve-secp160r2-tls12-in-tls13]
	1497	ssl_conf = 48-curve-secp160r2-tls12-in-tls13-ssl
	1498
	1499	[48-curve-secp160r2-tls12-in-tls13-ssl]
	1500	server = 48-curve-secp160r2-tls12-in-tls13-server
	1501	client = 48-curve-secp160r2-tls12-in-tls13-client
	1502
	1503	[48-curve-secp160r2-tls12-in-tls13-server]
	1504	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1505	CipherString = DEFAULT@SECLEVEL=1
	1506	Curves = secp160r2:P-256
	1507	MaxProtocol = TLSv1.3
	1508	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1509
	1510	[48-curve-secp160r2-tls12-in-tls13-client]
	1511	CipherString = ECDHE@SECLEVEL=1
	1512	Curves = secp160r2:P-256
	1513	MaxProtocol = TLSv1.3
	1514	MinProtocol = TLSv1.3
	1515	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1516	VerifyMode = Peer
	1517
	1518	[test-48]
	1519	ExpectedProtocol = TLSv1.3
	1520	ExpectedResult = Success
	1521	ExpectedTmpKeyType = P-256
	1522
	1523
	1524	# ===========================================================
	1525
	1526	[49-curve-secp192k1-tls12-in-tls13]
	1527	ssl_conf = 49-curve-secp192k1-tls12-in-tls13-ssl
	1528
	1529	[49-curve-secp192k1-tls12-in-tls13-ssl]
	1530	server = 49-curve-secp192k1-tls12-in-tls13-server
	1531	client = 49-curve-secp192k1-tls12-in-tls13-client
	1532
	1533	[49-curve-secp192k1-tls12-in-tls13-server]
	1534	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1535	CipherString = DEFAULT@SECLEVEL=1
	1536	Curves = secp192k1:P-256
	1537	MaxProtocol = TLSv1.3
	1538	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1539
	1540	[49-curve-secp192k1-tls12-in-tls13-client]
	1541	CipherString = ECDHE@SECLEVEL=1
	1542	Curves = secp192k1:P-256
	1543	MaxProtocol = TLSv1.3
	1544	MinProtocol = TLSv1.3
	1545	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1546	VerifyMode = Peer
	1547
	1548	[test-49]
	1549	ExpectedProtocol = TLSv1.3
	1550	ExpectedResult = Success
	1551	ExpectedTmpKeyType = P-256
	1552
	1553
	1554	# ===========================================================
	1555
	1556	[50-curve-secp224k1-tls12-in-tls13]
	1557	ssl_conf = 50-curve-secp224k1-tls12-in-tls13-ssl
	1558
	1559	[50-curve-secp224k1-tls12-in-tls13-ssl]
	1560	server = 50-curve-secp224k1-tls12-in-tls13-server
	1561	client = 50-curve-secp224k1-tls12-in-tls13-client
	1562
	1563	[50-curve-secp224k1-tls12-in-tls13-server]
	1564	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1565	CipherString = DEFAULT@SECLEVEL=1
	1566	Curves = secp224k1:P-256
	1567	MaxProtocol = TLSv1.3
	1568	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1569
	1570	[50-curve-secp224k1-tls12-in-tls13-client]
	1571	CipherString = ECDHE@SECLEVEL=1
	1572	Curves = secp224k1:P-256
	1573	MaxProtocol = TLSv1.3
	1574	MinProtocol = TLSv1.3
	1575	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1576	VerifyMode = Peer
	1577
	1578	[test-50]
	1579	ExpectedProtocol = TLSv1.3
	1580	ExpectedResult = Success
	1581	ExpectedTmpKeyType = P-256
	1582
	1583
	1584	# ===========================================================
	1585
	1586	[51-curve-secp256k1-tls12-in-tls13]
	1587	ssl_conf = 51-curve-secp256k1-tls12-in-tls13-ssl
	1588
	1589	[51-curve-secp256k1-tls12-in-tls13-ssl]
	1590	server = 51-curve-secp256k1-tls12-in-tls13-server
	1591	client = 51-curve-secp256k1-tls12-in-tls13-client
	1592
	1593	[51-curve-secp256k1-tls12-in-tls13-server]
	1594	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1595	CipherString = DEFAULT@SECLEVEL=1
	1596	Curves = secp256k1:P-256
	1597	MaxProtocol = TLSv1.3
	1598	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1599
	1600	[51-curve-secp256k1-tls12-in-tls13-client]
	1601	CipherString = ECDHE@SECLEVEL=1
	1602	Curves = secp256k1:P-256
	1603	MaxProtocol = TLSv1.3
	1604	MinProtocol = TLSv1.3
	1605	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1606	VerifyMode = Peer
	1607
	1608	[test-51]
	1609	ExpectedProtocol = TLSv1.3
	1610	ExpectedResult = Success
	1611	ExpectedTmpKeyType = P-256
	1612
	1613
	1614	# ===========================================================
	1615
	1616	[52-curve-brainpoolP256r1-tls12-in-tls13]
	1617	ssl_conf = 52-curve-brainpoolP256r1-tls12-in-tls13-ssl
	1618
	1619	[52-curve-brainpoolP256r1-tls12-in-tls13-ssl]
	1620	server = 52-curve-brainpoolP256r1-tls12-in-tls13-server
	1621	client = 52-curve-brainpoolP256r1-tls12-in-tls13-client
	1622
	1623	[52-curve-brainpoolP256r1-tls12-in-tls13-server]
	1624	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1625	CipherString = DEFAULT@SECLEVEL=1
	1626	Curves = brainpoolP256r1:P-256
	1627	MaxProtocol = TLSv1.3
	1628	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1629
	1630	[52-curve-brainpoolP256r1-tls12-in-tls13-client]
	1631	CipherString = ECDHE@SECLEVEL=1
	1632	Curves = brainpoolP256r1:P-256
	1633	MaxProtocol = TLSv1.3
	1634	MinProtocol = TLSv1.3
	1635	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1636	VerifyMode = Peer
	1637
	1638	[test-52]
	1639	ExpectedProtocol = TLSv1.3
	1640	ExpectedResult = Success
	1641	ExpectedTmpKeyType = P-256
	1642
	1643
	1644	# ===========================================================
	1645
	1646	[53-curve-brainpoolP384r1-tls12-in-tls13]
	1647	ssl_conf = 53-curve-brainpoolP384r1-tls12-in-tls13-ssl
	1648
	1649	[53-curve-brainpoolP384r1-tls12-in-tls13-ssl]
	1650	server = 53-curve-brainpoolP384r1-tls12-in-tls13-server
	1651	client = 53-curve-brainpoolP384r1-tls12-in-tls13-client
	1652
	1653	[53-curve-brainpoolP384r1-tls12-in-tls13-server]
	1654	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1655	CipherString = DEFAULT@SECLEVEL=1
	1656	Curves = brainpoolP384r1:P-256
	1657	MaxProtocol = TLSv1.3
	1658	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1659
	1660	[53-curve-brainpoolP384r1-tls12-in-tls13-client]
	1661	CipherString = ECDHE@SECLEVEL=1
	1662	Curves = brainpoolP384r1:P-256
	1663	MaxProtocol = TLSv1.3
	1664	MinProtocol = TLSv1.3
	1665	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1666	VerifyMode = Peer
	1667
	1668	[test-53]
	1669	ExpectedProtocol = TLSv1.3
	1670	ExpectedResult = Success
	1671	ExpectedTmpKeyType = P-256
	1672
	1673
	1674	# ===========================================================
	1675
	1676	[54-curve-brainpoolP512r1-tls12-in-tls13]
	1677	ssl_conf = 54-curve-brainpoolP512r1-tls12-in-tls13-ssl
	1678
	1679	[54-curve-brainpoolP512r1-tls12-in-tls13-ssl]
	1680	server = 54-curve-brainpoolP512r1-tls12-in-tls13-server
	1681	client = 54-curve-brainpoolP512r1-tls12-in-tls13-client
	1682
	1683	[54-curve-brainpoolP512r1-tls12-in-tls13-server]
	1684	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
	1685	CipherString = DEFAULT@SECLEVEL=1
	1686	Curves = brainpoolP512r1:P-256
	1687	MaxProtocol = TLSv1.3
	1688	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
	1689
	1690	[54-curve-brainpoolP512r1-tls12-in-tls13-client]
	1691	CipherString = ECDHE@SECLEVEL=1
	1692	Curves = brainpoolP512r1:P-256
	1693	MaxProtocol = TLSv1.3
	1694	MinProtocol = TLSv1.3
	1695	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
	1696	VerifyMode = Peer
	1697
	1698	[test-54]
	1699	ExpectedProtocol = TLSv1.3
	1700	ExpectedResult = Success
	1701	ExpectedTmpKeyType = P-256
	1702
	1703
	1704	# ===========================================================
	1705
	1706	[55-curve-sect233k1-tls13]
	1707	ssl_conf = 55-curve-sect233k1-tls13-ssl
	1708
	1709	[55-curve-sect233k1-tls13-ssl]
	1710	server = 55-curve-sect233k1-tls13-server
	1711	client = 55-curve-sect233k1-tls13-client
	1712
	1713	[55-curve-sect233k1-tls13-server]
939	1714	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
940	1715	CipherString = DEFAULT
941	1716	Curves = sect233k1
942	1717	MaxProtocol = TLSv1.3
943	1718	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
944	1719
945		[30-curve-sect233k1-tls13-client]
	1720	[55-curve-sect233k1-tls13-client]
946	1721	CipherString = ECDHE
947	1722	Curves = sect233k1
948	1723	MinProtocol = TLSv1.3
949	1724	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
950	1725	VerifyMode = Peer
951	1726
952		[test-30]
953		ExpectedResult = ClientFail
954
955
956		# ===========================================================
957
958		[31-curve-sect233r1-tls13]
959		ssl_conf = 31-curve-sect233r1-tls13-ssl
960
961		[31-curve-sect233r1-tls13-ssl]
962		server = 31-curve-sect233r1-tls13-server
963		client = 31-curve-sect233r1-tls13-client
964
965		[31-curve-sect233r1-tls13-server]
	1727	[test-55]
	1728	ExpectedResult = ClientFail
	1729
	1730
	1731	# ===========================================================
	1732
	1733	[56-curve-sect233r1-tls13]
	1734	ssl_conf = 56-curve-sect233r1-tls13-ssl
	1735
	1736	[56-curve-sect233r1-tls13-ssl]
	1737	server = 56-curve-sect233r1-tls13-server
	1738	client = 56-curve-sect233r1-tls13-client
	1739
	1740	[56-curve-sect233r1-tls13-server]
966	1741	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
967	1742	CipherString = DEFAULT
968	1743	Curves = sect233r1
969	1744	MaxProtocol = TLSv1.3
970	1745	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
971	1746
972		[31-curve-sect233r1-tls13-client]
	1747	[56-curve-sect233r1-tls13-client]
973	1748	CipherString = ECDHE
974	1749	Curves = sect233r1
975	1750	MinProtocol = TLSv1.3
976	1751	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
977	1752	VerifyMode = Peer
978	1753
979		[test-31]
980		ExpectedResult = ClientFail
981
982
983		# ===========================================================
984
985		[32-curve-sect283k1-tls13]
986		ssl_conf = 32-curve-sect283k1-tls13-ssl
987
988		[32-curve-sect283k1-tls13-ssl]
989		server = 32-curve-sect283k1-tls13-server
990		client = 32-curve-sect283k1-tls13-client
991
992		[32-curve-sect283k1-tls13-server]
	1754	[test-56]
	1755	ExpectedResult = ClientFail
	1756
	1757
	1758	# ===========================================================
	1759
	1760	[57-curve-sect283k1-tls13]
	1761	ssl_conf = 57-curve-sect283k1-tls13-ssl
	1762
	1763	[57-curve-sect283k1-tls13-ssl]
	1764	server = 57-curve-sect283k1-tls13-server
	1765	client = 57-curve-sect283k1-tls13-client
	1766
	1767	[57-curve-sect283k1-tls13-server]
993	1768	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
994	1769	CipherString = DEFAULT
995	1770	Curves = sect283k1
996	1771	MaxProtocol = TLSv1.3
997	1772	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
998	1773
999		[32-curve-sect283k1-tls13-client]
	1774	[57-curve-sect283k1-tls13-client]
1000	1775	CipherString = ECDHE
1001	1776	Curves = sect283k1
1002	1777	MinProtocol = TLSv1.3
1003	1778	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1004	1779	VerifyMode = Peer
1005	1780
1006		[test-32]
1007		ExpectedResult = ClientFail
1008
1009
1010		# ===========================================================
1011
1012		[33-curve-sect283r1-tls13]
1013		ssl_conf = 33-curve-sect283r1-tls13-ssl
1014
1015		[33-curve-sect283r1-tls13-ssl]
1016		server = 33-curve-sect283r1-tls13-server
1017		client = 33-curve-sect283r1-tls13-client
1018
1019		[33-curve-sect283r1-tls13-server]
	1781	[test-57]
	1782	ExpectedResult = ClientFail
	1783
	1784
	1785	# ===========================================================
	1786
	1787	[58-curve-sect283r1-tls13]
	1788	ssl_conf = 58-curve-sect283r1-tls13-ssl
	1789
	1790	[58-curve-sect283r1-tls13-ssl]
	1791	server = 58-curve-sect283r1-tls13-server
	1792	client = 58-curve-sect283r1-tls13-client
	1793
	1794	[58-curve-sect283r1-tls13-server]
1020	1795	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1021	1796	CipherString = DEFAULT
1022	1797	Curves = sect283r1
1023	1798	MaxProtocol = TLSv1.3
1024	1799	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1025	1800
1026		[33-curve-sect283r1-tls13-client]
	1801	[58-curve-sect283r1-tls13-client]
1027	1802	CipherString = ECDHE
1028	1803	Curves = sect283r1
1029	1804	MinProtocol = TLSv1.3
1030	1805	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1031	1806	VerifyMode = Peer
1032	1807
1033		[test-33]
1034		ExpectedResult = ClientFail
1035
1036
1037		# ===========================================================
1038
1039		[34-curve-sect409k1-tls13]
1040		ssl_conf = 34-curve-sect409k1-tls13-ssl
1041
1042		[34-curve-sect409k1-tls13-ssl]
1043		server = 34-curve-sect409k1-tls13-server
1044		client = 34-curve-sect409k1-tls13-client
1045
1046		[34-curve-sect409k1-tls13-server]
	1808	[test-58]
	1809	ExpectedResult = ClientFail
	1810
	1811
	1812	# ===========================================================
	1813
	1814	[59-curve-sect409k1-tls13]
	1815	ssl_conf = 59-curve-sect409k1-tls13-ssl
	1816
	1817	[59-curve-sect409k1-tls13-ssl]
	1818	server = 59-curve-sect409k1-tls13-server
	1819	client = 59-curve-sect409k1-tls13-client
	1820
	1821	[59-curve-sect409k1-tls13-server]
1047	1822	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1048	1823	CipherString = DEFAULT
1049	1824	Curves = sect409k1
1050	1825	MaxProtocol = TLSv1.3
1051	1826	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1052	1827
1053		[34-curve-sect409k1-tls13-client]
	1828	[59-curve-sect409k1-tls13-client]
1054	1829	CipherString = ECDHE
1055	1830	Curves = sect409k1
1056	1831	MinProtocol = TLSv1.3
1057	1832	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1058	1833	VerifyMode = Peer
1059	1834
1060		[test-34]
1061		ExpectedResult = ClientFail
1062
1063
1064		# ===========================================================
1065
1066		[35-curve-sect409r1-tls13]
1067		ssl_conf = 35-curve-sect409r1-tls13-ssl
1068
1069		[35-curve-sect409r1-tls13-ssl]
1070		server = 35-curve-sect409r1-tls13-server
1071		client = 35-curve-sect409r1-tls13-client
1072
1073		[35-curve-sect409r1-tls13-server]
	1835	[test-59]
	1836	ExpectedResult = ClientFail
	1837
	1838
	1839	# ===========================================================
	1840
	1841	[60-curve-sect409r1-tls13]
	1842	ssl_conf = 60-curve-sect409r1-tls13-ssl
	1843
	1844	[60-curve-sect409r1-tls13-ssl]
	1845	server = 60-curve-sect409r1-tls13-server
	1846	client = 60-curve-sect409r1-tls13-client
	1847
	1848	[60-curve-sect409r1-tls13-server]
1074	1849	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1075	1850	CipherString = DEFAULT
1076	1851	Curves = sect409r1
1077	1852	MaxProtocol = TLSv1.3
1078	1853	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1079	1854
1080		[35-curve-sect409r1-tls13-client]
	1855	[60-curve-sect409r1-tls13-client]
1081	1856	CipherString = ECDHE
1082	1857	Curves = sect409r1
1083	1858	MinProtocol = TLSv1.3
1084	1859	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1085	1860	VerifyMode = Peer
1086	1861
1087		[test-35]
1088		ExpectedResult = ClientFail
1089
1090
1091		# ===========================================================
1092
1093		[36-curve-sect571k1-tls13]
1094		ssl_conf = 36-curve-sect571k1-tls13-ssl
1095
1096		[36-curve-sect571k1-tls13-ssl]
1097		server = 36-curve-sect571k1-tls13-server
1098		client = 36-curve-sect571k1-tls13-client
1099
1100		[36-curve-sect571k1-tls13-server]
	1862	[test-60]
	1863	ExpectedResult = ClientFail
	1864
	1865
	1866	# ===========================================================
	1867
	1868	[61-curve-sect571k1-tls13]
	1869	ssl_conf = 61-curve-sect571k1-tls13-ssl
	1870
	1871	[61-curve-sect571k1-tls13-ssl]
	1872	server = 61-curve-sect571k1-tls13-server
	1873	client = 61-curve-sect571k1-tls13-client
	1874
	1875	[61-curve-sect571k1-tls13-server]
1101	1876	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1102	1877	CipherString = DEFAULT
1103	1878	Curves = sect571k1
1104	1879	MaxProtocol = TLSv1.3
1105	1880	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1106	1881
1107		[36-curve-sect571k1-tls13-client]
	1882	[61-curve-sect571k1-tls13-client]
1108	1883	CipherString = ECDHE
1109	1884	Curves = sect571k1
1110	1885	MinProtocol = TLSv1.3
1111	1886	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1112	1887	VerifyMode = Peer
1113	1888
1114		[test-36]
1115		ExpectedResult = ClientFail
1116
1117
1118		# ===========================================================
1119
1120		[37-curve-sect571r1-tls13]
1121		ssl_conf = 37-curve-sect571r1-tls13-ssl
1122
1123		[37-curve-sect571r1-tls13-ssl]
1124		server = 37-curve-sect571r1-tls13-server
1125		client = 37-curve-sect571r1-tls13-client
1126
1127		[37-curve-sect571r1-tls13-server]
	1889	[test-61]
	1890	ExpectedResult = ClientFail
	1891
	1892
	1893	# ===========================================================
	1894
	1895	[62-curve-sect571r1-tls13]
	1896	ssl_conf = 62-curve-sect571r1-tls13-ssl
	1897
	1898	[62-curve-sect571r1-tls13-ssl]
	1899	server = 62-curve-sect571r1-tls13-server
	1900	client = 62-curve-sect571r1-tls13-client
	1901
	1902	[62-curve-sect571r1-tls13-server]
1128	1903	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1129	1904	CipherString = DEFAULT
1130	1905	Curves = sect571r1
1131	1906	MaxProtocol = TLSv1.3
1132	1907	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1133	1908
1134		[37-curve-sect571r1-tls13-client]
	1909	[62-curve-sect571r1-tls13-client]
1135	1910	CipherString = ECDHE
1136	1911	Curves = sect571r1
1137	1912	MinProtocol = TLSv1.3
1138	1913	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1139	1914	VerifyMode = Peer
1140	1915
1141		[test-37]
1142		ExpectedResult = ClientFail
1143
1144
1145		# ===========================================================
1146
1147		[38-curve-secp224r1-tls13]
1148		ssl_conf = 38-curve-secp224r1-tls13-ssl
1149
1150		[38-curve-secp224r1-tls13-ssl]
1151		server = 38-curve-secp224r1-tls13-server
1152		client = 38-curve-secp224r1-tls13-client
1153
1154		[38-curve-secp224r1-tls13-server]
	1916	[test-62]
	1917	ExpectedResult = ClientFail
	1918
	1919
	1920	# ===========================================================
	1921
	1922	[63-curve-secp224r1-tls13]
	1923	ssl_conf = 63-curve-secp224r1-tls13-ssl
	1924
	1925	[63-curve-secp224r1-tls13-ssl]
	1926	server = 63-curve-secp224r1-tls13-server
	1927	client = 63-curve-secp224r1-tls13-client
	1928
	1929	[63-curve-secp224r1-tls13-server]
1155	1930	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1156	1931	CipherString = DEFAULT
1157	1932	Curves = secp224r1
1158	1933	MaxProtocol = TLSv1.3
1159	1934	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1160	1935
1161		[38-curve-secp224r1-tls13-client]
	1936	[63-curve-secp224r1-tls13-client]
1162	1937	CipherString = ECDHE
1163	1938	Curves = secp224r1
1164	1939	MinProtocol = TLSv1.3
1165	1940	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1166	1941	VerifyMode = Peer
1167	1942
1168		[test-38]
1169		ExpectedResult = ClientFail
1170
1171
1172		# ===========================================================
1173
1174		[39-curve-sect163k1-tls13]
1175		ssl_conf = 39-curve-sect163k1-tls13-ssl
1176
1177		[39-curve-sect163k1-tls13-ssl]
1178		server = 39-curve-sect163k1-tls13-server
1179		client = 39-curve-sect163k1-tls13-client
1180
1181		[39-curve-sect163k1-tls13-server]
	1943	[test-63]
	1944	ExpectedResult = ClientFail
	1945
	1946
	1947	# ===========================================================
	1948
	1949	[64-curve-sect163k1-tls13]
	1950	ssl_conf = 64-curve-sect163k1-tls13-ssl
	1951
	1952	[64-curve-sect163k1-tls13-ssl]
	1953	server = 64-curve-sect163k1-tls13-server
	1954	client = 64-curve-sect163k1-tls13-client
	1955
	1956	[64-curve-sect163k1-tls13-server]
1182	1957	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1183	1958	CipherString = DEFAULT
1184	1959	Curves = sect163k1
1185	1960	MaxProtocol = TLSv1.3
1186	1961	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1187	1962
1188		[39-curve-sect163k1-tls13-client]
	1963	[64-curve-sect163k1-tls13-client]
1189	1964	CipherString = ECDHE
1190	1965	Curves = sect163k1
1191	1966	MinProtocol = TLSv1.3
1192	1967	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1193	1968	VerifyMode = Peer
1194	1969
1195		[test-39]
1196		ExpectedResult = ClientFail
1197
1198
1199		# ===========================================================
1200
1201		[40-curve-sect163r2-tls13]
1202		ssl_conf = 40-curve-sect163r2-tls13-ssl
1203
1204		[40-curve-sect163r2-tls13-ssl]
1205		server = 40-curve-sect163r2-tls13-server
1206		client = 40-curve-sect163r2-tls13-client
1207
1208		[40-curve-sect163r2-tls13-server]
	1970	[test-64]
	1971	ExpectedResult = ClientFail
	1972
	1973
	1974	# ===========================================================
	1975
	1976	[65-curve-sect163r2-tls13]
	1977	ssl_conf = 65-curve-sect163r2-tls13-ssl
	1978
	1979	[65-curve-sect163r2-tls13-ssl]
	1980	server = 65-curve-sect163r2-tls13-server
	1981	client = 65-curve-sect163r2-tls13-client
	1982
	1983	[65-curve-sect163r2-tls13-server]
1209	1984	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1210	1985	CipherString = DEFAULT
1211	1986	Curves = sect163r2
1212	1987	MaxProtocol = TLSv1.3
1213	1988	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1214	1989
1215		[40-curve-sect163r2-tls13-client]
	1990	[65-curve-sect163r2-tls13-client]
1216	1991	CipherString = ECDHE
1217	1992	Curves = sect163r2
1218	1993	MinProtocol = TLSv1.3
1219	1994	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1220	1995	VerifyMode = Peer
1221	1996
1222		[test-40]
1223		ExpectedResult = ClientFail
1224
1225
1226		# ===========================================================
1227
1228		[41-curve-prime192v1-tls13]
1229		ssl_conf = 41-curve-prime192v1-tls13-ssl
1230
1231		[41-curve-prime192v1-tls13-ssl]
1232		server = 41-curve-prime192v1-tls13-server
1233		client = 41-curve-prime192v1-tls13-client
1234
1235		[41-curve-prime192v1-tls13-server]
	1997	[test-65]
	1998	ExpectedResult = ClientFail
	1999
	2000
	2001	# ===========================================================
	2002
	2003	[66-curve-prime192v1-tls13]
	2004	ssl_conf = 66-curve-prime192v1-tls13-ssl
	2005
	2006	[66-curve-prime192v1-tls13-ssl]
	2007	server = 66-curve-prime192v1-tls13-server
	2008	client = 66-curve-prime192v1-tls13-client
	2009
	2010	[66-curve-prime192v1-tls13-server]
1236	2011	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1237	2012	CipherString = DEFAULT
1238	2013	Curves = prime192v1
1239	2014	MaxProtocol = TLSv1.3
1240	2015	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1241	2016
1242		[41-curve-prime192v1-tls13-client]
	2017	[66-curve-prime192v1-tls13-client]
1243	2018	CipherString = ECDHE
1244	2019	Curves = prime192v1
1245	2020	MinProtocol = TLSv1.3
1246	2021	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1247	2022	VerifyMode = Peer
1248	2023
1249		[test-41]
1250		ExpectedResult = ClientFail
1251
1252
1253		# ===========================================================
1254
1255		[42-curve-sect163r1-tls13]
1256		ssl_conf = 42-curve-sect163r1-tls13-ssl
1257
1258		[42-curve-sect163r1-tls13-ssl]
1259		server = 42-curve-sect163r1-tls13-server
1260		client = 42-curve-sect163r1-tls13-client
1261
1262		[42-curve-sect163r1-tls13-server]
	2024	[test-66]
	2025	ExpectedResult = ClientFail
	2026
	2027
	2028	# ===========================================================
	2029
	2030	[67-curve-sect163r1-tls13]
	2031	ssl_conf = 67-curve-sect163r1-tls13-ssl
	2032
	2033	[67-curve-sect163r1-tls13-ssl]
	2034	server = 67-curve-sect163r1-tls13-server
	2035	client = 67-curve-sect163r1-tls13-client
	2036
	2037	[67-curve-sect163r1-tls13-server]
1263	2038	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1264	2039	CipherString = DEFAULT
1265	2040	Curves = sect163r1
1266	2041	MaxProtocol = TLSv1.3
1267	2042	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1268	2043
1269		[42-curve-sect163r1-tls13-client]
	2044	[67-curve-sect163r1-tls13-client]
1270	2045	CipherString = ECDHE
1271	2046	Curves = sect163r1
1272	2047	MinProtocol = TLSv1.3
1273	2048	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1274	2049	VerifyMode = Peer
1275	2050
1276		[test-42]
1277		ExpectedResult = ClientFail
1278
1279
1280		# ===========================================================
1281
1282		[43-curve-sect193r1-tls13]
1283		ssl_conf = 43-curve-sect193r1-tls13-ssl
1284
1285		[43-curve-sect193r1-tls13-ssl]
1286		server = 43-curve-sect193r1-tls13-server
1287		client = 43-curve-sect193r1-tls13-client
1288
1289		[43-curve-sect193r1-tls13-server]
	2051	[test-67]
	2052	ExpectedResult = ClientFail
	2053
	2054
	2055	# ===========================================================
	2056
	2057	[68-curve-sect193r1-tls13]
	2058	ssl_conf = 68-curve-sect193r1-tls13-ssl
	2059
	2060	[68-curve-sect193r1-tls13-ssl]
	2061	server = 68-curve-sect193r1-tls13-server
	2062	client = 68-curve-sect193r1-tls13-client
	2063
	2064	[68-curve-sect193r1-tls13-server]
1290	2065	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1291	2066	CipherString = DEFAULT
1292	2067	Curves = sect193r1
1293	2068	MaxProtocol = TLSv1.3
1294	2069	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1295	2070
1296		[43-curve-sect193r1-tls13-client]
	2071	[68-curve-sect193r1-tls13-client]
1297	2072	CipherString = ECDHE
1298	2073	Curves = sect193r1
1299	2074	MinProtocol = TLSv1.3
1300	2075	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1301	2076	VerifyMode = Peer
1302	2077
1303		[test-43]
1304		ExpectedResult = ClientFail
1305
1306
1307		# ===========================================================
1308
1309		[44-curve-sect193r2-tls13]
1310		ssl_conf = 44-curve-sect193r2-tls13-ssl
1311
1312		[44-curve-sect193r2-tls13-ssl]
1313		server = 44-curve-sect193r2-tls13-server
1314		client = 44-curve-sect193r2-tls13-client
1315
1316		[44-curve-sect193r2-tls13-server]
	2078	[test-68]
	2079	ExpectedResult = ClientFail
	2080
	2081
	2082	# ===========================================================
	2083
	2084	[69-curve-sect193r2-tls13]
	2085	ssl_conf = 69-curve-sect193r2-tls13-ssl
	2086
	2087	[69-curve-sect193r2-tls13-ssl]
	2088	server = 69-curve-sect193r2-tls13-server
	2089	client = 69-curve-sect193r2-tls13-client
	2090
	2091	[69-curve-sect193r2-tls13-server]
1317	2092	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1318	2093	CipherString = DEFAULT
1319	2094	Curves = sect193r2
1320	2095	MaxProtocol = TLSv1.3
1321	2096	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1322	2097
1323		[44-curve-sect193r2-tls13-client]
	2098	[69-curve-sect193r2-tls13-client]
1324	2099	CipherString = ECDHE
1325	2100	Curves = sect193r2
1326	2101	MinProtocol = TLSv1.3
1327	2102	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1328	2103	VerifyMode = Peer
1329	2104
1330		[test-44]
1331		ExpectedResult = ClientFail
1332
1333
1334		# ===========================================================
1335
1336		[45-curve-sect239k1-tls13]
1337		ssl_conf = 45-curve-sect239k1-tls13-ssl
1338
1339		[45-curve-sect239k1-tls13-ssl]
1340		server = 45-curve-sect239k1-tls13-server
1341		client = 45-curve-sect239k1-tls13-client
1342
1343		[45-curve-sect239k1-tls13-server]
	2105	[test-69]
	2106	ExpectedResult = ClientFail
	2107
	2108
	2109	# ===========================================================
	2110
	2111	[70-curve-sect239k1-tls13]
	2112	ssl_conf = 70-curve-sect239k1-tls13-ssl
	2113
	2114	[70-curve-sect239k1-tls13-ssl]
	2115	server = 70-curve-sect239k1-tls13-server
	2116	client = 70-curve-sect239k1-tls13-client
	2117
	2118	[70-curve-sect239k1-tls13-server]
1344	2119	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1345	2120	CipherString = DEFAULT
1346	2121	Curves = sect239k1
1347	2122	MaxProtocol = TLSv1.3
1348	2123	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1349	2124
1350		[45-curve-sect239k1-tls13-client]
	2125	[70-curve-sect239k1-tls13-client]
1351	2126	CipherString = ECDHE
1352	2127	Curves = sect239k1
1353	2128	MinProtocol = TLSv1.3
1354	2129	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1355	2130	VerifyMode = Peer
1356	2131
1357		[test-45]
1358		ExpectedResult = ClientFail
1359
1360
1361		# ===========================================================
1362
1363		[46-curve-secp160k1-tls13]
1364		ssl_conf = 46-curve-secp160k1-tls13-ssl
1365
1366		[46-curve-secp160k1-tls13-ssl]
1367		server = 46-curve-secp160k1-tls13-server
1368		client = 46-curve-secp160k1-tls13-client
1369
1370		[46-curve-secp160k1-tls13-server]
	2132	[test-70]
	2133	ExpectedResult = ClientFail
	2134
	2135
	2136	# ===========================================================
	2137
	2138	[71-curve-secp160k1-tls13]
	2139	ssl_conf = 71-curve-secp160k1-tls13-ssl
	2140
	2141	[71-curve-secp160k1-tls13-ssl]
	2142	server = 71-curve-secp160k1-tls13-server
	2143	client = 71-curve-secp160k1-tls13-client
	2144
	2145	[71-curve-secp160k1-tls13-server]
1371	2146	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1372	2147	CipherString = DEFAULT
1373	2148	Curves = secp160k1
1374	2149	MaxProtocol = TLSv1.3
1375	2150	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1376	2151
1377		[46-curve-secp160k1-tls13-client]
	2152	[71-curve-secp160k1-tls13-client]
1378	2153	CipherString = ECDHE
1379	2154	Curves = secp160k1
1380	2155	MinProtocol = TLSv1.3
1381	2156	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1382	2157	VerifyMode = Peer
1383	2158
1384		[test-46]
1385		ExpectedResult = ClientFail
1386
1387
1388		# ===========================================================
1389
1390		[47-curve-secp160r1-tls13]
1391		ssl_conf = 47-curve-secp160r1-tls13-ssl
1392
1393		[47-curve-secp160r1-tls13-ssl]
1394		server = 47-curve-secp160r1-tls13-server
1395		client = 47-curve-secp160r1-tls13-client
1396
1397		[47-curve-secp160r1-tls13-server]
	2159	[test-71]
	2160	ExpectedResult = ClientFail
	2161
	2162
	2163	# ===========================================================
	2164
	2165	[72-curve-secp160r1-tls13]
	2166	ssl_conf = 72-curve-secp160r1-tls13-ssl
	2167
	2168	[72-curve-secp160r1-tls13-ssl]
	2169	server = 72-curve-secp160r1-tls13-server
	2170	client = 72-curve-secp160r1-tls13-client
	2171
	2172	[72-curve-secp160r1-tls13-server]
1398	2173	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1399	2174	CipherString = DEFAULT
1400	2175	Curves = secp160r1
1401	2176	MaxProtocol = TLSv1.3
1402	2177	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1403	2178
1404		[47-curve-secp160r1-tls13-client]
	2179	[72-curve-secp160r1-tls13-client]
1405	2180	CipherString = ECDHE
1406	2181	Curves = secp160r1
1407	2182	MinProtocol = TLSv1.3
1408	2183	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1409	2184	VerifyMode = Peer
1410	2185
1411		[test-47]
1412		ExpectedResult = ClientFail
1413
1414
1415		# ===========================================================
1416
1417		[48-curve-secp160r2-tls13]
1418		ssl_conf = 48-curve-secp160r2-tls13-ssl
1419
1420		[48-curve-secp160r2-tls13-ssl]
1421		server = 48-curve-secp160r2-tls13-server
1422		client = 48-curve-secp160r2-tls13-client
1423
1424		[48-curve-secp160r2-tls13-server]
	2186	[test-72]
	2187	ExpectedResult = ClientFail
	2188
	2189
	2190	# ===========================================================
	2191
	2192	[73-curve-secp160r2-tls13]
	2193	ssl_conf = 73-curve-secp160r2-tls13-ssl
	2194
	2195	[73-curve-secp160r2-tls13-ssl]
	2196	server = 73-curve-secp160r2-tls13-server
	2197	client = 73-curve-secp160r2-tls13-client
	2198
	2199	[73-curve-secp160r2-tls13-server]
1425	2200	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1426	2201	CipherString = DEFAULT
1427	2202	Curves = secp160r2
1428	2203	MaxProtocol = TLSv1.3
1429	2204	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1430	2205
1431		[48-curve-secp160r2-tls13-client]
	2206	[73-curve-secp160r2-tls13-client]
1432	2207	CipherString = ECDHE
1433	2208	Curves = secp160r2
1434	2209	MinProtocol = TLSv1.3
1435	2210	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1436	2211	VerifyMode = Peer
1437	2212
1438		[test-48]
1439		ExpectedResult = ClientFail
1440
1441
1442		# ===========================================================
1443
1444		[49-curve-secp192k1-tls13]
1445		ssl_conf = 49-curve-secp192k1-tls13-ssl
1446
1447		[49-curve-secp192k1-tls13-ssl]
1448		server = 49-curve-secp192k1-tls13-server
1449		client = 49-curve-secp192k1-tls13-client
1450
1451		[49-curve-secp192k1-tls13-server]
	2213	[test-73]
	2214	ExpectedResult = ClientFail
	2215
	2216
	2217	# ===========================================================
	2218
	2219	[74-curve-secp192k1-tls13]
	2220	ssl_conf = 74-curve-secp192k1-tls13-ssl
	2221
	2222	[74-curve-secp192k1-tls13-ssl]
	2223	server = 74-curve-secp192k1-tls13-server
	2224	client = 74-curve-secp192k1-tls13-client
	2225
	2226	[74-curve-secp192k1-tls13-server]
1452	2227	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1453	2228	CipherString = DEFAULT
1454	2229	Curves = secp192k1
1455	2230	MaxProtocol = TLSv1.3
1456	2231	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1457	2232
1458		[49-curve-secp192k1-tls13-client]
	2233	[74-curve-secp192k1-tls13-client]
1459	2234	CipherString = ECDHE
1460	2235	Curves = secp192k1
1461	2236	MinProtocol = TLSv1.3
1462	2237	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1463	2238	VerifyMode = Peer
1464	2239
1465		[test-49]
1466		ExpectedResult = ClientFail
1467
1468
1469		# ===========================================================
1470
1471		[50-curve-secp224k1-tls13]
1472		ssl_conf = 50-curve-secp224k1-tls13-ssl
1473
1474		[50-curve-secp224k1-tls13-ssl]
1475		server = 50-curve-secp224k1-tls13-server
1476		client = 50-curve-secp224k1-tls13-client
1477
1478		[50-curve-secp224k1-tls13-server]
	2240	[test-74]
	2241	ExpectedResult = ClientFail
	2242
	2243
	2244	# ===========================================================
	2245
	2246	[75-curve-secp224k1-tls13]
	2247	ssl_conf = 75-curve-secp224k1-tls13-ssl
	2248
	2249	[75-curve-secp224k1-tls13-ssl]
	2250	server = 75-curve-secp224k1-tls13-server
	2251	client = 75-curve-secp224k1-tls13-client
	2252
	2253	[75-curve-secp224k1-tls13-server]
1479	2254	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1480	2255	CipherString = DEFAULT
1481	2256	Curves = secp224k1
1482	2257	MaxProtocol = TLSv1.3
1483	2258	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1484	2259
1485		[50-curve-secp224k1-tls13-client]
	2260	[75-curve-secp224k1-tls13-client]
1486	2261	CipherString = ECDHE
1487	2262	Curves = secp224k1
1488	2263	MinProtocol = TLSv1.3
1489	2264	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1490	2265	VerifyMode = Peer
1491	2266
1492		[test-50]
1493		ExpectedResult = ClientFail
1494
1495
1496		# ===========================================================
1497
1498		[51-curve-secp256k1-tls13]
1499		ssl_conf = 51-curve-secp256k1-tls13-ssl
1500
1501		[51-curve-secp256k1-tls13-ssl]
1502		server = 51-curve-secp256k1-tls13-server
1503		client = 51-curve-secp256k1-tls13-client
1504
1505		[51-curve-secp256k1-tls13-server]
	2267	[test-75]
	2268	ExpectedResult = ClientFail
	2269
	2270
	2271	# ===========================================================
	2272
	2273	[76-curve-secp256k1-tls13]
	2274	ssl_conf = 76-curve-secp256k1-tls13-ssl
	2275
	2276	[76-curve-secp256k1-tls13-ssl]
	2277	server = 76-curve-secp256k1-tls13-server
	2278	client = 76-curve-secp256k1-tls13-client
	2279
	2280	[76-curve-secp256k1-tls13-server]
1506	2281	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1507	2282	CipherString = DEFAULT
1508	2283	Curves = secp256k1
1509	2284	MaxProtocol = TLSv1.3
1510	2285	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1511	2286
1512		[51-curve-secp256k1-tls13-client]
	2287	[76-curve-secp256k1-tls13-client]
1513	2288	CipherString = ECDHE
1514	2289	Curves = secp256k1
1515	2290	MinProtocol = TLSv1.3
1516	2291	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1517	2292	VerifyMode = Peer
1518	2293
1519		[test-51]
1520		ExpectedResult = ClientFail
1521
1522
1523		# ===========================================================
1524
1525		[52-curve-brainpoolP256r1-tls13]
1526		ssl_conf = 52-curve-brainpoolP256r1-tls13-ssl
1527
1528		[52-curve-brainpoolP256r1-tls13-ssl]
1529		server = 52-curve-brainpoolP256r1-tls13-server
1530		client = 52-curve-brainpoolP256r1-tls13-client
1531
1532		[52-curve-brainpoolP256r1-tls13-server]
	2294	[test-76]
	2295	ExpectedResult = ClientFail
	2296
	2297
	2298	# ===========================================================
	2299
	2300	[77-curve-brainpoolP256r1-tls13]
	2301	ssl_conf = 77-curve-brainpoolP256r1-tls13-ssl
	2302
	2303	[77-curve-brainpoolP256r1-tls13-ssl]
	2304	server = 77-curve-brainpoolP256r1-tls13-server
	2305	client = 77-curve-brainpoolP256r1-tls13-client
	2306
	2307	[77-curve-brainpoolP256r1-tls13-server]
1533	2308	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1534	2309	CipherString = DEFAULT
1535	2310	Curves = brainpoolP256r1
1536	2311	MaxProtocol = TLSv1.3
1537	2312	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1538	2313
1539		[52-curve-brainpoolP256r1-tls13-client]
	2314	[77-curve-brainpoolP256r1-tls13-client]
1540	2315	CipherString = ECDHE
1541	2316	Curves = brainpoolP256r1
1542	2317	MinProtocol = TLSv1.3
1543	2318	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1544	2319	VerifyMode = Peer
1545	2320
1546		[test-52]
1547		ExpectedResult = ClientFail
1548
1549
1550		# ===========================================================
1551
1552		[53-curve-brainpoolP384r1-tls13]
1553		ssl_conf = 53-curve-brainpoolP384r1-tls13-ssl
1554
1555		[53-curve-brainpoolP384r1-tls13-ssl]
1556		server = 53-curve-brainpoolP384r1-tls13-server
1557		client = 53-curve-brainpoolP384r1-tls13-client
1558
1559		[53-curve-brainpoolP384r1-tls13-server]
	2321	[test-77]
	2322	ExpectedResult = ClientFail
	2323
	2324
	2325	# ===========================================================
	2326
	2327	[78-curve-brainpoolP384r1-tls13]
	2328	ssl_conf = 78-curve-brainpoolP384r1-tls13-ssl
	2329
	2330	[78-curve-brainpoolP384r1-tls13-ssl]
	2331	server = 78-curve-brainpoolP384r1-tls13-server
	2332	client = 78-curve-brainpoolP384r1-tls13-client
	2333
	2334	[78-curve-brainpoolP384r1-tls13-server]
1560	2335	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1561	2336	CipherString = DEFAULT
1562	2337	Curves = brainpoolP384r1
1563	2338	MaxProtocol = TLSv1.3
1564	2339	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1565	2340
1566		[53-curve-brainpoolP384r1-tls13-client]
	2341	[78-curve-brainpoolP384r1-tls13-client]
1567	2342	CipherString = ECDHE
1568	2343	Curves = brainpoolP384r1
1569	2344	MinProtocol = TLSv1.3
1570	2345	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1571	2346	VerifyMode = Peer
1572	2347
1573		[test-53]
1574		ExpectedResult = ClientFail
1575
1576
1577		# ===========================================================
1578
1579		[54-curve-brainpoolP512r1-tls13]
1580		ssl_conf = 54-curve-brainpoolP512r1-tls13-ssl
1581
1582		[54-curve-brainpoolP512r1-tls13-ssl]
1583		server = 54-curve-brainpoolP512r1-tls13-server
1584		client = 54-curve-brainpoolP512r1-tls13-client
1585
1586		[54-curve-brainpoolP512r1-tls13-server]
	2348	[test-78]
	2349	ExpectedResult = ClientFail
	2350
	2351
	2352	# ===========================================================
	2353
	2354	[79-curve-brainpoolP512r1-tls13]
	2355	ssl_conf = 79-curve-brainpoolP512r1-tls13-ssl
	2356
	2357	[79-curve-brainpoolP512r1-tls13-ssl]
	2358	server = 79-curve-brainpoolP512r1-tls13-server
	2359	client = 79-curve-brainpoolP512r1-tls13-client
	2360
	2361	[79-curve-brainpoolP512r1-tls13-server]
1587	2362	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1588	2363	CipherString = DEFAULT
1589	2364	Curves = brainpoolP512r1
1590	2365	MaxProtocol = TLSv1.3
1591	2366	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1592	2367
1593		[54-curve-brainpoolP512r1-tls13-client]
	2368	[79-curve-brainpoolP512r1-tls13-client]
1594	2369	CipherString = ECDHE
1595	2370	Curves = brainpoolP512r1
1596	2371	MinProtocol = TLSv1.3
1597	2372	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1598	2373	VerifyMode = Peer
1599	2374
1600		[test-54]
1601		ExpectedResult = ClientFail
1602
1603
	2375	[test-79]
	2376	ExpectedResult = ClientFail
	2377
	2378

+24

-0

test/ssl-tests/14-curves.cnf.in less more

72	72	foreach (0..$#curves_tls_1_2) {
73	73	my $curve = $curves_tls_1_2[$_];
74	74	push @tests, {
	75	name => "curve-${curve}-tls12-in-tls13",
	76	server => {
	77	"Curves" => "$curve:P-256",
	78	"CipherString" => 'DEFAULT@SECLEVEL=1',
	79	"MaxProtocol" => "TLSv1.3"
	80	},
	81	client => {
	82	"CipherString" => 'ECDHE@SECLEVEL=1',
	83	"MaxProtocol" => "TLSv1.3",
	84	"MinProtocol" => "TLSv1.3",
	85	"Curves" => "$curve:P-256"
	86	},
	87	test => {
	88	#This curve is not allowed in a TLSv1.3 key_share. We should
	89	#succeed but fallback to P-256
	90	"ExpectedTmpKeyType" => "P-256",
	91	"ExpectedProtocol" => "TLSv1.3",
	92	"ExpectedResult" => "Success"
	93	},
	94	};
	95	}
	96	foreach (0..$#curves_tls_1_2) {
	97	my $curve = $curves_tls_1_2[$_];
	98	push @tests, {
75	99	name => "curve-${curve}-tls13",
76	100	server => {
77	101	"Curves" => $curve,

+196

-76

test/sslapitest.c less more

132	132	unsigned int exporter_secret_count;
133	133	};
134	134
135
136		static unsigned char serverinfov1[] = {
137		0xff, 0xff, /* Dummy extension type */
138		0x00, 0x01, /* Extension length is 1 byte */
139		0xff /* Dummy extension data */
140		};
141
142		static unsigned char serverinfov2[] = {
143		0x00, 0x00, 0x00,
144		(unsigned char)(SSL_EXT_CLIENT_HELLO & 0xff), /* Dummy context - 4 bytes */
145		0xff, 0xff, /* Dummy extension type */
146		0x00, 0x01, /* Extension length is 1 byte */
147		0xff /* Dummy extension data */
148		};
149	135
150	136	static int hostname_cb(SSL s, int al, void *arg)
151	137	{

2130	2116	goto end;
2131	2117	}
2132	2118	}
	2119	/*
	2120	* Make a small cache, force out all other sessions but
	2121	* sess2, try to add sess1, which should succeed. Then
	2122	* make sure it's there by checking the owners. Despite
	2123	* the timeouts, sess1 should have kicked out sess2
	2124	*/
	2125
	2126	/* Make sess1 expire before sess2 */
	2127	if (!TEST_long_gt(SSL_SESSION_set_time(sess1, 1000), 0)
	2128	\|\| !TEST_long_gt(SSL_SESSION_set_timeout(sess1, 1000), 0)
	2129	\|\| !TEST_long_gt(SSL_SESSION_set_time(sess2, 2000), 0)
	2130	\|\| !TEST_long_gt(SSL_SESSION_set_timeout(sess2, 2000), 0))
	2131	goto end;
	2132
	2133	if (!TEST_long_ne(SSL_CTX_sess_set_cache_size(sctx, 1), 0))
	2134	goto end;
	2135
	2136	/* Don't care about results - cache should only be sess2 at end */
	2137	SSL_CTX_add_session(sctx, sess1);
	2138	SSL_CTX_add_session(sctx, sess2);
	2139
	2140	/* Now add sess1, and make sure it remains, despite timeout */
	2141	if (!TEST_true(SSL_CTX_add_session(sctx, sess1))
	2142	\|\| !TEST_ptr(sess1->owner)
	2143	\|\| !TEST_ptr_null(sess2->owner))
	2144	goto end;
2133	2145
2134	2146	testresult = 1;
2135	2147

5804	5816	return testresult;
5805	5817	}
5806	5818
5807		/*
5808		* Test loading of serverinfo data in various formats. test_sslmessages actually
5809		* tests to make sure the extensions appear in the handshake
5810		*/
5811		static int test_serverinfo(int tst)
5812		{
5813		unsigned int version;
5814		unsigned char *sibuf;
5815		size_t sibuflen;
5816		int ret, expected, testresult = 0;
5817		SSL_CTX *ctx;
5818
5819		ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
5820		if (!TEST_ptr(ctx))
5821		goto end;
5822
5823		if ((tst & 0x01) == 0x01)
5824		version = SSL_SERVERINFOV2;
5825		else
5826		version = SSL_SERVERINFOV1;
5827
5828		if ((tst & 0x02) == 0x02) {
5829		sibuf = serverinfov2;
5830		sibuflen = sizeof(serverinfov2);
5831		expected = (version == SSL_SERVERINFOV2);
	5819	#if !defined(OPENSSL_NO_TLS1_2) && !defined(OSSL_NO_USABLE_TLS1_3)
	5820
	5821	#define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \
	5822	\| SSL_EXT_CLIENT_HELLO \
	5823	\| SSL_EXT_TLS1_2_SERVER_HELLO \
	5824	\| SSL_EXT_IGNORE_ON_RESUMPTION)
	5825
	5826	#define TLS13CONTEXT (SSL_EXT_TLS1_3_CERTIFICATE \
	5827	\| SSL_EXT_TLS1_2_SERVER_HELLO \
	5828	\| SSL_EXT_CLIENT_HELLO)
	5829
	5830	#define SERVERINFO_CUSTOM \
	5831	0x00, (char)TLSEXT_TYPE_signed_certificate_timestamp, \
	5832	0x00, 0x03, \
	5833	0x04, 0x05, 0x06 \
	5834
	5835	static const unsigned char serverinfo_custom_tls13[] = {
	5836	0x00, 0x00, (TLS13CONTEXT >> 8) & 0xff, TLS13CONTEXT & 0xff,
	5837	SERVERINFO_CUSTOM
	5838	};
	5839	static const unsigned char serverinfo_custom_v2[] = {
	5840	0x00, 0x00, (SYNTHV1CONTEXT >> 8) & 0xff, SYNTHV1CONTEXT & 0xff,
	5841	SERVERINFO_CUSTOM
	5842	};
	5843	static const unsigned char serverinfo_custom_v1[] = {
	5844	SERVERINFO_CUSTOM
	5845	};
	5846	static const size_t serverinfo_custom_tls13_len = sizeof(serverinfo_custom_tls13);
	5847	static const size_t serverinfo_custom_v2_len = sizeof(serverinfo_custom_v2);
	5848	static const size_t serverinfo_custom_v1_len = sizeof(serverinfo_custom_v1);
	5849
	5850	static int serverinfo_custom_parse_cb(SSL *s, unsigned int ext_type,
	5851	unsigned int context,
	5852	const unsigned char *in,
	5853	size_t inlen, X509 *x,
	5854	size_t chainidx, int *al,
	5855	void *parse_arg)
	5856	{
	5857	const size_t len = serverinfo_custom_v1_len;
	5858	const unsigned char *si = &serverinfo_custom_v1[len - 3];
	5859	int p_cb_result = (int)parse_arg;
	5860	*p_cb_result = TEST_mem_eq(in, inlen, si, 3);
	5861	return 1;
	5862	}
	5863
	5864	static int test_serverinfo_custom(const int idx)
	5865	{
	5866	SSL_CTX sctx = NULL, cctx = NULL;
	5867	SSL clientssl = NULL, serverssl = NULL;
	5868	int testresult = 0;
	5869	int cb_result = 0;
	5870
	5871	/*
	5872	* Following variables are set in the switch statement
	5873	* according to the test iteration.
	5874	* Default values do not make much sense: test would fail with them.
	5875	*/
	5876	int serverinfo_version = 0;
	5877	int protocol_version = 0;
	5878	unsigned int extension_context = 0;
	5879	const unsigned char *si = NULL;
	5880	size_t si_len = 0;
	5881
	5882	const int call_use_serverinfo_ex = idx > 0;
	5883	switch (idx) {
	5884	case 0: /* FALLTHROUGH */
	5885	case 1:
	5886	serverinfo_version = SSL_SERVERINFOV1;
	5887	protocol_version = TLS1_2_VERSION;
	5888	extension_context = SYNTHV1CONTEXT;
	5889	si = serverinfo_custom_v1;
	5890	si_len = serverinfo_custom_v1_len;
	5891	break;
	5892	case 2:
	5893	serverinfo_version = SSL_SERVERINFOV2;
	5894	protocol_version = TLS1_2_VERSION;
	5895	extension_context = SYNTHV1CONTEXT;
	5896	si = serverinfo_custom_v2;
	5897	si_len = serverinfo_custom_v2_len;
	5898	break;
	5899	case 3:
	5900	serverinfo_version = SSL_SERVERINFOV2;
	5901	protocol_version = TLS1_3_VERSION;
	5902	extension_context = TLS13CONTEXT;
	5903	si = serverinfo_custom_tls13;
	5904	si_len = serverinfo_custom_tls13_len;
	5905	break;
	5906	}
	5907
	5908	if (!TEST_true(create_ssl_ctx_pair(libctx,
	5909	TLS_method(),
	5910	TLS_method(),
	5911	protocol_version,
	5912	protocol_version,
	5913	&sctx, &cctx, cert, privkey)))
	5914	goto end;
	5915
	5916	if (call_use_serverinfo_ex) {
	5917	if (!TEST_true(SSL_CTX_use_serverinfo_ex(sctx, serverinfo_version,
	5918	si, si_len)))
	5919	goto end;
5832	5920	} else {
5833		sibuf = serverinfov1;
5834		sibuflen = sizeof(serverinfov1);
5835		expected = (version == SSL_SERVERINFOV1);
5836		}
5837
5838		if ((tst & 0x04) == 0x04) {
5839		ret = SSL_CTX_use_serverinfo_ex(ctx, version, sibuf, sibuflen);
5840		} else {
5841		ret = SSL_CTX_use_serverinfo(ctx, sibuf, sibuflen);
5842
5843		/*
5844		* The version variable is irrelevant in this case - it's what is in the
5845		* buffer that matters
5846		*/
5847		if ((tst & 0x02) == 0x02)
5848		expected = 0;
5849		else
5850		expected = 1;
5851		}
5852
5853		if (!TEST_true(ret == expected))
	5921	if (!TEST_true(SSL_CTX_use_serverinfo(sctx, si, si_len)))
	5922	goto end;
	5923	}
	5924
	5925	if (!TEST_true(SSL_CTX_add_custom_ext(cctx, TLSEXT_TYPE_signed_certificate_timestamp,
	5926	extension_context,
	5927	NULL, NULL, NULL,
	5928	serverinfo_custom_parse_cb,
	5929	&cb_result))
	5930	\|\| !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
	5931	NULL, NULL))
	5932	\|\| !TEST_true(create_ssl_connection(serverssl, clientssl,
	5933	SSL_ERROR_NONE))
	5934	\|\| !TEST_int_eq(SSL_do_handshake(clientssl), 1))
	5935	goto end;
	5936
	5937	if (!TEST_true(cb_result))
5854	5938	goto end;
5855	5939
5856	5940	testresult = 1;
5857	5941
5858	5942	end:
5859		SSL_CTX_free(ctx);
	5943	SSL_free(serverssl);
	5944	SSL_free(clientssl);
	5945	SSL_CTX_free(sctx);
	5946	SSL_CTX_free(cctx);
5860	5947
5861	5948	return testresult;
5862	5949	}
	5950	#endif
5863	5951
5864	5952	/*
5865	5953	* Test that SSL_export_keying_material() produces expected results. There are

7521	7609	{
7522	7610	const unsigned char tick_aes_key[16] = "0123456789abcdef";
7523	7611	const unsigned char tick_hmac_key[16] = "0123456789abcdef";
7524		EVP_CIPHER *aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL);
7525		EVP_MD *sha256 = EVP_MD_fetch(libctx, "SHA-256", NULL);
	7612	EVP_CIPHER *aes128cbc;
	7613	EVP_MD *sha256;
7526	7614	int ret;
7527	7615
7528	7616	tick_key_cb_called = 1;
	7617
	7618	if (tick_key_renew == -1)
	7619	return 0;
	7620
	7621	aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL);
	7622	if (!TEST_ptr(aes128cbc))
	7623	return 0;
	7624	sha256 = EVP_MD_fetch(libctx, "SHA-256", NULL);
	7625	if (!TEST_ptr(sha256)) {
	7626	EVP_CIPHER_free(aes128cbc);
	7627	return 0;
	7628	}
	7629
7529	7630	memset(iv, 0, AES_BLOCK_SIZE);
7530	7631	memset(key_name, 0, 16);
7531	7632	if (aes128cbc == NULL

7551	7652	const unsigned char tick_aes_key[16] = "0123456789abcdef";
7552	7653	unsigned char tick_hmac_key[16] = "0123456789abcdef";
7553	7654	OSSL_PARAM params[2];
7554		EVP_CIPHER *aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL);
	7655	EVP_CIPHER *aes128cbc;
7555	7656	int ret;
7556	7657
7557	7658	tick_key_cb_called = 1;
	7659
	7660	if (tick_key_renew == -1)
	7661	return 0;
	7662
	7663	aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL);
	7664	if (!TEST_ptr(aes128cbc))
	7665	return 0;
	7666
7558	7667	memset(iv, 0, AES_BLOCK_SIZE);
7559	7668	memset(key_name, 0, 16);
7560	7669	params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,

7587	7696	* Test 9: TLSv1.3, old ticket key callback, ticket, no renewal
7588	7697	* Test 10: TLSv1.2, old ticket key callback, ticket, renewal
7589	7698	* Test 11: TLSv1.3, old ticket key callback, ticket, renewal
7590		* Test 12: TLSv1.2, ticket key callback, ticket, no renewal
7591		* Test 13: TLSv1.3, ticket key callback, ticket, no renewal
7592		* Test 14: TLSv1.2, ticket key callback, ticket, renewal
7593		* Test 15: TLSv1.3, ticket key callback, ticket, renewal
	7699	* Test 12: TLSv1.2, old ticket key callback, no ticket
	7700	* Test 13: TLSv1.3, old ticket key callback, no ticket
	7701	* Test 14: TLSv1.2, ticket key callback, ticket, no renewal
	7702	* Test 15: TLSv1.3, ticket key callback, ticket, no renewal
	7703	* Test 16: TLSv1.2, ticket key callback, ticket, renewal
	7704	* Test 17: TLSv1.3, ticket key callback, ticket, renewal
	7705	* Test 18: TLSv1.2, ticket key callback, no ticket
	7706	* Test 19: TLSv1.3, ticket key callback, no ticket
7594	7707	*/
7595	7708	static int test_ticket_callbacks(int tst)
7596	7709	{

7608	7721	return 1;
7609	7722	#endif
7610	7723	#ifdef OPENSSL_NO_DEPRECATED_3_0
7611		if (tst >= 8 && tst <= 11)
	7724	if (tst >= 8 && tst <= 13)
7612	7725	return 1;
7613	7726	#endif
7614	7727
7615	7728	gen_tick_called = dec_tick_called = tick_key_cb_called = 0;
7616	7729
7617	7730	/* Which tests the ticket key callback should request renewal for */
7618		if (tst == 10 \|\| tst == 11 \|\| tst == 14 \|\| tst == 15)
	7731
	7732	if (tst == 10 \|\| tst == 11 \|\| tst == 16 \|\| tst == 17)
7619	7733	tick_key_renew = 1;
	7734	else if (tst == 12 \|\| tst == 13 \|\| tst == 18 \|\| tst == 19)
	7735	tick_key_renew = -1; /* abort sending the ticket/0-length ticket */
7620	7736	else
7621	7737	tick_key_renew = 0;
7622	7738

7665	7781	NULL)))
7666	7782	goto end;
7667	7783
7668		if (tst >= 12) {
	7784	if (tst >= 14) {
7669	7785	if (!TEST_true(SSL_CTX_set_tlsext_ticket_key_evp_cb(sctx, tick_key_evp_cb)))
7670	7786	goto end;
7671	7787	#ifndef OPENSSL_NO_DEPRECATED_3_0

7710	7826	goto end;
7711	7827
7712	7828	if (tick_dec_ret == SSL_TICKET_RETURN_IGNORE
7713		\|\| tick_dec_ret == SSL_TICKET_RETURN_IGNORE_RENEW) {
	7829	\|\| tick_dec_ret == SSL_TICKET_RETURN_IGNORE_RENEW
	7830	\|\| tick_key_renew == -1) {
7714	7831	if (!TEST_false(SSL_session_reused(clientssl)))
7715	7832	goto end;
7716	7833	} else {

7723	7840	\|\| tick_dec_ret == SSL_TICKET_RETURN_IGNORE_RENEW
7724	7841	\|\| tick_dec_ret == SSL_TICKET_RETURN_USE_RENEW)
7725	7842	? 1 : 0)
7726		\|\| !TEST_int_eq(dec_tick_called, 1))
	7843	/* There is no ticket to decrypt in tests 13 and 19 */
	7844	\|\| !TEST_int_eq(dec_tick_called, (tst == 13 \|\| tst == 19) ? 0 : 1))
7727	7845	goto end;
7728	7846
7729	7847	testresult = 1;

8410	8528	* Check if the cipher exists before attempting to use it since it only has
8411	8529	* a hardware specific implementation.
8412	8530	*/
8413		ciph = EVP_CIPHER_fetch(NULL, fetchable_ciphers[test_index], "");
	8531	ciph = EVP_CIPHER_fetch(libctx, fetchable_ciphers[test_index], "");
8414	8532	if (ciph == NULL) {
8415	8533	TEST_skip("Multiblock cipher is not available for %s", cipherlist);
8416	8534	return 1;

9974	10092	#else
9975	10093	ADD_ALL_TESTS(test_custom_exts, 3);
9976	10094	#endif
9977		ADD_ALL_TESTS(test_serverinfo, 8);
9978	10095	ADD_ALL_TESTS(test_export_key_mat, 6);
9979	10096	#ifndef OSSL_NO_USABLE_TLS1_3
9980	10097	ADD_ALL_TESTS(test_export_key_mat_early, 3);

9992	10109	ADD_ALL_TESTS(test_info_callback, 6);
9993	10110	ADD_ALL_TESTS(test_ssl_pending, 2);
9994	10111	ADD_ALL_TESTS(test_ssl_get_shared_ciphers, OSSL_NELEM(shared_ciphers_data));
9995		ADD_ALL_TESTS(test_ticket_callbacks, 16);
	10112	ADD_ALL_TESTS(test_ticket_callbacks, 20);
9996	10113	ADD_ALL_TESTS(test_shutdown, 7);
9997	10114	ADD_ALL_TESTS(test_incorrect_shutdown, 2);
9998	10115	ADD_ALL_TESTS(test_cert_cb, 6);

10026	10143	ADD_TEST(test_set_verify_cert_store_ssl);
10027	10144	ADD_ALL_TESTS(test_session_timeout, 1);
10028	10145	ADD_TEST(test_load_dhfile);
	10146	#if !defined(OPENSSL_NO_TLS1_2) && !defined(OSSL_NO_USABLE_TLS1_3)
	10147	ADD_ALL_TESTS(test_serverinfo_custom, 4);
	10148	#endif
10029	10149	return 1;
10030	10150
10031	10151	err:

+1

-3

test/sslcorrupttest.c less more

0	0	/*
1		* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

191	191
192	192	docorrupt = 0;
193	193
194		ERR_clear_error();
195
196	194	TEST_info("Starting #%d, %s", testidx, cipher_list[testidx]);
197	195
198	196	if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_server_method(),

+199

-199

test/test_test.c less more

0	0	/*
1		* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

32	32	static int test_int(void)
33	33	{
34	34	if (!TEST(1, TEST_int_eq(1, 1))
35		\| !TEST(0, TEST_int_eq(1, -1))
36		\| !TEST(1, TEST_int_ne(1, 2))
37		\| !TEST(0, TEST_int_ne(3, 3))
38		\| !TEST(1, TEST_int_lt(4, 9))
39		\| !TEST(0, TEST_int_lt(9, 4))
40		\| !TEST(1, TEST_int_le(4, 9))
41		\| !TEST(1, TEST_int_le(5, 5))
42		\| !TEST(0, TEST_int_le(9, 4))
43		\| !TEST(1, TEST_int_gt(8, 5))
44		\| !TEST(0, TEST_int_gt(5, 8))
45		\| !TEST(1, TEST_int_ge(8, 5))
46		\| !TEST(1, TEST_int_ge(6, 6))
47		\| !TEST(0, TEST_int_ge(5, 8)))
	35	\|\| !TEST(0, TEST_int_eq(1, -1))
	36	\|\| !TEST(1, TEST_int_ne(1, 2))
	37	\|\| !TEST(0, TEST_int_ne(3, 3))
	38	\|\| !TEST(1, TEST_int_lt(4, 9))
	39	\|\| !TEST(0, TEST_int_lt(9, 4))
	40	\|\| !TEST(1, TEST_int_le(4, 9))
	41	\|\| !TEST(1, TEST_int_le(5, 5))
	42	\|\| !TEST(0, TEST_int_le(9, 4))
	43	\|\| !TEST(1, TEST_int_gt(8, 5))
	44	\|\| !TEST(0, TEST_int_gt(5, 8))
	45	\|\| !TEST(1, TEST_int_ge(8, 5))
	46	\|\| !TEST(1, TEST_int_ge(6, 6))
	47	\|\| !TEST(0, TEST_int_ge(5, 8)))
48	48	goto err;
49	49	return 1;
50	50

55	55	static int test_uint(void)
56	56	{
57	57	if (!TEST(1, TEST_uint_eq(3u, 3u))
58		\| !TEST(0, TEST_uint_eq(3u, 5u))
59		\| !TEST(1, TEST_uint_ne(4u, 2u))
60		\| !TEST(0, TEST_uint_ne(6u, 6u))
61		\| !TEST(1, TEST_uint_lt(5u, 9u))
62		\| !TEST(0, TEST_uint_lt(9u, 5u))
63		\| !TEST(1, TEST_uint_le(5u, 9u))
64		\| !TEST(1, TEST_uint_le(7u, 7u))
65		\| !TEST(0, TEST_uint_le(9u, 5u))
66		\| !TEST(1, TEST_uint_gt(11u, 1u))
67		\| !TEST(0, TEST_uint_gt(1u, 11u))
68		\| !TEST(1, TEST_uint_ge(11u, 1u))
69		\| !TEST(1, TEST_uint_ge(6u, 6u))
70		\| !TEST(0, TEST_uint_ge(1u, 11u)))
	58	\|\| !TEST(0, TEST_uint_eq(3u, 5u))
	59	\|\| !TEST(1, TEST_uint_ne(4u, 2u))
	60	\|\| !TEST(0, TEST_uint_ne(6u, 6u))
	61	\|\| !TEST(1, TEST_uint_lt(5u, 9u))
	62	\|\| !TEST(0, TEST_uint_lt(9u, 5u))
	63	\|\| !TEST(1, TEST_uint_le(5u, 9u))
	64	\|\| !TEST(1, TEST_uint_le(7u, 7u))
	65	\|\| !TEST(0, TEST_uint_le(9u, 5u))
	66	\|\| !TEST(1, TEST_uint_gt(11u, 1u))
	67	\|\| !TEST(0, TEST_uint_gt(1u, 11u))
	68	\|\| !TEST(1, TEST_uint_ge(11u, 1u))
	69	\|\| !TEST(1, TEST_uint_ge(6u, 6u))
	70	\|\| !TEST(0, TEST_uint_ge(1u, 11u)))
71	71	goto err;
72	72	return 1;
73	73

78	78	static int test_char(void)
79	79	{
80	80	if (!TEST(1, TEST_char_eq('a', 'a'))
81		\| !TEST(0, TEST_char_eq('a', 'A'))
82		\| !TEST(1, TEST_char_ne('a', 'c'))
83		\| !TEST(0, TEST_char_ne('e', 'e'))
84		\| !TEST(1, TEST_char_lt('i', 'x'))
85		\| !TEST(0, TEST_char_lt('x', 'i'))
86		\| !TEST(1, TEST_char_le('i', 'x'))
87		\| !TEST(1, TEST_char_le('n', 'n'))
88		\| !TEST(0, TEST_char_le('x', 'i'))
89		\| !TEST(1, TEST_char_gt('w', 'n'))
90		\| !TEST(0, TEST_char_gt('n', 'w'))
91		\| !TEST(1, TEST_char_ge('w', 'n'))
92		\| !TEST(1, TEST_char_ge('p', 'p'))
93		\| !TEST(0, TEST_char_ge('n', 'w')))
	81	\|\| !TEST(0, TEST_char_eq('a', 'A'))
	82	\|\| !TEST(1, TEST_char_ne('a', 'c'))
	83	\|\| !TEST(0, TEST_char_ne('e', 'e'))
	84	\|\| !TEST(1, TEST_char_lt('i', 'x'))
	85	\|\| !TEST(0, TEST_char_lt('x', 'i'))
	86	\|\| !TEST(1, TEST_char_le('i', 'x'))
	87	\|\| !TEST(1, TEST_char_le('n', 'n'))
	88	\|\| !TEST(0, TEST_char_le('x', 'i'))
	89	\|\| !TEST(1, TEST_char_gt('w', 'n'))
	90	\|\| !TEST(0, TEST_char_gt('n', 'w'))
	91	\|\| !TEST(1, TEST_char_ge('w', 'n'))
	92	\|\| !TEST(1, TEST_char_ge('p', 'p'))
	93	\|\| !TEST(0, TEST_char_ge('n', 'w')))
94	94	goto err;
95	95	return 1;
96	96

101	101	static int test_uchar(void)
102	102	{
103	103	if (!TEST(1, TEST_uchar_eq(49, 49))
104		\| !TEST(0, TEST_uchar_eq(49, 60))
105		\| !TEST(1, TEST_uchar_ne(50, 2))
106		\| !TEST(0, TEST_uchar_ne(66, 66))
107		\| !TEST(1, TEST_uchar_lt(60, 80))
108		\| !TEST(0, TEST_uchar_lt(80, 60))
109		\| !TEST(1, TEST_uchar_le(60, 80))
110		\| !TEST(1, TEST_uchar_le(78, 78))
111		\| !TEST(0, TEST_uchar_le(80, 60))
112		\| !TEST(1, TEST_uchar_gt(88, 37))
113		\| !TEST(0, TEST_uchar_gt(37, 88))
114		\| !TEST(1, TEST_uchar_ge(88, 37))
115		\| !TEST(1, TEST_uchar_ge(66, 66))
116		\| !TEST(0, TEST_uchar_ge(37, 88)))
	104	\|\| !TEST(0, TEST_uchar_eq(49, 60))
	105	\|\| !TEST(1, TEST_uchar_ne(50, 2))
	106	\|\| !TEST(0, TEST_uchar_ne(66, 66))
	107	\|\| !TEST(1, TEST_uchar_lt(60, 80))
	108	\|\| !TEST(0, TEST_uchar_lt(80, 60))
	109	\|\| !TEST(1, TEST_uchar_le(60, 80))
	110	\|\| !TEST(1, TEST_uchar_le(78, 78))
	111	\|\| !TEST(0, TEST_uchar_le(80, 60))
	112	\|\| !TEST(1, TEST_uchar_gt(88, 37))
	113	\|\| !TEST(0, TEST_uchar_gt(37, 88))
	114	\|\| !TEST(1, TEST_uchar_ge(88, 37))
	115	\|\| !TEST(1, TEST_uchar_ge(66, 66))
	116	\|\| !TEST(0, TEST_uchar_ge(37, 88)))
117	117	goto err;
118	118	return 1;
119	119

124	124	static int test_long(void)
125	125	{
126	126	if (!TEST(1, TEST_long_eq(123l, 123l))
127		\| !TEST(0, TEST_long_eq(123l, -123l))
128		\| !TEST(1, TEST_long_ne(123l, 500l))
129		\| !TEST(0, TEST_long_ne(1000l, 1000l))
130		\| !TEST(1, TEST_long_lt(-8923l, 102934563l))
131		\| !TEST(0, TEST_long_lt(102934563l, -8923l))
132		\| !TEST(1, TEST_long_le(-8923l, 102934563l))
133		\| !TEST(1, TEST_long_le(12345l, 12345l))
134		\| !TEST(0, TEST_long_le(102934563l, -8923l))
135		\| !TEST(1, TEST_long_gt(84325677l, 12345l))
136		\| !TEST(0, TEST_long_gt(12345l, 84325677l))
137		\| !TEST(1, TEST_long_ge(84325677l, 12345l))
138		\| !TEST(1, TEST_long_ge(465869l, 465869l))
139		\| !TEST(0, TEST_long_ge(12345l, 84325677l)))
	127	\|\| !TEST(0, TEST_long_eq(123l, -123l))
	128	\|\| !TEST(1, TEST_long_ne(123l, 500l))
	129	\|\| !TEST(0, TEST_long_ne(1000l, 1000l))
	130	\|\| !TEST(1, TEST_long_lt(-8923l, 102934563l))
	131	\|\| !TEST(0, TEST_long_lt(102934563l, -8923l))
	132	\|\| !TEST(1, TEST_long_le(-8923l, 102934563l))
	133	\|\| !TEST(1, TEST_long_le(12345l, 12345l))
	134	\|\| !TEST(0, TEST_long_le(102934563l, -8923l))
	135	\|\| !TEST(1, TEST_long_gt(84325677l, 12345l))
	136	\|\| !TEST(0, TEST_long_gt(12345l, 84325677l))
	137	\|\| !TEST(1, TEST_long_ge(84325677l, 12345l))
	138	\|\| !TEST(1, TEST_long_ge(465869l, 465869l))
	139	\|\| !TEST(0, TEST_long_ge(12345l, 84325677l)))
140	140	goto err;
141	141	return 1;
142	142

147	147	static int test_ulong(void)
148	148	{
149	149	if (!TEST(1, TEST_ulong_eq(919ul, 919ul))
150		\| !TEST(0, TEST_ulong_eq(919ul, 10234ul))
151		\| !TEST(1, TEST_ulong_ne(8190ul, 66ul))
152		\| !TEST(0, TEST_ulong_ne(10555ul, 10555ul))
153		\| !TEST(1, TEST_ulong_lt(10234ul, 1000000ul))
154		\| !TEST(0, TEST_ulong_lt(1000000ul, 10234ul))
155		\| !TEST(1, TEST_ulong_le(10234ul, 1000000ul))
156		\| !TEST(1, TEST_ulong_le(100000ul, 100000ul))
157		\| !TEST(0, TEST_ulong_le(1000000ul, 10234ul))
158		\| !TEST(1, TEST_ulong_gt(100000000ul, 22ul))
159		\| !TEST(0, TEST_ulong_gt(22ul, 100000000ul))
160		\| !TEST(1, TEST_ulong_ge(100000000ul, 22ul))
161		\| !TEST(1, TEST_ulong_ge(10555ul, 10555ul))
162		\| !TEST(0, TEST_ulong_ge(22ul, 100000000ul)))
	150	\|\| !TEST(0, TEST_ulong_eq(919ul, 10234ul))
	151	\|\| !TEST(1, TEST_ulong_ne(8190ul, 66ul))
	152	\|\| !TEST(0, TEST_ulong_ne(10555ul, 10555ul))
	153	\|\| !TEST(1, TEST_ulong_lt(10234ul, 1000000ul))
	154	\|\| !TEST(0, TEST_ulong_lt(1000000ul, 10234ul))
	155	\|\| !TEST(1, TEST_ulong_le(10234ul, 1000000ul))
	156	\|\| !TEST(1, TEST_ulong_le(100000ul, 100000ul))
	157	\|\| !TEST(0, TEST_ulong_le(1000000ul, 10234ul))
	158	\|\| !TEST(1, TEST_ulong_gt(100000000ul, 22ul))
	159	\|\| !TEST(0, TEST_ulong_gt(22ul, 100000000ul))
	160	\|\| !TEST(1, TEST_ulong_ge(100000000ul, 22ul))
	161	\|\| !TEST(1, TEST_ulong_ge(10555ul, 10555ul))
	162	\|\| !TEST(0, TEST_ulong_ge(22ul, 100000000ul)))
163	163	goto err;
164	164	return 1;
165	165

170	170	static int test_size_t(void)
171	171	{
172	172	if (!TEST(1, TEST_size_t_eq((size_t)10, (size_t)10))
173		\| !TEST(0, TEST_size_t_eq((size_t)10, (size_t)12))
174		\| !TEST(1, TEST_size_t_ne((size_t)10, (size_t)12))
175		\| !TEST(0, TEST_size_t_ne((size_t)24, (size_t)24))
176		\| !TEST(1, TEST_size_t_lt((size_t)30, (size_t)88))
177		\| !TEST(0, TEST_size_t_lt((size_t)88, (size_t)30))
178		\| !TEST(1, TEST_size_t_le((size_t)30, (size_t)88))
179		\| !TEST(1, TEST_size_t_le((size_t)33, (size_t)33))
180		\| !TEST(0, TEST_size_t_le((size_t)88, (size_t)30))
181		\| !TEST(1, TEST_size_t_gt((size_t)52, (size_t)33))
182		\| !TEST(0, TEST_size_t_gt((size_t)33, (size_t)52))
183		\| !TEST(1, TEST_size_t_ge((size_t)52, (size_t)33))
184		\| !TEST(1, TEST_size_t_ge((size_t)38, (size_t)38))
185		\| !TEST(0, TEST_size_t_ge((size_t)33, (size_t)52)))
	173	\|\| !TEST(0, TEST_size_t_eq((size_t)10, (size_t)12))
	174	\|\| !TEST(1, TEST_size_t_ne((size_t)10, (size_t)12))
	175	\|\| !TEST(0, TEST_size_t_ne((size_t)24, (size_t)24))
	176	\|\| !TEST(1, TEST_size_t_lt((size_t)30, (size_t)88))
	177	\|\| !TEST(0, TEST_size_t_lt((size_t)88, (size_t)30))
	178	\|\| !TEST(1, TEST_size_t_le((size_t)30, (size_t)88))
	179	\|\| !TEST(1, TEST_size_t_le((size_t)33, (size_t)33))
	180	\|\| !TEST(0, TEST_size_t_le((size_t)88, (size_t)30))
	181	\|\| !TEST(1, TEST_size_t_gt((size_t)52, (size_t)33))
	182	\|\| !TEST(0, TEST_size_t_gt((size_t)33, (size_t)52))
	183	\|\| !TEST(1, TEST_size_t_ge((size_t)52, (size_t)33))
	184	\|\| !TEST(1, TEST_size_t_ge((size_t)38, (size_t)38))
	185	\|\| !TEST(0, TEST_size_t_ge((size_t)33, (size_t)52)))
186	186	goto err;
187	187	return 1;
188	188

193	193	static int test_time_t(void)
194	194	{
195	195	if (!TEST(1, TEST_time_t_eq((time_t)10, (time_t)10))
196		\| !TEST(0, TEST_time_t_eq((time_t)10, (time_t)12))
197		\| !TEST(1, TEST_time_t_ne((time_t)10, (time_t)12))
198		\| !TEST(0, TEST_time_t_ne((time_t)24, (time_t)24))
199		\| !TEST(1, TEST_time_t_lt((time_t)30, (time_t)88))
200		\| !TEST(0, TEST_time_t_lt((time_t)88, (time_t)30))
201		\| !TEST(1, TEST_time_t_le((time_t)30, (time_t)88))
202		\| !TEST(1, TEST_time_t_le((time_t)33, (time_t)33))
203		\| !TEST(0, TEST_time_t_le((time_t)88, (time_t)30))
204		\| !TEST(1, TEST_time_t_gt((time_t)52, (time_t)33))
205		\| !TEST(0, TEST_time_t_gt((time_t)33, (time_t)52))
206		\| !TEST(1, TEST_time_t_ge((time_t)52, (time_t)33))
207		\| !TEST(1, TEST_time_t_ge((time_t)38, (time_t)38))
208		\| !TEST(0, TEST_time_t_ge((time_t)33, (time_t)52)))
	196	\|\| !TEST(0, TEST_time_t_eq((time_t)10, (time_t)12))
	197	\|\| !TEST(1, TEST_time_t_ne((time_t)10, (time_t)12))
	198	\|\| !TEST(0, TEST_time_t_ne((time_t)24, (time_t)24))
	199	\|\| !TEST(1, TEST_time_t_lt((time_t)30, (time_t)88))
	200	\|\| !TEST(0, TEST_time_t_lt((time_t)88, (time_t)30))
	201	\|\| !TEST(1, TEST_time_t_le((time_t)30, (time_t)88))
	202	\|\| !TEST(1, TEST_time_t_le((time_t)33, (time_t)33))
	203	\|\| !TEST(0, TEST_time_t_le((time_t)88, (time_t)30))
	204	\|\| !TEST(1, TEST_time_t_gt((time_t)52, (time_t)33))
	205	\|\| !TEST(0, TEST_time_t_gt((time_t)33, (time_t)52))
	206	\|\| !TEST(1, TEST_time_t_ge((time_t)52, (time_t)33))
	207	\|\| !TEST(1, TEST_time_t_ge((time_t)38, (time_t)38))
	208	\|\| !TEST(0, TEST_time_t_ge((time_t)33, (time_t)52)))
209	209	goto err;
210	210	return 1;
211	211

219	219	char y = 1;
220	220
221	221	if (!TEST(1, TEST_ptr(&y))
222		\| !TEST(0, TEST_ptr(NULL))
223		\| !TEST(0, TEST_ptr_null(&y))
224		\| !TEST(1, TEST_ptr_null(NULL))
225		\| !TEST(1, TEST_ptr_eq(NULL, NULL))
226		\| !TEST(0, TEST_ptr_eq(NULL, &y))
227		\| !TEST(0, TEST_ptr_eq(&y, NULL))
228		\| !TEST(0, TEST_ptr_eq(&y, &x))
229		\| !TEST(1, TEST_ptr_eq(&x, &x))
230		\| !TEST(0, TEST_ptr_ne(NULL, NULL))
231		\| !TEST(1, TEST_ptr_ne(NULL, &y))
232		\| !TEST(1, TEST_ptr_ne(&y, NULL))
233		\| !TEST(1, TEST_ptr_ne(&y, &x))
234		\| !TEST(0, TEST_ptr_ne(&x, &x)))
	222	\|\| !TEST(0, TEST_ptr(NULL))
	223	\|\| !TEST(0, TEST_ptr_null(&y))
	224	\|\| !TEST(1, TEST_ptr_null(NULL))
	225	\|\| !TEST(1, TEST_ptr_eq(NULL, NULL))
	226	\|\| !TEST(0, TEST_ptr_eq(NULL, &y))
	227	\|\| !TEST(0, TEST_ptr_eq(&y, NULL))
	228	\|\| !TEST(0, TEST_ptr_eq(&y, &x))
	229	\|\| !TEST(1, TEST_ptr_eq(&x, &x))
	230	\|\| !TEST(0, TEST_ptr_ne(NULL, NULL))
	231	\|\| !TEST(1, TEST_ptr_ne(NULL, &y))
	232	\|\| !TEST(1, TEST_ptr_ne(&y, NULL))
	233	\|\| !TEST(1, TEST_ptr_ne(&y, &x))
	234	\|\| !TEST(0, TEST_ptr_ne(&x, &x)))
235	235	goto err;
236	236	return 1;
237	237

242	242	static int test_bool(void)
243	243	{
244	244	if (!TEST(0, TEST_true(0))
245		\| !TEST(1, TEST_true(1))
246		\| !TEST(1, TEST_false(0))
247		\| !TEST(0, TEST_false(1)))
	245	\|\| !TEST(1, TEST_true(1))
	246	\|\| !TEST(1, TEST_false(0))
	247	\|\| !TEST(0, TEST_false(1)))
248	248	goto err;
249	249	return 1;
250	250

257	257	static char buf[] = "abc";
258	258
259	259	if (!TEST(1, TEST_str_eq(NULL, NULL))
260		\| !TEST(1, TEST_str_eq("abc", buf))
261		\| !TEST(0, TEST_str_eq("abc", NULL))
262		\| !TEST(0, TEST_str_eq("abc", ""))
263		\| !TEST(0, TEST_str_eq(NULL, buf))
264		\| !TEST(0, TEST_str_ne(NULL, NULL))
265		\| !TEST(0, TEST_str_eq("", NULL))
266		\| !TEST(0, TEST_str_eq(NULL, ""))
267		\| !TEST(0, TEST_str_ne("", ""))
268		\| !TEST(0, TEST_str_eq("\1\2\3\4\5", "\1x\3\6\5"))
269		\| !TEST(0, TEST_str_ne("abc", buf))
270		\| !TEST(1, TEST_str_ne("abc", NULL))
271		\| !TEST(1, TEST_str_ne(NULL, buf))
272		\| !TEST(0, TEST_str_eq("abcdef", "abcdefghijk")))
	260	\|\| !TEST(1, TEST_str_eq("abc", buf))
	261	\|\| !TEST(0, TEST_str_eq("abc", NULL))
	262	\|\| !TEST(0, TEST_str_eq("abc", ""))
	263	\|\| !TEST(0, TEST_str_eq(NULL, buf))
	264	\|\| !TEST(0, TEST_str_ne(NULL, NULL))
	265	\|\| !TEST(0, TEST_str_eq("", NULL))
	266	\|\| !TEST(0, TEST_str_eq(NULL, ""))
	267	\|\| !TEST(0, TEST_str_ne("", ""))
	268	\|\| !TEST(0, TEST_str_eq("\1\2\3\4\5", "\1x\3\6\5"))
	269	\|\| !TEST(0, TEST_str_ne("abc", buf))
	270	\|\| !TEST(1, TEST_str_ne("abc", NULL))
	271	\|\| !TEST(1, TEST_str_ne(NULL, buf))
	272	\|\| !TEST(0, TEST_str_eq("abcdef", "abcdefghijk")))
273	273	goto err;
274	274	return 1;
275	275

282	282	static char buf[] = "xyz";
283	283
284	284	if (!TEST(1, TEST_mem_eq(NULL, 0, NULL, 0))
285		\| !TEST(1, TEST_mem_eq(NULL, 1, NULL, 2))
286		\| !TEST(0, TEST_mem_eq(NULL, 0, "xyz", 3))
287		\| !TEST(0, TEST_mem_eq(NULL, 7, "abc", 3))
288		\| !TEST(0, TEST_mem_ne(NULL, 0, NULL, 0))
289		\| !TEST(0, TEST_mem_eq(NULL, 0, "", 0))
290		\| !TEST(0, TEST_mem_eq("", 0, NULL, 0))
291		\| !TEST(0, TEST_mem_ne("", 0, "", 0))
292		\| !TEST(0, TEST_mem_eq("xyz", 3, NULL, 0))
293		\| !TEST(0, TEST_mem_eq("xyz", 3, buf, sizeof(buf)))
294		\| !TEST(1, TEST_mem_eq("xyz", 4, buf, sizeof(buf))))
	285	\|\| !TEST(1, TEST_mem_eq(NULL, 1, NULL, 2))
	286	\|\| !TEST(0, TEST_mem_eq(NULL, 0, "xyz", 3))
	287	\|\| !TEST(0, TEST_mem_eq(NULL, 7, "abc", 3))
	288	\|\| !TEST(0, TEST_mem_ne(NULL, 0, NULL, 0))
	289	\|\| !TEST(0, TEST_mem_eq(NULL, 0, "", 0))
	290	\|\| !TEST(0, TEST_mem_eq("", 0, NULL, 0))
	291	\|\| !TEST(0, TEST_mem_ne("", 0, "", 0))
	292	\|\| !TEST(0, TEST_mem_eq("xyz", 3, NULL, 0))
	293	\|\| !TEST(0, TEST_mem_eq("xyz", 3, buf, sizeof(buf)))
	294	\|\| !TEST(1, TEST_mem_eq("xyz", 4, buf, sizeof(buf))))
295	295	goto err;
296	296	return 1;
297	297

314	314	int r = 0;
315	315
316	316	if (!TEST(1, TEST_int_eq(BN_dec2bn(&a, "0"), 1))
317		\| !TEST(1, TEST_BN_eq_word(a, 0))
318		\| !TEST(0, TEST_BN_eq_word(a, 30))
319		\| !TEST(1, TEST_BN_abs_eq_word(a, 0))
320		\| !TEST(0, TEST_BN_eq_one(a))
321		\| !TEST(1, TEST_BN_eq_zero(a))
322		\| !TEST(0, TEST_BN_ne_zero(a))
323		\| !TEST(1, TEST_BN_le_zero(a))
324		\| !TEST(0, TEST_BN_lt_zero(a))
325		\| !TEST(1, TEST_BN_ge_zero(a))
326		\| !TEST(0, TEST_BN_gt_zero(a))
327		\| !TEST(1, TEST_BN_even(a))
328		\| !TEST(0, TEST_BN_odd(a))
329		\| !TEST(1, TEST_BN_eq(b, c))
330		\| !TEST(0, TEST_BN_eq(a, b))
331		\| !TEST(0, TEST_BN_ne(NULL, c))
332		\| !TEST(1, TEST_int_eq(BN_dec2bn(&b, "1"), 1))
333		\| !TEST(1, TEST_BN_eq_word(b, 1))
334		\| !TEST(1, TEST_BN_eq_one(b))
335		\| !TEST(0, TEST_BN_abs_eq_word(b, 0))
336		\| !TEST(1, TEST_BN_abs_eq_word(b, 1))
337		\| !TEST(0, TEST_BN_eq_zero(b))
338		\| !TEST(1, TEST_BN_ne_zero(b))
339		\| !TEST(0, TEST_BN_le_zero(b))
340		\| !TEST(0, TEST_BN_lt_zero(b))
341		\| !TEST(1, TEST_BN_ge_zero(b))
342		\| !TEST(1, TEST_BN_gt_zero(b))
343		\| !TEST(0, TEST_BN_even(b))
344		\| !TEST(1, TEST_BN_odd(b))
345		\| !TEST(1, TEST_int_eq(BN_dec2bn(&c, "-334739439"), 10))
346		\| !TEST(0, TEST_BN_eq_word(c, 334739439))
347		\| !TEST(1, TEST_BN_abs_eq_word(c, 334739439))
348		\| !TEST(0, TEST_BN_eq_zero(c))
349		\| !TEST(1, TEST_BN_ne_zero(c))
350		\| !TEST(1, TEST_BN_le_zero(c))
351		\| !TEST(1, TEST_BN_lt_zero(c))
352		\| !TEST(0, TEST_BN_ge_zero(c))
353		\| !TEST(0, TEST_BN_gt_zero(c))
354		\| !TEST(0, TEST_BN_even(c))
355		\| !TEST(1, TEST_BN_odd(c))
356		\| !TEST(1, TEST_BN_eq(a, a))
357		\| !TEST(0, TEST_BN_ne(a, a))
358		\| !TEST(0, TEST_BN_eq(a, b))
359		\| !TEST(1, TEST_BN_ne(a, b))
360		\| !TEST(0, TEST_BN_lt(a, c))
361		\| !TEST(1, TEST_BN_lt(c, b))
362		\| !TEST(0, TEST_BN_lt(b, c))
363		\| !TEST(0, TEST_BN_le(a, c))
364		\| !TEST(1, TEST_BN_le(c, b))
365		\| !TEST(0, TEST_BN_le(b, c))
366		\| !TEST(1, TEST_BN_gt(a, c))
367		\| !TEST(0, TEST_BN_gt(c, b))
368		\| !TEST(1, TEST_BN_gt(b, c))
369		\| !TEST(1, TEST_BN_ge(a, c))
370		\| !TEST(0, TEST_BN_ge(c, b))
371		\| !TEST(1, TEST_BN_ge(b, c)))
	317	\|\| !TEST(1, TEST_BN_eq_word(a, 0))
	318	\|\| !TEST(0, TEST_BN_eq_word(a, 30))
	319	\|\| !TEST(1, TEST_BN_abs_eq_word(a, 0))
	320	\|\| !TEST(0, TEST_BN_eq_one(a))
	321	\|\| !TEST(1, TEST_BN_eq_zero(a))
	322	\|\| !TEST(0, TEST_BN_ne_zero(a))
	323	\|\| !TEST(1, TEST_BN_le_zero(a))
	324	\|\| !TEST(0, TEST_BN_lt_zero(a))
	325	\|\| !TEST(1, TEST_BN_ge_zero(a))
	326	\|\| !TEST(0, TEST_BN_gt_zero(a))
	327	\|\| !TEST(1, TEST_BN_even(a))
	328	\|\| !TEST(0, TEST_BN_odd(a))
	329	\|\| !TEST(1, TEST_BN_eq(b, c))
	330	\|\| !TEST(0, TEST_BN_eq(a, b))
	331	\|\| !TEST(0, TEST_BN_ne(NULL, c))
	332	\|\| !TEST(1, TEST_int_eq(BN_dec2bn(&b, "1"), 1))
	333	\|\| !TEST(1, TEST_BN_eq_word(b, 1))
	334	\|\| !TEST(1, TEST_BN_eq_one(b))
	335	\|\| !TEST(0, TEST_BN_abs_eq_word(b, 0))
	336	\|\| !TEST(1, TEST_BN_abs_eq_word(b, 1))
	337	\|\| !TEST(0, TEST_BN_eq_zero(b))
	338	\|\| !TEST(1, TEST_BN_ne_zero(b))
	339	\|\| !TEST(0, TEST_BN_le_zero(b))
	340	\|\| !TEST(0, TEST_BN_lt_zero(b))
	341	\|\| !TEST(1, TEST_BN_ge_zero(b))
	342	\|\| !TEST(1, TEST_BN_gt_zero(b))
	343	\|\| !TEST(0, TEST_BN_even(b))
	344	\|\| !TEST(1, TEST_BN_odd(b))
	345	\|\| !TEST(1, TEST_int_eq(BN_dec2bn(&c, "-334739439"), 10))
	346	\|\| !TEST(0, TEST_BN_eq_word(c, 334739439))
	347	\|\| !TEST(1, TEST_BN_abs_eq_word(c, 334739439))
	348	\|\| !TEST(0, TEST_BN_eq_zero(c))
	349	\|\| !TEST(1, TEST_BN_ne_zero(c))
	350	\|\| !TEST(1, TEST_BN_le_zero(c))
	351	\|\| !TEST(1, TEST_BN_lt_zero(c))
	352	\|\| !TEST(0, TEST_BN_ge_zero(c))
	353	\|\| !TEST(0, TEST_BN_gt_zero(c))
	354	\|\| !TEST(0, TEST_BN_even(c))
	355	\|\| !TEST(1, TEST_BN_odd(c))
	356	\|\| !TEST(1, TEST_BN_eq(a, a))
	357	\|\| !TEST(0, TEST_BN_ne(a, a))
	358	\|\| !TEST(0, TEST_BN_eq(a, b))
	359	\|\| !TEST(1, TEST_BN_ne(a, b))
	360	\|\| !TEST(0, TEST_BN_lt(a, c))
	361	\|\| !TEST(1, TEST_BN_lt(c, b))
	362	\|\| !TEST(0, TEST_BN_lt(b, c))
	363	\|\| !TEST(0, TEST_BN_le(a, c))
	364	\|\| !TEST(1, TEST_BN_le(c, b))
	365	\|\| !TEST(0, TEST_BN_le(b, c))
	366	\|\| !TEST(1, TEST_BN_gt(a, c))
	367	\|\| !TEST(0, TEST_BN_gt(c, b))
	368	\|\| !TEST(1, TEST_BN_gt(b, c))
	369	\|\| !TEST(1, TEST_BN_ge(a, c))
	370	\|\| !TEST(0, TEST_BN_ge(c, b))
	371	\|\| !TEST(1, TEST_BN_ge(b, c)))
372	372	goto err;
373	373
374	374	r = 1;

+7

-0

test/testec-p112r1.pem less more

	0	-----BEGIN EC PARAMETERS-----
	1	BgUrgQQABg==
	2	-----END EC PARAMETERS-----
	3	-----BEGIN EC PRIVATE KEY-----
	4	MD4CAQEEDqpz3/ZgfdnaauL3MgNsoAcGBSuBBAAGoSADHgAErmlghD+XSf6spLhs
	5	7CqP1x1K6h2kfELB84SYKg==
	6	-----END EC PRIVATE KEY-----

+3

-4

test/testutil/driver.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

330	330	test_flush_tapout();
331	331	} else if (all_tests[i].num == -1) {
332	332	set_test_title(all_tests[i].test_case_name);
	333	ERR_clear_error();
333	334	verdict = all_tests[i].test_fn();
334	335	finalize(verdict != 0);
335	336	test_verdict(verdict, "%d - %s", test_case_count + 1, test_title);

337	338	num_failed++;
338	339	test_case_count++;
339	340	} else {
340		int num_failed_inner = 0;
341
342	341	verdict = TEST_SKIP_CODE;
343	342	set_test_title(all_tests[i].test_case_name);
344	343	if (all_tests[i].subtest) {

366	365	j = (j + jstep) % all_tests[i].num;
367	366	if (single_iter != -1 && ((jj + 1) != single_iter))
368	367	continue;
	368	ERR_clear_error();
369	369	v = all_tests[i].param_test_fn(j);
370	370
371	371	if (v == 0) {
372		++num_failed_inner;
373	372	verdict = 0;
374	373	} else if (v != TEST_SKIP_CODE && verdict != 0) {
375	374	verdict = 1;

+2

-1

test/testutil/output.h less more

0	0	/*
1		* Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

13	13
14	14	# define ossl_test__attr__(x)
15	15	# if defined(__GNUC__) && defined(__STDC_VERSION__) \
	16	&& !defined(__MINGW32__) && !defined(__MINGW64__) \
16	17	&& !defined(__APPLE__)
17	18	/*
18	19	* Because we support the 'z' modifier, which made its appearance in C99,

+141

-1

test/testutil/provider.c less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

7	7	*/
8	8
9	9	#include "../testutil.h"
	10	#include <ctype.h>
10	11	#include <openssl/provider.h>
	12	#include <openssl/core_names.h>
11	13	#include <string.h>
12	14
13	15	int test_get_libctx(OSSL_LIB_CTX libctx, OSSL_PROVIDER default_null_prov,

61	63	return test_get_libctx(libctx, default_null_prov,
62	64	test_get_argument(argn + 1), provider, module_name);
63	65	}
	66
	67	typedef struct {
	68	int major, minor, patch;
	69	} FIPS_VERSION;
	70
	71	/*
	72	* Query the FIPS provider to determine it's version number.
	73	* Returns 1 if the version is retrieved correctly, 0 if the FIPS provider isn't
	74	* loaded and -1 on error.
	75	*/
	76	static int fips_provider_version(OSSL_LIB_CTX libctx, FIPS_VERSION vers)
	77	{
	78	OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
	79	OSSL_PROVIDER *fips_prov;
	80	char *vs;
	81
	82	if (!OSSL_PROVIDER_available(libctx, "fips"))
	83	return 0;
	84	*params = OSSL_PARAM_construct_utf8_ptr(OSSL_PROV_PARAM_VERSION, &vs, 0);
	85	if ((fips_prov = OSSL_PROVIDER_load(libctx, "fips")) == NULL)
	86	return -1;
	87	if (!OSSL_PROVIDER_get_params(fips_prov, params)
	88	\|\| sscanf(vs, "%d.%d.%d", &vers->major, &vers->minor, &vers->patch) != 3)
	89	goto err;
	90	if (!OSSL_PROVIDER_unload(fips_prov))
	91	return -1;
	92	return 1;
	93	err:
	94	OSSL_PROVIDER_unload(fips_prov);
	95	return -1;
	96	}
	97
	98	int fips_provider_version_eq(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
	99	{
	100	FIPS_VERSION prov;
	101	int res;
	102
	103	if ((res = fips_provider_version(libctx, &prov)) <= 0)
	104	return res == 0;
	105	return major == prov.major && minor == prov.minor && patch == prov.patch;
	106	}
	107
	108	int fips_provider_version_ne(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
	109	{
	110	FIPS_VERSION prov;
	111	int res;
	112
	113	if ((res = fips_provider_version(libctx, &prov)) <= 0)
	114	return res == 0;
	115	return major != prov.major \|\| minor != prov.minor \|\| patch != prov.patch;
	116	}
	117
	118	int fips_provider_version_le(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
	119	{
	120	FIPS_VERSION prov;
	121	int res;
	122
	123	if ((res = fips_provider_version(libctx, &prov)) <= 0)
	124	return res == 0;
	125	return prov.major < major
	126	\|\| (prov.major == major
	127	&& (prov.minor < minor
	128	\|\| (prov.minor == minor && prov.patch <= patch)));
	129	}
	130
	131	int fips_provider_version_gt(OSSL_LIB_CTX *libctx, int major, int minor, int patch)
	132	{
	133	FIPS_VERSION prov;
	134	int res;
	135
	136	if ((res = fips_provider_version(libctx, &prov)) <= 0)
	137	return res == 0;
	138	return prov.major > major
	139	\|\| (prov.major == major
	140	&& (prov.minor > minor
	141	\|\| (prov.minor == minor && prov.patch > patch)));
	142	}
	143
	144	int fips_provider_version_match(OSSL_LIB_CTX libctx, const char versions)
	145	{
	146	const char *p;
	147	int major, minor, patch, r;
	148	enum {
	149	MODE_EQ, MODE_NE, MODE_LE, MODE_GT
	150	} mode;
	151
	152	while (*versions != '\0') {
	153	for (; isspace(*versions); versions++)
	154	continue;
	155	if (*versions == '\0')
	156	break;
	157	for (p = versions; versions != '\0' && !isspace(versions); versions++)
	158	continue;
	159	if (*p == '!') {
	160	mode = MODE_NE;
	161	p++;
	162	} else if (*p == '=') {
	163	mode = MODE_EQ;
	164	p++;
	165	} else if (*p == '<' && p[1] == '=') {
	166	mode = MODE_LE;
	167	p += 2;
	168	} else if (*p == '>') {
	169	mode = MODE_GT;
	170	p++;
	171	} else if (isdigit(*p)) {
	172	mode = MODE_EQ;
	173	} else {
	174	TEST_info("Error matching FIPS version: mode %s\n", p);
	175	return -1;
	176	}
	177	if (sscanf(p, "%d.%d.%d", &major, &minor, &patch) != 3) {
	178	TEST_info("Error matching FIPS version: version %s\n", p);
	179	return -1;
	180	}
	181	switch (mode) {
	182	case MODE_EQ:
	183	r = fips_provider_version_eq(libctx, major, minor, patch);
	184	break;
	185	case MODE_NE:
	186	r = fips_provider_version_ne(libctx, major, minor, patch);
	187	break;
	188	case MODE_LE:
	189	r = fips_provider_version_le(libctx, major, minor, patch);
	190	break;
	191	case MODE_GT:
	192	r = fips_provider_version_gt(libctx, major, minor, patch);
	193	break;
	194	}
	195	if (r < 0) {
	196	TEST_info("Error matching FIPS version: internal error\n");
	197	return -1;
	198	}
	199	if (r == 0)
	200	return 0;
	201	}
	202	return 1;
	203	}

+38

-2

test/testutil.h less more

0	0	/*
1		* Copyright 2014-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

234	234	int global_init(void);
235	235	int setup_tests(void);
236	236	void cleanup_tests(void);
	237
	238	/*
	239	* Helper functions to detect specific versions of the FIPS provider being in use.
	240	* Because of FIPS rules, code changes after a module has been validated are
	241	* difficult and because we provide a hard guarantee of ABI and behavioural
	242	* stability going forwards, it is a requirement to have tests be conditional
	243	* on specific FIPS provider versions. Without this, bug fixes cannot be tested
	244	* in later releases.
	245	*
	246	* The reason for not including e.g. a less than test is to help avoid any
	247	* temptation to use FIPS provider version numbers that don't exist. Until the
	248	* `new' provider is validated, its version isn't set in stone. Thus a change
	249	* in test behaviour must depend on already validated module versions only.
	250	*
	251	* In all cases, the function returns true if:
	252	* 1. the FIPS provider version matches the criteria specified or
	253	* 2. the FIPS provider isn't being used.
	254	*/
	255	int fips_provider_version_eq(OSSL_LIB_CTX *libctx, int major, int minor, int patch);
	256	int fips_provider_version_ne(OSSL_LIB_CTX *libctx, int major, int minor, int patch);
	257	int fips_provider_version_le(OSSL_LIB_CTX *libctx, int major, int minor, int patch);
	258	int fips_provider_version_gt(OSSL_LIB_CTX *libctx, int major, int minor, int patch);
	259
	260	/*
	261	* This function matches fips provider version with (potentially multiple)
	262	* <operator>maj.min.patch version strings in versions.
	263	* The operator can be one of = ! <= or > comparison symbols.
	264	* If the fips provider matches all the version comparisons (or if there is no
	265	* fips provider available) the function returns 1.
	266	* If the fips provider does not match the version comparisons, it returns 0.
	267	* On error the function returns -1.
	268	*/
	269	int fips_provider_version_match(OSSL_LIB_CTX libctx, const char versions);
	270
237	271	/*
238	272	* Used to supply test specific command line options,
239	273	* If non optional parameters are used, then the first entry in the OPTIONS[]

250	284	*/
251	285
252	286	# define PRINTF_FORMAT(a, b)
253		# if defined(__GNUC__) && defined(__STDC_VERSION__)
	287	# if defined(__GNUC__) && defined(__STDC_VERSION__) \
	288	&& !defined(__MINGW32__) && !defined(__MINGW64__) \
	289	&& !defined(__APPLE__)
254	290	/*
255	291	* Because we support the 'z' modifier, which made its appearance in C99,
256	292	* we can't use __attribute__ with pre C99 dialects.

+100

-0

test/v3ext.c less more

7	7	*/
8	8
9	9	#include <stdio.h>
	10	#include <string.h>
10	11	#include <openssl/x509.h>
11	12	#include <openssl/x509v3.h>
12	13	#include <openssl/pem.h>

223	224	ASN1_OCTET_STRING_free(ip2);
224	225	return testresult;
225	226	}
	227
	228	static struct extvalues_st {
	229	const char *value;
	230	int pass;
	231	} extvalues[] = {
	232	/* No prefix is ok */
	233	{ "sbgp-ipAddrBlock = IPv4:192.0.0.1\n", 1 },
	234	{ "sbgp-ipAddrBlock = IPv4:192.0.0.0/0\n", 1 },
	235	{ "sbgp-ipAddrBlock = IPv4:192.0.0.0/1\n", 1 },
	236	{ "sbgp-ipAddrBlock = IPv4:192.0.0.0/32\n", 1 },
	237	/* Prefix is too long */
	238	{ "sbgp-ipAddrBlock = IPv4:192.0.0.0/33\n", 0 },
	239	/* Unreasonably large prefix */
	240	{ "sbgp-ipAddrBlock = IPv4:192.0.0.0/12341234\n", 0 },
	241	/* Invalid IP addresses */
	242	{ "sbgp-ipAddrBlock = IPv4:192.0.0\n", 0 },
	243	{ "sbgp-ipAddrBlock = IPv4:256.0.0.0\n", 0 },
	244	{ "sbgp-ipAddrBlock = IPv4:-1.0.0.0\n", 0 },
	245	{ "sbgp-ipAddrBlock = IPv4:192.0.0.0.0\n", 0 },
	246	{ "sbgp-ipAddrBlock = IPv3:192.0.0.0\n", 0 },
	247
	248	/* IPv6 */
	249	/* No prefix is ok */
	250	{ "sbgp-ipAddrBlock = IPv6:2001:db8::\n", 1 },
	251	{ "sbgp-ipAddrBlock = IPv6:2001::db8\n", 1 },
	252	{ "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000:0000\n", 1 },
	253	{ "sbgp-ipAddrBlock = IPv6:2001:db8::/0\n", 1 },
	254	{ "sbgp-ipAddrBlock = IPv6:2001:db8::/1\n", 1 },
	255	{ "sbgp-ipAddrBlock = IPv6:2001:db8::/32\n", 1 },
	256	{ "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000:0000/32\n", 1 },
	257	{ "sbgp-ipAddrBlock = IPv6:2001:db8::/128\n", 1 },
	258	/* Prefix is too long */
	259	{ "sbgp-ipAddrBlock = IPv6:2001:db8::/129\n", 0 },
	260	/* Unreasonably large prefix */
	261	{ "sbgp-ipAddrBlock = IPv6:2001:db8::/12341234\n", 0 },
	262	/* Invalid IP addresses */
	263	/* Not enough blocks of numbers */
	264	{ "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000\n", 0 },
	265	/* Too many blocks of numbers */
	266	{ "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000:0000:0000\n", 0 },
	267	/* First value too large */
	268	{ "sbgp-ipAddrBlock = IPv6:1ffff:0db8:0000:0000:0000:0000:0000:0000\n", 0 },
	269	/* First value with invalid characters */
	270	{ "sbgp-ipAddrBlock = IPv6:fffg:0db8:0000:0000:0000:0000:0000:0000\n", 0 },
	271	/* First value is negative */
	272	{ "sbgp-ipAddrBlock = IPv6:-1:0db8:0000:0000:0000:0000:0000:0000\n", 0 }
	273	};
	274
	275	static int test_ext_syntax(void)
	276	{
	277	size_t i;
	278	int testresult = 1;
	279
	280	for (i = 0; i < OSSL_NELEM(extvalues); i++) {
	281	X509V3_CTX ctx;
	282	BIO *extbio = BIO_new_mem_buf(extvalues[i].value,
	283	strlen(extvalues[i].value));
	284	CONF *conf;
	285	long eline;
	286
	287	if (!TEST_ptr(extbio))
	288	return 0 ;
	289
	290	conf = NCONF_new_ex(NULL, NULL);
	291	if (!TEST_ptr(conf)) {
	292	BIO_free(extbio);
	293	return 0;
	294	}
	295	if (!TEST_long_gt(NCONF_load_bio(conf, extbio, &eline), 0)) {
	296	testresult = 0;
	297	} else {
	298	X509V3_set_ctx_test(&ctx);
	299	X509V3_set_nconf(&ctx, conf);
	300
	301	if (extvalues[i].pass) {
	302	if (!TEST_true(X509V3_EXT_add_nconf(conf, &ctx, "default",
	303	NULL))) {
	304	TEST_info("Value: %s", extvalues[i].value);
	305	testresult = 0;
	306	}
	307	} else {
	308	ERR_set_mark();
	309	if (!TEST_false(X509V3_EXT_add_nconf(conf, &ctx, "default",
	310	NULL))) {
	311	testresult = 0;
	312	TEST_info("Value: %s", extvalues[i].value);
	313	ERR_clear_last_mark();
	314	} else {
	315	ERR_pop_to_mark();
	316	}
	317	}
	318	}
	319	BIO_free(extbio);
	320	NCONF_free(conf);
	321	}
	322
	323	return testresult;
	324	}
226	325	#endif /* OPENSSL_NO_RFC3779 */
227	326
228	327	OPT_TEST_DECLARE_USAGE("cert.pem\n")

241	340	#ifndef OPENSSL_NO_RFC3779
242	341	ADD_TEST(test_asid);
243	342	ADD_TEST(test_addr_ranges);
	343	ADD_TEST(test_ext_syntax);
244	344	#endif /* OPENSSL_NO_RFC3779 */
245	345	return 1;
246	346	}

+97

-3

util/check-format-test-negatives.c less more

0	0	/*
1		* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
2		* Copyright Nokia 2007-2019
3		* Copyright Siemens AG 2015-2019
	1	* Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
	2	* Copyright Siemens AG 2015-2022
4	3	*
5	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
6	5	* this file except in compliance with the License. You can obtain a copy

12	11	* A collection of test cases where check-format.pl should not report issues.
13	12	* There are some known false positives, though, which are marked below.
14	13	*/
	14
	15	#define F \
	16	void f() \
	17	{ \
	18	int i; \
	19	int j; \
	20	\
	21	return; \
	22	}
15	23
16	24	/*-
17	25	* allow extra SPC in format-tagged multi-line comment

20	28	* trailing multi-line comment
21	29	*/
22	30	{
	31	typedef int INT;
	32	void v;
	33	short b;
	34	char c;
	35	signed s;
	36	unsigned u;
	37	int i;
	38	long l;
	39	float f;
	40	double d;
	41	enum {} enu;
	42	struct {} stru;
	43	union {} un;
	44	auto a;
	45	extern e;
	46	static int stat;
	47	const int con;
	48	volatile int vola;
	49	register int reg;
	50	OSSL_x y, *p = params;
	51	int params[];
	52	OSSL_PARAM * (* params []) [MAX + 1];
	53	XY ( fn)(int a, char b);
	54	/*
	55	* multi-line comment should not disturb detection of local decls
	56	*/
	57	BIO1 ***b;
	58	/* intra-line comment should not disturb detection of local decls */
	59	unsigned k;
	60
	61	/* intra-line comment should not disturb detection of end of local decls */
	62
	63	{
	64	int x; /* just decls in block */
	65	}
	66	if (p != (unsigned char *)
	67	&(ctx->tmp[0])) {
	68	i -= (p - (unsigned char ) / do not confuse with var decl */
	69	&(ctx->tmp[0]));
	70	}
	71	{
	72	ctx->buf_off = 0; /* do not confuse with var decl */
	73	return 0;
	74	}
	75	{
	76	ctx->buf_len = EVP_EncodeBlock((unsigned char *)ctx->buf,
	77	(unsigned char )ctx->tmp, / no decl */
	78	ctx->tmp_len);
	79	}
	80	{
	81	EVP_EncodeFinal(ctx->base64,
	82	(unsigned char )ctx->buf, &(ctx->len)); / no decl */
	83	/* push out the bytes */
	84	goto again;
	85	}
	86	{
	87	f(1, (unsigned long)2); /* no decl */
	88	x;
	89	}
	90	{
	91	char *pass_str = get_passwd(opt_srv_secret, "x");
	92
	93	if (pass_str != NULL) {
	94	cleanse(opt_srv_secret);
	95	res = OSSL_CMP_CTX_set1_secretValue(ctx, (unsigned char *)pass_str,
	96	strlen(pass_str));
	97	clear_free(pass_str);
	98	}
	99	}
	100	}
	101
	102	int g(void)
	103	{
23	104	if (ctx == NULL) { /* non-leading end-of-line comment */
24	105	if (/* comment after '(' / pem_name != NULL / comment before ')' */)
25	106	/* entire-line comment indent usually like for the following line */

34	115	;
35	116	for (i = 0; i < 1;)
36	117	;
	118	for (;;)
	119	for (; i < n; i++)
	120	for (;; p++)
	121	;
	122	for (;;) ; /* should not trigger: space before ';' */
	123	lab: ; /* should not trigger: space before ';' */
37	124
38	125	#if X
39	126	if (1) /* bad style: just part of control structure depends on #if */

152	239	/* should not trigger: constant on LHS of comparison or assignment operator */
153	240	X509 *x509 = NULL;
154	241	int y = a + 1 < b;
	242	int ret, was_NULL = *certs == NULL;
	243
	244	/* should not trigger: no space before binary ... operator */
	245	float z = 1e-6 * (-1) * b[+6] * 1e+1 * (a)->f * (long)+1
	246	- (tmstart.tv_sec + tmstart.tv_nsec * 1e-9);
	247	struct st = {-1, 0};
155	248
156	249	const OPTIONS passwd_options[] = {
157	250	{"aixmd5", OPT_AIXMD5, '-', "AIX MD5-based password algorithm"},

174	267	typedef OSSL_CMP_MSG (cmp_srv_process_cb_t)
175	268	(OSSL_CMP_SRV_CTX ctx, OSSL_CMP_MSG msg)
176	269	xx;
	270
177	271	int f()
178	272	{
179	273	c;

+12

-10

util/check-format-test-positives.c less more

0	0	/*
1		* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
2		* Copyright Nokia 2007-2019
3		* Copyright Siemens AG 2015-2019
	1	* Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
	2	* Copyright Siemens AG 2015-2022
4	3	*
5	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
6	5	* this file except in compliance with the License. You can obtain a copy

73	72	int f (int a, /@ space after fn before '(', reported unless sloppy-spc /
74	73	int b, /@ hanging expr indent off by -1 /
75	74	long I) /@ single-letter name 'I' /
76		{ int /@ code after '{' opening a block /
77		xx = 1) + /@ unexpected closing parenthesis /
	75	{ int x; /@ code after '{' opening a block /
	76	int xx = 1) + /@ unexpected closing parenthesis /
78	77	0L < /@ constant on LHS of comparison operator /
79	78	a] - /@ unexpected closing bracket /
80	79	3: * /@ unexpected ':' (without preceding '?') within expr /

85	84	(xx /@0 unclosed parenthesis in expression /
86	85	? y /@0 unclosed '? (conditional expression) /
87	86	[0; /@4 unclosed bracket in expression /
88		s_type s; /@ local variable declaration indent off by -1 /
89		somefunc(a, /@ statement indent off by -1 /
	87	/@ blank line within local decls /
	88	s_type s; /@2 local variable declaration indent off by -1 /
	89	t_type t; /@ local variable declaration indent again off by -1 /
	90	/* / /@0 missing blank line after local decls */
	91	somefunc(a, /@2 statement indent off by -1 /
90	92	"aligned" /@ expr indent off by -2 accepted if sloppy-hang / "right"
91	93	, b, /@ expr indent off by -1 /
92	94	b, /@ expr indent as on line above, accepted if sloppy-hang /

338	340	;
339	341
340	342
341		; /@ 2 essentially empty lines before, if !sloppy-spc /
	343	; /@ 2 essentially blank lines before, if !sloppy-spc /
342	344	} /@ function body length > 200 lines /
343	345	#if 0 /@0 unclosed #if /
344	346	struct t { /@0 unclosed brace at decl/block level /
345	347	enum { /@0 unclosed brace at enum/expression level /
346	348	v = (1 /@0 unclosed parenthesis /
347		etyp /@0 empty line follows just before EOF, if !sloppy-spc: /
348
	349	etyp /@0 blank line follows just before EOF, if !sloppy-spc: /
	350

+89

-57

util/check-format.pl less more

0	0	#! /usr/bin/env perl
1	1	#
2		# Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
3		# Copyright Siemens AG 2019-2020
	2	# Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
	3	# Copyright Siemens AG 2019-2022
4	4	#
5	5	# Licensed under the Apache License 2.0 (the "License").
6	6	# You may not use this file except in compliance with the License.

61	61	# except within if ... else constructs where some branch contains more than one
62	62	# statement. Since the exception is hard to recognize when such branches occur
63	63	# after the current position (such that false positives would be reported)
64		# the tool by checks for this rule by defaul only for do/while/for bodies.
	64	# the tool by checks for this rule by default only for do/while/for bodies.
65	65	# Yet with the --1-stmt option false positives are preferred over negatives.
66		# False negatives occur if the braces are more than two non-empty lines apart.
	66	# False negatives occur if the braces are more than two non-blank lines apart.
67	67	#
68	68	# * The presence of multiple consecutive spaces is regarded a coding style nit
69	69	# except when this is before end-of-line comments (unless the --eol-comment is given) and

72	72	# # define CDE 22
73	73	# # define F 3333
74	74	# This pattern is recognized - and consequently extra space not reported -
75		# for a given line if in the nonempty line before or after (if existing)
	75	# for a given line if in the non-blank line before or after (if existing)
76	76	# for each occurrence of " \S" (where \S means non-space) in the given line
77	77	# there is " \S" in the other line in the respective column position.
78	78	# This may lead to both false negatives (in case of coincidental " \S")

133	133	# status variables
134	134	my $self_test; # whether the current input file is regarded to contain (positive/negative) self-tests
135	135	my $line; # current line number
136		my $line_before; # number of previous not essentially empty line (containing at most whitespace and '\')
137		my $line_before2; # number of not essentially empty line before previous not essentially empty line
	136	my $line_before; # number of previous not essentially blank line (containing at most whitespace and '\')
	137	my $line_before2; # number of not essentially blank line before previous not essentially blank line
138	138	my $contents; # contents of current line (without blinding)
139	139	# $_ # current line, where comments etc. get blinded
	140	my $code_contents_before; # contents of previous non-comment non-directive line (without blinding), initially ""
140	141	my $contents_before; # contents of $line_before (without blinding), if $line_before > 0
141	142	my $contents_before_; # contents of $line_before after blinding comments etc., if $line_before > 0
142	143	my $contents_before2; # contents of $line_before2 (without blinding), if $line_before2 > 0

167	168	my @nested_conds_indents; # stack of hanging indents due to conditionals ('?' ... ':')
168	169	my $expr_indent; # resulting hanging indent within (multi-line) expressions including type exprs, else 0
169	170	my $hanging_symbol; # character ('(', '{', '[', not: '?') responsible for $expr_indent, if $expr_indent != 0
	171	my $in_block_decls; # number of local declaration lines after block opening before normal statements, or -1 if no block opening
170	172	my $in_expr; # in expression after if/while/for/switch/return/enum/LHS of assignment
171	173	my $in_paren_expr; # in parenthesized if/while/for condition and switch expression, if $expr_indent != 0
172	174	my $in_typedecl; # nesting level of typedef/struct/union/enum

190	192	$line = 0;
191	193	$line_before = 0;
192	194	$line_before2 = 0;
	195	$code_contents_before = "";
193	196	@nested_block_indents = ();
194	197	@nested_hanging_offsets = ();
195	198	@nested_in_typedecl = ();

197	200	@nested_indents = ();
198	201	@nested_conds_indents = ();
199	202	$expr_indent = 0;
	203	$in_block_decls = -1;
	204	$in_expr = 0;
200	205	$in_paren_expr = 0;
201		$in_expr = 0;
202	206	$hanging_offset = 0;
203	207	@in_do_hanging_offsets = ();
204	208	@in_if_hanging_offsets = ();

315	319	$contents_before) if !$sloppy_cmt && $count_before != $count;
316	320	}
317	321	# ... but allow normal indentation for the current line, else above check will be done for the line before
318		if (($in_comment == 0 \|\| $in_comment < 0) # (no commment,) intra-line comment or end of multi-line comment
	322	if (($in_comment == 0 \|\| $in_comment < 0) # (no comment,) intra-line comment or end of multi-line comment
319	323	&& m/^(\s)@[\s@]$/) { # line begins with '@', no code follows (except '\')
320	324	if ($count == $ref_indent) { # indentation is like for (normal) code in this line
321	325	s/^(\s)@/$1/; # blind first '@' as '*' to prevent above delayed check for the line before

376	380	my $in_stmt = $in_expr \|\| @nested_symbols != 0; # not: \|\| $in_typedecl != 0
377	381	if ($c =~ m/[{([?]/) { # $c is '{', '(', '[', or '?'
378	382	if ($c eq "{") { # '{' in any context
	383	$in_block_decls = 0 if !$in_expr && $in_typedecl == 0;
379	384	# cancel newly hanging_offset if opening brace '{' is after non-whitespace non-comment:
380	385	$hanging_offset -= INDENT_LEVEL if $hanging_offset > 0 && $head =~ m/[^\s\@]/;
381	386	push @nested_block_indents, $block_indent;

457	462
458	463	while (<>) { # loop over all lines of all input files
459	464	$self_test = $ARGV =~ m/check-format-test/;
	465	$_ = "" if $self_test && m/ blank line within local decls /;
460	466	$line++;
461	467	s/\r$//; # strip any trailing CR '\r' (which are typical on Windows systems)
462	468	$contents = $_;

510	516
511	517	# do/prepare checks within multi-line comments
512	518	my $self_test_exception = $self_test ? "@" : "";
513		if ($in_comment > 0) { # this still includes the last line of multi-line commment
	519	if ($in_comment > 0) { # this still includes the last line of multi-line comment
514	520	my ($head, $any_symbol, $cmt_text) = m/^(\s)(.?)(.)$/;
515	521	if ($any_symbol eq "*") {
516		report("no space after leading '*' in multi-line comment") if $cmt_text =~ m\|^[^/\s$self_test_exception]\|;
	522	report("missing space or '' after leading '' in multi-line comment") if $cmt_text =~ m\|^[^*\s/$self_test_exception]\|;
517	523	} else {
518		report("no leading '*' in multi-line comment");
	524	report("missing leading '*' in multi-line comment");
519	525	}
520	526	$in_comment++;
521	527	}

523	529	# detect end of comment, must be within multi-line comment, check if it is preceded by non-whitespace text
524	530	if ((my ($head, $tail) = m\|^(.?)\/(.)$\|) && $1 ne '/') { # ending comment: '/'
525	531	report("neither space nor '' before '/'") if $head =~ m/[^*\s]$/;
526		report("no space after '/'") if $tail =~ m/^[^\s,;)}\]]/; # no space or ,;)}] after '/'
	532	report("missing space after '/'") if $tail =~ m/^[^\s,;)}\]]/; # no space or ,;)}] after '/'
527	533	if (!($head =~ m\|/\\|)) { # not begin of comment '/', which is is handled below
528	534	if ($in_comment == 0) {
529	535	report("unexpected '*/' outside comment");
530	536	$_ = "$head@@".$tail; # blind the "*/"
531	537	} else {
532		report("text before '/' in multi-line comment") if ($head =~ m/\S/); # non-SPC before '/'
	538	report("text before '/' in multi-line comment") if ($head =~ m/[^\s]/); # non-SPC before '*/'
533	539	$in_comment = -1; # indicate that multi-line comment ends on current line
534	540	if ($count > 0) {
535	541	# make indentation of end of multi-line comment appear like of leading intra-line comment

546	552	# detect begin of comment, check if it is followed by non-space text
547	553	MATCH_COMMENT:
548	554	if (my ($head, $opt_minus, $tail) = m\|^(.?)/\(-?)(.)$\|) { # begin of comment: '/'
549		report("no space before '/*'")
	555	report("missing space before '/*'")
550	556	if $head =~ m/[^\s(\]$/; # not space, '(', or or '' (needed to allow '*/') before comment delimiter
551		report("neither space nor '' after '/' or '/-'") if $tail =~ m/^[^\s$self_test_exception]/;
	557	report("missing space, '' or '!' after '/' or '/-'") if $tail =~ m/^[^\s!$self_test_exception]/;
552	558	my $cmt_text = $opt_minus.$tail; # preliminary
553	559	if ($in_comment > 0) {
554	560	report("unexpected '/*' inside multi-line comment");

561	567	} else { # begin of multi-line comment
562	568	my $self_test_exception = $self_test ? "(@\d?)?" : "";
563	569	report("text after '/*' in multi-line comment")
564		unless $tail =~ m/^$self_test_exception.?\s*$/;
565		# tail not essentially empty, first char already checked
	570	unless $tail =~ m/^$self_test_exception.?[\s]$/;
	571	# tail not essentially blank, first char already checked
566	572	# adapt to actual indentation of first line
567	573	$comment_indent = length($head) + 1;
568	574	$_ = "$head@@".blind_nonspace($cmt_text);

570	576	$leading_comment = $head =~ m/^\s*$/; # there is code before beginning delimiter
571	577	$formatted_comment = $opt_minus eq "-";
572	578	}
	579	} elsif (($head, $tail) = m\|^\{-(.*)$\|) { # begin of Perl pragma: '{-'
573	580	}
574	581
575	582	if ($in_comment > 1) { # still inside multi-line comment (not at its begin or end)

604	611
605	612	# at this point all non-space portions of any types of comments have been blinded as @
606	613
607		goto LINE_FINISHED if m/^\s*$/; # essentially empty line: just whitespace (and maybe a trailing '\')
	614	goto LINE_FINISHED if m/^\s*$/; # essentially blank line: just whitespace (and maybe a trailing '\')
608	615
609	616	# intra-line whitespace nits @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
610	617

669	676	$intra_line =~ s/\s+$//; # strip any (resulting) space at EOL
670	677	$intra_line =~ s/(for\s$[^;]);;($)/"$1$2"/eg; # strip trailing ';;' in for (;;)
671	678	$intra_line =~ s/(for\s*$[^;]+;[^;]+);($)/"$1$2"/eg; # strip trailing ';' in for (;;)
	679	$intra_line =~ s/(for\s*\();(;)/"$1$2"/eg; # replace leading ';;' in for (;;) by ';'
672	680	$intra_line =~ s/(=\s*)\{ /"$1@ "/eg; # do not report {SPC in initializers such as ' = { 0, };'
673	681	$intra_line =~ s/, \};/, @;/g; # do not report SPC} in initializers such as ' = { 0, };'
674	682	report("space before '$1'") if $intra_line =~ m/[\w)\]]\s+(\+\+\|--)/; # postfix ++/-- with preceding space

677	685	report("space before '$1'") if $intra_line =~ m/\s(\.\|->)/; # '.' or '->' with preceding space
678	686	report("space after '$1'") if $intra_line =~ m/(\.\|->)\s/; # '.' or '->' with following space
679	687	$intra_line =~ s/\-\>\|\+\+\|\-\-/@/g; # blind '->,', '++', and '--'
680		report("space before '$2'") if $intra_line =~ m/[^:]\s+(;)/; # space before ';' but not after ':'
	688	report("space before '$1'") if $intra_line =~ m/[^:)]\s+(;)/; # space before ';' but not after ':' or ')'
681	689	report("space before '$1'") if $intra_line =~ m/\s([,)\]])/; # space before ,)]
682	690	report("space after '$1'") if $intra_line =~ m/([(\[~!])\s/; # space after ([~!
683	691	report("space after '$1'") if $intra_line =~ m/(defined)\s/; # space after 'defined'
684		report("no space before '=' or '<op>='") if $intra_line =~ m/\S(=)/; # '=' etc. without preceding space
685		report("no space before '$1'") if $intra_line =~ m/\S([\|\/%<>^\?])/; # \|/%<>^? without preceding space
	692	report("missing space before '=' or '<op>='") if $intra_line =~ m/\S(=)/; # '=' etc. without preceding space
	693	report("missing space before '$1'") if $intra_line =~ m/\S([\|\/%<>^\?])/; # \|/%<>^? without preceding space
686	694	# TODO ternary ':' without preceding SPC, while allowing no SPC before ':' after 'case'
687		report("no space before binary '$1'") if $intra_line =~ m/[^\s{()\[]([+\-])/;# +/- without preceding space or {()[
688		# or ')' (which is used f type casts)
689		report("no space before binary '$1'") if $intra_line =~ m/[^\s{()\[!]([])/; # '' without preceding space or {()[!
690		report("no space before binary '$1'") if $intra_line =~ m/[^\s{()\[]([&])/; # '&' without preceding space or {()[
691		report("no space after ternary '$1'") if $intra_line =~ m/(:)[^\s\d]/; # ':' without following space or digit
692		report("no space after '$1'") if $intra_line =~ m/([,;=\|\/%<>^\?])\S/; # ,;=\|/%<>^? without following space
693		report("no space after binary '$1'") if $intra_line=~m/[^{(\[]([])[^\sa-zA-Z_(),]/;# '' w/o space or \w(), after
	695	report("missing space before binary '$2'") if $intra_line =~ m/([^\s{()\[e])([+\-])/; # '+'/'-' without preceding space or {()[e
	696	# ')' may be used for type casts or before "->", 'e' may be used for numerical literals such as "1e-6"
	697	report("missing space before binary '$1'") if $intra_line =~ m/[^\s{()\[!]([])/; # '' without preceding space or {()[!
	698	report("missing space before binary '$1'") if $intra_line =~ m/[^\s{()\[]([&])/; # '&' without preceding space or {()[
	699	report("missing space after ternary '$1'") if $intra_line =~ m/(:)[^\s\d]/; # ':' without following space or digit
	700	report("missing space after '$1'") if $intra_line =~ m/([,;=\|\/%<>^\?])\S/; # ,;=\|/%<>^? without following space
	701	report("missing space after binary '$1'") if $intra_line=~m/[^{(\[]([])[^\sa-zA-Z_(),]/;# '' w/o space or \w(), after
694	702	# TODO unary '*' must not be followed by SPC
695		report("no space after binary '$1'") if $intra_line=~m/([&])[^\sa-zA-Z_(]/; # '&' w/o following space or \w(
	703	report("missing space after binary '$1'") if $intra_line=~m/([&])[^\sa-zA-Z_(]/; # '&' w/o following space or \w(
696	704	# TODO unary '&' must not be followed by SPC
697		report("no space after binary '$1'") if $intra_line=~m/[^{(\[]([+\-])[^\s\d(]/; # +/- w/o following space or \d(
	705	report("missing space after binary '$1'") if $intra_line=~m/[^{(\[]([+\-])[^\s\d(]/; # +/- w/o following space or \d(
698	706	# TODO unary '+' and '-' must not be followed by SPC
699		report("no space after '$2'") if $intra_line =~ m/(^\|\W)(if\|while\|for\|switch\|case)[^\w\s]/; # kw w/o SPC
700		report("no space after '$2'") if $intra_line =~ m/(^\|\W)(return)[^\w\s;]/; # return w/o SPC or ';'
	707	report("missing space after '$2'") if $intra_line =~ m/(^\|\W)(if\|while\|for\|switch\|case)[^\w\s]/; # kw w/o SPC
	708	report("missing space after '$2'") if $intra_line =~ m/(^\|\W)(return)[^\w\s;]/; # return w/o SPC or ';'
701	709	report("space after function/macro name")
702	710	if $intra_line =~ m/(\w+)\s+\(/ # fn/macro name with space before '('
703		&& !($1 =~ m/^(if\|while\|for\|switch\|return\|typedef\|void\|char\|unsigned\|int\|long\|float\|double)$/) # not keyword
	711	&& !($1 =~ m/^(sizeof\|if\|else\|while\|do\|for\|switch\|case\|default\|break\|continue\|goto\|return\|void\|char\|signed\|unsigned\|int\|short\|long\|float\|double\|typedef\|enum\|struct\|union\|auto\|extern\|static\|const\|volatile\|register)$/) # not keyword
704	712	&& !(m/^\s#\sdefine\s/); # we skip macro definitions here because macros
705	713	# without parameters but with body beginning with '(', e.g., '#define X (1)',
706	714	# would lead to false positives - TODO also check for macros with parameters
707		report("no space before '{'") if $intra_line =~ m/[^\s{(\[]\{/; # '{' without preceding space or {([
708		report("no space after '}'") if $intra_line =~ m/\}[^\s,;\])}]/; # '}' without following space or ,;])}
	715	report("missing space before '{'") if $intra_line =~ m/[^\s{(\[]\{/; # '{' without preceding space or {([
	716	report("missing space after '}'") if $intra_line =~ m/\}[^\s,;\])}]/; # '}' without following space or ,;])}
709	717	}
710	718
711	719	# preprocessor directives @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

737	745	# update indents according to leading closing brace(s) '}' or label or switch case
738	746	my $in_stmt = $in_expr \|\| @nested_symbols != 0 \|\| $in_typedecl != 0;
739	747	if ($in_stmt) { # expr/stmt/type decl/var def/fn hdr, i.e., not at block level
740		if (m/^([\s@]*\})/) { # leading '}', any preceding blinded comment must not be matched
	748	if (m/^([\s@]*\})/) { # leading '}' within stmt, any preceding blinded comment must not be matched
	749	$in_block_decls = -1;
741	750	my $head = $1;
742	751	update_nested_indents($head);
743	752	$nested_indents_position = length($head);

784	793	}
785	794	if ($before ne "") { # non-whitespace non-'{' before '}'
786	795	report("code before '}'");
787		} else { # leading '}', any preceding blinded comment must not be matched
	796	} else { # leading '}' outside stmt, any preceding blinded comment must not be matched
	797	$in_block_decls = -1;
788	798	$local_offset = $block_indent + $hanging_offset - INDENT_LEVEL;
789	799	update_nested_indents($head);
790	800	$nested_indents_position = length($head);

831	841
832	842	check_indent() if $count >= 0; # not for #define and not if multi-line string literal is continued
833	843
	844	# check for blank lines within/after local decls @@@@@@@@@@@@@@@@@@@@@@@@@@@
	845
	846	if ($in_block_decls >= 0 &&
	847	$in_comment == 0 && !m/^\s\?@/ && # not in multi-line comment nor an intra-line comment
	848	!$in_expr && $expr_indent == 0 && $in_typedecl == 0) {
	849	my $blank_line_before = $line > 1
	850	&& $code_contents_before =~ m/^\s(\\\s)?$/; # essentially blank line: just whitespace (and maybe a trailing '\')
	851	if (m/^[\s(]*(char\|signed\|unsigned\|int\|short\|long\|float\|double\|enum\|struct\|union\|auto\|extern\|static\|const\|volatile\|register)(\W\|$)/ # clear start of local decl
	852	\|\| (m/^(\s(\w+\|\[\]\|[\()]))+?\s+[\$]\w+(\s($\|\[[^\]]\]))\s[;,=]/ # weak check for decl involving user-defined type
	853	&& !m/^\s*(\}\|sizeof\|if\|else\|while\|do\|for\|switch\|case\|default\|break\|continue\|goto\|return)(\W\|$)/)) {
	854	$in_block_decls++;
	855	report_flexibly($line - 1, "blank line within local decls, before", $contents) if $blank_line_before;
	856	} else {
	857	report_flexibly($line, "missing blank line after local decls", "\n$contents_before$contents")
	858	if $in_block_decls > 0 && !$blank_line_before;
	859	$in_block_decls = -1 unless
	860	m/^\s(\\\s)?$/ # essentially blank line: just whitespace (and maybe a trailing '\')
	861	\|\| $in_comment != 0 \|\| m/^\s\?@/; # in multi-line comment or an intra-line comment
	862	}
	863	}
	864
834	865	$in_comment = 0 if $in_comment < 0; # multi-line comment has ended
835	866
836	867	# do some further checks @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

850	881	$line_opening_brace == $line_before)
851	882	&& $contents_before =~ m/;/) { # there is at least one terminator ';', so there is some stmt
852	883	# TODO do not report cases where a further else branch
853		# follows with a block containg more than one line/statement
	884	# follows with a block containing more than one line/statement
854	885	report_flexibly($line_before, "'$keyword_opening_brace' { 1 stmt }", $contents_before);
855	886	}
856	887	}
857	888
858	889	report("single-letter name '$2'") if (m/(^\|.\W)([IO])(\W.\|$)/); # single-letter name 'I' or 'O' # maybe re-add 'l'?
859	890	# constant on LHS of comparison or assignment, e.g., NULL != x or 'a' < c, but not a + 1 == b
860		report("constant on LHS of '$2'")
861		if (m/(['"]\|([\+\-\\/\/%\&\\|\^<>]\s)?\W[0-9]+L?\|NULL)\s*([\!<>=]=\|[<=>][^<>])/ && $2 eq "");
	891	report("constant on LHS of '$3'")
	892	if (m/(['"]\|([\+\-\\/\/%\&\\|\^<>]\s)?\W[0-9]+L?\|\WNULL)\s*([\!<>=]=\|[<=>])([<>]?)/ &&
	893	$2 eq "" && (($3 ne "<" && $3 ne "='" && $3 ne ">") \|\| $4 eq ""));
862	894
863	895	# TODO report #if 0 and #if 1
864
865		# TODO report empty line within local variable definitions
866
867		# TODO report missing empty line after local variable definitions
868	896
869	897	# TODO report needless use of parentheses, while
870	898	# macro parameters should always be in parens (except when passed on), e.g., '#define ID(x) (x)'

933	961
934	962	# set $in_typedecl and potentially $hanging_offset for type declaration
935	963	if (!$in_expr && @nested_indents == 0 # not in expression
936		&& m/(^\|^.\W)(typedef\|struct\|union\|enum)(\W.\|$)$/
	964	&& m/(^\|^.\W)(typedef\|enum\|struct\|union)(\W.\|$)$/
937	965	&& parens_balance($1) == 0 # not in newly started expression or function arg list
938	966	&& ($2 eq "typedef" \|\| !($3 =~ m/\s\w++\s(.)/ && $1 ne "{")) # 'struct'/'union'/'enum' <name> not followed by '{'
939	967	# not needed: && $keyword_opening_brace = $2 if $3 =~ m/\{/;

1017	1045	!($keyword_opening_brace eq "else" && $line_opening_brace < $line_before2);
1018	1046	}
1019	1047	report("code after '{'") if $tail=~ m/[^\s\@]/ && # trailing non-whitespace non-comment (non-'\')
1020		!($tail=~ m/\}/); # no '}' after last '{'
	1048	!($tail=~ m/\}/); # missing '}' after last '{'
1021	1049	}
1022	1050	}
1023	1051
1024	1052	# check for opening brace after if/while/for/switch/do not on same line
1025		# note that "no '{' on same line after '} else'" is handled further below
	1053	# note that "missing '{' on same line after '} else'" is handled further below
1026	1054	if (/^[\s@]*{/ && # leading '{'
1027	1055	$line_before > 0 && !($contents_before_ =~ m/^\s*#/) && # not preprocessor directive '#if
1028	1056	(my ($head, $mid, $tail) = ($contents_before_ =~ m/(^\|^.\W)(if\|while\|for\|switch\|do)(\W.$\|$)/))) {

1032	1060	# check for closing brace on line before 'else' not followed by leading '{'
1033	1061	elsif (my ($head, $tail) = m/(^\|^.\W)else(\W.$\|$)/) {
1034	1062	if (parens_balance($tail) == 0 && # avoid false positive due to unfinished expr on current line
1035		!($tail =~ m/{/) && # after 'else' no '{' on same line
	1063	!($tail =~ m/{/) && # after 'else' missing '{' on same line
1036	1064	!($head =~ m/}[\s@]*$/) && # not: '}' then any whitespace or comments before 'else'
1037	1065	$line_before > 0 && $contents_before_ =~ /}[\s@]*$/) { # trailing '}' on line before
1038		report("no '{' after '} else'");
	1066	report("missing '{' on same line after '} else'");
1039	1067	}
1040	1068	}
1041	1069

1062	1090	if ($line_before > 0 && $contents_before_ =~ /}[\s@]*$/) {
1063	1091	report("'else' not on same line as preceding '}'");
1064	1092	} elsif (parens_balance($tail) == 0) { # avoid false positive due to unfinished expr on current line
1065		report("no '}' on same line before 'else ... {'") if $brace_after;
	1093	report("missing '}' on same line before 'else ... {'") if $brace_after;
1066	1094	}
1067	1095	} elsif (parens_balance($tail) == 0) { # avoid false positive due to unfinished expr on current line
1068		report("no '{' on same line after '} else'") if $brace_before && !$brace_after;
	1096	report("missing '{' on same line after '} else'") if $brace_before && !$brace_after;
1069	1097	}
1070	1098	}
1071	1099

1085	1113	# post-processing at end of line @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
1086	1114
1087	1115	LINE_FINISHED:
	1116	$code_contents_before = $contents if
	1117	!m/^\s#(\s)(\w+)/ && # not single-line directive
	1118	$in_comment == 0 && !m/^\s\?@/; # not in multi-line comment nor an intra-line comment
	1119
1088	1120	# on end of multi-line preprocessor directive, adapt indent
1089	1121	if ($in_directive > 0 &&
1090	1122	# need to use original line contents because trailing \ may have been stripped

1095	1127	$hanging_offset = 0; # compensate for this in case macro ends, e.g., as 'while (0)'
1096	1128	}
1097	1129
1098		if (m/^\s*$/) { # at begin of file essentially empty line: just whitespace (and maybe a '\')
1099		report("leading ".($1 eq "" ? "empty" :"whitespace")." line") if $line == 1 && !$sloppy_SPC;
	1130	if (m/^\s*$/) { # at begin of file essentially blank line: just whitespace (and maybe a '\')
	1131	report("leading ".($1 eq "" ? "blank" :"whitespace")." line") if $line == 1 && !$sloppy_SPC;
1100	1132	} else {
1101	1133	if ($line_before > 0) {
1102	1134	my $linediff = $line - $line_before - 1;
1103		report("$linediff empty lines before") if $linediff > 1 && !$sloppy_SPC;
	1135	report("$linediff blank lines before") if $linediff > 1 && !$sloppy_SPC;
1104	1136	}
1105	1137	$line_before2 = $line_before;
1106	1138	$contents_before2 = $contents_before;

1122	1154	# post-processing at end of file @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
1123	1155
1124	1156	if (eof) {
1125		# check for essentially empty line (which may include a '\') just before EOF
1126		report(($1 eq "\n" ? "empty line" : $2 ne "" ? "'\\'" : "whitespace")." at EOF")
	1157	# check for essentially blank line (which may include a '\') just before EOF
	1158	report(($1 eq "\n" ? "blank line" : $2 ne "" ? "'\\'" : "whitespace")." at EOF")
1127	1159	if $contents =~ m/^(\s(\\?)\s)$/ && !$sloppy_SPC;
1128	1160
1129	1161	# report unclosed expression-level nesting

+0

-8

util/missingcrypto.txt less more

634	634	EVP_CIPHER_set_asn1_iv(3)
635	635	EVP_MD_do_all(3)
636	636	EVP_MD_do_all_sorted(3)
637		EVP_PBE_alg_add(3)
638		EVP_PBE_alg_add_type(3)
639	637	EVP_PBE_cleanup(3)
640	638	EVP_PBE_get(3)
641	639	EVP_PKEY_CTX_get0_peerkey(3)

810	808	OPENSSL_LH_strhash(3)
811	809	OPENSSL_asc2uni(3)
812	810	OPENSSL_die(3)
813		OPENSSL_gmtime(3)
814		OPENSSL_gmtime_adj(3)
815		OPENSSL_gmtime_diff(3)
816	811	OPENSSL_init(3)
817	812	OPENSSL_isservice(3)
818	813	OPENSSL_issetugid(3)

887	882	PKCS7_add_attrib_content_type(3)
888	883	PKCS7_add_attrib_smimecap(3)
889	884	PKCS7_add_attribute(3)
890		PKCS7_add_certificate(3)
891		PKCS7_add_crl(3)
892	885	PKCS7_add_recipient(3)
893	886	PKCS7_add_recipient_info(3)
894	887	PKCS7_add_signature(3)

1326	1319	X509_get_default_private_dir(3)
1327	1320	X509_get_pubkey_parameters(3)
1328	1321	X509_get_signature_type(3)
1329		X509_gmtime_adj(3)
1330	1322	X509_issuer_and_serial_hash(3)
1331	1323	X509_issuer_name_hash(3)
1332	1324	X509_issuer_name_hash_old(3)

+60

-11

util/perl/OpenSSL/config.pm less more

14	14	use warnings;
15	15	use Getopt::Std;
16	16	use File::Basename;
	17	use File::Spec;
17	18	use IPC::Cmd;
18	19	use POSIX;
	20	use Config;
19	21	use Carp;
20	22
21	23	# These control our behavior.

31	33	my $VERSION;
32	34	my $CCVENDOR;
33	35	my $CCVER;
	36	my $CL_ARCH;
34	37	my $GCC_BITS;
35	38	my $GCC_ARCH;
36	39

48	51	my @cc_version =
49	52	(
50	53	clang => sub {
	54	return undef unless IPC::Cmd::can_run("$CROSS_COMPILE$CC");
51	55	my $v = `$CROSS_COMPILE$CC -v 2>&1`;
52	56	$v =~ m/(?:(?:clang\|LLVM) version\|.*based on LLVM)\s+([0-9]+\.[0-9]+)/;
53	57	return $1;
54	58	},
55	59	gnu => sub {
56		my $v = `$CROSS_COMPILE$CC -dumpversion 2>/dev/null`;
	60	return undef unless IPC::Cmd::can_run("$CROSS_COMPILE$CC");
	61	my $nul = File::Spec->devnull();
	62	my $v = `$CROSS_COMPILE$CC -dumpversion 2> $nul`;
57	63	# Strip off whatever prefix egcs prepends the number with.
58	64	# Hopefully, this will work for any future prefixes as well.
59	65	$v =~ s/^[a-zA-Z]*\-//;

158	164	[ 'CYGWIN.*', '${MACHINE}-pc-cygwin' ],
159	165	[ 'vxworks.*', '${MACHINE}-whatever-vxworks' ],
160	166
	167	# The MACHINE part of the array POSIX::uname() returns on VMS isn't
	168	# worth the bits wasted on it. It's better, then, to rely on perl's
	169	# %Config, which has a trustworthy item 'archname', especially since
	170	# VMS installation aren't multiarch (yet)
	171	[ 'OpenVMS:.*', "$Config{archname}-whatever-OpenVMS" ],
	172
161	173	# Note: there's also NEO and NSR, but they are old and unsupported
162	174	[ 'NONSTOP_KERNEL:.:NSE-.?', 'nse-tandem-nsk${RELEASE}' ],
163	175	[ 'NONSTOP_KERNEL:.:NSV-.?', 'nsv-tandem-nsk${RELEASE}' ],

375	387	$CC = 'cc';
376	388	$CCVENDOR = 'sun';
377	389	$CCVER = $v;
	390	}
	391	}
	392
	393	# 'Windows NT' is the system name according to POSIX::uname()!
	394	if ( $SYSTEM eq "Windows NT" ) {
	395	# favor vendor cl over gcc
	396	if (IPC::Cmd::can_run('cl')) {
	397	$CC = 'cl';
	398	$CCVENDOR = ''; # Determine later
	399	$CCVER = 0;
	400
	401	my $v = `cl 2>&1`;
	402	if ( $v =~ /Microsoft .* Version ([0-9\.]+) for (x86\|x64\|ARM\|ia64)/ ) {
	403	$CCVER = $1;
	404	$CL_ARCH = $2;
	405	}
378	406	}
379	407	}
380	408	}

875	903	} else {
876	904	$config{disable} = [ 'asm' ];
877	905	}
878		return %config;
	906	return { %config };
879	907	}
880	908	],
881	909
882	910	# Windows values found by looking at Perl 5's win32/win32.c
883		[ 'amd64-.*?-Windows NT', { target => 'VC-WIN64A' } ],
884		[ 'ia64-.*?-Windows NT', { target => 'VC-WIN64I' } ],
885		[ 'x86-.*?-Windows NT', { target => 'VC-WIN32' } ],
	911	[ '(amd64\|ia64\|x86\|ARM)-.*?-Windows NT',
	912	sub {
	913	# If we determined the arch by asking cl, take that value,
	914	# otherwise the SYSTEM we got from from POSIX::uname().
	915	my $arch = $CL_ARCH // $1;
	916	my $config;
	917
	918	if ($arch) {
	919	$config = { 'amd64' => { target => 'VC-WIN64A' },
	920	'ia64' => { target => 'VC-WIN64I' },
	921	'x86' => { target => 'VC-WIN32' },
	922	'x64' => { target => 'VC-WIN64A' },
	923	'ARM' => { target => 'VC-WIN64-ARM' },
	924	} -> {$arch};
	925	die <<_____ unless defined $config;
	926	ERROR
	927	I do not know how to handle ${arch}.
	928	_____
	929	}
	930	die <<_____ unless defined $config;
	931	ERROR
	932	Could not figure out the architecture.
	933	_____
	934
	935	return $config;
	936	}
	937	],
886	938
887	939	# VMS values found by observation on existing machinery.
888		# Unfortunately, the machine part is a bit... overdone. It seems,
889		# though, that 'Alpha' exists in that part for Alphas, making it
890		# distinguishable from Itanium. It will be interesting to see what
891		# we'll get in the upcoming x86_64 port...
892		[ '.Alpha.?-.*?-OpenVMS', { target => 'vms-alpha' } ],
893		[ '.?-.?-OpenVMS', { target => 'vms-ia64' } ],
	940	[ 'VMS_AXP-.*?-OpenVMS', { target => 'vms-alpha' } ],
	941	[ 'VMS_IA64-.*?-OpenVMS', { target => 'vms-ia64' } ],
	942	[ 'VMS_x86_64-.*?-OpenVMS', { target => 'vms-x86_64' } ],
894	943
895	944	# TODO: There are a few more choices among OpenSSL config targets, but
896	945	# reaching them involves a bit more than just a host tripet. Select

+4

-1

util/wrap.pl.in less more

67	67	die "wrap.pl: Failed to execute '", join(' ', @cmd), "': $!\n"
68	68	if $waitcode == -1;
69	69
70		# When the subprocess aborted on a signal, mimic what Unix shells do, by
	70	# When the subprocess aborted on a signal, we simply raise the same signal.
	71	kill(($? & 255) => $$) if ($? & 255) != 0;
	72
	73	# If that didn't stop this script, mimic what Unix shells do, by
71	74	# converting the signal code to an exit code by setting the high bit.
72	75	# This only happens on Unix flavored operating systems, the others don't
73	76	# have this sort of signaling to date, and simply leave the low byte zero.