Commit c1a1ee96ae38668a199296abb24f780c3e17ae71 - openssl

+56

-0

CHANGES.md less more

26	26	breaking changes, and mappings for the large list of deprecated functions.
27	27
28	28	[Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
	29
	30	### Changes between 3.0.1 and 3.0.2 [15 Mar 2022]
	31
	32	* Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
	33	for non-prime moduli.
	34
	35	Internally this function is used when parsing certificates that contain
	36	elliptic curve public keys in compressed form or explicit elliptic curve
	37	parameters with a base point encoded in compressed form.
	38
	39	It is possible to trigger the infinite loop by crafting a certificate that
	40	has invalid explicit curve parameters.
	41
	42	Since certificate parsing happens prior to verification of the certificate
	43	signature, any process that parses an externally supplied certificate may thus
	44	be subject to a denial of service attack. The infinite loop can also be
	45	reached when parsing crafted private keys as they can contain explicit
	46	elliptic curve parameters.
	47
	48	Thus vulnerable situations include:
	49
	50	- TLS clients consuming server certificates
	51	- TLS servers consuming client certificates
	52	- Hosting providers taking certificates or private keys from customers
	53	- Certificate authorities parsing certification requests from subscribers
	54	- Anything else which parses ASN.1 elliptic curve parameters
	55
	56	Also any other applications that use the BN_mod_sqrt() where the attacker
	57	can control the parameter values are vulnerable to this DoS issue.
	58	([CVE-2022-0778])
	59
	60	Tomáš Mráz
	61
	62	* Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
	63	to the list of ciphersuites providing Perfect Forward Secrecy as
	64	required by SECLEVEL >= 3.
	65
	66	Dmitry Belyavskiy, Nicola Tuveri
	67
	68	* Made the AES constant time code for no-asm configurations
	69	optional due to the resulting 95% performance degradation.
	70	The AES constant time code can be enabled, for no assembly
	71	builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME
	72
	73	Paul Dale
	74
	75	* Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty
	76	passphrase strings.
	77
	78	Darshan Sen
	79
	80	* The negative return value handling of the certificate verification callback
	81	was reverted. The replacement is to set the verification retry state with
	82	the SSL_set_retry_verify() function.
	83
	84	Tomáš Mráz
29	85
30	86	### Changes between 3.0.0 and 3.0.1 [14 Dec 2021]
31	87

+7

-0

Configurations/10-main.conf less more

1059	1059	bn_ops => "SIXTY_FOUR_BIT_LONG",
1060	1060	asm_arch => 'x86_64',
1061	1061	perlasm_scheme => "elf",
	1062	},
	1063
	1064	# riscv64 below refers to contemporary RISCV Architecture
	1065	# specifications,
	1066	"BSD-riscv64" => {
	1067	inherit_from => [ "BSD-generic64"],
	1068	perlasm_scheme => "linux64",
1062	1069	},
1063	1070
1064	1071	"bsdi-elf-gcc" => {

+1

-0

Configurations/15-android.conf less more

260	260	bn_ops => add("RC4_INT"),
261	261	asm_arch => 'x86',
262	262	perlasm_scheme => "android",
	263	ex_libs => add(threads("-latomic")),
263	264	},
264	265	"android-x86_64" => {
265	266	inherit_from => [ "android" ],

+70

-3

Configurations/descrip.mms.tmpl less more

552	552	- DELETE descrip.mms;*
553	553
554	554	depend : descrip.mms
555		descrip.mms : FORCE
556	555	@ ! {- output_off() if $disabled{makedepend}; "" -}
557	556	@ $(PERL) {- sourcefile("util", "add-depends.pl") -} "{- $config{makedep_scheme} -}"
558	557	@ ! {- output_on() if $disabled{makedepend}; "" -}

754	753
755	754	# Building targets ###################################################
756	755
757		configdata.pm : $(SRCDIR)Configure $(SRCDIR)config.com {- join(" ", @{$config{build_file_templates}}, @{$config{build_infos}}, @{$config{conf_files}}) -}
	756	descrip.mms : configdata.pm {- join(" ", @{$config{build_file_templates}}) -}
	757	perl configdata.pm
	758	@ WRITE SYS$OUTPUT "*************************************************"
	759	@ WRITE SYS$OUTPUT "* *"
	760	@ WRITE SYS$OUTPUT "* Please run the same mms command again *"
	761	@ WRITE SYS$OUTPUT "* *"
	762	@ WRITE SYS$OUTPUT "*************************************************"
	763	@ PIPE ( EXIT %X10000000 )
	764
	765	configdata.pm : $(SRCDIR)Configure $(SRCDIR)config.com {- join(" ", @{$config{build_infos}}, @{$config{conf_files}}) -}
758	766	perl configdata.pm -r
759	767	@ WRITE SYS$OUTPUT "*************************************************"
760	768	@ WRITE SYS$OUTPUT "* *"

870	878	return ($filename, $scripture);
871	879	}
872	880
	881	# On VMS, (some) header file directories include the files
	882	# __DECC_INCLUDE_EPILOGUE.H and __DECC_INCLUDE_PROLOGUE.H.
	883	# When header files are generated, and the build directory
	884	# isn't the same as the source directory, these files must
	885	# be copied alongside the generated header file, or their
	886	# effect will be lost.
	887	# We use the same include file cache as make_includefile
	888	# to check if the scripture to copy these files has already
	889	# been generated.
	890	sub make_decc_include_files {
	891	my $outd = shift;
	892	my $ind = shift;
	893
	894	# If the build directory and the source directory are the
	895	# same, there's no need to copy the prologue and epilogue
	896	# files.
	897	return ('') if $outd eq $ind;
	898
	899	my $outprologue = catfile($outd, '__DECC_INCLUDE_PROLOGUE.H');
	900	my $outepilogue = catfile($outd, '__DECC_INCLUDE_EPILOGUE.H');
	901	my $inprologue = catfile($ind, '__DECC_INCLUDE_PROLOGUE.H');
	902	my $inepilogue = catfile($ind, '__DECC_INCLUDE_EPILOGUE.H');
	903	my @filenames = ();
	904	my $scripture = '';
	905
	906	if ($includefile_cache{$outprologue}) {
	907	push @filenames, $outprologue;
	908	} elsif (-f $inprologue) {
	909	my $local_scripture .= <<"EOF";
	910	$outprologue : $inprologue
	911	COPY $inprologue $outprologue
	912	EOF
	913	$includefile_cache{$outprologue} = $local_scripture;
	914
	915	push @filenames, $outprologue;
	916	$scripture .= $local_scripture;
	917	}
	918	if ($includefile_cache{$outepilogue}) {
	919	push @filenames, $outepilogue;
	920	} elsif (-f $inepilogue) {
	921	my $local_scripture .= <<"EOF";
	922	$outepilogue : $inepilogue
	923	COPY $inepilogue $outepilogue
	924	EOF
	925	$includefile_cache{$outepilogue} = $local_scripture;
	926
	927	push @filenames, $outepilogue;
	928	$scripture .= $local_scripture;
	929	}
	930
	931	return (@filenames, $scripture);
	932	}
	933
873	934	sub generatetarget {
874	935	my %args = @_;
875	936	my $deps = join(" ", compute_platform_depends(@{$args{deps}}));

983	1044	my @perlmodules = ( 'configdata.pm',
984	1045	grep { $_ =~ m\|\.pm$\| } @{$args{deps}} );
985	1046	my %perlmoduleincs = map { '"-I'.dirname($_).'"' => 1 } @perlmodules;
986		$deps = join(' ', $deps, compute_platform_depends(@perlmodules));
	1047	my @decc_include_data
	1048	= make_decc_include_files(dirname($args{src}), dirname($gen0));
	1049	my $decc_include_scripture = pop @decc_include_data;
	1050	$deps = join(' ', $deps, @decc_include_data,
	1051	compute_platform_depends(@perlmodules));
987	1052	@perlmodules = map { '"-M'.basename($_, '.pm').'"' } @perlmodules;
988	1053	my $perlmodules = join(' ', '', sort keys %perlmoduleincs, @perlmodules);
	1054
989	1055	return <<"EOF";
990	1056	$args{src} : $gen0 $deps
991	1057	\$(PERL)$perlmodules $dofile "-o$target{build_file}" $gen0$gen_args > \$\@
	1058	$decc_include_scripture
992	1059	EOF
993	1060	} elsif (grep { $_ eq $gen0 } @{$unified_info{programs}}) {
994	1061	#

+20

-7

Configurations/unix-Makefile.tmpl less more

581	581	$(RM) $(MANDOCS3)
582	582	$(RM) $(MANDOCS5)
583	583	$(RM) $(MANDOCS7)
584		$(RM) $(PROGRAMS) $(TESTPROGS) $(MODULES) $(SCRIPTS)
	584	$(RM) $(PROGRAMS) $(TESTPROGS) $(MODULES) $(FIPSMODULE) $(SCRIPTS)
585	585	$(RM) $(GENERATED_MANDATORY) $(GENERATED)
586	586	-find . -name '{- platform->depext() -}' \! -name '.' \! -type d -exec $(RM) {} \;
587	587	-find . -name '{- platform->objext() -}' \! -name '.' \! -type d -exec $(RM) {} \;

598	598
599	599	# We check if any depfile is newer than Makefile and decide to
600	600	# concatenate only if that is true.
601		depend:
	601	depend: Makefile
602	602	@: {- output_off() if $disabled{makedepend}; "" -}
603	603	@$(PERL) $(SRCDIR)/util/add-depends.pl "{- $makedep_scheme -}"
604	604	@: {- output_on() if $disabled{makedepend}; "" -}

1152	1152	crypto/objects/obj_mac.num \
1153	1153	crypto/objects/obj_xref.txt \
1154	1154	> crypto/objects/obj_xref.h )
1155		( cd $(SRCDIR); cat crypto/objects/obj_compat.h >> include/openssl/obj_mac.h )
	1155	( cd $(SRCDIR); sed -e '1,8d' crypto/objects/obj_compat.h >> include/openssl/obj_mac.h )
1156	1156
1157	1157	generate_crypto_conf:
1158	1158	( cd $(SRCDIR); $(PERL) crypto/conf/keysets.pl \

1370	1370
1371	1371	link-utils: $(BLDDIR)/util/opensslwrap.sh $(BLDDIR)/apps/openssl.cnf
1372	1372
1373		$(BLDDIR)/util/opensslwrap.sh: configdata.pm
	1373	$(BLDDIR)/util/opensslwrap.sh: Makefile
1374	1374	@if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \
1375	1375	mkdir -p "$(BLDDIR)/util"; \
1376	1376	ln -sf "../$(SRCDIR)/util/`basename "$@"`" "$(BLDDIR)/util"; \
1377	1377	fi
1378	1378
1379		$(BLDDIR)/apps/openssl.cnf: configdata.pm
	1379	$(BLDDIR)/apps/openssl.cnf: Makefile
1380	1380	@if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \
1381	1381	mkdir -p "$(BLDDIR)/apps"; \
1382	1382	ln -sf "../$(SRCDIR)/apps/`basename "$@"`" "$(BLDDIR)/apps"; \

1386	1386
1387	1387	# Building targets ###################################################
1388	1388
1389		libcrypto.pc libssl.pc openssl.pc: configdata.pm $(LIBS) {- join(" ",map { platform->sharedlib_simple($_) // platform->sharedlib_import($_) // platform->sharedlib($_) // () } @{$unified_info{libraries}}) -}
	1389	libcrypto.pc libssl.pc openssl.pc: Makefile $(LIBS) {- join(" ",map { platform->sharedlib_simple($_) // platform->sharedlib_import($_) // platform->sharedlib($_) // () } @{$unified_info{libraries}}) -}
	1390
1390	1391	libcrypto.pc:
1391	1392	@ ( echo 'prefix=$(INSTALLTOP)'; \
1392	1393	echo 'exec_prefix=$${prefix}'; \

1437	1438	echo 'Version: '$(VERSION); \
1438	1439	echo 'Requires: libssl libcrypto' ) > openssl.pc
1439	1440
	1441	Makefile: configdata.pm \
	1442	{- join(" \\\n" . ' ' x 10,
	1443	fill_lines(" ", $COLUMNS - 10,
	1444	@{$config{build_file_templates}})) -}
	1445	@echo "Detected changed: $?"
	1446	$(PERL) configdata.pm
	1447	@echo "**************************************************"
	1448	@echo "* *"
	1449	@echo "* Please run the same make command again *"
	1450	@echo "* *"
	1451	@echo "**************************************************"
	1452	@false
	1453
1440	1454	configdata.pm: $(SRCDIR)/Configure $(SRCDIR)/config \
1441	1455	{- join(" \\\n" . ' ' x 15,
1442	1456	fill_lines(" ", $COLUMNS - 15,
1443		@{$config{build_file_templates}},
1444	1457	@{$config{build_infos}},
1445	1458	@{$config{conf_files}})) -}
1446	1459	@echo "Detected changed: $?"

+13

-3

Configurations/windows-makefile.tmpl less more

480	480	-del /Q /F configdata.pm
481	481	-del /Q /F makefile
482	482
483		depend:
	483	depend: makefile
484	484	@ {- output_off() if $disabled{makedepend}; "\@rem" -}
485	485	@ "$(PERL)" "$(SRCDIR)\util\add-depends.pl" "{- $target{makedep_scheme} -}"
486	486	@ {- output_on() if $disabled{makedepend}; "\@rem" -}

642	642
643	643	copy-utils: $(BLDDIR)\apps\openssl.cnf
644	644
645		$(BLDDIR)\apps\openssl.cnf: configdata.pm
	645	$(BLDDIR)\apps\openssl.cnf: makefile
646	646	@if NOT EXIST "$(BLDDIR)\apps" mkdir "$(BLDDIR)\apps"
647	647	@if NOT "$(SRCDIR)"=="$(BLDDIR)" copy "$(SRCDIR)\apps\$(@F)" "$(BLDDIR)\apps"
648	648
649	649	# Building targets ###################################################
650	650
651		configdata.pm: "$(SRCDIR)\Configure" {- join(" ", map { '"'.$_.'"' } @{$config{build_file_templates}}, @{$config{build_infos}}, @{$config{conf_files}}) -}
	651	makefile: configdata.pm {- join(" ", map { '"'.$_.'"' } @{$config{build_file_templates}}) -}
	652	@$(ECHO) "Detected changed: $?"
	653	"$(PERL)" configdata.pm
	654	@$(ECHO) "**************************************************"
	655	@$(ECHO) "* *"
	656	@$(ECHO) "* Please run the same make command again *"
	657	@$(ECHO) "* *"
	658	@$(ECHO) "**************************************************"
	659	@exit 1
	660
	661	configdata.pm: "$(SRCDIR)\Configure" {- join(" ", map { '"'.$_.'"' } @{$config{build_infos}}, @{$config{conf_files}}) -}
652	662	@$(ECHO) "Detected changed: $?"
653	663	"$(PERL)" configdata.pm -r
654	664	@$(ECHO) "**************************************************"

+13

-13

Configure less more

3168	3168	}
3169	3169	}
3170	3170
3171		foreach (sort keys %all_keys) {
3172		my $previous = $combined_inheritance{$_};
	3171	foreach my $key (sort keys %all_keys) {
	3172	my $previous = $combined_inheritance{$key};
3173	3173
3174	3174	# Current target doesn't have a value for the current key?
3175	3175	# Assign it the default combiner, the rest of this loop body
3176	3176	# will handle it just like any other coderef.
3177		if (!exists $table{$target}->{$_}) {
3178		$table{$target}->{$_} = $default_combiner;
3179		}
3180
3181		$table{$target}->{$_} = process_values($table{$target}->{$_},
3182		$combined_inheritance{$_},
3183		$target, $_);
3184		unless(defined($table{$target}->{$_})) {
3185		delete $table{$target}->{$_};
	3177	if (!exists $table{$target}->{$key}) {
	3178	$table{$target}->{$key} = $default_combiner;
	3179	}
	3180
	3181	$table{$target}->{$key} = process_values($table{$target}->{$key},
	3182	$combined_inheritance{$key},
	3183	$target, $key);
	3184	unless(defined($table{$target}->{$key})) {
	3185	delete $table{$target}->{$key};
3186	3186	}
3187	3187	# if ($extra_checks &&
3188		# $previous && !($add_called \|\| $previous ~~ $table{$target}->{$_})) {
3189		# warn "$_ got replaced in $target\n";
	3188	# $previous && !($add_called \|\| $previous ~~ $table{$target}->{$key})) {
	3189	# warn "$key got replaced in $target\n";
3190	3190	# }
3191	3191	}
3192	3192

+5

-0

NEWS.md less more

16	16
17	17	OpenSSL 3.0
18	18	-----------
	19
	20	### Major changes between OpenSSL 3.0.1 and OpenSSL 3.0.2 [15 Mar 2022]
	21
	22	* Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
	23	for non-prime moduli ([CVE-2022-0778])
19	24
20	25	### Major changes between OpenSSL 3.0.0 and OpenSSL 3.0.1 [14 Dec 2021]
21	26

+1

-1

README-FIPS.md less more

63	63	Documentation about using the FIPS module is available on the [fips_module(7)]
64	64	manual page.
65	65
66		[fips_module(7)]: https://www.openssl.org/docs/manmaster/man7/fips_module.html
	66	[fips_module(7)]: https://www.openssl.org/docs/man3.0/man7/fips_module.html

+2

-2

README-PROVIDERS.md less more

19	19	Documentation about writing providers is available on the [provider(7)]
20	20	manual page.
21	21
22		[provider(7)]: https://www.openssl.org/docs/manmaster/man7/provider.html
	22	[provider(7)]: https://www.openssl.org/docs/man3.0/man7/provider.html
23	23
24	24	The Default Provider
25	25	--------------------

87	87	See the [config(5)] manual page for information about how to configure
88	88	providers via the config file, and how to automatically activate them.
89	89
90		[config(5)]: https://www.openssl.org/docs/manmaster/man5/config.html
	90	[config(5)]: https://www.openssl.org/docs/man3.0/man5/config.html
91	91
92	92	The following is a minimal config file example to load and activate both
93	93	the legacy and the default provider in the default library context.

+7

-6

README.md less more

112	112	* [Notes on Perl](NOTES-PERL.md)
113	113	* [Notes on Valgrind](NOTES-VALGRIND.md)
114	114
115		Specific notes on upgrading to OpenSSL 3.0 from previous versions, as well as
116		known issues are available on the [OpenSSL 3.0 Wiki] page.
	115	Specific notes on upgrading to OpenSSL 3.0 from previous versions can be found
	116	in the [migration_guide(7ossl)] manual page.
117	117
118	118	Documentation
119	119	=============

125	125	available online.
126	126
127	127	- [OpenSSL master](https://www.openssl.org/docs/manmaster)
	128	- [OpenSSL 3.0](https://www.openssl.org/docs/man3.0)
128	129	- [OpenSSL 1.1.1](https://www.openssl.org/docs/man1.1.1)
129	130
130	131	Wiki

164	165	Copyright
165	166	=========
166	167
167		Copyright (c) 1998-2021 The OpenSSL Project
	168	Copyright (c) 1998-2022 The OpenSSL Project
168	169
169	170	Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
170	171

192	193	<https://wiki.openssl.org>
193	194	"OpenSSL Wiki"
194	195
195		[OpenSSL 3.0 Wiki]:
196		<https://wiki.openssl.org/index.php/OpenSSL_3.0>
197		"OpenSSL 3.0 Wiki"
	196	[migration_guide(7ossl)]:
	197	<https://www.openssl.org/docs/man3.0/man7/migration_guide.html>
	198	"OpenSSL Migration Guide"
198	199
199	200	[RFC 8446]:
200	201	<https://tools.ietf.org/html/rfc8446>

+2

-2

VERSION.dat less more

0	0	MAJOR=3
1	1	MINOR=0
2		PATCH=1
	2	PATCH=2
3	3	PRE_RELEASE_TAG=
4	4	BUILD_METADATA=
5		RELEASE_DATE="14 Dec 2021"
	5	RELEASE_DATE="15 Mar 2022"
6	6	SHLIB_VERSION=3

+2

-2

apps/ciphers.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

186	186	goto end;
187	187	}
188	188
189		ctx = SSL_CTX_new(meth);
	189	ctx = SSL_CTX_new_ex(app_get0_libctx(), app_get0_propq(), meth);
190	190	if (ctx == NULL)
191	191	goto err;
192	192	if (SSL_CTX_set_min_proto_version(ctx, min_version) == 0)

+91

-66

apps/cmp.c less more

0	0	/*
1		* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright Nokia 2007-2019
3	3	* Copyright Siemens AG 2015-2019
4	4	*

160	160	static char *opt_rspout = NULL;
161	161	static int opt_use_mock_srv = 0;
162	162
163		/* server-side debugging */
	163	/* mock server */
164	164	#ifndef OPENSSL_NO_SOCK
165	165	static char *opt_port = NULL;
166	166	static int opt_max_msgs = 0;

286	286	{"subject", OPT_SUBJECT, 's',
287	287	"Distinguished Name (DN) of subject to use in the requested cert template"},
288	288	{OPT_MORE_STR, 0, 0,
289		"For kur, default is subject of -csr arg or else of reference cert (see -oldcert)"},
	289	"For kur, default is subject of -csr arg or reference cert (see -oldcert)"},
290	290	{OPT_MORE_STR, 0, 0,
291	291	"this default is used for ir and cr only if no Subject Alt Names are set"},
292	292	{"issuer", OPT_ISSUER, 's',

335	335	{OPT_MORE_STR, 0, 0,
336	336	"also used as reference (defaulting to -cert) for subject DN and SANs."},
337	337	{OPT_MORE_STR, 0, 0,
338		"Its issuer is used as recipient unless -recipient, -srvcert, or -issuer given"},
	338	"Issuer is used as recipient unless -recipient, -srvcert, or -issuer given"},
339	339	{"revreason", OPT_REVREASON, 'n',
340	340	"Reason code to include in revocation request (rr); possible values:"},
341	341	{OPT_MORE_STR, 0, 0,

469	469	"Process sequence of CMP responses provided in file(s), skipping server"},
470	470	{"rspout", OPT_RSPOUT, 's', "Save sequence of CMP responses to file(s)"},
471	471
472		{"use_mock_srv", OPT_USE_MOCK_SRV, '-', "Use mock server at API level, bypassing HTTP"},
	472	{"use_mock_srv", OPT_USE_MOCK_SRV, '-',
	473	"Use internal mock server at API level, bypassing socket-based HTTP"},
473	474
474	475	OPT_SECTION("Mock server"),
475	476	#ifdef OPENSSL_NO_SOCK
476	477	{OPT_MORE_STR, 0, 0,
477	478	"NOTE: -port and -max_msgs not supported due to no-sock build"},
478	479	#else
479		{"port", OPT_PORT, 's', "Act as HTTP mock server listening on given port"},
	480	{"port", OPT_PORT, 's',
	481	"Act as HTTP-based mock server listening on given port"},
480	482	{"max_msgs", OPT_MAX_MSGS, 'N',
481	483	"max number of messages handled by HTTP mock server. Default: 0 = unlimited"},
482	484	#endif

999	1001	if (opt_srv_ref == NULL) {
1000	1002	if (opt_srv_cert == NULL) {
1001	1003	/* opt_srv_cert should determine the sender */
1002		CMP_err("must give -srv_ref for server if no -srv_cert given");
	1004	CMP_err("must give -srv_ref for mock server if no -srv_cert given");
1003	1005	goto err;
1004	1006	}
1005	1007	} else {

1010	1012
1011	1013	if (opt_srv_secret != NULL) {
1012	1014	int res;
1013		char *pass_str = get_passwd(opt_srv_secret, "PBMAC secret of server");
	1015	char *pass_str = get_passwd(opt_srv_secret, "PBMAC secret of mock server");
1014	1016
1015	1017	if (pass_str != NULL) {
1016	1018	cleanse(opt_srv_secret);

1021	1023	goto err;
1022	1024	}
1023	1025	} else if (opt_srv_cert == NULL) {
1024		CMP_err("server credentials must be given if -use_mock_srv or -port is used");
	1026	CMP_err("mock server credentials must be given if -use_mock_srv or -port is used");
1025	1027	goto err;
1026	1028	} else {
1027		CMP_warn("server will not be able to handle PBM-protected requests since -srv_secret is not given");
	1029	CMP_warn("mock server will not be able to handle PBM-protected requests since -srv_secret is not given");
1028	1030	}
1029	1031
1030	1032	if (opt_srv_secret == NULL

1034	1036	}
1035	1037	if (opt_srv_cert != NULL) {
1036	1038	X509 *srv_cert = load_cert_pwd(opt_srv_cert, opt_srv_keypass,
1037		"certificate of the server");
	1039	"certificate of the mock server");
1038	1040
1039	1041	if (srv_cert == NULL \|\| !OSSL_CMP_CTX_set1_cert(ctx, srv_cert)) {
1040	1042	X509_free(srv_cert);

1045	1047	if (opt_srv_key != NULL) {
1046	1048	EVP_PKEY *pkey = load_key_pwd(opt_srv_key, opt_keyform,
1047	1049	opt_srv_keypass,
1048		engine, "private key for server cert");
	1050	engine, "private key for mock server cert");
1049	1051
1050	1052	if (pkey == NULL \|\| !OSSL_CMP_CTX_set1_pkey(ctx, pkey)) {
1051	1053	EVP_PKEY_free(pkey);

1057	1059
1058	1060	if (opt_srv_trusted != NULL) {
1059	1061	X509_STORE *ts =
1060		load_trusted(opt_srv_trusted, 0, "certs trusted by server");
	1062	load_trusted(opt_srv_trusted, 0, "certs trusted by mock server");
1061	1063
1062	1064	if (ts == NULL \|\| !OSSL_CMP_CTX_set0_trustedStore(ctx, ts)) {
1063	1065	X509_STORE_free(ts);
1064	1066	goto err;
1065	1067	}
1066	1068	} else {
1067		CMP_warn("server will not be able to handle signature-protected requests since -srv_trusted is not given");
	1069	CMP_warn("mock server will not be able to handle signature-protected requests since -srv_trusted is not given");
1068	1070	}
1069	1071	if (!setup_certs(opt_srv_untrusted,
1070	1072	"untrusted certificates for mock server", ctx,

1072	1074	goto err;
1073	1075
1074	1076	if (opt_rsp_cert == NULL) {
1075		CMP_err("must give -rsp_cert for mock server");
1076		goto err;
	1077	CMP_warn("no -rsp_cert given for mock server");
1077	1078	} else {
1078	1079	X509 *cert = load_cert_pwd(opt_rsp_cert, opt_keypass,
1079	1080	"cert to be returned by the mock server");

1804	1805	static char server_port[32] = { '\0' };
1805	1806	const char *proxy_host = NULL;
1806	1807	#endif
1807		char server_buf[200] = { '\0' };
1808		char proxy_buf[200] = { '\0' };
1809
	1808	char server_buf[200] = "mock server";
	1809	char proxy_buf[200] = "";
	1810
	1811	if (!opt_use_mock_srv && opt_rspin == NULL) { /* note: -port is not given */
	1812	#ifndef OPENSSL_NO_SOCK
	1813	if (opt_server == NULL) {
	1814	CMP_err("missing -server or -use_mock_srv or -rspin option");
	1815	goto err;
	1816	}
	1817	#else
	1818	CMP_err("missing -use_mock_srv or -rspin option; -server option is not supported due to no-sock build");
	1819	goto err;
	1820	#endif
	1821	}
1810	1822	#ifndef OPENSSL_NO_SOCK
1811	1823	if (opt_server == NULL) {
1812		CMP_err("missing -server option");
1813		goto err;
	1824	if (opt_proxy != NULL)
	1825	CMP_warn("ignoring -proxy option since -server is not given");
	1826	if (opt_no_proxy != NULL)
	1827	CMP_warn("ignoring -no_proxy option since -server is not given");
	1828	if (opt_tls_used) {
	1829	CMP_warn("ignoring -tls_used option since -server is not given");
	1830	opt_tls_used = 0;
	1831	}
	1832	goto set_path;
1814	1833	}
1815	1834	if (!OSSL_HTTP_parse_url(opt_server, &ssl, NULL /* user */, &host, &port,
1816	1835	&portnum, &path, NULL /* q /, NULL / frag */)) {

1840	1859	if (proxy_host != NULL)
1841	1860	(void)BIO_snprintf(proxy_buf, sizeof(proxy_buf), " via %s", proxy_host);
1842	1861
	1862	set_path:
1843	1863	#endif
1844	1864
1845	1865	if (!OSSL_CMP_CTX_set1_serverPath(ctx, used_path))

1885	1905	(void)OSSL_CMP_CTX_set_transfer_cb(ctx, read_write_req_resp);
1886	1906
1887	1907	#ifndef OPENSSL_NO_SOCK
1888		if ((opt_tls_cert != NULL \|\| opt_tls_key != NULL
1889		\|\| opt_tls_keypass != NULL \|\| opt_tls_extra != NULL
1890		\|\| opt_tls_trusted != NULL \|\| opt_tls_host != NULL)
1891		&& !opt_tls_used)
1892		CMP_warn("TLS options(s) given but not -tls_used");
1893	1908	if (opt_tls_used) {
1894	1909	APP_HTTP_TLS_INFO *info;
1895	1910

1903	1918	goto err;
1904	1919	}
1905	1920	}
1906		if (opt_use_mock_srv) {
1907		CMP_err("cannot use TLS options together with -use_mock_srv");
1908		goto err;
1909		}
	1921
1910	1922	if ((info = OPENSSL_zalloc(sizeof(*info))) == NULL)
1911	1923	goto err;
1912	1924	(void)OSSL_CMP_CTX_set_http_cb_arg(ctx, info);
1913	1925	/* info will be freed along with CMP ctx */
1914	1926	info->server = opt_server;
1915	1927	info->port = server_port;
1916		info->use_proxy = opt_proxy != NULL;
	1928	/* workaround for callback design flaw, see #17088: */
	1929	info->use_proxy = proxy_host != NULL;
1917	1930	info->timeout = OSSL_CMP_CTX_get_option(ctx, OSSL_CMP_OPT_MSG_TIMEOUT);
1918	1931	info->ssl_ctx = setup_ssl_ctx(ctx, host, engine);
	1932
1919	1933	if (info->ssl_ctx == NULL)
1920	1934	goto err;
1921	1935	(void)OSSL_CMP_CTX_set_http_cb(ctx, app_http_tls_cb);

1937	1951	goto err;
1938	1952
1939	1953	/* not printing earlier, to minimize confusion in case setup fails before */
1940		CMP_info2("will contact %s%s", server_buf, proxy_buf);
	1954	if (opt_rspin != NULL)
	1955	CMP_info("will not contact any server since -rspin is given");
	1956	else
	1957	CMP_info2("will contact %s%s", server_buf, proxy_buf);
1941	1958
1942	1959	ret = 1;
1943	1960

2691	2708	int i;
2692	2709	X509 *newcert = NULL;
2693	2710	ENGINE *engine = NULL;
2694		#ifndef OPENSSL_NO_SOCK
2695		char mock_server[] = "mock server:1";
2696		#endif
2697	2711	OSSL_CMP_CTX *srv_cmp_ctx = NULL;
2698	2712	int ret = 0; /* default: failure */
2699	2713

2784	2798	}
2785	2799	}
2786	2800
2787		#ifndef OPENSSL_NO_SOCK
2788		if (opt_port != NULL) {
2789		if (opt_use_mock_srv) {
2790		CMP_err("cannot use both -port and -use_mock_srv options");
2791		goto err;
2792		}
2793		if (opt_server != NULL) {
2794		CMP_err("cannot use both -port and -server options");
2795		goto err;
2796		}
2797		}
2798		#endif
2799
2800	2801	cmp_ctx = OSSL_CMP_CTX_new(app_get0_libctx(), app_get0_propq());
2801	2802	if (cmp_ctx == NULL)
2802	2803	goto err;

2805	2806	CMP_err1("cannot set up error reporting and logging for %s", prog);
2806	2807	goto err;
2807	2808	}
	2809
	2810	#ifndef OPENSSL_NO_SOCK
	2811	if ((opt_tls_cert != NULL \|\| opt_tls_key != NULL
	2812	\|\| opt_tls_keypass != NULL \|\| opt_tls_extra != NULL
	2813	\|\| opt_tls_trusted != NULL \|\| opt_tls_host != NULL)
	2814	&& !opt_tls_used)
	2815	CMP_warn("Ingnoring TLS options(s) since -tls_used is not given");
	2816	if (opt_port != NULL) {
	2817	if (opt_tls_used) {
	2818	CMP_err("-tls_used option not supported with -port option");
	2819	goto err;
	2820	}
	2821	if (opt_use_mock_srv \|\| opt_server != NULL \|\| opt_rspin != NULL) {
	2822	CMP_err("cannot use -port with -use_mock_srv, -server, or -rspin options");
	2823	goto err;
	2824	}
	2825	}
	2826	if (opt_server != NULL && opt_use_mock_srv) {
	2827	CMP_err("cannot use both -server and -use_mock_srv options");
	2828	goto err;
	2829	}
	2830	#endif
	2831	if (opt_rspin != NULL && opt_use_mock_srv) {
	2832	CMP_err("cannot use both -rspin and -use_mock_srv options");
	2833	goto err;
	2834	}
	2835
2808	2836	if (opt_use_mock_srv
2809	2837	#ifndef OPENSSL_NO_SOCK
2810	2838	\|\| opt_port != NULL

2823	2851	OSSL_CMP_CTX_set_log_verbosity(srv_cmp_ctx, opt_verbosity);
2824	2852	}
2825	2853
2826
2827	2854	#ifndef OPENSSL_NO_SOCK
	2855	if (opt_tls_used && (opt_use_mock_srv \|\| opt_rspin != NULL)) {
	2856	CMP_warn("ignoring -tls_used option since -use_mock_srv or -rspin is given");
	2857	opt_tls_used = 0;
	2858	}
	2859
2828	2860	if (opt_port != NULL) { /* act as very basic CMP HTTP server */
2829	2861	ret = cmp_server(srv_cmp_ctx);
2830	2862	goto err;
2831	2863	}
2832		#endif
2833		/* else act as CMP client */
2834
2835		if (opt_use_mock_srv) {
2836		#ifndef OPENSSL_NO_SOCK
2837		if (opt_server != NULL) {
2838		CMP_err("cannot use both -use_mock_srv and -server options");
2839		goto err;
2840		}
2841		if (opt_proxy != NULL) {
2842		CMP_err("cannot use both -use_mock_srv and -proxy options");
2843		goto err;
2844		}
2845		opt_server = mock_server;
2846		opt_proxy = "API";
2847		#endif
2848		}
	2864
	2865	/* act as CMP client, possibly using internal mock server */
	2866
	2867	if (opt_server != NULL) {
	2868	if (opt_rspin != NULL) {
	2869	CMP_warn("ignoring -server option since -rspin is given");
	2870	opt_server = NULL;
	2871	}
	2872	}
	2873	#endif
2849	2874
2850	2875	if (!setup_client_ctx(cmp_ctx, engine)) {
2851	2876	CMP_err("cannot set up CMP context");

+2

-2

apps/include/engine_loader.h less more

0	0	/*
1		* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3		* Licensed under the OpenSSL license (the "License"). You may not use
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy
5	5	* in the file LICENSE in the source distribution or at
6	6	* https://www.openssl.org/source/license.html

+51

-26

apps/lib/apps.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

290	290	i = atoi(arg + 3);
291	291	if (i >= 0)
292	292	pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
293		if ((i < 0) \|\| !pwdbio) {
	293	if ((i < 0) \|\| pwdbio == NULL) {
294	294	BIO_printf(bio_err, "Can't access file descriptor %s\n", arg + 3);
295	295	return NULL;
296	296	}

298	298	* Can't do BIO_gets on an fd BIO so add a buffering BIO
299	299	*/
300	300	btmp = BIO_new(BIO_f_buffer());
	301	if (btmp == NULL) {
	302	BIO_free_all(pwdbio);
	303	pwdbio = NULL;
	304	BIO_printf(bio_err, "Out of memory\n");
	305	return NULL;
	306	}
301	307	pwdbio = BIO_push(btmp, pwdbio);
302	308	#endif
303	309	} else if (strcmp(arg, "stdin") == 0) {

695	701	if (ret) {
696	702	if (pcert != NULL)
697	703	warn_cert(uri, *pcert, 0, vpm);
698		warn_certs(uri, *pcerts, 1, vpm);
	704	if (pcerts != NULL)
	705	warn_certs(uri, *pcerts, 1, vpm);
699	706	} else {
700		sk_X509_pop_free(*pcerts, X509_free);
701		*pcerts = NULL;
	707	if (pcerts != NULL) {
	708	sk_X509_pop_free(*pcerts, X509_free);
	709	*pcerts = NULL;
	710	}
702	711	}
703	712	return ret;
704	713	}

2441	2450	}
2442	2451
2443	2452	/* HTTP callback function that supports TLS connection also via HTTPS proxy */
2444		BIO app_http_tls_cb(BIO hbio, void *arg, int connect, int detail)
2445		{
	2453	BIO app_http_tls_cb(BIO bio, void *arg, int connect, int detail)
	2454	{
	2455	APP_HTTP_TLS_INFO info = (APP_HTTP_TLS_INFO )arg;
	2456	SSL_CTX *ssl_ctx = info->ssl_ctx;
	2457
2446	2458	if (connect && detail) { /* connecting with TLS */
2447		APP_HTTP_TLS_INFO info = (APP_HTTP_TLS_INFO )arg;
2448		SSL_CTX *ssl_ctx = info->ssl_ctx;
2449	2459	SSL *ssl;
2450	2460	BIO *sbio = NULL;
2451	2461
	2462	/* adapt after fixing callback design flaw, see #17088 */
2452	2463	if ((info->use_proxy
2453		&& !OSSL_HTTP_proxy_connect(hbio, info->server, info->port,
	2464	&& !OSSL_HTTP_proxy_connect(bio, info->server, info->port,
2454	2465	NULL, NULL, /* no proxy credentials */
2455	2466	info->timeout, bio_err, opt_getprog()))
2456	2467	\|\| (sbio = BIO_new(BIO_f_ssl())) == NULL) {

2461	2472	return NULL;
2462	2473	}
2463	2474
2464		SSL_set_tlsext_host_name(ssl, info->server);
	2475	/* adapt after fixing callback design flaw, see #17088 */
	2476	SSL_set_tlsext_host_name(ssl, info->server); /* not critical to do */
2465	2477
2466	2478	SSL_set_connect_state(ssl);
2467	2479	BIO_set_ssl(sbio, ssl, BIO_CLOSE);
2468	2480
2469		hbio = BIO_push(sbio, hbio);
2470		} else if (!connect && !detail) { /* disconnecting after error */
2471		const char *hint = tls_error_hint();
2472
2473		if (hint != NULL)
2474		ERR_add_error_data(2, " : ", hint);
2475		/*
2476		* If we pop sbio and BIO_free() it this may lead to libssl double free.
2477		* Rely on BIO_free_all() done by OSSL_HTTP_transfer() in http_client.c
2478		*/
2479		}
2480		return hbio;
	2481	bio = BIO_push(sbio, bio);
	2482	}
	2483	if (!connect) {
	2484	const char *hint;
	2485	BIO *cbio;
	2486
	2487	if (!detail) { /* disconnecting after error */
	2488	hint = tls_error_hint();
	2489	if (hint != NULL)
	2490	ERR_add_error_data(2, " : ", hint);
	2491	}
	2492	if (ssl_ctx != NULL) {
	2493	(void)ERR_set_mark();
	2494	BIO_ssl_shutdown(bio);
	2495	cbio = BIO_pop(bio); /* connect+HTTP BIO */
	2496	BIO_free(bio); /* SSL BIO */
	2497	(void)ERR_pop_to_mark(); /* hide SSL_R_READ_BIO_NOT_SET etc. */
	2498	bio = cbio;
	2499	}
	2500	}
	2501	return bio;
2481	2502	}
2482	2503
2483	2504	void APP_HTTP_TLS_INFO_free(APP_HTTP_TLS_INFO *info)

2517	2538
2518	2539	info.server = server;
2519	2540	info.port = port;
2520		info.use_proxy = proxy != NULL;
	2541	info.use_proxy = /* workaround for callback design flaw, see #17088 */
	2542	OSSL_HTTP_adapt_proxy(proxy, no_proxy, server, use_ssl) != NULL;
2521	2543	info.timeout = timeout;
2522	2544	info.ssl_ctx = ssl_ctx;
2523	2545	mem = OSSL_HTTP_get(url, proxy, no_proxy, NULL /* bio /, NULL / rbio */,

2543	2565	const char *expected_content_type,
2544	2566	long timeout, const ASN1_ITEM *rsp_it)
2545	2567	{
	2568	int use_ssl = ssl_ctx != NULL;
2546	2569	APP_HTTP_TLS_INFO info;
2547	2570	BIO rsp, req_mem = ASN1_item_i2d_mem_bio(req_it, req);
2548	2571	ASN1_VALUE *res;
2549	2572
2550	2573	if (req_mem == NULL)
2551	2574	return NULL;
	2575
2552	2576	info.server = host;
2553	2577	info.port = port;
2554		info.use_proxy = proxy != NULL;
	2578	info.use_proxy = /* workaround for callback design flaw, see #17088 */
	2579	OSSL_HTTP_adapt_proxy(proxy, no_proxy, host, use_ssl) != NULL;
2555	2580	info.timeout = timeout;
2556	2581	info.ssl_ctx = ssl_ctx;
2557		rsp = OSSL_HTTP_transfer(NULL, host, port, path, ssl_ctx != NULL,
	2582	rsp = OSSL_HTTP_transfer(NULL, host, port, path, use_ssl,
2558	2583	proxy, no_proxy, NULL /* bio /, NULL / rbio */,
2559	2584	app_http_tls_cb, &info,
2560	2585	0 /* buf_size */, headers, content_type, req_mem,

+2

-2

apps/lib/engine_loader.c less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3		* Licensed under the OpenSSL license (the "License"). You may not use
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy
5	5	* in the file LICENSE in the source distribution or at
6	6	* https://www.openssl.org/source/license.html

+2

-2

apps/lib/s_socket.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

161	161	#endif
162	162
163	163	if (!BIO_connect(*sock, BIO_ADDRINFO_address(ai),
164		protocol == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
	164	BIO_ADDRINFO_protocol(ai) == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
165	165	BIO_closesocket(*sock);
166	166	*sock = INVALID_SOCKET;
167	167	continue;

+5

-3

apps/ocsp.c less more

0	0	/*
1		* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

1175	1175	bn = ASN1_INTEGER_to_BN(ser, NULL);
1176	1176	OPENSSL_assert(bn); /* FIXME: should report an error at this
1177	1177	* point and abort */
1178		if (BN_is_zero(bn))
	1178	if (BN_is_zero(bn)) {
1179	1179	itmp = OPENSSL_strdup("00");
1180		else
	1180	OPENSSL_assert(itmp);
	1181	} else {
1181	1182	itmp = BN_bn2hex(bn);
	1183	}
1182	1184	row[DB_serial] = itmp;
1183	1185	BN_free(bn);
1184	1186	rrow = TXT_DB_get_by_index(db->db, DB_serial, row);

+5

-5

apps/passwd.c less more

0	0	/*
1		* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

409	409	n >>= 1;
410	410	}
411	411	if (!EVP_DigestFinal_ex(md, buf, NULL))
412		return NULL;
	412	goto err;
413	413
414	414	for (i = 0; i < 1000; i++) {
415	415	if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))

635	635	n >>= 1;
636	636	}
637	637	if (!EVP_DigestFinal_ex(md, buf, NULL))
638		return NULL;
	638	goto err;
639	639
640	640	/* P sequence */
641	641	if (!EVP_DigestInit_ex(md2, sha, NULL))

646	646	goto err;
647	647
648	648	if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
649		return NULL;
	649	goto err;
650	650
651	651	if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL)
652	652	goto err;

663	663	goto err;
664	664
665	665	if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
666		return NULL;
	666	goto err;
667	667
668	668	if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL)
669	669	goto err;

+14

-14

apps/pkeyutl.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

463	463	}
464	464	goto end;
465	465	}
466		if (kdflen != 0) {
467		buf_outlen = kdflen;
468		rv = 1;
	466	if (rawin) {
	467	/* rawin allocates the buffer in do_raw_keyop() */
	468	rv = do_raw_keyop(pkey_op, mctx, pkey, in, filesize, NULL, 0,
	469	&buf_out, (size_t *)&buf_outlen);
469	470	} else {
470		if (rawin) {
471		/* rawin allocates the buffer in do_raw_keyop() */
472		rv = do_raw_keyop(pkey_op, mctx, pkey, in, filesize, NULL, 0,
473		&buf_out, (size_t *)&buf_outlen);
	471	if (kdflen != 0) {
	472	buf_outlen = kdflen;
	473	rv = 1;
474	474	} else {
475	475	rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
476	476	buf_in, (size_t)buf_inlen);
477		if (rv > 0 && buf_outlen != 0) {
478		buf_out = app_malloc(buf_outlen, "buffer output");
479		rv = do_keyop(ctx, pkey_op,
480		buf_out, (size_t *)&buf_outlen,
481		buf_in, (size_t)buf_inlen);
482		}
	477	}
	478	if (rv > 0 && buf_outlen != 0) {
	479	buf_out = app_malloc(buf_outlen, "buffer output");
	480	rv = do_keyop(ctx, pkey_op,
	481	buf_out, (size_t *)&buf_outlen,
	482	buf_in, (size_t)buf_inlen);
483	483	}
484	484	}
485	485	if (rv <= 0) {

+2

-2

apps/progs.pl less more

0	0	#! /usr/bin/env perl
1		# Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

20	20	my %commands = ();
21	21	my $cmdre = qr/^\sint\s+([a-z_][a-z0-9_])_main\(\sint\s+argc\s,/;
22	22	my $apps_openssl = shift @ARGV;
23		my $YEAR = [localtime()]->[5] + 1900;
	23	my $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH} \|\| time())]->[5] + 1900;
24	24
25	25	# because the program apps/openssl has object files as sources, and
26	26	# they then have the corresponding C files as source, we need to chain

+7

-1

apps/rehash.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2013-2014 Timo Teräs <timo.teras@gmail.com>
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

167	167	*ep = nilhentry;
168	168	ep->old_id = ~0;
169	169	ep->filename = OPENSSL_strdup(filename);
	170	if (ep->filename == NULL) {
	171	OPENSSL_free(ep);
	172	ep = NULL;
	173	BIO_printf(bio_err, "out of memory\n");
	174	return 1;
	175	}
170	176	if (bp->last_entry)
171	177	bp->last_entry->next = ep;
172	178	if (bp->first_entry == NULL)

+11

-3

apps/req.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

774	774	}
775	775	}
776	776	if (newreq \|\| gen_x509) {
777		if (pkey == NULL /* can happen only if !newreq */) {
778		BIO_printf(bio_err, "Must provide a signature key using -key\n");
	777	if (CAcert == NULL && pkey == NULL) {
	778	BIO_printf(bio_err, "Must provide a signature key using -key or"
	779	" provide -CA / -CAkey\n");
779	780	goto end;
780	781	}
781	782

1593	1594	*pkeytype = OPENSSL_strndup(keytype, keytypelen);
1594	1595	else
1595	1596	*pkeytype = OPENSSL_strdup(keytype);
	1597
	1598	if (*pkeytype == NULL) {
	1599	BIO_printf(bio_err, "Out of memory\n");
	1600	EVP_PKEY_free(param);
	1601	return NULL;
	1602	}
	1603
1596	1604	if (keylen >= 0)
1597	1605	*pkeylen = keylen;
1598	1606

+72

-7

apps/s_client.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2005 Nokia. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

804	804	char cert_file = NULL, key_file = NULL, *chain_file = NULL;
805	805	char chCApath = NULL, chCAfile = NULL, chCAstore = NULL, host = NULL;
806	806	char thost = NULL, tport = NULL;
807		char *port = OPENSSL_strdup(PORT);
	807	char *port = NULL;
808	808	char bindhost = NULL, bindport = NULL;
809	809	char passarg = NULL, pass = NULL;
810	810	char vfyCApath = NULL, vfyCAfile = NULL, *vfyCAstore = NULL;

842	842	struct timeval tv;
843	843	#endif
844	844	const char *servername = NULL;
	845	char *sname_alloc = NULL;
845	846	int noservername = 0;
846	847	const char *alpn_in = NULL;
847	848	tlsextctx tlsextcbp = { NULL, 0 };

902	903	c_debug = 0;
903	904	c_showcerts = 0;
904	905	c_nbio = 0;
	906	port = OPENSSL_strdup(PORT);
905	907	vpm = X509_VERIFY_PARAM_new();
906	908	cctx = SSL_CONF_CTX_new();
907	909
908		if (vpm == NULL \|\| cctx == NULL) {
	910	if (port == NULL \|\| vpm == NULL \|\| cctx == NULL) {
909	911	BIO_printf(bio_err, "%s: out of memory\n", opt_getprog());
910	912	goto end;
911	913	}

1130	1132	break;
1131	1133	case OPT_MSGFILE:
1132	1134	bio_c_msg = BIO_new_file(opt_arg(), "w");
	1135	if (bio_c_msg == NULL) {
	1136	BIO_printf(bio_err, "Error writing file %s\n", opt_arg());
	1137	goto end;
	1138	}
1133	1139	break;
1134	1140	case OPT_TRACE:
1135	1141	#ifndef OPENSSL_NO_SSL_TRACE

1529	1535	goto opthelp;
1530	1536	}
1531	1537
	1538	if (servername == NULL && !noservername) {
	1539	servername = sname_alloc = OPENSSL_strdup(host);
	1540	if (sname_alloc == NULL) {
	1541	BIO_printf(bio_err, "%s: out of memory\n", prog);
	1542	goto end;
	1543	}
	1544	}
	1545
1532	1546	/* Retain the original target host:port for use in the HTTP proxy connect string */
1533	1547	thost = OPENSSL_strdup(host);
1534	1548	tport = OPENSSL_strdup(port);

1650	1664	if (bio_c_out == NULL) {
1651	1665	if (c_quiet && !c_debug) {
1652	1666	bio_c_out = BIO_new(BIO_s_null());
1653		if (c_msg && bio_c_msg == NULL)
	1667	if (c_msg && bio_c_msg == NULL) {
1654	1668	bio_c_msg = dup_bio_out(FORMAT_TEXT);
1655		} else if (bio_c_out == NULL)
	1669	if (bio_c_msg == NULL) {
	1670	BIO_printf(bio_err, "Out of memory\n");
	1671	goto end;
	1672	}
	1673	}
	1674	} else {
1656	1675	bio_c_out = dup_bio_out(FORMAT_TEXT);
	1676	}
	1677
	1678	if (bio_c_out == NULL) {
	1679	BIO_printf(bio_err, "Unable to create BIO\n");
	1680	goto end;
	1681	}
1657	1682	}
1658	1683	#ifndef OPENSSL_NO_SRP
1659	1684	if (!app_passwd(srppass, NULL, &srp_arg.srppassin, NULL)) {

2016	2041	#endif
2017	2042	sbio = BIO_new_dgram(sock, BIO_NOCLOSE);
2018	2043
2019		if ((peer_info.addr = BIO_ADDR_new()) == NULL) {
	2044	if (sbio == NULL \|\| (peer_info.addr = BIO_ADDR_new()) == NULL) {
2020	2045	BIO_printf(bio_err, "memory allocation failure\n");
	2046	BIO_free(sbio);
2021	2047	BIO_closesocket(sock);
2022	2048	goto end;
2023	2049	}
2024	2050	if (!BIO_sock_info(sock, BIO_SOCK_INFO_ADDRESS, &peer_info)) {
2025	2051	BIO_printf(bio_err, "getsockname:errno=%d\n",
2026	2052	get_last_socket_error());
	2053	BIO_free(sbio);
2027	2054	BIO_ADDR_free(peer_info.addr);
2028	2055	BIO_closesocket(sock);
2029	2056	goto end;

2064	2091	#endif /* OPENSSL_NO_DTLS */
2065	2092	sbio = BIO_new_socket(sock, BIO_NOCLOSE);
2066	2093
	2094	if (sbio == NULL) {
	2095	BIO_printf(bio_err, "Unable to create BIO\n");
	2096	ERR_print_errors(bio_err);
	2097	BIO_closesocket(sock);
	2098	goto end;
	2099	}
	2100
2067	2101	if (nbio_test) {
2068	2102	BIO *test;
2069	2103
2070	2104	test = BIO_new(BIO_f_nbio_test());
	2105	if (test == NULL) {
	2106	BIO_printf(bio_err, "Unable to create BIO\n");
	2107	BIO_free(sbio);
	2108	goto shut;
	2109	}
2071	2110	sbio = BIO_push(test, sbio);
2072	2111	}
2073	2112

2134	2173	int foundit = 0;
2135	2174	BIO *fbio = BIO_new(BIO_f_buffer());
2136	2175
	2176	if (fbio == NULL) {
	2177	BIO_printf(bio_err, "Unable to create BIO\n");
	2178	goto shut;
	2179	}
2137	2180	BIO_push(fbio, sbio);
2138	2181	/* Wait for multi-line response to end from LMTP or SMTP */
2139	2182	do {

2182	2225	int foundit = 0;
2183	2226	BIO *fbio = BIO_new(BIO_f_buffer());
2184	2227
	2228	if (fbio == NULL) {
	2229	BIO_printf(bio_err, "Unable to create BIO\n");
	2230	goto shut;
	2231	}
2185	2232	BIO_push(fbio, sbio);
2186	2233	BIO_gets(fbio, mbuf, BUFSIZZ);
2187	2234	/* STARTTLS command requires CAPABILITY... */

2209	2256	{
2210	2257	BIO *fbio = BIO_new(BIO_f_buffer());
2211	2258
	2259	if (fbio == NULL) {
	2260	BIO_printf(bio_err, "Unable to create BIO\n");
	2261	goto shut;
	2262	}
2212	2263	BIO_push(fbio, sbio);
2213	2264	/* wait for multi-line response to end from FTP */
2214	2265	do {

2303	2354	int numeric;
2304	2355	BIO *fbio = BIO_new(BIO_f_buffer());
2305	2356
	2357	if (fbio == NULL) {
	2358	BIO_printf(bio_err, "Unable to create BIO\n");
	2359	goto end;
	2360	}
2306	2361	BIO_push(fbio, sbio);
2307	2362	BIO_printf(fbio, "STARTTLS\r\n");
2308	2363	(void)BIO_flush(fbio);

2463	2518	int foundit = 0;
2464	2519	BIO *fbio = BIO_new(BIO_f_buffer());
2465	2520
	2521	if (fbio == NULL) {
	2522	BIO_printf(bio_err, "Unable to create BIO\n");
	2523	goto end;
	2524	}
2466	2525	BIO_push(fbio, sbio);
2467	2526	BIO_gets(fbio, mbuf, BUFSIZZ);
2468	2527	/* STARTTLS command requires CAPABILITIES... */

2503	2562	int foundit = 0;
2504	2563	BIO *fbio = BIO_new(BIO_f_buffer());
2505	2564
	2565	if (fbio == NULL) {
	2566	BIO_printf(bio_err, "Unable to create BIO\n");
	2567	goto end;
	2568	}
2506	2569	BIO_push(fbio, sbio);
2507	2570	/* wait for multi-line response to end from Sieve */
2508	2571	do {

2562	2625	BIO *ldapbio = BIO_new(BIO_s_mem());
2563	2626	CONF *cnf = NCONF_new(NULL);
2564	2627
2565		if (cnf == NULL) {
	2628	if (ldapbio == NULL \|\| cnf == NULL) {
2566	2629	BIO_free(ldapbio);
	2630	NCONF_free(cnf);
2567	2631	goto end;
2568	2632	}
2569	2633	BIO_puts(ldapbio, ldap_tls_genconf);

3037	3101	#ifndef OPENSSL_NO_SRP
3038	3102	OPENSSL_free(srp_arg.srppassin);
3039	3103	#endif
	3104	OPENSSL_free(sname_alloc);
3040	3105	OPENSSL_free(connectstr);
3041	3106	OPENSSL_free(bindstr);
3042	3107	OPENSSL_free(bindhost);

+84

-17

apps/s_server.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

1005	1005	int socket_family = AF_UNSPEC, socket_type = SOCK_STREAM, protocol = 0;
1006	1006	int state = 0, crl_format = FORMAT_UNDEF, crl_download = 0;
1007	1007	char *host = NULL;
1008		char *port = OPENSSL_strdup(PORT);
	1008	char *port = NULL;
1009	1009	unsigned char *context = NULL;
1010	1010	OPTION_CHOICE o;
1011	1011	EVP_PKEY *s_key2 = NULL;

1068	1068	async = 0;
1069	1069	use_sendfile = 0;
1070	1070
	1071	port = OPENSSL_strdup(PORT);
1071	1072	cctx = SSL_CONF_CTX_new();
1072	1073	vpm = X509_VERIFY_PARAM_new();
1073		if (cctx == NULL \|\| vpm == NULL)
	1074	if (port == NULL \|\| cctx == NULL \|\| vpm == NULL)
1074	1075	goto end;
1075	1076	SSL_CONF_CTX_set_flags(cctx,
1076	1077	SSL_CONF_FLAG_SERVER \| SSL_CONF_FLAG_CMDLINE);

1388	1389	break;
1389	1390	case OPT_MSGFILE:
1390	1391	bio_s_msg = BIO_new_file(opt_arg(), "w");
	1392	if (bio_s_msg == NULL) {
	1393	BIO_printf(bio_err, "Error writing file %s\n", opt_arg());
	1394	goto end;
	1395	}
1391	1396	break;
1392	1397	case OPT_TRACE:
1393	1398	#ifndef OPENSSL_NO_SSL_TRACE

1799	1804	if (bio_s_out == NULL) {
1800	1805	if (s_quiet && !s_debug) {
1801	1806	bio_s_out = BIO_new(BIO_s_null());
1802		if (s_msg && bio_s_msg == NULL)
	1807	if (s_msg && bio_s_msg == NULL) {
1803	1808	bio_s_msg = dup_bio_out(FORMAT_TEXT);
	1809	if (bio_s_msg == NULL) {
	1810	BIO_printf(bio_err, "Out of memory\n");
	1811	goto end;
	1812	}
	1813	}
1804	1814	} else {
1805		if (bio_s_out == NULL)
1806		bio_s_out = dup_bio_out(FORMAT_TEXT);
1807		}
1808		}
	1815	bio_s_out = dup_bio_out(FORMAT_TEXT);
	1816	}
	1817	}
	1818
	1819	if (bio_s_out == NULL)
	1820	goto end;
	1821
1809	1822	if (nocert) {
1810	1823	s_cert_file = NULL;
1811	1824	s_key_file = NULL;

2343	2356	else
2344	2357	# endif
2345	2358	sbio = BIO_new_dgram(s, BIO_NOCLOSE);
	2359	if (sbio == NULL) {
	2360	BIO_printf(bio_err, "Unable to create BIO\n");
	2361	ERR_print_errors(bio_err);
	2362	goto err;
	2363	}
2346	2364
2347	2365	if (enable_timeouts) {
2348	2366	timeout.tv_sec = 0;

2392	2410	BIO *test;
2393	2411
2394	2412	test = BIO_new(BIO_f_nbio_test());
	2413	if (test == NULL) {
	2414	BIO_printf(bio_err, "Unable to create BIO\n");
	2415	ret = -1;
	2416	BIO_free(sbio);
	2417	goto err;
	2418	}
	2419
2395	2420	sbio = BIO_push(test, sbio);
2396	2421	}
2397	2422

2975	3000	int total_bytes = 0;
2976	3001	#endif
2977	3002	int width;
	3003	#ifndef OPENSSL_NO_KTLS
	3004	int use_sendfile_for_req = use_sendfile;
	3005	#endif
2978	3006	fd_set readfds;
2979	3007	const char *opmode;
	3008	#ifdef CHARSET_EBCDIC
	3009	BIO *filter;
	3010	#endif
2980	3011
2981	3012	/* Set width for a select call if needed */
2982	3013	width = s + 1;
2983	3014
2984		buf = app_malloc(bufsize, "server www buffer");
	3015	/* as we use BIO_gets(), and it always null terminates data, we need
	3016	* to allocate 1 byte longer buffer to fit the full 2^14 byte record */
	3017	buf = app_malloc(bufsize + 1, "server www buffer");
2985	3018	io = BIO_new(BIO_f_buffer());
2986	3019	ssl_bio = BIO_new(BIO_f_ssl());
2987	3020	if ((io == NULL) \|\| (ssl_bio == NULL))

3014	3047	}
3015	3048
3016	3049	sbio = BIO_new_socket(s, BIO_NOCLOSE);
	3050	if (sbio == NULL) {
	3051	SSL_free(con);
	3052	goto err;
	3053	}
	3054
3017	3055	if (s_nbio_test) {
3018	3056	BIO *test;
3019	3057
3020	3058	test = BIO_new(BIO_f_nbio_test());
	3059	if (test == NULL) {
	3060	SSL_free(con);
	3061	BIO_free(sbio);
	3062	goto err;
	3063	}
	3064
3021	3065	sbio = BIO_push(test, sbio);
3022	3066	}
3023	3067	SSL_set_bio(con, sbio, sbio);

3028	3072	BIO_push(io, ssl_bio);
3029	3073	ssl_bio = NULL;
3030	3074	#ifdef CHARSET_EBCDIC
3031		io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
	3075	filter = BIO_new(BIO_f_ebcdic_filter());
	3076	if (filter == NULL)
	3077	goto err;
	3078
	3079	io = BIO_push(filter, io);
3032	3080	#endif
3033	3081
3034	3082	if (s_debug) {

3046	3094	}
3047	3095
3048	3096	for (;;) {
3049		i = BIO_gets(io, buf, bufsize - 1);
	3097	i = BIO_gets(io, buf, bufsize + 1);
3050	3098	if (i < 0) { /* error */
3051	3099	if (!BIO_should_retry(io) && !SSL_waiting_for_async(con)) {
3052	3100	if (!s_quiet)

3111	3159	* we're expecting to come from the client. If they haven't
3112	3160	* sent one there's not much we can do.
3113	3161	*/
3114		BIO_gets(io, buf, bufsize - 1);
	3162	BIO_gets(io, buf, bufsize + 1);
3115	3163	}
3116	3164
3117	3165	BIO_puts(io,

3292	3340	}
3293	3341	/* send the file */
3294	3342	#ifndef OPENSSL_NO_KTLS
3295		if (use_sendfile) {
	3343	if (use_sendfile_for_req && !BIO_get_ktls_send(SSL_get_wbio(con))) {
	3344	BIO_printf(bio_err, "Warning: sendfile requested but KTLS is not available\n");
	3345	use_sendfile_for_req = 0;
	3346	}
	3347	if (use_sendfile_for_req) {
3296	3348	FILE *fp = NULL;
3297	3349	int fd;
3298	3350	struct stat st;

3399	3451	int ret = 1;
3400	3452	SSL *con;
3401	3453	BIO io, ssl_bio, *sbio;
3402
3403		buf = app_malloc(bufsize, "server rev buffer");
	3454	#ifdef CHARSET_EBCDIC
	3455	BIO *filter;
	3456	#endif
	3457
	3458	/* as we use BIO_gets(), and it always null terminates data, we need
	3459	* to allocate 1 byte longer buffer to fit the full 2^14 byte record */
	3460	buf = app_malloc(bufsize + 1, "server rev buffer");
3404	3461	io = BIO_new(BIO_f_buffer());
3405	3462	ssl_bio = BIO_new(BIO_f_ssl());
3406	3463	if ((io == NULL) \|\| (ssl_bio == NULL))

3426	3483	}
3427	3484
3428	3485	sbio = BIO_new_socket(s, BIO_NOCLOSE);
	3486	if (sbio == NULL) {
	3487	SSL_free(con);
	3488	ERR_print_errors(bio_err);
	3489	goto err;
	3490	}
	3491
3429	3492	SSL_set_bio(con, sbio, sbio);
3430	3493	SSL_set_accept_state(con);
3431	3494

3434	3497	BIO_push(io, ssl_bio);
3435	3498	ssl_bio = NULL;
3436	3499	#ifdef CHARSET_EBCDIC
3437		io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
	3500	filter = BIO_new(BIO_f_ebcdic_filter());
	3501	if (filter == NULL)
	3502	goto err;
	3503
	3504	io = BIO_push(filter, io);
3438	3505	#endif
3439	3506
3440	3507	if (s_debug) {

3475	3542	print_ssl_summary(con);
3476	3543
3477	3544	for (;;) {
3478		i = BIO_gets(io, buf, bufsize - 1);
	3545	i = BIO_gets(io, buf, bufsize + 1);
3479	3546	if (i < 0) { /* error */
3480	3547	if (!BIO_should_retry(io)) {
3481	3548	if (!s_quiet)

+8

-3

apps/speed.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

28	28	#include <math.h>
29	29	#include "apps.h"
30	30	#include "progs.h"
	31	#include "internal/numbers.h"
31	32	#include <openssl/crypto.h>
32	33	#include <openssl/rand.h>
33	34	#include <openssl/err.h>

450	451	static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
451	452	#endif /* OPENSSL_NO_SM2 */
452	453
453		#define COND(unused_cond) (run && count < 0x7fffffff)
	454	#define COND(unused_cond) (run && count < INT_MAX)
454	455	#define COUNT(d) (count)
455	456
456	457	typedef struct loopargs_st {

1773	1774	buflen = lengths[size_num - 1];
1774	1775	if (buflen < 36) /* size of random vector in RSA benchmark */
1775	1776	buflen = 36;
	1777	if (INT_MAX - (MAX_MISALIGNMENT + 1) < buflen) {
	1778	BIO_printf(bio_err, "Error: buffer size too large\n");
	1779	goto end;
	1780	}
1776	1781	buflen += MAX_MISALIGNMENT + 1;
1777	1782	loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1778	1783	loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");

3616	3621	for (j = 0; j < num; j++) {
3617	3622	print_message(alg_name, 0, mblengths[j], seconds->sym);
3618	3623	Time_F(START);
3619		for (count = 0; run && count < 0x7fffffff; count++) {
	3624	for (count = 0; run && count < INT_MAX; count++) {
3620	3625	unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3621	3626	EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3622	3627	size_t len = mblengths[j];

+2

-1

apps/verify.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

262	262	if (x509_ctrl_string(x, opt) <= 0) {
263	263	BIO_printf(bio_err, "parameter error \"%s\"\n", opt);
264	264	ERR_print_errors(bio_err);
	265	X509_free(x);
265	266	return 0;
266	267	}
267	268	}

+4

-4

apps/x509.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

705	705	: "Certificate request self-signature did not match the contents\n");
706	706	goto end;
707	707	}
708		BIO_printf(out, "Certificate request self-signature ok\n");
709
710		print_name(out, "subject=", X509_REQ_get_subject_name(req));
	708	BIO_printf(bio_err, "Certificate request self-signature ok\n");
	709
	710	print_name(bio_err, "subject=", X509_REQ_get_subject_name(req));
711	711	} else if (!x509toreq && ext_copy != EXT_COPY_UNSET) {
712	712	BIO_printf(bio_err, "Warning: ignoring -copy_extensions since neither -x509toreq nor -req is given\n");
713	713	}

+2

-2

crypto/aes/aes_core.c less more

0	0	/*
1		* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

49	49	#include <openssl/aes.h>
50	50	#include "aes_local.h"
51	51
52		#if !defined(OPENSSL_NO_AES_CONST_TIME) && !defined(AES_ASM)
	52	#if defined(OPENSSL_AES_CONST_TIME) && !defined(AES_ASM)
53	53
54	54	# if (defined(_WIN32) \|\| defined(_WIN64)) && !defined(__MINGW32__)
55	55	# define U64(C) C##UI64

+2

-2

crypto/asn1/d2i_pu.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

53	53	goto err;
54	54	}
55	55
56		switch (EVP_PKEY_get_id(ret)) {
	56	switch (EVP_PKEY_get_base_id(ret)) {
57	57	case EVP_PKEY_RSA:
58	58	if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) {
59	59	ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);

+2

-2

crypto/asn1/i2d_evp.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

130	130
131	131	return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_info, pp);
132	132	}
133		switch (EVP_PKEY_get_id(a)) {
	133	switch (EVP_PKEY_get_base_id(a)) {
134	134	case EVP_PKEY_RSA:
135	135	return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp);
136	136	#ifndef OPENSSL_NO_DSA

+16

-2

crypto/async/arch/async_posix.h less more

0	0	/*
1		* Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

24	24	# define ASYNC_POSIX
25	25	# define ASYNC_ARCH
26	26
27		# ifdef __CET__
	27	# if defined(__CET__) \|\| defined(__ia64__)
28	28	/*
29	29	* When Intel CET is enabled, makecontext will create a different
30	30	* shadow stack for each context. async_fibre_swapcontext cannot
31	31	* use _longjmp. It must call swapcontext to swap shadow stack as
32	32	* well as normal stack.
	33	* On IA64 the register stack engine is not saved across setjmp/longjmp. Here
	34	* swapcontext() performs correctly.
	35	*/
	36	# define USE_SWAPCONTEXT
	37	# endif
	38	# if defined(__aarch64__) && defined(__clang__) \
	39	&& defined(__ARM_FEATURE_BTI_DEFAULT) && __ARM_FEATURE_BTI_DEFAULT == 1
	40	/*
	41	* setjmp/longjmp don't currently work with BTI on all libc implementations
	42	* when compiled by clang. This is because clang doesn't put a BTI after the
	43	* call to setjmp where it returns the second time. This then fails on libc
	44	* implementations - notably glibc - which use an indirect jump to there.
	45	* So use the swapcontext implementation, which does work.
	46	* See https://github.com/llvm/llvm-project/issues/48888.
33	47	*/
34	48	# define USE_SWAPCONTEXT
35	49	# endif

+2

-2

crypto/bio/bio_addr.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

751	751	# pragma pointer_size 32
752	752	#endif
753	753	/* Windows doesn't seem to have in_addr_t */
754		#ifdef OPENSSL_SYS_WINDOWS
	754	#if defined(OPENSSL_SYS_WINDOWS) \|\| defined(OPENSSL_SYS_MSDOS)
755	755	static uint32_t he_fallback_address;
756	756	static const char *he_fallback_addresses[] =
757	757	{ (char *)&he_fallback_address, NULL };

+21

-1

crypto/bio/bio_print.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

12	12	#include "crypto/ctype.h"
13	13	#include "internal/numbers.h"
14	14	#include <openssl/bio.h>
	15	#include <openssl/configuration.h>
15	16
16	17	/*
17	18	* Copyright Patrick Powell 1995

30	31	const char *, int, int, int);
31	32	static int fmtint(char , char , size_t , size_t ,
32	33	int64_t, int, int, int, int);
	34	#ifndef OPENSSL_SYS_UEFI
33	35	static int fmtfp(char , char , size_t , size_t ,
34	36	LDOUBLE, int, int, int, int);
	37	#endif
35	38	static int doapr_outch(char , char , size_t , size_t , int);
36	39	static int _dopr(char sbuffer, char buffer,
37	40	size_t maxlen, size_t retlen, int *truncated,

87	90	{
88	91	char ch;
89	92	int64_t value;
	93	#ifndef OPENSSL_SYS_UEFI
90	94	LDOUBLE fvalue;
	95	#endif
91	96	char *strvalue;
92	97	int min;
93	98	int max;

258	263	min, max, flags))
259	264	return 0;
260	265	break;
	266	#ifndef OPENSSL_SYS_UEFI
261	267	case 'f':
262	268	if (cflags == DP_C_LDOUBLE)
263	269	fvalue = va_arg(args, LDOUBLE);

291	297	flags, G_FORMAT))
292	298	return 0;
293	299	break;
	300	#else
	301	case 'f':
	302	case 'E':
	303	case 'e':
	304	case 'G':
	305	case 'g':
	306	/* not implemented for UEFI */
	307	ERR_raise(ERR_LIB_BIO, ERR_R_UNSUPPORTED);
	308	return 0;
	309	#endif
294	310	case 'c':
295	311	if (!doapr_outch(sbuffer, buffer, &currlen, maxlen,
296	312	va_arg(args, int)))

510	526	}
511	527	return 1;
512	528	}
	529
	530	#ifndef OPENSSL_SYS_UEFI
513	531
514	532	static LDOUBLE abs_val(LDOUBLE value)
515	533	{

806	824	return 1;
807	825	}
808	826
	827	#endif /* OPENSSL_SYS_UEFI */
	828
809	829	#define BUFFER_INC 1024
810	830
811	831	static int

+13

-7

crypto/bio/bss_core.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

47	47	{
48	48	BIO_CORE_GLOBALS *bcgbl = get_globals(bio->libctx);
49	49
50		if (bcgbl->c_bio_read_ex == NULL)
	50	if (bcgbl == NULL \|\| bcgbl->c_bio_read_ex == NULL)
51	51	return 0;
52	52	return bcgbl->c_bio_read_ex(BIO_get_data(bio), data, data_len, bytes_read);
53	53	}

57	57	{
58	58	BIO_CORE_GLOBALS *bcgbl = get_globals(bio->libctx);
59	59
60		if (bcgbl->c_bio_write_ex == NULL)
	60	if (bcgbl == NULL \|\| bcgbl->c_bio_write_ex == NULL)
61	61	return 0;
62	62	return bcgbl->c_bio_write_ex(BIO_get_data(bio), data, data_len, written);
63	63	}

66	66	{
67	67	BIO_CORE_GLOBALS *bcgbl = get_globals(bio->libctx);
68	68
69		if (bcgbl->c_bio_ctrl == NULL)
	69	if (bcgbl == NULL \|\| bcgbl->c_bio_ctrl == NULL)
70	70	return -1;
71	71	return bcgbl->c_bio_ctrl(BIO_get_data(bio), cmd, num, ptr);
72	72	}

75	75	{
76	76	BIO_CORE_GLOBALS *bcgbl = get_globals(bio->libctx);
77	77
78		if (bcgbl->c_bio_gets == NULL)
	78	if (bcgbl == NULL \|\| bcgbl->c_bio_gets == NULL)
79	79	return -1;
80	80	return bcgbl->c_bio_gets(BIO_get_data(bio), buf, size);
81	81	}

84	84	{
85	85	BIO_CORE_GLOBALS *bcgbl = get_globals(bio->libctx);
86	86
87		if (bcgbl->c_bio_puts == NULL)
	87	if (bcgbl == NULL \|\| bcgbl->c_bio_puts == NULL)
88	88	return -1;
89	89	return bcgbl->c_bio_puts(BIO_get_data(bio), str);
90	90	}

99	99	static int bio_core_free(BIO *bio)
100	100	{
101	101	BIO_CORE_GLOBALS *bcgbl = get_globals(bio->libctx);
	102
	103	if (bcgbl == NULL)
	104	return 0;
102	105
103	106	BIO_set_init(bio, 0);
104	107	bcgbl->c_bio_free(BIO_get_data(bio));

132	135	BIO_CORE_GLOBALS *bcgbl = get_globals(libctx);
133	136
134	137	/* Check the library context has been initialised with the callbacks */
135		if (bcgbl->c_bio_write_ex == NULL && bcgbl->c_bio_read_ex == NULL)
	138	if (bcgbl == NULL \|\| (bcgbl->c_bio_write_ex == NULL && bcgbl->c_bio_read_ex == NULL))
136	139	return NULL;
137	140
138	141	if ((outbio = BIO_new_ex(libctx, BIO_s_core())) == NULL)

149	152	int ossl_bio_init_core(OSSL_LIB_CTX libctx, const OSSL_DISPATCH fns)
150	153	{
151	154	BIO_CORE_GLOBALS *bcgbl = get_globals(libctx);
	155
	156	if (bcgbl == NULL)
	157	return 0;
152	158
153	159	for (; fns->function_id != 0; fns++) {
154	160	switch (fns->function_id) {

+5

-1

crypto/bn/bn_conv.c less more

141	141	continue;
142	142
143	143	if (i == 0 \|\| i > INT_MAX / 4)
144		goto err;
	144	return 0;
145	145
146	146	num = i + neg;
147	147	if (bn == NULL)

153	153	return 0;
154	154	} else {
155	155	ret = *bn;
	156	if (BN_get_flags(ret, BN_FLG_STATIC_DATA)) {
	157	ERR_raise(ERR_LIB_BN, ERR_R_PASSED_INVALID_ARGUMENT);
	158	return 0;
	159	}
156	160	BN_zero(ret);
157	161	}
158	162

+2

-2

crypto/bn/bn_exp2.c less more

0	0	/*
1		* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

31	31	bn_check_top(p2);
32	32	bn_check_top(m);
33	33
34		if (!(m->d[0] & 1)) {
	34	if (!BN_is_odd(m)) {
35	35	ERR_raise(ERR_LIB_BN, BN_R_CALLED_WITH_EVEN_MODULUS);
36	36	return 0;
37	37	}

+2

-2

crypto/bn/bn_ppc.c less more

0	0	/*
1		* Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

39	39	* no opportunity to figure it out...
40	40	*/
41	41
42		#if defined(_ARCH_PPC64)
	42	#if defined(_ARCH_PPC64) && !defined(__ILP32__)
43	43	if (num == 6) {
44	44	if (OPENSSL_ppccap_P & PPC_MADD300)
45	45	return bn_mul_mont_300_fixed_n6(rp, ap, bp, np, n0, num);

+19

-13

crypto/bn/bn_sqrt.c less more

0	0	/*
1		* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

13	13	/*
14	14	* Returns 'ret' such that ret^2 == a (mod p), using the Tonelli/Shanks
15	15	* algorithm (cf. Henri Cohen, "A Course in Algebraic Computational Number
16		* Theory", algorithm 1.5.1). 'p' must be prime!
	16	* Theory", algorithm 1.5.1). 'p' must be prime, otherwise an error or
	17	* an incorrect "result" will be returned.
17	18	*/
18	19	{
19	20	BIGNUM *ret = in;

302	303	goto vrfy;
303	304	}
304	305
305		/* find smallest i such that b^(2^i) = 1 */
306		i = 1;
307		if (!BN_mod_sqr(t, b, p, ctx))
308		goto end;
309		while (!BN_is_one(t)) {
310		i++;
311		if (i == e) {
312		ERR_raise(ERR_LIB_BN, BN_R_NOT_A_SQUARE);
313		goto end;
	306	/* Find the smallest i, 0 < i < e, such that b^(2^i) = 1. */
	307	for (i = 1; i < e; i++) {
	308	if (i == 1) {
	309	if (!BN_mod_sqr(t, b, p, ctx))
	310	goto end;
	311
	312	} else {
	313	if (!BN_mod_mul(t, t, t, p, ctx))
	314	goto end;
314	315	}
315		if (!BN_mod_mul(t, t, t, p, ctx))
316		goto end;
	316	if (BN_is_one(t))
	317	break;
	318	}
	319	/* If not found, a is not a square or p is not prime. */
	320	if (i >= e) {
	321	ERR_raise(ERR_LIB_BN, BN_R_NOT_A_SQUARE);
	322	goto end;
317	323	}
318	324
319	325	/* t := y^2^(e - i - 1) */

+4

-2

crypto/bn/rsaz_exp_x2.c less more

317	317	int exp_chunk_no = exp_bit_no / 64;
318	318	int exp_chunk_shift = exp_bit_no % 64;
319	319
	320	BN_ULONG red_table_idx_0, red_table_idx_1;
	321
320	322	/*
321	323	* If rem == 0, then
322	324	* exp_bit_no = modulus_bitsize - exp_win_size

328	330	OPENSSL_assert(rem != 0);
329	331
330	332	/* Process 1-st exp window - just init result */
331		BN_ULONG red_table_idx_0 = expz[0][exp_chunk_no];
332		BN_ULONG red_table_idx_1 = expz[1][exp_chunk_no];
	333	red_table_idx_0 = expz[0][exp_chunk_no];
	334	red_table_idx_1 = expz[1][exp_chunk_no];
333	335	/*
334	336	* The function operates with fixed moduli sizes divisible by 64,
335	337	* thus table index here is always in supported range [0, EXP_WIN_SIZE).

+11

-8

crypto/cmp/cmp_msg.c less more

0	0	/*
1		* Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright Nokia 2007-2019
3	3	* Copyright Siemens AG 2015-2019
4	4	*

259	259	if (ctx->subjectName != NULL)
260	260	return IS_NULL_DN(ctx->subjectName) ? NULL : ctx->subjectName;
261	261
262		if (ref_subj != NULL && (for_KUR \|\| !HAS_SAN(ctx)))
	262	if (ref_subj != NULL && (ctx->p10CSR != NULL \|\| for_KUR \|\| !HAS_SAN(ctx)))
263	263	/*
264	264	* For KUR, copy subject from the reference.
265	265	* For IR or CR, do the same only if there is no subjectAltName.

288	288
289	289	if (rkey == NULL && ctx->p10CSR != NULL)
290	290	rkey = X509_REQ_get0_pubkey(ctx->p10CSR);
	291	if (rkey == NULL && refcert != NULL)
	292	rkey = X509_get0_pubkey(refcert);
291	293	if (rkey == NULL)
292	294	rkey = ctx->pkey; /* default is independent of ctx->oldCert */
293	295	if (rkey == NULL) {

326	328	}
327	329
328	330	/* extensions */
329		if (refcert != NULL && !ctx->SubjectAltName_nodefault)
330		default_sans = X509V3_get_d2i(X509_get0_extensions(refcert),
331		NID_subject_alt_name, NULL, NULL);
332	331	if (ctx->p10CSR != NULL
333	332	&& (exts = X509_REQ_get_extensions(ctx->p10CSR)) == NULL)
	333	goto err;
	334	if (!ctx->SubjectAltName_nodefault && !HAS_SAN(ctx) && refcert != NULL
	335	&& (default_sans = X509V3_get_d2i(X509_get0_extensions(refcert),
	336	NID_subject_alt_name, NULL, NULL))
	337	!= NULL
	338	&& !add1_extension(&exts, NID_subject_alt_name, crit, default_sans))
334	339	goto err;
335	340	if (ctx->reqExtensions != NULL /* augment/override existing ones */
336	341	&& !add_extensions(&exts, ctx->reqExtensions))

338	343	if (sk_GENERAL_NAME_num(ctx->subjectAltNames) > 0
339	344	&& !add1_extension(&exts, NID_subject_alt_name,
340	345	crit, ctx->subjectAltNames))
341		goto err;
342		if (!HAS_SAN(ctx) && default_sans != NULL
343		&& !add1_extension(&exts, NID_subject_alt_name, crit, default_sans))
344	346	goto err;
345	347	if (ctx->policies != NULL
346	348	&& !add1_extension(&exts, NID_certificate_policies,

565	567	if (!sk_OSSL_CMP_REVDETAILS_push(msg->body->value.rr, rd))
566	568	goto err;
567	569	rd = NULL;
	570	/* Revocation Passphrase according to section 5.3.19.9 could be set here */
568	571
569	572	if (!ossl_cmp_msg_protect(ctx, msg))
570	573	goto err;

+7

-6

crypto/context.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

92	92	exdata_done = 1;
93	93
94	94	if (!ossl_crypto_new_ex_data_ex(ctx, CRYPTO_EX_INDEX_OSSL_LIB_CTX, NULL,
95		&ctx->data)) {
96		ossl_crypto_cleanup_all_ex_data_int(ctx);
	95	&ctx->data))
97	96	goto err;
98		}
99	97
100	98	/* Everything depends on properties, so we also pre-initialise that */
101	99	if (!ossl_property_parse_init(ctx))

105	103	err:
106	104	if (exdata_done)
107	105	ossl_crypto_cleanup_all_ex_data_int(ctx);
	106	for (i = 0; i < OSSL_LIB_CTX_MAX_INDEXES; i++)
	107	CRYPTO_THREAD_lock_free(ctx->index_locks[i]);
108	108	CRYPTO_THREAD_lock_free(ctx->oncelock);
109	109	CRYPTO_THREAD_lock_free(ctx->lock);
110		ctx->lock = NULL;
	110	memset(ctx, '\0', sizeof(*ctx));
111	111	return 0;
112	112	}
113	113

155	155	void ossl_lib_ctx_default_deinit(void)
156	156	{
157	157	context_deinit(&default_context_int);
	158	CRYPTO_THREAD_cleanup_local(&default_context_thread_local);
158	159	}
159	160
160	161	static OSSL_LIB_CTX *get_thread_default_context(void)

188	189	OSSL_LIB_CTX ctx = OPENSSL_zalloc(sizeof(ctx));
189	190
190	191	if (ctx != NULL && !context_init(ctx)) {
191		OSSL_LIB_CTX_free(ctx);
	192	OPENSSL_free(ctx);
192	193	ctx = NULL;
193	194	}
194	195	return ctx;

+11

-12

crypto/core_namemap.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

36	36	CRYPTO_RWLOCK *lock;
37	37	LHASH_OF(NAMENUM_ENTRY) namenum; / Name->number mapping */
38	38
39		#ifdef tsan_ld_acq
40		TSAN_QUALIFIER int max_number; /* Current max number TSAN version */
41		#else
42		int max_number; /* Current max number plain version */
43		#endif
	39	TSAN_QUALIFIER int max_number; /* Current max number */
44	40	};
45	41
46	42	/* LHASH callbacks */

98	94
99	95	int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
100	96	{
101		#ifdef tsan_ld_acq
102		/* Have TSAN support */
103		return namemap == NULL \|\| tsan_load(&namemap->max_number) == 0;
104		#else
	97	#ifdef TSAN_REQUIRES_LOCKING
105	98	/* No TSAN support */
106	99	int rv;
107	100

113	106	rv = namemap->max_number == 0;
114	107	CRYPTO_THREAD_unlock(namemap->lock);
115	108	return rv;
	109	#else
	110	/* Have TSAN support */
	111	return namemap == NULL \|\| tsan_load(&namemap->max_number) == 0;
116	112	#endif
117	113	}
118	114

259	255	\|\| (namenum->name = OPENSSL_strndup(name, name_len)) == NULL)
260	256	goto err;
261	257
	258	/* The tsan_counter use here is safe since we're under lock */
262	259	namenum->number =
263	260	number != 0 ? number : 1 + tsan_counter(&namemap->max_number);
264	261	(void)lh_NAMENUM_ENTRY_insert(namemap->namenum, namenum);

408	405	{
409	406	const EVP_CIPHER cipher = (void )OBJ_NAME_get(on->name, on->type);
410	407
411		get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg);
	408	if (cipher != NULL)
	409	get_legacy_evp_names(NID_undef, EVP_CIPHER_get_type(cipher), NULL, arg);
412	410	}
413	411
414	412	static void get_legacy_md_names(const OBJ_NAME on, void arg)
415	413	{
416	414	const EVP_MD md = (void )OBJ_NAME_get(on->name, on->type);
417	415
418		get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg);
	416	if (md != NULL)
	417	get_legacy_evp_names(0, EVP_MD_get_type(md), NULL, arg);
419	418	}
420	419
421	420	static void get_legacy_pkey_meth_names(const EVP_PKEY_ASN1_METHOD *ameth,

+2

-2

crypto/dh/dh_ameth.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

510	510	DH_set_flags(dh, type == EVP_PKEY_DH ? DH_FLAG_TYPE_DH : DH_FLAG_TYPE_DHX);
511	511
512	512	if (!ossl_dh_params_fromdata(dh, params)
513		\|\| !ossl_dh_key_fromdata(dh, params)
	513	\|\| !ossl_dh_key_fromdata(dh, params, 1)
514	514	\|\| !EVP_PKEY_assign(pkey, type, dh)) {
515	515	DH_free(dh);
516	516	return 0;

+12

-7

crypto/dh/dh_backend.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

62	62	return 1;
63	63	}
64	64
65		int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[])
	65	int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private)
66	66	{
67	67	const OSSL_PARAM param_priv_key, param_pub_key;
68	68	BIGNUM priv_key = NULL, pub_key = NULL;

73	73	param_priv_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
74	74	param_pub_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
75	75
76		if ((param_priv_key != NULL
77		&& !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
78		\|\| (param_pub_key != NULL
79		&& !OSSL_PARAM_get_BN(param_pub_key, &pub_key)))
	76	if (include_private
	77	&& param_priv_key != NULL
	78	&& !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
	79	goto err;
	80
	81	if (param_pub_key != NULL
	82	&& !OSSL_PARAM_get_BN(param_pub_key, &pub_key))
80	83	goto err;
81	84
82	85	if (!DH_set0_key(dh, pub_key, priv_key))

102	105	return 1;
103	106	}
104	107
105		int ossl_dh_key_todata(DH dh, OSSL_PARAM_BLD bld, OSSL_PARAM params[])
	108	int ossl_dh_key_todata(DH dh, OSSL_PARAM_BLD bld, OSSL_PARAM params[],
	109	int include_private)
106	110	{
107	111	const BIGNUM priv = NULL, pub = NULL;
108	112

111	115
112	116	DH_get0_key(dh, &pub, &priv);
113	117	if (priv != NULL
	118	&& include_private
114	119	&& !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PRIV_KEY, priv))
115	120	return 0;
116	121	if (pub != NULL

+5

-8

crypto/dh/dh_key.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

374	374	int err_reason = DH_R_BN_ERROR;
375	375	BIGNUM *pubkey = NULL;
376	376	const BIGNUM *p;
377		size_t p_size;
	377	int ret;
378	378
379	379	if ((pubkey = BN_bin2bn(buf, len, NULL)) == NULL)
380	380	goto err;
381	381	DH_get0_pqg(dh, &p, NULL, NULL);
382		if (p == NULL \|\| (p_size = BN_num_bytes(p)) == 0) {
	382	if (p == NULL \|\| BN_num_bytes(p) == 0) {
383	383	err_reason = DH_R_NO_PARAMETERS_SET;
384	384	goto err;
385	385	}
386		/*
387		* As per Section 4.2.8.1 of RFC 8446 fail if DHE's
388		* public key is of size not equal to size of p
389		*/
390		if (BN_is_zero(pubkey) \|\| p_size != len) {
	386	/* Prevent small subgroup attacks per RFC 8446 Section 4.2.8.1 */
	387	if (!ossl_dh_check_pub_key_partial(dh, pubkey, &ret)) {
391	388	err_reason = DH_R_INVALID_PUBKEY;
392	389	goto err;
393	390	}

+2

-2

crypto/dsa/dsa_ameth.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

484	484	}
485	485
486	486	if (!ossl_dsa_ffc_params_fromdata(dsa, params)
487		\|\| !ossl_dsa_key_fromdata(dsa, params)
	487	\|\| !ossl_dsa_key_fromdata(dsa, params, 1)
488	488	\|\| !EVP_PKEY_assign_DSA(pkey, dsa)) {
489	489	DSA_free(dsa);
490	490	return 0;

+8

-5

crypto/dsa/dsa_backend.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

26	26	* implementations alike.
27	27	*/
28	28
29		int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[])
	29	int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[],
	30	int include_private)
30	31	{
31		const OSSL_PARAM param_priv_key, param_pub_key;
	32	const OSSL_PARAM param_priv_key = NULL, param_pub_key;
32	33	BIGNUM priv_key = NULL, pub_key = NULL;
33	34
34	35	if (dsa == NULL)
35	36	return 0;
36	37
37		param_priv_key =
38		OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
	38	if (include_private) {
	39	param_priv_key =
	40	OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
	41	}
39	42	param_pub_key =
40	43	OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
41	44

+2

-2

crypto/ec/asm/ecp_nistp521-ppc64.pl less more

0	0	#! /usr/bin/env perl
1		# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3		# Licensed under the OpenSSL license (the "License"). You may not use
	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy
5	5	# in the file LICENSE in the source distribution or at
6	6	# https://www.openssl.org/source/license.html

+2

-2

crypto/ec/curve448/arch_64/arch_intrinsics.h less more

0	0	/*
1		* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2016 Cryptography Research, Inc.
3	3	*
4		* Licensed under the OpenSSL license (the "License"). You may not use
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	5	* this file except in compliance with the License. You can obtain a copy
6	6	* in the file LICENSE in the source distribution or at
7	7	* https://www.openssl.org/source/license.html

+2

-2

crypto/ec/curve448/arch_64/f_impl.h less more

0	0	/*
1		* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2014-2016 Cryptography Research, Inc.
3	3	*
4		* Licensed under the OpenSSL license (the "License"). You may not use
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	5	* this file except in compliance with the License. You can obtain a copy
6	6	* in the file LICENSE in the source distribution or at
7	7	* https://www.openssl.org/source/license.html

+2

-2

crypto/ec/curve448/arch_64/f_impl64.c less more

0	0	/*
1		* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2014 Cryptography Research, Inc.
3	3	*
4		* Licensed under the OpenSSL license (the "License"). You may not use
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	5	* this file except in compliance with the License. You can obtain a copy
6	6	* in the file LICENSE in the source distribution or at
7	7	* https://www.openssl.org/source/license.html

+3

-3

crypto/ec/ec_lib.c less more

0	0	/*
1		* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

1709	1709	ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING);
1710	1710	if (ptmp != NULL
1711	1711	&& !ossl_ec_encoding_param2id(ptmp, &encoding_flag)) {
1712		ECerr(0, EC_R_INVALID_ENCODING);
1713		return 0;
	1712	ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
	1713	goto err;
1714	1714	}
1715	1715	if (encoding_flag == OPENSSL_EC_NAMED_CURVE) {
1716	1716	ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);

+1

-1

crypto/ec/ec_print.c less more

67	67	len = strlen(hex) / 2;
68	68	oct_buf = OPENSSL_malloc(len);
69	69	if (oct_buf == NULL)
70		return NULL;
	70	goto err;
71	71
72	72	if (!OPENSSL_hexstr2buf_ex(oct_buf, len, &oct_buf_len, hex, '\0')
73	73	\|\| !EC_POINT_oct2point(group, pt, oct_buf, oct_buf_len, ctx))

+3

-3

crypto/ec/ecp_s390x_nistp.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

115	115	/* Otherwise use default. */
116	116	if (rc == -1)
117	117	rc = ossl_ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
118		OPENSSL_cleanse(param + S390X_OFF_SCALAR(len), len);
	118	OPENSSL_cleanse(param, sizeof(param));
119	119	BN_CTX_end(ctx);
120	120	BN_CTX_free(new_ctx);
121	121	return rc;

211	211
212	212	ok = 1;
213	213	ret:
214		OPENSSL_cleanse(param + S390X_OFF_K(len), 2 * len);
	214	OPENSSL_cleanse(param, sizeof(param));
215	215	if (ok != 1) {
216	216	ECDSA_SIG_free(sig);
217	217	sig = NULL;

+7

-5

crypto/encode_decode/decoder_meth.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

338	338	{
339	339	OSSL_METHOD_STORE *store = get_decoder_store(methdata->libctx);
340	340	OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx);
	341	const char *const propq = properties != NULL ? properties : "";
341	342	void *method = NULL;
342	343	int unsupported = 0;
343	344

366	367	unsupported = 1;
367	368
368	369	if (id == 0
369		\|\| !ossl_method_store_cache_get(store, NULL, id, properties, &method)) {
	370	\|\| !ossl_method_store_cache_get(store, NULL, id, propq, &method)) {
370	371	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
371	372	get_tmp_decoder_store,
372	373	get_decoder_from_store,

374	375	construct_decoder,
375	376	destruct_decoder
376	377	};
	378	OSSL_PROVIDER *prov = NULL;
377	379
378	380	methdata->id = id;
379	381	methdata->names = name;
380		methdata->propquery = properties;
	382	methdata->propquery = propq;
381	383	methdata->flag_construct_error_occurred = 0;
382	384	if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_DECODER,
383		NULL, 0 /* !force_cache */,
	385	&prov, 0 /* !force_cache */,
384	386	&mcm, methdata)) != NULL) {
385	387	/*
386	388	* If construction did create a method for us, we know that

391	393	if (id == 0 && name != NULL)
392	394	id = ossl_namemap_name2num(namemap, name);
393	395	if (id != 0)
394		ossl_method_store_cache_set(store, NULL, id, properties, method,
	396	ossl_method_store_cache_set(store, prov, id, propq, method,
395	397	up_ref_decoder, free_decoder);
396	398	}
397	399

+7

-5

crypto/encode_decode/encoder_meth.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

348	348	{
349	349	OSSL_METHOD_STORE *store = get_encoder_store(methdata->libctx);
350	350	OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx);
	351	const char *const propq = properties != NULL ? properties : "";
351	352	void *method = NULL;
352	353	int unsupported = 0;
353	354

376	377	unsupported = 1;
377	378
378	379	if (id == 0
379		\|\| !ossl_method_store_cache_get(store, NULL, id, properties, &method)) {
	380	\|\| !ossl_method_store_cache_get(store, NULL, id, propq, &method)) {
380	381	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
381	382	get_tmp_encoder_store,
382	383	get_encoder_from_store,

384	385	construct_encoder,
385	386	destruct_encoder
386	387	};
	388	OSSL_PROVIDER *prov = NULL;
387	389
388	390	methdata->id = id;
389	391	methdata->names = name;
390		methdata->propquery = properties;
	392	methdata->propquery = propq;
391	393	methdata->flag_construct_error_occurred = 0;
392	394	if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_ENCODER,
393		NULL, 0 /* !force_cache */,
	395	&prov, 0 /* !force_cache */,
394	396	&mcm, methdata)) != NULL) {
395	397	/*
396	398	* If construction did create a method for us, we know that

400	402	*/
401	403	if (id == 0)
402	404	id = ossl_namemap_name2num(namemap, name);
403		ossl_method_store_cache_set(store, NULL, id, properties, method,
	405	ossl_method_store_cache_set(store, prov, id, propq, method,
404	406	up_ref_encoder, free_encoder);
405	407	}
406	408

+6

-1

crypto/encode_decode/encoder_pkey.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

253	253	* First, collect the keymgmt names, then the encoders that match.
254	254	*/
255	255	keymgmt_data.names = sk_OPENSSL_CSTRING_new_null();
	256	if (keymgmt_data.names == NULL) {
	257	ERR_raise(ERR_LIB_OSSL_ENCODER, ERR_R_MALLOC_FAILURE);
	258	goto err;
	259	}
	260
256	261	keymgmt_data.error_occurred = 0;
257	262	EVP_KEYMGMT_names_do_all(pkey->keymgmt, collect_name, &keymgmt_data);
258	263	if (keymgmt_data.error_occurred) {

+11

-2

crypto/engine/eng_dyn.c less more

0	0	/*
1		* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

450	450	* We fail if the version checker veto'd the load or if it is
451	451	* deferring to us (by returning its version) and we think it is too
452	452	* old.
	453	* Unfortunately the version checker does not distinguish between
	454	* engines built for openssl 1.1.x and openssl 3.x, but loading
	455	* an engine that is built for openssl 1.1.x will cause a fatal
	456	* error. Detect such engines, since EVP_PKEY_base_id is exported
	457	* as a function in openssl 1.1.x, while it is a macro in openssl 3.x,
	458	* and therefore only the symbol EVP_PKEY_get_base_id is available
	459	* in openssl 3.x.
453	460	*/
454		if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
	461	if (vcheck_res < OSSL_DYNAMIC_OLDEST
	462	\|\| DSO_bind_func(ctx->dynamic_dso,
	463	"EVP_PKEY_base_id") != NULL) {
455	464	/* Fail */
456	465	ctx->bind_engine = NULL;
457	466	ctx->v_check = NULL;

+18

-7

crypto/evp/ctrl_params_translate.c less more

0	0	/*
1		* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

1003	1003	return 0;
1004	1004
1005	1005	if (state == PRE_CTRL_TO_PARAMS) {
1006		ctx->p2 = (char *)ossl_ffc_named_group_get_name
1007		(ossl_ffc_uid_to_dh_named_group(ctx->p1));
	1006	if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
	1007	(ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
	1008	ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
	1009	return 0;
	1010	}
1008	1011	ctx->p1 = 0;
1009	1012	}
1010	1013

1027	1030
1028	1031	switch (state) {
1029	1032	case PRE_CTRL_TO_PARAMS:
1030		ctx->p2 = (char *)ossl_ffc_named_group_get_name
1031		(ossl_ffc_uid_to_dh_named_group(ctx->p1));
	1033	if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
	1034	(ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) {
	1035	ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
	1036	return 0;
	1037	}
	1038
1032	1039	ctx->p1 = 0;
1033	1040	break;
1034	1041
1035	1042	case PRE_CTRL_STR_TO_PARAMS:
1036	1043	if (ctx->p2 == NULL)
1037	1044	return 0;
1038		ctx->p2 = (char *)ossl_ffc_named_group_get_name
1039		(ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)));
	1045	if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name
	1046	(ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2)))) == NULL) {
	1047	ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
	1048	return 0;
	1049	}
	1050
1040	1051	ctx->p1 = 0;
1041	1052	break;
1042	1053

+47

-31

crypto/evp/digest.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

24	24	#include "crypto/evp.h"
25	25	#include "evp_local.h"
26	26
27
28		void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force)
	27	static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force)
	28	{
	29	if (ctx->digest != NULL) {
	30	if (ctx->digest->cleanup != NULL
	31	&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
	32	ctx->digest->cleanup(ctx);
	33	if (ctx->md_data != NULL && ctx->digest->ctx_size > 0
	34	&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)
	35	\|\| force)) {
	36	OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
	37	ctx->md_data = NULL;
	38	}
	39	}
	40	}
	41
	42	void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force, int keep_fetched)
29	43	{
30	44	if (ctx->algctx != NULL) {
31	45	if (ctx->digest != NULL && ctx->digest->freectx != NULL)

40	54	* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
41	55	* sometimes only copies of the context are ever finalised.
42	56	*/
43		if (ctx->digest && ctx->digest->cleanup
44		&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
45		ctx->digest->cleanup(ctx);
46		if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
47		&& (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE) \|\| force))
48		OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
	57	cleanup_old_md_data(ctx, force);
49	58	if (force)
50	59	ctx->digest = NULL;
51	60

55	64	#endif
56	65
57	66	/* Non legacy code, this has to be later than the ctx->digest cleaning */
58		EVP_MD_free(ctx->fetched_digest);
59		ctx->fetched_digest = NULL;
60		ctx->reqdigest = NULL;
61		}
62
63		/* This call frees resources associated with the context */
64		int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
	67	if (!keep_fetched) {
	68	EVP_MD_free(ctx->fetched_digest);
	69	ctx->fetched_digest = NULL;
	70	ctx->reqdigest = NULL;
	71	}
	72	}
	73
	74	static int evp_md_ctx_reset_ex(EVP_MD_CTX *ctx, int keep_fetched)
65	75	{
66	76	if (ctx == NULL)
67	77	return 1;

77	87	}
78	88	#endif
79	89
80		evp_md_ctx_clear_digest(ctx, 0);
81		OPENSSL_cleanse(ctx, sizeof(*ctx));
	90	evp_md_ctx_clear_digest(ctx, 0, keep_fetched);
	91	if (!keep_fetched)
	92	OPENSSL_cleanse(ctx, sizeof(*ctx));
82	93
83	94	return 1;
	95	}
	96
	97	/* This call frees resources associated with the context */
	98	int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
	99	{
	100	return evp_md_ctx_reset_ex(ctx, 0);
84	101	}
85	102
86	103	#ifndef FIPS_MODULE

206	223	#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
207	224	\|\| tmpimpl != NULL
208	225	#endif
209		\|\| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) {
	226	\|\| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0
	227	\|\| type->origin == EVP_ORIG_METH) {
210	228	if (ctx->digest == ctx->fetched_digest)
211	229	ctx->digest = NULL;
212	230	EVP_MD_free(ctx->fetched_digest);

214	232	goto legacy;
215	233	}
216	234
217		if (ctx->digest != NULL && ctx->digest->ctx_size > 0) {
218		OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
219		ctx->md_data = NULL;
220		}
	235	cleanup_old_md_data(ctx, 1);
221	236
222	237	/* Start of non-legacy code below */
223	238

306	321	}
307	322	#endif
308	323	if (ctx->digest != type) {
309		if (ctx->digest && ctx->digest->ctx_size) {
310		OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
311		ctx->md_data = NULL;
312		}
	324	cleanup_old_md_data(ctx, 1);
	325
313	326	ctx->digest = type;
314	327	if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
315	328	ctx->update = type->update;

506	519
507	520	int EVP_MD_CTX_copy_ex(EVP_MD_CTX out, const EVP_MD_CTX in)
508	521	{
	522	int digest_change = 0;
509	523	unsigned char *tmp_buf;
510	524
511	525	if (in == NULL) {

519	533	if (out->fetched_digest != NULL)
520	534	EVP_MD_free(out->fetched_digest);
521	535	out = in;
522		return 1;
	536	goto clone_pkey;
523	537	}
524	538
525	539	if (in->digest->prov == NULL

531	545	return 0;
532	546	}
533	547
534		EVP_MD_CTX_reset(out);
535		if (out->fetched_digest != NULL)
	548	evp_md_ctx_reset_ex(out, 1);
	549	digest_change = (out->fetched_digest != in->fetched_digest);
	550	if (digest_change && out->fetched_digest != NULL)
536	551	EVP_MD_free(out->fetched_digest);
537	552	out = in;
538	553	/* NULL out pointers in case of error */
539	554	out->pctx = NULL;
540	555	out->algctx = NULL;
541	556
542		if (in->fetched_digest != NULL)
	557	if (digest_change && in->fetched_digest != NULL)
543	558	EVP_MD_up_ref(in->fetched_digest);
544	559
545	560	if (in->algctx != NULL) {

550	565	}
551	566	}
552	567
	568	clone_pkey:
553	569	/* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */
554	570	EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
555	571	#ifndef FIPS_MODULE

+8

-7

crypto/evp/evp_enc.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

594	594	const unsigned char *in, int inl)
595	595	{
596	596	int ret;
597		size_t soutl;
	597	size_t soutl, inl_ = (size_t)inl;
598	598	int blocksize;
599	599
600	600	if (outl != NULL) {

624	624	ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
625	625	return 0;
626	626	}
	627
627	628	ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl,
628		inl + (blocksize == 1 ? 0 : blocksize), in,
629		(size_t)inl);
	629	inl_ + (size_t)(blocksize == 1 ? 0 : blocksize),
	630	in, inl_);
630	631
631	632	if (ret) {
632	633	if (soutl > INT_MAX) {

742	743	{
743	744	int fix_len, cmpl = inl, ret;
744	745	unsigned int b;
745		size_t soutl;
	746	size_t soutl, inl_ = (size_t)inl;
746	747	int blocksize;
747	748
748	749	if (outl != NULL) {

772	773	return 0;
773	774	}
774	775	ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl,
775		inl + (blocksize == 1 ? 0 : blocksize), in,
776		(size_t)inl);
	776	inl_ + (size_t)(blocksize == 1 ? 0 : blocksize),
	777	in, inl_);
777	778
778	779	if (ret) {
779	780	if (soutl > INT_MAX) {

+6

-6

crypto/evp/evp_fetch.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

246	246	{
247	247	OSSL_METHOD_STORE *store = get_evp_method_store(methdata->libctx);
248	248	OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx);
	249	const char *const propq = properties != NULL ? properties : "";
249	250	uint32_t meth_id = 0;
250	251	void *method = NULL;
251	252	int unsupported = 0;

298	299	unsupported = 1;
299	300
300	301	if (meth_id == 0
301		\|\| !ossl_method_store_cache_get(store, prov, meth_id, properties,
302		&method)) {
	302	\|\| !ossl_method_store_cache_get(store, prov, meth_id, propq, &method)) {
303	303	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
304	304	get_tmp_evp_method_store,
305	305	get_evp_method_from_store,

311	311	methdata->operation_id = operation_id;
312	312	methdata->name_id = name_id;
313	313	methdata->names = name;
314		methdata->propquery = properties;
	314	methdata->propquery = propq;
315	315	methdata->method_from_algorithm = new_method;
316	316	methdata->refcnt_up_method = up_ref_method;
317	317	methdata->destruct_method = free_method;

329	329	name_id = ossl_namemap_name2num(namemap, name);
330	330	meth_id = evp_method_id(name_id, operation_id);
331	331	if (name_id != 0)
332		ossl_method_store_cache_set(store, prov, meth_id, properties,
	332	ossl_method_store_cache_set(store, prov, meth_id, propq,
333	333	method, up_ref_method, free_method);
334	334	}
335	335

348	348	ERR_raise_data(ERR_LIB_EVP, code,
349	349	"%s, Algorithm (%s : %d), Properties (%s)",
350	350	ossl_lib_ctx_get_descriptor(methdata->libctx),
351		name = NULL ? "<null>" : name, name_id,
	351	name == NULL ? "<null>" : name, name_id,
352	352	properties == NULL ? "<null>" : properties);
353	353	}
354	354

+22

-4

crypto/evp/exchange.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

305	305	/*
306	306	* Ensure that the key is provided, either natively, or as a cached
307	307	* export. We start by fetching the keymgmt with the same name as
308		* \|ctx->pkey\|, but from the provider of the exchange method, using
	308	* \|ctx->keymgmt\|, but from the provider of the exchange method, using
309	309	* the same property query as when fetching the exchange method.
310	310	* With the keymgmt we found (if we did), we try to export \|ctx->pkey\|
311	311	* to it (evp_pkey_export_to_provider() is smart enough to only actually

379	379	int ret = 0, check;
380	380	void *provkey = NULL;
381	381	EVP_PKEY_CTX *check_ctx = NULL;
	382	EVP_KEYMGMT tmp_keymgmt = NULL, tmp_keymgmt_tofree = NULL;
382	383
383	384	if (ctx == NULL) {
384	385	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);

403	404	return -1;
404	405	}
405	406
406		provkey = evp_pkey_export_to_provider(peer, ctx->libctx, &ctx->keymgmt,
407		ctx->propquery);
	407	/*
	408	* Ensure that the \|peer\| is provided, either natively, or as a cached
	409	* export. We start by fetching the keymgmt with the same name as
	410	* \|ctx->keymgmt\|, but from the provider of the exchange method, using
	411	* the same property query as when fetching the exchange method.
	412	* With the keymgmt we found (if we did), we try to export \|peer\|
	413	* to it (evp_pkey_export_to_provider() is smart enough to only actually
	414	* export it if \|tmp_keymgmt\| is different from \|peer\|'s keymgmt)
	415	*/
	416	tmp_keymgmt_tofree = tmp_keymgmt =
	417	evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)
	418	EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange),
	419	EVP_KEYMGMT_get0_name(ctx->keymgmt),
	420	ctx->propquery);
	421	if (tmp_keymgmt != NULL)
	422	provkey = evp_pkey_export_to_provider(peer, ctx->libctx,
	423	&tmp_keymgmt, ctx->propquery);
	424	EVP_KEYMGMT_free(tmp_keymgmt_tofree);
	425
408	426	/*
409	427	* If making the key provided wasn't possible, legacy may be able to pick
410	428	* it up

+2

-2

crypto/evp/keymgmt_lib.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

369	369	* but also to determine if we should attempt a cross export
370	370	* the other way. There's no point doing it both ways.
371	371	*/
372		int ok = 1;
	372	int ok = 0;
373	373
374	374	/* Complex case, where the keymgmt differ */
375	375	if (keymgmt1 != NULL

+4

-4

crypto/evp/m_sigver.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

230	230	* We're about to get a new digest so clear anything associated with
231	231	* an old digest.
232	232	*/
233		evp_md_ctx_clear_digest(ctx, 1);
	233	evp_md_ctx_clear_digest(ctx, 1, 0);
234	234
235	235	/* legacy code support for engines */
236	236	ERR_set_mark();

479	479	if (sigret == NULL \|\| (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)
480	480	return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
481	481	sigret, siglen,
482		(siglen == NULL) ? 0 : *siglen);
	482	sigret == NULL ? 0 : *siglen);
483	483	dctx = EVP_PKEY_CTX_dup(pctx);
484	484	if (dctx == NULL)
485	485	return 0;
486	486
487	487	r = dctx->op.sig.signature->digest_sign_final(dctx->op.sig.algctx,
488	488	sigret, siglen,
489		(siglen == NULL) ? 0 : *siglen);
	489	*siglen);
490	490	EVP_PKEY_CTX_free(dctx);
491	491	return r;
492	492

+9

-0

crypto/evp/mac_meth.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
0	9	#include <openssl/evp.h>
1	10	#include <openssl/err.h>
2	11	#include <openssl/core.h>

+10

-5

crypto/evp/pmeth_gn.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

127	127	int EVP_PKEY_generate(EVP_PKEY_CTX ctx, EVP_PKEY *ppkey)
128	128	{
129	129	int ret = 0;
130		OSSL_CALLBACK cb;
131	130	EVP_PKEY *allocated_pkey = NULL;
132	131	/* Legacy compatible keygen callback info, only used with provider impls */
133	132	int gentmp[2];

364	363	OSSL_PARAM params[])
365	364	{
366	365	void *keydata = NULL;
	366	EVP_PKEY *allocated_pkey = NULL;
367	367
368	368	if (ctx == NULL \|\| (ctx->operation & EVP_PKEY_OP_FROMDATA) == 0) {
369	369	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

374	374	return -1;
375	375
376	376	if (*ppkey == NULL)
377		*ppkey = EVP_PKEY_new();
	377	allocated_pkey = *ppkey = EVP_PKEY_new();
378	378
379	379	if (*ppkey == NULL) {
380	380	ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);

382	382	}
383	383
384	384	keydata = evp_keymgmt_util_fromdata(*ppkey, ctx->keymgmt, selection, params);
385		if (keydata == NULL)
386		return 0;
	385	if (keydata == NULL) {
	386	if (allocated_pkey != NULL) {
	387	*ppkey = NULL;
	388	EVP_PKEY_free(allocated_pkey);
	389	}
	390	return 0;
	391	}
387	392	/* keydata is cached in ppkey, so we need not bother with it further /
388	393	return 1;
389	394	}

+2

-1

crypto/ffc/ffc_backend.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

36	36	const DH_NAMED_GROUP *group = NULL;
37	37
38	38	if (prm->data_type != OSSL_PARAM_UTF8_STRING
	39	\|\| prm->data == NULL
39	40	\|\| (group = ossl_ffc_name_to_dh_named_group(prm->data)) == NULL
40	41	\|\| !ossl_ffc_named_group_set_pqg(ffc, group))
41	42	#endif

+11

-4

crypto/http/http_client.c less more

0	0	/*
1		* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright Siemens AG 2018-2020
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

946	946	}
947	947	/* now overall_timeout is guaranteed to be >= 0 */
948	948
	949	/* adapt in order to fix callback design flaw, see #17088 */
949	950	/* callback can be used to wrap or prepend TLS session */
950	951	if (bio_update_fn != NULL) {
951	952	BIO *orig_bio = cbio;

1196	1197
1197	1198	int OSSL_HTTP_close(OSSL_HTTP_REQ_CTX *rctx, int ok)
1198	1199	{
	1200	BIO *wbio;
1199	1201	int ret = 1;
1200	1202
1201		/* callback can be used to clean up TLS session on disconnect */
1202		if (rctx != NULL && rctx->upd_fn != NULL)
1203		ret = (*rctx->upd_fn)(rctx->wbio, rctx->upd_arg, 0, ok) != NULL;
	1203	/* callback can be used to finish TLS session and free its BIO */
	1204	if (rctx != NULL && rctx->upd_fn != NULL) {
	1205	wbio = (*rctx->upd_fn)(rctx->wbio, rctx->upd_arg,
	1206	0 /* disconnect */, ok);
	1207	ret = wbio != NULL;
	1208	if (ret)
	1209	rctx->wbio = wbio;
	1210	}
1204	1211	OSSL_HTTP_REQ_CTX_free(rctx);
1205	1212	return ret;
1206	1213	}

+21

-6

crypto/lhash/lh_stats.c less more

0	0	/*
1		* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

60	60
61	61	void OPENSSL_LH_stats_bio(const OPENSSL_LHASH lh, BIO out)
62	62	{
	63	int omit_tsan = 0;
	64
	65	#ifdef TSAN_REQUIRES_LOCKING
	66	if (!CRYPTO_THREAD_read_lock(lh->tsan_lock)) {
	67	BIO_printf(out, "unable to lock table, omitting TSAN counters\n");
	68	omit_tsan = 1;
	69	}
	70	#endif
63	71	BIO_printf(out, "num_items = %lu\n", lh->num_items);
64	72	BIO_printf(out, "num_nodes = %u\n", lh->num_nodes);
65	73	BIO_printf(out, "num_alloc_nodes = %u\n", lh->num_alloc_nodes);

67	75	BIO_printf(out, "num_expand_reallocs = %lu\n", lh->num_expand_reallocs);
68	76	BIO_printf(out, "num_contracts = %lu\n", lh->num_contracts);
69	77	BIO_printf(out, "num_contract_reallocs = %lu\n", lh->num_contract_reallocs);
70		BIO_printf(out, "num_hash_calls = %lu\n", lh->num_hash_calls);
71		BIO_printf(out, "num_comp_calls = %lu\n", lh->num_comp_calls);
	78	if (!omit_tsan) {
	79	BIO_printf(out, "num_hash_calls = %lu\n", lh->num_hash_calls);
	80	BIO_printf(out, "num_comp_calls = %lu\n", lh->num_comp_calls);
	81	}
72	82	BIO_printf(out, "num_insert = %lu\n", lh->num_insert);
73	83	BIO_printf(out, "num_replace = %lu\n", lh->num_replace);
74	84	BIO_printf(out, "num_delete = %lu\n", lh->num_delete);
75	85	BIO_printf(out, "num_no_delete = %lu\n", lh->num_no_delete);
76		BIO_printf(out, "num_retrieve = %lu\n", lh->num_retrieve);
77		BIO_printf(out, "num_retrieve_miss = %lu\n", lh->num_retrieve_miss);
78		BIO_printf(out, "num_hash_comps = %lu\n", lh->num_hash_comps);
	86	if (!omit_tsan) {
	87	BIO_printf(out, "num_retrieve = %lu\n", lh->num_retrieve);
	88	BIO_printf(out, "num_retrieve_miss = %lu\n", lh->num_retrieve_miss);
	89	BIO_printf(out, "num_hash_comps = %lu\n", lh->num_hash_comps);
	90	#ifdef TSAN_REQUIRES_LOCKING
	91	CRYPTO_THREAD_unlock(lh->tsan_lock);
	92	#endif
	93	}
79	94	}
80	95
81	96	void OPENSSL_LH_node_stats_bio(const OPENSSL_LHASH lh, BIO out)

+51

-18

crypto/lhash/lhash.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

43	43	static void contract(OPENSSL_LHASH *lh);
44	44	static OPENSSL_LH_NODE *getrn(OPENSSL_LHASH lh, const void data, unsigned long rhash);
45	45
	46	static ossl_inline int tsan_lock(const OPENSSL_LHASH *lh)
	47	{
	48	#ifdef TSAN_REQUIRES_LOCKING
	49	if (!CRYPTO_THREAD_write_lock(lh->tsan_lock))
	50	return 0;
	51	#endif
	52	return 1;
	53	}
	54
	55	static ossl_inline void tsan_unlock(const OPENSSL_LHASH *lh)
	56	{
	57	#ifdef TSAN_REQUIRES_LOCKING
	58	CRYPTO_THREAD_unlock(lh->tsan_lock);
	59	#endif
	60	}
	61
46	62	OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c)
47	63	{
48	64	OPENSSL_LHASH *ret;

57	73	}
58	74	if ((ret->b = OPENSSL_zalloc(sizeof(ret->b) MIN_NODES)) == NULL)
59	75	goto err;
	76	#ifdef TSAN_REQUIRES_LOCKING
	77	if ((ret->tsan_lock = CRYPTO_THREAD_lock_new()) == NULL)
	78	goto err;
	79	#endif
60	80	ret->comp = ((c == NULL) ? (OPENSSL_LH_COMPFUNC)strcmp : c);
61	81	ret->hash = ((h == NULL) ? (OPENSSL_LH_HASHFUNC)OPENSSL_LH_strhash : h);
62	82	ret->num_nodes = MIN_NODES / 2;

78	98	return;
79	99
80	100	OPENSSL_LH_flush(lh);
	101	#ifdef TSAN_REQUIRES_LOCKING
	102	CRYPTO_THREAD_lock_free(lh->tsan_lock);
	103	#endif
81	104	OPENSSL_free(lh->b);
82	105	OPENSSL_free(lh);
83	106	}

165	188	{
166	189	unsigned long hash;
167	190	OPENSSL_LH_NODE **rn;
168		void *ret;
169
	191
	192	/*-
	193	* This should be atomic without tsan.
	194	* It's not clear why it was done this way and not elsewhere.
	195	*/
170	196	tsan_store((TSAN_QUALIFIER int *)&lh->error, 0);
171	197
172	198	rn = getrn(lh, data, &hash);
173	199
174		if (*rn == NULL) {
175		tsan_counter(&lh->num_retrieve_miss);
176		return NULL;
177		} else {
178		ret = (*rn)->data;
179		tsan_counter(&lh->num_retrieve);
180		}
181
182		return ret;
	200	if (tsan_lock(lh)) {
	201	tsan_counter(*rn == NULL ? &lh->num_retrieve_miss : &lh->num_retrieve);
	202	tsan_unlock(lh);
	203	}
	204	return rn == NULL ? NULL : (rn)->data;
183	205	}
184	206
185	207	static void doall_util_fn(OPENSSL_LHASH *lh, int use_arg,

306	328	OPENSSL_LH_NODE *ret, n1;
307	329	unsigned long hash, nn;
308	330	OPENSSL_LH_COMPFUNC cf;
309
	331	int do_tsan = 1;
	332
	333	#ifdef TSAN_REQUIRES_LOCKING
	334	do_tsan = tsan_lock(lh);
	335	#endif
310	336	hash = (*(lh->hash)) (data);
311		tsan_counter(&lh->num_hash_calls);
	337	if (do_tsan)
	338	tsan_counter(&lh->num_hash_calls);
312	339	*rhash = hash;
313	340
314	341	nn = hash % lh->pmax;

318	345	cf = lh->comp;
319	346	ret = &(lh->b[(int)nn]);
320	347	for (n1 = *ret; n1 != NULL; n1 = n1->next) {
321		tsan_counter(&lh->num_hash_comps);
	348	if (do_tsan)
	349	tsan_counter(&lh->num_hash_comps);
322	350	if (n1->hash != hash) {
323	351	ret = &(n1->next);
324	352	continue;
325	353	}
326		tsan_counter(&lh->num_comp_calls);
	354	if (do_tsan)
	355	tsan_counter(&lh->num_comp_calls);
327	356	if (cf(n1->data, data) == 0)
328	357	break;
329	358	ret = &(n1->next);
330	359	}
	360	if (do_tsan)
	361	tsan_unlock(lh);
331	362	return ret;
332	363	}
333	364

351	382	v = n \| (*c);
352	383	n += 0x100;
353	384	r = (int)((v >> 2) ^ v) & 0x0f;
354		ret = (ret << r) \| (ret >> (32 - r));
	385	/* cast to uint64_t to avoid 32 bit shift of 32 bit value */
	386	ret = (ret << r) \| (unsigned long)((uint64_t)ret >> (32 - r));
355	387	ret &= 0xFFFFFFFFL;
356	388	ret ^= v * v;
357	389	c++;

372	404	for (n = 0x100; *c != '\0'; n += 0x100) {
373	405	v = n \| ossl_tolower(*c);
374	406	r = (int)((v >> 2) ^ v) & 0x0f;
375		ret = (ret << r) \| (ret >> (32 - r));
	407	/* cast to uint64_t to avoid 32 bit shift of 32 bit value */
	408	ret = (ret << r) \| (unsigned long)((uint64_t)ret >> (32 - r));
376	409	ret &= 0xFFFFFFFFL;
377	410	ret ^= v * v;
378	411	c++;

+4

-1

crypto/lhash/lhash_local.h less more

0	0	/*
1		* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

40	40	TSAN_QUALIFIER unsigned long num_retrieve_miss;
41	41	TSAN_QUALIFIER unsigned long num_hash_comps;
42	42	int error;
	43	#ifdef TSAN_REQUIRES_LOCKING
	44	CRYPTO_RWLOCK *tsan_lock;
	45	#endif
43	46	};

+11

-5

crypto/mem.c less more

0	0	/*
1		* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

25	25	#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
26	26	# include "internal/tsan_assist.h"
27	27
	28	# ifdef TSAN_REQUIRES_LOCKING
	29	# define INCREMENT(x) /* empty */
	30	# define LOAD(x) 0
	31	# else /* TSAN_REQUIRES_LOCKING */
28	32	static TSAN_QUALIFIER int malloc_count;
29	33	static TSAN_QUALIFIER int realloc_count;
30	34	static TSAN_QUALIFIER int free_count;
31	35
32		# define INCREMENT(x) tsan_counter(&(x))
	36	# define INCREMENT(x) tsan_counter(&(x))
	37	# define LOAD(x) tsan_load(&x)
	38	# endif /* TSAN_REQUIRES_LOCKING */
33	39
34	40	static char *md_failstring;
35	41	static long md_count;

78	84	void CRYPTO_get_alloc_counts(int mcount, int rcount, int *fcount)
79	85	{
80	86	if (mcount != NULL)
81		*mcount = tsan_load(&malloc_count);
	87	*mcount = LOAD(malloc_count);
82	88	if (rcount != NULL)
83		*rcount = tsan_load(&realloc_count);
	89	*rcount = LOAD(realloc_count);
84	90	if (fcount != NULL)
85		*fcount = tsan_load(&free_count);
	91	*fcount = LOAD(free_count);
86	92	}
87	93
88	94	/*

+6

-6

crypto/o_str.c less more

0	0	/*
1		* Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2003-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

214	214	return ossl_hexstr2buf_sep(str, buflen, DEFAULT_SEPARATOR);
215	215	}
216	216
217		static int buf2hexstr_sep(char str, size_t str_n, size_t strlen,
	217	static int buf2hexstr_sep(char str, size_t str_n, size_t strlength,
218	218	const unsigned char *buf, size_t buflen,
219	219	const char sep)
220	220	{

225	225	int has_sep = (sep != CH_ZERO);
226	226	size_t len = has_sep ? buflen * 3 : 1 + buflen * 2;
227	227
228		if (strlen != NULL)
229		*strlen = len;
	228	if (strlength != NULL)
	229	*strlength = len;
230	230	if (str == NULL)
231	231	return 1;
232	232

252	252	return 1;
253	253	}
254	254
255		int OPENSSL_buf2hexstr_ex(char str, size_t str_n, size_t strlen,
	255	int OPENSSL_buf2hexstr_ex(char str, size_t str_n, size_t strlength,
256	256	const unsigned char *buf, size_t buflen,
257	257	const char sep)
258	258	{
259		return buf2hexstr_sep(str, str_n, strlen, buf, buflen, sep);
	259	return buf2hexstr_sep(str, str_n, strlength, buf, buflen, sep);
260	260	}
261	261
262	262	char ossl_buf2hexstr_sep(const unsigned char buf, long buflen, char sep)

+8

-0

crypto/objects/obj_compat.h less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
0	8
1	9	#ifndef OPENSSL_NO_DEPRECATED_3_0
2	10

+1

-1

crypto/objects/obj_dat.h less more

1	1	* WARNING: do not edit!
2	2	* Generated by crypto/objects/obj_dat.pl
3	3	*
4		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	4	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
5	5	* Licensed under the Apache License 2.0 (the "License"). You may not use
6	6	* this file except in compliance with the License. You can obtain a copy
7	7	* in the file LICENSE in the source distribution or at

+27

-11

crypto/passphrase.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

40	40	ossl_pw_clear_passphrase_data(data);
41	41	data->type = is_expl_passphrase;
42	42	data->_.expl_passphrase.passphrase_copy =
43		OPENSSL_memdup(passphrase, passphrase_len);
	43	passphrase_len != 0 ? OPENSSL_memdup(passphrase, passphrase_len)
	44	: OPENSSL_malloc(1);
44	45	if (data->_.expl_passphrase.passphrase_copy == NULL) {
45	46	ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
46	47	return 0;

108	109	* UI_METHOD processor. It differs from UI_UTIL_read_pw() like this:
109	110	*
110	111	* 1. It constructs a prompt on its own, based on \|prompt_info\|.
111		* 2. It allocates a buffer for verification on its own.
	112	* 2. It allocates a buffer for password and verification on its own
	113	* to compensate for NUL terminator in UI password strings.
112	114	* 3. It raises errors.
113	115	* 4. It reports back the length of the prompted pass phrase.
114	116	*/

116	118	const char *prompt_info, int verify,
117	119	const UI_METHOD ui_method, void ui_data)
118	120	{
119		char prompt = NULL, vpass = NULL;
120		int prompt_idx = -1, verify_idx = -1;
	121	char prompt = NULL, ipass = NULL, *vpass = NULL;
	122	int prompt_idx = -1, verify_idx = -1, res;
121	123	UI *ui = NULL;
122	124	int ret = 0;
123	125

144	146	goto end;
145	147	}
146	148
	149	/* Get a buffer for verification prompt */
	150	ipass = OPENSSL_zalloc(pass_size + 1);
	151	if (ipass == NULL) {
	152	ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
	153	goto end;
	154	}
	155
147	156	prompt_idx = UI_add_input_string(ui, prompt,
148	157	UI_INPUT_FLAG_DEFAULT_PWD,
149		pass, 0, pass_size - 1) - 1;
	158	ipass, 0, pass_size) - 1;
150	159	if (prompt_idx < 0) {
151	160	ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
152	161	goto end;

154	163
155	164	if (verify) {
156	165	/* Get a buffer for verification prompt */
157		vpass = OPENSSL_zalloc(pass_size);
	166	vpass = OPENSSL_zalloc(pass_size + 1);
158	167	if (vpass == NULL) {
159	168	ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
160	169	goto end;
161	170	}
162	171	verify_idx = UI_add_verify_string(ui, prompt,
163	172	UI_INPUT_FLAG_DEFAULT_PWD,
164		vpass, 0, pass_size - 1,
165		pass) - 1;
	173	vpass, 0, pass_size,
	174	ipass) - 1;
166	175	if (verify_idx < 0) {
167	176	ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
168	177	goto end;

177	186	ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
178	187	break;
179	188	default:
180		*pass_len = (size_t)UI_get_result_length(ui, prompt_idx);
	189	res = UI_get_result_length(ui, prompt_idx);
	190	if (res < 0) {
	191	ERR_raise(ERR_LIB_CRYPTO, ERR_R_UI_LIB);
	192	break;
	193	}
	194	*pass_len = (size_t)res;
	195	memcpy(pass, ipass, *pass_len);
181	196	ret = 1;
182	197	break;
183	198	}
184	199
185	200	end:
186		OPENSSL_free(vpass);
	201	OPENSSL_clear_free(vpass, pass_size + 1);
	202	OPENSSL_clear_free(ipass, pass_size + 1);
187	203	OPENSSL_free(prompt);
188	204	UI_free(ui);
189	205	return ret;

+12

-9

crypto/pem/pem_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

973	973	headerlen = BIO_get_mem_data(headerB, NULL);
974	974	*header = pem_malloc(headerlen + 1, flags);
975	975	*data = pem_malloc(len, flags);
976		if (header == NULL \|\| data == NULL) {
977		pem_free(*header, flags, 0);
978		pem_free(*data, flags, 0);
979		goto end;
980		}
981		BIO_read(headerB, *header, headerlen);
	976	if (header == NULL \|\| data == NULL)
	977	goto out_free;
	978	if (headerlen != 0 && BIO_read(headerB, *header, headerlen) != headerlen)
	979	goto out_free;
982	980	(*header)[headerlen] = '\0';
983		BIO_read(dataB, *data, len);
	981	if (BIO_read(dataB, *data, len) != len)
	982	goto out_free;
984	983	*len_out = len;
985	984	*name_out = name;
986	985	name = NULL;
987	986	ret = 1;
988
	987	goto end;
	988
	989	out_free:
	990	pem_free(*header, flags, 0);
	991	pem_free(*data, flags, 0);
989	992	end:
990	993	EVP_ENCODE_CTX_free(ctx);
991	994	pem_free(name, flags, 0);

+2

-2

crypto/pem/pem_pk8.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

135	135	if (enc \|\| (nid != -1)) {
136	136	if (kstr == NULL) {
137	137	klen = cb(buf, PEM_BUFSIZE, 1, u);
138		if (klen <= 0) {
	138	if (klen < 0) {
139	139	ERR_raise(ERR_LIB_PEM, PEM_R_READ_KEY);
140	140	goto legacy_end;
141	141	}

+5

-7

crypto/property/property.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

595	595	QUERY elem, *r;
596	596	int res = 0;
597	597
598		if (nid <= 0 \|\| store == NULL)
	598	if (nid <= 0 \|\| store == NULL \|\| prop_query == NULL)
599	599	return 0;
600	600
601	601	if (!ossl_property_read_lock(store))

604	604	if (alg == NULL)
605	605	goto err;
606	606
607		elem.query = prop_query != NULL ? prop_query : "";
	607	elem.query = prop_query;
608	608	elem.provider = prov;
609	609	r = lh_QUERY_retrieve(alg->cache, &elem);
610	610	if (r == NULL)

628	628	size_t len;
629	629	int res = 1;
630	630
631		if (nid <= 0 \|\| store == NULL)
632		return 0;
633		if (prop_query == NULL)
634		return 1;
	631	if (nid <= 0 \|\| store == NULL \|\| prop_query == NULL)
	632	return 0;
635	633
636	634	if (!ossl_assert(prov != NULL))
637	635	return 0;

+1

-1

crypto/property/property_string.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

+10

-4

crypto/provider_core.c less more

602	602	OSSL_PROVIDER tmpl = { 0, };
603	603	OSSL_PROVIDER *actualtmp = NULL;
604	604
	605	if (actualprov != NULL)
	606	*actualprov = NULL;
	607
605	608	if ((store = get_provider_store(prov->libctx)) == NULL)
606	609	return 0;
607	610

658	661	err:
659	662	CRYPTO_THREAD_unlock(store->lock);
660	663	if (actualprov != NULL)
661		ossl_provider_free(actualtmp);
	664	ossl_provider_free(*actualprov);
662	665	return 0;
663	666	}
664	667

1944	1947	const char *pkey_name)
1945	1948	{
1946	1949	int sign_nid = OBJ_txt2nid(sign_name);
1947		int digest_nid = OBJ_txt2nid(digest_name);
	1950	int digest_nid = NID_undef;
1948	1951	int pkey_nid = OBJ_txt2nid(pkey_name);
	1952
	1953	if (digest_name != NULL && digest_name[0] != '\0'
	1954	&& (digest_nid = OBJ_txt2nid(digest_name)) == NID_undef)
	1955	return 0;
1949	1956
1950	1957	if (sign_nid == NID_undef)
1951	1958	return 0;

1957	1964	if (OBJ_find_sigid_algs(sign_nid, NULL, NULL))
1958	1965	return 1;
1959	1966
1960		if (digest_nid == NID_undef
1961		\|\| pkey_nid == NID_undef)
	1967	if (pkey_nid == NID_undef)
1962	1968	return 0;
1963	1969
1964	1970	return OBJ_add_sigid(sign_nid, digest_nid, pkey_nid);

+1

-1

crypto/rand/rand_egd.c less more

79	79	# define AF_UNIX_PORTABILITY "$ZAFN2"
80	80	# define AF_UNIX_COMPATIBILITY "$ZPLS"
81	81
82		if (!_arg_present(transport) \|\| transport != NULL \|\| transport[0] == '\0')
	82	if (!_arg_present(transport) \|\| transport == NULL \|\| transport[0] == '\0')
83	83	return socket(family, type, protocol);
84	84
85	85	socket_transport_name_get(AF_UNIX, current_transport, 20);

+8

-1

crypto/rand/rand_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

528	528	EVP_RAND_CTX *ctx;
529	529	char *name;
530	530
	531	if (dgbl == NULL)
	532	return NULL;
531	533	name = dgbl->seed_name != NULL ? dgbl->seed_name : "SEED-SRC";
532	534	rand = EVP_RAND_fetch(libctx, name, dgbl->seed_propq);
533	535	if (rand == NULL) {

559	561	OSSL_PARAM params[7], *p = params;
560	562	char name, cipher;
561	563
	564	if (dgbl == NULL)
	565	return NULL;
562	566	name = dgbl->rng_name != NULL ? dgbl->rng_name : "CTR-DRBG";
563	567	rand = EVP_RAND_fetch(libctx, name, dgbl->rng_propq);
564	568	if (rand == NULL) {

757	761	ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_RANDOM_SECTION_ERROR);
758	762	return 0;
759	763	}
	764
	765	if (dgbl == NULL)
	766	return 0;
760	767
761	768	for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
762	769	cval = sk_CONF_VALUE_value(elist, i);

+3

-3

crypto/rsa/rsa_ameth.c less more

0	0	/*
1		* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

741	741	if (RSA_get0_n(rsa) == NULL \|\| RSA_get0_e(rsa) == NULL)
742	742	goto err;
743	743
744		if (!ossl_rsa_todata(rsa, tmpl, NULL))
	744	if (!ossl_rsa_todata(rsa, tmpl, NULL, 1))
745	745	goto err;
746	746
747	747	selection \|= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;

834	834	goto err;
835	835	}
836	836
837		if (!ossl_rsa_fromdata(rsa, params))
	837	if (!ossl_rsa_fromdata(rsa, params, 1))
838	838	goto err;
839	839
840	840	switch (rsa_type) {

+9

-7

crypto/rsa/rsa_backend.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

59	59	return 1;
60	60	}
61	61
62		int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[])
63		{
64		const OSSL_PARAM param_n, param_e, *param_d;
	62	int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private)
	63	{
	64	const OSSL_PARAM param_n, param_e, *param_d = NULL;
65	65	BIGNUM n = NULL, e = NULL, *d = NULL;
66	66	STACK_OF(BIGNUM) factors = NULL, exps = NULL, *coeffs = NULL;
67	67	int is_private = 0;

71	71
72	72	param_n = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_N);
73	73	param_e = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_E);
74		param_d = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_D);
	74	if (include_private)
	75	param_d = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_D);
75	76
76	77	if ((param_n != NULL && !OSSL_PARAM_get_BN(param_n, &n))
77	78	\|\| (param_e != NULL && !OSSL_PARAM_get_BN(param_e, &e))

117	118
118	119	DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
119	120
120		int ossl_rsa_todata(RSA rsa, OSSL_PARAM_BLD bld, OSSL_PARAM params[])
	121	int ossl_rsa_todata(RSA rsa, OSSL_PARAM_BLD bld, OSSL_PARAM params[],
	122	int include_private)
121	123	{
122	124	int ret = 0;
123	125	const BIGNUM rsa_d = NULL, rsa_n = NULL, *rsa_e = NULL;

136	138	goto err;
137	139
138	140	/* Check private key data integrity */
139		if (rsa_d != NULL) {
	141	if (include_private && rsa_d != NULL) {
140	142	int numprimes = sk_BIGNUM_const_num(factors);
141	143	int numexps = sk_BIGNUM_const_num(exps);
142	144	int numcoeffs = sk_BIGNUM_const_num(coeffs);

+4

-2

crypto/rsa/rsa_ossl.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

212	212	*/
213	213	int ret;
214	214
215		BN_BLINDING_lock(b);
	215	if (!BN_BLINDING_lock(b))
	216	return 0;
	217
216	218	ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
217	219	BN_BLINDING_unlock(b);
218	220

+7

-5

crypto/store/store_meth.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

279	279	{
280	280	OSSL_METHOD_STORE *store = get_loader_store(methdata->libctx);
281	281	OSSL_NAMEMAP *namemap = ossl_namemap_stored(methdata->libctx);
	282	const char *const propq = properties != NULL ? properties : "";
282	283	void *method = NULL;
283	284	int unsupported = 0;
284	285

308	309	unsupported = 1;
309	310
310	311	if (id == 0
311		\|\| !ossl_method_store_cache_get(store, NULL, id, properties, &method)) {
	312	\|\| !ossl_method_store_cache_get(store, NULL, id, propq, &method)) {
312	313	OSSL_METHOD_CONSTRUCT_METHOD mcm = {
313	314	get_tmp_loader_store,
314	315	get_loader_from_store,

316	317	construct_loader,
317	318	destruct_loader
318	319	};
	320	OSSL_PROVIDER *prov = NULL;
319	321
320	322	methdata->scheme_id = id;
321	323	methdata->scheme = scheme;
322		methdata->propquery = properties;
	324	methdata->propquery = propq;
323	325	methdata->flag_construct_error_occurred = 0;
324	326	if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_STORE,
325		NULL, 0 /* !force_cache */,
	327	&prov, 0 /* !force_cache */,
326	328	&mcm, methdata)) != NULL) {
327	329	/*
328	330	* If construction did create a method for us, we know that there

331	333	*/
332	334	if (id == 0)
333	335	id = ossl_namemap_name2num(namemap, scheme);
334		ossl_method_store_cache_set(store, NULL, id, properties, method,
	336	ossl_method_store_cache_set(store, prov, id, propq, method,
335	337	up_ref_loader, free_loader);
336	338	}
337	339

+15

-8

crypto/store/store_result.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

524	524
525	525	if (p12 != NULL) {
526	526	char *pass = NULL;
527		char tpass[PEM_BUFSIZE];
	527	char tpass[PEM_BUFSIZE + 1];
528	528	size_t tpass_len;
529	529	EVP_PKEY *pkey = NULL;
530	530	X509 *cert = NULL;

546	546	OSSL_PARAM_END
547	547	};
548	548
549		if (!ossl_pw_get_passphrase(tpass, sizeof(tpass), &tpass_len,
	549	if (!ossl_pw_get_passphrase(tpass, sizeof(tpass) - 1,
	550	&tpass_len,
550	551	pw_params, 0, &ctx->pwdata)) {
551	552	ERR_raise(ERR_LIB_OSSL_STORE,
552	553	OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR);
553	554	goto p12_end;
554	555	}
555	556	pass = tpass;
556		if (!PKCS12_verify_mac(p12, pass, strlen(pass))) {
	557	/*
	558	* ossl_pw_get_passphrase() does not NUL terminate but
	559	* we must do it for PKCS12_parse()
	560	*/
	561	pass[tpass_len] = '\0';
	562	if (!PKCS12_verify_mac(p12, pass, tpass_len)) {
557	563	ERR_raise_data(ERR_LIB_OSSL_STORE,
558	564	OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC,
559		strlen(pass) == 0 ? "empty password" :
	565	tpass_len == 0 ? "empty password" :
560	566	"maybe wrong password");
561	567	goto p12_end;
562	568	}

612	618	}
613	619	ctx->cached_info = infos;
614	620	}
615		}
616		p12_end:
617		PKCS12_free(p12);
	621	p12_end:
	622	OPENSSL_cleanse(tpass, sizeof(tpass));
	623	PKCS12_free(p12);
	624	}
618	625	*v = sk_OSSL_STORE_INFO_shift(ctx->cached_info);
619	626	}
620	627

+2

-19

crypto/threads_pthread.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

260	260	return 1;
261	261	}
262	262	# ifndef FIPS_MODULE
263		# ifdef OPENSSL_SYS_UNIX
264
265		static pthread_once_t fork_once_control = PTHREAD_ONCE_INIT;
266
267		static void fork_once_func(void)
268		{
269		# ifndef OPENSSL_NO_DEPRECATED_3_0
270		pthread_atfork(OPENSSL_fork_prepare,
271		OPENSSL_fork_parent, OPENSSL_fork_child);
272		# endif
273		}
274		# endif
275
276	263	int openssl_init_fork_handlers(void)
277	264	{
278		# ifdef OPENSSL_SYS_UNIX
279		if (pthread_once(&fork_once_control, fork_once_func) == 0)
280		return 1;
281		# endif
282		return 0;
	265	return 1;
283	266	}
284	267	# endif /* FIPS_MODULE */
285	268

+4

-1

crypto/trace.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

135	135	TRACE_CATEGORY_(PKCS12_DECRYPT),
136	136	TRACE_CATEGORY_(X509V3_POLICY),
137	137	TRACE_CATEGORY_(BN_CTX),
	138	TRACE_CATEGORY_(CMP),
138	139	TRACE_CATEGORY_(STORE),
139	140	TRACE_CATEGORY_(DECODER),
140	141	TRACE_CATEGORY_(ENCODER),

495	496	char *suffix = NULL;
496	497
497	498	category = ossl_trace_get_category(category);
	499	if (category < 0)
	500	return;
498	501	suffix = trace_channels[category].suffix;
499	502	if (channel != NULL
500	503	&& ossl_assert(channel == current_channel)) {

+5

-3

crypto/ui/ui_openssl.c less more

0	0	/*
1		* Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

550	550
551	551	static int close_console(UI *ui)
552	552	{
	553	int ret = 1;
	554
553	555	if (tty_in != stdin)
554	556	fclose(tty_in);
555	557	if (tty_out != stderr)

559	561	if (status != SS$_NORMAL) {
560	562	ERR_raise_data(ERR_LIB_UI, UI_R_SYSDASSGN_ERROR,
561	563	"status=%%X%08X", status);
562		return 0;
	564	ret = 0;
563	565	}
564	566	# endif
565	567	CRYPTO_THREAD_unlock(ui->lock);
566	568
567		return 1;
	569	return ret;
568	570	}
569	571
570	572	# if !defined(OPENSSL_SYS_WINCE)

+7

-4

crypto/ui/ui_util.c less more

0	0	/*
1		* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

72	72	static int ui_dup_method_data(CRYPTO_EX_DATA to, const CRYPTO_EX_DATA from,
73	73	void *pptr, int idx, long argl, void argp)
74	74	{
75		if (*pptr != NULL)
	75	if (*pptr != NULL) {
76	76	pptr = OPENSSL_memdup(pptr, sizeof(struct pem_password_cb_data));
77		return 1;
	77	if (*pptr != NULL)
	78	return 1;
	79	}
	80	return 0;
78	81	}
79	82
80	83	static void ui_free_method_data(void parent, void ptr, CRYPTO_EX_DATA *ad,

113	116
114	117	if (len >= 0)
115	118	result[len] = '\0';
116		if (len <= 0)
	119	if (len < 0)
117	120	return len;
118	121	if (UI_set_result_ex(ui, uis, result, len) >= 0)
119	122	return 1;

+2

-1

crypto/x509/v3_crld.c less more

0	0	/*
1		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

82	82	return -1;
83	83	dnsect = X509V3_get_section(ctx, cnf->value);
84	84	if (!dnsect) {
	85	X509_NAME_free(nm);
85	86	ERR_raise(ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND);
86	87	return -1;
87	88	}

+6

-4

crypto/x509/v3_sxnet.c less more

0	0	/*
1		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

166	166	goto err;
167	167	if (!ASN1_INTEGER_set(sx->version, 0))
168	168	goto err;
169		*psx = sx;
170	169	} else
171	170	sx = *psx;
172	171	if (SXNET_get_id_INTEGER(sx, zone)) {
173	172	ERR_raise(ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID);
	173	if (*psx == NULL)
	174	SXNET_free(sx);
174	175	return 0;
175	176	}
176	177

184	185	if (!sk_SXNETID_push(sx->ids, id))
185	186	goto err;
186	187	id->zone = zone;
	188	*psx = sx;
187	189	return 1;
188	190
189	191	err:
190	192	ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
191	193	SXNETID_free(id);
192		SXNET_free(sx);
193		*psx = NULL;
	194	if (*psx == NULL)
	195	SXNET_free(sx);
194	196	return 0;
195	197	}
196	198

+16

-5

crypto/x509/v3_utl.c less more

0	0	/*
1		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

538	538	return 0;
539	539
540	540	emtmp = OPENSSL_strndup((char *)email->data, email->length);
541		if (emtmp == NULL)
542		return 0;
	541	if (emtmp == NULL) {
	542	X509_email_free(*sk);
	543	*sk = NULL;
	544	return 0;
	545	}
543	546
544	547	/* Don't add duplicates */
545	548	if (sk_OPENSSL_STRING_find(*sk, emtmp) != -1) {

832	835	rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
833	836	else if (a->length == (int)blen && !memcmp(a->data, b, blen))
834	837	rv = 1;
835		if (rv > 0 && peername)
	838	if (rv > 0 && peername != NULL) {
836	839	peername = OPENSSL_strndup((char )a->data, a->length);
	840	if (*peername == NULL)
	841	return -1;
	842	}
837	843	} else {
838	844	int astrlen;
839	845	unsigned char *astr;

846	852	return -1;
847	853	}
848	854	rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
849		if (rv > 0 && peername)
	855	if (rv > 0 && peername != NULL) {
850	856	peername = OPENSSL_strndup((char )astr, astrlen);
	857	if (*peername == NULL) {
	858	OPENSSL_free(astr);
	859	return -1;
	860	}
	861	}
851	862	OPENSSL_free(astr);
852	863	}
853	864	return rv;

+26

-8

crypto/x509/x509_lu.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

320	320	stmp.type = X509_LU_NONE;
321	321	stmp.data.ptr = NULL;
322	322
323		X509_STORE_lock(store);
	323	if (!X509_STORE_lock(store))
	324	return 0;
	325
324	326	tmp = X509_OBJECT_retrieve_by_subject(store->objs, type, name);
325	327	X509_STORE_unlock(store);
326	328

370	372	return 0;
371	373	}
372	374
373		X509_STORE_lock(store);
	375	if (!X509_STORE_lock(store)) {
	376	obj->type = X509_LU_NONE;
	377	X509_OBJECT_free(obj);
	378	return 0;
	379	}
	380
374	381	if (X509_OBJECT_retrieve_match(store->objs, obj)) {
375	382	ret = 1;
376	383	} else {

552	559	}
553	560	if ((sk = sk_X509_new_null()) == NULL)
554	561	return NULL;
555		X509_STORE_lock(store);
	562	if (!X509_STORE_lock(store))
	563	goto out_free;
	564
556	565	objs = X509_STORE_get0_objects(store);
557	566	for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
558	567	X509 *cert = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));

566	575
567	576	err:
568	577	X509_STORE_unlock(store);
	578	out_free:
569	579	sk_X509_pop_free(sk, X509_free);
570	580	return NULL;
571	581	}

582	592	if (store == NULL)
583	593	return NULL;
584	594
585		X509_STORE_lock(store);
	595	if (!X509_STORE_lock(store))
	596	return NULL;
	597
586	598	idx = x509_object_idx_cnt(store->objs, X509_LU_X509, nm, &cnt);
587	599	if (idx < 0) {
588	600	/*

600	612	return NULL;
601	613	}
602	614	X509_OBJECT_free(xobj);
603		X509_STORE_lock(store);
	615	if (!X509_STORE_lock(store))
	616	return NULL;
604	617	idx = x509_object_idx_cnt(store->objs, X509_LU_X509, nm, &cnt);
605	618	if (idx < 0) {
606	619	X509_STORE_unlock(store);

641	654	return NULL;
642	655	}
643	656	X509_OBJECT_free(xobj);
644		X509_STORE_lock(store);
	657	if (!X509_STORE_lock(store)) {
	658	sk_X509_CRL_free(sk);
	659	return NULL;
	660	}
645	661	idx = x509_object_idx_cnt(store->objs, X509_LU_CRL, nm, &cnt);
646	662	if (idx < 0) {
647	663	X509_STORE_unlock(store);

743	759
744	760	/* Find index of first currently valid cert accepted by 'check_issued' */
745	761	ret = 0;
746		X509_STORE_lock(store);
	762	if (!X509_STORE_lock(store))
	763	return 0;
	764
747	765	idx = x509_object_idx_cnt(store->objs, X509_LU_X509, xn, &nmatch);
748	766	if (idx != -1) { /* should be true as we've had at least one match */
749	767	/* Look through all matching certs for suitable issuer */

+6

-6

crypto/x509/x509_trust.c less more

0	0	/*
1		* Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

71	71	return obj_trust(NID_anyExtendedKeyUsage, x,
72	72	flags \| X509_TRUST_DO_SS_COMPAT);
73	73	idx = X509_TRUST_get_by_id(id);
74		if (idx == -1)
	74	if (idx < 0)
75	75	return default_trust(id, x, flags);
76	76	pt = X509_TRUST_get0(idx);
77	77	return pt->check_trust(pt, x, flags);

111	111
112	112	int X509_TRUST_set(int *t, int trust)
113	113	{
114		if (X509_TRUST_get_by_id(trust) == -1) {
	114	if (X509_TRUST_get_by_id(trust) < 0) {
115	115	ERR_raise(ERR_LIB_X509, X509_R_INVALID_TRUST);
116	116	return 0;
117	117	}

133	133	/* Get existing entry if any */
134	134	idx = X509_TRUST_get_by_id(id);
135	135	/* Need a new entry */
136		if (idx == -1) {
	136	if (idx < 0) {
137	137	if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
138	138	ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
139	139	return 0;

161	161	trtmp->arg2 = arg2;
162	162
163	163	/* If its a new entry manage the dynamic table */
164		if (idx == -1) {
	164	if (idx < 0) {
165	165	if (trtable == NULL
166	166	&& (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
167	167	ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);

174	174	}
175	175	return 1;
176	176	err:
177		if (idx == -1) {
	177	if (idx < 0) {
178	178	OPENSSL_free(trtmp->name);
179	179	OPENSSL_free(trtmp);
180	180	}

+7

-6

crypto/x509/x509_vfy.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

2229	2229	/* If purpose not set use default */
2230	2230	if (purpose == 0)
2231	2231	purpose = def_purpose;
	2232	/*
	2233	* If purpose is set but we don't have a default then set the default to
	2234	* the current purpose
	2235	*/
	2236	else if (def_purpose == 0)
	2237	def_purpose = purpose;
2232	2238	/* If we have a purpose then check it is valid */
2233	2239	if (purpose != 0) {
2234	2240	X509_PURPOSE *ptmp;

2241	2247	ptmp = X509_PURPOSE_get0(idx);
2242	2248	if (ptmp->trust == X509_TRUST_DEFAULT) {
2243	2249	idx = X509_PURPOSE_get_by_id(def_purpose);
2244		/*
2245		* XXX: In the two callers above def_purpose is always 0, which is
2246		* not a known value, so idx will always be -1. How is the
2247		* X509_TRUST_DEFAULT case actually supposed to be handled?
2248		*/
2249	2250	if (idx == -1) {
2250	2251	ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_PURPOSE_ID);
2251	2252	return 0;

+7

-0

demos/README.txt less more

9	9	cipher:
10	10	aesgcm.c Demonstration of symmetric cipher GCM mode encrypt/decrypt
11	11	aesccm.c Demonstration of symmetric cipher CCM mode encrypt/decrypt
	12	ariacbc.c Demonstration of symmetric cipher CBC mode encrypt/decrypt
12	13
13	14	cms:
14	15
15	16	digest:
16	17	EVP_MD_demo.c Compute a digest from multiple buffers
17	18	EVP_MD_stdin.c Compute a digest with data read from stdin
	19	EVP_MD_xof.c Compute a digest using the SHAKE256 XOF
18	20	EVP_f_md.c Compute a digest using BIO and EVP_f_md
19	21
20	22	kdf:

24	26
25	27	mac:
26	28	gmac.c Demonstration of GMAC message authentication
	29	poly1305.c Demonstration of Poly1305-AES message authentication
	30	siphash.c Demonstration of SIPHASH message authentication
27	31
28	32	pkey:
29	33	EVP_PKEY_EC_keygen.c Generate an EC key.
	34	EVP_PKEY_RSA_keygen.c Generate an RSA key.
30	35
31	36	smime:
32	37

36	41
37	42	signature:
38	43	EVP_Signature_demo.c Compute and verify a signature from multiple buffers
	44	rsa_pss_direct.c Compute and verify an RSA-PSS signature from a hash
	45	rsa_pss_hash.c Compute and verify an RSA-PSS signature over a buffer

+4

-3

demos/cipher/Makefile less more

10	10	CFLAGS = $(OPENSSL_INCS_LOCATION)
11	11	LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto
12	12
13		all: aesccm aesgcm
	13	all: aesccm aesgcm ariacbc
14	14
15	15	aesccm: aesccm.o
16	16	aesgcm: aesgcm.o
	17	ariacbc: ariacbc.o
17	18
18		aesccm aesgcm:
	19	aesccm aesgcm ariacbc:
19	20	$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
20	21
21	22	clean:
22		$(RM) aesccm aesgcm *.o
	23	$(RM) aesccm aesgcm ariacbc *.o

+178

-0

demos/cipher/ariacbc.c less more

	0	/*
	1	* Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	/*
	10	* Simple ARIA CBC encryption demonstration program.
	11	*/
	12
	13	#include <stdio.h>
	14	#include <openssl/err.h>
	15	#include <openssl/bio.h>
	16	#include <openssl/evp.h>
	17	#include <openssl/crypto.h>
	18	#include <openssl/core_names.h>
	19
	20	/* ARIA key */
	21	static const unsigned char cbc_key[] = {
	22	0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66,
	23	0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69,
	24	0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f
	25	};
	26
	27	/* Unique initialisation vector */
	28	static const unsigned char cbc_iv[] = {
	29	0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84,
	30	0x99, 0xaa, 0x3e, 0x68,
	31	};
	32
	33	/* Example plaintext to encrypt */
	34	static const unsigned char cbc_pt[] = {
	35	0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea,
	36	0xcc, 0x2b, 0xf2, 0xa5
	37	};
	38
	39	/* Expected ciphertext value */
	40	static const unsigned char cbc_ct[] = {
	41	0x9a, 0x44, 0xe6, 0x85, 0x94, 0x26, 0xff, 0x30, 0x03, 0xd3, 0x7e, 0xc6,
	42	0xb5, 0x4a, 0x09, 0x66, 0x39, 0x28, 0xf3, 0x67, 0x14, 0xbc, 0xe8, 0xe2,
	43	0xcf, 0x31, 0xb8, 0x60, 0x42, 0x72, 0x6d, 0xc8
	44	};
	45
	46	/*
	47	* A library context and property query can be used to select & filter
	48	* algorithm implementations. If they are NULL then the default library
	49	* context and properties are used.
	50	*/
	51	OSSL_LIB_CTX *libctx = NULL;
	52	const char *propq = NULL;
	53
	54	int aria_cbc_encrypt(void)
	55	{
	56	int ret = 0;
	57	EVP_CIPHER_CTX *ctx;
	58	EVP_CIPHER *cipher = NULL;
	59	int outlen, tmplen;
	60	size_t cbc_ivlen = sizeof(cbc_iv);
	61	unsigned char outbuf[1024];
	62	unsigned char outtag[16];
	63
	64	printf("ARIA CBC Encrypt:\n");
	65	printf("Plaintext:\n");
	66	BIO_dump_fp(stdout, cbc_pt, sizeof(cbc_pt));
	67
	68	/* Create a context for the encrypt operation */
	69	if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
	70	goto err;
	71
	72	/* Fetch the cipher implementation */
	73	if ((cipher = EVP_CIPHER_fetch(libctx, "ARIA-256-CBC", propq)) == NULL)
	74	goto err;
	75
	76	/*
	77	* Initialise an encrypt operation with the cipher/mode, key and IV.
	78	* We are not setting any custom params so let params be just NULL.
	79	*/
	80	if (!EVP_EncryptInit_ex2(ctx, cipher, cbc_key, cbc_iv, /* params */ NULL))
	81	goto err;
	82
	83	/* Encrypt plaintext */
	84	if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, cbc_pt, sizeof(cbc_pt)))
	85	goto err;
	86
	87	/* Finalise: there can be some additional output from padding */
	88	if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen))
	89	goto err;
	90	outlen += tmplen;
	91
	92	/* Output encrypted block */
	93	printf("Ciphertext (outlen:%d):\n", outlen);
	94	BIO_dump_fp(stdout, outbuf, outlen);
	95
	96	if (sizeof(cbc_ct) == outlen && !CRYPTO_memcmp(outbuf, cbc_ct, outlen))
	97	printf("Final ciphertext matches expected ciphertext\n");
	98	else
	99	printf("Final ciphertext differs from expected ciphertext\n");
	100
	101	ret = 1;
	102	err:
	103	if (!ret)
	104	ERR_print_errors_fp(stderr);
	105
	106	EVP_CIPHER_free(cipher);
	107	EVP_CIPHER_CTX_free(ctx);
	108
	109	return ret;
	110	}
	111
	112	int aria_cbc_decrypt(void)
	113	{
	114	int ret = 0;
	115	EVP_CIPHER_CTX *ctx;
	116	EVP_CIPHER *cipher = NULL;
	117	int outlen, tmplen, rv;
	118	size_t cbc_ivlen = sizeof(cbc_iv);
	119	unsigned char outbuf[1024];
	120
	121	printf("ARIA CBC Decrypt:\n");
	122	printf("Ciphertext:\n");
	123	BIO_dump_fp(stdout, cbc_ct, sizeof(cbc_ct));
	124
	125	if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
	126	goto err;
	127
	128	/* Fetch the cipher implementation */
	129	if ((cipher = EVP_CIPHER_fetch(libctx, "ARIA-256-CBC", propq)) == NULL)
	130	goto err;
	131
	132	/*
	133	* Initialise an encrypt operation with the cipher/mode, key and IV.
	134	* We are not setting any custom params so let params be just NULL.
	135	*/
	136	if (!EVP_DecryptInit_ex2(ctx, cipher, cbc_key, cbc_iv, /* params */ NULL))
	137	goto err;
	138
	139	/* Decrypt plaintext */
	140	if (!EVP_DecryptUpdate(ctx, outbuf, &outlen, cbc_ct, sizeof(cbc_ct)))
	141	goto err;
	142
	143	/* Finalise: there can be some additional output from padding */
	144	if (!EVP_DecryptFinal_ex(ctx, outbuf + outlen, &tmplen))
	145	goto err;
	146	outlen += tmplen;
	147
	148	/* Output decrypted block */
	149	printf("Plaintext (outlen:%d):\n", outlen);
	150	BIO_dump_fp(stdout, outbuf, outlen);
	151
	152	if (sizeof(cbc_pt) == outlen && !CRYPTO_memcmp(outbuf, cbc_pt, outlen))
	153	printf("Final plaintext matches original plaintext\n");
	154	else
	155	printf("Final plaintext differs from original plaintext\n");
	156
	157	ret = 1;
	158	err:
	159	if (!ret)
	160	ERR_print_errors_fp(stderr);
	161
	162	EVP_CIPHER_free(cipher);
	163	EVP_CIPHER_CTX_free(ctx);
	164
	165	return ret;
	166	}
	167
	168	int main(int argc, char **argv)
	169	{
	170	if (!aria_cbc_encrypt())
	171	return 1;
	172
	173	if (!aria_cbc_decrypt())
	174	return 1;
	175
	176	return 0;
	177	}

+8

-5

demos/cms/cms_ver.c less more

26	26	/* Set up trusted CA certificate store */
27	27
28	28	st = X509_STORE_new();
	29	if (st == NULL)
	30	goto err;
29	31
30	32	/* Read in CA certificate */
31	33	tbio = BIO_new_file("cacert.pem", "r");
32	34
33		if (!tbio)
	35	if (tbio == NULL)
34	36	goto err;
35	37
36	38	cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
37	39
38		if (!cacert)
	40	if (cacert == NULL)
39	41	goto err;
40	42
41	43	if (!X509_STORE_add_cert(st, cacert))

45	47
46	48	in = BIO_new_file("smout.txt", "r");
47	49
48		if (!in)
	50	if (in == NULL)
49	51	goto err;
50	52
51	53	/* parse message */
52	54	cms = SMIME_read_CMS(in, &cont);
53	55
54		if (!cms)
	56	if (cms == NULL)
55	57	goto err;
56	58
57	59	/* File to output verified content to */
58	60	out = BIO_new_file("smver.txt", "w");
59		if (!out)
	61	if (out == NULL)
60	62	goto err;
61	63
62	64	if (!CMS_verify(cms, NULL, st, cont, out, 0)) {

75	77	ERR_print_errors_fp(stderr);
76	78	}
77	79
	80	X509_STORE_free(st);
78	81	CMS_ContentInfo_free(cms);
79	82	X509_free(cacert);
80	83	BIO_free(in);

+132

-0

demos/digest/EVP_MD_xof.c less more

	0	/*-
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <stdio.h>
	10	#include <string.h>
	11	#include <openssl/err.h>
	12	#include <openssl/evp.h>
	13	#include <openssl/core_names.h>
	14
	15	/*
	16	* Example of using an extendable-output hash function (XOF). A XOF is a hash
	17	* function with configurable output length and which can generate an
	18	* arbitrarily large output.
	19	*
	20	* This example uses SHAKE256, an extendable output variant of SHA3 (Keccak).
	21	*
	22	* To generate different output lengths, you can pass a single integer argument
	23	* on the command line, which is the output size in bytes. By default, a 20-byte
	24	* output is generated and (for this length only) a known answer test is
	25	* performed.
	26	*/
	27
	28	/* Our input to the XOF hash function. */
	29	const char message[] = "This is a test message.";
	30
	31	/* Expected output when an output length of 20 bytes is used. */
	32	static const char known_answer[] = {
	33	0x52, 0x97, 0x93, 0x78, 0x27, 0x58, 0x7d, 0x62,
	34	0x8b, 0x00, 0x25, 0xb5, 0xec, 0x39, 0x5e, 0x2d,
	35	0x7f, 0x3e, 0xd4, 0x19
	36	};
	37
	38	/*
	39	* A property query used for selecting the SHAKE256 implementation.
	40	*/
	41	static const char *propq = NULL;
	42
	43	int main(int argc, char **argv)
	44	{
	45	int rv = 1;
	46	OSSL_LIB_CTX *libctx = NULL;
	47	EVP_MD *md = NULL;
	48	EVP_MD_CTX *ctx = NULL;
	49	unsigned int digest_len = 20;
	50	int digest_len_i;
	51	unsigned char *digest = NULL;
	52
	53	/* Allow digest length to be changed for demonstration purposes. */
	54	if (argc > 1) {
	55	digest_len_i = atoi(argv[1]);
	56	if (digest_len_i <= 0) {
	57	fprintf(stderr, "Specify a non-negative digest length\n");
	58	goto end;
	59	}
	60
	61	digest_len = (unsigned int)digest_len_i;
	62	}
	63
	64	/*
	65	* Retrieve desired algorithm. This must be a hash algorithm which supports
	66	* XOF.
	67	*/
	68	md = EVP_MD_fetch(libctx, "SHAKE256", propq);
	69	if (md == NULL) {
	70	fprintf(stderr, "Failed to retrieve SHAKE256 algorithm\n");
	71	goto end;
	72	}
	73
	74	/* Create context. */
	75	ctx = EVP_MD_CTX_new();
	76	if (ctx == NULL) {
	77	fprintf(stderr, "Failed to create digest context\n");
	78	goto end;
	79	}
	80
	81	/* Initialize digest context. */
	82	if (EVP_DigestInit(ctx, md) == 0) {
	83	fprintf(stderr, "Failed to initialize digest\n");
	84	goto end;
	85	}
	86
	87	/*
	88	* Feed our message into the digest function.
	89	* This may be called multiple times.
	90	*/
	91	if (EVP_DigestUpdate(ctx, message, sizeof(message)) == 0) {
	92	fprintf(stderr, "Failed to hash input message\n");
	93	goto end;
	94	}
	95
	96	/* Allocate enough memory for our digest length. */
	97	digest = OPENSSL_malloc(digest_len);
	98	if (digest == NULL) {
	99	fprintf(stderr, "Failed to allocate memory for digest\n");
	100	goto end;
	101	}
	102
	103	/* Get computed digest. The digest will be of whatever length we specify. */
	104	if (EVP_DigestFinalXOF(ctx, digest, digest_len) == 0) {
	105	fprintf(stderr, "Failed to finalize hash\n");
	106	goto end;
	107	}
	108
	109	printf("Output digest:\n");
	110	BIO_dump_indent_fp(stdout, digest, digest_len, 2);
	111
	112	/* If digest length is 20 bytes, check it matches our known answer. */
	113	if (digest_len == 20) {
	114	/*
	115	* Always use a constant-time function such as CRYPTO_memcmp
	116	* when comparing cryptographic values. Do not use memcmp(3).
	117	*/
	118	if (CRYPTO_memcmp(digest, known_answer, sizeof(known_answer)) != 0) {
	119	fprintf(stderr, "Output does not match expected result\n");
	120	goto end;
	121	}
	122	}
	123
	124	rv = 0;
	125	end:
	126	OPENSSL_free(digest);
	127	EVP_MD_CTX_free(ctx);
	128	EVP_MD_free(md);
	129	OSSL_LIB_CTX_free(libctx);
	130	return rv;
	131	}

+4

-3

demos/digest/Makefile less more

2	2	#
3	3	# LD_LIBRARY_PATH=../.. ./EVP_MD_demo
4	4
5		CFLAGS = -I../../include -g
	5	CFLAGS = -I../../include -g -Wall
6	6	LDFLAGS = -L../..
7	7	LDLIBS = -lcrypto
8	8
9		all: EVP_MD_demo EVP_MD_stdin BIO_f_md
	9	all: EVP_MD_demo EVP_MD_stdin EVP_MD_xof BIO_f_md
10	10
11	11	%.o: %.c
12	12	$(CC) $(CFLAGS) -c $<
13	13
14	14	EVP_MD_demo: EVP_MD_demo.o
15	15	EVP_MD_stdin: EVP_MD_stdin.o
	16	EVP_MD_xof: EVP_MD_xof.o
16	17	BIO_f_md: BIO_f_md.o
17	18
18	19	test: ;
19	20
20	21	clean:
21		$(RM) *.o EVP_MD_demo EVP_MD_stdin BIO_f_md
	22	$(RM) *.o EVP_MD_demo EVP_MD_stdin EVP_MD_xof BIO_f_md

+278

-0

demos/keyexch/x25519.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <stdio.h>
	10	#include <string.h>
	11	#include <openssl/core_names.h>
	12	#include <openssl/evp.h>
	13
	14	/*
	15	* This is a demonstration of key exchange using X25519.
	16	*
	17	* The variables beginning `peer1_` / `peer2_` are data which would normally be
	18	* accessible to that peer.
	19	*
	20	* Ordinarily you would use random keys, which are demonstrated
	21	* below when use_kat=0. A known answer test is demonstrated
	22	* when use_kat=1.
	23	*/
	24
	25	/* A property query used for selecting the X25519 implementation. */
	26	static const char *propq = NULL;
	27
	28	static const unsigned char peer1_privk_data[32] = {
	29	0x80, 0x5b, 0x30, 0x20, 0x25, 0x4a, 0x70, 0x2c,
	30	0xad, 0xa9, 0x8d, 0x7d, 0x47, 0xf8, 0x1b, 0x20,
	31	0x89, 0xd2, 0xf9, 0x14, 0xac, 0x92, 0x27, 0xf2,
	32	0x10, 0x7e, 0xdb, 0x21, 0xbd, 0x73, 0x73, 0x5d
	33	};
	34
	35	static const unsigned char peer2_privk_data[32] = {
	36	0xf8, 0x84, 0x19, 0x69, 0x79, 0x13, 0x0d, 0xbd,
	37	0xb1, 0x76, 0xd7, 0x0e, 0x7e, 0x0f, 0xb6, 0xf4,
	38	0x8c, 0x4a, 0x8c, 0x5f, 0xd8, 0x15, 0x09, 0x0a,
	39	0x71, 0x78, 0x74, 0x92, 0x0f, 0x85, 0xc8, 0x43
	40	};
	41
	42	static const unsigned char expected_result[32] = {
	43	0x19, 0x71, 0x26, 0x12, 0x74, 0xb5, 0xb1, 0xce,
	44	0x77, 0xd0, 0x79, 0x24, 0xb6, 0x0a, 0x5c, 0x72,
	45	0x0c, 0xa6, 0x56, 0xc0, 0x11, 0xeb, 0x43, 0x11,
	46	0x94, 0x3b, 0x01, 0x45, 0xca, 0x19, 0xfe, 0x09
	47	};
	48
	49	typedef struct peer_data_st {
	50	const char name; / name of peer */
	51	EVP_PKEY privk; / privk generated for peer */
	52	unsigned char pubk_data[32]; /* generated pubk to send to other peer */
	53
	54	unsigned char secret; / allocated shared secret buffer */
	55	size_t secret_len;
	56	} PEER_DATA;
	57
	58	/*
	59	* Prepare for X25519 key exchange. The public key to be sent to the remote peer
	60	* is put in pubk_data, which should be a 32-byte buffer. Returns 1 on success.
	61	*/
	62	static int keyexch_x25519_before(
	63	OSSL_LIB_CTX *libctx,
	64	const unsigned char *kat_privk_data,
	65	PEER_DATA *local_peer)
	66	{
	67	int rv = 0;
	68	size_t pubk_data_len = 0;
	69
	70	/* Generate or load X25519 key for the peer */
	71	if (kat_privk_data != NULL)
	72	local_peer->privk =
	73	EVP_PKEY_new_raw_private_key_ex(libctx, "X25519", propq,
	74	kat_privk_data,
	75	sizeof(peer1_privk_data));
	76	else
	77	local_peer->privk = EVP_PKEY_Q_keygen(libctx, propq, "X25519");
	78
	79	if (local_peer->privk == NULL) {
	80	fprintf(stderr, "Could not load or generate private key\n");
	81	goto end;
	82	}
	83
	84	/* Get public key corresponding to the private key */
	85	if (EVP_PKEY_get_octet_string_param(local_peer->privk,
	86	OSSL_PKEY_PARAM_PUB_KEY,
	87	local_peer->pubk_data,
	88	sizeof(local_peer->pubk_data),
	89	&pubk_data_len) == 0) {
	90	fprintf(stderr, "EVP_PKEY_get_octet_string_param() failed\n");
	91	goto end;
	92	}
	93
	94	/* X25519 public keys are always 32 bytes */
	95	if (pubk_data_len != 32) {
	96	fprintf(stderr, "EVP_PKEY_get_octet_string_param() "
	97	"yielded wrong length\n");
	98	goto end;
	99	}
	100
	101	rv = 1;
	102	end:
	103	if (rv == 0) {
	104	EVP_PKEY_free(local_peer->privk);
	105	local_peer->privk = NULL;
	106	}
	107
	108	return rv;
	109	}
	110
	111	/*
	112	* Complete X25519 key exchange. remote_peer_pubk_data should be the 32 byte
	113	* public key value received from the remote peer. On success, returns 1 and the
	114	* secret is pointed to by *secret. The caller must free it.
	115	*/
	116	static int keyexch_x25519_after(
	117	OSSL_LIB_CTX *libctx,
	118	int use_kat,
	119	PEER_DATA *local_peer,
	120	const unsigned char *remote_peer_pubk_data)
	121	{
	122	int rv = 0;
	123	EVP_PKEY *remote_peer_pubk = NULL;
	124	EVP_PKEY_CTX *ctx = NULL;
	125
	126	local_peer->secret = NULL;
	127
	128	/* Load public key for remote peer. */
	129	remote_peer_pubk =
	130	EVP_PKEY_new_raw_public_key_ex(libctx, "X25519", propq,
	131	remote_peer_pubk_data, 32);
	132	if (remote_peer_pubk == NULL) {
	133	fprintf(stderr, "EVP_PKEY_new_raw_public_key_ex() failed\n");
	134	goto end;
	135	}
	136
	137	/* Create key exchange context. */
	138	ctx = EVP_PKEY_CTX_new_from_pkey(libctx, local_peer->privk, propq);
	139	if (ctx == NULL) {
	140	fprintf(stderr, "EVP_PKEY_CTX_new_from_pkey() failed\n");
	141	goto end;
	142	}
	143
	144	/* Initialize derivation process. */
	145	if (EVP_PKEY_derive_init(ctx) == 0) {
	146	fprintf(stderr, "EVP_PKEY_derive_init() failed\n");
	147	goto end;
	148	}
	149
	150	/* Configure each peer with the other peer's public key. */
	151	if (EVP_PKEY_derive_set_peer(ctx, remote_peer_pubk) == 0) {
	152	fprintf(stderr, "EVP_PKEY_derive_set_peer() failed\n");
	153	goto end;
	154	}
	155
	156	/* Determine the secret length. */
	157	if (EVP_PKEY_derive(ctx, NULL, &local_peer->secret_len) == 0) {
	158	fprintf(stderr, "EVP_PKEY_derive() failed\n");
	159	goto end;
	160	}
	161
	162	/*
	163	* We are using X25519, so the secret generated will always be 32 bytes.
	164	* However for exposition, the code below demonstrates a generic
	165	* implementation for arbitrary lengths.
	166	*/
	167	if (local_peer->secret_len != 32) { /* unreachable */
	168	fprintf(stderr, "Secret is always 32 bytes for X25519\n");
	169	goto end;
	170	}
	171
	172	/* Allocate memory for shared secrets. */
	173	local_peer->secret = OPENSSL_malloc(local_peer->secret_len);
	174	if (local_peer->secret == NULL) {
	175	fprintf(stderr, "Could not allocate memory for secret\n");
	176	goto end;
	177	}
	178
	179	/* Derive the shared secret. */
	180	if (EVP_PKEY_derive(ctx, local_peer->secret,
	181	&local_peer->secret_len) == 0) {
	182	fprintf(stderr, "EVP_PKEY_derive() failed\n");
	183	goto end;
	184	}
	185
	186	printf("Shared secret (%s):\n", local_peer->name);
	187	BIO_dump_indent_fp(stdout, local_peer->secret, local_peer->secret_len, 2);
	188	putchar('\n');
	189
	190	rv = 1;
	191	end:
	192	EVP_PKEY_CTX_free(ctx);
	193	EVP_PKEY_free(remote_peer_pubk);
	194	if (rv == 0) {
	195	OPENSSL_clear_free(local_peer->secret, local_peer->secret_len);
	196	local_peer->secret = NULL;
	197	}
	198
	199	return rv;
	200	}
	201
	202	static int keyexch_x25519(int use_kat)
	203	{
	204	int rv = 0;
	205	OSSL_LIB_CTX *libctx = NULL;
	206	PEER_DATA peer1 = {"peer 1"}, peer2 = {"peer 2"};
	207
	208	/*
	209	* Each peer generates its private key and sends its public key
	210	* to the other peer. The private key is stored locally for
	211	* later use.
	212	*/
	213	if (keyexch_x25519_before(libctx, use_kat ? peer1_privk_data : NULL,
	214	&peer1) == 0)
	215	return 0;
	216
	217	if (keyexch_x25519_before(libctx, use_kat ? peer2_privk_data : NULL,
	218	&peer2) == 0)
	219	return 0;
	220
	221	/*
	222	* Each peer uses the other peer's public key to perform key exchange.
	223	* After this succeeds, each peer has the same secret in its
	224	* PEER_DATA.
	225	*/
	226	if (keyexch_x25519_after(libctx, use_kat, &peer1, peer2.pubk_data) == 0)
	227	return 0;
	228
	229	if (keyexch_x25519_after(libctx, use_kat, &peer2, peer1.pubk_data) == 0)
	230	return 0;
	231
	232	/*
	233	* Here we demonstrate the secrets are equal for exposition purposes.
	234	*
	235	* Although in practice you will generally not need to compare secrets
	236	* produced through key exchange, if you do compare cryptographic secrets,
	237	* always do so using a constant-time function such as CRYPTO_memcmp, never
	238	* using memcmp(3).
	239	*/
	240	if (CRYPTO_memcmp(peer1.secret, peer2.secret, peer1.secret_len) != 0) {
	241	fprintf(stderr, "Negotiated secrets do not match\n");
	242	goto end;
	243	}
	244
	245	/* If we are doing the KAT, the secret should equal our reference result. */
	246	if (use_kat && CRYPTO_memcmp(peer1.secret, expected_result,
	247	peer1.secret_len) != 0) {
	248	fprintf(stderr, "Did not get expected result\n");
	249	goto end;
	250	}
	251
	252	rv = 1;
	253	end:
	254	/* The secrets are sensitive, so ensure they are erased before freeing. */
	255	OPENSSL_clear_free(peer1.secret, peer1.secret_len);
	256	OPENSSL_clear_free(peer2.secret, peer2.secret_len);
	257
	258	EVP_PKEY_free(peer1.privk);
	259	EVP_PKEY_free(peer2.privk);
	260	OSSL_LIB_CTX_free(libctx);
	261	return rv;
	262	}
	263
	264	int main(int argc, char **argv)
	265	{
	266	/* Test X25519 key exchange with known result. */
	267	printf("Key exchange using known answer (deterministic):\n");
	268	if (keyexch_x25519(1) == 0)
	269	return 1;
	270
	271	/* Test X25519 key exchange with random keys. */
	272	printf("Key exchange using random keys:\n");
	273	if (keyexch_x25519(0) == 0)
	274	return 1;
	275
	276	return 0;
	277	}

+23

-0

demos/mac/Makefile less more

	0	# Quick instruction:
	1	# To build against an OpenSSL built in the source tree, do this:
	2	#
	3	# make OPENSSL_INCS_LOCATION=-I../../include OPENSSL_LIBS_LOCATION=-L../..
	4	#
	5	# To run the demos when linked with a shared library (default):
	6	#
	7	# LD_LIBRARY_PATH=../.. ./gmac
	8	# LD_LIBRARY_PATH=../.. ./poly1305
	9
	10	CFLAGS = $(OPENSSL_INCS_LOCATION) -Wall
	11	LDFLAGS = $(OPENSSL_LIBS_LOCATION) -lssl -lcrypto
	12
	13	all: gmac poly1305
	14
	15	gmac: gmac.o
	16	poly1305: poly1305.o
	17
	18	gmac poly1305:
	19	$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
	20
	21	clean:
	22	$(RM) gmac poly1305 *.o

+209

-0

demos/mac/poly1305.c less more

	0	/*
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <stdio.h>
	10	#include <stdlib.h>
	11	#include <string.h>
	12	#include <openssl/core_names.h>
	13	#include <openssl/evp.h>
	14	#include <openssl/params.h>
	15	#include <openssl/err.h>
	16
	17	/*
	18	* This is a demonstration of how to compute Poly1305-AES using the OpenSSL
	19	* Poly1305 and AES providers and the EVP API.
	20	*
	21	* Please note that:
	22	*
	23	* - Poly1305 must never be used alone and must be used in conjunction with
	24	* another primitive which processes the input nonce to be secure;
	25	*
	26	* - you must never pass a nonce to the Poly1305 primitive directly;
	27	*
	28	* - Poly1305 exhibits catastrophic failure (that is, can be broken) if a
	29	* nonce is ever reused for a given key.
	30	*
	31	* If you are looking for a general purpose MAC, you should consider using a
	32	* different MAC and looking at one of the other examples, unless you have a
	33	* good familiarity with the details and caveats of Poly1305.
	34	*
	35	* This example uses AES, as described in the original paper, "The Poly1305-AES
	36	* message authentication code":
	37	* https://cr.yp.to/mac/poly1305-20050329.pdf
	38	*
	39	* The test vectors below are from that paper.
	40	*/
	41
	42	/*
	43	* Hard coding the key into an application is very bad.
	44	* It is done here solely for educational purposes.
	45	* These are the "r" and "k" inputs to Poly1305-AES.
	46	*/
	47	static const unsigned char test_r[] = {
	48	0x85, 0x1f, 0xc4, 0x0c, 0x34, 0x67, 0xac, 0x0b,
	49	0xe0, 0x5c, 0xc2, 0x04, 0x04, 0xf3, 0xf7, 0x00
	50	};
	51
	52	static const unsigned char test_k[] = {
	53	0xec, 0x07, 0x4c, 0x83, 0x55, 0x80, 0x74, 0x17,
	54	0x01, 0x42, 0x5b, 0x62, 0x32, 0x35, 0xad, 0xd6
	55	};
	56
	57	/*
	58	* Hard coding a nonce must not be done under any circumstances and is done here
	59	* purely for demonstration purposes. Please note that Poly1305 exhibits
	60	* catastrophic failure (that is, can be broken) if a nonce is ever reused for a
	61	* given key.
	62	*/
	63	static const unsigned char test_n[] = {
	64	0xfb, 0x44, 0x73, 0x50, 0xc4, 0xe8, 0x68, 0xc5,
	65	0x2a, 0xc3, 0x27, 0x5c, 0xf9, 0xd4, 0x32, 0x7e
	66	};
	67
	68	/* Input message. */
	69	static const unsigned char test_m[] = {
	70	0xf3, 0xf6
	71	};
	72
	73	static const unsigned char expected_output[] = {
	74	0xf4, 0xc6, 0x33, 0xc3, 0x04, 0x4f, 0xc1, 0x45,
	75	0xf8, 0x4f, 0x33, 0x5c, 0xb8, 0x19, 0x53, 0xde
	76	};
	77
	78	/*
	79	* A property query used for selecting the POLY1305 implementation.
	80	*/
	81	static char *propq = NULL;
	82
	83	int main(int argc, char **argv)
	84	{
	85	int rv = EXIT_FAILURE;
	86	EVP_CIPHER *aes = NULL;
	87	EVP_CIPHER_CTX *aesctx = NULL;
	88	EVP_MAC *mac = NULL;
	89	EVP_MAC_CTX *mctx = NULL;
	90	unsigned char composite_key[32];
	91	unsigned char out[16];
	92	OSSL_LIB_CTX *library_context = NULL;
	93	size_t out_len = 0;
	94	int aes_len = 0;
	95
	96	library_context = OSSL_LIB_CTX_new();
	97	if (library_context == NULL) {
	98	fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
	99	goto end;
	100	}
	101
	102	/* Fetch the Poly1305 implementation */
	103	mac = EVP_MAC_fetch(library_context, "POLY1305", propq);
	104	if (mac == NULL) {
	105	fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
	106	goto end;
	107	}
	108
	109	/* Create a context for the Poly1305 operation */
	110	mctx = EVP_MAC_CTX_new(mac);
	111	if (mctx == NULL) {
	112	fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
	113	goto end;
	114	}
	115
	116	/* Fetch the AES implementation */
	117	aes = EVP_CIPHER_fetch(library_context, "AES-128-ECB", propq);
	118	if (aes == NULL) {
	119	fprintf(stderr, "EVP_CIPHER_fetch() returned NULL\n");
	120	goto end;
	121	}
	122
	123	/* Create a context for AES */
	124	aesctx = EVP_CIPHER_CTX_new();
	125	if (aesctx == NULL) {
	126	fprintf(stderr, "EVP_CIPHER_CTX_new() returned NULL\n");
	127	goto end;
	128	}
	129
	130	/* Initialize the AES cipher with the 128-bit key k */
	131	if (!EVP_EncryptInit_ex(aesctx, aes, NULL, test_k, NULL)) {
	132	fprintf(stderr, "EVP_EncryptInit_ex() failed\n");
	133	goto end;
	134	}
	135
	136	/*
	137	* Disable padding for the AES cipher. We do not strictly need to do this as
	138	* we are encrypting a single block and thus there are no alignment or
	139	* padding concerns, but this ensures that the operation below fails if
	140	* padding would be required for some reason, which in this circumstance
	141	* would indicate an implementation bug.
	142	*/
	143	if (!EVP_CIPHER_CTX_set_padding(aesctx, 0)) {
	144	fprintf(stderr, "EVP_CIPHER_CTX_set_padding() failed\n");
	145	goto end;
	146	}
	147
	148	/*
	149	* Computes the value AES_k(n) which we need for our Poly1305-AES
	150	* computation below.
	151	*/
	152	if (!EVP_EncryptUpdate(aesctx, composite_key + 16, &aes_len,
	153	test_n, sizeof(test_n))) {
	154	fprintf(stderr, "EVP_EncryptUpdate() failed\n");
	155	goto end;
	156	}
	157
	158	/*
	159	* The Poly1305 provider expects the key r to be passed as the first 16
	160	* bytes of the "key" and the processed nonce (that is, AES_k(n)) to be
	161	* passed as the second 16 bytes of the "key". We already put the processed
	162	* nonce in the correct place above, so copy r into place.
	163	*/
	164	memcpy(composite_key, test_r, 16);
	165
	166	/* Initialise the Poly1305 operation */
	167	if (!EVP_MAC_init(mctx, composite_key, sizeof(composite_key), NULL)) {
	168	fprintf(stderr, "EVP_MAC_init() failed\n");
	169	goto end;
	170	}
	171
	172	/* Make one or more calls to process the data to be authenticated */
	173	if (!EVP_MAC_update(mctx, test_m, sizeof(test_m))) {
	174	fprintf(stderr, "EVP_MAC_update() failed\n");
	175	goto end;
	176	}
	177
	178	/* Make one call to the final to get the MAC */
	179	if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) {
	180	fprintf(stderr, "EVP_MAC_final() failed\n");
	181	goto end;
	182	}
	183
	184	printf("Generated MAC:\n");
	185	BIO_dump_indent_fp(stdout, out, out_len, 2);
	186	putchar('\n');
	187
	188	if (out_len != sizeof(expected_output)) {
	189	fprintf(stderr, "Generated MAC has an unexpected length\n");
	190	goto end;
	191	}
	192
	193	if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
	194	fprintf(stderr, "Generated MAC does not match expected value\n");
	195	goto end;
	196	}
	197
	198	rv = EXIT_SUCCESS;
	199	end:
	200	EVP_CIPHER_CTX_free(aesctx);
	201	EVP_CIPHER_free(aes);
	202	EVP_MAC_CTX_free(mctx);
	203	EVP_MAC_free(mac);
	204	OSSL_LIB_CTX_free(library_context);
	205	if (rv != EXIT_SUCCESS)
	206	ERR_print_errors_fp(stderr);
	207	return rv;
	208	}

+129

-0

demos/mac/siphash.c less more

	0	/*
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <stdio.h>
	10	#include <stdlib.h>
	11	#include <openssl/core_names.h>
	12	#include <openssl/evp.h>
	13	#include <openssl/params.h>
	14	#include <openssl/err.h>
	15
	16	/*
	17	* Taken from the test vector from the paper "SipHash: a fast short-input PRF".
	18	* https://www.aumasson.jp/siphash/siphash.pdf
	19	*/
	20
	21	/*
	22	* Hard coding the key into an application is very bad.
	23	* It is done here solely for educational purposes.
	24	*/
	25	static unsigned char key[] = {
	26	0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
	27	0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
	28	};
	29
	30	static unsigned char data[] = {
	31	0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
	32	0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e
	33	};
	34
	35	static const unsigned char expected_output[] = {
	36	0xe5, 0x45, 0xbe, 0x49, 0x61, 0xca, 0x29, 0xa1
	37	};
	38
	39	/*
	40	* A property query used for selecting the SIPHASH implementation.
	41	*/
	42	static char *propq = NULL;
	43
	44	int main(int argc, char **argv)
	45	{
	46	int rv = EXIT_FAILURE;
	47	EVP_MAC *mac = NULL;
	48	EVP_MAC_CTX *mctx = NULL;
	49	unsigned char out[8];
	50	OSSL_PARAM params[4], *p = params;
	51	OSSL_LIB_CTX *library_context = NULL;
	52	unsigned int digest_len = 8, c_rounds = 2, d_rounds = 4;
	53	size_t out_len = 0;
	54
	55	library_context = OSSL_LIB_CTX_new();
	56	if (library_context == NULL) {
	57	fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
	58	goto end;
	59	}
	60
	61	/* Fetch the SipHash implementation */
	62	mac = EVP_MAC_fetch(library_context, "SIPHASH", propq);
	63	if (mac == NULL) {
	64	fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
	65	goto end;
	66	}
	67
	68	/* Create a context for the SipHash operation */
	69	mctx = EVP_MAC_CTX_new(mac);
	70	if (mctx == NULL) {
	71	fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
	72	goto end;
	73	}
	74
	75	/* SipHash can support either 8 or 16-byte digests. */
	76	*p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_SIZE, &digest_len);
	77
	78	/*
	79	* The number of C-rounds and D-rounds is configurable. Standard SipHash
	80	* uses values of 2 and 4 respectively. The following lines are unnecessary
	81	* as they set the default, but demonstrate how to change these values.
	82	*/
	83	*p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_C_ROUNDS, &c_rounds);
	84	*p++ = OSSL_PARAM_construct_uint(OSSL_MAC_PARAM_D_ROUNDS, &d_rounds);
	85
	86	*p = OSSL_PARAM_construct_end();
	87
	88	/* Initialise the SIPHASH operation */
	89	if (!EVP_MAC_init(mctx, key, sizeof(key), params)) {
	90	fprintf(stderr, "EVP_MAC_init() failed\n");
	91	goto end;
	92	}
	93
	94	/* Make one or more calls to process the data to be authenticated */
	95	if (!EVP_MAC_update(mctx, data, sizeof(data))) {
	96	fprintf(stderr, "EVP_MAC_update() failed\n");
	97	goto end;
	98	}
	99
	100	/* Make one call to the final to get the MAC */
	101	if (!EVP_MAC_final(mctx, out, &out_len, sizeof(out))) {
	102	fprintf(stderr, "EVP_MAC_final() failed\n");
	103	goto end;
	104	}
	105
	106	printf("Generated MAC:\n");
	107	BIO_dump_indent_fp(stdout, out, out_len, 2);
	108	putchar('\n');
	109
	110	if (out_len != sizeof(expected_output)) {
	111	fprintf(stderr, "Generated MAC has an unexpected length\n");
	112	goto end;
	113	}
	114
	115	if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
	116	fprintf(stderr, "Generated MAC does not match expected value\n");
	117	goto end;
	118	}
	119
	120	rv = EXIT_SUCCESS;
	121	end:
	122	EVP_MAC_CTX_free(mctx);
	123	EVP_MAC_free(mac);
	124	OSSL_LIB_CTX_free(library_context);
	125	if (rv != EXIT_SUCCESS)
	126	ERR_print_errors_fp(stderr);
	127	return rv;
	128	}

+2

-2

demos/pkey/EVP_PKEY_EC_keygen.c less more

0	0	/*-
1		* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

88	88	unsigned char out_pubkey[80];
89	89	unsigned char out_privkey[80];
90	90	BIGNUM *out_priv = NULL;
91		size_t i, out_pubkey_len, out_privkey_len = 0;
	91	size_t out_pubkey_len, out_privkey_len = 0;
92	92
93	93	if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME,
94	94	out_curvename, sizeof(out_curvename),

+289

-0

demos/pkey/EVP_PKEY_RSA_keygen.c less more

	0	/*-
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	/*
	10	* Example showing how to generate an RSA key pair.
	11	*
	12	* When generating an RSA key, you must specify the number of bits in the key. A
	13	* reasonable value would be 4096. Avoid using values below 2048. These values
	14	* are reasonable as of 2022.
	15	*/
	16
	17	#include <string.h>
	18	#include <stdio.h>
	19	#include <openssl/err.h>
	20	#include <openssl/evp.h>
	21	#include <openssl/rsa.h>
	22	#include <openssl/core_names.h>
	23	#include <openssl/pem.h>
	24
	25	/* A property query used for selecting algorithm implementations. */
	26	static const char *propq = NULL;
	27
	28	/*
	29	* Generates an RSA public-private key pair and returns it.
	30	* The number of bits is specified by the bits argument.
	31	*
	32	* This uses the long way of generating an RSA key.
	33	*/
	34	static EVP_PKEY generate_rsa_key_long(OSSL_LIB_CTX libctx, unsigned int bits)
	35	{
	36	EVP_PKEY_CTX *genctx = NULL;
	37	EVP_PKEY *pkey = NULL;
	38	unsigned int primes = 2;
	39
	40	/* Create context using RSA algorithm. "RSA-PSS" could also be used here. */
	41	genctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", propq);
	42	if (genctx == NULL) {
	43	fprintf(stderr, "EVP_PKEY_CTX_new_from_name() failed\n");
	44	goto cleanup;
	45	}
	46
	47	/* Initialize context for key generation purposes. */
	48	if (EVP_PKEY_keygen_init(genctx) <= 0) {
	49	fprintf(stderr, "EVP_PKEY_keygen_init() failed\n");
	50	goto cleanup;
	51	}
	52
	53	/*
	54	* Here we set the number of bits to use in the RSA key.
	55	* See comment at top of file for information on appropriate values.
	56	*/
	57	if (EVP_PKEY_CTX_set_rsa_keygen_bits(genctx, bits) <= 0) {
	58	fprintf(stderr, "EVP_PKEY_CTX_set_rsa_keygen_bits() failed\n");
	59	goto cleanup;
	60	}
	61
	62	/*
	63	* It is possible to create an RSA key using more than two primes.
	64	* Do not do this unless you know why you need this.
	65	* You ordinarily do not need to specify this, as the default is two.
	66	*
	67	* Both of these parameters can also be set via EVP_PKEY_CTX_set_params, but
	68	* these functions provide a more concise way to do so.
	69	*/
	70	if (EVP_PKEY_CTX_set_rsa_keygen_primes(genctx, primes) <= 0) {
	71	fprintf(stderr, "EVP_PKEY_CTX_set_rsa_keygen_primes() failed\n");
	72	goto cleanup;
	73	}
	74
	75	/*
	76	* Generating an RSA key with a number of bits large enough to be secure for
	77	* modern applications can take a fairly substantial amount of time (e.g.
	78	* one second). If you require fast key generation, consider using an EC key
	79	* instead.
	80	*
	81	* If you require progress information during the key generation process,
	82	* you can set a progress callback using EVP_PKEY_set_cb; see the example in
	83	* EVP_PKEY_generate(3).
	84	*/
	85	fprintf(stderr, "Generating RSA key, this may take some time...\n");
	86	if (EVP_PKEY_generate(genctx, &pkey) <= 0) {
	87	fprintf(stderr, "EVP_PKEY_generate() failed\n");
	88	goto cleanup;
	89	}
	90
	91	/* pkey is now set to an object representing the generated key pair. */
	92
	93	cleanup:
	94	EVP_PKEY_CTX_free(genctx);
	95	return pkey;
	96	}
	97
	98	/*
	99	* Generates an RSA public-private key pair and returns it.
	100	* The number of bits is specified by the bits argument.
	101	*
	102	* This uses a more concise way of generating an RSA key, which is suitable for
	103	* simple cases. It is used if -s is passed on the command line, otherwise the
	104	* long method above is used. The ability to choose between these two methods is
	105	* shown here only for demonstration; the results are equivalent.
	106	*/
	107	static EVP_PKEY generate_rsa_key_short(OSSL_LIB_CTX libctx, unsigned int bits)
	108	{
	109	EVP_PKEY *pkey = NULL;
	110
	111	fprintf(stderr, "Generating RSA key, this may take some time...\n");
	112	pkey = EVP_PKEY_Q_keygen(libctx, propq, "RSA", (size_t)bits);
	113
	114	if (pkey == NULL)
	115	fprintf(stderr, "EVP_PKEY_Q_keygen() failed\n");
	116
	117	return pkey;
	118	}
	119
	120	/*
	121	* Prints information on an EVP_PKEY object representing an RSA key pair.
	122	*/
	123	static int dump_key(const EVP_PKEY *pkey)
	124	{
	125	int rv = 0;
	126	int bits = 0;
	127	BIGNUM n = NULL, e = NULL, d = NULL, p = NULL, *q = NULL;
	128
	129	/*
	130	* Retrieve value of n. This value is not secret and forms part of the
	131	* public key.
	132	*
	133	* Calling EVP_PKEY_get_bn_param with a NULL BIGNUM pointer causes
	134	* a new BIGNUM to be allocated, so these must be freed subsequently.
	135	*/
	136	if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n) == 0) {
	137	fprintf(stderr, "Failed to retrieve n\n");
	138	goto cleanup;
	139	}
	140
	141	/*
	142	* Retrieve value of e. This value is not secret and forms part of the
	143	* public key. It is typically 65537 and need not be changed.
	144	*/
	145	if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &e) == 0) {
	146	fprintf(stderr, "Failed to retrieve e\n");
	147	goto cleanup;
	148	}
	149
	150	/*
	151	* Retrieve value of d. This value is secret and forms part of the private
	152	* key. It must not be published.
	153	*/
	154	if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &d) == 0) {
	155	fprintf(stderr, "Failed to retrieve d\n");
	156	goto cleanup;
	157	}
	158
	159	/*
	160	* Retrieve value of the first prime factor, commonly known as p. This value
	161	* is secret and forms part of the private key. It must not be published.
	162	*/
	163	if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &p) == 0) {
	164	fprintf(stderr, "Failed to retrieve p\n");
	165	goto cleanup;
	166	}
	167
	168	/*
	169	* Retrieve value of the second prime factor, commonly known as q. This value
	170	* is secret and forms part of the private key. It must not be published.
	171	*
	172	* If you are creating an RSA key with more than two primes for special
	173	* applications, you can retrieve these primes with
	174	* OSSL_PKEY_PARAM_RSA_FACTOR3, etc.
	175	*/
	176	if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &q) == 0) {
	177	fprintf(stderr, "Failed to retrieve q\n");
	178	goto cleanup;
	179	}
	180
	181	/*
	182	* We can also retrieve the key size in bits for informational purposes.
	183	*/
	184	if (EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_BITS, &bits) == 0) {
	185	fprintf(stderr, "Failed to retrieve bits\n");
	186	goto cleanup;
	187	}
	188
	189	/* Output hexadecimal representations of the BIGNUM objects. */
	190	fprintf(stdout, "\nNumber of bits: %d\n\n", bits);
	191	fprintf(stderr, "Public values:\n");
	192	fprintf(stdout, " n = 0x");
	193	BN_print_fp(stdout, n);
	194	fprintf(stdout, "\n");
	195
	196	fprintf(stdout, " e = 0x");
	197	BN_print_fp(stdout, e);
	198	fprintf(stdout, "\n\n");
	199
	200	fprintf(stdout, "Private values:\n");
	201	fprintf(stdout, " d = 0x");
	202	BN_print_fp(stdout, d);
	203	fprintf(stdout, "\n");
	204
	205	fprintf(stdout, " p = 0x");
	206	BN_print_fp(stdout, p);
	207	fprintf(stdout, "\n");
	208
	209	fprintf(stdout, " q = 0x");
	210	BN_print_fp(stdout, q);
	211	fprintf(stdout, "\n\n");
	212
	213	/* Output a PEM encoding of the public key. */
	214	if (PEM_write_PUBKEY(stdout, pkey) == 0) {
	215	fprintf(stderr, "Failed to output PEM-encoded public key\n");
	216	goto cleanup;
	217	}
	218
	219	/*
	220	* Output a PEM encoding of the private key. Please note that this output is
	221	* not encrypted. You may wish to use the arguments to specify encryption of
	222	* the key if you are storing it on disk. See PEM_write_PrivateKey(3).
	223	*/
	224	if (PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL) == 0) {
	225	fprintf(stderr, "Failed to output PEM-encoded private key\n");
	226	goto cleanup;
	227	}
	228
	229	rv = 1;
	230	cleanup:
	231	BN_free(n); /* not secret */
	232	BN_free(e); /* not secret */
	233	BN_clear_free(d); /* secret - scrub before freeing */
	234	BN_clear_free(p); /* secret - scrub before freeing */
	235	BN_clear_free(q); /* secret - scrub before freeing */
	236	return rv;
	237	}
	238
	239	int main(int argc, char **argv)
	240	{
	241	int rv = 1;
	242	OSSL_LIB_CTX *libctx = NULL;
	243	EVP_PKEY *pkey = NULL;
	244	unsigned int bits = 4096;
	245	int bits_i, use_short = 0;
	246
	247	/* usage: [-s] [<bits>] */
	248	if (argc > 1 && strcmp(argv[1], "-s") == 0) {
	249	--argc;
	250	++argv;
	251	use_short = 1;
	252	}
	253
	254	if (argc > 1) {
	255	bits_i = atoi(argv[1]);
	256	if (bits < 512) {
	257	fprintf(stderr, "Invalid RSA key size\n");
	258	return 1;
	259	}
	260
	261	bits = (unsigned int)bits_i;
	262	}
	263
	264	/* Avoid using key sizes less than 2048 bits; see comment at top of file. */
	265	if (bits < 2048)
	266	fprintf(stderr, "Warning: very weak key size\n\n");
	267
	268	/* Generate RSA key. */
	269	if (use_short)
	270	pkey = generate_rsa_key_short(libctx, bits);
	271	else
	272	pkey = generate_rsa_key_long(libctx, bits);
	273
	274	if (pkey == NULL)
	275	goto cleanup;
	276
	277	/* Dump the integers comprising the key. */
	278	if (dump_key(pkey) == 0) {
	279	fprintf(stderr, "Failed to dump key\n");
	280	goto cleanup;
	281	}
	282
	283	rv = 0;
	284	cleanup:
	285	EVP_PKEY_free(pkey);
	286	OSSL_LIB_CTX_free(libctx);
	287	return rv;
	288	}

+6

-3

demos/pkey/Makefile less more

1	1	# To run the demos when linked with a shared library (default):
2	2	#
3	3	# LD_LIBRARY_PATH=../.. ./EVP_PKEY_EC_keygen
	4	# LD_LIBRARY_PATH=../.. ./EVP_PKEY_RSA_keygen
4	5
5		CFLAGS = -I../../include -g
	6	CFLAGS = -I../../include -g -Wall
6	7	LDFLAGS = -L../..
7	8	LDLIBS = -lcrypto
8	9
9		all: EVP_PKEY_EC_keygen
	10	all: EVP_PKEY_EC_keygen EVP_PKEY_RSA_keygen
10	11
11	12	%.o: %.c
12	13	$(CC) $(CFLAGS) -c $<
13	14
14	15	EVP_PKEY_EC_keygen: EVP_PKEY_EC_keygen.o
15	16
	17	EVP_PKEY_RSA_keygen: EVP_PKEY_RSA_keygen.o
	18
16	19	test: ;
17	20
18	21	clean:
19		$(RM) *.o EVP_PKEY_EC_keygen
	22	$(RM) *.o EVP_PKEY_EC_keygen EVP_PKEY_RSA_keygen

+5

-3

demos/signature/Makefile less more

2	2	#
3	3	# LD_LIBRARY_PATH=../.. ./EVP_Signature_demo
4	4
5		CFLAGS = -I../../include -g
	5	CFLAGS = -I../../include -g -Wall
6	6	LDFLAGS = -L../..
7	7	LDLIBS = -lcrypto
8	8
9		all: EVP_Signature_demo
	9	all: EVP_Signature_demo rsa_pss_direct rsa_pss_hash
10	10
11	11	%.o: %.c
12	12	$(CC) $(CFLAGS) -c $<
13	13
14	14	EVP_Signature_demo: EVP_Signature_demo.o
	15	rsa_pss_direct: rsa_pss_direct.o
	16	rsa_pss_hash: rsa_pss_hash.o
15	17
16	18	test: ;
17	19
18	20	clean:
19		$(RM) *.o EVP_Signature_demo
	21	$(RM) *.o EVP_Signature_demo rsa_pss_direct rsa_pss_hash

+256

-0

demos/signature/rsa_pss.h less more

	0	/*-
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	/* 4096-bit RSA private key, DER. */
	10	static const unsigned char rsa_priv_key[] = {
	11	0x30, 0x82, 0x09, 0x28, 0x02, 0x01, 0x00, 0x02, 0x82, 0x02, 0x01, 0x00,
	12	0xa3, 0x14, 0xe4, 0xb8, 0xd8, 0x58, 0x0d, 0xab, 0xd7, 0x87, 0xa4, 0xf6,
	13	0x84, 0x51, 0x74, 0x60, 0x4c, 0xe3, 0x60, 0x28, 0x89, 0x49, 0x65, 0x18,
	14	0x5c, 0x8f, 0x1a, 0x1b, 0xe9, 0xdb, 0xc1, 0xc1, 0xf7, 0x08, 0x27, 0x44,
	15	0xe5, 0x9d, 0x9a, 0x33, 0xc3, 0xac, 0x5a, 0xca, 0xba, 0x20, 0x5a, 0x9e,
	16	0x3a, 0x18, 0xb5, 0x3d, 0xe3, 0x9d, 0x94, 0x58, 0xa7, 0xa9, 0x5a, 0x0b,
	17	0x4f, 0xb8, 0xe5, 0xa3, 0x7b, 0x01, 0x11, 0x0f, 0x16, 0x11, 0xb8, 0x65,
	18	0x2f, 0xa8, 0x95, 0xf7, 0x58, 0x2c, 0xec, 0x1d, 0x41, 0xad, 0xd1, 0x12,
	19	0xca, 0x4a, 0x80, 0x35, 0x35, 0x43, 0x7e, 0xe0, 0x97, 0xfc, 0x86, 0x8f,
	20	0xcf, 0x4b, 0xdc, 0xbc, 0x15, 0x2c, 0x8e, 0x90, 0x84, 0x26, 0x83, 0xc1,
	21	0x96, 0x97, 0xf4, 0xd7, 0x90, 0xce, 0xfe, 0xd4, 0xf3, 0x70, 0x22, 0xa8,
	22	0xb0, 0x1f, 0xed, 0x08, 0xd7, 0xc5, 0xc0, 0xd6, 0x41, 0x6b, 0x24, 0x68,
	23	0x5c, 0x07, 0x1f, 0x44, 0x97, 0xd8, 0x6e, 0x18, 0x93, 0x67, 0xc3, 0xba,
	24	0x3a, 0xaf, 0xfd, 0xc2, 0x65, 0x00, 0x21, 0x63, 0xdf, 0xb7, 0x28, 0x68,
	25	0xd6, 0xc0, 0x20, 0x86, 0x92, 0xed, 0x68, 0x6a, 0x27, 0x3a, 0x07, 0xec,
	26	0x66, 0x00, 0xfe, 0x51, 0x51, 0x86, 0x41, 0x6f, 0x83, 0x69, 0xd2, 0xf0,
	27	0xe6, 0xf7, 0x61, 0xda, 0x12, 0x45, 0x53, 0x09, 0xdf, 0xf8, 0x42, 0xc7,
	28	0x30, 0x6a, 0xe5, 0xd8, 0x2b, 0xa2, 0x49, 0x7a, 0x05, 0x10, 0xee, 0xb2,
	29	0x59, 0x0a, 0xe5, 0xbe, 0xf8, 0x4d, 0x0f, 0xa8, 0x9e, 0x63, 0x81, 0x39,
	30	0x32, 0xaa, 0xfd, 0xa8, 0x03, 0xf6, 0xd8, 0xc6, 0xaa, 0x02, 0x93, 0x03,
	31	0xeb, 0x15, 0xd3, 0x38, 0xc8, 0x1a, 0x78, 0xcf, 0xf3, 0xa7, 0x9f, 0x98,
	32	0x4b, 0x91, 0x5b, 0x79, 0xf8, 0x4e, 0x53, 0xaf, 0x0c, 0x65, 0xe9, 0xb0,
	33	0x93, 0xc2, 0xcb, 0x5d, 0x3c, 0x5f, 0x6e, 0x39, 0xd2, 0x58, 0x23, 0x50,
	34	0xe5, 0x2e, 0xef, 0x12, 0x00, 0xa4, 0x59, 0x13, 0x2b, 0x2f, 0x2c, 0x0a,
	35	0x7b, 0x36, 0x89, 0xc5, 0xe5, 0x8f, 0x95, 0x5e, 0x14, 0x0f, 0x0f, 0x94,
	36	0x5a, 0xe9, 0xdc, 0x0b, 0x49, 0x14, 0xbe, 0x0a, 0x70, 0x45, 0xc1, 0x7c,
	37	0xbf, 0x83, 0x70, 0xfd, 0x3d, 0x99, 0xe6, 0x8a, 0xf5, 0x9c, 0x09, 0x71,
	38	0x84, 0x9a, 0x18, 0xa0, 0xe0, 0x6c, 0x43, 0x5c, 0x7e, 0x48, 0x33, 0xc8,
	39	0xbe, 0x5d, 0xdd, 0xd8, 0x77, 0xe3, 0xe7, 0x6b, 0x34, 0x4b, 0xa2, 0xb7,
	40	0x54, 0x07, 0x72, 0x2e, 0xab, 0xa9, 0x91, 0x1e, 0x4b, 0xe3, 0xb5, 0xd8,
	41	0xfa, 0x35, 0x64, 0x8a, 0xe9, 0x03, 0xa1, 0xa8, 0x26, 0xbd, 0x72, 0x58,
	42	0x10, 0x6a, 0xec, 0x1a, 0xf6, 0x1e, 0xb8, 0xc0, 0x46, 0x19, 0x31, 0x2c,
	43	0xca, 0xf9, 0x6a, 0xd7, 0x2e, 0xd0, 0xa7, 0x2c, 0x60, 0x58, 0xc4, 0x8f,
	44	0x46, 0x63, 0x61, 0x8d, 0x29, 0x6f, 0xe2, 0x5f, 0xe2, 0x43, 0x90, 0x9c,
	45	0xe6, 0xfc, 0x08, 0x41, 0xc8, 0xb5, 0x23, 0x56, 0x24, 0x3e, 0x3a, 0x2c,
	46	0x41, 0x22, 0x43, 0xda, 0x22, 0x15, 0x2b, 0xad, 0xd0, 0xfa, 0xc8, 0x47,
	47	0x44, 0xe6, 0x2a, 0xf9, 0x38, 0x90, 0x13, 0x62, 0x22, 0xea, 0x06, 0x8c,
	48	0x44, 0x9c, 0xd6, 0xca, 0x50, 0x93, 0xe9, 0xd4, 0x03, 0xd8, 0x3e, 0x71,
	49	0x36, 0x4b, 0xaa, 0xab, 0xbb, 0xe2, 0x48, 0x66, 0x26, 0x53, 0xb1, 0x6d,
	50	0x3b, 0x82, 0x2c, 0x8c, 0x25, 0x05, 0xf0, 0xf8, 0xcf, 0x55, 0xbf, 0x8e,
	51	0x29, 0xf7, 0x54, 0x5b, 0x6f, 0x30, 0x54, 0xa6, 0xad, 0x46, 0xff, 0x22,
	52	0x95, 0xb1, 0x87, 0x98, 0x00, 0x51, 0x69, 0x15, 0x07, 0xbd, 0x3d, 0x9c,
	53	0x6e, 0xaa, 0xaa, 0x3b, 0x0b, 0x74, 0x65, 0x4c, 0x04, 0xe0, 0x80, 0x3e,
	54	0xaf, 0x5e, 0x10, 0xd6, 0x9b, 0x28, 0x37, 0x6f, 0x02, 0x03, 0x01, 0x00,
	55	0x01, 0x02, 0x82, 0x02, 0x00, 0x09, 0x6e, 0xf8, 0xf8, 0x14, 0x53, 0xab,
	56	0x9e, 0xc8, 0x1d, 0xe9, 0x95, 0xf4, 0xfb, 0x7d, 0x3e, 0xe0, 0xd3, 0xba,
	57	0x49, 0x3d, 0xff, 0xc7, 0xe0, 0x4b, 0xe2, 0x5f, 0x41, 0x44, 0x1a, 0xd9,
	58	0x2f, 0x6e, 0x29, 0xc3, 0x93, 0xc1, 0xb0, 0x87, 0x2d, 0xfd, 0x60, 0xa7,
	59	0xf3, 0xd8, 0x26, 0x6c, 0xf7, 0x80, 0x26, 0xd3, 0xbd, 0x1b, 0xc0, 0x8e,
	60	0xc7, 0x3e, 0x13, 0x96, 0xc8, 0xd6, 0xb8, 0xbc, 0x57, 0xe3, 0x92, 0xa1,
	61	0x38, 0xfd, 0x2e, 0xd3, 0x3a, 0xcf, 0x31, 0xf2, 0x52, 0xd7, 0x7f, 0xe9,
	62	0xbc, 0x9b, 0x83, 0x01, 0x78, 0x13, 0xc9, 0x91, 0x77, 0x02, 0x78, 0xc0,
	63	0x0b, 0x1f, 0xdf, 0x94, 0xad, 0x16, 0xf1, 0xad, 0x78, 0x17, 0xc5, 0x77,
	64	0x0d, 0xb7, 0x07, 0x3f, 0x51, 0xe0, 0x73, 0x33, 0xcf, 0x90, 0x69, 0xd8,
	65	0xe5, 0xda, 0x9b, 0x1e, 0xf6, 0x21, 0x12, 0x07, 0xb5, 0x1e, 0x3e, 0x2b,
	66	0x34, 0x79, 0x9e, 0x48, 0x01, 0xdd, 0x68, 0xf0, 0x0f, 0x18, 0xb5, 0x85,
	67	0x50, 0xd8, 0x9e, 0x04, 0xfd, 0x6d, 0xcd, 0xa6, 0x61, 0x2b, 0x54, 0x81,
	68	0x99, 0xf4, 0x63, 0xf4, 0xeb, 0x73, 0x98, 0xb3, 0x88, 0xf5, 0x50, 0xd4,
	69	0x5c, 0x67, 0x9e, 0x7c, 0xbc, 0xd8, 0xfd, 0xaf, 0xb8, 0x66, 0x7d, 0xdc,
	70	0xa5, 0x25, 0xb5, 0xe6, 0x64, 0xd7, 0x07, 0x72, 0x5a, 0x99, 0xf9, 0xf6,
	71	0x9e, 0xb8, 0x9c, 0xf4, 0xc7, 0xee, 0xee, 0x10, 0x13, 0x9c, 0x1a, 0x8c,
	72	0x23, 0x89, 0xcd, 0x7b, 0xf1, 0x47, 0x23, 0x51, 0x3c, 0xe5, 0xc2, 0x17,
	73	0x68, 0xca, 0x98, 0xb8, 0xed, 0xe5, 0x17, 0x6d, 0x0a, 0xde, 0x07, 0xd6,
	74	0x6c, 0x4f, 0x83, 0x4c, 0x9b, 0xca, 0x6a, 0x7d, 0xc8, 0x68, 0x12, 0xd7,
	75	0xf0, 0x37, 0x88, 0xf7, 0xbb, 0x68, 0x8b, 0xa4, 0xfd, 0xfe, 0x36, 0x11,
	76	0xb3, 0x2b, 0x85, 0x6d, 0xaa, 0x30, 0x31, 0xf1, 0x6f, 0x80, 0x72, 0x42,
	77	0x23, 0xfe, 0x93, 0x88, 0xcc, 0x1e, 0x4b, 0x53, 0x4f, 0x8e, 0x24, 0x67,
	78	0x4a, 0x72, 0xb6, 0x3c, 0x13, 0x00, 0x11, 0x4f, 0xe1, 0x30, 0xd6, 0xe7,
	79	0x45, 0x8f, 0xaf, 0xdd, 0xe5, 0xaa, 0xb7, 0x02, 0x17, 0x04, 0xf8, 0xd2,
	80	0xc1, 0x7b, 0x6c, 0x92, 0xec, 0x76, 0x94, 0x1b, 0xb0, 0xe4, 0xc3, 0x0c,
	81	0x9e, 0xee, 0xb5, 0xdc, 0x97, 0xca, 0x10, 0x1d, 0x17, 0x96, 0x45, 0xd4,
	82	0x04, 0x0c, 0xea, 0xca, 0x45, 0xfc, 0x52, 0x54, 0x82, 0x9b, 0xdf, 0x64,
	83	0xd6, 0x59, 0x6c, 0x12, 0x70, 0xf0, 0x19, 0xd8, 0x46, 0xbb, 0x08, 0x43,
	84	0x81, 0xa1, 0x73, 0xa8, 0x00, 0xc9, 0x4e, 0xb9, 0xd5, 0xfd, 0x42, 0x5f,
	85	0xcf, 0x94, 0x14, 0x18, 0xab, 0x9d, 0x11, 0xd0, 0xbd, 0x44, 0x88, 0x2c,
	86	0xd8, 0x29, 0xec, 0x94, 0x70, 0xf9, 0x42, 0x14, 0xf4, 0xb0, 0x3f, 0xfe,
	87	0x27, 0x16, 0x43, 0x59, 0x90, 0x14, 0x48, 0x61, 0x8c, 0x91, 0xd9, 0x37,
	88	0x41, 0xef, 0xf1, 0xe9, 0x15, 0x4a, 0x4f, 0x5e, 0x1f, 0x50, 0x25, 0x20,
	89	0x2d, 0xa6, 0xf8, 0x79, 0x0d, 0x92, 0xb0, 0x00, 0x0b, 0xa2, 0xfb, 0xc3,
	90	0x7b, 0x0f, 0xa6, 0xff, 0x75, 0x5d, 0x70, 0xaa, 0xcf, 0x0a, 0xdf, 0xe1,
	91	0xfc, 0x32, 0x53, 0x1e, 0xf6, 0xe6, 0x69, 0x9f, 0x09, 0xd0, 0xc8, 0xab,
	92	0xaf, 0xec, 0xb0, 0x04, 0xfa, 0x83, 0xe2, 0x29, 0x23, 0x54, 0x37, 0x87,
	93	0x63, 0x47, 0x75, 0x9b, 0xdb, 0x1f, 0x4f, 0x1b, 0x6b, 0xa6, 0xe2, 0x67,
	94	0x1c, 0xb4, 0x74, 0x9e, 0x48, 0x77, 0x61, 0xc2, 0x9a, 0x3e, 0x6b, 0x89,
	95	0xa9, 0x68, 0x74, 0x27, 0x01, 0x29, 0xd6, 0x46, 0xe8, 0x0f, 0xd0, 0x33,
	96	0x22, 0x00, 0x45, 0x6c, 0xde, 0x32, 0x28, 0x42, 0x57, 0xaf, 0x70, 0x28,
	97	0xa0, 0xd5, 0x99, 0xbb, 0x1f, 0xd7, 0x3c, 0x84, 0x20, 0x70, 0x1f, 0xe3,
	98	0xa9, 0x02, 0x82, 0x01, 0x01, 0x00, 0xe6, 0x68, 0xfe, 0x5f, 0x75, 0x71,
	99	0x2a, 0xd8, 0xcf, 0x0d, 0x1d, 0xf4, 0xa1, 0x06, 0x8b, 0xa5, 0x70, 0x6f,
	100	0x29, 0x03, 0xf3, 0x50, 0xd3, 0x83, 0x39, 0xf9, 0xf6, 0xe5, 0x79, 0x7a,
	101	0x29, 0x75, 0xde, 0xda, 0x6a, 0x98, 0x7c, 0x33, 0xf8, 0x64, 0xca, 0x86,
	102	0x5a, 0xda, 0x55, 0x5b, 0x4d, 0x7b, 0x1a, 0xe5, 0x5d, 0x19, 0x7d, 0xf3,
	103	0x57, 0x49, 0x3d, 0x7a, 0xe8, 0x3f, 0x5a, 0x40, 0x8c, 0x15, 0xc7, 0xb0,
	104	0x53, 0xf8, 0x63, 0x42, 0x17, 0x7c, 0x20, 0xb9, 0xfc, 0xff, 0x27, 0xd0,
	105	0xc2, 0x0c, 0x45, 0x52, 0x1b, 0x75, 0x1f, 0x89, 0x87, 0xc4, 0xa8, 0x07,
	106	0x3b, 0x73, 0x16, 0xc7, 0xd7, 0x77, 0x2e, 0x47, 0xa2, 0x7d, 0x12, 0xb4,
	107	0x25, 0x24, 0x5e, 0xa5, 0xb2, 0x12, 0x76, 0x65, 0xd1, 0xcd, 0xa4, 0x66,
	108	0x33, 0x2d, 0xed, 0xb2, 0x85, 0xb0, 0xb3, 0x33, 0x56, 0x18, 0x5a, 0xb3,
	109	0x75, 0x43, 0x4d, 0x40, 0x14, 0x22, 0x55, 0xf6, 0x5a, 0x0c, 0x6a, 0xb3,
	110	0xc3, 0x8a, 0x9b, 0x76, 0x1e, 0x23, 0x8d, 0x4a, 0x8f, 0x38, 0x21, 0x25,
	111	0x43, 0x45, 0xf6, 0x25, 0x46, 0xdb, 0xae, 0x42, 0x43, 0x74, 0x69, 0x15,
	112	0x46, 0xf0, 0x3a, 0x41, 0x4f, 0x9f, 0xfe, 0xda, 0x07, 0x0b, 0x38, 0xbe,
	113	0x6b, 0xad, 0xc2, 0xef, 0x5b, 0x97, 0x18, 0x42, 0x13, 0xac, 0x13, 0x15,
	114	0x70, 0x7b, 0xe2, 0x00, 0xbb, 0x41, 0x22, 0x99, 0xe5, 0xd3, 0x67, 0xfe,
	115	0xfd, 0xbd, 0x8e, 0xc3, 0xca, 0x60, 0x59, 0x3d, 0x8f, 0x85, 0x76, 0x41,
	116	0xf0, 0xb8, 0x09, 0x1a, 0x48, 0x50, 0xe4, 0x9c, 0x4a, 0x56, 0x02, 0x60,
	117	0x76, 0xff, 0xde, 0xd4, 0x8e, 0x76, 0xa3, 0x9c, 0x30, 0xb4, 0xa4, 0x73,
	118	0xe6, 0xb0, 0x70, 0xac, 0x67, 0x5f, 0x25, 0xd2, 0x94, 0xc5, 0x25, 0xb6,
	119	0xbf, 0xf6, 0x0b, 0xd8, 0x9f, 0x35, 0x8c, 0x20, 0xb6, 0xdd, 0x02, 0x82,
	120	0x01, 0x01, 0x00, 0xb5, 0x31, 0x9e, 0xa2, 0x10, 0x38, 0xca, 0x2b, 0x07,
	121	0xc9, 0x3f, 0x0f, 0x18, 0x2c, 0x98, 0x7f, 0x15, 0x87, 0x92, 0x93, 0x2e,
	122	0xce, 0x6b, 0x11, 0x42, 0x2a, 0x94, 0x3e, 0x31, 0xd0, 0xf5, 0xae, 0x9d,
	123	0xc7, 0x67, 0x51, 0x3c, 0x0a, 0x52, 0x04, 0x94, 0x86, 0x2e, 0x50, 0x32,
	124	0xe1, 0x48, 0x83, 0x85, 0xe8, 0x82, 0x04, 0x2f, 0x25, 0xbc, 0xea, 0xfc,
	125	0x3d, 0x4b, 0xd1, 0x53, 0x90, 0x61, 0x97, 0x47, 0x73, 0xcd, 0x1f, 0xa9,
	126	0x5a, 0x3f, 0xfb, 0xbf, 0xc3, 0xd5, 0x19, 0xb6, 0xd3, 0x59, 0x57, 0x37,
	127	0xd9, 0x09, 0x29, 0xd3, 0x80, 0xc4, 0xae, 0x52, 0xce, 0xce, 0x82, 0x29,
	128	0x6b, 0x95, 0x44, 0x69, 0x33, 0xfd, 0x6a, 0x6d, 0x65, 0xf7, 0xa9, 0xc0,
	129	0x65, 0x25, 0x91, 0x05, 0xdf, 0x07, 0xbe, 0x61, 0x5c, 0xaa, 0x8f, 0x87,
	130	0xc8, 0x43, 0xd7, 0x30, 0xd0, 0x8b, 0x25, 0xaf, 0xb8, 0x5d, 0x50, 0x4e,
	131	0x31, 0x4a, 0xc9, 0x79, 0x56, 0xbf, 0x8d, 0xcc, 0x40, 0xa7, 0xea, 0xd4,
	132	0xf7, 0x66, 0x86, 0xe2, 0x0b, 0xf3, 0x13, 0xbc, 0xdc, 0x0d, 0x62, 0x28,
	133	0x4e, 0xb7, 0x31, 0xb4, 0x5a, 0x9b, 0x97, 0x65, 0x76, 0x24, 0xbb, 0xef,
	134	0x90, 0x1b, 0xdb, 0x93, 0x98, 0xae, 0xce, 0xb0, 0x69, 0x82, 0x49, 0x94,
	135	0xc0, 0xc3, 0x8f, 0x9c, 0x5d, 0x26, 0x45, 0xa0, 0xad, 0x15, 0x3b, 0x6e,
	136	0xda, 0x6e, 0x78, 0xc1, 0x78, 0xc3, 0x15, 0x8e, 0x64, 0xaf, 0x50, 0xa6,
	137	0xb7, 0xd9, 0xfb, 0x8f, 0x68, 0xa0, 0x2d, 0x59, 0xa9, 0xce, 0x5b, 0xa7,
	138	0x91, 0x36, 0xb8, 0x05, 0x28, 0x31, 0x25, 0xc7, 0x7e, 0xa4, 0x68, 0x9d,
	139	0xea, 0x5c, 0x71, 0x10, 0x84, 0xab, 0xc4, 0xd7, 0xbe, 0x7d, 0xe9, 0x4a,
	140	0x11, 0x22, 0xa6, 0xd5, 0xa3, 0x6e, 0x46, 0x07, 0x70, 0x78, 0xcc, 0xd5,
	141	0xbc, 0xfe, 0xc4, 0x39, 0x58, 0xf4, 0xbb, 0x02, 0x82, 0x01, 0x01, 0x00,
	142	0xaa, 0x0c, 0x73, 0x30, 0x20, 0x8d, 0x15, 0x02, 0x4e, 0x4d, 0x6f, 0xfe,
	143	0x4b, 0x99, 0x79, 0x16, 0xf0, 0x94, 0x19, 0xc1, 0x40, 0xa2, 0x36, 0x78,
	144	0x73, 0x21, 0x78, 0x86, 0x83, 0xd1, 0x15, 0x28, 0x59, 0x00, 0xfa, 0x0a,
	145	0xf0, 0x1f, 0xab, 0x03, 0x38, 0x35, 0x50, 0x78, 0x32, 0xe6, 0xdf, 0x98,
	146	0x2b, 0x91, 0x7b, 0xd4, 0x84, 0x90, 0x43, 0xab, 0x5a, 0x24, 0x8b, 0xa3,
	147	0xb6, 0x08, 0x4d, 0x5b, 0x05, 0xb5, 0xad, 0x43, 0x74, 0x7e, 0x22, 0xb7,
	148	0x09, 0xb0, 0x3a, 0x78, 0x55, 0xfa, 0x4c, 0x3c, 0xa2, 0x2c, 0xa6, 0xf7,
	149	0x19, 0xff, 0x76, 0xa4, 0x3d, 0x1e, 0x99, 0x51, 0xa7, 0x4e, 0x76, 0x47,
	150	0x0f, 0x70, 0xef, 0x0b, 0x3f, 0xf2, 0x94, 0x36, 0xf3, 0x63, 0x76, 0xb9,
	151	0x09, 0x88, 0xbb, 0xfe, 0xf9, 0x86, 0x33, 0xdf, 0x81, 0xbe, 0x6f, 0xcc,
	152	0xa9, 0x75, 0x09, 0xe5, 0x8f, 0x8b, 0x42, 0xd0, 0x19, 0x03, 0x61, 0xd8,
	153	0xb5, 0x78, 0xcb, 0x9c, 0xbe, 0x63, 0x4d, 0xbd, 0xce, 0x5e, 0xae, 0x7f,
	154	0xae, 0x97, 0x88, 0x7b, 0xf4, 0x7a, 0x7b, 0xdb, 0xf6, 0x7e, 0x2c, 0x7d,
	155	0x95, 0x6e, 0x72, 0x3a, 0x48, 0x13, 0xdb, 0xf7, 0x10, 0x07, 0x83, 0xac,
	156	0xa1, 0x7a, 0x68, 0x18, 0x70, 0x18, 0x99, 0x7f, 0xf4, 0x8e, 0x93, 0x1a,
	157	0x40, 0x5d, 0x04, 0x07, 0xcb, 0x4d, 0xd7, 0x66, 0x96, 0xb5, 0xd3, 0x7d,
	158	0x8e, 0xfb, 0xe6, 0x12, 0xd0, 0x7d, 0xf0, 0xe7, 0x25, 0xa6, 0x7a, 0x86,
	159	0x01, 0x56, 0xdd, 0xc5, 0xb2, 0x31, 0x98, 0x67, 0x3a, 0xd0, 0x9a, 0xee,
	160	0x98, 0xca, 0x80, 0x52, 0x5a, 0x0e, 0xb7, 0xc4, 0xbf, 0xc0, 0x40, 0x24,
	161	0x6f, 0x3b, 0xa6, 0xf6, 0xab, 0x28, 0x9e, 0xe9, 0x39, 0x3f, 0x04, 0x4b,
	162	0xc4, 0xae, 0x55, 0xfd, 0xea, 0x87, 0xa5, 0xc5, 0x01, 0x99, 0x2e, 0x67,
	163	0x66, 0xb3, 0xfe, 0x41, 0x02, 0x82, 0x01, 0x00, 0x05, 0x26, 0x96, 0xf2,
	164	0xd6, 0x71, 0x36, 0xd6, 0x08, 0x4f, 0xa1, 0x3a, 0x45, 0x9e, 0xa6, 0xeb,
	165	0x1d, 0xea, 0x8f, 0xb1, 0x1d, 0x68, 0x82, 0xc4, 0xa7, 0xd3, 0xdc, 0x08,
	166	0xf4, 0x93, 0x93, 0x18, 0x56, 0xa5, 0xdf, 0x7b, 0x00, 0xb0, 0xee, 0x69,
	167	0xf0, 0xea, 0xeb, 0x90, 0x1e, 0x12, 0x27, 0x64, 0x8d, 0xbe, 0xf1, 0x4b,
	168	0x3b, 0x27, 0xe0, 0x79, 0xf1, 0x97, 0xb0, 0x7b, 0x0f, 0xdc, 0x0f, 0xda,
	169	0x24, 0x0e, 0xd7, 0xaa, 0xe9, 0xbe, 0x86, 0x09, 0x1b, 0x07, 0x6f, 0x1c,
	170	0x5f, 0x05, 0x1d, 0x0a, 0x0c, 0xad, 0x5f, 0xc4, 0x4f, 0x9d, 0xde, 0x79,
	171	0x72, 0x23, 0x2c, 0xdd, 0xa8, 0x5d, 0xc5, 0x8d, 0x7f, 0x4c, 0x1a, 0x0d,
	172	0x17, 0x75, 0x09, 0x98, 0x4a, 0xbe, 0xd5, 0x55, 0x8d, 0x0c, 0x2d, 0x05,
	173	0x2d, 0x71, 0x5b, 0xeb, 0xde, 0x99, 0x43, 0xcc, 0x6f, 0x37, 0xce, 0x6c,
	174	0xd0, 0xd4, 0xf5, 0xda, 0x1d, 0x8e, 0xeb, 0x28, 0x55, 0x09, 0xb1, 0x42,
	175	0x4f, 0xa7, 0x1a, 0xde, 0xe3, 0x14, 0xf1, 0x56, 0x2e, 0x40, 0xd6, 0xb5,
	176	0x1d, 0xee, 0x47, 0x77, 0x1d, 0xdc, 0x36, 0xfa, 0xf3, 0xbc, 0x8b, 0xa5,
	177	0xbf, 0x1d, 0x9f, 0xa7, 0xb4, 0x04, 0xad, 0xb6, 0x0d, 0x39, 0x0e, 0xe7,
	178	0x13, 0x3e, 0xbc, 0x94, 0x68, 0xe5, 0x1d, 0xea, 0x0c, 0x30, 0xdd, 0xb0,
	179	0xa7, 0x03, 0xa4, 0x91, 0xde, 0xf1, 0xd8, 0xa8, 0x18, 0x1f, 0xdd, 0xb3,
	180	0xd4, 0x2b, 0x6a, 0x8c, 0x69, 0x60, 0xda, 0x92, 0x7b, 0x1e, 0x27, 0x47,
	181	0x82, 0xbf, 0xff, 0xfc, 0xbd, 0x03, 0xb4, 0xc1, 0x80, 0x6c, 0x07, 0x11,
	182	0xa2, 0xdd, 0x27, 0xc1, 0x4d, 0x93, 0xe6, 0xf2, 0xd3, 0xdc, 0x61, 0xa1,
	183	0xa3, 0xdc, 0x67, 0x69, 0xe5, 0x50, 0x1d, 0x63, 0x0e, 0xb9, 0xa9, 0x9d,
	184	0xd6, 0x02, 0x4d, 0x7c, 0xcd, 0x2a, 0xa5, 0x37, 0x60, 0xc5, 0xf5, 0x97,
	185	0x02, 0x82, 0x01, 0x00, 0x14, 0x8b, 0x04, 0xdb, 0x4e, 0x41, 0x4a, 0xcd,
	186	0x86, 0x2e, 0x5f, 0x13, 0xb3, 0x48, 0x1e, 0x00, 0xdf, 0x8d, 0x0b, 0x35,
	187	0x51, 0x51, 0x1b, 0x16, 0x3d, 0x49, 0x4e, 0xe1, 0xee, 0x4d, 0xc7, 0x03,
	188	0xc0, 0xf6, 0x5c, 0x6c, 0x36, 0xe8, 0x22, 0xa5, 0x79, 0xb4, 0x4c, 0xce,
	189	0xa8, 0x45, 0x12, 0x2c, 0xf3, 0x6a, 0xcd, 0x33, 0xbd, 0xd0, 0x84, 0x4d,
	190	0xf7, 0x8f, 0xb5, 0x80, 0x1f, 0x18, 0x52, 0xad, 0xad, 0xce, 0xcd, 0x94,
	191	0xc9, 0xc6, 0xb4, 0xd2, 0x14, 0x29, 0xe4, 0xc7, 0x40, 0xf1, 0x0b, 0x85,
	192	0x43, 0xaf, 0x11, 0xd3, 0x46, 0x0a, 0xb1, 0x15, 0x87, 0x1f, 0x4e, 0x2e,
	193	0xc1, 0x11, 0xe9, 0x24, 0x70, 0x40, 0xba, 0x0b, 0x0e, 0x4a, 0xac, 0x45,
	194	0x21, 0xcc, 0x6d, 0xa4, 0x1d, 0x55, 0x33, 0x89, 0x4c, 0x65, 0x21, 0x23,
	195	0xab, 0x61, 0x31, 0xcb, 0x11, 0x65, 0xb3, 0x80, 0xa4, 0x5a, 0x2b, 0xf1,
	196	0x65, 0xdb, 0x4c, 0x58, 0x5a, 0xbe, 0xf3, 0x15, 0xcd, 0x94, 0xa1, 0xe4,
	197	0xcb, 0x30, 0xfa, 0xe1, 0x28, 0x51, 0x52, 0xd2, 0xb8, 0xb4, 0x8c, 0xfc,
	198	0x3a, 0xcc, 0xd1, 0x19, 0xa2, 0x27, 0x36, 0xfa, 0xc4, 0x23, 0x96, 0xb9,
	199	0xc7, 0x74, 0xca, 0xf1, 0x45, 0x1f, 0x4b, 0xc2, 0x77, 0x4d, 0x32, 0x3f,
	200	0xab, 0x7a, 0xd9, 0x2b, 0x22, 0x1d, 0xcb, 0x24, 0x58, 0x29, 0xa3, 0xb8,
	201	0x92, 0xdb, 0x1c, 0xda, 0x84, 0x01, 0xca, 0x6d, 0x4a, 0x50, 0xd4, 0x2b,
	202	0x79, 0xfa, 0xc5, 0x4c, 0x9d, 0x79, 0x49, 0xf1, 0xde, 0xbd, 0x3f, 0x50,
	203	0xa7, 0xa6, 0xc6, 0xc7, 0x99, 0x61, 0x9b, 0xda, 0x38, 0xdc, 0xbe, 0x85,
	204	0x75, 0x81, 0xb9, 0x0f, 0x33, 0xd0, 0xd4, 0xd0, 0xaa, 0xbd, 0x32, 0xc9,
	205	0x62, 0xe8, 0x21, 0x24, 0xeb, 0x03, 0x73, 0x46, 0xb3, 0x84, 0x65, 0xf2,
	206	0x40, 0x7d, 0x1b, 0x1b, 0x8f, 0x86, 0x7c, 0xe7
	207	};
	208
	209	/* The corresponding public key, DER. */
	210	static const unsigned char rsa_pub_key[] = {
	211	0x30, 0x82, 0x02, 0x0a, 0x02, 0x82, 0x02, 0x01, 0x00, 0xa3, 0x14, 0xe4,
	212	0xb8, 0xd8, 0x58, 0x0d, 0xab, 0xd7, 0x87, 0xa4, 0xf6, 0x84, 0x51, 0x74,
	213	0x60, 0x4c, 0xe3, 0x60, 0x28, 0x89, 0x49, 0x65, 0x18, 0x5c, 0x8f, 0x1a,
	214	0x1b, 0xe9, 0xdb, 0xc1, 0xc1, 0xf7, 0x08, 0x27, 0x44, 0xe5, 0x9d, 0x9a,
	215	0x33, 0xc3, 0xac, 0x5a, 0xca, 0xba, 0x20, 0x5a, 0x9e, 0x3a, 0x18, 0xb5,
	216	0x3d, 0xe3, 0x9d, 0x94, 0x58, 0xa7, 0xa9, 0x5a, 0x0b, 0x4f, 0xb8, 0xe5,
	217	0xa3, 0x7b, 0x01, 0x11, 0x0f, 0x16, 0x11, 0xb8, 0x65, 0x2f, 0xa8, 0x95,
	218	0xf7, 0x58, 0x2c, 0xec, 0x1d, 0x41, 0xad, 0xd1, 0x12, 0xca, 0x4a, 0x80,
	219	0x35, 0x35, 0x43, 0x7e, 0xe0, 0x97, 0xfc, 0x86, 0x8f, 0xcf, 0x4b, 0xdc,
	220	0xbc, 0x15, 0x2c, 0x8e, 0x90, 0x84, 0x26, 0x83, 0xc1, 0x96, 0x97, 0xf4,
	221	0xd7, 0x90, 0xce, 0xfe, 0xd4, 0xf3, 0x70, 0x22, 0xa8, 0xb0, 0x1f, 0xed,
	222	0x08, 0xd7, 0xc5, 0xc0, 0xd6, 0x41, 0x6b, 0x24, 0x68, 0x5c, 0x07, 0x1f,
	223	0x44, 0x97, 0xd8, 0x6e, 0x18, 0x93, 0x67, 0xc3, 0xba, 0x3a, 0xaf, 0xfd,
	224	0xc2, 0x65, 0x00, 0x21, 0x63, 0xdf, 0xb7, 0x28, 0x68, 0xd6, 0xc0, 0x20,
	225	0x86, 0x92, 0xed, 0x68, 0x6a, 0x27, 0x3a, 0x07, 0xec, 0x66, 0x00, 0xfe,
	226	0x51, 0x51, 0x86, 0x41, 0x6f, 0x83, 0x69, 0xd2, 0xf0, 0xe6, 0xf7, 0x61,
	227	0xda, 0x12, 0x45, 0x53, 0x09, 0xdf, 0xf8, 0x42, 0xc7, 0x30, 0x6a, 0xe5,
	228	0xd8, 0x2b, 0xa2, 0x49, 0x7a, 0x05, 0x10, 0xee, 0xb2, 0x59, 0x0a, 0xe5,
	229	0xbe, 0xf8, 0x4d, 0x0f, 0xa8, 0x9e, 0x63, 0x81, 0x39, 0x32, 0xaa, 0xfd,
	230	0xa8, 0x03, 0xf6, 0xd8, 0xc6, 0xaa, 0x02, 0x93, 0x03, 0xeb, 0x15, 0xd3,
	231	0x38, 0xc8, 0x1a, 0x78, 0xcf, 0xf3, 0xa7, 0x9f, 0x98, 0x4b, 0x91, 0x5b,
	232	0x79, 0xf8, 0x4e, 0x53, 0xaf, 0x0c, 0x65, 0xe9, 0xb0, 0x93, 0xc2, 0xcb,
	233	0x5d, 0x3c, 0x5f, 0x6e, 0x39, 0xd2, 0x58, 0x23, 0x50, 0xe5, 0x2e, 0xef,
	234	0x12, 0x00, 0xa4, 0x59, 0x13, 0x2b, 0x2f, 0x2c, 0x0a, 0x7b, 0x36, 0x89,
	235	0xc5, 0xe5, 0x8f, 0x95, 0x5e, 0x14, 0x0f, 0x0f, 0x94, 0x5a, 0xe9, 0xdc,
	236	0x0b, 0x49, 0x14, 0xbe, 0x0a, 0x70, 0x45, 0xc1, 0x7c, 0xbf, 0x83, 0x70,
	237	0xfd, 0x3d, 0x99, 0xe6, 0x8a, 0xf5, 0x9c, 0x09, 0x71, 0x84, 0x9a, 0x18,
	238	0xa0, 0xe0, 0x6c, 0x43, 0x5c, 0x7e, 0x48, 0x33, 0xc8, 0xbe, 0x5d, 0xdd,
	239	0xd8, 0x77, 0xe3, 0xe7, 0x6b, 0x34, 0x4b, 0xa2, 0xb7, 0x54, 0x07, 0x72,
	240	0x2e, 0xab, 0xa9, 0x91, 0x1e, 0x4b, 0xe3, 0xb5, 0xd8, 0xfa, 0x35, 0x64,
	241	0x8a, 0xe9, 0x03, 0xa1, 0xa8, 0x26, 0xbd, 0x72, 0x58, 0x10, 0x6a, 0xec,
	242	0x1a, 0xf6, 0x1e, 0xb8, 0xc0, 0x46, 0x19, 0x31, 0x2c, 0xca, 0xf9, 0x6a,
	243	0xd7, 0x2e, 0xd0, 0xa7, 0x2c, 0x60, 0x58, 0xc4, 0x8f, 0x46, 0x63, 0x61,
	244	0x8d, 0x29, 0x6f, 0xe2, 0x5f, 0xe2, 0x43, 0x90, 0x9c, 0xe6, 0xfc, 0x08,
	245	0x41, 0xc8, 0xb5, 0x23, 0x56, 0x24, 0x3e, 0x3a, 0x2c, 0x41, 0x22, 0x43,
	246	0xda, 0x22, 0x15, 0x2b, 0xad, 0xd0, 0xfa, 0xc8, 0x47, 0x44, 0xe6, 0x2a,
	247	0xf9, 0x38, 0x90, 0x13, 0x62, 0x22, 0xea, 0x06, 0x8c, 0x44, 0x9c, 0xd6,
	248	0xca, 0x50, 0x93, 0xe9, 0xd4, 0x03, 0xd8, 0x3e, 0x71, 0x36, 0x4b, 0xaa,
	249	0xab, 0xbb, 0xe2, 0x48, 0x66, 0x26, 0x53, 0xb1, 0x6d, 0x3b, 0x82, 0x2c,
	250	0x8c, 0x25, 0x05, 0xf0, 0xf8, 0xcf, 0x55, 0xbf, 0x8e, 0x29, 0xf7, 0x54,
	251	0x5b, 0x6f, 0x30, 0x54, 0xa6, 0xad, 0x46, 0xff, 0x22, 0x95, 0xb1, 0x87,
	252	0x98, 0x00, 0x51, 0x69, 0x15, 0x07, 0xbd, 0x3d, 0x9c, 0x6e, 0xaa, 0xaa,
	253	0x3b, 0x0b, 0x74, 0x65, 0x4c, 0x04, 0xe0, 0x80, 0x3e, 0xaf, 0x5e, 0x10,
	254	0xd6, 0x9b, 0x28, 0x37, 0x6f, 0x02, 0x03, 0x01, 0x00, 0x01
	255	};

+204

-0

demos/signature/rsa_pss_direct.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <stdio.h>
	10	#include <stdlib.h>
	11	#include <openssl/core_names.h>
	12	#include <openssl/evp.h>
	13	#include <openssl/rsa.h>
	14	#include <openssl/params.h>
	15	#include <openssl/err.h>
	16	#include <openssl/bio.h>
	17	#include "rsa_pss.h"
	18
	19	/*
	20	* The digest to be signed. This should be the output of a hash function.
	21	* Here we sign an all-zeroes digest for demonstration purposes.
	22	*/
	23	static const unsigned char test_digest[32] = {0};
	24
	25	/* A property query used for selecting algorithm implementations. */
	26	static const char *propq = NULL;
	27
	28	/*
	29	* This function demonstrates RSA signing of a SHA-256 digest using the PSS
	30	* padding scheme. You must already have hashed the data you want to sign.
	31	* For a higher-level demonstration which does the hashing for you, see
	32	* rsa_pss_hash.c.
	33	*
	34	* For more information, see RFC 8017 section 9.1. The digest passed in
	35	* (test_digest above) corresponds to the 'mHash' value.
	36	*/
	37	static int sign(OSSL_LIB_CTX libctx, unsigned char sig, size_t sig_len)
	38	{
	39	int rv = 0;
	40	EVP_PKEY *pkey = NULL;
	41	EVP_PKEY_CTX *ctx = NULL;
	42	EVP_MD *md = NULL;
	43	const unsigned char *ppriv_key = NULL;
	44
	45	*sig = NULL;
	46
	47	/* Load DER-encoded RSA private key. */
	48	ppriv_key = rsa_priv_key;
	49	pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &ppriv_key,
	50	sizeof(rsa_priv_key), libctx, propq);
	51	if (pkey == NULL) {
	52	fprintf(stderr, "Failed to load private key\n");
	53	goto end;
	54	}
	55
	56	/* Fetch hash algorithm we want to use. */
	57	md = EVP_MD_fetch(libctx, "SHA256", propq);
	58	if (md == NULL) {
	59	fprintf(stderr, "Failed to fetch hash algorithm\n");
	60	goto end;
	61	}
	62
	63	/* Create signing context. */
	64	ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
	65	if (ctx == NULL) {
	66	fprintf(stderr, "Failed to create signing context\n");
	67	goto end;
	68	}
	69
	70	/* Initialize context for signing and set options. */
	71	if (EVP_PKEY_sign_init(ctx) == 0) {
	72	fprintf(stderr, "Failed to initialize signing context\n");
	73	goto end;
	74	}
	75
	76	if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) == 0) {
	77	fprintf(stderr, "Failed to configure padding\n");
	78	goto end;
	79	}
	80
	81	if (EVP_PKEY_CTX_set_signature_md(ctx, md) == 0) {
	82	fprintf(stderr, "Failed to configure digest type\n");
	83	goto end;
	84	}
	85
	86	/* Determine length of signature. */
	87	if (EVP_PKEY_sign(ctx, NULL, sig_len,
	88	test_digest, sizeof(test_digest)) == 0) {
	89	fprintf(stderr, "Failed to get signature length\n");
	90	goto end;
	91	}
	92
	93	/* Allocate memory for signature. */
	94	sig = OPENSSL_malloc(sig_len);
	95	if (*sig == NULL) {
	96	fprintf(stderr, "Failed to allocate memory for signature\n");
	97	goto end;
	98	}
	99
	100	/* Generate signature. */
	101	if (EVP_PKEY_sign(ctx, *sig, sig_len,
	102	test_digest, sizeof(test_digest)) != 1) {
	103	fprintf(stderr, "Failed to sign\n");
	104	goto end;
	105	}
	106
	107	rv = 1;
	108	end:
	109	EVP_PKEY_CTX_free(ctx);
	110	EVP_PKEY_free(pkey);
	111	EVP_MD_free(md);
	112
	113	if (rv == 0)
	114	OPENSSL_free(*sig);
	115
	116	return rv;
	117	}
	118
	119	/*
	120	* This function demonstrates verification of an RSA signature over a SHA-256
	121	* digest using the PSS signature scheme.
	122	*/
	123	static int verify(OSSL_LIB_CTX libctx, const unsigned char sig, size_t sig_len)
	124	{
	125	int rv = 0;
	126	const unsigned char *ppub_key = NULL;
	127	EVP_PKEY *pkey = NULL;
	128	EVP_PKEY_CTX *ctx = NULL;
	129	EVP_MD *md = NULL;
	130
	131	/* Load DER-encoded RSA public key. */
	132	ppub_key = rsa_pub_key;
	133	pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ppub_key, sizeof(rsa_pub_key));
	134	if (pkey == NULL) {
	135	fprintf(stderr, "Failed to load public key\n");
	136	goto end;
	137	}
	138
	139	/* Fetch hash algorithm we want to use. */
	140	md = EVP_MD_fetch(libctx, "SHA256", propq);
	141	if (md == NULL) {
	142	fprintf(stderr, "Failed to fetch hash algorithm\n");
	143	goto end;
	144	}
	145
	146	/* Create verification context. */
	147	ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
	148	if (ctx == NULL) {
	149	fprintf(stderr, "Failed to create verification context\n");
	150	goto end;
	151	}
	152
	153	/* Initialize context for verification and set options. */
	154	if (EVP_PKEY_verify_init(ctx) == 0) {
	155	fprintf(stderr, "Failed to initialize verification context\n");
	156	goto end;
	157	}
	158
	159	if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) == 0) {
	160	fprintf(stderr, "Failed to configure padding\n");
	161	goto end;
	162	}
	163
	164	if (EVP_PKEY_CTX_set_signature_md(ctx, md) == 0) {
	165	fprintf(stderr, "Failed to configure digest type\n");
	166	goto end;
	167	}
	168
	169	/* Verify signature. */
	170	if (EVP_PKEY_verify(ctx, sig, sig_len,
	171	test_digest, sizeof(test_digest)) == 0) {
	172	fprintf(stderr, "Failed to verify signature; "
	173	"signature may be invalid\n");
	174	goto end;
	175	}
	176
	177	rv = 1;
	178	end:
	179	EVP_PKEY_CTX_free(ctx);
	180	EVP_PKEY_free(pkey);
	181	EVP_MD_free(md);
	182	return rv;
	183	}
	184
	185	int main(int argc, char **argv)
	186	{
	187	int rv = 1;
	188	OSSL_LIB_CTX *libctx = NULL;
	189	unsigned char *sig = NULL;
	190	size_t sig_len = 0;
	191
	192	if (sign(libctx, &sig, &sig_len) == 0)
	193	goto end;
	194
	195	if (verify(libctx, sig, sig_len) == 0)
	196	goto end;
	197
	198	rv = 0;
	199	end:
	200	OPENSSL_free(sig);
	201	OSSL_LIB_CTX_free(libctx);
	202	return rv;
	203	}

+189

-0

demos/signature/rsa_pss_hash.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
	9	#include <stdio.h>
	10	#include <stdlib.h>
	11	#include <openssl/core_names.h>
	12	#include <openssl/evp.h>
	13	#include <openssl/rsa.h>
	14	#include <openssl/params.h>
	15	#include <openssl/err.h>
	16	#include <openssl/bio.h>
	17	#include "rsa_pss.h"
	18
	19	/* The data to be signed. This will be hashed. */
	20	static const char test_message[] =
	21	"This is an example message to be signed.";
	22
	23	/* A property query used for selecting algorithm implementations. */
	24	static const char *propq = NULL;
	25
	26	/*
	27	* This function demonstrates RSA signing of an arbitrary-length message.
	28	* Hashing is performed automatically. In this example, SHA-256 is used. If you
	29	* have already hashed your message and simply want to sign the hash directly,
	30	* see rsa_pss_direct.c.
	31	*/
	32	static int sign(OSSL_LIB_CTX libctx, unsigned char sig, size_t sig_len)
	33	{
	34	int rv = 0;
	35	EVP_PKEY *pkey = NULL;
	36	EVP_MD_CTX *mctx = NULL;
	37	OSSL_PARAM params[2], *p = params;
	38	const unsigned char *ppriv_key = NULL;
	39
	40	*sig = NULL;
	41
	42	/* Load DER-encoded RSA private key. */
	43	ppriv_key = rsa_priv_key;
	44	pkey = d2i_PrivateKey_ex(EVP_PKEY_RSA, NULL, &ppriv_key,
	45	sizeof(rsa_priv_key), libctx, propq);
	46	if (pkey == NULL) {
	47	fprintf(stderr, "Failed to load private key\n");
	48	goto end;
	49	}
	50
	51	/* Create MD context used for signing. */
	52	mctx = EVP_MD_CTX_new();
	53	if (mctx == NULL) {
	54	fprintf(stderr, "Failed to create MD context\n");
	55	goto end;
	56	}
	57
	58	/* Initialize MD context for signing. */
	59	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
	60	OSSL_PKEY_RSA_PAD_MODE_PSS, 0);
	61	*p = OSSL_PARAM_construct_end();
	62
	63	if (EVP_DigestSignInit_ex(mctx, NULL, "SHA256", libctx, propq,
	64	pkey, params) == 0) {
	65	fprintf(stderr, "Failed to initialize signing context\n");
	66	goto end;
	67	}
	68
	69	/*
	70	* Feed data to be signed into the algorithm. This may
	71	* be called multiple times.
	72	*/
	73	if (EVP_DigestSignUpdate(mctx, test_message, sizeof(test_message)) == 0) {
	74	fprintf(stderr, "Failed to hash message into signing context\n");
	75	goto end;
	76	}
	77
	78	/* Determine signature length. */
	79	if (EVP_DigestSignFinal(mctx, NULL, sig_len) == 0) {
	80	fprintf(stderr, "Failed to get signature length\n");
	81	goto end;
	82	}
	83
	84	/* Allocate memory for signature. */
	85	sig = OPENSSL_malloc(sig_len);
	86	if (*sig == NULL) {
	87	fprintf(stderr, "Failed to allocate memory for signature\n");
	88	goto end;
	89	}
	90
	91	/* Generate signature. */
	92	if (EVP_DigestSignFinal(mctx, *sig, sig_len) == 0) {
	93	fprintf(stderr, "Failed to sign\n");
	94	goto end;
	95	}
	96
	97	rv = 1;
	98	end:
	99	EVP_MD_CTX_free(mctx);
	100	EVP_PKEY_free(pkey);
	101
	102	if (rv == 0)
	103	OPENSSL_free(*sig);
	104
	105	return rv;
	106	}
	107
	108	/*
	109	* This function demonstrates verification of an RSA signature over an
	110	* arbitrary-length message using the PSS signature scheme. Hashing is performed
	111	* automatically.
	112	*/
	113	static int verify(OSSL_LIB_CTX libctx, const unsigned char sig, size_t sig_len)
	114	{
	115	int rv = 0;
	116	EVP_PKEY *pkey = NULL;
	117	EVP_MD_CTX *mctx = NULL;
	118	OSSL_PARAM params[2], *p = params;
	119	const unsigned char *ppub_key = NULL;
	120
	121	/* Load DER-encoded RSA public key. */
	122	ppub_key = rsa_pub_key;
	123	pkey = d2i_PublicKey(EVP_PKEY_RSA, NULL, &ppub_key, sizeof(rsa_pub_key));
	124	if (pkey == NULL) {
	125	fprintf(stderr, "Failed to load public key\n");
	126	goto end;
	127	}
	128
	129	/* Create MD context used for verification. */
	130	mctx = EVP_MD_CTX_new();
	131	if (mctx == NULL) {
	132	fprintf(stderr, "Failed to create MD context\n");
	133	goto end;
	134	}
	135
	136	/* Initialize MD context for verification. */
	137	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
	138	OSSL_PKEY_RSA_PAD_MODE_PSS, 0);
	139	*p = OSSL_PARAM_construct_end();
	140
	141	if (EVP_DigestVerifyInit_ex(mctx, NULL, "SHA256", libctx, propq,
	142	pkey, params) == 0) {
	143	fprintf(stderr, "Failed to initialize signing context\n");
	144	goto end;
	145	}
	146
	147	/*
	148	* Feed data to be signed into the algorithm. This may
	149	* be called multiple times.
	150	*/
	151	if (EVP_DigestVerifyUpdate(mctx, test_message, sizeof(test_message)) == 0) {
	152	fprintf(stderr, "Failed to hash message into signing context\n");
	153	goto end;
	154	}
	155
	156	/* Verify signature. */
	157	if (EVP_DigestVerifyFinal(mctx, sig, sig_len) == 0) {
	158	fprintf(stderr, "Failed to verify signature; "
	159	"signature may be invalid\n");
	160	goto end;
	161	}
	162
	163	rv = 1;
	164	end:
	165	EVP_MD_CTX_free(mctx);
	166	EVP_PKEY_free(pkey);
	167	return rv;
	168	}
	169
	170	int main(int argc, char **argv)
	171	{
	172	int rv = 1;
	173	OSSL_LIB_CTX *libctx = NULL;
	174	unsigned char *sig = NULL;
	175	size_t sig_len = 0;
	176
	177	if (sign(libctx, &sig, &sig_len) == 0)
	178	goto end;
	179
	180	if (verify(libctx, sig, sig_len) == 0)
	181	goto end;
	182
	183	rv = 0;
	184	end:
	185	OPENSSL_free(sig);
	186	OSSL_LIB_CTX_free(libctx);
	187	return rv;
	188	}

+9

-5

demos/smime/smver.c less more

26	26	/* Set up trusted CA certificate store */
27	27
28	28	st = X509_STORE_new();
	29	if (st == NULL)
	30	goto err;
29	31
30	32	/* Read in signer certificate and private key */
31	33	tbio = BIO_new_file("cacert.pem", "r");
32	34
33		if (!tbio)
	35	if (tbio == NULL)
34	36	goto err;
35	37
36	38	cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
37	39
38		if (!cacert)
	40	if (cacert == NULL)
39	41	goto err;
40	42
41	43	if (!X509_STORE_add_cert(st, cacert))

45	47
46	48	in = BIO_new_file("smout.txt", "r");
47	49
48		if (!in)
	50	if (in == NULL)
49	51	goto err;
50	52
51	53	/* Sign content */
52	54	p7 = SMIME_read_PKCS7(in, &cont);
53	55
54		if (!p7)
	56	if (p7 == NULL)
55	57	goto err;
56	58
57	59	/* File to output verified content to */
58	60	out = BIO_new_file("smver.txt", "w");
59		if (!out)
	61	if (out == NULL)
60	62	goto err;
61	63
62	64	if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) {

73	75	fprintf(stderr, "Error Verifying Data\n");
74	76	ERR_print_errors_fp(stderr);
75	77	}
	78
	79	X509_STORE_free(st);
76	80	PKCS7_free(p7);
77	81	X509_free(cacert);
78	82	BIO_free(in);

+12

-0

doc/build.info less more

2414	2414	GENERATE[html/man3/SSL_get_all_async_fds.html]=man3/SSL_get_all_async_fds.pod
2415	2415	DEPEND[man/man3/SSL_get_all_async_fds.3]=man3/SSL_get_all_async_fds.pod
2416	2416	GENERATE[man/man3/SSL_get_all_async_fds.3]=man3/SSL_get_all_async_fds.pod
	2417	DEPEND[html/man3/SSL_get_certificate.html]=man3/SSL_get_certificate.pod
	2418	GENERATE[html/man3/SSL_get_certificate.html]=man3/SSL_get_certificate.pod
	2419	DEPEND[man/man3/SSL_get_certificate.3]=man3/SSL_get_certificate.pod
	2420	GENERATE[man/man3/SSL_get_certificate.3]=man3/SSL_get_certificate.pod
2417	2421	DEPEND[html/man3/SSL_get_ciphers.html]=man3/SSL_get_ciphers.pod
2418	2422	GENERATE[html/man3/SSL_get_ciphers.html]=man3/SSL_get_ciphers.pod
2419	2423	DEPEND[man/man3/SSL_get_ciphers.3]=man3/SSL_get_ciphers.pod

2546	2550	GENERATE[html/man3/SSL_set_fd.html]=man3/SSL_set_fd.pod
2547	2551	DEPEND[man/man3/SSL_set_fd.3]=man3/SSL_set_fd.pod
2548	2552	GENERATE[man/man3/SSL_set_fd.3]=man3/SSL_set_fd.pod
	2553	DEPEND[html/man3/SSL_set_retry_verify.html]=man3/SSL_set_retry_verify.pod
	2554	GENERATE[html/man3/SSL_set_retry_verify.html]=man3/SSL_set_retry_verify.pod
	2555	DEPEND[man/man3/SSL_set_retry_verify.3]=man3/SSL_set_retry_verify.pod
	2556	GENERATE[man/man3/SSL_set_retry_verify.3]=man3/SSL_set_retry_verify.pod
2549	2557	DEPEND[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod
2550	2558	GENERATE[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod
2551	2559	DEPEND[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod

3322	3330	html/man3/SSL_get0_peer_scts.html \
3323	3331	html/man3/SSL_get_SSL_CTX.html \
3324	3332	html/man3/SSL_get_all_async_fds.html \
	3333	html/man3/SSL_get_certificate.html \
3325	3334	html/man3/SSL_get_ciphers.html \
3326	3335	html/man3/SSL_get_client_random.html \
3327	3336	html/man3/SSL_get_current_cipher.html \

3355	3364	html/man3/SSL_set_bio.html \
3356	3365	html/man3/SSL_set_connect_state.html \
3357	3366	html/man3/SSL_set_fd.html \
	3367	html/man3/SSL_set_retry_verify.html \
3358	3368	html/man3/SSL_set_session.html \
3359	3369	html/man3/SSL_set_shutdown.html \
3360	3370	html/man3/SSL_set_verify_result.html \

3914	3924	man/man3/SSL_get0_peer_scts.3 \
3915	3925	man/man3/SSL_get_SSL_CTX.3 \
3916	3926	man/man3/SSL_get_all_async_fds.3 \
	3927	man/man3/SSL_get_certificate.3 \
3917	3928	man/man3/SSL_get_ciphers.3 \
3918	3929	man/man3/SSL_get_client_random.3 \
3919	3930	man/man3/SSL_get_current_cipher.3 \

3947	3958	man/man3/SSL_set_bio.3 \
3948	3959	man/man3/SSL_set_connect_state.3 \
3949	3960	man/man3/SSL_set_fd.3 \
	3961	man/man3/SSL_set_retry_verify.3 \
3950	3962	man/man3/SSL_set_session.3 \
3951	3963	man/man3/SSL_set_shutdown.3 \
3952	3964	man/man3/SSL_set_verify_result.3 \

+7

-1

doc/internal/man3/OSSL_METHOD_STORE.pod less more

101	101	reference count of the method and the I<method_destruct> function is called
102	102	to decrement it.
103	103
	104	=head1 NOTES
	105
	106	The I<prop_query> argument to ossl_method_store_cache_get() and
	107	ossl_method_store_cache_set() is not allowed to be NULL. Use "" for an
	108	empty property definition or query.
	109
104	110	=head1 RETURN VALUES
105	111
106	112	ossl_method_store_new() returns a new method store object or NULL on failure.

118	124
119	125	=head1 COPYRIGHT
120	126
121		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	127	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
122	128	Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
123	129
124	130	Licensed under the Apache License 2.0 (the "License"). You may not use this

+21

-11

doc/man1/openssl-cmp.pod.in less more

250	250	The source of the private or public key for the certificate requested
251	251	in Initialization Request (IR), Certification Request(CR), or
252	252	Key Update Request (KUR).
253		Default is the public key in the PKCS#10 CSR given with the B<-csr> option,
254		if any, or else the current client key, if given.
	253	Defaults to the public key in the PKCS#10 CSR given with the B<-csr> option,
	254	the public key of the reference certificate, or the current client key.
255	255
256	256	=item B<-newkeypass> I<arg>
257	257

439	439
440	440	=item B<-server> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]>
441	441
442		The IP address or DNS hostname and optionally port
443		of the CMP server to connect to using HTTP(S) transport.
	442	The DNS hostname or IP address and optionally port
	443	of the CMP server to connect to using HTTP(S).
	444	This excludes I<-port> and I<-use_mock_srv> and is ignored with I<-rspin>.
	445
444	446	The scheme C<https> may be given only if the B<-tls_used> option is used.
445	447	In this case the default port is 443, else 80.
446	448	The optional userinfo and fragment components are ignored.

457	459	components.
458	460	Defaults to the environment variable C<http_proxy> if set, else C<HTTP_PROXY>
459	461	in case no TLS is used, otherwise C<https_proxy> if set, else C<HTTPS_PROXY>.
	462	This option is ignored if I<-server> is not given.
460	463
461	464	=item B<-no_proxy> I<addresses>
462	465

464	467	not to use an HTTP(S) proxy for, separated by commas and/or whitespace
465	468	(where in the latter case the whole argument must be enclosed in "...").
466	469	Default is from the environment variable C<no_proxy> if set, else C<NO_PROXY>.
	470	This option is ignored if I<-server> is not given.
467	471
468	472	=item B<-recipient> I<name>
469	473

794	798	=item B<-tls_used>
795	799
796	800	Enable using TLS (even when other TLS_related options are not set)
797		when connecting to CMP server.
	801	when connecting to CMP server via HTTP.
	802	This option is not supported with the I<-port> option
	803	and is ignored with the I<-use_mock_srv> and I<-rspin> options
	804	or if the I<-server> option is not given.
798	805
799	806	=item B<-tls_cert> I<filename>\|I<uri>
800	807

879	886	=item B<-rspin> I<filenames>
880	887
881	888	Process sequence of CMP responses provided in file(s), skipping server.
	889	This excludes I<-server>, I<-port>, and I<-use_mock_srv>.
882	890
883	891	Multiple filenames may be given, separated by commas and/or whitespace.
884	892	As many files are read as needed for the complete transaction.

892	900
893	901	=item B<-use_mock_srv>
894	902
895		Use the internal mock server for testing the client.
896		This works at API level, bypassing HTTP transport.
	903	Test the client using the internal CMP server mock-up at API level,
	904	bypassing socket-based transfer via HTTP.
	905	This excludes I<-server>, I<-port>, and I<-rspin>.
897	906
898	907	=back
899	908

903	912
904	913	=item B<-port> I<number>
905	914
906		Act as CMP HTTP server mock-up listening on the given port.
	915	Act as HTTP-based CMP server mock-up listening on the given port.
	916	This excludes I<-server>, I<-rspin>, and I<-use_mock_srv>.
907	917
908	918	=item B<-max_msgs> I<number>
909	919

1220	1230
1221	1231	=head1 COPYRIGHT
1222	1232
1223		Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
1224
1225		Licensed under the OpenSSL license (the "License"). You may not use
	1233	Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
	1234
	1235	Licensed under the Apache License 2.0 (the "License"). You may not use
1226	1236	this file except in compliance with the License. You can obtain a copy
1227	1237	in the file LICENSE in the source distribution or at
1228	1238	L<https://www.openssl.org/source/license.html>.

+16

-10

doc/man1/openssl-dgst.pod.in less more

8	8
9	9	B<openssl> B<dgst>\|I<digest>
10	10	[B<-I<digest>>]
	11	[B<-list>]
11	12	[B<-help>]
12	13	[B<-c>]
13	14	[B<-d>]
14	15	[B<-debug>]
15		[B<-list>]
16	16	[B<-hex>]
17	17	[B<-binary>]
18	18	[B<-xoflen> I<length>]

46	46	algorithm to be used.
47	47	The default digest is B<sha256>.
48	48	A supported I<digest> name may also be used as the sub-command name.
49		To see the list of supported algorithms, use C<openssl list -digest-commands>
	49	To see the list of supported algorithms, use C<openssl list -digest-algorithms>
50	50
51	51	=head1 OPTIONS
52	52

58	58
59	59	=item B<-I<digest>>
60	60
61		Specifies name of a supported digest to be used. To see the list of
62		supported digests, use the command C<list --digest-commands>.
	61	Specifies name of a supported digest to be used. See option B<-list> below :
	62
	63	=item B<-list>
	64
	65	Prints out a list of supported message digests.
63	66
64	67	=item B<-c>
65	68

69	72	=item B<-d>, B<-debug>
70	73
71	74	Print out BIO debugging information.
72
73		=item B<-list>
74
75		Prints out a list of supported message digests.
76	75
77	76	=item B<-hex>
78	77

205	204	=head1 EXAMPLES
206	205
207	206	To create a hex-encoded message digest of a file:
	207
208	208	openssl dgst -md5 -hex file.txt
	209	or
	210	openssl md5 file.txt
209	211
210	212	To sign a file using SHA-256 with binary file output:
	213
211	214	openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt
	215	or
	216	openssl sha256 -sign privatekey.pem -out signature.sign file.txt
212	217
213	218	To verify a signature:
	219
214	220	openssl dgst -sha256 -verify publickey.pem \
215	221	-signature signature.sign \
216	222	file.txt

220	226
221	227	The digest mechanisms that are available will depend on the options
222	228	used when building OpenSSL.
223		The C<openssl list -digest-commands> command can be used to list them.
	229	The C<openssl list -digest-algorithms> command can be used to list them.
224	230
225	231	New or agile applications should use probably use SHA-256. Other digests,
226	232	particularly SHA-1 and MD5, are still widely used for interoperating

258	264
259	265	=head1 COPYRIGHT
260	266
261		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	267	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
262	268
263	269	Licensed under the Apache License 2.0 (the "License"). You may not use
264	270	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man1/openssl-kdf.pod.in less more

165	165	Use scrypt to create a hex-encoded derived key from a password and salt:
166	166
167	167	openssl kdf -keylen 64 -kdfopt pass:password -kdfopt salt:NaCl \
168		-kdfopt N:1024 -kdfopt r:8 -kdfopt p:16 \
	168	-kdfopt n:1024 -kdfopt r:8 -kdfopt p:16 \
169	169	-kdfopt maxmem_bytes:10485760 SCRYPT
170	170
171	171	=head1 NOTES

194	194
195	195	=head1 COPYRIGHT
196	196
197		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	197	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
198	198
199	199	Licensed under the Apache License 2.0 (the "License"). You may not use
200	200	this file except in compliance with the License. You can obtain a copy

+3

-1

doc/man1/openssl-speed.pod.in less more

100	100	=item B<-bytes> I<num>
101	101
102	102	Run benchmarks on I<num>-byte buffers. Affects ciphers, digests and the CSPRNG.
	103	The limit on the size of the buffer is INT_MAX - 64 bytes, which for a 32-bit
	104	int would be 2147483583 bytes.
103	105
104	106	=item B<-mr>
105	107

133	135
134	136	=head1 COPYRIGHT
135	137
136		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	138	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
137	139
138	140	Licensed under the Apache License 2.0 (the "License"). You may not use
139	141	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man3/BIO_ctrl.pod less more

16	16
17	17	long BIO_ctrl(BIO bp, int cmd, long larg, void parg);
18	18	long BIO_callback_ctrl(BIO b, int cmd, BIO_info_cb cb);
19		char BIO_ptr_ctrl(BIO bp, int cmd, long larg);
	19	void BIO_ptr_ctrl(BIO bp, int cmd, long larg);
20	20	long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
21	21
22	22	int BIO_reset(BIO *b);

145	145
146	146	=head1 COPYRIGHT
147	147
148		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	148	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
149	149
150	150	Licensed under the Apache License 2.0 (the "License"). You may not use
151	151	this file except in compliance with the License. You can obtain a copy

+17

-4

doc/man3/BIO_f_base64.pod less more

20	20
21	21	Base64 BIOs do not support BIO_gets() or BIO_puts().
22	22
	23	For writing, output is by default divided to lines of length 64
	24	characters and there is always a newline at the end of output.
	25
	26	For reading, first line should be at most 1024
	27	characters long. If it is longer then it is ignored completely.
	28	Other input lines can be of any length. There must be a newline
	29	at the end of input.
	30
	31	This behavior can be changed with BIO_FLAGS_BASE64_NO_NL flag.
	32
23	33	BIO_flush() on a base64 BIO that is being written through is
24	34	used to signal that no more data is to be encoded: this is used
25	35	to flush the final block through the BIO.
26	36
27		The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags()
28		to encode the data all on one line or expect the data to be all
29		on one line.
	37	The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags().
	38	For writing, it causes all data to be written on one line without
	39	newline at the end.
	40	For reading, it forces the decoder to process the data regardless
	41	of newlines. All newlines are ignored and the input does not need
	42	to contain any newline at all.
30	43
31	44	=head1 NOTES
32	45

80	93
81	94	=head1 COPYRIGHT
82	95
83		Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
	96	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
84	97
85	98	Licensed under the Apache License 2.0 (the "License"). You may not use
86	99	this file except in compliance with the License. You can obtain a copy

+14

-3

doc/man3/BN_add.pod less more

2	2	=head1 NAME
3	3
4	4	BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add,
5		BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd -
	5	BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_mod_sqrt, BN_exp, BN_mod_exp, BN_gcd -
6	6	arithmetic operations on BIGNUMs
7	7
8	8	=head1 SYNOPSIS

34	34	BN_CTX *ctx);
35	35
36	36	int BN_mod_sqr(BIGNUM r, BIGNUM a, const BIGNUM m, BN_CTX ctx);
	37
	38	BIGNUM BN_mod_sqrt(BIGNUM in, BIGNUM a, const BIGNUM p, BN_CTX *ctx);
37	39
38	40	int BN_exp(BIGNUM r, BIGNUM a, BIGNUM p, BN_CTX ctx);
39	41

86	88	BN_mod_sqr() takes the square of I<a> modulo B<m> and places the
87	89	result in I<r>.
88	90
	91	BN_mod_sqrt() returns the modular square root of I<a> such that
	92	C<in^2 = a (mod p)>. The modulus I<p> must be a
	93	prime, otherwise an error or an incorrect "result" will be returned.
	94	The result is stored into I<in> which can be NULL. The result will be
	95	newly allocated in that case.
	96
89	97	BN_exp() raises I<a> to the I<p>-th power and places the result in I<r>
90	98	(C<r=a^p>). This function is faster than repeated applications of
91	99	BN_mul().

107	115
108	116	=head1 RETURN VALUES
109	117
110		For all functions, 1 is returned for success, 0 on error. The return
	118	The BN_mod_sqrt() returns the result (possibly incorrect if I<p> is
	119	not a prime), or NULL.
	120
	121	For all remaining functions, 1 is returned for success, 0 on error. The return
111	122	value should always be checked (e.g., C<if (!BN_add(r,a,b)) goto err;>).
112	123	The error codes can be obtained by L<ERR_get_error(3)>.
113	124

118	129
119	130	=head1 COPYRIGHT
120	131
121		Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
	132	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
122	133
123	134	Licensed under the Apache License 2.0 (the "License"). You may not use
124	135	this file except in compliance with the License. You can obtain a copy

+1

-0

doc/man3/DEFINE_STACK_OF.pod less more

265	265
266	266	B<sk_I<TYPE>_insert>(), B<sk_I<TYPE>_push>() and B<sk_I<TYPE>_unshift>() return
267	267	the total number of elements in the stack and 0 if an error occurred.
	268	B<sk_I<TYPE>_push>() further returns -1 if I<sk> is NULL.
268	269
269	270	B<sk_I<TYPE>_set>() returns a pointer to the replacement element or NULL on
270	271	error.

+2

-2

doc/man3/ERR_get_error.pod less more

30	30	const char **func,
31	31	const char *data, int flags);
32	32	unsigned long ERR_peek_error_all(const char *file, int line,
33		const char *func,
	33	const char **func,
34	34	const char *data, int flags);
35	35	unsigned long ERR_peek_last_error_all(const char *file, int line,
36	36	const char *func,

131	131
132	132	=head1 COPYRIGHT
133	133
134		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	134	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
135	135
136	136	Licensed under the Apache License 2.0 (the "License"). You may not use
137	137	this file except in compliance with the License. You can obtain a copy

+14

-3

doc/man3/EVP_PKEY_gettable_params.pod less more

36	36	the names and types of key parameters that can be retrieved.
37	37	See L<OSSL_PARAM(3)> for information about parameters.
38	38
	39	An B<OSSL_PARAM> of type B<OSSL_PARAM_INTEGER> or
	40	B<OSSL_PARAM_UNSIGNED_INTEGER> is of arbitrary length. Such a parameter can be
	41	obtained using any of the functions EVP_PKEY_get_int_param(),
	42	EVP_PKEY_get_size_t_param() or EVP_PKEY_get_bn_param(). Attempting to
	43	obtain an integer value that does not fit into a native C B<int> type will cause
	44	EVP_PKEY_get_int_param() to fail. Similarly attempting to obtain an integer
	45	value that is negative or does not fit into a native C B<size_t> type using
	46	EVP_PKEY_get_size_t_param() will also fail.
	47
39	48	EVP_PKEY_get_int_param() retrieves a key I<pkey> integer value I<*out>
40		associated with a name of I<key_name>.
	49	associated with a name of I<key_name> if it fits into C<int> type. For
	50	parameters that do not fit into C<int> use EVP_PKEY_get_bn_param().
41	51
42	52	EVP_PKEY_get_size_t_param() retrieves a key I<pkey> size_t value I<*out>
43		associated with a name of I<key_name>.
	53	associated with a name of I<key_name> if it fits into C<size_t> type. For
	54	parameters that do not fit into C<size_t> use EVP_PKEY_get_bn_param().
44	55
45	56	EVP_PKEY_get_bn_param() retrieves a key I<pkey> BIGNUM value I<**bn>
46	57	associated with a name of I<key_name>. If I<*bn> is NULL then the BIGNUM

114	125
115	126	=head1 COPYRIGHT
116	127
117		Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	128	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
118	129
119	130	Licensed under the Apache License 2.0 (the "License"). You may not use
120	131	this file except in compliance with the License. You can obtain a copy

+2

-1

doc/man3/OBJ_nid2obj.pod less more

100	100	algorithm and the other representing a digest algorithm to be used in
101	101	conjunction with it. I<signid> represents the NID for the composite "Signature
102	102	Algorithm", I<dig_id> is the NID for the digest algorithm and I<pkey_id> is the
103		NID for the underlying signature algorithm.
	103	NID for the underlying signature algorithm. As there are signature algorithms
	104	that do not require a digest, NID_undef is a valid I<dig_id>.
104	105
105	106	OBJ_cleanup() releases any resources allocated by creating new objects.
106	107

+5

-4

doc/man3/OPENSSL_hexchar2int.pod less more

14	14	int OPENSSL_hexstr2buf_ex(unsigned char buf, size_t buf_n, long buflen,
15	15	const char *str, const char sep);
16	16	unsigned char OPENSSL_hexstr2buf(const char str, long *len);
17		int OPENSSL_buf2hexstr_ex(char str, size_t str_n, size_t strlen,
18		const unsigned char *buf, long buflen, const char sep);
	17	int OPENSSL_buf2hexstr_ex(char str, size_t str_n, size_t strlength,
	18	const unsigned char *buf, long buflen,
	19	const char sep);
19	20	char OPENSSL_buf2hexstr(const unsigned char buf, long buflen);
20	21
21	22	=head1 DESCRIPTION

46	47	The character I<sep> is the separator between the bytes, setting this to '\0'
47	48	means that there is no separator.
48	49	I<str_n> gives the size of the of the string buffer.
49		If I<strlen> is not NULL, it is filled in with the result length.
	50	If I<strlength> is not NULL, it is filled in with the result length.
50	51	To find out how large the result will be, call this function with NULL
51	52	for I<str>.
52	53

69	70
70	71	=head1 COPYRIGHT
71	72
72		Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
	73	Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
73	74
74	75	Licensed under the Apache License 2.0 (the "License"). You may not use
75	76	this file except in compliance with the License. You can obtain a copy

+7

-5

doc/man3/OSSL_CMP_CTX_new.pod less more

537	537	alternate names on the certificate template request. This cannot be used if
538	538	any Subject Alternative Name extension is set via
539	539	OSSL_CMP_CTX_set0_reqExtensions().
540		By default, unless OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT has been set,
	540	By default, unless B<OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT> has been set,
541	541	the Subject Alternative Names are copied from the reference certificate,
542	542	see OSSL_CMP_CTX_set1_oldCert().
543	543	If set and the subject DN is not set with OSSL_CMP_CTX_set1_subjectName() then

558	558	OSSL_CMP_CTX_set1_oldCert() sets the old certificate to be updated in
559	559	Key Update Requests (KUR) or to be revoked in Revocation Requests (RR).
560	560	It must be given for RR, else it defaults to the CMP signer certificate.
561		The reference certificate determined in this way, if any, is also used for
562		deriving default subject DN and Subject Alternative Names and the
	561	The I<reference certificate> determined in this way, if any, is also used for
	562	deriving default subject DN, public key, Subject Alternative Names, and the
563	563	default issuer entry in the requested certificate template of IR/CR/KUR.
564	564	The subject of the reference certificate is used as the sender field value
565	565	in CMP message headers.
566	566	Its issuer is used as default recipient in CMP message headers.
567	567
568		OSSL_CMP_CTX_set1_p10CSR() sets the PKCS#10 CSR to be used in P10CR.
	568	OSSL_CMP_CTX_set1_p10CSR() sets the PKCS#10 CSR to use in P10CR messages.
	569	If such a CSR is provided, its subject, public key, and extension fields are
	570	also used as fallback values for the certificate template of IR/CR/KUR messages.
569	571
570	572	OSSL_CMP_CTX_push0_genm_ITAV() adds I<itav> to the stack in the I<ctx> which
571	573	will be the body of a General Message sent with this context.

755	757
756	758	=head1 COPYRIGHT
757	759
758		Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	760	Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
759	761
760	762	Licensed under the Apache License 2.0 (the "License"). You may not use
761	763	this file except in compliance with the License. You can obtain a copy

+34

-6

doc/man3/OSSL_CMP_MSG_get0_header.pod less more

35	35	This requires re-protecting the message (if it was protected).
36	36
37	37	OSSL_CMP_CTX_setup_CRM() creates a CRMF certificate request message
	38	from various information provided in the CMP context argument I<ctx>
38	39	for inclusion in a CMP request message based on details contained in I<ctx>.
39		If the CMP context does not include a subject name set via
40		L<OSSL_CMP_CTX_set1_subjectName(3)> but includes a reference certificate
41		then it copies the subject DN from there
42		if I<for_KUR> is set or the I<ctx> does not include a subjectAltName.
43		The I<rid> defines the request identifier to use, which typically is 0.
	40	The I<rid> argument defines the request identifier to use, which typically is 0.
	41
	42	The subject DN to include in the certificate template is determined as follows.
	43	If I<ctx> includes a subject name set via L<OSSL_CMP_CTX_set1_subjectName(3)>,
	44	this name is used.
	45	Otherwise, if a PKCS#10 CSR is given in I<ctx>, its subject is used.
	46	Otherwise, if a reference certificate is given in I<ctx>
	47	(see L<OSSL_CMP_CTX_set1_oldCert(3)>), its subject is used if I<for_KUR>
	48	is nonzero or the I<ctx> does not include a Subject Alternative Name.
	49
	50	The public key to include is taken from any value set via
	51	L<OSSL_CMP_CTX_set0_newPkey(3)>,
	52	otherwise the public key of any PKCS#10 CSR is given in I<ctx>,
	53	otherwise the public key of any reference certificate given in I<ctx>,
	54	otherwise it is derived from the client private key if given in I<ctx>.
	55
	56	The set of X.509 extensions to include is computed as follows.
	57	If a PKCS#10 CSR is present in I<ctx>, default extensions are taken from there,
	58	otherwise the empty set is taken as the initial value.
	59	If there is a reference certificate in I<ctx> and contains Subject Alternative
	60	Names (SANs) and B<OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT> is not set,
	61	these override any SANs from the PKCS#10 CSR.
	62	The extensions are further augmented or overridden by any extensions with the
	63	same OIDs included in the I<ctx> via L<OSSL_CMP_CTX_set0_reqExtensions(3)>.
	64	The SANs are further overridden by any SANs included in I<ctx> via
	65	L<OSSL_CMP_CTX_push1_subjectAltName(3)>.
	66	Finally, policies are overridden by any policies included in I<ctx> via
	67	L<OSSL_CMP_CTX_push0_policy(3)>.
	68
	69	OSSL_CMP_CTX_setup_CRM() also sets the sets the regToken control B<oldCertID>
	70	for KUR messages using the issuer name and serial number of the reference
	71	certificate, if present.
44	72
45	73	OSSL_CMP_MSG_read() loads a DER-encoded OSSL_CMP_MSG from I<file>.
46	74

82	110
83	111	=head1 COPYRIGHT
84	112
85		Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	113	Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
86	114
87	115	Licensed under the Apache License 2.0 (the "License"). You may not use
88	116	this file except in compliance with the License. You can obtain a copy

+3

-3

doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod less more

88	88	OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey() sets the protocolEncrKey control in
89	89	the given I<msg> copying the given I<pubkey> as value. See RFC 4211 section 6.6.
90	90
91		OSSL_CRMF_MSG_set1_regCtrl_oldCertID() sets the oldCertID control in the given
92		I<msg> copying the given I<cid> as value. See RFC 4211, section 6.5.
	91	OSSL_CRMF_MSG_set1_regCtrl_oldCertID() sets the B<oldCertID> regToken control in
	92	the given I<msg> copying the given I<cid> as value. See RFC 4211, section 6.5.
93	93
94	94	OSSL_CRMF_CERTID_gen produces an OSSL_CRMF_CERTID_gen structure copying the
95	95	given I<issuer> name and I<serial> number.

120	120
121	121	=head1 COPYRIGHT
122	122
123		Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
	123	Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
124	124
125	125	Licensed under the Apache License 2.0 (the "License"). You may not use
126	126	this file except in compliance with the License. You can obtain a copy

+13

-5

doc/man3/OSSL_HTTP_transfer.pod less more

112	112
113	113	Here is a simple example that supports TLS connections (but not via a proxy):
114	114
115		BIO http_tls_cb(BIO hbio, void *arg, int connect, int detail)
	115	BIO http_tls_cb(BIO bio, void *arg, int connect, int detail)
116	116	{
117	117	if (connect && detail) { /* connecting with TLS */
118	118	SSL_CTX ctx = (SSL_CTX )arg;
119	119	BIO *sbio = BIO_new_ssl(ctx, 1);
120	120
121		hbio = sbio != NULL ? BIO_push(sbio, hbio) : NULL;
122		} else if (!connect && !detail) { /* disconnecting after error */
123		/* optionally add diagnostics here */
	121	bio = sbio != NULL ? BIO_push(sbio, bio) : NULL;
	122	} else if (!connect) { /* disconnecting */
	123	BIO *hbio;
	124
	125	if (!detail) { /* an error has occurred */
	126	/* optionally add diagnostics here */
	127	}
	128	BIO_ssl_shutdown(bio);
	129	hbio = BIO_pop(bio);
	130	BIO_free(bio); /* SSL BIO */
	131	bio = hbio;
124	132	}
125		return hbio;
	133	return bio;
126	134	}
127	135
128	136	After disconnect the modified BIO will be deallocated using BIO_free_all().

+21

-33

doc/man3/OpenSSL_version.pod less more

37	37
38	38	const char *OPENSSL_info(int t);
39	39
40		Deprecated:
41
42	40	/* from openssl/opensslv.h */
43	41	#define OPENSSL_VERSION_NUMBER 0xnnnnnnnnL
44	42

79	77	(B<maj>) and minor (B<min>) number or not. It will evaluate to true if the
80	78	header version number (B<OPENSSL_VERSION_MAJOR>.B<OPENSSL_VERSION_MINOR>) is
81	79	greater than or equal to B<maj>.B<min>.
	80
	81	B<OPENSSL_VERSION_NUMBER> is a combination of the major, minor and
	82	patch version into a single integer 0xMNN00PP0L, where:
	83
	84	=over 4
	85
	86	=item M
	87
	88	is the number from B<OPENSSL_VERSION_MAJOR>, in hexadecimal notation
	89
	90	=item NN
	91
	92	is the number from B<OPENSSL_VERSION_MINOR>, in hexadecimal notation
	93
	94	=item PP
	95
	96	is the number from B<OPENSSL_VERSION_PATCH>, in hexadecimal notation
	97
	98	=back
82	99
83	100	=head2 Functions
84	101

197	214
198	215	For an unknown I<t>, NULL is returned.
199	216
200		=head1 BACKWARD COMPATIBILITY
201
202		For compatibility, some older macros and functions are retained or
203		synthesised.
204		They are all considered deprecated.
205
206		=head2 Macros
207
208		B<OPENSSL_VERSION_NUMBER> is a combination of the major, minor and
209		patch version into a single integer 0xMNN00PP0L, where:
210
211		=over 4
212
213		=item M
214
215		is the number from B<OPENSSL_VERSION_MAJOR>, in hexadecimal notation
216
217		=item NN
218
219		is the number from B<OPENSSL_VERSION_MINOR>, in hexadecimal notation
220
221		=item PP
222
223		is the number from B<OPENSSL_VERSION_PATCH>, in hexadecimal notation
224
225		=back
226
227		=head2 Functions
228
229	217	OpenSSL_version_num() returns the value of B<OPENSSL_VERSION_NUMBER>.
230	218
231	219	=head1 RETURN VALUES

247	235	=head1 HISTORY
248	236
249	237	The macros and functions described here were added in OpenSSL 3.0,
250		with the exception of the L</BACKWARD COMPATIBILITY> ones.
	238	except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().
251	239
252	240	=head1 COPYRIGHT
253	241
254		Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	242	Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
255	243
256	244	Licensed under the Apache License 2.0 (the "License"). You may not use
257	245	this file except in compliance with the License. You can obtain a copy

+4

-3

doc/man3/PEM_read_bio_PrivateKey.pod less more

334	334	ignored.
335	335
336	336	If the I<cb> parameters is set to NULL and the I<u> parameter is not
337		NULL then the I<u> parameter is interpreted as a null terminated string
	337	NULL then the I<u> parameter is interpreted as a NUL terminated string
338	338	to use as the passphrase. If both I<cb> and I<u> are NULL then the
339	339	default callback routine is used which will typically prompt for the
340	340	passphrase on the current terminal with echoing turned off.

354	354	arbitrary data to be passed to the callback by the application
355	355	(for example a window handle in a GUI application). The callback
356	356	I<must> return the number of characters in the passphrase or -1 if
357		an error occurred.
	357	an error occurred. The passphrase can be arbitrary data; in the case where it
	358	is a string, it is not NUL terminated. See the L</EXAMPLES> section below.
358	359
359	360	Some implementations may need to use cryptographic algorithms during their
360	361	operation. If this is the case and I<libctx> and I<propq> parameters have been

572	573
573	574	=head1 COPYRIGHT
574	575
575		Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	576	Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
576	577
577	578	Licensed under the Apache License 2.0 (the "License"). You may not use
578	579	this file except in compliance with the License. You can obtain a copy

+5

-3

doc/man3/SSL_CONF_cmd.pod less more

459	459	B<SSL_OP_NO_TICKET>: that is B<-SessionTicket> is the same as setting
460	460	B<SSL_OP_NO_TICKET>.
461	461
462		B<Compression>: SSL/TLS compression support, enabled by default. Inverse
	462	B<Compression>: SSL/TLS compression support, disabled by default. Inverse
463	463	of B<SSL_OP_NO_COMPRESSION>.
464	464
465	465	B<EmptyFragments>: use empty fragments as a countermeasure against a

495	495
496	496	B<UnsafeLegacyServerConnect>: permits the use of unsafe legacy renegotiation
497	497	for OpenSSL clients only. Equivalent to B<SSL_OP_LEGACY_SERVER_CONNECT>.
498		Set by default.
499	498
500	499	B<EncryptThenMac>: use encrypt-then-mac extension, enabled by
501	500	default. Inverse of B<SSL_OP_NO_ENCRYPT_THEN_MAC>: that is,

730	729
731	730	B<AllowNoDHEKEX> and B<PrioritizeChaCha> were added in OpenSSL 1.1.1.
732	731
	732	The B<UnsafeLegacyServerConnect> option is no longer set by default from
	733	OpenSSL 3.0.
	734
733	735	=head1 COPYRIGHT
734	736
735		Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
	737	Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved.
736	738
737	739	Licensed under the Apache License 2.0 (the "License"). You may not use
738	740	this file except in compliance with the License. You can obtain a copy

+13

-10

doc/man3/SSL_CTX_set_cert_verify_callback.pod less more

35	35	In client mode, the behaviour is as follows.
36	36	All values, including 0, are ignored
37	37	if the verification mode is B<SSL_VERIFY_NONE>.
38		Otherwise, when the return value is 0, the handshake will fail.
	38	Otherwise, when the return value is less than or equal to 0, the handshake will
	39	fail.
39	40
40		In client mode I<callback> may also return -1,
41		typically on failure verifying the server certificate.
42		This makes the handshake suspend and return control to the calling application
43		with B<SSL_ERROR_WANT_RETRY_VERIFY>.
44		The app can for instance fetch further certificates or cert status information
45		needed for the verification.
46		Calling L<SSL_connect(3)> again resumes the connection attempt
47		by retrying the server certificate verification step.
	41	In client mode I<callback> may also call the L<SSL_set_retry_verify(3)>
	42	function on the B<SSL> object set in the I<x509_store_ctx> ex data (see
	43	L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>) and return 1. This would be
	44	typically done in case the certificate verification was not yet able
	45	to succeed. This makes the handshake suspend and return control to the
	46	calling application with B<SSL_ERROR_WANT_RETRY_VERIFY>. The app can for
	47	instance fetch further certificates or cert status information needed for
	48	the verification. Calling L<SSL_connect(3)> again resumes the connection
	49	attempt by retrying the server certificate verification step.
48	50	This process may even be repeated if need be.
49	51
50	52	In any case a viable verification result value must be reflected

88	90	L<ssl(7)>, L<SSL_CTX_set_verify(3)>,
89	91	L<X509_STORE_CTX_set_error(3)>,
90	92	L<SSL_get_verify_result(3)>,
	93	L<SSL_set_retry_verify(3)>,
91	94	L<SSL_CTX_load_verify_locations(3)>
92	95
93	96	=head1 COPYRIGHT
94	97
95		Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	98	Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
96	99
97	100	Licensed under the Apache License 2.0 (the "License"). You may not use
98	101	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man3/SSL_CTX_set_tmp_dh_callback.pod less more

10	10
11	11	#include <openssl/ssl.h>
12	12
13		long SSL_CTX_set_dh_auto(SSL *s, int onoff);
	13	long SSL_CTX_set_dh_auto(SSL_CTX *ctx, int onoff);
14	14	long SSL_set_dh_auto(SSL *s, int onoff);
15	15	int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX ctx, EVP_PKEY dhpkey);
16	16	int SSL_set0_tmp_dh_pkey(SSL s, EVP_PKEY dhpkey);

111	111
112	112	=head1 COPYRIGHT
113	113
114		Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	114	Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
115	115
116	116	Licensed under the Apache License 2.0 (the "License"). You may not use
117	117	this file except in compliance with the License. You can obtain a copy

+16

-1

doc/man3/SSL_CTX_set_verify.pod less more

42	42	L<SSL_new(3)>. Within the callback function,
43	43	B<SSL_get_ex_data_X509_STORE_CTX_idx> can be called to get the data index
44	44	of the current SSL object that is doing the verification.
	45
	46	In client mode B<verify_callback> may also call the L<SSL_set_retry_verify(3)>
	47	function on the B<SSL> object set in the I<x509_store_ctx> ex data (see
	48	L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>) and return 1.
	49	This would be typically done in case the certificate verification was not yet
	50	able to succeed.
	51	This makes the handshake suspend and return control to the calling application
	52	with B<SSL_ERROR_WANT_RETRY_VERIFY>.
	53	The application can for instance fetch further certificates or cert status
	54	information needed for the verification.
	55	Note that the handshake may still be aborted if a subsequent invocation of the
	56	callback (e.g. at a lower depth, or for a separate error condition) returns 0.
	57	Calling L<SSL_connect(3)> again resumes the connection attempt by retrying the
	58	server certificate verification step.
	59	This process may even be repeated if need be.
45	60
46	61	SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain
47	62	verification that shall be allowed for B<ctx>.

347	362
348	363	=head1 COPYRIGHT
349	364
350		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	365	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
351	366
352	367	Licensed under the Apache License 2.0 (the "License"). You may not use
353	368	this file except in compliance with the License. You can obtain a copy

+73

-0

doc/man3/SSL_get_certificate.pod less more

	0	=pod
	1
	2	=head1 NAME
	3
	4	SSL_get_certificate, SSL_get_privatekey - retrieve TLS/SSL certificate and
	5	private key
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/ssl.h>
	10
	11	X509 SSL_get_certificate(const SSL s);
	12	EVP_PKEY SSL_get_privatekey(const SSL s);
	13
	14	=head1 DESCRIPTION
	15
	16	SSL_get_certificate() returns a pointer to an B<X509> object representing a
	17	certificate used as the local peer's identity.
	18
	19	Multiple certificates can be configured; for example, a server might have both
	20	RSA and ECDSA certificates. The certificate which is returned by
	21	SSL_get_certificate() is determined as follows:
	22
	23	=over 4
	24
	25	=item
	26
	27	If it is called before certificate selection has occurred, it returns the most
	28	recently added certificate, or NULL if no certificate has been added.
	29
	30	=item
	31
	32	After certificate selection has occurred, it returns the certificate which was
	33	selected during the handshake, or NULL if no certificate was selected (for
	34	example, on a client where no client certificate is in use).
	35
	36	=back
	37
	38	Certificate selection occurs during the handshake; therefore, the value returned
	39	by SSL_get_certificate() during any callback made during the handshake process
	40	will depend on whether that callback is made before or after certificate
	41	selection occurs.
	42
	43	A specific use for SSL_get_certificate() is inside a callback set via a call to
	44	L<SSL_CTX_set_tlsext_status_cb(3)>. This callback occurs after certificate
	45	selection, where it can be used to examine a server's chosen certificate, for
	46	example for the purpose of identifying a certificate's OCSP responder URL so
	47	that an OCSP response can be obtained.
	48
	49	SSL_get_privatekey() returns a pointer to the B<EVP_PKEY> object corresponding
	50	to the certificate returned by SSL_get_certificate(), if any.
	51
	52	=head1 RETURN VALUES
	53
	54	These functions return pointers to their respective objects, or NULL if no such
	55	object is available. Returned objects are owned by the SSL object and should not
	56	be freed by users of these functions.
	57
	58	=head1 SEE ALSO
	59
	60	L<ssl(7)>, L<SSL_CTX_set_tlsext_status_cb(3)>
	61
	62	=head1 COPYRIGHT
	63
	64	Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
	65
	66	Licensed under the Apache License 2.0 (the "License"). You may not use
	67	this file except in compliance with the License. You can obtain a copy
	68	in the file LICENSE in the source distribution or at
	69	L<https://www.openssl.org/source/license.html>.
	70
	71	=cut
	72

+70

-0

doc/man3/SSL_set_retry_verify.pod less more

	0	=pod
	1
	2	=head1 NAME
	3
	4	SSL_set_retry_verify - indicate that certificate verification should be retried
	5
	6	=head1 SYNOPSIS
	7
	8	#include <openssl/ssl.h>
	9
	10	int SSL_set_retry_verify(SSL *ssl);
	11
	12	=head1 DESCRIPTION
	13
	14	SSL_set_retry_verify() should be called from the certificate verification
	15	callback on a client when the application wants to indicate that the handshake
	16	should be suspended and the control should be returned to the application.
	17	L<SSL_want_retry_verify(3)> will return 1 as a consequence until the handshake
	18	is resumed again by the application, retrying the verification step.
	19
	20	Please refer to L<SSL_CTX_set_cert_verify_callback(3)> for further details.
	21
	22	=head1 NOTES
	23
	24	The effect of calling SSL_set_retry_verify() outside of the certificate
	25	verification callback on the client side is undefined.
	26
	27	=head1 RETURN VALUES
	28
	29	SSL_set_retry verify() returns 1 on success, 0 otherwise.
	30
	31	=head1 EXAMPLES
	32
	33	The following code snippet shows how to obtain the B<SSL> object associated
	34	with the B<X509_STORE_CTX> to call the SSL_set_retry_verify() function:
	35
	36	int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
	37	SSL *ssl;
	38
	39	/* this should not happen but check anyway */
	40	if (idx < 0
	41	\|\| (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
	42	return 0;
	43
	44	if (/* we need to retry verification callback */)
	45	return SSL_set_retry_verify(ssl);
	46
	47	/* do normal processing of the verification callback */
	48
	49	=head1 SEE ALSO
	50
	51	L<ssl(7)>, L<SSL_connect(3)>, L<SSL_CTX_set_cert_verify_callback(3)>,
	52	L<SSL_want_retry_verify(3)>
	53
	54	=head1 HISTORY
	55
	56	SSL_set_retry_verify() was added in OpenSSL 3.0.2 to replace backwards
	57	incompatible handling of a negative return value from the verification
	58	callback.
	59
	60	=head1 COPYRIGHT
	61
	62	Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	63
	64	Licensed under the Apache License 2.0 (the "License"). You may not use
	65	this file except in compliance with the License. You can obtain a copy
	66	in the file LICENSE in the source distribution or at
	67	L<https://www.openssl.org/source/license.html>.
	68
	69	=cut

+3

-3

doc/man3/SSL_want.pod less more

69	69
70	70	=item SSL_RETRY_VERIFY
71	71
72		The operation did not complete because an application callback set by
73		SSL_CTX_set_cert_verify_callback() has asked to be called again.
	72	The operation did not complete because a certificate verification callback
	73	has asked to be called again via L<SSL_set_retry_verify(3)>.
74	74	A call to L<SSL_get_error(3)> should return B<SSL_ERROR_WANT_RETRY_VERIFY>.
75	75
76	76	=item SSL_ASYNC_PAUSED

109	109
110	110	=head1 COPYRIGHT
111	111
112		Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	112	Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
113	113
114	114	Licensed under the Apache License 2.0 (the "License"). You may not use
115	115	this file except in compliance with the License. You can obtain a copy

+39

-37

doc/man3/X509V3_get_d2i.pod less more

1	1
2	2	=head1 NAME
3	3
4		X509_get0_extensions, X509_CRL_get0_extensions, X509_REVOKED_get0_extensions,
5	4	X509V3_get_d2i, X509V3_add1_i2d, X509V3_EXT_d2i, X509V3_EXT_i2d,
6		X509_get_ext_d2i, X509_add1_ext_i2d, X509_CRL_get_ext_d2i,
7		X509_CRL_add1_ext_i2d, X509_REVOKED_get_ext_d2i,
8		X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions
	5	X509_get_ext_d2i, X509_add1_ext_i2d,
	6	X509_CRL_get_ext_d2i, X509_CRL_add1_ext_i2d,
	7	X509_REVOKED_get_ext_d2i, X509_REVOKED_add1_ext_i2d,
	8	X509_get0_extensions, X509_CRL_get0_extensions,
	9	X509_REVOKED_get0_extensions - X509 extension decode and encode functions
9	10
10	11	=head1 SYNOPSIS
11	12

37	38
38	39	=head1 DESCRIPTION
39	40
40		X509V3_get_ext_d2i() looks for an extension with OID B<nid> in the extensions
41		B<x> and, if found, decodes it. If B<idx> is B<NULL> then only one
	41	X509V3_get_d2i() looks for an extension with OID I<nid> in the extensions
	42	I<x> and, if found, decodes it. If I<idx> is NULL then only one
42	43	occurrence of an extension is permissible otherwise the first extension after
43		index B<idx> is returned and B<idx> updated to the location of the extension.
44		If B<crit> is not B<NULL> then B<*crit> is set to a status value: -2 if the
45		extension occurs multiple times (this is only returned if B<idx> is B<NULL>),
	44	index I<idx> is returned and I<idx> updated to the location of the extension.
	45	If I<crit> is not NULL then I<*crit> is set to a status value: -2 if the
	46	extension occurs multiple times (this is only returned if I<idx> is NULL),
46	47	-1 if the extension could not be found, 0 if the extension is found and is
47	48	not critical and 1 if critical. A pointer to an extension specific structure
48		or B<NULL> is returned.
49
50		X509V3_add1_i2d() adds extension B<value> to STACK B<*x> (allocating a new
51		STACK if necessary) using OID B<nid> and criticality B<crit> according
52		to B<flags>.
	49	or NULL is returned.
	50
	51	X509V3_add1_i2d() adds extension I<value> to STACK I<*x> (allocating a new
	52	STACK if necessary) using OID I<nid> and criticality I<crit> according
	53	to I<flags>.
53	54
54	55	X509V3_EXT_d2i() attempts to decode the ASN.1 data contained in extension
55		B<ext> and returns a pointer to an extension specific structure or B<NULL>
	56	I<ext> and returns a pointer to an extension specific structure or NULL
56	57	if the extension could not be decoded (invalid syntax or not supported).
57	58
58		X509V3_EXT_i2d() encodes the extension specific structure B<ext>
59		with OID B<ext_nid> and criticality B<crit>.
	59	X509V3_EXT_i2d() encodes the extension specific structure I<ext>
	60	with OID I<ext_nid> and criticality I<crit>.
60	61
61	62	X509_get_ext_d2i() and X509_add1_ext_i2d() operate on the extensions of
62		certificate B<x>, they are otherwise identical to X509V3_get_d2i() and
	63	certificate I<x>, they are otherwise identical to X509V3_get_d2i() and
63	64	X509V3_add_i2d().
64	65
65	66	X509_CRL_get_ext_d2i() and X509_CRL_add1_ext_i2d() operate on the extensions
66		of CRL B<crl>, they are otherwise identical to X509V3_get_d2i() and
	67	of CRL I<crl>, they are otherwise identical to X509V3_get_d2i() and
67	68	X509V3_add_i2d().
68	69
69	70	X509_REVOKED_get_ext_d2i() and X509_REVOKED_add1_ext_i2d() operate on the
70		extensions of B<X509_REVOKED> structure B<r> (i.e for CRL entry extensions),
	71	extensions of B<X509_REVOKED> structure I<r> (i.e for CRL entry extensions),
71	72	they are otherwise identical to X509V3_get_d2i() and X509V3_add_i2d().
72	73
73	74	X509_get0_extensions(), X509_CRL_get0_extensions() and

77	78	=head1 NOTES
78	79
79	80	In almost all cases an extension can occur at most once and multiple
80		occurrences is an error. Therefore, the B<idx> parameter is usually B<NULL>.
81
82		The B<flags> parameter may be one of the following values.
	81	occurrences is an error. Therefore, the I<idx> parameter is usually NULL.
	82
	83	The I<flags> parameter may be one of the following values.
83	84
84	85	B<X509V3_ADD_DEFAULT> appends a new extension only if the extension does
85	86	not already exist. An error is returned if the extension does already

98	99	not already exist. An error B<is not> returned if the extension does already
99	100	exist.
100	101
101		B<X509V3_ADD_DELETE> extension B<nid> is deleted: no new extension is added.
102
103		If B<X509V3_ADD_SILENT> is ored with B<flags>: any error returned will not
	102	B<X509V3_ADD_DELETE> extension I<nid> is deleted: no new extension is added.
	103
	104	If B<X509V3_ADD_SILENT> is ored with I<flags>: any error returned will not
104	105	be added to the error queue.
105	106
106		The function X509V3_get_d2i() will return B<NULL> if the extension is not
	107	The function X509V3_get_d2i() and its variants
	108	will return NULL if the extension is not
107	109	found, occurs multiple times or cannot be decoded. It is possible to
108		determine the precise reason by checking the value of B<*crit>.
	110	determine the precise reason by checking the value of I<*crit>.
109	111
110	112	=head1 SUPPORTED EXTENSIONS
111	113

194	196
195	197	=head1 RETURN VALUES
196	198
197		X509V3_EXT_d2i() and *X509V3_get_d2i() return a pointer to an extension
198		specific structure or B<NULL> if an error occurs.
199
200		X509V3_EXT_i2d() returns a pointer to an B<X509_EXTENSION> structure
201		or B<NULL> if an error occurs.
202
203		X509V3_add1_i2d() returns 1 if the operation is successful and 0 if it
204		fails due to a non-fatal error (extension not found, already exists,
	199	X509V3_get_d2i(), its variants, and X509V3_EXT_d2i() return
	200	a pointer to an extension specific structure or NULL if an error occurs.
	201
	202	X509V3_add1_i2d() and its variants return 1 if the operation is successful
	203	and 0 if it fails due to a non-fatal error (extension not found, already exists,
205	204	cannot be encoded) or -1 due to a fatal error such as a memory allocation
206	205	failure.
	206
	207	X509V3_EXT_i2d() returns a pointer to an B<X509_EXTENSION> structure
	208	or NULL if an error occurs.
207	209
208	210	X509_get0_extensions(), X509_CRL_get0_extensions() and
209	211	X509_REVOKED_get0_extensions() return a stack of extensions. They return

230	232
231	233	=head1 COPYRIGHT
232	234
233		Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
	235	Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
234	236
235	237	Licensed under the Apache License 2.0 (the "License"). You may not use
236	238	this file except in compliance with the License. You can obtain a copy

+69

-2

doc/man3/X509_STORE_CTX_new.pod less more

10	10	X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain,
11	11	X509_STORE_CTX_set_default,
12	12	X509_STORE_CTX_set_verify,
13		X509_STORE_CTX_verify_fn
	13	X509_STORE_CTX_verify_fn,
	14	X509_STORE_CTX_set_purpose,
	15	X509_STORE_CTX_set_trust,
	16	X509_STORE_CTX_purpose_inherit
14	17	- X509_STORE_CTX initialisation
15	18
16	19	=head1 SYNOPSIS

43	46	int X509_STORE_CTX_set_default(X509_STORE_CTX ctx, const char name);
44	47	typedef int (X509_STORE_CTX_verify_fn)(X509_STORE_CTX );
45	48	void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);
	49
	50	int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
	51	int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
	52	int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
	53	int purpose, int trust);
46	54
47	55	=head1 DESCRIPTION
48	56

154	162	This function should receive the current X509_STORE_CTX as a parameter and
155	163	return 1 on success or 0 on failure.
156	164
	165	X509 certificates may contain information about what purposes keys contained
	166	within them can be used for. For example "TLS WWW Server Authentication" or
	167	"Email Protection". This "key usage" information is held internally to the
	168	certificate itself. In addition the trust store containing trusted certificates
	169	can declare what purposes we trust different certificates for. This "trust"
	170	information is not held within the certificate itself but is "meta" information
	171	held alongside it. This "meta" information is associated with the certificate
	172	after it is issued and could be determined by a system administrator. For
	173	example a certificate might declare that it is suitable for use for both
	174	"TLS WWW Server Authentication" and "TLS Client Authentication", but a system
	175	administrator might only trust it for the former. An X.509 certificate extension
	176	exists that can record extended key usage information to supplement the purpose
	177	information described above. This extended mechanism is arbitrarily extensible
	178	and not well suited for a generic library API; applications that need to
	179	validate extended key usage information in certifiates will need to define a
	180	custom "purpose" (see below) or supply a nondefault verification callback
	181	(L<X509_STORE_set_verify_cb_func(3)>).
	182
	183	X509_STORE_CTX_set_purpose() sets the purpose for the target certificate being
	184	verified in the I<ctx>. Built-in available values for the I<purpose> argument
	185	are B<X509_PURPOSE_SSL_CLIENT>, B<X509_PURPOSE_SSL_SERVER>,
	186	B<X509_PURPOSE_NS_SSL_SERVER>, B<X509_PURPOSE_SMIME_SIGN>,
	187	B<X509_PURPOSE_SMIME_ENCRYPT>, B<X509_PURPOSE_CRL_SIGN>, B<X509_PURPOSE_ANY>,
	188	B<X509_PURPOSE_OCSP_HELPER> and B<X509_PURPOSE_TIMESTAMP_SIGN>. It is also
	189	possible to create a custom purpose value. Setting a purpose will ensure that
	190	the key usage declared within certificates in the chain being verified is
	191	consistent with that purpose as well as, potentially, other checks. Every
	192	purpose also has an associated default trust value which will also be set at the
	193	same time. During verification this trust setting will be verified to check it
	194	is consistent with the trust set by the system administrator for certificates in
	195	the chain.
	196
	197	X509_STORE_CTX_set_trust() sets the trust value for the target certificate
	198	being verified in the I<ctx>. Built-in available values for the I<trust>
	199	argument are B<X509_TRUST_COMPAT>, B<X509_TRUST_SSL_CLIENT>,
	200	B<X509_TRUST_SSL_SERVER>, B<X509_TRUST_EMAIL>, B<X509_TRUST_OBJECT_SIGN>,
	201	B<X509_TRUST_OCSP_SIGN>, B<X509_TRUST_OCSP_REQUEST> and B<X509_TRUST_TSA>. It is
	202	also possible to create a custom trust value. Since X509_STORE_CTX_set_purpose()
	203	also sets the trust value it is normally sufficient to only call that function.
	204	If both are called then X509_STORE_CTX_set_trust() should be called after
	205	X509_STORE_CTX_set_purpose() since the trust setting of the last call will be
	206	used.
	207
	208	It should not normally be necessary for end user applications to call
	209	X509_STORE_CTX_purpose_inherit() directly. Typically applications should call
	210	X509_STORE_CTX_set_purpose() or X509_STORE_CTX_set_trust() instead. Using this
	211	function it is possible to set the purpose and trust values for the I<ctx> at
	212	the same time. The I<def_purpose> and I<purpose> arguments can have the same
	213	purpose values as described for X509_STORE_CTX_set_purpose() above. The I<trust>
	214	argument can have the same trust values as described in
	215	X509_STORE_CTX_set_trust() above. Any of the I<def_purpose>, I<purpose> or
	216	I<trust> values may also have the value 0 to indicate that the supplied
	217	parameter should be ignored. After calling this function the purpose to be used
	218	for verification is set from the I<purpose> argument, and the trust is set from
	219	the I<trust> argument. If I<trust> is 0 then the trust value will be set from
	220	the default trust value for I<purpose>. If the default trust value for the
	221	purpose is I<X509_TRUST_DEFAULT> and I<trust> is 0 then the default trust value
	222	associated with the I<def_purpose> value is used for the trust setting instead.
	223
157	224	=head1 NOTES
158	225
159	226	The certificates and CRLs in a store are used internally and should B<not>

201	268
202	269	=head1 COPYRIGHT
203	270
204		Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
	271	Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved.
205	272
206	273	Licensed under the Apache License 2.0 (the "License"). You may not use
207	274	this file except in compliance with the License. You can obtain a copy

+3

-3

doc/man3/X509_VERIFY_PARAM_set_flags.pod less more

248	248	B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
249	249	chain.
250	250
251		B<X509_V_FLAG_IGNORE_CRITICAL> disabled critical extension checking. By default
252		any unhandled critical extensions in certificates or (if checked) CRLs results
	251	B<X509_V_FLAG_IGNORE_CRITICAL> disables critical extension checking. By default
	252	any unhandled critical extensions in certificates or (if checked) CRLs result
253	253	in a fatal error. If this flag is set unhandled critical extensions are
254	254	ignored. B<WARNING> setting this option for anything other than debugging
255	255	purposes can be a security risk. Finer control over which extensions are

400	400
401	401	=head1 COPYRIGHT
402	402
403		Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
	403	Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved.
404	404
405	405	Licensed under the Apache License 2.0 (the "License"). You may not use
406	406	this file except in compliance with the License. You can obtain a copy

+3

-2

doc/man3/X509_check_host.pod less more

61	61	IPv6 address. The B<address> array is in binary format, in network
62	62	byte order. The length is either 4 (IPv4) or 16 (IPv6). Only
63	63	explicitly marked addresses in the certificates are considered; IP
64		addresses stored in DNS names and Common Names are ignored.
	64	addresses stored in DNS names and Common Names are ignored. There are
	65	currently no B<flags> that would affect the behavior of this call.
65	66
66	67	X509_check_ip_asc() is similar, except that the NUL-terminated
67	68	string B<address> is first converted to the internal representation.

152	153
153	154	=head1 COPYRIGHT
154	155
155		Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
	156	Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved.
156	157
157	158	Licensed under the Apache License 2.0 (the "License"). You may not use
158	159	this file except in compliance with the License. You can obtain a copy

+2

-4

doc/man3/X509_verify_cert.pod less more

51	51	incorrectly, such as with no certificate set in I<ctx>, or when it is called
52	52	twice in succession without reinitialising I<ctx> for the second call.
53	53	A negative return value can also happen due to internal resource problems
54		or because an internal inconsistency has been detected
55		or if a retry operation is requested during internal lookups
56		(which never happens with standard lookup methods).
	54	or because an internal inconsistency has been detected.
57	55	Applications must interpret any return value <= 0 as an error.
58	56
59	57	The X509_STORE_CTX_verify() behaves like X509_verify_cert() except that its

90	88
91	89	=head1 COPYRIGHT
92	90
93		Copyright 2009-2021 The OpenSSL Project Authors. All Rights Reserved.
	91	Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved.
94	92
95	93	Licensed under the Apache License 2.0 (the "License"). You may not use
96	94	this file except in compliance with the License. You can obtain a copy

+30

-9

doc/man7/EVP_KEYEXCH-DH.pod less more

14	14
15	15	=item "pad" (B<OSSL_EXCHANGE_PARAM_PAD>) <unsigned integer>
16	16
	17	Sets the padding mode for the associated key exchange ctx.
	18	Setting a value of 1 will turn padding on.
	19	Setting a value of 0 will turn padding off.
	20	If padding is off then the derived shared secret may be smaller than the
	21	largest possible secret size.
	22	If padding is on then the derived shared secret will have its first bytes
	23	filled with zeros where necessary to make the shared secret the same size as
	24	the largest possible secret size.
	25	The padding mode parameter is ignored (and padding implicitly enabled) when
	26	the KDF type is set to "X942KDF-ASN1" (B<OSSL_KDF_NAME_X942KDF_ASN1>).
	27
	28	=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string>
	29
	30	See L<provider-keyexch(7)/Common Key Exchange parameters>.
	31
	32	=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string>
	33
	34	See L<provider-keyexch(7)/Common Key Exchange parameters>.
	35
	36	=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string>
	37
	38	See L<provider-keyexch(7)/Common Key Exchange parameters>.
	39
	40	=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer>
	41
17	42	See L<provider-keyexch(7)/Common Key Exchange parameters>.
18	43
19	44	=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string>
20	45
21		Sets the User Key Material to be used as part of the selected Key Derivation
22		Function associated with the given key exchange ctx.
	46	See L<provider-keyexch(7)/Common Key Exchange parameters>.
23	47
24		=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string ptr>
	48	=item "cekalg" (B<OSSL_KDF_PARAM_CEK_ALG>) <octet string ptr>
25	49
26		Gets a pointer to the User Key Material to be used as part of the selected
27		Key Derivation Function associated with the given key exchange ctx. Providers
28		usually do not need to support this gettable parameter as its sole purpose
29		is to support functionality of the deprecated EVP_PKEY_CTX_get0_dh_kdf_ukm()
30		function.
	50	See L<provider-kdf(7)/KDF Parameters>.
31	51
32	52	=back
33	53

57	77
58	78	To derive a shared secret on the host using the host's key and the peer's public
59	79	key:
	80
60	81	/* It is assumed that the host_key and peer_pub_key are set up */
61	82	void derive_secret(EVP_KEY host_key, EVP_PKEY peer_pub_key)
62	83	{

100	121
101	122	=head1 COPYRIGHT
102	123
103		Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	124	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
104	125
105	126	Licensed under the Apache License 2.0 (the "License"). You may not use
106	127	this file except in compliance with the License. You can obtain a copy

+7

-22

doc/man7/EVP_KEYEXCH-ECDH.pod less more

32	32
33	33	=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string>
34	34
35		Sets or gets the Key Derivation Function type to apply within the associated key
36		exchange ctx.
	35	See L<provider-keyexch(7)/Common Key Exchange parameters>.
37	36
38	37	=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string>
39	38
40		Sets or gets the Digest algorithm to be used as part of the Key Derivation Function
41		associated with the given key exchange ctx.
	39	See L<provider-keyexch(7)/Common Key Exchange parameters>.
42	40
43	41	=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string>
44	42
45		Sets properties to be used upon look up of the implementation for the selected
46		Digest algorithm for the Key Derivation Function associated with the given key
47		exchange ctx.
	43	See L<provider-keyexch(7)/Common Key Exchange parameters>.
48	44
49	45	=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer>
50	46
51		Sets or gets the desired size for the output of the chosen Key Derivation Function
52		associated with the given key exchange ctx.
53		The length of the "kdf-outlen" parameter should not exceed that of a B<size_t>.
	47	See L<provider-keyexch(7)/Common Key Exchange parameters>.
54	48
55	49	=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string>
56	50
57		Sets the User Key Material to be used as part of the selected Key Derivation
58		Function associated with the given key exchange ctx.
59
60		=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string ptr>
61
62		Gets a pointer to the User Key Material to be used as part of the selected
63		Key Derivation Function associated with the given key exchange ctx. Providers
64		usually do not need to support this gettable parameter as its sole purpose
65		is to support functionality of the deprecated EVP_PKEY_CTX_get0_ecdh_kdf_ukm()
66		function.
	51	See L<provider-keyexch(7)/Common Key Exchange parameters>.
67	52
68	53	=back
69	54

87	72	size_t secret_len = out_len;
88	73	unsigned int pad = 1;
89	74	OSSL_PARAM params[6];
90		EVP_PKET_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
	75	EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
91	76
92	77	EVP_PKEY_derive_init(dctx);
93	78

121	106
122	107	=head1 COPYRIGHT
123	108
124		Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	109	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
125	110
126	111	Licensed under the Apache License 2.0 (the "License"). You may not use
127	112	this file except in compliance with the License. You can obtain a copy

+2

-2

doc/man7/EVP_MD-BLAKE2.pod less more

5	5
6	6	=head1 DESCRIPTION
7	7
8		Support for computing SHA2 digests through the B<EVP_MD> API.
	8	Support for computing BLAKE2 digests through the B<EVP_MD> API.
9	9
10	10	=head2 Identities
11	11

35	35
36	36	=head1 COPYRIGHT
37	37
38		Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
	38	Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
39	39
40	40	Licensed under the Apache License 2.0 (the "License"). You may not use
41	41	this file except in compliance with the License. You can obtain a copy

+8

-1

doc/man7/crypto.pod less more

379	379	#include <stdio.h>
380	380	#include <openssl/evp.h>
381	381	#include <openssl/bio.h>
	382	#include <openssl/err.h>
382	383
383	384	int main(void)
384	385	{

389	390	};
390	391	unsigned int len = 0;
391	392	unsigned char *outdigest = NULL;
	393	int ret = 1;
392	394
393	395	/* Create a context for the digest operation */
394	396	ctx = EVP_MD_CTX_new();

429	431	/* Print out the digest result */
430	432	BIO_dump_fp(stdout, outdigest, len);
431	433
	434	ret = 0;
	435
432	436	err:
433	437	/* Clean up all the resources we allocated */
434	438	OPENSSL_free(outdigest);
435	439	EVP_MD_free(sha256);
436	440	EVP_MD_CTX_free(ctx);
	441	if (ret != 0)
	442	ERR_print_errors_fp(stderr);
	443	return ret;
437	444	}
438	445
439	446	=head1 CONFIGURATION

496	503
497	504	=head1 COPYRIGHT
498	505
499		Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	506	Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
500	507
501	508	Licensed under the Apache License 2.0 (the "License"). You may not use
502	509	this file except in compliance with the License. You can obtain a copy

+3

-2

doc/man7/provider-base.pod less more

276	276	rather than a numeric NID. Any name (OID, short name or long name) can be used
277	277	to identify the object. It will treat as success the case where the composite
278	278	signature algorithm already exists (even if registered against a different
279		underlying signature or digest algorithm). It returns 1 on success or 0 on
280		failure.
	279	underlying signature or digest algorithm). For I<digest_name>, NULL or an
	280	empty string is permissible for signature algorithms that do not need a digest
	281	to operate correctly. The function returns 1 on success or 0 on failure.
281	282	This function is not thread safe.
282	283
283	284	CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_free(), CRYPTO_clear_free(),

+35

-11

doc/man7/provider-keyexch.pod less more

169	169
170	170	=over 4
171	171
172		=item "pad" (B<OSSL_EXCHANGE_PARAM_PAD>) <unsigned integer>
173
174		Sets the padding mode for the associated key exchange ctx.
175		Setting a value of 1 will turn padding on.
176		Setting a value of 0 will turn padding off.
177		If padding is off then the derived shared secret may be smaller than the largest
178		possible secret size.
179		If padding is on then the derived shared secret will have its first bytes filled
180		with 0s where necessary to make the shared secret the same size as the largest
181		possible secret size.
	172	=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string>
	173
	174	Sets or gets the Key Derivation Function type to apply within the associated key
	175	exchange ctx.
	176
	177	=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string>
	178
	179	Sets or gets the Digest algorithm to be used as part of the Key Derivation Function
	180	associated with the given key exchange ctx.
	181
	182	=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string>
	183
	184	Sets properties to be used upon look up of the implementation for the selected
	185	Digest algorithm for the Key Derivation Function associated with the given key
	186	exchange ctx.
	187
	188	=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer>
	189
	190	Sets or gets the desired size for the output of the chosen Key Derivation Function
	191	associated with the given key exchange ctx.
	192	The length of the "kdf-outlen" parameter should not exceed that of a B<size_t>.
	193
	194	=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string>
	195
	196	Sets the User Key Material to be used as part of the selected Key Derivation
	197	Function associated with the given key exchange ctx.
	198
	199	=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string ptr>
	200
	201	Gets a pointer to the User Key Material to be used as part of the selected
	202	Key Derivation Function associated with the given key exchange ctx. Providers
	203	usually do not need to support this gettable parameter as its sole purpose
	204	is to support functionality of the deprecated EVP_PKEY_CTX_get0_ecdh_kdf_ukm()
	205	and EVP_PKEY_CTX_get0_dh_kdf_ukm() functions.
182	206
183	207	=back
184	208

204	228
205	229	=head1 COPYRIGHT
206	230
207		Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	231	Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
208	232
209	233	Licensed under the Apache License 2.0 (the "License"). You may not use
210	234	this file except in compliance with the License. You can obtain a copy

+17

-10

fuzz/asn1.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License");
4	4	* you may not use this file except in compliance with the License.

217	217	int len2; \
218	218	BIO *bio = BIO_new(BIO_s_null()); \
219	219	\
220		PRINT(bio, type); \
221		BIO_free(bio); \
	220	if (bio != NULL) { \
	221	PRINT(bio, type); \
	222	BIO_free(bio); \
	223	} \
222	224	len2 = I2D(type, &der); \
223	225	if (len2 != 0) {} \
224	226	OPENSSL_free(der); \

234	236	if (type != NULL) { \
235	237	BIO *bio = BIO_new(BIO_s_null()); \
236	238	\
237		PRINT(bio, type, 0); \
238		BIO_free(bio); \
	239	if (bio != NULL) { \
	240	PRINT(bio, type, 0); \
	241	BIO_free(bio); \
	242	} \
239	243	I2D(type, &der); \
240	244	OPENSSL_free(der); \
241	245	TYPE ## _free(type); \

250	254	if (type != NULL) { \
251	255	BIO *bio = BIO_new(BIO_s_null()); \
252	256	\
253		PRINT(bio, type, 0, pctx); \
254		BIO_free(bio); \
	257	if (bio != NULL) { \
	258	PRINT(bio, type, 0, pctx); \
	259	BIO_free(bio); \
	260	} \
255	261	I2D(type, &der); \
256	262	OPENSSL_free(der); \
257	263	TYPE ## _free(type); \

306	312
307	313	if (o != NULL) {
308	314	BIO *bio = BIO_new(BIO_s_null());
309
310		ASN1_item_print(bio, o, 4, i, pctx);
311		BIO_free(bio);
	315	if (bio != NULL) {
	316	ASN1_item_print(bio, o, 4, i, pctx);
	317	BIO_free(bio);
	318	}
312	319	ASN1_item_i2d(o, &der, i);
313	320	OPENSSL_free(der);
314	321	ASN1_item_free(o, i);

+3

-1

fuzz/fuzz_rand.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License");
4	4	* you may not use this file except in compliance with the License.

145	145	const OSSL_DISPATCH out, void provctx)
146	146	{
147	147	*provctx = OSSL_LIB_CTX_new();
	148	if (*provctx == NULL)
	149	return 0;
148	150	*out = fuzz_rand_method;
149	151	return 1;
150	152	}

+1

-1

fuzz/oids.txt less more

0	0	# WARNING: do not edit!
1	1	# Generated by fuzz/mkfuzzoids.pl
2	2	#
3		# Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	3	# Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
4	4	#
5	5	# Licensed under the Apache License 2.0 (the "License"). You may not use
6	6	# this file except in compliance with the License. You can obtain a copy

+4

-3

include/crypto/dh.h less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

31	31	FFC_PARAMS ossl_dh_get0_params(DH dh);
32	32	int ossl_dh_get0_nid(const DH *dh);
33	33	int ossl_dh_params_fromdata(DH *dh, const OSSL_PARAM params[]);
34		int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[]);
	34	int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private);
35	35	int ossl_dh_params_todata(DH dh, OSSL_PARAM_BLD bld, OSSL_PARAM params[]);
36		int ossl_dh_key_todata(DH dh, OSSL_PARAM_BLD bld, OSSL_PARAM params[]);
	36	int ossl_dh_key_todata(DH dh, OSSL_PARAM_BLD bld, OSSL_PARAM params[],
	37	int include_private);
37	38	DH ossl_dh_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO p8inf,
38	39	OSSL_LIB_CTX libctx, const char propq);
39	40	int ossl_dh_compute_key(unsigned char key, const BIGNUM pub_key, DH *dh);

+5

-4

include/crypto/dsa.h less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

6	6	* https://www.openssl.org/source/license.html
7	7	*/
8	8
9		#ifndef OSSL_CRYPTO_DSAERR_H
10		# define OSSL_CRYPTO_DSAERR_H
	9	#ifndef OSSL_CRYPTO_DSA_H
	10	# define OSSL_CRYPTO_DSA_H
11	11	# pragma once
12	12
13	13	# include <openssl/core.h>

29	29
30	30	FFC_PARAMS ossl_dsa_get0_params(DSA dsa);
31	31	int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]);
32		int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[]);
	32	int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[],
	33	int include_private);
33	34	DSA ossl_dsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO p8inf,
34	35	OSSL_LIB_CTX libctx, const char propq);
35	36

+2

-2

include/crypto/evp.h less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

899	899	int loadconfig, int mirrored);
900	900	char evp_get_global_properties_str(OSSL_LIB_CTX libctx, int loadconfig);
901	901
902		void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force);
	902	void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force, int keep_digest);
903	903
904	904	/* Three possible states: */
905	905	# define EVP_PKEY_STATE_UNKNOWN 0

+2

-2

include/crypto/pem.h less more

0	0	/*
1		* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3		* Licensed under the OpenSSL license (the "License"). You may not use
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy
5	5	* in the file LICENSE in the source distribution or at
6	6	* https://www.openssl.org/source/license.html

+4

-3

include/crypto/rsa.h less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

64	64	int ossl_rsa_is_foreign(const RSA *rsa);
65	65	RSA ossl_rsa_dup(const RSA rsa, int selection);
66	66
67		int ossl_rsa_todata(RSA rsa, OSSL_PARAM_BLD bld, OSSL_PARAM params[]);
68		int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]);
	67	int ossl_rsa_todata(RSA rsa, OSSL_PARAM_BLD bld, OSSL_PARAM params[],
	68	int include_private);
	69	int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private);
69	70	int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
70	71	OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
71	72	int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,

+2

-2

include/internal/bio.h less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

47	47	* BIO_FLAGS_KTLS_TX_CTRL_MSG means we are about to send a ctrl message next.
48	48	* BIO_FLAGS_KTLS_RX means we are using ktls with this BIO for receiving.
49	49	*/
50		# define BIO_FLAGS_KTLS_TX 0x800
51	50	# define BIO_FLAGS_KTLS_TX_CTRL_MSG 0x1000
52	51	# define BIO_FLAGS_KTLS_RX 0x2000
	52	# define BIO_FLAGS_KTLS_TX 0x4000
53	53
54	54	/* KTLS related controls and flags */
55	55	# define BIO_set_ktls_flag(b, is_tx) \

+3

-1

include/internal/sockets.h less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

31	31	# include <sys/un.h>
32	32	# include <tcp.h>
33	33	# include <netdb.h>
	34	# include <arpa/inet.h>
	35	# include <netinet/tcp.h>
34	36	# elif defined(_WIN32_WCE) && _WIN32_WCE<410
35	37	# define getservbyname _masked_declaration_getservbyname
36	38	# endif

+8

-2

include/internal/tsan_assist.h less more

0	0	/*
1		* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

129	129
130	130	#ifndef TSAN_QUALIFIER
131	131
132		# define TSAN_QUALIFIER volatile
	132	# ifdef OPENSSL_THREADS
	133	# define TSAN_QUALIFIER volatile
	134	# define TSAN_REQUIRES_LOCKING
	135	# else /* OPENSSL_THREADS */
	136	# define TSAN_QUALIFIER
	137	# endif /* OPENSSL_THREADS */
	138
133	139	# define tsan_load(ptr) (*(ptr))
134	140	# define tsan_store(ptr, val) (*(ptr) = (val))
135	141	# define tsan_counter(ptr) ((*(ptr))++)

+3

-1

include/openssl/bio.h.in less more

0	0	/*
1	1	* {- join("\n * ", @autowarntext) -}
2	2	*
3		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	3	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
4	4	*
5	5	* Licensed under the Apache License 2.0 (the "License"). You may not use
6	6	* this file except in compliance with the License. You can obtain a copy

207	207	# define BIO_FLAGS_MEM_RDONLY 0x200
208	208	# define BIO_FLAGS_NONCLEAR_RST 0x400
209	209	# define BIO_FLAGS_IN_EOF 0x800
	210
	211	/* the BIO FLAGS values 0x1000 to 0x4000 are reserved for internal KTLS flags */
210	212
211	213	typedef union bio_addr_st BIO_ADDR;
212	214	typedef struct bio_addrinfo_st BIO_ADDRINFO;

+2

-2

include/openssl/crypto.h.in less more

0	0	/*
1	1	* {- join("\n * ", @autowarntext) -}
2	2	*
3		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	3	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
4	4	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5	5	*
6	6	* Licensed under the Apache License 2.0 (the "License"). You may not use

124	124	size_t OPENSSL_strlcpy(char dst, const char src, size_t siz);
125	125	size_t OPENSSL_strlcat(char dst, const char src, size_t siz);
126	126	size_t OPENSSL_strnlen(const char *str, size_t maxlen);
127		int OPENSSL_buf2hexstr_ex(char str, size_t str_n, size_t strlen,
	127	int OPENSSL_buf2hexstr_ex(char str, size_t str_n, size_t strlength,
128	128	const unsigned char *buf, size_t buflen,
129	129	const char sep);
130	130	char OPENSSL_buf2hexstr(const unsigned char buf, long buflen);

+4

-1

include/openssl/ec.h less more

0	0	/*
1		* Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

18	18
19	19	# include <openssl/opensslconf.h>
20	20	# include <openssl/types.h>
	21
	22	# include <string.h>
21	23
22	24	# ifdef __cplusplus
23	25	extern "C" {

1547	1549
1548	1550	# define EVP_EC_gen(curve) \
1549	1551	EVP_PKEY_Q_keygen(NULL, NULL, "EC", (char *)(strstr(curve, "")))
	1552	/* strstr is used to enable type checking for the variadic string arg */
1550	1553	# define ECParameters_dup(x) ASN1_dup_of(EC_KEY, i2d_ECParameters, \
1551	1554	d2i_ECParameters, x)
1552	1555

+2

-1

include/openssl/engine.h less more

0	0	/*
1		* Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

800	800	CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
801	801	fns->mem_fns.realloc_fn, \
802	802	fns->mem_fns.free_fn); \
	803	OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); \
803	804	skip_cbs: \
804	805	if (!fn(e, id)) return 0; \
805	806	return 1; }

+3

-3

include/openssl/evp.h less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

204	204	* don't accidentally reuse the values for other purposes.
205	205	*/
206	206
207		# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
208		* digest in FIPS mode */
	207	/* This flag has no effect from openssl-3.0 onwards */
	208	# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008
209	209
210	210	/*
211	211	* The following PAD options are also currently ignored in 1.0.0, digest

+4

-5

include/openssl/self_test.h less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

72	72	# define OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND "TLS13_KDF_EXPAND"
73	73	# define OSSL_SELF_TEST_DESC_RNG "RNG"
74	74
75		# ifdef __cplusplus
76		}
77		# endif
78
79	75	void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX libctx, OSSL_CALLBACK cb,
80	76	void *cbarg);
81	77	void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX libctx, OSSL_CALLBACK *cb,

89	85	int OSSL_SELF_TEST_oncorrupt_byte(OSSL_SELF_TEST st, unsigned char bytes);
90	86	void OSSL_SELF_TEST_onend(OSSL_SELF_TEST *st, int ret);
91	87
	88	# ifdef __cplusplus
	89	}
	90	# endif
92	91	#endif /* OPENSSL_SELF_TEST_H */

+4

-1

include/openssl/ssl.h.in less more

0	0	/*
1	1	* {- join("\n * ", @autowarntext) -}
2	2	*
3		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	3	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
4	4	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5	5	* Copyright 2005 Nokia. All rights reserved.
6	6	*

1307	1307	# define SSL_CTRL_GET_SIGNATURE_NID 132
1308	1308	# define SSL_CTRL_GET_TMP_KEY 133
1309	1309	# define SSL_CTRL_GET_NEGOTIATED_GROUP 134
	1310	# define SSL_CTRL_SET_RETRY_VERIFY 136
1310	1311	# define SSL_CERT_SET_FIRST 1
1311	1312	# define SSL_CERT_SET_NEXT 2
1312	1313	# define SSL_CERT_SET_SERVER 3

2129	2130	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
2130	2131	# define SSL_set_max_pipelines(ssl,m) \
2131	2132	SSL_ctrl(ssl,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
	2133	# define SSL_set_retry_verify(ssl) \
	2134	(SSL_ctrl(ssl,SSL_CTRL_SET_RETRY_VERIFY,0,NULL) > 0)
2132	2135
2133	2136	void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
2134	2137	void SSL_set_default_read_buffer_len(SSL *s, size_t len);

+9

-0

os-dep/haiku.h less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
0	9	#include <sys/select.h>
1	10	#include <sys/time.h>

+7

-0

providers/common/der/DIGESTS.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	-- -------------------------------------------------------------------
1	8	-- From https://tools.ietf.org/html/rfc4055#section-2.1
2	9

+7

-0

providers/common/der/DSA.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	-- -------------------------------------------------------------------
1	8	-- Taken from RFC 3279, 3 ASN.1 Module
2	9	-- (https://www.rfc-editor.org/rfc/rfc3279.html#section-3)

+7

-0

providers/common/der/EC.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	-- -------------------------------------------------------------------
1	8	-- Taken from RFC 3279, 3 ASN.1 Module
2	9	-- (https://www.rfc-editor.org/rfc/rfc3279.html#section-3)

+6

-0

providers/common/der/ECX.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
0	6
1	7	-- -------------------------------------------------------------------
2	8	-- Taken from RFC 8410, 9 ASN.1 Module

+7

-0

providers/common/der/NIST.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	-- -------------------------------------------------------------------
1	8	-- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
2	9

+7

-0

providers/common/der/RSA.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	-- -------------------------------------------------------------------
1	8	-- Taken from RFC 8017, Appendix C
2	9	-- (https://www.rfc-editor.org/rfc/rfc8017.html#appendix-C)

+7

-0

providers/common/der/SM2.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	oscca OBJECT IDENTIFIER ::= { iso(1) member-body(2) cn(156) 10197 }
1	8
2	9	sm-scheme OBJECT IDENTIFIER ::= { oscca 1 }

+7

-0

providers/common/der/wrap.asn1 less more

	0	-- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	1	--
	2	-- Licensed under the Apache License 2.0 (the "License"). You may not use
	3	-- this file except in compliance with the License. You can obtain a copy
	4	-- in the file LICENSE in the source distribution or at
	5	-- https://www.openssl.org/source/license.html
	6
0	7	-- -------------------------------------------------------------------
1	8	-- Taken from RFC 3370, Section 4.3.1 Triple-DES Key Wrap
2	9	-- (https://tools.ietf.org/html/rfc3370)

+10

-4

providers/fips/self_test_data.inc less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

17	17	{ name, OSSL_PARAM_OCTET_STRING, ITM(data) }
18	18	#define ST_KAT_PARAM_UTF8STRING(name, data) \
19	19	{ name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
20		#define ST_KAT_PARAM_UTF8CHAR(name, data) \
	20	#define ST_KAT_PARAM_UTF8CHAR(name, data) \
21	21	{ name, OSSL_PARAM_UTF8_STRING, ITM(data) }
22	22	#define ST_KAT_PARAM_INT(name, i) \
23	23	{ name, OSSL_PARAM_INTEGER, ITM(i) }

1290	1290	ST_KAT_PARAM_END()
1291	1291	};
1292	1292
	1293	/*-
	1294	* Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
	1295	* ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
	1296	* HP/UX PA-RISC compilers.
	1297	*/
	1298	static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
	1299
1293	1300	static const ST_KAT_PARAM rsa_enc_params[] = {
1294		ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
1295		OSSL_PKEY_RSA_PAD_MODE_NONE),
	1301	ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
1296	1302	ST_KAT_PARAM_END()
1297	1303	};
1298	1304

+43

-43

providers/fips-sources.checksums less more

0	0	0e22ea0cf34ef3871e30df0bc302dc29352d38001d1622ddb78a27a374b6aee8 crypto/aes/aes_cbc.c
1		cfd71afe1588c2c362b77fa7f6cddf77a517c49856df086b01391bbae3f779c4 crypto/aes/aes_core.c
	1	c049a936d74100fcced225f575d46662792a6a0039777d2d4df0cf61eff90a68 crypto/aes/aes_core.c
2	2	3fac41ce96acb9189eac2d5571425c3ff33a34c884ae7e275e1fd3068b5fc662 crypto/aes/aes_ecb.c
3	3	c1e674d08683a25bc053f6233f73a0d0b3a90aafe591ff57b702c7da1582e4a5 crypto/aes/aes_local.h
4	4	a2466f18da5847c7d9fbced17524633c10ce024671a72f53f9c9c55b9b9923dd crypto/aes/aes_misc.c

68	68	3962dfaa0142e67115ab84f7809d46d59bd122758be09a081b08b2e0d4743b2e crypto/bn/bn_asm.c
69	69	3e86e6e5777499703420afade11dd23a7c6912f8eccd08da47308c7aadd7459d crypto/bn/bn_blind.c
70	70	7b761d541e3b7f6a3f2b14a09b2b3836a079a845cf67a54db4853e3fd38277c6 crypto/bn/bn_const.c
71		69b864ae1f230c6c1cbc8f512031a107fcc43651aeceafcb6647b2b222a6f7f8 crypto/bn/bn_conv.c
	71	58b587e20404efa408b31a88ba9c357059ced709bea78c07deb91df7b687db81 crypto/bn/bn_conv.c
72	72	2893b6d03d4850d09c15959941b0759bbb50d8c20e873bed088e7cde4e15a65a crypto/bn/bn_ctx.c
73	73	d94295953ab91469fe2b9da2a542b8ea11ac38551ecde8f8202b7f645c2dea16 crypto/bn/bn_dh.c
74	74	a837ba52750ab30a57b6dd2fd4cf901e18a891a189b089f83add2f5dc8138eb7 crypto/bn/bn_div.c
75	75	160ea2c916774d6a7f8130e0a05cad7c0a954b4726c15017b3df67e3285231f3 crypto/bn/bn_exp.c
76		617d0fd580faf72aa144f9489d6d102e2a1c4953713ac31a2b1feea4fabb2f6c crypto/bn/bn_exp2.c
	76	ec2b6e3af6df473a23e7f1a8522f2554cb0eb5d34e3282458c4a66d242278434 crypto/bn/bn_exp2.c
77	77	b32d83cee8c00d837a7e4fb8af3f5cf17cb8d2419302e8f5fbcf62119092e874 crypto/bn/bn_gcd.c
78	78	4d6cc7ed36978247a191df1eea0120f8ee97b639ba228793dabe5a8355a1a609 crypto/bn/bn_gf2m.c
79	79	081e8a6abc23599307dab3b1a92113a65e0bf8717cbc40c970c7469350bc4581 crypto/bn/bn_intern.c

92	92	9d8c10645db51c3baedf57d5f0f32b67fc7eba223c192bc1ae7d87af40307e59 crypto/bn/bn_rsa_fips186_4.c
93	93	704b0b4723e5c9e9bae5f3e35f9ae8ae8dca3383929e954de9e5169845abfdb2 crypto/bn/bn_shift.c
94	94	622e90766b29e0d25f46474429aebda8eba2246835b9e85dc26da7cdbd49334f crypto/bn/bn_sqr.c
95		8e397a44eefa00ecb85fafc11fe8c883b3bb1572d6ac136373946d472fbe2490 crypto/bn/bn_sqrt.c
	95	42c8ce944c889abcfcf089d0ad2744b7587696d8d7785efa91b3f7ec53dc062a crypto/bn/bn_sqrt.c
96	96	24e62baa56e02f2db6454e10168b7c7fa7638db9221b9acda1803d43f38f36e0 crypto/bn/bn_word.c
97	97	3a85d20f80c4d96b3704e58b173fc876ec81f19eac805ae2b125c138c91c86c4 crypto/bn/rsaz_exp.c
98	98	affabb87861653b216e746d6c2fce5c2ac395b0ca570d439508e9f5e102ee340 crypto/bn/rsaz_exp.h
99		e18b943bfc1623597d6233421c358f3453bb0f026f28ae11cfd3b3c484c0bc4b crypto/bn/rsaz_exp_x2.c
	99	46e6c75a334558586ab3610bbea0e5565273888bf60d891ae7b24251c6688aef crypto/bn/rsaz_exp_x2.c
100	100	834db8ff36006e5cb53e09ca6c44290124bd23692f4341ea6563b66fcade4cea crypto/bsearch.c
101	101	c39334b70e1394e43f378ae8d31b6e6dc125e4d9181e6536d38e649c4eaadb75 crypto/buffer/buffer.c
102	102	23d46ae37a8d9452c0c88418d2cb8350153f8c2c6060234130a2e429da2370e0 crypto/cmac/cmac.c
103		b352903e60908dc7287051983e2068508715b4d9f3f46575540295010908bfa0 crypto/context.c
	103	7f24e4937e0af857e233afbb6a7f25b09b1e5674185242a5cc8f579a45bbf1da crypto/context.c
104	104	83b8912fb01bacfe0b5269c7afa69db7e1718530cce1ed27870abef1407951d6 crypto/core_algorithm.c
105	105	60321d1af7bf9697d969438f6b319fbcb4fdc1a47a0b056d02b971973a8550ca crypto/core_fetch.c
106		4982395fa843f62c83b95f81e1f5622d799a2fe17108bde44cdab935b77e8ae1 crypto/core_namemap.c
	106	7d090f71175f28fdc400455fdbc68340a545556d16cb1f6251ac92ebb63a38c1 crypto/core_namemap.c
107	107	469e2f53b5f76cd487a60d3d4c44c8fc3a6c4d08405597ba664661ba485508d3 crypto/cpuid.c
108	108	71f0fff881eb4c5505fb17662f0ea4bbff24c6858c045a013ad8f786b07da5c4 crypto/cryptlib.c
109	109	a3d146afa1d66cc3bbfdc7c106f262b679bb5aecce54e8dee732ae9b3e3333db crypto/ctype.c

115	115	499513b3ad386fe694c4e04b3c8a9fd4c4e18fc44bb6c4f94d6bf2d9362a3a5a crypto/des/ncbc_enc.c
116	116	61926e30dd940616e80936d1c94c5f522daf0d475fb3a40a9e589e78f322901e crypto/des/set_key.c
117	117	8344811b14d151f6cd40a7bc45c8f4a1106252b119c1d5e6a589a023f39b107d crypto/des/spr.h
118		0209b1ff430e2c237bf96e2e283c24df4b6708014c5a7005b295c28733d2a8ce crypto/dh/dh_backend.c
	118	816472a54c273906d0a2b58650e0b9d28cc2c8023d120f0d77160f1fe34c4ca3 crypto/dh/dh_backend.c
119	119	832e5a1caf9cb0dacfd937fc59252aaac7c5c1bf0ae1a9ebf3c3af6e59dcf4c0 crypto/dh/dh_check.c
120	120	7838e9a35870b0fbcba0aff2f52a2439f64d026e9922bce6e5978c2f22c51120 crypto/dh/dh_gen.c
121	121	70f4cf3485a38cd7d22aa3e965bfe950905f8efec1622e832592a6728498fd78 crypto/dh/dh_group_params.c
122	122	7809cbfd5570db17dcb4bd8f0cf9c5f94337096d39da453d0624c08f071e809f crypto/dh/dh_kdf.c
123		c71b8691416a61c306ea0973ca22570a56d3e9e93618a3eb2fd7b9d9a789ca44 crypto/dh/dh_key.c
	123	0afa7dd237f9b21b0cfb0de10505facd57eb07ded905d888d43a1de2356d4002 crypto/dh/dh_key.c
124	124	b0046b2c4e1d74ff4e93f2486a00f63728909b8a75cbdd29b9100e607f97995c crypto/dh/dh_lib.c
125	125	8300775d88db0a1aa26a77eb49d6c4f7252e7fee69e1440de4c40edadc9da044 crypto/dh/dh_local.h
126		27d0ea795bb7f571ba37b7460eee63608b9089a95337491c0980b91135563e15 crypto/dsa/dsa_backend.c
	126	bbcf4fc3067ac462a27d7277973180b7dc140df9262a686c7fbe4318ca01f7b8 crypto/dsa/dsa_backend.c
127	127	b9c5992089203123c3fae46e39bb4d05e19854087bca7a30ad1f82a3505deec7 crypto/dsa/dsa_check.c
128	128	ae727bf6319eb57e682de35d75ea357921987953b3688365c710e7fba51c7c58 crypto/dsa/dsa_gen.c
129	129	b1de1624e590dbf76f76953802ff162cc8de7c5e2eaba897313c866424d6902b crypto/dsa/dsa_key.c

166	166	8cfd0dcfb5acbf6105691a2d5e2826dba1ff3906707bc9dd6ff9bffcc306468f crypto/ec/ec_cvt.c
167	167	28726bc957ea821639b1023e5bff0e77ced61bae31f96c165e33aadfe0bc5c9a crypto/ec/ec_key.c
168	168	7e40fc646863e0675bbb90f075b809f61bdf0600d8095c8366858d9533ab7700 crypto/ec/ec_kmeth.c
169		2db28a620fa62889c816dca25bb1153c99af2e8604beb3b1655495da96f2c965 crypto/ec/ec_lib.c
	169	074a5345ea71ff3fdfb8e0be360391a7640719f1a8a4eae8580c8f02e57af880 crypto/ec/ec_lib.c
170	170	a8a4690e42b4af60aad822aa8b16196df337906af53ea4db926707f7b596ff27 crypto/ec/ec_local.h
171	171	fa901b996eb0e460359cd470843bdb03af7a77a2f1136c5e1d30daef70f3e4d2 crypto/ec/ec_mult.c
172	172	129c6b42417bfcf582f4a959cfd65433e6f85b158274f4fa38f9c62615ac9166 crypto/ec/ec_oct.c

185	185	22c44f561ab42d1bd7fd3a3c538ebaba375a704f98056b035e7949d73963c580 crypto/ec/ecx_key.c
186	186	28abc295dad8888b5482eb61d31cd78dd80545ecb67dc6f9446a36deb8c40a5e crypto/evp/asymcipher.c
187	187	0e75a058dcbbb62cfe39fec6c4a85385dc1a8fce794e4278ce6cebb29763b82b crypto/evp/dh_support.c
188		e696c10cc2ed2fc5552e659b343af751b9edc3b4dbce1a2108d21e8b10424657 crypto/evp/digest.c
	188	7fca5ec7c5723b799a7d84d5803071b8f495511e1baf89d430e6800a5228cdad crypto/evp/digest.c
189	189	5e2c5d865029ae86855f15e162360d091f28ca0d4c67260700c90aa25faf308b crypto/evp/ec_support.c
190		37b5e0bdb30a24c925a26f818828fd3b4ab4c1725f84797260556c0f47f2b76d crypto/evp/evp_enc.c
191		d8162b57e041e83da55efe6f073d156a00b8d7a3b2fb7782b05295f2c0ea3c14 crypto/evp/evp_fetch.c
	190	2724dc804304135bc874bd305e14b811169a9e4a62176220a0d5e83f152c2546 crypto/evp/evp_enc.c
	191	0cd2765bf33d998f96d6e8193b2bf27293bcc6a37b7bef7dfd6ec54952ad3c8f crypto/evp/evp_fetch.c
192	192	029df8bb80a2fb45c22765234b9041ffce82735108e0b11580fd3fbd805362dd crypto/evp/evp_lib.c
193	193	9ac3d97d756ec008db16dd1952115b551f32b2d0590d9a85e1c87d1c78620257 crypto/evp/evp_local.h
194	194	e822c16fc4dc30f2c86e8598c721a9ddfe46d318ce78f4e8e883cdcf8b936221 crypto/evp/evp_rand.c
195	195	2a128617ec0178e9eeacbe41d75a5530755f41ea524cd124607543cf73456a0c crypto/evp/evp_utils.c
196		5496cf34a1643923ff434e4ae16ee203a626b36685e98201dec30547857847d8 crypto/evp/exchange.c
	196	06442eff7fd25971d247fa3a769c6df56f5eb8cdedbd764cd2daa7e0c7ab3f2f crypto/evp/exchange.c
197	197	a3164e3247e2a38f4f9a20db463779b5260e4e6639ac8eec6e960b265fc8cce5 crypto/evp/kdf_lib.c
198	198	1d72f5506984df1df8606e8c7045f041cf517223e2e1b50c4da8ba8bf1c6c186 crypto/evp/kdf_meth.c
199	199	38715a14f202e7d24602e5cc19d2f78abbd9f5fa3dde8d7b2bfded907690e18f crypto/evp/kem.c
200		787105780e2aa625bfedfbfd7167be16f743883d02a897969695ad8e637298af crypto/evp/keymgmt_lib.c
	200	724d2ac784d6f22cb0a382abc23ac0f2d76f2f6831fcd09e101f6f27d0c3e4ed crypto/evp/keymgmt_lib.c
201	201	3d0a2c5fea0d9bb01a09e1eabc041e3bc76ba4ee90bc0af54ef414e7ca3a531f crypto/evp/keymgmt_meth.c
202	202	e1a052839b8b70dca20dbac1282d61abd1c415bf4fb6afb56b811e8770d8a2e1 crypto/evp/m_sigver.c
203	203	5b8b0bcd4b720b66ce6bc54090ec333891126bb7f6cce4502daf2333668c3db9 crypto/evp/mac_lib.c
204	204	e7e8eb5683cd3fbd409df888020dc353b65ac291361829cc4131d5bc86c9fcb3 crypto/evp/mac_meth.c
205	205	b976077a1f880768f2f0a1c996a53dfdd363605e4977c56fb37e9c1f84f35aa6 crypto/evp/p_lib.c
206	206	3b4228b92eebd04616ecc3ee58684095313dd5ffd1b43cf698a7d6c202cb4622 crypto/evp/pmeth_check.c
207		bbce11755bcc5ba2ee8e9c1eb95905447136f614fdc2b0f74cf785fe81ead6a5 crypto/evp/pmeth_gn.c
	207	1f0e9e94e9b0ad322956521b438b78d44cfcd8eb974e8921d05f9e21ba1c05cf crypto/evp/pmeth_gn.c
208	208	76511fba789089a50ef87774817a5482c33633a76a94ecf7b6e8eb915585575d crypto/evp/pmeth_lib.c
209	209	f3a5cbbccb1078cf1fafd74c4caa9f30827081832fbe6dfa5579b17ef809776c crypto/evp/signature.c
210	210	b06cb8fd4bd95aae1f66e1e145269c82169257f1a60ef0f78f80a3d4c5131fac crypto/ex_data.c
211		00ca3b72cd56308aabb2826b6a400c675526afa7efca052d39c74b2ac6d137d8 crypto/ffc/ffc_backend.c
	211	324feb067d0f8deb4334f3e6518f570114cb388c85b24f9232bd931a64ff0a9e crypto/ffc/ffc_backend.c
212	212	ead786b4f5689ab69d6cca5d49e513e0f90cb558b67e6c5898255f2671f1393d crypto/ffc/ffc_dh.c
213	213	82abf1f9645336b7dff5e3fa153899280ecaa27b3dad50e6a9ba94d871961888 crypto/ffc/ffc_key_generate.c
214	214	084ae8e68a9df5785376bb961a998036336ed13092ffd1c4258b56e6a7e0478b crypto/ffc/ffc_key_validate.c

218	218	0a4fc92e408b0562cf95c480df93a9907a318a2c92356642903a5d50ed04fd88 crypto/hmac/hmac.c
219	219	0395c1b0834f2f4a0ca1756385f4dc1a4ef6fb925b2db3743df7f57256c5166f crypto/hmac/hmac_local.h
220	220	f897493b50f4e9dd4cacb2a7accda6683c10ece602641874cdff1dac7128a751 crypto/initthread.c
221		e82f2213ac9438af20a2b19743c6c790d841acf89429868c9d1770f3f06a597a crypto/lhash/lhash.c
222		95ceca6a32b1d8a2e3a172121e7b3379267867a8c1d2b5cf2c1fbb16d1f8424c crypto/lhash/lhash_local.h
	221	f0782ee92b6ebf5a0e66b970ecfbd9c9c6fc4a35ccd055967fbb402577c234ab crypto/lhash/lhash.c
	222	73d63f91fbaba47649231636c5afdf76d049a46436fde9fbb2e107cf16bb879e crypto/lhash/lhash_local.h
223	223	f866aafae928db1b439ac950dc90744a2397dfe222672fe68b3798396190c8b0 crypto/mem_clr.c
224	224	183bdca6f855182d7d2c78a5c961b34283f85ea69ac828b700605ee82546397d crypto/modes/asm/aes-gcm-armv8_64.pl
225	225	1d686af304f94743038f916125effcb51790c025f3165d8d37b526bbeee781f0 crypto/modes/asm/aesni-gcm-x86_64.pl

242	242	bdf25257b15eca206be4d950d2dd807ca5f058f91f54edbd7a0d312ed83eef8e crypto/modes/ofb128.c
243	243	e55a816c356b2d526bc6e40c8b81afa02576e4d44c7d7b6bbe444fb8b01aad41 crypto/modes/wrap128.c
244	244	608a04f387be2a509b4d4ad414b7015ab833e56b85020e692e193160f36883a2 crypto/modes/xts128.c
245		ca8f63ee71797f51c2bf5629190897306b3308882feb3d64c982239f18e8b738 crypto/o_str.c
	245	ecb4a6f28a0acdb00cb654612e26cd4c825d9f83b15d42cefc1ccd47b00f8eb0 crypto/o_str.c
246	246	7b8d9f5dfe00460df5fbcfd4a5f2f36128020ebd2ced85ff5071b91f98740b2e crypto/packet.c
247	247	cc4483ec9ba7a30908e3a433a6817e2f211d4c1f69c206e6bae24bbd39a68281 crypto/param_build.c
248	248	c2fe815fb3fd5efe9a6544cae55f9469063a0f6fb728361737b927f6182ae0bb crypto/param_build_set.c

250	250	4f2a8c9acf5898fdc1e4bf98813049947221cd9a1db04faaa490250591f54cb4 crypto/params_dup.c
251	251	a0097ff2da8955fe15ba204cb54f3fd48a06f846e2b9826f507b26acf65715c3 crypto/params_from_text.c
252	252	2140778d5f35e503e22b173736e18ff84406f6657463e8ff9e7b91a78aa686d3 crypto/property/defn_cache.c
253		b09bfc2cdde7ab703b54630a67cc8d01ca92af402be246e5a9f82d176abd9442 crypto/property/property.c
	253	9153343b26e5c2c4f6009d37a12d6af85681ed0c7d3f58de2ace44dfd789a59b crypto/property/property.c
254	254	a2c69527b60692a8b07cfdfe7e75f654daa092411d5de5e02b446a4ef3752855 crypto/property/property_local.h
255	255	c3217b73871d93d81ab9f15e9f1fc37ea609bbe4bbc0c1b84ec62a99c91f6756 crypto/property/property_parse.c
256	256	a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c
257	257	065698c8d88a5facc0cbc02a3bd0c642c94687a8c5dd79901c942138b406067d crypto/property/property_string.c
258		c56fb722699e1148dc392bad8069292e6521e7498c8aa9572661af118ff59e16 crypto/provider_core.c
	258	01d2e5be52d94efdff4329281b3609c7fa57162ab6143492c380c96952df1396 crypto/provider_core.c
259	259	d0af10d4091b2032aac1b7db80f8c2e14fa7176592716b25b9437ab6b53c0a89 crypto/provider_local.h
260	260	5ba2e1c74ddcd0453d02e32612299d1eef18eff8493a7606c15d0dc3738ad1d9 crypto/provider_predefined.c
261		5d16318d3a36b06145af74afa3523109768990a33457c81895c7ab8a830654f8 crypto/rand/rand_lib.c
	261	4e6b7d1d8278067c18bcb5e3ac9b7fe7e9b1d0d03bc5a276275483f541d1a12c crypto/rand/rand_lib.c
262	262	fd03b9bb2c23470fa40880ed3bf9847bb17d50592101a78c0ad7a0f121209788 crypto/rand/rand_local.h
263	263	f0c8792a99132e0b9c027cfa7370f45594a115934cdc9e8f23bdd64abecaf7fd crypto/rsa/rsa_acvp_test_params.c
264		8b93871f1f0392704d29028b8c93281be62cf02d0f79f9831bdabcd7a378df5b crypto/rsa/rsa_backend.c
	264	054f8e32eabb218d219a5fa8cb40f6e76bc5a395d03e4f83c5f2b703a5a476b9 crypto/rsa/rsa_backend.c
265	265	38a102cd1da1f6ca5a46e6a22f018237964336274385f5c70cbedcaa6997647e crypto/rsa/rsa_chk.c
266	266	e32cfa04221a2a3ea33f7bcb93ee51b84cbeba97e94c1fbf6e420b24f97fc9ce crypto/rsa/rsa_crpt.c
267	267	21794dcb6bfebcf9a14d4f8aa7fab8f745b595433b388b55f46ba6e615d90f98 crypto/rsa/rsa_gen.c

270	270	cf0b75cd54b61b9b9a290ef18d0ddce9fb26a029a54eb3f720d9b25188440f00 crypto/rsa/rsa_mp_names.c
271	271	5c60f6e05db82e13178d805deb1947b8eee4a905e6e77523d3b288da70a46bb5 crypto/rsa/rsa_none.c
272	272	33de2accc3af530fd0a4758eb83d5e1d994bf49bac4512b01387dbae656e1a7d crypto/rsa/rsa_oaep.c
273		a2fd2e4e31ec53d01a575ccaf03bad5a270412ff66804cf0b5fa40492b89181d crypto/rsa/rsa_ossl.c
	273	1b58825809bb9c5fc9e876d71e5b787b08f034eaee3c30eb20d30a1d889bdbd5 crypto/rsa/rsa_ossl.c
274	274	be3f39c1fcb777d6c0122061f9ef735d10a6bee95d67fcc1ca6ae2a664022d2b crypto/rsa/rsa_pk1.c
275	275	174a42e156be48927fe6d6bf0d95575619b8e643a99761275bff933bc3449722 crypto/rsa/rsa_pss.c
276	276	bf6d300b7e7e9e512a47c5bd1f8713806ae3033a140d83dfae4a16ad58d11170 crypto/rsa/rsa_schemes.c

343	343	e69b2b20fb415e24b970941c84a62b752b5d0175bc68126e467f7cc970495504 include/crypto/cryptlib.h
344	344	5ee1ea30382bef9869f29b6610665ca304f3b9cf3653746a2d02c64b1a24f103 include/crypto/ctype.h
345	345	89693e0a7528a9574e1d2f80644b29e3b895d3684111dd07c18cc5bed28b45b7 include/crypto/des_platform.h
346		830da1513661794e979f7cca2bba1792224e3b3d20d4f10f6f5c6566d9b7e723 include/crypto/dh.h
347		7ddd70f02371c7bd190414369d2bbe7c9c6d2de085dfe1e3eab0c4082f803ca1 include/crypto/dsa.h
	346	daf508bb7ed5783f1c8c622f0c230e179244dd3f584e1223a19ab95930fbcb4f include/crypto/dh.h
	347	20d99c9a740e4d7d67e23fa4ae4c6a39d114e486c66ad41b65d91a8244cd1dea include/crypto/dsa.h
348	348	2ea47c059e84ce9d14cc31f4faf45f64d631de9e2937aa1d7a83de5571c63574 include/crypto/ec.h
349	349	edbfae8720502a4708983b60eac72aa04f031059f197ada31627cb5e72812858 include/crypto/ecx.h
350		782ea27154525789cd49afd36a8056457dfab4ea662481b502363cc0a55ed34e include/crypto/evp.h
	350	cca363846ac7ef1f6196e5ac858d03bf78545af2de4f83a0150575c037813e4b include/crypto/evp.h
351	351	bbe5e52d84e65449a13e42cd2d6adce59b8ed6e73d6950917aa77dc1f3f5dff6 include/crypto/lhash.h
352	352	162812058c69f65a824906193057cd3edeabc22f51a4220aea7cb9064379a9b6 include/crypto/md32_common.h
353	353	f12bfc145290444bcc7bf408874bded348e742443c145b8b5bc70ae558d96c31 include/crypto/modes.h
354	354	0e4472433ca4008aa4fc9234761be70f323a22a4519bb9d62728dc001d606f04 include/crypto/rand.h
355	355	90930fc8788d6e04e57829346e0405293ac7a678c3cef23d0692c742e9586d09 include/crypto/rand_pool.h
356		bd5ce686c97a8a3a0e3d7ca1e4f16706fd51df5da9673169303a4428d62da233 include/crypto/rsa.h
	356	306abf9d327a9e63fff2cdef730275abc4d2781254a032b1f370f3428eb5a2ef include/crypto/rsa.h
357	357	32f0149ab1d82fddbdfbbc44e3078b4a4cc6936d35187e0f8d02cc0bc19f2401 include/crypto/security_bits.h
358	358	0f743762f646656b5480648c05632575fe8acc7506460c63e0fcdf42cf20c08a include/crypto/sha.h
359	359	7676b02824b2d68df6bddeb251e9b8a8fa2e35a95dad9a7ebeca53f9ab8d2dad include/crypto/sparse_array.h
360	360	5bfeea62d21b7cb43d9a819c5cd2800f02ea019687a8331abf313d615889ad37 include/crypto/types.h
361		a1778b610a244f49317a09e1e6c78b5fb68bc6d003ffdea0f6eefe5733ee5b5f include/internal/bio.h
	361	782a83d4e489fd865e2768a20bfa31e78c2071fd0ceeb9eb077276ae2bcc6590 include/internal/bio.h
362	362	92aacb3e49288f91b44f97e41933e88fe455706e1dd21a365683c2ab545db131 include/internal/constant_time.h
363	363	71ddae419297069056065ab71f32fe88b09ddbe4db2200a759fedd8ad4349628 include/internal/core.h
364	364	d7ddeab97434a21cb2cad1935a3cb130f6cd0b3c75322463d431c5eab3ab1ae1 include/internal/cryptlib.h

382	382	24f41a1985fa305833c3f58030c494d2563d15fc922cdf3eeb6a7ea8c135a880 include/internal/symhacks.h
383	383	640cc6a2aae208073a7f495c08b4c5006a69e8ac1c2d9aaaafd56b0e74d5f859 include/internal/thread_once.h
384	384	415b725d7f949a6191ab7bb30b48931bafc01c7aa93607e529fabbc853a4ddc5 include/internal/tlsgroups.h
385		b24938409313384024524cbde837690d83119bcb70fb289b38cb7efa8e082852 include/internal/tsan_assist.h
	385	fc0f9199487ef278b9fd317d1572db3e3fb95e182055f0e49c4d8faf78ed7dd2 include/internal/tsan_assist.h
386	386	2b38fb6e65d549aca3b2c76907daf67124f395251c0261dec26faa54da8d6d73 include/openssl/aes.h
387	387	98aa2fc5eae9ef2a36d3d0053212696d58893baa083fa1fcf720660fb4bc0a9f include/openssl/asn1.h.in
388	388	d4733dcd490b3a2554eaf859d1ea964fe76f7d24f78e42be1094bdad6dee7429 include/openssl/asn1err.h

401	401	df5e60af861665675e4a00d40d15e36884f940e3379c7b45c9f717eaf1942697 include/openssl/core.h
402	402	00110e80b9b4f621c604ea99f05e7a75d3db4721fc2779224e6fa7e52f06e345 include/openssl/core_dispatch.h
403	403	cbd9d7855ca3ba4240207fc025c22bbfef7411116446ff63511e336a0559bed0 include/openssl/core_names.h
404		d165f5c61bfe17ba366a3ba94afb30d3c8ce6b21e9cff59a15f3622f2654ae49 include/openssl/crypto.h.in
	404	8880892256a4d2dd7a9be91f23518f71e5037dbd377cd41bdb4c1f3cb3c7ee2d include/openssl/crypto.h.in
405	405	1d1697bd3e35920ff9eaec23c29472d727a7fc4d108150957f41f6f5ecf80f1a include/openssl/cryptoerr.h
406	406	bbc82260cbcadd406091f39b9e3b5ea63146d9a4822623ead16fa12c43ab9fc6 include/openssl/cryptoerr_legacy.h
407	407	fa3e6b6c2e6222424b9cd7005e3c5499a2334c831cd5d6a29256ce945be8cb1d include/openssl/des.h

411	411	335eb40a33cd1e95e7783bda2d031ec2bcf02cff8aa804ba3484d1354452b7ea include/openssl/dsaerr.h
412	412	41bf49e64e1c341a8c17778147ddeba35e88dfd7ff131db6210e801ef25a8fd5 include/openssl/e_os2.h
413	413	bc9ec2be442a4f49980ba2c63c8f0da701de1f6e23d7db35d781658f833dd7b9 include/openssl/ebcdic.h
414		0ad64e592528898c84f2a16e2a03749774b908b3a9944a7f9aa54b1f95094dfb include/openssl/ec.h
	414	33b6321d1c6b7b1621198346946401bb81472054aa236b03c6f22f247248d2ad include/openssl/ec.h
415	415	cbbf74efc7fdb020f06840c856ad7fe97553944f4cc3c197fbb004de38158048 include/openssl/ecerr.h
416	416	61c76ee3f12ed0e42503a56421ca00f1cb9a0f4caa5f9c4421c374bcd45917d7 include/openssl/encoder.h
417	417	69dd983f45b8ccd551f084796519446552963a18c52b70470d978b597c81b2dc include/openssl/encodererr.h

440	440	c1015b77c444a3816d2ea7ad770f1c3b79a1e54887930af6dd662895701f3323 include/openssl/rsa.h
441	441	2f339ba2f22b8faa406692289a6e51fdbbb04b03f85cf3ca849835e58211ad23 include/openssl/rsaerr.h
442	442	6586f2187991731835353de0ffad0b6b57609b495e53d0f32644491ece629eb2 include/openssl/safestack.h.in
443		2702c0c5b8df31f764aa97d44c8a2b00b4b91c3482fd8ca5e1c5c91dfc61dc58 include/openssl/self_test.h
	443	af5cc56fb31161ccd87cf925f3d3f22119dfbca78bc39a2e2d65d78bfcf0f0c6 include/openssl/self_test.h
444	444	2964274ab32b1ba8578a06b06663db2eda4317ae806369271d889176bb5a7d04 include/openssl/sha.h
445	445	c169a015d7be52b7b99dd41c418a48d97e52ad21687c39c512a83a7c3f3ddb70 include/openssl/stack.h
446	446	22d7584ad609e30e818b54dca1dfae8dea38913fffedd25cd540c550372fb9a6 include/openssl/symhacks.h

484	484	a4dc9bf2d77e34175737b7b8d28fbe90815ac0e2904e3ac2d9e2a271f345ef20 providers/fips/fipsprov.c
485	485	fdbaf748044ce54f13e673b92db876e32436e4d5644f443cc43d063112a89676 providers/fips/self_test.c
486	486	f822a03138e8b83ccaa910b89d72f31691da6778bf6638181f993ec7ae1167e3 providers/fips/self_test.h
487		7a23cc81ca7542325634891d1982c70e68a27914b088a51ca60249d54031bfc2 providers/fips/self_test_data.inc
	487	5b3379a3d382c4dad37841dbd58b77ed5ff712b0a37c485771b828fa9b39c351 providers/fips/self_test_data.inc
488	488	2f4f23ebc2c7ed5ef71c98ca71f06b639112a1dea04784c46af58083482c150f providers/fips/self_test_kats.c
489	489	f054b24ea53ad5db41dd7f37f20f42166ed68b832121a94858cb0173b1aaeb1d providers/implementations/asymciphers/rsa_enc.c
490	490	4db1826ecce8b60cb641bcd7a61430ec8cef73d2fe3cbc06aa33526afe1c954a providers/implementations/ciphers/cipher_aes.c

514	514	f358c4121a8a223e2c6cf009fd28b8a195520279016462890214e8858880f632 providers/implementations/ciphers/cipher_aes_xts_hw.c
515	515	f2e7404005e0602c4cc90b49b7af7453aa5b8644720ca1028d93e78bc28a7c09 providers/implementations/ciphers/cipher_cts.c
516	516	74640ce402acc704af72e055fb7f27e6aa8efd417babc56f710478e571d8631c providers/implementations/ciphers/cipher_cts.h
517		06d8f86ec724075e7f72dabfb675b5c85a93c01997e4142fbaa8482e617f4ae5 providers/implementations/ciphers/cipher_tdes.c
	517	fcc3bb0637864252402aaa9d543209909df9a39611127f777b168bc888498dc0 providers/implementations/ciphers/cipher_tdes.c
518	518	77709f7fc3f7c08986cd4f0ebf2ef6e44bacb975c1483ef444b3cf5e5071f9d6 providers/implementations/ciphers/cipher_tdes.h
519	519	9e07260067083c76d26eb0dd8a8bb4a8dac678812644ff88951a0661be70d9fd providers/implementations/ciphers/cipher_tdes_common.c
520	520	50645122f08ef4891cd96cace833bd550be7f5278ab785515fd61fe8993c8c25 providers/implementations/ciphers/cipher_tdes_hw.c

529	529	39b47b6ef9d71852964c26e07ef0e9b23f04c7493b1b16ba7c3dba7074b6b70d providers/implementations/digests/digestcommon.c
530	530	80551b53302d95faea257df3edbdbd02d48427ce42da2c4335f998456400d057 providers/implementations/digests/sha2_prov.c
531	531	de342d04be6af69037922d5c97bdc40c0c27f6740636e72786a765d0d8ad9173 providers/implementations/digests/sha3_prov.c
532		007d431b3cdb53374c5f5aaef2fcb557e213c23f26e55ebdd32b53527f3f4826 providers/implementations/exchange/dh_exch.c
	532	b5f94d597df72ca58486c59b2a70b4057d13f09528f861ed41a84b7125b54a82 providers/implementations/exchange/dh_exch.c
533	533	9c46dc0d859875fcc0bc3d61a7b610cd3520b1bf63718775c1124f54a1fe5f24 providers/implementations/exchange/ecdh_exch.c
534	534	9bf87b8429398a6465c7e9f749a33b84974303a458736b56f3359b30726d3969 providers/implementations/exchange/ecx_exch.c
535	535	06ba83a8a8235bcdbda56f82b017cb19361469fe47c23cc6218a7e9b88ae6513 providers/implementations/exchange/kdf_exch.c

553	553	3c46ec0e14be09a133d709c3a1c3d5ab05a4f1ed5385c3e7a1afb2f0ee47ef7a providers/implementations/kdfs/tls1_prf.c
554	554	27bb6ee5e2d00c545635c0c29402b10e74a1831adbc9800c159cbe04f2bfa2f7 providers/implementations/kdfs/x942kdf.c
555	555	f419a9f6b17cfba1543a3690326188ac8335db66807c58de211a3d69e18f7d4d providers/implementations/kem/rsa_kem.c
556		6878218c16d5c9c308a414af67790e11912ced638ba9e64668912ec98ca20d9d providers/implementations/keymgmt/dh_kmgmt.c
557		4f9e8263d529f619766be73a11223b8a3dfaf46b506c17b44d8a1cd9d2eaee54 providers/implementations/keymgmt/dsa_kmgmt.c
	556	7628cfd7c88f37faa557c671a78ff56266691d64075104a514a28cb6fb9a6816 providers/implementations/keymgmt/dh_kmgmt.c
	557	68d5cad49334ad0ee6948329b3784bb43eede84c3bc59ff22cbbe7aed9292672 providers/implementations/keymgmt/dsa_kmgmt.c
558	558	3e2798d299d6571c973fc75468e2ac025b7c893ae2f15f14e057430325622a69 providers/implementations/keymgmt/ec_kmgmt.c
559	559	258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251 providers/implementations/keymgmt/ec_kmgmt_imexport.inc
560		085e1cf54941fa1c1e423b4a75b820945a1c05d1c347d4910d9a772b8c9d9f3a providers/implementations/keymgmt/ecx_kmgmt.c
	560	8871260c1b05832efa8363e5546210004da1683fee74da6c749ebba802b40f2b providers/implementations/keymgmt/ecx_kmgmt.c
561	561	053a2be39a87f50b877ebdbbf799cf5faf8b2de33b04311d819d212ee1ea329b providers/implementations/keymgmt/kdf_legacy_kmgmt.c
562	562	260c560930c5aca61225a40ed49dfbb905f2b1fa50728d1388e946358f9d5e18 providers/implementations/keymgmt/mac_legacy_kmgmt.c
563		9c16e76419aeb422d189ff7c5bf9a07f37abb54043dd47e48d450d68329de933 providers/implementations/keymgmt/rsa_kmgmt.c
	563	d469be20a6d1a3744c1a2d5c26cb3b8ff6339a2242d4ef6e5ed9531551f717c1 providers/implementations/keymgmt/rsa_kmgmt.c
564	564	79da66d4b696388d7eab6b2126bccc88908915813d79c4305b8b4d545a500469 providers/implementations/macs/cmac_prov.c
565	565	41464d1e640434bb3ff9998f093829d5e2c1963d68033dca7d31e5ab75365fb1 providers/implementations/macs/gmac_prov.c
566	566	282c1065f18c87073529ed1bdc2c0b3a1967701728084de6632ddc72c671d209 providers/implementations/macs/hmac_prov.c
567	567	aa7ba1d39ea4e3347294eb50b4dfcb895ef1a22bd6117d3b076a74e9ff11c242 providers/implementations/macs/kmac_prov.c
568	568	bf30274dd6b528ae913984775bd8f29c6c48c0ef06d464d0f738217727b7aa5c providers/implementations/rands/crngt.c
569		f8d24c882fda71c117a00bf4e6c7ffb6b88946c16a816249a5a7499dbdff712d providers/implementations/rands/drbg.c
	569	c7236e6e2e8adce14f8206da0ceef63c7974d4ba1a7dd71b94fa100cac6b46ba providers/implementations/rands/drbg.c
570	570	b1e7a0b2610aaab5800af7ede0df13a184f4a321a4084652cdb509357c55783b providers/implementations/rands/drbg_ctr.c
571	571	a05adc3f6d9d6f948e5ead75f0522ed3164cb5b2d301169242f3cb97c4a7fac3 providers/implementations/rands/drbg_hash.c
572	572	0876dfae991028c569631938946e458e6829cacf4cfb673d2b144ae50a3160bb providers/implementations/rands/drbg_hmac.c

+1

-1

providers/fips.checksum less more

0		a59d74b7f6b55bd9d58d55876562fdd00d28dbb3c942ae80ccea859da4624f1d providers/fips-sources.checksums
	0	0223646a9f0ba5ca3bd4dc320fe5a647c8b4d48cc1e273b09acceeabc035c19e providers/fips-sources.checksums

+2

-6

providers/implementations/ciphers/cipher_tdes.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

18	18	#include "cipher_tdes.h"
19	19	#include "prov/implementations.h"
20	20
21		/*
22		* NOTE: ECB mode does not use an IV - but existing test code is setting
23		* an IV. Fixing this could potentially make applications break.
24		*/
25	21	/* ossl_tdes_ede3_ecb_functions */
26		IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 64, block);
	22	IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 0, block);
27	23	/* ossl_tdes_ede3_cbc_functions */
28	24	IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block);

+2

-2

providers/implementations/ciphers/cipher_tdes_default.c less more

0	0	/*
1		* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

25	25	IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64*3, 8, 64, stream);
26	26
27	27	/* ossl_tdes_ede2_ecb_functions */
28		IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 64, block);
	28	IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 0, block);
29	29	/* ossl_tdes_ede2_cbc_functions */
30	30	IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64*2, 64, 64, block);
31	31	/* ossl_tdes_ede2_ofb_functions */

+21

-8

providers/implementations/encode_decode/decode_der2key.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

203	203	if (!ok)
204	204	goto next;
205	205
206		ok = 0; /* Assume that we fail */
207
	206	ok = 0; /* Assume that we fail */
	207
	208	ERR_set_mark();
208	209	if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
209	210	derp = der;
210	211	if (ctx->desc->d2i_PKCS8 != NULL) {
211	212	key = ctx->desc->d2i_PKCS8(NULL, &derp, der_len, ctx);
212		if (ctx->flag_fatal)
	213	if (ctx->flag_fatal) {
	214	ERR_clear_last_mark();
213	215	goto end;
	216	}
214	217	} else if (ctx->desc->d2i_private_key != NULL) {
215	218	key = ctx->desc->d2i_private_key(NULL, &derp, der_len);
216	219	}
217		if (key == NULL && ctx->selection != 0)
	220	if (key == NULL && ctx->selection != 0) {
	221	ERR_clear_last_mark();
218	222	goto next;
	223	}
219	224	}
220	225	if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
221	226	derp = der;

223	228	key = ctx->desc->d2i_PUBKEY(NULL, &derp, der_len);
224	229	else
225	230	key = ctx->desc->d2i_public_key(NULL, &derp, der_len);
226		if (key == NULL && ctx->selection != 0)
	231	if (key == NULL && ctx->selection != 0) {
	232	ERR_clear_last_mark();
227	233	goto next;
	234	}
228	235	}
229	236	if (key == NULL && (selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) {
230	237	derp = der;
231	238	if (ctx->desc->d2i_key_params != NULL)
232	239	key = ctx->desc->d2i_key_params(NULL, &derp, der_len);
233		if (key == NULL && ctx->selection != 0)
	240	if (key == NULL && ctx->selection != 0) {
	241	ERR_clear_last_mark();
234	242	goto next;
235		}
	243	}
	244	}
	245	if (key == NULL)
	246	ERR_clear_last_mark();
	247	else
	248	ERR_pop_to_mark();
236	249
237	250	/*
238	251	* Last minute check to see if this was the correct type of key. This

+6

-2

providers/implementations/encode_decode/decode_epki2pki.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

67	67	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
68	68	const X509_ALGOR *alg = NULL;
69	69	BIO *in = ossl_bio_new_from_core_bio(ctx->provctx, cin);
70		int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
	70	int ok = 0;
71	71
	72	if (in == NULL)
	73	return 0;
	74
	75	ok = (asn1_d2i_read_bio(in, &mem) >= 0);
72	76	BIO_free(in);
73	77
74	78	/* We return "empty handed". This is not an error. */

+4

-1

providers/implementations/encode_decode/decode_msblob2key.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

91	91	int ispub = -1;
92	92	void *key = NULL;
93	93	int ok = 0;
	94
	95	if (in == NULL)
	96	return 0;
94	97
95	98	if (BIO_read(in, hdr_buf, 16) != 16) {
96	99	ERR_raise(ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT);

+6

-2

providers/implementations/encode_decode/decode_pem2der.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

32	32	unsigned char *data, long len)
33	33	{
34	34	BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
35		int ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0);
	35	int ok;
	36
	37	if (in == NULL)
	38	return 0;
	39	ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0);
36	40
37	41	BIO_free(in);
38	42	return ok;

+4

-1

providers/implementations/encode_decode/decode_pvk2key.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

86	86	BIO *in = ossl_bio_new_from_core_bio(ctx->provctx, cin);
87	87	void *key = NULL;
88	88	int ok = 0;
	89
	90	if (in == NULL)
	91	return 0;
89	92
90	93	ctx->selection = selection;
91	94

+6

-2

providers/implementations/encode_decode/encode_key2blob.c less more

0	0	/*
1		* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

29	29	void *data, int len)
30	30	{
31	31	BIO *out = ossl_bio_new_from_core_bio(provctx, cout);
32		int ret = BIO_write(out, data, len);
	32	int ret;
	33
	34	if (out == NULL)
	35	return 0;
	36	ret = BIO_write(out, data, len);
33	37
34	38	BIO_free(out);
35	39	return ret;

+9

-5

providers/implementations/encode_decode/encode_key2ms.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

38	38	EVP_PKEY *pkey, int ispub)
39	39	{
40	40	BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
41		int ret =
42		ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey);
	41	int ret;
	42
	43	if (out == NULL)
	44	return 0;
	45	ret = ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey);
43	46
44	47	BIO_free(out);
45	48	return ret;

49	52	EVP_PKEY *pkey)
50	53	{
51	54	BIO *out = NULL;
52		int ret = 0;
	55	int ret;
53	56	OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
54	57
55	58	out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
	59	if (out == NULL)
	60	return 0;
56	61	ret = i2b_PVK_bio_ex(out, pkey, ctx->pvk_encr_level,
57	62	ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL);
58	63	BIO_free(out);
59
60	64	return ret;
61	65	}
62	66

+4

-1

providers/implementations/encode_decode/encode_key2text.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

79	79	}
80	80
81	81	hex_str = BN_bn2hex(bn);
	82	if (hex_str == NULL)
	83	return 0;
	84
82	85	p = hex_str;
83	86	if (*p == '-') {
84	87	++p;

+5

-2

providers/implementations/encode_decode/endecoder_common.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

88	88	{
89	89	BUF_MEM *mem = NULL;
90	90	BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
91		int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
	91	int ok;
92	92
	93	if (in == NULL)
	94	return 0;
	95	ok = (asn1_d2i_read_bio(in, &mem) >= 0);
93	96	if (ok) {
94	97	data = (unsigned char )mem->data;
95	98	*len = (long)mem->length;

+24

-11

providers/implementations/exchange/dh_exch.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

140	140
141	141	static int dh_plain_derive(void *vpdhctx,
142	142	unsigned char secret, size_t secretlen,
143		size_t outlen)
	143	size_t outlen, unsigned int pad)
144	144	{
145	145	PROV_DH_CTX pdhctx = (PROV_DH_CTX )vpdhctx;
146	146	int ret;

163	163	}
164	164
165	165	DH_get0_key(pdhctx->dhpeer, &pub_key, NULL);
166		if (pdhctx->pad)
	166	if (pad)
167	167	ret = DH_compute_key_padded(secret, pub_key, pdhctx->dh);
168	168	else
169	169	ret = DH_compute_key(secret, pub_key, pdhctx->dh);

191	191	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
192	192	return 0;
193	193	}
194		if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0))
	194	if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0, 1))
195	195	return 0;
196	196	if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) {
197	197	ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
198	198	return 0;
199	199	}
200		if (!dh_plain_derive(pdhctx, stmp, &stmplen, stmplen))
	200	if (!dh_plain_derive(pdhctx, stmp, &stmplen, stmplen, 1))
201	201	goto err;
202	202
203	203	/* Do KDF stuff */

228	228
229	229	switch (pdhctx->kdf_type) {
230	230	case PROV_DH_KDF_NONE:
231		return dh_plain_derive(pdhctx, secret, psecretlen, outlen);
	231	return dh_plain_derive(pdhctx, secret, psecretlen, outlen,
	232	pdhctx->pad);
232	233	case PROV_DH_KDF_X9_42_ASN1:
233	234	return dh_X9_42_kdf_derive(pdhctx, secret, psecretlen, outlen);
234	235	default:

291	292	if (dstctx->kdf_ukm == NULL)
292	293	goto err;
293	294	}
294		dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg);
	295
	296	if (srcctx->kdf_cekalg != NULL) {
	297	dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg);
	298	if (dstctx->kdf_cekalg == NULL)
	299	goto err;
	300	}
295	301
296	302	return dstctx;
297	303	err:

388	394	p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_CEK_ALG);
389	395	if (p != NULL) {
390	396	str = name;
391		if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
392		return 0;
393		pdhctx->kdf_cekalg = OPENSSL_strdup(name);
	397
	398	OPENSSL_free(pdhctx->kdf_cekalg);
	399	pdhctx->kdf_cekalg = NULL;
	400	if (p->data != NULL && p->data_size != 0) {
	401	if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name)))
	402	return 0;
	403	pdhctx->kdf_cekalg = OPENSSL_strdup(name);
	404	if (pdhctx->kdf_cekalg == NULL)
	405	return 0;
	406	}
394	407	}
395	408	return 1;
396	409	}

413	426	}
414	427
415	428	static const OSSL_PARAM known_gettable_ctx_params[] = {
416		OSSL_PARAM_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE, NULL),
417	429	OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, NULL, 0),
418	430	OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0),
419	431	OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL),
420	432	OSSL_PARAM_DEFN(OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR,
421	433	NULL, 0),
	434	OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0),
422	435	OSSL_PARAM_END
423	436	};
424	437

+16

-6

providers/implementations/keymgmt/dh_kmgmt.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

200	200	if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
201	201	ok = ok && ossl_dh_params_fromdata(dh, params);
202	202
203		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
204		ok = ok && ossl_dh_key_fromdata(dh, params);
	203	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	204	int include_private =
	205	selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
	206
	207	ok = ok && ossl_dh_key_fromdata(dh, params, include_private);
	208	}
205	209
206	210	return ok;
207	211	}

223	227
224	228	if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
225	229	ok = ok && ossl_dh_params_todata(dh, tmpl, NULL);
226		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
227		ok = ok && ossl_dh_key_todata(dh, tmpl, NULL);
	230
	231	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	232	int include_private =
	233	selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
	234
	235	ok = ok && ossl_dh_key_todata(dh, tmpl, NULL, include_private);
	236	}
228	237
229	238	if (!ok
230	239	\|\| (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) {

322	331	}
323	332
324	333	return ossl_dh_params_todata(dh, NULL, params)
325		&& ossl_dh_key_todata(dh, NULL, params);
	334	&& ossl_dh_key_todata(dh, NULL, params, 1);
326	335	}
327	336
328	337	static const OSSL_PARAM dh_params[] = {

531	540	const DH_NAMED_GROUP *group = NULL;
532	541
533	542	if (p->data_type != OSSL_PARAM_UTF8_STRING
	543	\|\| p->data == NULL
534	544	\|\| (group = ossl_ffc_name_to_dh_named_group(p->data)) == NULL
535	545	\|\| ((gctx->group_nid =
536	546	ossl_ffc_named_group_get_uid(group)) == NID_undef)) {

+24

-10

providers/implementations/keymgmt/dsa_kmgmt.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

95	95	return -1;
96	96	}
97	97
98		static int dsa_key_todata(DSA dsa, OSSL_PARAM_BLD bld, OSSL_PARAM params[])
	98	static int dsa_key_todata(DSA dsa, OSSL_PARAM_BLD bld, OSSL_PARAM params[],
	99	int include_private)
99	100	{
100	101	const BIGNUM priv = NULL, pub = NULL;
101	102

103	104	return 0;
104	105
105	106	DSA_get0_key(dsa, &pub, &priv);
106		if (priv != NULL
	107	if (include_private
	108	&& priv != NULL
107	109	&& !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PRIV_KEY, priv))
108	110	return 0;
109	111	if (pub != NULL

199	201
200	202	if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
201	203	ok = ok && ossl_dsa_ffc_params_fromdata(dsa, params);
202		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
203		ok = ok && ossl_dsa_key_fromdata(dsa, params);
	204	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	205	int include_private =
	206	selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
	207
	208	ok = ok && ossl_dsa_key_fromdata(dsa, params, include_private);
	209	}
204	210
205	211	return ok;
206	212	}

209	215	void *cbarg)
210	216	{
211	217	DSA *dsa = keydata;
212		OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
	218	OSSL_PARAM_BLD *tmpl;
213	219	OSSL_PARAM *params = NULL;
214	220	int ok = 1;
215	221
216	222	if (!ossl_prov_is_running() \|\| dsa == NULL)
217		goto err;
	223	return 0;
	224
	225	tmpl = OSSL_PARAM_BLD_new();
	226	if (tmpl == NULL)
	227	return 0;
218	228
219	229	if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
220	230	ok = ok && ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), tmpl, NULL);
221		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
222		ok = ok && dsa_key_todata(dsa, tmpl, NULL);
	231	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	232	int include_private =
	233	selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
	234
	235	ok = ok && dsa_key_todata(dsa, tmpl, NULL, include_private);
	236	}
223	237
224	238	if (!ok
225	239	\|\| (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)

308	322	&& !OSSL_PARAM_set_utf8_string(p, DSA_DEFAULT_MD))
309	323	return 0;
310	324	return ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), NULL, params)
311		&& dsa_key_todata(dsa, NULL, params);
	325	&& dsa_key_todata(dsa, NULL, params, 1);
312	326	}
313	327
314	328	static const OSSL_PARAM dsa_params[] = {

+9

-0

providers/implementations/keymgmt/ec_kmgmt_imexport.inc less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
0	9	/*
1	10	* This file is meant to be included from ec_kmgmt.c
2	11	*/

+13

-9

providers/implementations/keymgmt/ecx_kmgmt.c less more

0	0	/*
1		* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

193	193	{
194	194	ECX_KEY *key = keydata;
195	195	int ok = 1;
196		int include_private = 0;
	196	int include_private;
197	197
198	198	if (!ossl_prov_is_running() \|\| key == NULL)
199	199	return 0;

201	201	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
202	202	return 0;
203	203
204		include_private = ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0);
	204	include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
205	205	ok = ok && ossl_ecx_key_fromdata(key, params, include_private);
206	206
207	207	return ok;
208	208	}
209	209
210	210	static int key_to_params(ECX_KEY key, OSSL_PARAM_BLD tmpl,
211		OSSL_PARAM params[])
	211	OSSL_PARAM params[], int include_private)
212	212	{
213	213	if (key == NULL)
214	214	return 0;

218	218	key->pubkey, key->keylen))
219	219	return 0;
220	220
221		if (key->privkey != NULL
	221	if (include_private
	222	&& key->privkey != NULL
222	223	&& !ossl_param_build_set_octet_string(tmpl, params,
223	224	OSSL_PKEY_PARAM_PRIV_KEY,
224	225	key->privkey, key->keylen))

242	243	if (tmpl == NULL)
243	244	return 0;
244	245
245		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0
246		&& !key_to_params(key, tmpl, NULL))
247		goto err;
	246	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	247	int include_private = ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0);
	248
	249	if (!key_to_params(key, tmpl, NULL, include_private))
	250	goto err;
	251	}
248	252
249	253	params = OSSL_PARAM_BLD_to_param(tmpl);
250	254	if (params == NULL)

294	298	return 0;
295	299	}
296	300
297		return key_to_params(ecx, NULL, params);
	301	return key_to_params(ecx, NULL, params, 1);
298	302	}
299	303
300	304	static int ed_get_params(void *key, OSSL_PARAM params[])

+27

-14

providers/implementations/keymgmt/rsa_kmgmt.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

189	189	&pss_defaults_set,
190	190	params, rsa_type,
191	191	ossl_rsa_get0_libctx(rsa));
192		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
193		ok = ok && ossl_rsa_fromdata(rsa, params);
	192	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	193	int include_private =
	194	selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
	195
	196	ok = ok && ossl_rsa_fromdata(rsa, params, include_private);
	197	}
194	198
195	199	return ok;
196	200	}

217	221	if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
218	222	ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params)
219	223	\|\| ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL));
220		if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
221		ok = ok && ossl_rsa_todata(rsa, tmpl, NULL);
	224	if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	225	int include_private =
	226	selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
	227
	228	ok = ok && ossl_rsa_todata(rsa, tmpl, NULL, include_private);
	229	}
222	230
223	231	if (!ok
224	232	\|\| (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)

362	370	}
363	371	return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS
364	372	\|\| ossl_rsa_pss_params_30_todata(pss_params, NULL, params))
365		&& ossl_rsa_todata(rsa, NULL, params);
	373	&& ossl_rsa_todata(rsa, NULL, params, 1);
366	374	}
367	375
368	376	static const OSSL_PARAM rsa_params[] = {

453	461	gctx->libctx = libctx;
454	462	if ((gctx->pub_exp = BN_new()) == NULL
455	463	\|\| !BN_set_word(gctx->pub_exp, RSA_F4)) {
456		BN_free(gctx->pub_exp);
457		OPENSSL_free(gctx);
458		return NULL;
	464	goto err;
459	465	}
460	466	gctx->nbits = 2048;
461	467	gctx->primes = RSA_DEFAULT_PRIME_NUM;
462	468	gctx->rsa_type = rsa_type;
463		}
464		if (!rsa_gen_set_params(gctx, params)) {
465		OPENSSL_free(gctx);
466		return NULL;
467		}
	469	} else {
	470	goto err;
	471	}
	472
	473	if (!rsa_gen_set_params(gctx, params))
	474	goto err;
468	475	return gctx;
	476
	477	err:
	478	if (gctx != NULL)
	479	BN_free(gctx->pub_exp);
	480	OPENSSL_free(gctx);
	481	return NULL;
469	482	}
470	483
471	484	static void rsa_gen_init(void provctx, int selection,

+5

-1

providers/implementations/rands/drbg.c less more

0	0	/*
1		* Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2011-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

836	836	goto err;
837	837	}
838	838	}
	839	#ifdef TSAN_REQUIRES_LOCKING
	840	if (!ossl_drbg_enable_locking(drbg))
	841	goto err;
	842	#endif
839	843	return drbg;
840	844
841	845	err:

+1

-1

providers/implementations/storemgmt/file_store.c less more

174	174
175	175	if ((ctx = new_file_ctx(IS_DIR, uri, provctx)) == NULL) {
176	176	ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
177		goto err;
	177	return NULL;
178	178	}
179	179
180	180	ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, path);

+34

-19

ssl/record/ssl3_record.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

190	190
191	191	rr = RECORD_LAYER_get_rrec(&s->rlayer);
192	192	rbuf = RECORD_LAYER_get_rbuf(&s->rlayer);
193		is_ktls_left = (rbuf->left > 0);
	193	is_ktls_left = (SSL3_BUFFER_get_left(rbuf) > 0);
194	194	max_recs = s->max_pipelines;
195	195	if (max_recs == 0)
196	196	max_recs = 1;

407	407	len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD;
408	408	#endif
409	409
410		if (thisrr->length > len && !BIO_get_ktls_recv(s->rbio)) {
	410	/* KTLS may use all of the buffer */
	411	if (BIO_get_ktls_recv(s->rbio) && !is_ktls_left)
	412	len = SSL3_BUFFER_get_left(rbuf);
	413
	414	if (thisrr->length > len) {
411	415	SSLfatal(s, SSL_AD_RECORD_OVERFLOW,
412	416	SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
413	417	return -1;

710	714	goto end;
711	715	}
712	716
	717	/*
	718	* Usually thisrr->length is the length of a single record, but when
	719	* KTLS handles the decryption, thisrr->length may be larger than
	720	* SSL3_RT_MAX_PLAIN_LENGTH because the kernel may have coalesced
	721	* multiple records.
	722	* Therefore we have to rely on KTLS to check the plaintext length
	723	* limit in the kernel.
	724	*/
713	725	if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH
714		&& !BIO_get_ktls_recv(s->rbio)) {
	726	&& (!BIO_get_ktls_recv(s->rbio) \|\| is_ktls_left)) {
715	727	SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_R_DATA_LENGTH_TOO_LONG);
716	728	goto end;
717	729	}
718	730
719		/* If received packet overflows current Max Fragment Length setting */
	731	/*
	732	* Check if the received packet overflows the current
	733	* Max Fragment Length setting.
	734	* Note: USE_MAX_FRAGMENT_LENGTH_EXT and KTLS are mutually exclusive.
	735	*/
720	736	if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session)
721		&& thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session)
722		&& !BIO_get_ktls_recv(s->rbio)) {
	737	&& thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session)) {
723	738	SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_R_DATA_LENGTH_TOO_LONG);
724	739	goto end;
725	740	}

1391	1406	int tlstree_mac = sending ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_TLSTREE)
1392	1407	: (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_TLSTREE);
1393	1408	int t;
	1409	int ret = 0;
1394	1410
1395	1411	if (sending) {
1396	1412	seq = RECORD_LAYER_get_write_sequence(&ssl->rlayer);

1411	1427	} else {
1412	1428	hmac = EVP_MD_CTX_new();
1413	1429	if (hmac == NULL \|\| !EVP_MD_CTX_copy(hmac, hash)) {
1414		EVP_MD_CTX_free(hmac);
1415		return 0;
	1430	goto end;
1416	1431	}
1417	1432	mac_ctx = hmac;
1418	1433	}
1419	1434
1420	1435	if (!SSL_IS_DTLS(ssl) && tlstree_mac && EVP_MD_CTX_ctrl(mac_ctx, EVP_MD_CTRL_TLSTREE, 0, seq) <= 0) {
1421		EVP_MD_CTX_free(hmac);
1422		return 0;
	1436	goto end;
1423	1437	}
1424	1438
1425	1439	if (SSL_IS_DTLS(ssl)) {

1449	1463	*p++ = OSSL_PARAM_construct_end();
1450	1464
1451	1465	if (!EVP_PKEY_CTX_set_params(EVP_MD_CTX_get_pkey_ctx(mac_ctx),
1452		tls_hmac_params))
1453		return 0;
	1466	tls_hmac_params)) {
	1467	goto end;
	1468	}
1454	1469	}
1455	1470
1456	1471	if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
1457	1472	\|\| EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
1458	1473	\|\| EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
1459		EVP_MD_CTX_free(hmac);
1460		return 0;
1461		}
1462
1463		EVP_MD_CTX_free(hmac);
	1474	goto end;
	1475	}
1464	1476
1465	1477	OSSL_TRACE_BEGIN(TLS) {
1466	1478	BIO_printf(trc_out, "seq:\n");

1480	1492	BIO_printf(trc_out, "md:\n");
1481	1493	BIO_dump_indent(trc_out, md, md_size, 4);
1482	1494	} OSSL_TRACE_END(TLS);
1483		return 1;
	1495	ret = 1;
	1496	end:
	1497	EVP_MD_CTX_free(hmac);
	1498	return ret;
1484	1499	}
1485	1500
1486	1501	int dtls1_process_record(SSL s, DTLS1_BITMAP bitmap)

+7

-7

ssl/s3_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

2167	2167	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2168	2168	TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2169	2169	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2170		SSL_kEDH,
	2170	SSL_kDHE,
2171	2171	SSL_aDSS,
2172	2172	SSL_CAMELLIA128,
2173	2173	SSL_SHA256,

2183	2183	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2184	2184	TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2185	2185	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2186		SSL_kEDH,
	2186	SSL_kDHE,
2187	2187	SSL_aRSA,
2188	2188	SSL_CAMELLIA128,
2189	2189	SSL_SHA256,

2199	2199	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2200	2200	TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2201	2201	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2202		SSL_kEDH,
	2202	SSL_kDHE,
2203	2203	SSL_aNULL,
2204	2204	SSL_CAMELLIA128,
2205	2205	SSL_SHA256,

2231	2231	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2232	2232	TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2233	2233	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2234		SSL_kEDH,
	2234	SSL_kDHE,
2235	2235	SSL_aDSS,
2236	2236	SSL_CAMELLIA256,
2237	2237	SSL_SHA256,

2247	2247	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2248	2248	TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2249	2249	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2250		SSL_kEDH,
	2250	SSL_kDHE,
2251	2251	SSL_aRSA,
2252	2252	SSL_CAMELLIA256,
2253	2253	SSL_SHA256,

2263	2263	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2264	2264	TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2265	2265	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2266		SSL_kEDH,
	2266	SSL_kDHE,
2267	2267	SSL_aNULL,
2268	2268	SSL_CAMELLIA256,
2269	2269	SSL_SHA256,

+4

-3

ssl/ssl_cert.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

1000	1000	int op, int bits, int nid, void *other,
1001	1001	void *ex)
1002	1002	{
1003		int level, minbits;
	1003	int level, minbits, pfs_mask;
1004	1004
1005	1005	minbits = ssl_get_security_level_bits(s, ctx, &level);
1006	1006

1035	1035	if (level >= 2 && c->algorithm_enc == SSL_RC4)
1036	1036	return 0;
1037	1037	/* Level 3: forward secure ciphersuites only */
	1038	pfs_mask = SSL_kDHE \| SSL_kECDHE \| SSL_kDHEPSK \| SSL_kECDHEPSK;
1038	1039	if (level >= 3 && c->min_tls != TLS1_3_VERSION &&
1039		!(c->algorithm_mkey & (SSL_kEDH \| SSL_kEECDH)))
	1040	!(c->algorithm_mkey & pfs_mask))
1040	1041	return 0;
1041	1042	break;
1042	1043	}

+39

-13

ssl/ssl_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

2392	2392	return 1;
2393	2393	case SSL_CTRL_GET_RI_SUPPORT:
2394	2394	return s->s3.send_connection_binding;
	2395	case SSL_CTRL_SET_RETRY_VERIFY:
	2396	s->rwstate = SSL_RETRY_VERIFY;
	2397	return 1;
2395	2398	case SSL_CTRL_CERT_FLAGS:
2396	2399	return (s->cert->cert_flags \|= larg);
2397	2400	case SSL_CTRL_CLEAR_CERT_FLAGS:

2450	2453	return ctx->sessions;
2451	2454	}
2452	2455
	2456	static int ssl_tsan_load(SSL_CTX ctx, TSAN_QUALIFIER int stat)
	2457	{
	2458	int res = 0;
	2459
	2460	if (ssl_tsan_lock(ctx)) {
	2461	res = tsan_load(stat);
	2462	ssl_tsan_unlock(ctx);
	2463	}
	2464	return res;
	2465	}
	2466
2453	2467	long SSL_CTX_ctrl(SSL_CTX ctx, int cmd, long larg, void parg)
2454	2468	{
2455	2469	long l;

2505	2519	case SSL_CTRL_SESS_NUMBER:
2506	2520	return lh_SSL_SESSION_num_items(ctx->sessions);
2507	2521	case SSL_CTRL_SESS_CONNECT:
2508		return tsan_load(&ctx->stats.sess_connect);
	2522	return ssl_tsan_load(ctx, &ctx->stats.sess_connect);
2509	2523	case SSL_CTRL_SESS_CONNECT_GOOD:
2510		return tsan_load(&ctx->stats.sess_connect_good);
	2524	return ssl_tsan_load(ctx, &ctx->stats.sess_connect_good);
2511	2525	case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
2512		return tsan_load(&ctx->stats.sess_connect_renegotiate);
	2526	return ssl_tsan_load(ctx, &ctx->stats.sess_connect_renegotiate);
2513	2527	case SSL_CTRL_SESS_ACCEPT:
2514		return tsan_load(&ctx->stats.sess_accept);
	2528	return ssl_tsan_load(ctx, &ctx->stats.sess_accept);
2515	2529	case SSL_CTRL_SESS_ACCEPT_GOOD:
2516		return tsan_load(&ctx->stats.sess_accept_good);
	2530	return ssl_tsan_load(ctx, &ctx->stats.sess_accept_good);
2517	2531	case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
2518		return tsan_load(&ctx->stats.sess_accept_renegotiate);
	2532	return ssl_tsan_load(ctx, &ctx->stats.sess_accept_renegotiate);
2519	2533	case SSL_CTRL_SESS_HIT:
2520		return tsan_load(&ctx->stats.sess_hit);
	2534	return ssl_tsan_load(ctx, &ctx->stats.sess_hit);
2521	2535	case SSL_CTRL_SESS_CB_HIT:
2522		return tsan_load(&ctx->stats.sess_cb_hit);
	2536	return ssl_tsan_load(ctx, &ctx->stats.sess_cb_hit);
2523	2537	case SSL_CTRL_SESS_MISSES:
2524		return tsan_load(&ctx->stats.sess_miss);
	2538	return ssl_tsan_load(ctx, &ctx->stats.sess_miss);
2525	2539	case SSL_CTRL_SESS_TIMEOUTS:
2526		return tsan_load(&ctx->stats.sess_timeout);
	2540	return ssl_tsan_load(ctx, &ctx->stats.sess_timeout);
2527	2541	case SSL_CTRL_SESS_CACHE_FULL:
2528		return tsan_load(&ctx->stats.sess_cache_full);
	2542	return ssl_tsan_load(ctx, &ctx->stats.sess_cache_full);
2529	2543	case SSL_CTRL_MODE:
2530	2544	return (ctx->mode \|= larg);
2531	2545	case SSL_CTRL_CLEAR_MODE:

3198	3212	return NULL;
3199	3213	}
3200	3214
	3215	#ifdef TSAN_REQUIRES_LOCKING
	3216	ret->tsan_lock = CRYPTO_THREAD_lock_new();
	3217	if (ret->tsan_lock == NULL) {
	3218	ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
	3219	goto err;
	3220	}
	3221	#endif
	3222
3201	3223	ret->libctx = libctx;
3202	3224	if (propq != NULL) {
3203	3225	ret->propq = OPENSSL_strdup(propq);

3464	3486	OPENSSL_free(a->sigalg_lookup_cache);
3465	3487
3466	3488	CRYPTO_THREAD_lock_free(a->lock);
	3489	#ifdef TSAN_REQUIRES_LOCKING
	3490	CRYPTO_THREAD_lock_free(a->tsan_lock);
	3491	#endif
3467	3492
3468	3493	OPENSSL_free(a->propq);
3469	3494

3732	3757	/* auto flush every 255 connections */
3733	3758	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
3734	3759	TSAN_QUALIFIER int *stat;
	3760
3735	3761	if (mode & SSL_SESS_CACHE_CLIENT)
3736	3762	stat = &s->session_ctx->stats.sess_connect_good;
3737	3763	else
3738	3764	stat = &s->session_ctx->stats.sess_accept_good;
3739		if ((tsan_load(stat) & 0xff) == 0xff)
	3765	if ((ssl_tsan_load(s->session_ctx, stat) & 0xff) == 0xff)
3740	3766	SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
3741	3767	}
3742	3768	}

+34

-1

ssl/ssl_local.h less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

810	810	size_t ssl_hmac_size(const SSL_HMAC *ctx);
811	811
812	812	int ssl_get_EC_curve_nid(const EVP_PKEY *pkey);
	813	__owur int tls13_set_encoded_pub_key(EVP_PKEY *pkey,
	814	const unsigned char *enckey,
	815	size_t enckeylen);
813	816
814	817	typedef struct tls_group_info_st {
815	818	char tlsname; / Curve Name as in TLS specs */

897	900	* other processes - spooky
898	901	* :-) */
899	902	} stats;
	903	#ifdef TSAN_REQUIRES_LOCKING
	904	CRYPTO_RWLOCK *tsan_lock;
	905	#endif
900	906
901	907	CRYPTO_REF_COUNT references;
902	908

2846	2852	# define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
2847	2853
2848	2854	# endif
	2855
	2856	/* Some helper routines to support TSAN operations safely */
	2857	static ossl_unused ossl_inline int ssl_tsan_lock(const SSL_CTX *ctx)
	2858	{
	2859	#ifdef TSAN_REQUIRES_LOCKING
	2860	if (!CRYPTO_THREAD_write_lock(ctx->tsan_lock))
	2861	return 0;
2849	2862	#endif
	2863	return 1;
	2864	}
	2865
	2866	static ossl_unused ossl_inline void ssl_tsan_unlock(const SSL_CTX *ctx)
	2867	{
	2868	#ifdef TSAN_REQUIRES_LOCKING
	2869	CRYPTO_THREAD_unlock(ctx->tsan_lock);
	2870	#endif
	2871	}
	2872
	2873	static ossl_unused ossl_inline void ssl_tsan_counter(const SSL_CTX *ctx,
	2874	TSAN_QUALIFIER int *stat)
	2875	{
	2876	if (ssl_tsan_lock(ctx)) {
	2877	tsan_counter(stat);
	2878	ssl_tsan_unlock(ctx);
	2879	}
	2880	}
	2881
	2882	#endif

+7

-6

ssl/ssl_sess.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2005 Nokia. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

501	501	}
502	502	CRYPTO_THREAD_unlock(s->session_ctx->lock);
503	503	if (ret == NULL)
504		tsan_counter(&s->session_ctx->stats.sess_miss);
	504	ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_miss);
505	505	}
506	506
507	507	if (ret == NULL && s->session_ctx->get_session_cb != NULL) {

510	510	ret = s->session_ctx->get_session_cb(s, sess_id, sess_id_len, &copy);
511	511
512	512	if (ret != NULL) {
513		tsan_counter(&s->session_ctx->stats.sess_cb_hit);
	513	ssl_tsan_counter(s->session_ctx,
	514	&s->session_ctx->stats.sess_cb_hit);
514	515
515	516	/*
516	517	* Increment reference count now if the session callback asks us

641	642	}
642	643
643	644	if (sess_timedout(time(NULL), ret)) {
644		tsan_counter(&s->session_ctx->stats.sess_timeout);
	645	ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_timeout);
645	646	if (try_session_cache) {
646	647	/* session was from the cache, so remove it */
647	648	SSL_CTX_remove_session(s->session_ctx, ret);

668	669	s->session = ret;
669	670	}
670	671
671		tsan_counter(&s->session_ctx->stats.sess_hit);
	672	ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_hit);
672	673	s->verify_result = s->session->verify_result;
673	674	return 1;
674	675

768	769	if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
769	770	break;
770	771	else
771		tsan_counter(&ctx->stats.sess_cache_full);
	772	ssl_tsan_counter(ctx, &ctx->stats.sess_cache_full);
772	773	}
773	774	}
774	775	}

+12

-3

ssl/statem/extensions.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

896	896	return 1;
897	897	}
898	898
	899	static ossl_inline void ssl_tsan_decr(const SSL_CTX *ctx,
	900	TSAN_QUALIFIER int *stat)
	901	{
	902	if (ssl_tsan_lock(ctx)) {
	903	tsan_decr(stat);
	904	ssl_tsan_unlock(ctx);
	905	}
	906	}
	907
899	908	static int init_server_name(SSL *s, unsigned int context)
900	909	{
901	910	if (s->server) {

953	962	*/
954	963	if (SSL_IS_FIRST_HANDSHAKE(s) && s->ctx != s->session_ctx
955	964	&& s->hello_retry_request == SSL_HRR_NONE) {
956		tsan_counter(&s->ctx->stats.sess_accept);
957		tsan_decr(&s->session_ctx->stats.sess_accept);
	965	ssl_tsan_counter(s->ctx, &s->ctx->stats.sess_accept);
	966	ssl_tsan_decr(s->session_ctx, &s->session_ctx->stats.sess_accept);
958	967	}
959	968
960	969	/*

+3

-3

ssl/statem/extensions_clnt.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

1837	1837	return 0;
1838	1838	}
1839	1839
1840		if (EVP_PKEY_set1_encoded_public_key(skey, PACKET_data(&encoded_pt),
1841		PACKET_remaining(&encoded_pt)) <= 0) {
	1840	if (tls13_set_encoded_pub_key(skey, PACKET_data(&encoded_pt),
	1841	PACKET_remaining(&encoded_pt)) <= 0) {
1842	1842	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_ECPOINT);
1843	1843	EVP_PKEY_free(skey);
1844	1844	return 0;

+4

-4

ssl/statem/extensions_srvr.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

662	662	/* Cache the selected group ID in the SSL_SESSION */
663	663	s->session->kex_group = group_id;
664	664
665		if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp,
666		PACKET_data(&encoded_pt),
667		PACKET_remaining(&encoded_pt)) <= 0) {
	665	if (tls13_set_encoded_pub_key(s->s3.peer_tmp,
	666	PACKET_data(&encoded_pt),
	667	PACKET_remaining(&encoded_pt)) <= 0) {
668	668	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_ECPOINT);
669	669	return 0;
670	670	}

+12

-11

ssl/statem/statem_clnt.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

1568	1568	* overwritten if the server refuses resumption.
1569	1569	*/
1570	1570	if (s->session->session_id_length > 0) {
1571		tsan_counter(&s->session_ctx->stats.sess_miss);
	1571	ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_miss);
1572	1572	if (!ssl_get_new_session(s, 0)) {
1573	1573	/* SSLfatal() already called */
1574	1574	goto err;

1858	1858	size_t certidx;
1859	1859	int i;
1860	1860
	1861	if (s->rwstate == SSL_RETRY_VERIFY)
	1862	s->rwstate = SSL_NOTHING;
1861	1863	i = ssl_verify_cert_chain(s, s->session->peer_chain);
1862		if (i == -1) {
1863		s->rwstate = SSL_RETRY_VERIFY;
	1864	if (i > 0 && s->rwstate == SSL_RETRY_VERIFY) {
1864	1865	return WORK_MORE_A;
1865	1866	}
1866	1867	/*

1877	1878	* (less clean) historic behaviour of performing validation if any flag is
1878	1879	* set. The documented interface remains the same.
1879	1880	*/
1880		if (s->verify_mode != SSL_VERIFY_NONE && i == 0) {
	1881	if (s->verify_mode != SSL_VERIFY_NONE && i <= 0) {
1881	1882	SSLfatal(s, ssl_x509err2alert(s->verify_result),
1882	1883	SSL_R_CERTIFICATE_VERIFY_FAILED);
1883	1884	return WORK_ERROR;

2925	2926	encoded_pub_len = EVP_PKEY_get1_encoded_public_key(ckey, &encoded_pub);
2926	2927	if (encoded_pub_len == 0) {
2927	2928	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
2928		EVP_PKEY_free(skey);
	2929	EVP_PKEY_free(ckey);
2929	2930	return EXT_RETURN_FAIL;
2930	2931	}
2931	2932

3073	3074	EVP_MD_CTX_free(ukm_hash);
3074	3075	ukm_hash = NULL;
3075	3076	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
3076		EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) {
	3077	EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) <= 0) {
3077	3078	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
3078	3079	goto err;
3079	3080	}

3186	3187	if (peer_cert == NULL) {
3187	3188	SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
3188	3189	SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
3189		return 0;
	3190	goto err;
3190	3191	}
3191	3192
3192	3193	pkey_ctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx,

3194	3195	s->ctx->propq);
3195	3196	if (pkey_ctx == NULL) {
3196	3197	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
3197		return 0;
	3198	goto err;
3198	3199	}
3199	3200
3200	3201	if (EVP_PKEY_encrypt_init(pkey_ctx) <= 0 ) {

3204	3205
3205	3206	/* Reuse EVP_PKEY_CTRL_SET_IV, make choice in engine code */
3206	3207	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
3207		EVP_PKEY_CTRL_SET_IV, 32, rnd_dgst) < 0) {
	3208	EVP_PKEY_CTRL_SET_IV, 32, rnd_dgst) <= 0) {
3208	3209	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
3209	3210	goto err;
3210	3211	}
3211	3212
3212	3213	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
3213		EVP_PKEY_CTRL_CIPHER, cipher_nid, NULL) < 0) {
	3214	EVP_PKEY_CTRL_CIPHER, cipher_nid, NULL) <= 0) {
3214	3215	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
3215	3216	goto err;
3216	3217	}

+11

-8

ssl/statem/statem_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

174	174	}
175	175	if (SSL_IS_FIRST_HANDSHAKE(s)) {
176	176	/* N.B. s->session_ctx == s->ctx here */
177		tsan_counter(&s->session_ctx->stats.sess_accept);
	177	ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_accept);
178	178	} else {
179	179	/* N.B. s->ctx may not equal s->session_ctx */
180		tsan_counter(&s->ctx->stats.sess_accept_renegotiate);
	180	ssl_tsan_counter(s->ctx, &s->ctx->stats.sess_accept_renegotiate);
181	181
182	182	s->s3.tmp.cert_request = 0;
183	183	}
184	184	} else {
185	185	if (SSL_IS_FIRST_HANDSHAKE(s))
186		tsan_counter(&s->session_ctx->stats.sess_connect);
	186	ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_connect);
187	187	else
188		tsan_counter(&s->session_ctx->stats.sess_connect_renegotiate);
	188	ssl_tsan_counter(s->session_ctx,
	189	&s->session_ctx->stats.sess_connect_renegotiate);
189	190
190	191	/* mark client_random uninitialized */
191	192	memset(s->s3.client_random, 0, sizeof(s->s3.client_random));

1095	1096	ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
1096	1097
1097	1098	/* N.B. s->ctx may not equal s->session_ctx */
1098		tsan_counter(&s->ctx->stats.sess_accept_good);
	1099	ssl_tsan_counter(s->ctx, &s->ctx->stats.sess_accept_good);
1099	1100	s->handshake_func = ossl_statem_accept;
1100	1101	} else {
1101	1102	if (SSL_IS_TLS13(s)) {

1114	1115	ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
1115	1116	}
1116	1117	if (s->hit)
1117		tsan_counter(&s->session_ctx->stats.sess_hit);
	1118	ssl_tsan_counter(s->session_ctx,
	1119	&s->session_ctx->stats.sess_hit);
1118	1120
1119	1121	s->handshake_func = ossl_statem_connect;
1120		tsan_counter(&s->session_ctx->stats.sess_connect_good);
	1122	ssl_tsan_counter(s->session_ctx,
	1123	&s->session_ctx->stats.sess_connect_good);
1121	1124	}
1122	1125
1123	1126	if (SSL_IS_DTLS(s)) {

+3

-3

ssl/statem/statem_srvr.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

3243	3243
3244	3244	/* Reuse EVP_PKEY_CTRL_SET_IV, make choice in engine code depending on size */
3245	3245	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_DECRYPT,
3246		EVP_PKEY_CTRL_SET_IV, 32, rnd_dgst) < 0) {
	3246	EVP_PKEY_CTRL_SET_IV, 32, rnd_dgst) <= 0) {
3247	3247	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
3248	3248	goto err;
3249	3249	}
3250	3250
3251	3251	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_DECRYPT,
3252		EVP_PKEY_CTRL_CIPHER, cipher_nid, NULL) < 0) {
	3252	EVP_PKEY_CTRL_CIPHER, cipher_nid, NULL) <= 0) {
3253	3253	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
3254	3254	goto err;
3255	3255	}

+2

-2

ssl/t1_enc.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2005 Nokia. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

121	121	return -1;
122	122
123	123	/* Read until next record */
124		if (PACKET_get_length_prefixed_2(&pkt, &subpkt))
	124	if (!PACKET_get_length_prefixed_2(&pkt, &subpkt))
125	125	return -1;
126	126
127	127	count += 1;

+20

-1

ssl/t1_lib.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

3476	3476
3477	3477	return NID_undef;
3478	3478	}
	3479
	3480	__owur int tls13_set_encoded_pub_key(EVP_PKEY *pkey,
	3481	const unsigned char *enckey,
	3482	size_t enckeylen)
	3483	{
	3484	if (EVP_PKEY_is_a(pkey, "DH")) {
	3485	int bits = EVP_PKEY_get_bits(pkey);
	3486
	3487	if (bits <= 0 \|\| enckeylen != (size_t)bits / 8)
	3488	/* the encoded key must be padded to the length of the p */
	3489	return 0;
	3490	} else if (EVP_PKEY_is_a(pkey, "EC")) {
	3491	if (enckeylen < 3 /* point format and at least 1 byte for x and y */
	3492	\|\| enckey[0] != 0x04)
	3493	return 0;
	3494	}
	3495
	3496	return EVP_PKEY_set1_encoded_public_key(pkey, enckey, enckeylen);
	3497	}

+2

-2

test/acvp_test.c less more

217	217	r1 = ECDSA_SIG_get0_r(sign);
218	218	s1 = ECDSA_SIG_get0_s(sign);
219	219	if (r1 == NULL \|\| s1 == NULL)
220		return 0;
	220	goto err;
221	221
222	222	r1_len = BN_num_bytes(r1);
223	223	s1_len = BN_num_bytes(s1);

559	559	return 0;
560	560	DSA_SIG_get0(sign, &r1, &s1);
561	561	if (r1 == NULL \|\| s1 == NULL)
562		return 0;
	562	goto err;
563	563
564	564	r1_len = BN_num_bytes(r1);
565	565	s1_len = BN_num_bytes(s1);

+42

-20

test/bio_enc_test.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

37	37	static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
38	38	const unsigned char* iv)
39	39	{
40		BIO *b;
	40	BIO b, mem;
41	41	static unsigned char inp[BUF_SIZE] = { 0 };
42	42	unsigned char out[BUF_SIZE], ref[BUF_SIZE];
43	43	int i, lref, len;

53	53	if (!TEST_ptr(b))
54	54	return 0;
55	55	if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT)))
56		return 0;
57		BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
	56	goto err;
	57	mem = BIO_new_mem_buf(inp, DATA_SIZE);
	58	if (!TEST_ptr(mem))
	59	goto err;
	60	BIO_push(b, mem);
58	61	lref = BIO_read(b, ref, sizeof(ref));
59	62	BIO_free_all(b);
60	63

65	68	return 0;
66	69	if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
67	70	TEST_info("Split encrypt failed @ operation %d", i);
68		return 0;
69		}
70		BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
	71	goto err;
	72	}
	73	mem = BIO_new_mem_buf(inp, DATA_SIZE);
	74	if (!TEST_ptr(mem))
	75	goto err;
	76	BIO_push(b, mem);
71	77	memset(out, 0, sizeof(out));
72	78	out[i] = ~ref[i];
73	79	len = BIO_read(b, out, i);
74	80	/* check for overstep */
75	81	if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
76	82	TEST_info("Encrypt overstep check failed @ operation %d", i);
77		return 0;
	83	goto err;
78	84	}
79	85	len += BIO_read(b, out + len, sizeof(out) - len);
80	86	BIO_free_all(b);

94	100	return 0;
95	101	if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
96	102	TEST_info("Small chunk encrypt failed @ operation %d", i);
97		return 0;
98		}
99		BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
	103	goto err;
	104	}
	105	mem = BIO_new_mem_buf(inp, DATA_SIZE);
	106	if (!TEST_ptr(mem))
	107	goto err;
	108	BIO_push(b, mem);
100	109	memset(out, 0, sizeof(out));
101	110	for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
102	111	len += delta;

116	125	if (!TEST_ptr(b))
117	126	return 0;
118	127	if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT)))
119		return 0;
	128	goto err;
120	129	/* Use original reference output as input */
121		BIO_push(b, BIO_new_mem_buf(ref, lref));
	130	mem = BIO_new_mem_buf(ref, lref);
	131	if (!TEST_ptr(mem))
	132	goto err;
	133	BIO_push(b, mem);
122	134	(void)BIO_flush(b);
123	135	memset(out, 0, sizeof(out));
124	136	len = BIO_read(b, out, sizeof(out));

134	146	return 0;
135	147	if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) {
136	148	TEST_info("Split decrypt failed @ operation %d", i);
137		return 0;
138		}
139		BIO_push(b, BIO_new_mem_buf(ref, lref));
	149	goto err;
	150	}
	151	mem = BIO_new_mem_buf(ref, lref);
	152	if (!TEST_ptr(mem))
	153	goto err;
	154	BIO_push(b, mem);
140	155	memset(out, 0, sizeof(out));
141	156	out[i] = ~ref[i];
142	157	len = BIO_read(b, out, i);
143	158	/* check for overstep */
144	159	if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
145	160	TEST_info("Decrypt overstep check failed @ operation %d", i);
146		return 0;
	161	goto err;
147	162	}
148	163	len += BIO_read(b, out + len, sizeof(out) - len);
149	164	BIO_free_all(b);

163	178	return 0;
164	179	if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) {
165	180	TEST_info("Small chunk decrypt failed @ operation %d", i);
166		return 0;
167		}
168		BIO_push(b, BIO_new_mem_buf(ref, lref));
	181	goto err;
	182	}
	183	mem = BIO_new_mem_buf(ref, lref);
	184	if (!TEST_ptr(mem))
	185	goto err;
	186	BIO_push(b, mem);
169	187	memset(out, 0, sizeof(out));
170	188	for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
171	189	len += delta;

179	197	}
180	198
181	199	return 1;
	200
	201	err:
	202	BIO_free_all(b);
	203	return 0;
182	204	}
183	205
184	206	static int do_test_bio_cipher(const EVP_CIPHER* cipher, int idx)

+56

-2

test/bntest.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

1731	1731	\|\| !TEST_ptr(ret2 = BN_new()))
1732	1732	goto err;
1733	1733
	1734	if (BN_is_negative(mod_sqrt)) {
	1735	/* A negative testcase */
	1736	if (!TEST_ptr_null(BN_mod_sqrt(ret, a, p, ctx)))
	1737	goto err;
	1738
	1739	st = 1;
	1740	goto err;
	1741	}
	1742
1734	1743	/* There are two possible answers. */
1735		if (!TEST_true(BN_mod_sqrt(ret, a, p, ctx))
	1744	if (!TEST_ptr(BN_mod_sqrt(ret, a, p, ctx))
1736	1745	\|\| !TEST_true(BN_sub(ret2, p, ret)))
1737	1746	goto err;
1738	1747

2880	2889	return res;
2881	2890	}
2882	2891
	2892	/*
	2893	* Regression test to ensure BN_mod_exp2_mont fails safely if argument m is
	2894	* zero.
	2895	*/
	2896	static int test_mod_exp2_mont(void)
	2897	{
	2898	int res = 0;
	2899	BIGNUM *exp_result = NULL;
	2900	BIGNUM exp_a1 = NULL, exp_p1 = NULL, exp_a2 = NULL, exp_p2 = NULL,
	2901	*exp_m = NULL;
	2902
	2903	if (!TEST_ptr(exp_result = BN_new())
	2904	\|\| !TEST_ptr(exp_a1 = BN_new())
	2905	\|\| !TEST_ptr(exp_p1 = BN_new())
	2906	\|\| !TEST_ptr(exp_a2 = BN_new())
	2907	\|\| !TEST_ptr(exp_p2 = BN_new())
	2908	\|\| !TEST_ptr(exp_m = BN_new()))
	2909	goto err;
	2910
	2911	if (!TEST_true(BN_one(exp_a1))
	2912	\|\| !TEST_true(BN_one(exp_p1))
	2913	\|\| !TEST_true(BN_one(exp_a2))
	2914	\|\| !TEST_true(BN_one(exp_p2)))
	2915	goto err;
	2916
	2917	BN_zero(exp_m);
	2918
	2919	/* input of 0 is even, so must fail */
	2920	if (!TEST_int_eq(BN_mod_exp2_mont(exp_result, exp_a1, exp_p1, exp_a2,
	2921	exp_p2, exp_m, ctx, NULL), 0))
	2922	goto err;
	2923
	2924	res = 1;
	2925
	2926	err:
	2927	BN_free(exp_result);
	2928	BN_free(exp_a1);
	2929	BN_free(exp_p1);
	2930	BN_free(exp_a2);
	2931	BN_free(exp_p2);
	2932	BN_free(exp_m);
	2933	return res;
	2934	}
	2935
2883	2936	static int file_test_run(STANZA *s)
2884	2937	{
2885	2938	static const FILETEST filetests[] = {

3021	3074	ADD_TEST(test_gcd_prime);
3022	3075	ADD_ALL_TESTS(test_mod_exp, (int)OSSL_NELEM(ModExpTests));
3023	3076	ADD_ALL_TESTS(test_mod_exp_consttime, (int)OSSL_NELEM(ModExpTests));
	3077	ADD_TEST(test_mod_exp2_mont);
3024	3078	if (stochastic)
3025	3079	ADD_TEST(test_rand_range);
3026	3080	} else {

+30

-0

test/certs/leaf-encrypted.key less more

	0	-----BEGIN ENCRYPTED PRIVATE KEY-----
	1	MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIEBBNanZFjs8CAggA
	2	MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAECBBDr8bhquxPf762O3jk0LAtJBIIE
	3	0FQB7c06dpoHn1KBn8jTzsLIdVR0SeKUvq4edZfUPbB/6go97j48BwSzAaXY7BNL
	4	90GRMrNNjKZDLeNf0wwf1+67YX7neGnb+LdxpQdqEjOTGQdwTx9SG6XIqT8x4R67
	5	rI2DQqI937FSor9292koXQNM9Asoenn6kOCITaa8chsPdKCtFjfVmqZRMaewr5PW
	6	W1rooFuCVAIfgBOOaEeN7OMTJRdAGtWWOJqyLB29gXxwaI1+PnXmkHPgRGXZYz7W
	7	N5lTp1xvFPY+Rp/cK0DfeR5MrMYSVvrXbi6usjteJ2h0Rzcy8SY6Jnvuaoowi+rj
	8	lDUP0K/51tTQBd6bpsvcmc2cBx+7pg4BAkf9SnuKQpYCWPjiwrCiDJIP/o5GYIn2
	9	m/3K2pLahjOeGZAmhGUi0fZPZhaq37IQKwuzLDuYw1CkR7LhaJcJ9V1vXMPePgCY
	10	+BvjFG5z0mLDwUNvzCHQokav3Z/QT6CfOgTL10qKuBgylT1d5Cw7bfv8Lnc6C/YK
	11	aVXosCaKTJO8r4t7NgJX4PYQP/DZIl5CJIoUzJkrAkShLwcGtXMHVNSWx4LS60QY
	12	lfjz80cWWE6Tx/XjBkae0AQJW8S9nDB8/X80ox8jJ/sdd5XNZqUQhDxBP5/4GiAS
	13	pZlgp/IwssoG5HUnwn/4AUgD7Gdo5QRqFlkXeCFlHgjBrEHBkevHECRHAdWwrK7X
	14	5td662K1B9hm6EfA1R51jiOKBuM0bwYtI+tpmpT5zeDGeaOWuPUYPUFjfo9xt1Lx
	15	cmX3ouBt34uT/cQesPxP8gJwRdo0KqPK+KLjtQazXmHFu+FStZ29gUvhqAw9kcxq
	16	ps9neGAl3DJgYbB1QqqefGqFWBhJzt4toqxcgm6Z0PJSYQlxJEC3yWWs5w5wfLJJ
	17	KGfnpsY1IGYsbw9Caa84XqnzHosGWx724GJeb3YSwwMj311oMi9s8J/d/NpJZHOu
	18	uk/mQWezCfdEFSnkOtIDJWTQUtRtRfIZQp243c25E3/rJySuSoMfn4eolAGurse8
	19	6r7SEJ6MUjCTd3ZcA+XZAtFxPQnNBYm691hvGE6uclxYy9L6bmws9dosNlpCyvIQ
	20	+OYdB9Mvx9hs0KwAWZ6bnIxa3tc6Ob9mxV7ycMS43d4ShEqzy44DZD02Z0iQIRym
	21	1AoGwgLbc2d9NouUiw2ur5n6ByYCTHwmMSAstVovuBoS2XDF23BzLL7KuCnkHH0y
	22	+M6CRaXW0ceTP4DfEvBphxfj4NNEZpjm8j6ERvnnQvC5tRAaMglhg1WOvUVUtPg5
	23	cJPIiSn+yVuoFDnLKJ53N9NzDtUKSBQgwNGyVVPTzpfxLmjg00bNQ7eyoRr6uK0l
	24	ezmHemo52JpCaBGV01tnvVKzGouFN/KxP9GxvPQY8UQxVkE+E/p0UjGOpNLIDmzl
	25	/qVKxky9lMBoHc+neeCbOrtgwkyYgpPkKlmTTsi/yUxpbUmobFZJTUbOWrpeRbw3
	26	Pt9u8NeVmD4Ys/NenHIJwksOqmWxSy7IjJpzQsee1CZXV7McAYsg24tP4Bdj9aGT
	27	hsMyiaiNB+rjkNxhUCm39nJsaN1AoTZ3Br1UYfHrfocif12yNGOEBy2swfjQIGNH
	28	fjGk3px34MZZv3S0bM/ZPi9ankzAZnf8qkHoDVtsP+Gk
	29	-----END ENCRYPTED PRIVATE KEY-----

+3

-1

test/cmp_vfy_test.c less more

50	50
51	51	static CMP_VFY_TEST_FIXTURE set_up(const char const test_case_name)
52	52	{
53		X509_STORE *ts = X509_STORE_new();
	53	X509_STORE *ts;
54	54	CMP_VFY_TEST_FIXTURE *fixture;
55	55
56	56	if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
57	57	return NULL;
	58
	59	ts = X509_STORE_new();
58	60	fixture->test_case_name = test_case_name;
59	61	if (ts == NULL
60	62	\|\| !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))

+23

-3

test/crltest.c less more

0	0	/*
1		* Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

199	199	*/
200	200	static X509_CRL CRL_from_strings(const char *pem)
201	201	{
	202	X509_CRL *crl;
202	203	char *p;
203	204	BIO *b = glue2bio(pem, &p);
204		X509_CRL *crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
	205
	206	if (b == NULL) {
	207	OPENSSL_free(p);
	208	return NULL;
	209	}
	210
	211	crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
205	212
206	213	OPENSSL_free(p);
207	214	BIO_free(b);

213	220	*/
214	221	static X509 X509_from_strings(const char *pem)
215	222	{
	223	X509 *x;
216	224	char *p;
217	225	BIO *b = glue2bio(pem, &p);
218		X509 *x = PEM_read_bio_X509(b, NULL, NULL, NULL);
	226
	227	if (b == NULL) {
	228	OPENSSL_free(p);
	229	return NULL;
	230	}
	231
	232	x = PEM_read_bio_X509(b, NULL, NULL, NULL);
219	233
220	234	OPENSSL_free(p);
221	235	BIO_free(b);

362	376	char *p;
363	377	BIO *b = glue2bio(kRevokedCRL, &p);
364	378
	379	if (b == NULL) {
	380	OPENSSL_free(p);
	381	X509_CRL_free(reused_crl);
	382	return 0;
	383	}
	384
365	385	reused_crl = PEM_read_bio_X509_CRL(b, &reused_crl, NULL, NULL);
366	386
367	387	OPENSSL_free(p);

+4

-1

test/ct_test.c less more

0	0	/*
1		* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

448	448	SETUP_CT_TEST_FIXTURE();
449	449
450	450	fixture->sct_list = sk_SCT_new_null();
	451	if (fixture->sct_list == NULL)
	452	return 0;
	453
451	454	if (!TEST_ptr(sct = SCT_new_from_base64(SCT_VERSION_V1, log_id,
452	455	CT_LOG_ENTRY_TYPE_X509, timestamp,
453	456	extensions, signature)))

+2

-2

test/dane-cross.in less more

0		# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	0	# Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
1	1	#
2		# Licensed under the OpenSSL license (the "License"). You may not use
	2	# Licensed under the Apache License 2.0 (the "License"). You may not use
3	3	# this file except in compliance with the License. You can obtain a copy
4	4	# in the file LICENSE in the source distribution or at
5	5	# https://www.openssl.org/source/license.html

+9

-0

test/defltfips_test.c less more

	0	/*
	1	* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
	2	*
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
	4	* this file except in compliance with the License. You can obtain a copy
	5	* in the file LICENSE in the source distribution or at
	6	* https://www.openssl.org/source/license.html
	7	*/
	8
0	9	#include <string.h>
1	10	#include <openssl/evp.h>
2	11	#include <openssl/provider.h>

+29

-1

test/dhtest.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

742	742	goto err;
743	743	/* Tested function is called here */
744	744	if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 3), 1))
	745	goto err;
	746	/* Negative test */
	747	if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 99), 0))
	748	goto err;
	749	/* If we're still running then the test passed. */
	750	ok = 1;
	751	err:
	752	EVP_PKEY_CTX_free(paramgen_ctx);
	753	return ok;
	754	}
	755
	756	static int dh_set_dh_nid_test(void)
	757	{
	758	int ok = 0;
	759	EVP_PKEY_CTX *paramgen_ctx;
	760
	761	/* Run the test. Success is any time the test does not cause a SIGSEGV interrupt */
	762	paramgen_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0);
	763	if (!TEST_ptr(paramgen_ctx))
	764	goto err;
	765	if (!TEST_int_eq(EVP_PKEY_paramgen_init(paramgen_ctx), 1))
	766	goto err;
	767	/* Tested function is called here */
	768	if (!TEST_int_eq(EVP_PKEY_CTX_set_dh_nid(paramgen_ctx, NID_ffdhe2048), 1))
	769	goto err;
	770	/* Negative test */
	771	if (!TEST_int_eq(EVP_PKEY_CTX_set_dh_nid(paramgen_ctx, NID_secp521r1), 0))
745	772	goto err;
746	773	/* If we're still running then the test passed. */
747	774	ok = 1;

897	924	ADD_TEST(dh_get_nid);
898	925	ADD_TEST(dh_load_pkcs3_namedgroup_privlen_test);
899	926	ADD_TEST(dh_rfc5114_fix_nid_test);
	927	ADD_TEST(dh_set_dh_nid_test);
900	928	#endif
901	929	return 1;
902	930	}

+2

-1

test/enginetest.c less more

0	0	/*
1		* Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

23	23	# include <openssl/rsa.h>
24	24	# include <openssl/err.h>
25	25	# include <openssl/x509.h>
	26	# include <openssl/pem.h>
26	27
27	28	static void display_engine_list(void)
28	29	{

+86

-1

test/evp_extra_test.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

4178	4178	return testresult;
4179	4179	}
4180	4180
	4181	typedef struct {
	4182	int data;
	4183	} custom_dgst_ctx;
	4184
	4185	static int custom_md_init_called = 0;
	4186	static int custom_md_cleanup_called = 0;
	4187
	4188	static int custom_md_init(EVP_MD_CTX *ctx)
	4189	{
	4190	custom_dgst_ctx *p = EVP_MD_CTX_md_data(ctx);
	4191
	4192	if (p == NULL)
	4193	return 0;
	4194
	4195	custom_md_init_called++;
	4196	return 1;
	4197	}
	4198
	4199	static int custom_md_cleanup(EVP_MD_CTX *ctx)
	4200	{
	4201	custom_dgst_ctx *p = EVP_MD_CTX_md_data(ctx);
	4202
	4203	if (p == NULL)
	4204	/* Nothing to do */
	4205	return 1;
	4206
	4207	custom_md_cleanup_called++;
	4208	return 1;
	4209	}
	4210
	4211	static int test_custom_md_meth(void)
	4212	{
	4213	EVP_MD_CTX *mdctx = NULL;
	4214	EVP_MD *tmp = NULL;
	4215	char mess[] = "Test Message\n";
	4216	unsigned char md_value[EVP_MAX_MD_SIZE];
	4217	unsigned int md_len;
	4218	int testresult = 0;
	4219	int nid;
	4220
	4221	/*
	4222	* We are testing deprecated functions. We don't support a non-default
	4223	* library context in this test.
	4224	*/
	4225	if (testctx != NULL)
	4226	return 1;
	4227
	4228	custom_md_init_called = custom_md_cleanup_called = 0;
	4229
	4230	nid = OBJ_create("1.3.6.1.4.1.16604.998866.1", "custom-md", "custom-md");
	4231	if (!TEST_int_ne(nid, NID_undef))
	4232	goto err;
	4233	tmp = EVP_MD_meth_new(nid, NID_undef);
	4234	if (!TEST_ptr(tmp))
	4235	goto err;
	4236
	4237	if (!TEST_true(EVP_MD_meth_set_init(tmp, custom_md_init))
	4238	\|\| !TEST_true(EVP_MD_meth_set_cleanup(tmp, custom_md_cleanup))
	4239	\|\| !TEST_true(EVP_MD_meth_set_app_datasize(tmp,
	4240	sizeof(custom_dgst_ctx))))
	4241	goto err;
	4242
	4243	mdctx = EVP_MD_CTX_new();
	4244	if (!TEST_ptr(mdctx)
	4245	/*
	4246	* Initing our custom md and then initing another md should
	4247	* result in the init and cleanup functions of the custom md
	4248	* from being called.
	4249	*/
	4250	\|\| !TEST_true(EVP_DigestInit_ex(mdctx, tmp, NULL))
	4251	\|\| !TEST_true(EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL))
	4252	\|\| !TEST_true(EVP_DigestUpdate(mdctx, mess, strlen(mess)))
	4253	\|\| !TEST_true(EVP_DigestFinal_ex(mdctx, md_value, &md_len))
	4254	\|\| !TEST_int_eq(custom_md_init_called, 1)
	4255	\|\| !TEST_int_eq(custom_md_cleanup_called, 1))
	4256	goto err;
	4257
	4258	testresult = 1;
	4259	err:
	4260	EVP_MD_CTX_free(mdctx);
	4261	EVP_MD_meth_free(tmp);
	4262	return testresult;
	4263	}
	4264
4181	4265	# ifndef OPENSSL_NO_DYNAMIC_ENGINE
4182	4266	/* Test we can create a signature keys with an associated ENGINE */
4183	4267	static int test_signatures_with_engine(int tst)

4472	4556	#ifndef OPENSSL_NO_DEPRECATED_3_0
4473	4557	ADD_ALL_TESTS(test_custom_pmeth, 12);
4474	4558	ADD_TEST(test_evp_md_cipher_meth);
	4559	ADD_TEST(test_custom_md_meth);
4475	4560
4476	4561	# ifndef OPENSSL_NO_DYNAMIC_ENGINE
4477	4562	/* Tests only support the default libctx */

+153

-1

test/evp_extra_test2.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

253	253	{kExampleDHPrivateKeyDER, sizeof(kExampleDHPrivateKeyDER), EVP_PKEY_DH},
254	254	#endif
255	255	};
	256
	257	static int pkey_has_private(EVP_PKEY key, const char privtag,
	258	int use_octstring)
	259	{
	260	int ret = 0;
	261
	262	if (use_octstring) {
	263	unsigned char buf[64];
	264
	265	ret = EVP_PKEY_get_octet_string_param(key, privtag, buf, sizeof(buf),
	266	NULL);
	267	} else {
	268	BIGNUM *bn = NULL;
	269
	270	ret = EVP_PKEY_get_bn_param(key, privtag, &bn);
	271	BN_free(bn);
	272	}
	273	return ret;
	274	}
	275
	276	static int do_pkey_tofrom_data_select(EVP_PKEY key, const char keytype)
	277	{
	278	int ret = 0;
	279	OSSL_PARAM pub_params = NULL, keypair_params = NULL;
	280	EVP_PKEY fromkey = NULL, fromkeypair = NULL;
	281	EVP_PKEY_CTX *fromctx = NULL;
	282	const char *privtag = strcmp(keytype, "RSA") == 0 ? "d" : "priv";
	283	const int use_octstring = strcmp(keytype, "X25519") == 0;
	284
	285	/*
	286	* Select only the public key component when using EVP_PKEY_todata() and
	287	* check that the resulting param array does not contain a private key.
	288	*/
	289	if (!TEST_int_eq(EVP_PKEY_todata(key, EVP_PKEY_PUBLIC_KEY, &pub_params), 1)
	290	\|\| !TEST_ptr_null(OSSL_PARAM_locate(pub_params, privtag)))
	291	goto end;
	292	/*
	293	* Select the keypair when using EVP_PKEY_todata() and check that
	294	* the param array contains a private key.
	295	*/
	296	if (!TEST_int_eq(EVP_PKEY_todata(key, EVP_PKEY_KEYPAIR, &keypair_params), 1)
	297	\|\| !TEST_ptr(OSSL_PARAM_locate(keypair_params, privtag)))
	298	goto end;
	299
	300	/*
	301	* Select only the public key when using EVP_PKEY_fromdata() and check that
	302	* the resulting key does not contain a private key.
	303	*/
	304	if (!TEST_ptr(fromctx = EVP_PKEY_CTX_new_from_name(mainctx, keytype, NULL))
	305	\|\| !TEST_int_eq(EVP_PKEY_fromdata_init(fromctx), 1)
	306	\|\| !TEST_int_eq(EVP_PKEY_fromdata(fromctx, &fromkey, EVP_PKEY_PUBLIC_KEY,
	307	keypair_params), 1)
	308	\|\| !TEST_false(pkey_has_private(fromkey, privtag, use_octstring)))
	309	goto end;
	310	/*
	311	* Select the keypair when using EVP_PKEY_fromdata() and check that
	312	* the resulting key contains a private key.
	313	*/
	314	if (!TEST_int_eq(EVP_PKEY_fromdata(fromctx, &fromkeypair,
	315	EVP_PKEY_KEYPAIR, keypair_params), 1)
	316	\|\| !TEST_true(pkey_has_private(fromkeypair, privtag, use_octstring)))
	317	goto end;
	318	ret = 1;
	319	end:
	320	EVP_PKEY_free(fromkeypair);
	321	EVP_PKEY_free(fromkey);
	322	EVP_PKEY_CTX_free(fromctx);
	323	OSSL_PARAM_free(keypair_params);
	324	OSSL_PARAM_free(pub_params);
	325	return ret;
	326	}
	327
	328	#ifndef OPENSSL_NO_DH
	329	static int test_dh_tofrom_data_select(void)
	330	{
	331	int ret;
	332	OSSL_PARAM params[2];
	333	EVP_PKEY *key = NULL;
	334	EVP_PKEY_CTX *gctx = NULL;
	335
	336	params[0] = OSSL_PARAM_construct_utf8_string("group", "ffdhe2048", 0);
	337	params[1] = OSSL_PARAM_construct_end();
	338	ret = TEST_ptr(gctx = EVP_PKEY_CTX_new_from_name(mainctx, "DHX", NULL))
	339	&& TEST_int_gt(EVP_PKEY_keygen_init(gctx), 0)
	340	&& TEST_true(EVP_PKEY_CTX_set_params(gctx, params))
	341	&& TEST_int_gt(EVP_PKEY_generate(gctx, &key), 0)
	342	&& TEST_true(do_pkey_tofrom_data_select(key, "DHX"));
	343	EVP_PKEY_free(key);
	344	EVP_PKEY_CTX_free(gctx);
	345	return ret;
	346	}
	347	#endif
	348
	349	#ifndef OPENSSL_NO_EC
	350	static int test_ec_tofrom_data_select(void)
	351	{
	352	int ret;
	353	EVP_PKEY *key = NULL;
	354
	355	ret = TEST_ptr(key = EVP_PKEY_Q_keygen(mainctx, NULL, "EC", "P-256"))
	356	&& TEST_true(do_pkey_tofrom_data_select(key, "EC"));
	357	EVP_PKEY_free(key);
	358	return ret;
	359	}
	360
	361	static int test_ecx_tofrom_data_select(void)
	362	{
	363	int ret;
	364	EVP_PKEY *key = NULL;
	365
	366	ret = TEST_ptr(key = EVP_PKEY_Q_keygen(mainctx, NULL, "X25519"))
	367	&& TEST_true(do_pkey_tofrom_data_select(key, "X25519"));
	368	EVP_PKEY_free(key);
	369	return ret;
	370	}
	371	#endif
	372
	373	static int test_rsa_tofrom_data_select(void)
	374	{
	375	int ret;
	376	EVP_PKEY *key = NULL;
	377	const unsigned char *pdata = kExampleRSAKeyDER;
	378	int pdata_len = sizeof(kExampleRSAKeyDER);
	379
	380	ret = TEST_ptr(key = d2i_AutoPrivateKey_ex(NULL, &pdata, pdata_len,
	381	mainctx, NULL))
	382	&& TEST_true(do_pkey_tofrom_data_select(key, "RSA"));
	383	EVP_PKEY_free(key);
	384	return ret;
	385	}
256	386
257	387	/* This is the equivalent of test_d2i_AutoPrivateKey in evp_extra_test */
258	388	static int test_d2i_AutoPrivateKey_ex(int i)

660	790	&& TEST_int_eq(val, expected);
661	791	}
662	792
	793	static int test_dsa_tofrom_data_select(void)
	794	{
	795	int ret;
	796	EVP_PKEY *key = NULL;
	797	const unsigned char *pkeydata = dsa_key;
	798
	799	ret = TEST_ptr(key = d2i_AutoPrivateKey_ex(NULL, &pkeydata, sizeof(dsa_key),
	800	mainctx, NULL))
	801	&& TEST_true(do_pkey_tofrom_data_select(key, "DSA"));
	802
	803	EVP_PKEY_free(key);
	804	return ret;
	805	}
	806
663	807	static int test_dsa_todata(void)
664	808	{
665	809	EVP_PKEY *pkey = NULL;

880	1024	ADD_ALL_TESTS(test_d2i_AutoPrivateKey_ex, OSSL_NELEM(keydata));
881	1025	#ifndef OPENSSL_NO_EC
882	1026	ADD_ALL_TESTS(test_d2i_PrivateKey_ex, 2);
	1027	ADD_TEST(test_ec_tofrom_data_select);
	1028	ADD_TEST(test_ecx_tofrom_data_select);
883	1029	#else
884	1030	ADD_ALL_TESTS(test_d2i_PrivateKey_ex, 1);
885	1031	#endif
886	1032	#ifndef OPENSSL_NO_DSA
887	1033	ADD_TEST(test_dsa_todata);
	1034	ADD_TEST(test_dsa_tofrom_data_select);
888	1035	#endif
	1036	#ifndef OPENSSL_NO_DH
	1037	ADD_TEST(test_dh_tofrom_data_select);
	1038	#endif
	1039	ADD_TEST(test_rsa_tofrom_data_select);
	1040
889	1041	ADD_TEST(test_pkey_todata_null);
890	1042	ADD_TEST(test_pkey_export_null);
891	1043	ADD_TEST(test_pkey_export);

+179

-8

test/evp_pkey_dparams_test.c less more

0	0	/*
1		* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

25	25	#endif
26	26
27	27	#ifndef OPENSSL_NO_KEYPARAMS
	28
	29	struct pubkey {
	30	int bad;
	31	const unsigned char *key_bin;
	32	size_t key_bin_len;
	33	};
	34
28	35	# ifndef OPENSSL_NO_DH
29	36	static const unsigned char dhparam_bin[] = {
30	37	0x30,0x82,0x01,0x08,0x02,0x82,0x01,0x01,0x00,0xc0,0xd1,0x2e,0x14,0x18,0xbd,0x03,

44	51	0xa7,0x8f,0x50,0x31,0xda,0xd0,0x0d,0xd3,0x0b,0xdb,0xad,0xed,0x94,0x92,0xff,0x83,
45	52	0x06,0x7f,0x7f,0xd7,0x7b,0x42,0x5b,0xba,0x93,0x7a,0xeb,0x43,0x5f,0xce,0x59,0x26,
46	53	0xe8,0x76,0xdc,0xee,0xe2,0xbe,0x36,0x7a,0x83,0x02,0x01,0x02
	54	};
	55	static const unsigned char dhkey_1[] = {
	56	0x7a, 0x49, 0xcb, 0xc3, 0x25, 0x67, 0x7a, 0x61,
	57	0xd0, 0x60, 0x81, 0x0f, 0xf6, 0xbd, 0x38, 0x82,
	58	0xe7, 0x38, 0x8c, 0xe9, 0xd1, 0x04, 0x33, 0xbf,
	59	0x8a, 0x03, 0x63, 0xb3, 0x05, 0x04, 0xb5, 0x1f,
	60	0xba, 0x9f, 0x1a, 0x5f, 0x31, 0x3e, 0x96, 0x79,
	61	0x88, 0x7d, 0x3f, 0x59, 0x6d, 0x3b, 0xf3, 0x2f,
	62	0xf2, 0xa6, 0x43, 0x48, 0x64, 0x5a, 0x6a, 0x32,
	63	0x1f, 0x24, 0x37, 0x62, 0x54, 0x3a, 0x7d, 0xab,
	64	0x26, 0x77, 0x7c, 0xec, 0x57, 0x3c, 0xa4, 0xbd,
	65	0x96, 0x9d, 0xaa, 0x3b, 0x0e, 0x9a, 0x55, 0x7e,
	66	0x1d, 0xb4, 0x47, 0x5b, 0xea, 0x20, 0x3c, 0x6d,
	67	0xbe, 0xd6, 0x70, 0x7d, 0xa8, 0x9e, 0x84, 0xb4,
	68	0x03, 0x52, 0xf2, 0x08, 0x4c, 0x98, 0xd3, 0x4f,
	69	0x58, 0xb3, 0xdf, 0xb4, 0xe6, 0xdc, 0x2c, 0x43,
	70	0x55, 0xd1, 0xce, 0x2a, 0xb3, 0xfc, 0xe0, 0x29,
	71	0x97, 0xd8, 0xd8, 0x62, 0xc6, 0x87, 0x0a, 0x1b,
	72	0xfd, 0x72, 0x74, 0xe0, 0xa9, 0xfb, 0xfa, 0x91,
	73	0xf2, 0xc1, 0x09, 0x93, 0xea, 0x63, 0xf6, 0x9a,
	74	0x4b, 0xdf, 0x4e, 0xdf, 0x6b, 0xf9, 0xeb, 0xf6,
	75	0x66, 0x3c, 0xfd, 0x6f, 0x68, 0xcb, 0xdb, 0x6e,
	76	0x40, 0x65, 0xf7, 0xf2, 0x46, 0xe5, 0x0d, 0x9a,
	77	0xd9, 0x6f, 0xcf, 0x28, 0x22, 0x8f, 0xca, 0x0b,
	78	0x30, 0xa0, 0x9e, 0xa5, 0x13, 0xba, 0x72, 0x7f,
	79	0x85, 0x3d, 0x02, 0x9c, 0x97, 0x8e, 0x6f, 0xea,
	80	0x6d, 0x35, 0x4e, 0xd1, 0x78, 0x7d, 0x73, 0x60,
	81	0x92, 0xa9, 0x12, 0xf4, 0x2a, 0xac, 0x17, 0x97,
	82	0xf3, 0x7b, 0x79, 0x08, 0x69, 0xd1, 0x9e, 0xb5,
	83	0xf8, 0x2a, 0x0a, 0x2b, 0x00, 0x7b, 0x16, 0x8d,
	84	0x41, 0x82, 0x3a, 0x72, 0x58, 0x57, 0x80, 0x65,
	85	0xae, 0x17, 0xbc, 0x3a, 0x5b, 0x7e, 0x5c, 0x2d,
	86	0xae, 0xb2, 0xc2, 0x26, 0x20, 0x9a, 0xaa, 0x57,
	87	0x4b, 0x7d, 0x43, 0x41, 0x96, 0x3f, 0xf0, 0x0d
	88	};
	89	/* smaller but still valid key */
	90	static const unsigned char dhkey_2[] = {
	91	0x73, 0xb2, 0x22, 0x91, 0x27, 0xb9, 0x45, 0xb0,
	92	0xfd, 0x17, 0x66, 0x79, 0x9b, 0x32, 0x71, 0x92,
	93	0x97, 0x1d, 0x70, 0x02, 0x37, 0x70, 0x79, 0x63,
	94	0xed, 0x11, 0x22, 0xe9, 0xe6, 0xf8, 0xeb, 0xd7,
	95	0x90, 0x00, 0xe6, 0x5c, 0x47, 0x02, 0xfb, 0x13,
	96	0xca, 0x29, 0x14, 0x1e, 0xf4, 0x61, 0x58, 0xf6,
	97	0xaa, 0xbb, 0xcf, 0xa7, 0x82, 0x9a, 0x9e, 0x7c,
	98	0x4a, 0x05, 0x42, 0xed, 0x55, 0xd8, 0x08, 0x37,
	99	0x06, 0x49, 0x9b, 0xda, 0xb3, 0xb9, 0xc9, 0xc0,
	100	0x56, 0x26, 0xda, 0x60, 0x1d, 0xbc, 0x06, 0x0b,
	101	0xb0, 0x94, 0x4b, 0x4e, 0x95, 0xf9, 0xb4, 0x2f,
	102	0x4e, 0xad, 0xf8, 0xab, 0x2d, 0x19, 0xa2, 0xe6,
	103	0x6d, 0x11, 0xfd, 0x9b, 0x5a, 0x2a, 0xb0, 0x81,
	104	0x42, 0x4d, 0x86, 0x76, 0xd5, 0x9e, 0xaf, 0xf9,
	105	0x6f, 0x79, 0xab, 0x1d, 0xfe, 0xd8, 0xc8, 0xba,
	106	0xb6, 0xce, 0x03, 0x61, 0x48, 0x53, 0xd8, 0x0b,
	107	0x83, 0xf0, 0xb0, 0x46, 0xa0, 0xea, 0x46, 0x60,
	108	0x7a, 0x39, 0x4e, 0x46, 0x6a, 0xbb, 0x07, 0x6c,
	109	0x8c, 0x7d, 0xb7, 0x7d, 0x5b, 0xe5, 0x24, 0xa5,
	110	0xab, 0x41, 0x8a, 0xc4, 0x63, 0xf9, 0xce, 0x20,
	111	0x6f, 0x58, 0x4f, 0x0e, 0x42, 0x82, 0x9e, 0x17,
	112	0x53, 0xa6, 0xd6, 0x42, 0x3e, 0x80, 0x66, 0x6f,
	113	0x2a, 0x1c, 0x30, 0x08, 0x01, 0x99, 0x5a, 0x4f,
	114	0x72, 0x16, 0xed, 0xb0, 0xd6, 0x8c, 0xf0, 0x7a,
	115	0x33, 0x15, 0xc4, 0x95, 0x65, 0xba, 0x11, 0x37,
	116	0xa0, 0xcc, 0xe7, 0x45, 0x65, 0x4f, 0x17, 0x0a,
	117	0x2c, 0x62, 0xc0, 0x65, 0x3b, 0x65, 0x2a, 0x56,
	118	0xf7, 0x29, 0x8a, 0x9b, 0x1b, 0xbb, 0x0c, 0x40,
	119	0xcd, 0x66, 0x4b, 0x4f, 0x2f, 0xba, 0xdb, 0x59,
	120	0x93, 0x6d, 0x34, 0xf3, 0x8d, 0xde, 0x68, 0x99,
	121	0x78, 0xfc, 0xac, 0x95, 0xd9, 0xa3, 0x74, 0xe6,
	122	0x24, 0x96, 0x98, 0x6f, 0x64, 0x71, 0x76
	123	};
	124	/* 1 is not a valid key */
	125	static const unsigned char dhkey_3[] = {
	126	0x01
47	127	};
48	128	# endif
49	129

91	171	static const unsigned char ecparam_bin[] = {
92	172	0x06,0x08,0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07
93	173	};
94		# endif
	174	static const unsigned char eckey_1[] = {
	175	0x04, 0xc8, 0x65, 0x45, 0x63, 0x73, 0xe5, 0x0a,
	176	0x61, 0x1d, 0xcf, 0x60, 0x76, 0x2c, 0xe7, 0x36,
	177	0x0b, 0x76, 0xc2, 0x92, 0xfc, 0xa4, 0x56, 0xee,
	178	0xc2, 0x62, 0x05, 0x00, 0x80, 0xe4, 0x4f, 0x07,
	179	0x3b, 0xf4, 0x59, 0xb8, 0xc3, 0xb3, 0x1f, 0x77,
	180	0x36, 0x16, 0x4c, 0x72, 0x2a, 0xc0, 0x89, 0x89,
	181	0xd6, 0x16, 0x14, 0xee, 0x2f, 0x5a, 0xde, 0x9e,
	182	0x83, 0xc5, 0x78, 0xd0, 0x0b, 0x69, 0xb4, 0xb9,
	183	0xf1
	184	};
	185	/* a modified key */
	186	static const unsigned char eckey_2[] = {
	187	0x04, 0xc8, 0x65, 0x45, 0x63, 0x73, 0xe5, 0x0a,
	188	0x61, 0x1d, 0xcf, 0x60, 0x76, 0x2c, 0xe7, 0x36,
	189	0x0b, 0x77, 0xc2, 0x92, 0xfc, 0xa4, 0x56, 0xee,
	190	0xc2, 0x62, 0x05, 0x00, 0x80, 0xe4, 0x4f, 0x07,
	191	0x3b, 0xf4, 0x59, 0xb8, 0xc3, 0xb3, 0x1f, 0x77,
	192	0x36, 0x16, 0x4c, 0x72, 0x2a, 0xc0, 0x89, 0x89,
	193	0xd6, 0x16, 0x14, 0xee, 0x2f, 0x5a, 0xde, 0x9e,
	194	0x83, 0xc5, 0x78, 0xd0, 0x0b, 0x69, 0xb4, 0xb9,
	195	0xf1
	196	};
	197	/* an added byte */
	198	static const unsigned char eckey_3[] = {
	199	0x04, 0xc8, 0x65, 0x45, 0x63, 0x73, 0xe5, 0x0a,
	200	0x61, 0x1d, 0xcf, 0x60, 0x76, 0x2c, 0xe7, 0x36,
	201	0x0b, 0x76, 0xc2, 0x92, 0xfc, 0xa4, 0x56, 0xee,
	202	0xc2, 0x62, 0x05, 0x00, 0x80, 0xe4, 0x4f, 0x07,
	203	0x3b, 0xf4, 0x59, 0xb8, 0xc3, 0xb3, 0x1f, 0x77,
	204	0x36, 0x16, 0x4c, 0x72, 0x2a, 0xc0, 0x89, 0x89,
	205	0xd6, 0x16, 0x14, 0xee, 0x2f, 0x5a, 0xde, 0x9e,
	206	0x83, 0xc5, 0x78, 0xd0, 0x0b, 0x69, 0xb4, 0xb9,
	207	0xf1, 0xaa
	208	};
	209	# endif
	210
	211	#define NUM_KEYS 10
95	212
96	213	static const struct {
97	214	int type;
98	215	const unsigned char *param_bin;
99	216	size_t param_bin_len;
	217	struct pubkey keys[NUM_KEYS];
100	218	} pkey_params [] = {
101	219	# ifndef OPENSSL_NO_DH
102		{ EVP_PKEY_DH, dhparam_bin, sizeof(dhparam_bin) },
	220	{ EVP_PKEY_DH, dhparam_bin, sizeof(dhparam_bin),
	221	{ { 0, dhkey_1, sizeof(dhkey_1) },
	222	{ 0, dhkey_2, sizeof(dhkey_2) },
	223	{ 1, dhkey_3, sizeof(dhkey_3) },
	224	{ 1, dhkey_1, 0 },
	225	{ 1, dhparam_bin, sizeof(dhparam_bin) }
	226	}
	227	},
103	228	# endif
104	229	# ifndef OPENSSL_NO_DSA
105	230	{ EVP_PKEY_DSA, dsaparam_bin, sizeof(dsaparam_bin) },
106	231	# endif
107	232	# ifndef OPENSSL_NO_EC
108		{ EVP_PKEY_EC, ecparam_bin, sizeof(ecparam_bin) }
	233	{ EVP_PKEY_EC, ecparam_bin, sizeof(ecparam_bin),
	234	{ { 0, eckey_1, sizeof(eckey_1) },
	235	{ 1, eckey_2, sizeof(eckey_2) },
	236	{ 1, eckey_3, sizeof(eckey_3) },
	237	{ 1, eckey_1, 0 },
	238	{ 1, eckey_1, sizeof(eckey_1) - 1 }
	239	}
	240	}
109	241	# endif
110	242	};
111	243

113	245	{
114	246	int ret, out_len;
115	247	BIO in = NULL, out = NULL;
116		EVP_PKEY_CTX *ctx = NULL;
117	248	EVP_PKEY in_key = NULL, out_key = NULL;
118	249	unsigned char *out_bin;
119	250	int type = pkey_params[id].type;
120	251
121		ret = TEST_ptr(ctx = EVP_PKEY_CTX_new_id(type, NULL))
122		&& TEST_ptr(in = BIO_new_mem_buf(pkey_params[id].param_bin,
	252	ret = TEST_ptr(in = BIO_new_mem_buf(pkey_params[id].param_bin,
123	253	(int)pkey_params[id].param_bin_len))
124	254	/* Load in pkey params from binary */
125	255	&& TEST_ptr(d2i_KeyParams_bio(type, &in_key, in))

136	266	BIO_free(out);
137	267	EVP_PKEY_free(in_key);
138	268	EVP_PKEY_free(out_key);
139		EVP_PKEY_CTX_free(ctx);
	269	return ret;
	270	}
	271
	272	static int set_enc_pubkey_test(int id)
	273	{
	274	int ret, i;
	275	BIO *in = NULL;
	276	EVP_PKEY *in_key = NULL;
	277	int type = pkey_params[id].type;
	278	const struct pubkey *keys = pkey_params[id].keys;
	279
	280	if (keys[0].key_bin == NULL)
	281	return TEST_skip("Not applicable test");
	282
	283	ret = TEST_ptr(in = BIO_new_mem_buf(pkey_params[id].param_bin,
	284	(int)pkey_params[id].param_bin_len))
	285	/* Load in pkey params from binary */
	286	&& TEST_ptr(d2i_KeyParams_bio(type, &in_key, in));
	287
	288	for (i = 0; ret && i < NUM_KEYS && keys[i].key_bin != NULL; i++) {
	289	if (keys[i].bad) {
	290	ERR_set_mark();
	291	ret = ret
	292	&& TEST_int_le(EVP_PKEY_set1_encoded_public_key(in_key,
	293	keys[i].key_bin,
	294	keys[i].key_bin_len),
	295	0);
	296	ERR_pop_to_mark();
	297	} else {
	298	ret = ret
	299	&& TEST_int_gt(EVP_PKEY_set1_encoded_public_key(in_key,
	300	keys[i].key_bin,
	301	keys[i].key_bin_len),
	302	0);
	303	}
	304	if (!ret)
	305	TEST_info("Test key index #%d", i);
	306	}
	307
	308	BIO_free(in);
	309	EVP_PKEY_free(in_key);
140	310	return ret;
141	311	}
142	312	#endif

147	317	TEST_note("No DH/DSA/EC support");
148	318	#else
149	319	ADD_ALL_TESTS(params_bio_test, OSSL_NELEM(pkey_params));
	320	ADD_ALL_TESTS(set_enc_pubkey_test, OSSL_NELEM(pkey_params));
150	321	#endif
151	322	return 1;
152	323	}

+55

-3

test/evp_pkey_provided_test.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

127	127	return ret;
128	128	}
129	129
	130	static int pass_cb(char buf, int size, int rwflag, void u)
	131	{
	132	return 0;
	133	}
	134
	135	static int pass_cb_error(char buf, int size, int rwflag, void u)
	136	{
	137	return -1;
	138	}
	139
130	140	static int test_print_key_using_pem(const char alg, const EVP_PKEY pk)
131	141	{
132	142	BIO *membio = BIO_new(BIO_s_mem());

139	149	!TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
140	150	(unsigned char *)"pass", 4,
141	151	NULL, NULL))
	152	/* Output zero-length passphrase encrypted private key in PEM form */
	153	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
	154	EVP_aes_256_cbc(),
	155	(const char *)~0, 0,
	156	NULL, NULL))
	157	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
	158	EVP_aes_256_cbc(),
	159	NULL, 0, NULL, ""))
	160	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
	161	EVP_aes_256_cbc(),
	162	NULL, 0, pass_cb, NULL))
	163	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
	164	EVP_aes_256_cbc(),
	165	NULL, 0, pass_cb_error,
	166	NULL))
	167	#ifndef OPENSSL_NO_DES
	168	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
	169	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
	170	(const char *)~0, 0, NULL, NULL))
	171	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
	172	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
	173	NULL, ""))
	174	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
	175	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
	176	pass_cb, NULL))
	177	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
	178	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
	179	pass_cb_error, NULL))
	180	#endif
142	181	/* Private key in text form */
143	182	\|\| !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
144	183	\|\| !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))

1112	1151	return ret;
1113	1152	}
1114	1153
1115		#define CURVE_NAME 2
1116
1117	1154	static int test_fromdata_ec(void)
1118	1155	{
1119	1156	int ret = 0;

1125	1162	OSSL_PARAM *fromdata_params = NULL;
1126	1163	const char *alg = "EC";
1127	1164	const char *curve = "prime256v1";
	1165	const char bad_curve[] = "nonexistent-curve";
	1166	OSSL_PARAM nokey_params[2] = {
	1167	OSSL_PARAM_END,
	1168	OSSL_PARAM_END
	1169	};
1128	1170	/* UNCOMPRESSED FORMAT */
1129	1171	static const unsigned char ec_pub_keydata[] = {
1130	1172	POINT_CONVERSION_UNCOMPRESSED,

1176	1218	goto err;
1177	1219	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1178	1220	if (!TEST_ptr(ctx))
	1221	goto err;
	1222
	1223	/* try importing parameters with bad curve first */
	1224	nokey_params[0] =
	1225	OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
	1226	(char *)bad_curve, sizeof(bad_curve));
	1227	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
	1228	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
	1229	nokey_params), 0)
	1230	\|\| !TEST_ptr_null(pk))
1179	1231	goto err;
1180	1232
1181	1233	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)

+66

-7

test/evp_test.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

573	573	}
574	574	ERR_clear_last_mark();
575	575
576		cdat = OPENSSL_zalloc(sizeof(*cdat));
	576	if (!TEST_ptr(cdat = OPENSSL_zalloc(sizeof(*cdat))))
	577	return 0;
	578
577	579	cdat->cipher = cipher;
578	580	cdat->fetched_cipher = fetched_cipher;
579	581	cdat->enc = -1;

1174	1176	return 0;
1175	1177	}
1176	1178
1177		mdat = OPENSSL_zalloc(sizeof(*mdat));
	1179	if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat))))
	1180	return 0;
	1181
1178	1182	mdat->type = type;
1179		mdat->mac_name = OPENSSL_strdup(alg);
	1183	if (!TEST_ptr(mdat->mac_name = OPENSSL_strdup(alg))) {
	1184	OPENSSL_free(mdat);
	1185	return 0;
	1186	}
	1187
1180	1188	mdat->mac = mac;
1181		mdat->controls = sk_OPENSSL_STRING_new_null();
	1189	if (!TEST_ptr(mdat->controls = sk_OPENSSL_STRING_new_null())) {
	1190	OPENSSL_free(mdat->mac_name);
	1191	OPENSSL_free(mdat);
	1192	return 0;
	1193	}
	1194
1182	1195	mdat->output_size = mdat->block_size = -1;
1183	1196	t->data = mdat;
1184	1197	return 1;

1842	1855	return parse_bin(value, &kdata->output, &kdata->output_len);
1843	1856	if (strcmp(keyword, "Ctrl") == 0)
1844	1857	return pkey_test_ctrl(t, kdata->ctx, value);
	1858	if (strcmp(keyword, "KDFType") == 0) {
	1859	OSSL_PARAM params[2];
	1860
	1861	params[0] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
	1862	(char *)value, 0);
	1863	params[1] = OSSL_PARAM_construct_end();
	1864	if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
	1865	return -1;
	1866	return 1;
	1867	}
	1868	if (strcmp(keyword, "KDFDigest") == 0) {
	1869	OSSL_PARAM params[2];
	1870
	1871	params[0] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
	1872	(char *)value, 0);
	1873	params[1] = OSSL_PARAM_construct_end();
	1874	if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
	1875	return -1;
	1876	return 1;
	1877	}
	1878	if (strcmp(keyword, "CEKAlg") == 0) {
	1879	OSSL_PARAM params[2];
	1880
	1881	params[0] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
	1882	(char *)value, 0);
	1883	params[1] = OSSL_PARAM_construct_end();
	1884	if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
	1885	return -1;
	1886	return 1;
	1887	}
	1888	if (strcmp(keyword, "KDFOutlen") == 0) {
	1889	OSSL_PARAM params[2];
	1890	char *endptr;
	1891	size_t outlen = (size_t)strtoul(value, &endptr, 0);
	1892
	1893	if (endptr[0] != '\0')
	1894	return -1;
	1895
	1896	params[0] = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
	1897	&outlen);
	1898	params[1] = OSSL_PARAM_construct_end();
	1899	if (EVP_PKEY_CTX_set_params(kdata->ctx, params) == 0)
	1900	return -1;
	1901	return 1;
	1902	}
1845	1903	return 0;
1846	1904	}
1847	1905

1857	1915	goto err;
1858	1916	}
1859	1917
1860		if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0) {
	1918	if (EVP_PKEY_derive(dctx, NULL, &got_len) <= 0
	1919	\|\| !TEST_size_t_ne(got_len, 0)) {
1861	1920	t->err = "DERIVE_ERROR";
1862	1921	goto err;
1863	1922	}

2515	2574	item->pr_entropyB_len);
2516	2575	params[1] = OSSL_PARAM_construct_end();
2517	2576	if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
2518		return 0;
	2577	goto err;
2519	2578	}
2520	2579	if (!TEST_true(EVP_RAND_generate
2521	2580	(expected->ctx, got, got_len,

+11

-3

test/helpers/handshake.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

304	304
305	305	static int n_retries = 0;
306	306	static int verify_retry_cb(X509_STORE_CTX ctx, void arg) {
	307	int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
	308	SSL *ssl;
	309
	310	/* this should not happen but check anyway */
	311	if (idx < 0
	312	\|\| (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
	313	return 0;
	314
307	315	if (--n_retries < 0)
308	316	return 1;
309		X509_STORE_CTX_set_error(ctx, X509_V_ERR_APPLICATION_VERIFICATION);
310		return -1;
	317
	318	return SSL_set_retry_verify(ssl);
311	319	}
312	320
313	321	static int verify_accept_cb(X509_STORE_CTX ctx, void arg) {

+17

-1

test/helpers/handshake_srp.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

48	48	SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
49	49	server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
50	50	server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password);
	51	if (server_ctx_data->srp_user == NULL \|\| server_ctx_data->srp_password == NULL) {
	52	OPENSSL_free(server_ctx_data->srp_user);
	53	OPENSSL_free(server_ctx_data->srp_password);
	54	server_ctx_data->srp_user = NULL;
	55	server_ctx_data->srp_password = NULL;
	56	return 0;
	57	}
51	58	SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
52	59	}
53	60	if (extra->server2.srp_user != NULL) {

56	63	SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
57	64	server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
58	65	server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password);
	66	if (server2_ctx_data->srp_user == NULL \|\| server2_ctx_data->srp_password == NULL) {
	67	OPENSSL_free(server2_ctx_data->srp_user);
	68	OPENSSL_free(server2_ctx_data->srp_password);
	69	server2_ctx_data->srp_user = NULL;
	70	server2_ctx_data->srp_password = NULL;
	71	return 0;
	72	}
59	73	SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
60	74	}
61	75	if (extra->client.srp_user != NULL) {

64	78	return 0;
65	79	SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
66	80	client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password);
	81	if (client_ctx_data->srp_password == NULL)
	82	return 0;
67	83	SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
68	84	}
69	85	return 1;

+22

-1

test/helpers/predefined_dhparams.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

169	169	return dhpkey;
170	170	}
171	171
	172	EVP_PKEY get_dh4096(OSSL_LIB_CTX libctx)
	173	{
	174	BIGNUM p = NULL, g = NULL;
	175	EVP_PKEY *dhpkey = NULL;
	176
	177	g = BN_new();
	178	if (g == NULL \|\| !BN_set_word(g, 2))
	179	goto err;
	180
	181	p = BN_get_rfc3526_prime_4096(NULL);
	182	if (p == NULL)
	183	goto err;
	184
	185	dhpkey = get_dh_from_pg_bn(libctx, "DH", p, g, NULL);
	186
	187	err:
	188	BN_free(p);
	189	BN_free(g);
	190	return dhpkey;
	191	}
	192
172	193	#endif

+2

-1

test/helpers/predefined_dhparams.h less more

0	0	/*
1		* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

13	13	EVP_PKEY get_dhx512(OSSL_LIB_CTX libctx);
14	14	EVP_PKEY get_dh1024dsa(OSSL_LIB_CTX libct);
15	15	EVP_PKEY get_dh2048(OSSL_LIB_CTX libctx);
	16	EVP_PKEY get_dh4096(OSSL_LIB_CTX libctx);
16	17	#endif

+31

-0

test/hmactest.c less more

244	244	return ret;
245	245	}
246	246
	247	static int test_hmac_copy_uninited(void)
	248	{
	249	const unsigned char key[24] = {0};
	250	const unsigned char ct[166] = {0};
	251	EVP_PKEY *pkey = NULL;
	252	EVP_MD_CTX *ctx = NULL;
	253	EVP_MD_CTX *ctx_tmp = NULL;
	254	int res = 0;
	255
	256	if (!TEST_ptr(ctx = EVP_MD_CTX_new())
	257	\|\| !TEST_ptr(pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
	258	key, sizeof(key)))
	259	\|\| !TEST_true(EVP_DigestSignInit(ctx, NULL, EVP_sha1(), NULL, pkey))
	260	\|\| !TEST_ptr(ctx_tmp = EVP_MD_CTX_new())
	261	\|\| !TEST_true(EVP_MD_CTX_copy(ctx_tmp, ctx)))
	262	goto err;
	263	EVP_MD_CTX_free(ctx);
	264	ctx = ctx_tmp;
	265	ctx_tmp = NULL;
	266
	267	if (!TEST_true(EVP_DigestSignUpdate(ctx, ct, sizeof(ct))))
	268	goto err;
	269	res = 1;
	270	err:
	271	EVP_MD_CTX_free(ctx);
	272	EVP_MD_CTX_free(ctx_tmp);
	273	EVP_PKEY_free(pkey);
	274	return res;
	275	}
	276
247	277	# ifndef OPENSSL_NO_MD5
248	278	static char pt(unsigned char md, unsigned int len)
249	279	{

265	295	ADD_TEST(test_hmac_bad);
266	296	ADD_TEST(test_hmac_run);
267	297	ADD_TEST(test_hmac_copy);
	298	ADD_TEST(test_hmac_copy_uninited);
268	299	return 1;
269	300	}
270	301

+2

-2

test/pbetest.c less more

0	0	/*
1		* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3		* Licensed under the OpenSSL license (the "License"). You may not use
	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy
5	5	* in the file LICENSE in the source distribution or at
6	6	* https://www.openssl.org/source/license.html

+1

-1

test/property_test.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3	3	*
4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use

+17

-10

test/provfetchtest.c less more

0	0	/*
1		* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

224	224	* Test 1: Encoder
225	225	* Test 2: Store loader
226	226	* Test 3: EVP_RAND
	227	* Test 4-7: As above, but additionally with a query string
227	228	*/
228	229	static int fetch_test(int tst)
229	230	{

235	236	OSSL_STORE_LOADER *loader = NULL;
236	237	int testresult = 0;
237	238	unsigned char buf[32];
	239	int query = tst > 3;
238	240
239	241	if (!TEST_ptr(libctx))
240	242	goto err;

245	247	\|\| !TEST_ptr(dummyprov = OSSL_PROVIDER_load(libctx, "dummy-prov")))
246	248	goto err;
247	249
248		switch(tst) {
	250	switch (tst % 4) {
249	251	case 0:
250		decoder = OSSL_DECODER_fetch(libctx, "DUMMY", NULL);
	252	decoder = OSSL_DECODER_fetch(libctx, "DUMMY",
	253	query ? "provider=dummy" : NULL);
251	254	if (!TEST_ptr(decoder))
252	255	goto err;
253	256	break;
254	257	case 1:
255		encoder = OSSL_ENCODER_fetch(libctx, "DUMMY", NULL);
	258	encoder = OSSL_ENCODER_fetch(libctx, "DUMMY",
	259	query ? "provider=dummy" : NULL);
256	260	if (!TEST_ptr(encoder))
257	261	goto err;
258	262	break;
259	263	case 2:
260		loader = OSSL_STORE_LOADER_fetch(libctx, "DUMMY", NULL);
	264	loader = OSSL_STORE_LOADER_fetch(libctx, "DUMMY",
	265	query ? "provider=dummy" : NULL);
261	266	if (!TEST_ptr(loader))
262	267	goto err;
263	268	break;
264	269	case 3:
265		if (!TEST_true(RAND_set_DRBG_type(libctx, "DUMMY", NULL, NULL, NULL))
	270	if (!TEST_true(RAND_set_DRBG_type(libctx, "DUMMY",
	271	query ? "provider=dummy" : NULL,
	272	NULL, NULL))
266	273	\|\| !TEST_int_ge(RAND_bytes_ex(libctx, buf, sizeof(buf), 0), 1))
267	274	goto err;
268	275	break;

283	290
284	291	int setup_tests(void)
285	292	{
286		ADD_ALL_TESTS(fetch_test, 4);
287
288		return 1;
289		}
	293	ADD_ALL_TESTS(fetch_test, 8);
	294
	295	return 1;
	296	}

+1

-1

test/recipes/01-test_symbol_presence.t less more

75	75	# Drop the first space and everything following it
76	76	s\| .*\|\|;
77	77	# Drop OpenSSL dynamic version information if there is any
78		s\|\@\@OPENSSL_[0-9._]+[a-z]?$\|\|;
	78	s\|\@\@.+$\|\|;
79	79	# Return the result
80	80	$_
81	81	}

+2

-2

test/recipes/03-test_internal_sm3.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	# Copyright 2021 [UnionTech](https://www.uniontech.com). All Rights Reserved.
3	3	#
4		# Licensed under the OpenSSL license (the "License"). You may not use
	4	# Licensed under the Apache License 2.0 (the "License"). You may not use
5	5	# this file except in compliance with the License. You can obtain a copy
6	6	# in the file LICENSE in the source distribution or at
7	7	# https://www.openssl.org/source/license.html

+13

-1

test/recipes/10-test_bn_data/bnmod.txt less more

0		# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
	0	# Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
1	1	#
2	2	# Licensed under the Apache License 2.0 (the "License"). You may not use
3	3	# this file except in compliance with the License. You can obtain a copy

2798	2798	ModSqrt = a1d52989f12f204d3d2167d9b1e6c8a6174c0c786a979a5952383b7b8bd186
2799	2799	A = 2eee37cf06228a387788188e650bc6d8a2ff402931443f69156a29155eca07dcb45f3aac238d92943c0c25c896098716baa433f25bd696a142f5a69d5d937e81
2800	2800	P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f
	2801
	2802	# Negative testcases for BN_mod_sqrt()
	2803
	2804	# This one triggers an infinite loop with unfixed implementation
	2805	# It should just fail.
	2806	ModSqrt = -1
	2807	A = 20a7ee
	2808	P = 460201
	2809
	2810	ModSqrt = -1
	2811	A = 65bebdb00a96fc814ec44b81f98b59fba3c30203928fa5214c51e0a97091645280c947b005847f239758482b9bfc45b066fde340d1fe32fc9c1bf02e1b2d0ed
	2812	P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f

+14

-6

test/recipes/15-test_gendhparam.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

117	117	# expect => [ 'BEGIN DH PARAMETERS', 'G: 5' ],
118	118	# message => 'DH safe prime generator using an alias',
119	119	# },
120		{
	120	{
121	121	algorithm => 'DHX',
122	122	pkeyopts => [ 'type:generator', 'safeprime-generator:5'],
123	123	expect => [ 'ERROR' ],
124	124	message => 'safe prime generator should fail for DHX',
125		},
	125	}
126	126	);
127	127
128	128	plan skip_all => "DH isn't supported in this build" if disabled("dh");

139	139	push(@pkeyopts, '-pkeyopt');
140	140	push(@pkeyopts, $_);
141	141	}
142		my @lines = run(app(['openssl', 'genpkey', '-genparam',
	142	my @lines;
	143	if ($expected[0] eq 'ERROR') {
	144	@lines = run(app(['openssl', 'genpkey', '-genparam',
	145	'-algorithm', $alg, '-text', @pkeyopts],
	146	stderr => undef),
	147	capture => 1);
	148	} else {
	149	@lines = run(app(['openssl', 'genpkey', '-genparam',
143	150	'-algorithm', $alg, '-text', @pkeyopts]),
144		capture => 1);
	151	capture => 1);
	152	}
145	153	ok(compareline(\@lines, \@expected), $msg);
146	154	}
147	155

156	164	}
157	165	print "-----------------\n";
158	166	foreach (@lines) {
159		print $_;
	167	print "# ".$_;
160	168	}
161	169	print "-----------------\n";
162	170	foreach my $ex (@expected) {

+7

-2

test/recipes/15-test_genrsa.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

24	24
25	25	plan tests =>
26	26	($no_fips ? 0 : 3) # Extra FIPS related tests
27		+ 13;
	27	+ 15;
28	28
29	29	# We want to know that an absurdly small number of bits isn't support
30	30	is(run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem',

102	102	"genrsa -f4 $good");
103	103	ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
104	104	"rsa -check");
	105	ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest.pem', '-out', 'genrsatest-enc.pem',
	106	'-aes256', '-passout', 'pass:x' ])),
	107	"rsa encrypt");
	108	ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest-enc.pem', '-passin', 'pass:x' ])),
	109	"rsa decrypt");
105	110
106	111	unless ($no_fips) {
107	112	my $provconf = srctop_file("test", "fips-and-base.cnf");

+4

-4

test/recipes/20-test_dgst.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

11	11
12	12	use File::Spec;
13	13	use File::Basename;
14		use OpenSSL::Test qw/:DEFAULT with srctop_file bldtop_file/;
	14	use OpenSSL::Test qw/:DEFAULT with srctop_file bldtop_dir/;
15	15	use OpenSSL::Test::Utils;
16	16
17	17	setup("test_dgst");

112	112	my $testdata = srctop_file('test', 'data.bin');
113	113	# intentionally using -engine twice, please do not remove the duplicate line
114	114	my @macdata = run(app(['openssl', 'dgst', '-sha1',
115		'-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest",
116		'-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest",
	115	'-engine', "ossltest",
	116	'-engine', "ossltest",
117	117	$testdata]), capture => 1);
118	118	chomp(@macdata);
119	119	my $expected = qr/SHA1$\Q$testdata\E$= 000102030405060708090a0b0c0d0e0f10111213/;

+13

-5

test/recipes/25-test_req.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

14	14
15	15	setup("test_req");
16	16
17		plan tests => 43;
	17	plan tests => 44;
18	18
19	19	require_ok(srctop_file('test', 'recipes', 'tconversion.pl'));
20	20

48	48	ok(!run(app([@addext_args, "-addext", $val, "-addext", $val3])));
49	49	ok(!run(app([@addext_args, "-addext", $val2, "-addext", $val3])));
50	50
	51	# If a CSR is provided with neither of -key or -CA/-CAkey, this should fail.
	52	ok(!run(app(["openssl", "req", "-x509",
	53	"-in", srctop_file(@certs, "x509-check.csr"),
	54	"-out", "testreq.pem"])));
	55
51	56	subtest "generating alt certificate requests with RSA" => sub {
52	57	plan tests => 3;
53	58

382	387	my $ca_key = srctop_file(@certs, "ca-key.pem");
383	388	my $key = $is_ca ? $ca_key : srctop_file(@certs, "ee-key.pem");
384	389	my @cmd = ("openssl", "req", "-config", "", "-x509",
385		"-key", $key, "-subj", "/CN=$cn", @_, "-out", $cert);
	390	"-subj", "/CN=$cn", @_, "-out", $cert);
	391	push(@cmd, ("-key", $key)) if $ss;
386	392	push(@cmd, ("-CA", $ca_cert, "-CAkey", $ca_key)) unless $ss;
387	393	ok(run(app([@cmd])), "generate $cert");
388	394	}

441	447	#TODO strict_verify($cert, 1); # should be accepted because RFC 5280 does not apply
442	448
443	449	$cert = "v3_EE_default_KIDs.pem";
444		generate_cert($cert, "-addext", "keyUsage = dataEncipherment");
	450	generate_cert($cert, "-addext", "keyUsage = dataEncipherment",
	451	"-key", srctop_file(@certs, "ee-key.pem"));
445	452	cert_ext_has_n_different_lines($cert, 4, $SKID_AKID); # SKID != AKID
446	453	strict_verify($cert, 1, $ca_cert);
447	454
448	455	$cert = "v3_EE_no_AKID.pem";
449		generate_cert($cert, "-addext", "authorityKeyIdentifier = none");
	456	generate_cert($cert, "-addext", "authorityKeyIdentifier = none",
	457	"-key", srctop_file(@certs, "ee-key.pem"));
450	458	has_SKID($cert, 1);
451	459	has_AKID($cert, 0);
452	460	strict_verify($cert, 0, $ca_cert);

+15

-2

test/recipes/30-test_evp_data/evpciph_des3_common.txt less more

0	0	#
1		# Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

10	10	# PrivPubKeyPair Sign Verify VerifyRecover
11	11	# and continue until a blank line. Lines starting with a pound sign are ignored.
12	12
13		Title = DES3 Test
	13	Title = DES3 Tests
14	14
15	15	# DES EDE3 CBC tests (from destest)
16	16	Cipher = DES-EDE3-CBC

19	19	Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
20	20	Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
21	21	NextIV = 1c673812cfde9675
	22
	23	# DES EDE3 ECB test
	24	Cipher = DES-EDE3-ECB
	25	Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
	26	Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
	27	Ciphertext = 62c10cc9efbf15aaa5ae2e487b690e56d8b1dfb8f5c5b293855e77dd9024b1b1
	28
	29	# DES EDE ECB test
	30	Availablein = default
	31	Cipher = DES-EDE-ECB
	32	Key = 0123456789abcdeffedcba9876543210
	33	Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
	34	Ciphertext = 4d1332e49f380e23d80a0d8b2bae5e4e6a0094171abcfc27df2bfd40da9f4e4d

+22

-1

test/recipes/30-test_evp_data/evppkey_ffdhe.txt less more

0	0	#
1		# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

91	91	PeerKey=ffdhe2048-2-pub
92	92	Ctrl = dh_pad:1
93	93	SharedSecret=00006620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF
	94
	95	# The following two testcases check that the padding is implicitly enabled
	96	# with X942KDF-ASN1 KDF.
	97	# The plain shared secret for these keys needs padding as seen above.
	98	Derive=ffdhe2048-1
	99	PeerKey=ffdhe2048-2-pub
	100	KDFType=X942KDF-ASN1
	101	KDFOutlen=32
	102	KDFDigest=SHA-256
	103	CEKAlg=id-aes128-wrap
	104	Ctrl = dh_pad:1
	105	SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654
	106
	107	Derive=ffdhe2048-2
	108	PeerKey=ffdhe2048-1-pub
	109	KDFType=X942KDF-ASN1
	110	KDFOutlen=32
	111	KDFDigest=SHA-256
	112	CEKAlg=id-aes128-wrap
	113	Ctrl = dh_pad:0
	114	SharedSecret=89A249DF4EE9033B89C2B4E52072A736D94F51143A1ED5C8F1E91FCBEBE09654
94	115
95	116	PrivateKey=ffdhe3072-1
96	117	-----BEGIN PRIVATE KEY-----

+3

-7

test/recipes/70-test_verify_extra.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

6	6	# https://www.openssl.org/source/license.html
7	7
8	8
9		use OpenSSL::Test qw/:DEFAULT srctop_file/;
	9	use OpenSSL::Test qw/:DEFAULT srctop_dir/;
10	10
11	11	setup("test_verify_extra");
12	12
13	13	plan tests => 1;
14	14
15	15	ok(run(test(["verify_extra_test",
16		srctop_file("test", "certs", "rootCA.pem"),
17		srctop_file("test", "certs", "roots.pem"),
18		srctop_file("test", "certs", "untrusted.pem"),
19		srctop_file("test", "certs", "bad.pem"),
20		srctop_file("test", "certs", "sm2-csr.pem")])));
	16	srctop_dir("test", "certs")])));

+59

-12

test/recipes/80-test_ssl_old.t less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

345	345	}
346	346
347	347
348		# plan tests => 11;
349
350	348	subtest 'standard SSL tests' => sub {
351	349	######################################################################
352		plan tests => 13;
	350	plan tests => 19;
353	351
354	352	SKIP: {
355	353	skip "SSLv3 is not supported by this OpenSSL build", 4

377	375	}
378	376
379	377	SKIP: {
380		skip "Neither SSLv3 nor any TLS version are supported by this OpenSSL build", 8
	378	skip "Neither SSLv3 nor any TLS version are supported by this OpenSSL build", 14
381	379	if $no_anytls;
382	380
383	381	SKIP: {

405	403	'test sslv2/sslv3 with both client and server authentication via BIO pair and app verify');
406	404
407	405	SKIP: {
408		skip "No IPv4 available on this machine", 1
	406	skip "No IPv4 available on this machine", 4
409	407	unless !disabled("sock") && have_IPv4();
410	408	ok(run(test([@ssltest, "-ipv4"])),
411	409	'test TLS via IPv4');
412		}
413
414		SKIP: {
415		skip "No IPv6 available on this machine", 1
	410	ok(run(test([@ssltest, "-ipv4", "-client_ktls"])),
	411	'test TLS via IPv4 + ktls(client)');
	412	ok(run(test([@ssltest, "-ipv4", "-server_ktls"])),
	413	'test TLS via IPv4 + ktls(server)');
	414	ok(run(test([@ssltest, "-ipv4", "-client_ktls", "-server_ktls"])),
	415	'test TLS via IPv4 + ktls');
	416	}
	417
	418	SKIP: {
	419	skip "No IPv6 available on this machine", 4
416	420	unless !disabled("sock") && have_IPv6();
417	421	ok(run(test([@ssltest, "-ipv6"])),
418	422	'test TLS via IPv6');
	423	ok(run(test([@ssltest, "-ipv6", "-client_ktls"])),
	424	'test TLS via IPv6 + ktls(client)');
	425	ok(run(test([@ssltest, "-ipv6", "-server_ktls"])),
	426	'test TLS via IPv6 + ktls(client)');
	427	ok(run(test([@ssltest, "-ipv6", "-client_ktls", "-server_ktls"])),
	428	'test TLS via IPv6 + ktls');
419	429	}
420	430	}
421	431	};

519	529	subtest 'RSA/(EC)DHE/PSK tests' => sub {
520	530	######################################################################
521	531
522		plan tests => 6;
	532	plan tests => 10;
523	533
524	534	SKIP: {
525	535	skip "TLSv1.0 is not supported by this OpenSSL build", 6

556	566
557	567	ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "PSK", "-psk", "abc123"])),
558	568	'test tls1 with PSK via BIO pair');
559		}
	569	}
560	570
561	571	SKIP: {
562	572	skip "skipping auto DH PSK tests", 1

564	574
565	575	ok(run(test(['ssl_old_test', '-psk', '0102030405', '-cipher', '@SECLEVEL=2:DHE-PSK-AES128-CCM'])),
566	576	'test auto DH meets security strength');
	577	}
	578	}
	579
	580	SKIP: {
	581	skip "TLSv1.1 is not supported by this OpenSSL build", 4
	582	if $no_tls1_1;
	583
	584	SKIP: {
	585	skip "skipping auto DHE PSK test at SECLEVEL 3", 1
	586	if ($no_dh \|\| $no_psk);
	587
	588	ok(run(test(['ssl_old_test', '-tls1_1', '-dhe4096', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:DHE-PSK-AES256-CBC-SHA384'])),
	589	'test auto DHE PSK meets security strength');
	590	}
	591
	592	SKIP: {
	593	skip "skipping auto ECDHE PSK test at SECLEVEL 3", 1
	594	if ($no_ec \|\| $no_psk);
	595
	596	ok(run(test(['ssl_old_test', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:ECDHE-PSK-AES256-CBC-SHA384'])),
	597	'test auto ECDHE PSK meets security strength');
	598	}
	599
	600	SKIP: {
	601	skip "skipping no RSA PSK at SECLEVEL 3 test", 1
	602	if ($no_rsa \|\| $no_psk);
	603
	604	ok(!run(test(['ssl_old_test', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:RSA-PSK-AES256-CBC-SHA384'])),
	605	'test auto RSA PSK does not meet security level 3 requirements (PFS)');
	606	}
	607
	608	SKIP: {
	609	skip "skipping no PSK at SECLEVEL 3 test", 1
	610	if ($no_psk);
	611
	612	ok(!run(test(['ssl_old_test', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:PSK-AES256-CBC-SHA384'])),
	613	'test auto PSK does not meet security level 3 requirements (PFS)');
567	614	}
568	615	}
569	616

+7

-5

test/run_tests.pl less more

0	0	#! /usr/bin/env perl
1		# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

308	308	my $ret =
309	309	$harness->runtests(map { [ abs2rel($_, rel2abs(curdir())), basename($_) ] }
310	310	@preps);
311		die if $ret->has_errors;
312		$ret =
313		$harness->runtests(map { [ abs2rel($_, rel2abs(curdir())), basename($_) ] }
314		sort { reorder($a) cmp reorder($b) } keys %tests);
	311
	312	if (ref($ret) ne "TAP::Parser::Aggregator" \|\| !$ret->has_errors) {
	313	$ret =
	314	$harness->runtests(map { [ abs2rel($_, rel2abs(curdir())), basename($_) ] }
	315	sort { reorder($a) cmp reorder($b) } keys %tests);
	316	}
315	317
316	318	# If this is a TAP::Parser::Aggregator, $ret->has_errors is the count of
317	319	# tests that failed. We don't bother with that exact number, just exit

+8

-1

test/sanitytest.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

113	113	TEST_error("int must not be wider than size_t");
114	114	return 0;
115	115	}
	116
	117	/* SIZE_MAX is always greater than 2INT_MAX /
	118	if (SIZE_MAX - INT_MAX <= INT_MAX) {
	119	TEST_error("SIZE_MAX must exceed 2*INT_MAX");
	120	return 0;
	121	}
	122
116	123	return 1;
117	124	}
118	125

+2

-2

test/sm3_internal_test.c less more

0	0	/*
1		* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright 2021 UnionTech. All Rights Reserved.
3	3	*
4		* Licensed under the OpenSSL license (the "License"). You may not use
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	5	* this file except in compliance with the License. You can obtain a copy
6	6	* in the file LICENSE in the source distribution or at
7	7	* https://www.openssl.org/source/license.html

+42

-9

test/ssl_old_test.c less more

0	0	/*
1		* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
3	3	* Copyright 2005 Nokia. All rights reserved.
4	4	*

629	629	fprintf(stderr,
630	630	" -dhe512 - use 512 bit key for DHE (to test failure)\n");
631	631	fprintf(stderr,
632		" -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
	632	" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
633	633	fprintf(stderr,
634		" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
	634	" -dhe2048 - use 2048 bit key (safe prime) for DHE (default, no-op)\n");
	635	fprintf(stderr,
	636	" -dhe4096 - use 4096 bit key (safe prime) for DHE\n");
635	637	#endif
636	638	fprintf(stderr, " -no_dhe - disable DHE\n");
637	639	#ifndef OPENSSL_NO_EC

645	647	#endif
646	648	#ifndef OPENSSL_NO_TLS1
647	649	fprintf(stderr, " -tls1 - use TLSv1\n");
	650	#endif
	651	#ifndef OPENSSL_NO_TLS1_1
	652	fprintf(stderr, " -tls1_1 - use TLSv1.1\n");
	653	#endif
	654	#ifndef OPENSSL_NO_TLS1_2
	655	fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
648	656	#endif
649	657	#ifndef OPENSSL_NO_DTLS
650	658	fprintf(stderr, " -dtls - use DTLS\n");

710	718	fprintf(stderr, " -client_sess_in <file> - Read the client session from a file\n");
711	719	fprintf(stderr, " -should_reuse <number> - The expected state of reusing the session\n");
712	720	fprintf(stderr, " -no_ticket - do not issue TLS session ticket\n");
	721	fprintf(stderr, " -client_ktls - try to enable client KTLS\n");
	722	fprintf(stderr, " -server_ktls - try to enable server KTLS\n");
713	723	fprintf(stderr, " -provider <name> - Load the given provider into the library context\n");
714	724	fprintf(stderr, " -config <cnf> - Load the given config file into the library context\n");
715	725	}

870	880	int badop = 0;
871	881	enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
872	882	int force = 0;
873		int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0;
	883	int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_1 = 0, tls1_2 = 0, ssl3 = 0;
874	884	int ret = EXIT_FAILURE;
875	885	int client_auth = 0;
876	886	int server_auth = 0, i;

882	892	int number = 1, reuse = 0;
883	893	int should_reuse = -1;
884	894	int no_ticket = 0;
	895	int client_ktls = 0, server_ktls = 0;
885	896	long bytes = 256L;
886	897	#ifndef OPENSSL_NO_DH
887	898	EVP_PKEY *dhpkey;
888		int dhe512 = 0, dhe1024dsa = 0;
	899	int dhe512 = 0, dhe1024dsa = 0, dhe4096 = 0;
889	900	int no_dhe = 0;
890	901	#endif
891	902	int no_psk = 0;

980	991	dhe512 = 1;
981	992	else if (strcmp(*argv, "-dhe1024dsa") == 0)
982	993	dhe1024dsa = 1;
	994	else if (strcmp(*argv, "-dhe4096") == 0)
	995	dhe4096 = 1;
983	996	#endif
984	997	else if (strcmp(*argv, "-no_ecdhe") == 0)
985	998	/* obsolete */;

998	1011	}
999	1012	else if (strcmp(*argv, "-tls1_2") == 0) {
1000	1013	tls1_2 = 1;
	1014	} else if (strcmp(*argv, "-tls1_1") == 0) {
	1015	tls1_1 = 1;
1001	1016	} else if (strcmp(*argv, "-tls1") == 0) {
1002	1017	tls1 = 1;
1003	1018	} else if (strcmp(*argv, "-ssl3") == 0) {

1166	1181	should_reuse = !!atoi(*(++argv));
1167	1182	} else if (strcmp(*argv, "-no_ticket") == 0) {
1168	1183	no_ticket = 1;
	1184	} else if (strcmp(*argv, "-client_ktls") == 0) {
	1185	client_ktls = 1;
	1186	} else if (strcmp(*argv, "-server_ktls") == 0) {
	1187	server_ktls = 1;
1169	1188	} else if (strcmp(*argv, "-provider") == 0) {
1170	1189	if (--argc < 1)
1171	1190	goto bad;

1216	1235	goto end;
1217	1236	}
1218	1237
1219		if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
1220		fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
	1238	if (ssl3 + tls1 + tls1_1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
	1239	fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
1221	1240	"be requested.\n");
1222	1241	EXIT(1);
1223	1242	}

1229	1248	#endif
1230	1249	#ifdef OPENSSL_NO_TLS1
1231	1250	if (tls1)
	1251	no_protocol = 1;
	1252	else
	1253	#endif
	1254	#ifdef OPENSSL_NO_TLS1_1
	1255	if (tls1_1)
1232	1256	no_protocol = 1;
1233	1257	else
1234	1258	#endif

1261	1285	goto end;
1262	1286	}
1263	1287
1264		if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
	1288	if (!ssl3 && !tls1 && !tls1_1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
1265	1289	&& !reuse && !force) {
1266	1290	fprintf(stderr, "This case cannot work. Use -f to perform "
1267	1291	"the test anyway (and\n-d to see what happens), "
1268		"or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
	1292	"or add one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
1269	1293	"to avoid protocol mismatch.\n");
1270	1294	EXIT(1);
1271	1295	}

1317	1341	} else if (tls1) {
1318	1342	min_version = TLS1_VERSION;
1319	1343	max_version = TLS1_VERSION;
	1344	} else if (tls1_1) {
	1345	min_version = TLS1_1_VERSION;
	1346	max_version = TLS1_1_VERSION;
1320	1347	} else if (tls1_2) {
1321	1348	min_version = TLS1_2_VERSION;
1322	1349	max_version = TLS1_2_VERSION;

1481	1508	dhpkey = get_dh1024dsa(libctx);
1482	1509	else if (dhe512)
1483	1510	dhpkey = get_dh512(libctx);
	1511	else if (dhe4096)
	1512	dhpkey = get_dh4096(libctx);
1484	1513	else
1485	1514	dhpkey = get_dh2048(libctx);
1486	1515

1723	1752
1724	1753	if (sn_client)
1725	1754	SSL_set_tlsext_host_name(c_ssl, sn_client);
	1755	if (client_ktls)
	1756	SSL_set_options(c_ssl, SSL_OP_ENABLE_KTLS);
	1757	if (server_ktls)
	1758	SSL_set_options(s_ssl, SSL_OP_ENABLE_KTLS);
1726	1759
1727	1760	if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1728	1761	goto end;

+30

-5

test/sslapitest.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

556	556	static int verify_retry_cb(X509_STORE_CTX ctx, void arg)
557	557	{
558	558	int res = X509_verify_cert(ctx);
	559	int idx = SSL_get_ex_data_X509_STORE_CTX_idx();
	560	SSL *ssl;
	561
	562	/* this should not happen but check anyway */
	563	if (idx < 0
	564	\|\| (ssl = X509_STORE_CTX_get_ex_data(ctx, idx)) == NULL)
	565	return 0;
559	566
560	567	if (res == 0 && X509_STORE_CTX_get_error(ctx) ==
561	568	X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)
562		return -1; /* indicate SSL_ERROR_WANT_RETRY_VERIFY */
	569	/* indicate SSL_ERROR_WANT_RETRY_VERIFY */
	570	return SSL_set_retry_verify(ssl);
	571
563	572	return res;
564	573	}
565	574

671	680	return ret;
672	681	}
673	682
	683	static int get_password_cb(char buf, int size, int rw_flag, void userdata)
	684	{
	685	static const char pass[] = "testpass";
	686
	687	if (!TEST_int_eq(size, PEM_BUFSIZE))
	688	return -1;
	689
	690	memcpy(buf, pass, sizeof(pass) - 1);
	691	return sizeof(pass) - 1;
	692	}
	693
674	694	static int test_ssl_ctx_build_cert_chain(void)
675	695	{
676	696	int ret = 0;
677	697	SSL_CTX *ctx = NULL;
678		char *skey = test_mk_file_path(certsdir, "leaf.key");
	698	char *skey = test_mk_file_path(certsdir, "leaf-encrypted.key");
679	699	char *leaf_chain = test_mk_file_path(certsdir, "leaf-chain.pem");
680	700
681	701	if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method())))
682	702	goto end;
	703	SSL_CTX_set_default_passwd_cb(ctx, get_password_cb);
683	704	/* leaf_chain contains leaf + subinterCA + interCA + rootCA */
684	705	if (!TEST_int_eq(SSL_CTX_use_certificate_chain_file(ctx, leaf_chain), 1)
685	706	\|\| !TEST_int_eq(SSL_CTX_use_PrivateKey_file(ctx, skey,

8061	8082	else
8062	8083	cert_cb_cnt = 0;
8063	8084
8064		if (tst == 2)
8065		snictx = SSL_CTX_new(TLS_server_method());
	8085	if (tst == 2) {
	8086	snictx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method());
	8087	if (!TEST_ptr(snictx))
	8088	goto end;
	8089	}
	8090
8066	8091	SSL_CTX_set_cert_cb(sctx, cert_cb, snictx);
8067	8092
8068	8093	if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,

+3

-1

test/threadstest.c less more

0	0	/*
1		* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

32	32	int res;
33	33
34	34	res = TEST_true(CRYPTO_THREAD_read_lock(lock))
	35	&& TEST_true(CRYPTO_THREAD_unlock(lock))
	36	&& TEST_true(CRYPTO_THREAD_write_lock(lock))
35	37	&& TEST_true(CRYPTO_THREAD_unlock(lock));
36	38
37	39	CRYPTO_THREAD_lock_free(lock);

+4

-1

test/tls-provider.c less more

0	0	/*
1		* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

839	839	{
840	840	OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
841	841
	842	if (libctx == NULL)
	843	return 0;
	844
842	845	*provctx = libctx;
843	846
844	847	/*

+9

-0

test/upcallstest.c less more

67	67	if (!c_obj_add_sigid(handle, SIGALG_OID, DIGEST_SN, SIG_LN))
68	68	return 0;
69	69
	70	/* additional tests checking empty digest algs are accepted, too */
	71	if (!c_obj_add_sigid(handle, SIGALG_OID, "", SIG_LN))
	72	return 0;
	73	if (!c_obj_add_sigid(handle, SIGALG_OID, NULL, SIG_LN))
	74	return 0;
	75	/* checking wrong digest alg name is rejected: */
	76	if (c_obj_add_sigid(handle, SIGALG_OID, "NonsenseAlg", SIG_LN))
	77	return 0;
	78
70	79	return 1;
71	80	}
72	81

+111

-14

test/verify_extra_test.c less more

0	0	/*
1		* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	*
3	3	* Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	* this file except in compliance with the License. You can obtain a copy

11	11	#include <openssl/crypto.h>
12	12	#include <openssl/bio.h>
13	13	#include <openssl/x509.h>
	14	#include <openssl/x509v3.h>
14	15	#include <openssl/pem.h>
15	16	#include <openssl/err.h>
16	17	#include "testutil.h"
17	18
18		static const char *root_f;
19		static const char *roots_f;
20		static const char *untrusted_f;
21		static const char *bad_f;
22		static const char *req_f;
	19	static const char *certs_dir;
	20	static char *root_f = NULL;
	21	static char *roots_f = NULL;
	22	static char *untrusted_f = NULL;
	23	static char *bad_f = NULL;
	24	static char *req_f = NULL;
	25	static char *sroot_cert = NULL;
	26	static char *ca_cert = NULL;
	27	static char *ee_cert = NULL;
23	28
24	29	#define load_cert_from_file(file) load_cert_pem(file, NULL)
25	30

98	103	return ret;
99	104	}
100	105
101		OPT_TEST_DECLARE_USAGE("roots.pem untrusted.pem bad.pem\n")
102
103	106	static int test_distinguishing_id(void)
104	107	{
105	108	X509 *x = NULL;

218	221	return test_self_signed(bad_f, 0, 0);
219	222	}
220	223
	224	static int do_test_purpose(int purpose, int expected)
	225	{
	226	X509 eecert = load_cert_from_file(ee_cert); / may result in NULL */
	227	X509 *untrcert = load_cert_from_file(ca_cert);
	228	X509 *trcert = load_cert_from_file(sroot_cert);
	229	STACK_OF(X509) *trusted = sk_X509_new_null();
	230	STACK_OF(X509) *untrusted = sk_X509_new_null();
	231	X509_STORE_CTX *ctx = X509_STORE_CTX_new();
	232	int testresult = 0;
	233
	234	if (!TEST_ptr(eecert)
	235	\|\| !TEST_ptr(untrcert)
	236	\|\| !TEST_ptr(trcert)
	237	\|\| !TEST_ptr(trusted)
	238	\|\| !TEST_ptr(untrusted)
	239	\|\| !TEST_ptr(ctx))
	240	goto err;
	241
	242
	243	if (!TEST_true(sk_X509_push(trusted, trcert)))
	244	goto err;
	245	trcert = NULL;
	246	if (!TEST_true(sk_X509_push(untrusted, untrcert)))
	247	goto err;
	248	untrcert = NULL;
	249
	250	if (!TEST_true(X509_STORE_CTX_init(ctx, NULL, eecert, untrusted)))
	251	goto err;
	252
	253	if (!TEST_true(X509_STORE_CTX_set_purpose(ctx, purpose)))
	254	goto err;
	255
	256	/*
	257	* X509_STORE_CTX_set0_trusted_stack() is bady named. Despite the set0 name
	258	* we are still responsible for freeing trusted after we have finished with
	259	* it.
	260	*/
	261	X509_STORE_CTX_set0_trusted_stack(ctx, trusted);
	262
	263	if (!TEST_int_eq(X509_verify_cert(ctx), expected))
	264	goto err;
	265
	266	testresult = 1;
	267	err:
	268	sk_X509_pop_free(trusted, X509_free);
	269	sk_X509_pop_free(untrusted, X509_free);
	270	X509_STORE_CTX_free(ctx);
	271	X509_free(eecert);
	272	X509_free(untrcert);
	273	X509_free(trcert);
	274	return testresult;
	275	}
	276
	277	static int test_purpose_ssl_client(void)
	278	{
	279	return do_test_purpose(X509_PURPOSE_SSL_CLIENT, 0);
	280	}
	281
	282	static int test_purpose_ssl_server(void)
	283	{
	284	return do_test_purpose(X509_PURPOSE_SSL_SERVER, 1);
	285	}
	286
	287	static int test_purpose_any(void)
	288	{
	289	return do_test_purpose(X509_PURPOSE_ANY, 1);
	290	}
	291
	292	OPT_TEST_DECLARE_USAGE("certs-dir\n")
	293
221	294	int setup_tests(void)
222	295	{
223	296	if (!test_skip_common_options()) {

225	298	return 0;
226	299	}
227	300
228		if (!TEST_ptr(root_f = test_get_argument(0))
229		\|\| !TEST_ptr(roots_f = test_get_argument(1))
230		\|\| !TEST_ptr(untrusted_f = test_get_argument(2))
231		\|\| !TEST_ptr(bad_f = test_get_argument(3))
232		\|\| !TEST_ptr(req_f = test_get_argument(4)))
	301	if (!TEST_ptr(certs_dir = test_get_argument(0)))
233	302	return 0;
	303
	304	if (!TEST_ptr(root_f = test_mk_file_path(certs_dir, "rootCA.pem"))
	305	\|\| !TEST_ptr(roots_f = test_mk_file_path(certs_dir, "roots.pem"))
	306	\|\| !TEST_ptr(untrusted_f = test_mk_file_path(certs_dir, "untrusted.pem"))
	307	\|\| !TEST_ptr(bad_f = test_mk_file_path(certs_dir, "bad.pem"))
	308	\|\| !TEST_ptr(req_f = test_mk_file_path(certs_dir, "sm2-csr.pem"))
	309	\|\| !TEST_ptr(sroot_cert = test_mk_file_path(certs_dir, "sroot-cert.pem"))
	310	\|\| !TEST_ptr(ca_cert = test_mk_file_path(certs_dir, "ca-cert.pem"))
	311	\|\| !TEST_ptr(ee_cert = test_mk_file_path(certs_dir, "ee-cert.pem")))
	312	goto err;
234	313
235	314	ADD_TEST(test_alt_chains_cert_forgery);
236	315	ADD_TEST(test_store_ctx);

239	318	ADD_TEST(test_self_signed_good);
240	319	ADD_TEST(test_self_signed_bad);
241	320	ADD_TEST(test_self_signed_error);
	321	ADD_TEST(test_purpose_ssl_client);
	322	ADD_TEST(test_purpose_ssl_server);
	323	ADD_TEST(test_purpose_any);
242	324	return 1;
243		}
	325	err:
	326	cleanup_tests();
	327	return 0;
	328	}
	329
	330	void cleanup_tests(void)
	331	{
	332	OPENSSL_free(root_f);
	333	OPENSSL_free(roots_f);
	334	OPENSSL_free(untrusted_f);
	335	OPENSSL_free(bad_f);
	336	OPENSSL_free(req_f);
	337	OPENSSL_free(sroot_cert);
	338	OPENSSL_free(ca_cert);
	339	OPENSSL_free(ee_cert);
	340	}

+0

-4

util/missingcrypto.txt less more

263	263	BN_mod_lshift1(3)
264	264	BN_mod_lshift1_quick(3)
265	265	BN_mod_lshift_quick(3)
266		BN_mod_sqrt(3)
267	266	BN_mod_sub_quick(3)
268	267	BN_nist_mod_192(3)
269	268	BN_nist_mod_224(3)

1276	1275	X509_STORE_CTX_get_by_subject(3)
1277	1276	X509_STORE_CTX_get_explicit_policy(3)
1278	1277	X509_STORE_CTX_get_obj_by_subject(3)
1279		X509_STORE_CTX_purpose_inherit(3)
1280	1278	X509_STORE_CTX_set0_dane(3)
1281	1279	X509_STORE_CTX_set_depth(3)
1282	1280	X509_STORE_CTX_set_flags(3)
1283		X509_STORE_CTX_set_purpose(3)
1284	1281	X509_STORE_CTX_set_time(3)
1285		X509_STORE_CTX_set_trust(3)
1286	1282	X509_STORE_get_verify(3)
1287	1283	X509_TRUST_add(3)
1288	1284	X509_TRUST_cleanup(3)

+0

-2

util/missingssl.txt less more

21	21	SSL_copy_session_id(3)
22	22	SSL_dup_CA_list(3)
23	23	SSL_get0_dane(3)
24		SSL_get_certificate(3)
25	24	SSL_get_current_compression(3)
26	25	SSL_get_current_expansion(3)
27	26	SSL_get_finished(3)
28	27	SSL_get_peer_finished(3)
29		SSL_get_privatekey(3)
30	28	SSL_set_SSL_CTX(3)
31	29	SSL_set_debug(3)
32	30	SSL_set_not_resumable_session_callback(3)

+2

-1

util/other.syms less more

361	361	OPENSSL_MSTR_HELPER define
362	362	OPENSSL_VERSION_MAJOR define
363	363	OPENSSL_VERSION_MINOR define
364		OPENSSL_VERSION_NUMBER define deprecated 3.0.0
	364	OPENSSL_VERSION_NUMBER define
365	365	OPENSSL_VERSION_PATCH define
366	366	OPENSSL_VERSION_PRE_RELEASE define
367	367	OPENSSL_VERSION_PREREQ define

667	667	EVP_PKEY_size define
668	668	EVP_PKEY_id define
669	669	EVP_PKEY_base_id define
	670	SSL_set_retry_verify define

+10

-1

util/perl/OpenSSL/config.pm less more

0	0	#! /usr/bin/env perl
1		# Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

484	484	[ 'x86_64-apple-darwin.*',
485	485	sub {
486	486	my $KERNEL_BITS = $ENV{KERNEL_BITS} // '';
	487	# macOS >= 10.15 is 64-bit only
	488	my $SW_VERS = `sw_vers -productVersion 2>/dev/null`;
	489	if ($SW_VERS =~ /^(\d+)\.(\d+)\.(\d+)$/) {
	490	if ($1 > 10 \|\| ($1 == 10 && $2 >= 15)) {
	491	die "32-bit applications not supported on macOS 10.15 or later\n" if $KERNEL_BITS eq '32';
	492	return { target => "darwin64-x86_64" };
	493	}
	494	}
487	495	return { target => "darwin-i386" } if $KERNEL_BITS eq '32';
488	496
489	497	print <<EOF;

740	748	defines => [ 'L_ENDIAN' ] } ],
741	749	[ 'powerpc64-.-.bsd.*', { target => "BSD-generic64",
742	750	defines => [ 'B_ENDIAN' ] } ],
	751	[ 'riscv64-.-.bsd.*', { target => "BSD-riscv64" } ],
743	752	[ 'sparc64-.-.bsd.*', { target => "BSD-sparc64" } ],
744	753	[ 'ia64-.-.bsd.*', { target => "BSD-ia64" } ],
745	754	[ 'x86_64-.-dragonfly.', { target => "BSD-x86_64" } ],

+3

-3

util/perl/OpenSSL/copyright.pm less more

0	0	#! /usr/bin/env perl
1		# Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	1	# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
2	2	#
3	3	# Licensed under the Apache License 2.0 (the "License"). You may not use
4	4	# this file except in compliance with the License. You can obtain a copy

22	22
23	23	# See if git's available
24	24	open my $FH,
25		"git log -1 --date=format:%Y --format=format:%ad $file 2>/dev/null\|"
	25	"git log -1 --date=short --format=format:%cd $file 2>/dev/null\|"
26	26	or return $YEAR;
27	27	my $LINE = <$FH>;
28	28	close $FH;
29		chomp($LINE);
	29	$LINE =~ s/^([0-9])-./$1/;
30	30	$YEAR = $LINE if $LINE;
31	31	return $YEAR;
32	32	}