https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1m and 1.1.1n [15 Mar 2022]
+
+ *) Fixed a bug in the BN_mod_sqrt() function that can cause it to loop forever
+ for non-prime moduli.
+
+ Internally this function is used when parsing certificates that contain
+ elliptic curve public keys in compressed form or explicit elliptic curve
+ parameters with a base point encoded in compressed form.
+
+ It is possible to trigger the infinite loop by crafting a certificate that
+ has invalid explicit curve parameters.
+
+ Since certificate parsing happens prior to verification of the certificate
+ signature, any process that parses an externally supplied certificate may
+ thus be subject to a denial of service attack. The infinite loop can also
+ be reached when parsing crafted private keys as they can contain explicit
+ elliptic curve parameters.
+
+ Thus vulnerable situations include:
+
+ - TLS clients consuming server certificates
+ - TLS servers consuming client certificates
+ - Hosting providers taking certificates or private keys from customers
+ - Certificate authorities parsing certification requests from subscribers
+ - Anything else which parses ASN.1 elliptic curve parameters
+
+ Also any other applications that use the BN_mod_sqrt() where the attacker
+ can control the parameter values are vulnerable to this DoS issue.
+ (CVE-2022-0778)
+ [Tomáš Mráz]
+
+ *) Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489)
+ to the list of ciphersuites providing Perfect Forward Secrecy as
+ required by SECLEVEL >= 3.
+
+ [Dmitry Belyavskiy, Nicola Tuveri]
+
Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
*) Avoid loading of a dynamic engine twice.
perlasm_scheme => "elf",
},
+ # riscv64 below refers to contemporary RISCV Architecture
+ # specifications,
+ "BSD-riscv64" => {
+ inherit_from => [ "BSD-generic64"],
+ perlasm_scheme => "linux64",
+ },
+
"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix", asm("x86_elf_asm") ],
CC => "gcc",
disable => add('pinshared'),
- apps_aux_src => "vms_term_sock.c",
+ apps_aux_src => "vms_term_sock.c vms_decc_argv.c",
apps_init_src => "vms_decc_init.c",
},
DEFINE SRCTOP {- sourcedir() -}
DEFINE BLDTOP {- builddir() -}
DEFINE RESULT_D {- builddir(qw(test test-runs)) -}
- DEFINE OPENSSL_ENGINES {- builddir("engines") -}
+ engines = F$PARSE("{- builddir("engines") -}","A.;",,,"syntax_only") - "A.;"
+ DEFINE OPENSSL_ENGINES 'engines'
DEFINE OPENSSL_DEBUG_MEMORY "on"
IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
$(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
}
}
- foreach (sort keys %all_keys) {
- my $previous = $combined_inheritance{$_};
+ foreach my $key (sort keys %all_keys) {
+ my $previous = $combined_inheritance{$key};
# Current target doesn't have a value for the current key?
# Assign it the default combiner, the rest of this loop body
# will handle it just like any other coderef.
- if (!exists $table{$target}->{$_}) {
- $table{$target}->{$_} = $default_combiner;
+ if (!exists $table{$target}->{$key}) {
+ $table{$target}->{$key} = $default_combiner;
}
- $table{$target}->{$_} = process_values($table{$target}->{$_},
- $combined_inheritance{$_},
- $target, $_);
- unless(defined($table{$target}->{$_})) {
- delete $table{$target}->{$_};
+ $table{$target}->{$key} = process_values($table{$target}->{$key},
+ $combined_inheritance{$key},
+ $target, $key);
+ unless(defined($table{$target}->{$key})) {
+ delete $table{$target}->{$key};
}
# if ($extra_checks &&
-# $previous && !($add_called || $previous ~~ $table{$target}->{$_})) {
-# warn "$_ got replaced in $target\n";
+# $previous && !($add_called || $previous ~~ $table{$target}->{$key})) {
+# warn "$key got replaced in $target\n";
# }
}
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.1m and OpenSSL 1.1.1n [15 Mar 2022]
+
+ o Fixed a bug in the BN_mod_sqrt() function that can cause it to loop
+ forever for non-prime moduli ([CVE-2022-0778])
+
Major changes between OpenSSL 1.1.1l and OpenSSL 1.1.1m [14 Dec 2021]
o None
- OpenSSL 1.1.1m 14 Dec 2021
+ OpenSSL 1.1.1n 15 Mar 2022
Copyright (c) 1998-2021 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
int ui_flags = 0;
const char *prompt_info = NULL;
char *prompt;
+ int pw_min_len = PW_MIN_LENGTH;
if (cb_data != NULL && cb_data->prompt_info != NULL)
prompt_info = cb_data->prompt_info;
+ if (cb_data != NULL && cb_data->password != NULL
+ && *(const char*)cb_data->password != '\0')
+ pw_min_len = 1;
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
if (!prompt) {
BIO_printf(bio_err, "Out of memory\n");
(void)UI_add_user_data(ui, cb_data);
ok = UI_add_input_string(ui, prompt, ui_flags, buf,
- PW_MIN_LENGTH, bufsiz - 1);
+ pw_min_len, bufsiz - 1);
if (ok >= 0 && verify) {
buff = app_malloc(bufsiz, "password buffer");
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
- PW_MIN_LENGTH, bufsiz - 1, buf);
+ pw_min_len, bufsiz - 1, buf);
}
if (ok >= 0)
do {
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
{
FUNCTION f, *fp;
LHASH_OF(FUNCTION) *prog = NULL;
- char **copied_argv = NULL;
char *p, *pname;
char buf[1024];
const char *prompt;
bio_err = dup_bio_err(FORMAT_TEXT);
#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
- copied_argv = argv = copy_argv(&argc, argv);
+ argv = copy_argv(&argc, argv);
#elif defined(_WIN32)
/*
* Replace argv[] with UTF-8 encoded strings.
}
ret = 1;
end:
- OPENSSL_free(copied_argv);
OPENSSL_free(default_config_file);
lh_FUNCTION_free(prog);
OPENSSL_free(arg.argv);
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
- return NULL;
+ goto err;
for (i = 0; i < 1000; i++) {
if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
n >>= 1;
}
if (!EVP_DigestFinal_ex(md, buf, NULL))
- return NULL;
+ goto err;
/* P sequence */
if (!EVP_DigestInit_ex(md2, sha, NULL))
goto err;
if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
- return NULL;
+ goto err;
if ((p_bytes = OPENSSL_zalloc(passwd_len)) == NULL)
goto err;
goto err;
if (!EVP_DigestFinal_ex(md2, temp_buf, NULL))
- return NULL;
+ goto err;
if ((s_bytes = OPENSSL_zalloc(salt_len)) == NULL)
goto err;
struct timeval tv;
#endif
const char *servername = NULL;
+ char *sname_alloc = NULL;
int noservername = 0;
const char *alpn_in = NULL;
tlsextctx tlsextcbp = { NULL, 0 };
"%s: -proxy argument malformed or ambiguous\n", prog);
goto end;
}
+ if (servername == NULL && !noservername) {
+ res = BIO_parse_hostserv(connectstr, &sname_alloc, NULL, BIO_PARSE_PRIO_HOST);
+ if (!res) {
+ BIO_printf(bio_err,
+ "%s: -connect argument malformed or ambiguous\n", prog);
+ goto end;
+ }
+ servername = sname_alloc;
+ }
} else {
int res = 1;
char *tmp_host = host, *tmp_port = port;
#ifndef OPENSSL_NO_SRP
OPENSSL_free(srp_arg.srppassin);
#endif
+ OPENSSL_free(sname_alloc);
OPENSSL_free(connectstr);
OPENSSL_free(bindstr);
OPENSSL_free(bindhost);
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#endif
if (!BIO_connect(*sock, BIO_ADDRINFO_address(ai),
- protocol == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
+ BIO_ADDRINFO_protocol(ai) == IPPROTO_TCP ? BIO_SOCK_NODELAY : 0)) {
BIO_closesocket(*sock);
*sock = INVALID_SOCKET;
continue;
--- /dev/null
+/*
+ * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdlib.h>
+#include <openssl/crypto.h>
+#include "apps.h" /* for app_malloc() and copy_argv() */
+
+char **newargv = NULL;
+
+static void cleanup_argv(void)
+{
+ OPENSSL_free(newargv);
+ newargv = NULL;
+}
+
+char **copy_argv(int *argc, char *argv[])
+{
+ /*-
+ * The note below is for historical purpose. On VMS now we always
+ * copy argv "safely."
+ *
+ * 2011-03-22 SMS.
+ * If we have 32-bit pointers everywhere, then we're safe, and
+ * we bypass this mess, as on non-VMS systems.
+ * Problem 1: Compaq/HP C before V7.3 always used 32-bit
+ * pointers for argv[].
+ * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
+ * everywhere else, we always allocate and use a 64-bit
+ * duplicate of argv[].
+ * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
+ * to NULL-terminate a 64-bit argv[]. (As this was written, the
+ * compiler ECO was available only on IA64.)
+ * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
+ * 64-bit argv[argc] for NULL, and, if necessary, use a
+ * (properly) NULL-terminated (64-bit) duplicate of argv[].
+ * The same code is used in either case to duplicate argv[].
+ * Some of these decisions could be handled in preprocessing,
+ * but the code tends to get even uglier, and the penalty for
+ * deciding at compile- or run-time is tiny.
+ */
+
+ int i, count = *argc;
+ char **p = newargv;
+
+ cleanup_argv();
+
+ newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy");
+ if (newargv == NULL)
+ return NULL;
+
+ /* Register automatic cleanup on first use */
+ if (p == NULL)
+ OPENSSL_atexit(cleanup_argv);
+
+ for (i = 0; i < count; i++)
+ newargv[i] = argv[i];
+ newargv[i] = NULL;
+ *argc = i;
+ return newargv;
+}
/*
- * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
# include <stdlib.h>
# include <unixlib.h>
-# include "apps.h"
-
/* Global storage. */
/* Flag to sense if decc_init() was called. */
};
-char **copy_argv(int *argc, char *argv[])
-{
- /*-
- * The note below is for historical purpose. On VMS now we always
- * copy argv "safely."
- *
- * 2011-03-22 SMS.
- * If we have 32-bit pointers everywhere, then we're safe, and
- * we bypass this mess, as on non-VMS systems.
- * Problem 1: Compaq/HP C before V7.3 always used 32-bit
- * pointers for argv[].
- * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
- * everywhere else, we always allocate and use a 64-bit
- * duplicate of argv[].
- * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
- * to NULL-terminate a 64-bit argv[]. (As this was written, the
- * compiler ECO was available only on IA64.)
- * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
- * 64-bit argv[argc] for NULL, and, if necessary, use a
- * (properly) NULL-terminated (64-bit) duplicate of argv[].
- * The same code is used in either case to duplicate argv[].
- * Some of these decisions could be handled in preprocessing,
- * but the code tends to get even uglier, and the penalty for
- * deciding at compile- or run-time is tiny.
- */
-
- int i, count = *argc;
- char **newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy");
-
- for (i = 0; i < count; i++)
- newargv[i] = argv[i];
- newargv[i] = NULL;
- *argc = i;
- return newargv;
-}
-
/* LIB$INITIALIZE initialization function. */
static void decc_init(void)
__CNF_CPPFLAGS="$__CNF_CPPFLAGS -DL_ENDIAN" ;;
powerpc64-*-*bsd*) OUT="BSD-generic64";
__CNF_CPPFLAGS="$__CNF_CPPFLAGS -DB_ENDIAN" ;;
+ riscv64-*-*bsd*) OUT="BSD-riscv64" ;;
sparc64-*-*bsd*) OUT="BSD-sparc64" ;;
ia64-*-*bsd*) OUT="BSD-ia64" ;;
x86_64-*-dragonfly*) OUT="BSD-x86_64" ;;
* WARNING: do not edit!
* Generated by crypto/asn1/charmap.pl
*
- * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
/*
- * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
# pragma pointer_size 32
#endif
/* Windows doesn't seem to have in_addr_t */
-#ifdef OPENSSL_SYS_WINDOWS
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
static uint32_t he_fallback_address;
static const char *he_fallback_addresses[] =
{ (char *)&he_fallback_address, NULL };
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
bn_check_top(p2);
bn_check_top(m);
- if (!(m->d[0] & 1)) {
+ if (!BN_is_odd(m)) {
BNerr(BN_F_BN_MOD_EXP2_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
return 0;
}
* WARNING: do not edit!
* Generated by crypto/bn/bn_prime.pl
*
- * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
continue;
if (i == 0 || i > INT_MAX / 4)
- goto err;
+ return 0;
num = i + neg;
if (bn == NULL)
/*
- * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
/*
* Returns 'ret' such that ret^2 == a (mod p), using the Tonelli/Shanks
* algorithm (cf. Henri Cohen, "A Course in Algebraic Computational Number
- * Theory", algorithm 1.5.1). 'p' must be prime!
+ * Theory", algorithm 1.5.1). 'p' must be prime, otherwise an error or
+ * an incorrect "result" will be returned.
*/
{
BIGNUM *ret = in;
goto vrfy;
}
- /* find smallest i such that b^(2^i) = 1 */
- i = 1;
- if (!BN_mod_sqr(t, b, p, ctx))
- goto end;
- while (!BN_is_one(t)) {
- i++;
- if (i == e) {
- BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
- goto end;
+ /* Find the smallest i, 0 < i < e, such that b^(2^i) = 1. */
+ for (i = 1; i < e; i++) {
+ if (i == 1) {
+ if (!BN_mod_sqr(t, b, p, ctx))
+ goto end;
+
+ } else {
+ if (!BN_mod_mul(t, t, t, p, ctx))
+ goto end;
}
- if (!BN_mod_mul(t, t, t, p, ctx))
- goto end;
+ if (BN_is_one(t))
+ break;
+ }
+ /* If not found, a is not a square or p is not prime. */
+ if (i >= e) {
+ BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
+ goto end;
}
/* t := y^2^(e - i - 1) */
* WARNING: do not edit!
* Generated by crypto/conf/keysets.pl
*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
/*
- * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
void ENGINE_load_builtin_engines(void)
{
- /* Some ENGINEs need this */
- OPENSSL_cpuid_setup();
-
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
}
/*
- * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* We fail if the version checker veto'd the load *or* if it is
* deferring to us (by returning its version) and we think it is too
* old.
+ * Unfortunately the version checker does not distinguish between
+ * engines built for openssl 1.1.x and openssl 3.x, but loading
+ * an engine that is built for openssl 3.x will cause a fatal
+ * error. Detect such engines, since EVP_PKEY_get_base_id is exported
+ * as a function in openssl 3.x, while it is named EVP_PKEY_base_id
+ * in openssl 1.1.x. Therefore we take the presence of that symbol
+ * as an indication that the engine will be incompatible.
*/
- if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
+ if (vcheck_res < OSSL_DYNAMIC_OLDEST
+ || DSO_bind_func(ctx->dynamic_dso,
+ "EVP_PKEY_get_base_id") != NULL) {
/* Fail */
ctx->bind_engine = NULL;
ctx->v_check = NULL;
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include "crypto/evp.h"
#include "evp_local.h"
+
+static void cleanup_old_md_data(EVP_MD_CTX *ctx, int force)
+{
+ if (ctx->digest != NULL) {
+ if (ctx->digest->cleanup != NULL
+ && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
+ ctx->digest->cleanup(ctx);
+ if (ctx->md_data != NULL && ctx->digest->ctx_size > 0
+ && (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)
+ || force)) {
+ OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
+ ctx->md_data = NULL;
+ }
+ }
+}
+
/* This call frees resources associated with the context */
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
{
* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
* sometimes only copies of the context are ever finalised.
*/
- if (ctx->digest && ctx->digest->cleanup
- && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
- ctx->digest->cleanup(ctx);
- if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
- && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
- OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
- }
+ cleanup_old_md_data(ctx, 0);
+
/*
* pctx should be freed by the user of EVP_MD_CTX
* if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set
if (ctx->engine && ctx->digest &&
(type == NULL || (type->type == ctx->digest->type)))
goto skip_to_init;
+
if (type) {
/*
* Ensure an ENGINE left lying around from last time is cleared (the
}
#endif
if (ctx->digest != type) {
- if (ctx->digest && ctx->digest->ctx_size) {
- OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size);
- ctx->md_data = NULL;
- }
+ cleanup_old_md_data(ctx, 1);
+
ctx->digest = type;
if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
ctx->update = type->update;
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
v = n | (*c);
n += 0x100;
r = (int)((v >> 2) ^ v) & 0x0f;
- ret = (ret << r) | (ret >> (32 - r));
+ /* cast to uint64_t to avoid 32 bit shift of 32 bit value */
+ ret = (ret << r) | (unsigned long)((uint64_t)ret >> (32 - r));
ret &= 0xFFFFFFFFL;
ret ^= v * v;
c++;
for (n = 0x100; *c != '\0'; n += 0x100) {
v = n | ossl_tolower(*c);
r = (int)((v >> 2) ^ v) & 0x0f;
- ret = (ret << r) | (ret >> (32 - r));
+ /* cast to uint64_t to avoid 32 bit shift of 32 bit value */
+ ret = (ret << r) | (unsigned long)((uint64_t)ret >> (32 - r));
ret &= 0xFFFFFFFFL;
ret ^= v * v;
c++;
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
return NULL;
}
return (ASN1_OBJECT *)&(nid_objs[n]);
- } else if (added == NULL)
+ } else if (added == NULL) {
+ OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
return NULL;
- else {
+ } else {
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
* WARNING: do not edit!
* Generated by crypto/objects/obj_dat.pl
*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* WARNING: do not edit!
* Generated by objxref.pl
*
- * Copyright 1998-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
/*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
static int close_console(UI *ui)
{
+ int ret = 1;
+
if (tty_in != stdin)
fclose(tty_in);
if (tty_out != stderr)
BIO_snprintf(tmp_num, sizeof(tmp_num) - 1, "%%X%08X", status);
UIerr(UI_F_CLOSE_CONSOLE, UI_R_SYSDASSGN_ERROR);
ERR_add_error_data(2, "status=", tmp_num);
- return 0;
+ ret = 0;
}
# endif
CRYPTO_THREAD_unlock(ui->lock);
- return 1;
+ return ret;
}
# if !defined(OPENSSL_SYS_WINCE)
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
/* If purpose not set use default */
if (!purpose)
purpose = def_purpose;
+ /*
+ * If purpose is set but we don't have a default then set the default to
+ * the current purpose
+ */
+ else if (def_purpose == 0)
+ def_purpose = purpose;
/* If we have a purpose then check it is valid */
if (purpose) {
X509_PURPOSE *ptmp;
ptmp = X509_PURPOSE_get0(idx);
if (ptmp->trust == X509_TRUST_DEFAULT) {
idx = X509_PURPOSE_get_by_id(def_purpose);
- /*
- * XXX: In the two callers above def_purpose is always 0, which is
- * not a known value, so idx will always be -1. How is the
- * X509_TRUST_DEFAULT case actually supposed to be handled?
- */
if (idx == -1) {
X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
X509_R_UNKNOWN_PURPOSE_ID);
/*
- * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
return 0;
emtmp = OPENSSL_strndup((char *)email->data, email->length);
- if (emtmp == NULL)
+ if (emtmp == NULL) {
+ X509_email_free(*sk);
+ *sk = NULL;
return 0;
+ }
/* Don't add duplicates */
if (sk_OPENSSL_STRING_find(*sk, emtmp) != -1) {
rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
else if (a->length == (int)blen && !memcmp(a->data, b, blen))
rv = 1;
- if (rv > 0 && peername)
+ if (rv > 0 && peername != NULL) {
*peername = OPENSSL_strndup((char *)a->data, a->length);
+ if (*peername == NULL)
+ return -1;
+ }
} else {
int astrlen;
unsigned char *astr;
return -1;
}
rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
- if (rv > 0 && peername)
+ if (rv > 0 && peername != NULL) {
*peername = OPENSSL_strndup((char *)astr, astrlen);
+ if (*peername == NULL) {
+ OPENSSL_free(astr);
+ return -1;
+ }
+ }
OPENSSL_free(astr);
}
return rv;
No revocation checking is done on the signer's certificate.
+The B<-binary> option does not work correctly when processing text input which
+(contrary to the S/MIME specification) uses LF rather than CRLF line endings.
+
=head1 HISTORY
The use of multiple B<-signer> options and the B<-resign> command were first
=head1 COPYRIGHT
-Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
- char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
int BIO_reset(BIO *b);
=head1 COPYRIGHT
-Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
Base64 BIOs do not support BIO_gets() or BIO_puts().
+For writing, output is by default divided to lines of length 64
+characters and there is always a newline at the end of output.
+
+For reading, first line should be at most 1024
+characters long. If it is longer then it is ignored completely.
+Other input lines can be of any length. There must be a newline
+at the end of input.
+
+This behavior can be changed with BIO_FLAGS_BASE64_NO_NL flag.
+
BIO_flush() on a base64 BIO that is being written through is
used to signal that no more data is to be encoded: this is used
to flush the final block through the BIO.
-The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags()
-to encode the data all on one line or expect the data to be all
-on one line.
+The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags().
+For writing, it causes all data to be written on one line without
+newline at the end.
+For reading, it forces the decoder to process the data regardless
+of newlines. All newlines are ignored and the input does not need
+to contain any newline at all.
=head1 NOTES
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
=head1 NAME
BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add,
-BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd -
+BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_mod_sqrt, BN_exp, BN_mod_exp, BN_gcd -
arithmetic operations on BIGNUMs
=head1 SYNOPSIS
int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+ BIGNUM *BN_mod_sqrt(BIGNUM *in, BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
BN_mod_sqr() takes the square of I<a> modulo B<m> and places the
result in I<r>.
+BN_mod_sqrt() returns the modular square root of I<a> such that
+C<in^2 = a (mod p)>. The modulus I<p> must be a
+prime, otherwise an error or an incorrect "result" will be returned.
+The result is stored into I<in> which can be NULL. The result will be
+newly allocated in that case.
+
BN_exp() raises I<a> to the I<p>-th power and places the result in I<r>
(C<r=a^p>). This function is faster than repeated applications of
BN_mul().
=head1 RETURN VALUES
-For all functions, 1 is returned for success, 0 on error. The return
+The BN_mod_sqrt() returns the result (possibly incorrect if I<p> is
+not a prime), or NULL.
+
+For all remaining functions, 1 is returned for success, 0 on error. The return
value should always be checked (e.g., C<if (!BN_add(r,a,b)) goto err;>).
The error codes can be obtained by L<ERR_get_error(3)>.
=head1 COPYRIGHT
-Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
return a pointer to the deleted element or B<NULL> on error.
sk_TYPE_insert(), sk_TYPE_push() and sk_TYPE_unshift() return the total
-number of elements in the stack and 0 if an error occurred.
+number of elements in the stack and 0 if an error occurred. sk_TYPE_push()
+further returns -1 if B<sk> is B<NULL>.
sk_TYPE_set() returns a pointer to the replacement element or B<NULL> on
error.
as well as numerical forms. If I<no_name> is 1 only the numerical form
is acceptable.
-OBJ_obj2txt() converts the B<ASN1_OBJECT> B<a> into a textual representation.
-The representation is written as a null terminated string to B<buf>
-at most B<buf_len> bytes are written, truncating the result if necessary.
-The total amount of space required is returned. If B<no_name> is 0 then
-if the object has a long or short name then that will be used, otherwise
-the numerical form will be used. If B<no_name> is 1 then the numerical
-form will always be used.
+OBJ_obj2txt() converts the B<ASN1_OBJECT> I<a> into a textual representation.
+Unless I<buf> is NULL,
+the representation is written as a NUL-terminated string to I<buf>, where
+at most I<buf_len> bytes are written, truncating the result if necessary.
+In any case it returns the total string length, excluding the NUL character,
+required for non-truncated representation, or -1 on error.
+If I<no_name> is 0 then if the object has a long or short name
+then that will be used, otherwise the numerical form will be used.
+If I<no_name> is 1 then the numerical form will always be used.
i2t_ASN1_OBJECT() is the same as OBJ_obj2txt() with the I<no_name> set to zero.
OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
a NID or B<NID_undef> on error.
+OBJ_add_sigid() returns 1 on success or 0 on error.
+
+i2t_ASN1_OBJECT() an OBJ_obj2txt() return -1 on error.
+On success, they return the length of the string written to I<buf> if I<buf> is
+not NULL and I<buf_len> is big enough, otherwise the total string length.
+Note that this does not count the trailing NUL character.
+
=head1 EXAMPLES
Create an object for B<commonName>:
obj = OBJ_txt2obj("1.2.3.4", 1);
-=head1 BUGS
-
-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
-convention of other OpenSSL functions where the buffer can be set
-to B<NULL> to determine the amount of data that should be written.
-Instead B<buf> must point to a valid buffer and B<buf_len> should
-be set to a positive value. A buffer length of 80 should be more
-than enough to handle any OID encountered in practice.
-
=head1 SEE ALSO
L<ERR_get_error(3)>
=head1 COPYRIGHT
-Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
B<SSL_OP_NO_TICKET>: that is B<-SessionTicket> is the same as setting
B<SSL_OP_NO_TICKET>.
-B<Compression>: SSL/TLS compression support, enabled by default. Inverse
+B<Compression>: SSL/TLS compression support, disabled by default. Inverse
of B<SSL_OP_NO_COMPRESSION>.
B<EmptyFragments>: use empty fragments as a countermeasure against a
=head1 COPYRIGHT
-Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
X509_STORE_CTX_get_num_untrusted,
X509_STORE_CTX_set_default,
X509_STORE_CTX_set_verify,
-X509_STORE_CTX_verify_fn
+X509_STORE_CTX_verify_fn,
+X509_STORE_CTX_set_purpose,
+X509_STORE_CTX_set_trust,
+X509_STORE_CTX_purpose_inherit
- X509_STORE_CTX initialisation
=head1 SYNOPSIS
typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, X509_STORE_CTX_verify_fn verify);
+ int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
+ int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
+ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+ int purpose, int trust);
+
=head1 DESCRIPTION
These functions initialise an B<X509_STORE_CTX> structure for subsequent use
This function should receive the current X509_STORE_CTX as a parameter and
return 1 on success or 0 on failure.
+X509 certificates may contain information about what purposes keys contained
+within them can be used for. For example "TLS WWW Server Authentication" or
+"Email Protection". This "key usage" information is held internally to the
+certificate itself. In addition the trust store containing trusted certificates
+can declare what purposes we trust different certificates for. This "trust"
+information is not held within the certificate itself but is "meta" information
+held alongside it. This "meta" information is associated with the certificate
+after it is issued and could be determined by a system administrator. For
+example a certificate might declare that it is suitable for use for both
+"TLS WWW Server Authentication" and "TLS Client Authentication", but a system
+administrator might only trust it for the former. An X.509 certificate extension
+exists that can record extended key usage information to supplement the purpose
+information described above. This extended mechanism is arbitrarily extensible
+and not well suited for a generic library API; applications that need to
+validate extended key usage information in certifiates will need to define a
+custom "purpose" (see below) or supply a nondefault verification callback
+(L<X509_STORE_set_verify_cb_func(3)>).
+
+X509_STORE_CTX_set_purpose() sets the purpose for the target certificate being
+verified in the I<ctx>. Built-in available values for the I<purpose> argument
+are B<X509_PURPOSE_SSL_CLIENT>, B<X509_PURPOSE_SSL_SERVER>,
+B<X509_PURPOSE_NS_SSL_SERVER>, B<X509_PURPOSE_SMIME_SIGN>,
+B<X509_PURPOSE_SMIME_ENCRYPT>, B<X509_PURPOSE_CRL_SIGN>, B<X509_PURPOSE_ANY>,
+B<X509_PURPOSE_OCSP_HELPER> and B<X509_PURPOSE_TIMESTAMP_SIGN>. It is also
+possible to create a custom purpose value. Setting a purpose will ensure that
+the key usage declared within certificates in the chain being verified is
+consistent with that purpose as well as, potentially, other checks. Every
+purpose also has an associated default trust value which will also be set at the
+same time. During verification this trust setting will be verified to check it
+is consistent with the trust set by the system administrator for certificates in
+the chain.
+
+X509_STORE_CTX_set_trust() sets the trust value for the target certificate
+being verified in the I<ctx>. Built-in available values for the I<trust>
+argument are B<X509_TRUST_COMPAT>, B<X509_TRUST_SSL_CLIENT>,
+B<X509_TRUST_SSL_SERVER>, B<X509_TRUST_EMAIL>, B<X509_TRUST_OBJECT_SIGN>,
+B<X509_TRUST_OCSP_SIGN>, B<X509_TRUST_OCSP_REQUEST> and B<X509_TRUST_TSA>. It is
+also possible to create a custom trust value. Since X509_STORE_CTX_set_purpose()
+also sets the trust value it is normally sufficient to only call that function.
+If both are called then X509_STORE_CTX_set_trust() should be called after
+X509_STORE_CTX_set_purpose() since the trust setting of the last call will be
+used.
+
+It should not normally be necessary for end user applications to call
+X509_STORE_CTX_purpose_inherit() directly. Typically applications should call
+X509_STORE_CTX_set_purpose() or X509_STORE_CTX_set_trust() instead. Using this
+function it is possible to set the purpose and trust values for the I<ctx> at
+the same time. The I<def_purpose> and I<purpose> arguments can have the same
+purpose values as described for X509_STORE_CTX_set_purpose() above. The I<trust>
+argument can have the same trust values as described in
+X509_STORE_CTX_set_trust() above. Any of the I<def_purpose>, I<purpose> or
+I<trust> values may also have the value 0 to indicate that the supplied
+parameter should be ignored. After calling this function the purpose to be used
+for verification is set from the I<purpose> argument, and the trust is set from
+the I<trust> argument. If I<trust> is 0 then the trust value will be set from
+the default trust value for I<purpose>. If the default trust value for the
+purpose is I<X509_TRUST_DEFAULT> and I<trust> is 0 then the default trust value
+associated with the I<def_purpose> value is used for the trust setting instead.
+
=head1 NOTES
The certificates and CRLs in a store are used internally and should B<not>
=head1 COPYRIGHT
-Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2009-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
# include <sys/un.h>
# include <tcp.h>
# include <netdb.h>
+# include <arpa/inet.h>
+# include <netinet/tcp.h>
# elif defined(_WIN32_WCE) && _WIN32_WCE<410
# define getservbyname _masked_declaration_getservbyname
# endif
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
fns->mem_fns.realloc_fn, \
fns->mem_fns.free_fn); \
+ OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); \
skip_cbs: \
if (!fn(e, id)) return 0; \
return 1; }
* WARNING: do not edit!
* Generated by crypto/objects/objects.pl
*
- * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x101010dfL
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1m 14 Dec 2021"
+# define OPENSSL_VERSION_NUMBER 0x101010efL
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1n 15 Mar 2022"
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kEDH,
+ SSL_kDHE,
SSL_aDSS,
SSL_CAMELLIA128,
SSL_SHA256,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kEDH,
+ SSL_kDHE,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kEDH,
+ SSL_kDHE,
SSL_aNULL,
SSL_CAMELLIA128,
SSL_SHA256,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kEDH,
+ SSL_kDHE,
SSL_aDSS,
SSL_CAMELLIA256,
SSL_SHA256,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kEDH,
+ SSL_kDHE,
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA256,
TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kEDH,
+ SSL_kDHE,
SSL_aNULL,
SSL_CAMELLIA256,
SSL_SHA256,
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
int op, int bits, int nid, void *other,
void *ex)
{
- int level, minbits;
+ int level, minbits, pfs_mask;
minbits = ssl_get_security_level_bits(s, ctx, &level);
if (level >= 2 && c->algorithm_enc == SSL_RC4)
return 0;
/* Level 3: forward secure ciphersuites only */
+ pfs_mask = SSL_kDHE | SSL_kECDHE | SSL_kDHEPSK | SSL_kECDHEPSK;
if (level >= 3 && c->min_tls != TLS1_3_VERSION &&
- !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH)))
+ !(c->algorithm_mkey & pfs_mask))
return 0;
break;
}
/*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
return 0;
}
+/**********************************************************************
+ *
+ * Regression test for issue where OBJ_nid2obj does not raise
+ * an error when a NID is not registered.
+ *
+ ***/
+static int test_nid2obj_nonexist(void)
+{
+ ASN1_OBJECT *obj;
+ unsigned long err;
+
+ obj = OBJ_nid2obj(INT_MAX);
+ if (!TEST_true(obj == NULL))
+ return 0;
+
+ err = ERR_get_error();
+
+ if (!TEST_int_eq(ERR_GET_FUNC(err), OBJ_F_OBJ_NID2OBJ))
+ return 0;
+
+ if (!TEST_int_eq(ERR_GET_REASON(err), OBJ_R_UNKNOWN_NID))
+ return 0;
+
+ return 1;
+}
+
int setup_tests(void)
{
ADD_TEST(test_tbl_standard);
ADD_TEST(test_standard_methods);
+ ADD_TEST(test_nid2obj_nonexist);
return 1;
}
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
|| !TEST_ptr(ret2 = BN_new()))
goto err;
+ if (BN_is_negative(mod_sqrt)) {
+ /* A negative testcase */
+ if (!TEST_ptr_null(BN_mod_sqrt(ret, a, p, ctx)))
+ goto err;
+
+ st = 1;
+ goto err;
+ }
+
/* There are two possible answers. */
- if (!TEST_true(BN_mod_sqrt(ret, a, p, ctx))
+ if (!TEST_ptr(BN_mod_sqrt(ret, a, p, ctx))
|| !TEST_true(BN_sub(ret2, p, ret)))
goto err;
return res;
}
+/*
+ * Regression test to ensure BN_mod_exp2_mont fails safely if argument m is
+ * zero.
+ */
+static int test_mod_exp2_mont(void)
+{
+ int res = 0;
+ BIGNUM *exp_result = NULL;
+ BIGNUM *exp_a1 = NULL, *exp_p1 = NULL, *exp_a2 = NULL, *exp_p2 = NULL,
+ *exp_m = NULL;
+
+ if (!TEST_ptr(exp_result = BN_new())
+ || !TEST_ptr(exp_a1 = BN_new())
+ || !TEST_ptr(exp_p1 = BN_new())
+ || !TEST_ptr(exp_a2 = BN_new())
+ || !TEST_ptr(exp_p2 = BN_new())
+ || !TEST_ptr(exp_m = BN_new()))
+ goto err;
+
+ if (!TEST_true(BN_one(exp_a1))
+ || !TEST_true(BN_one(exp_p1))
+ || !TEST_true(BN_one(exp_a2))
+ || !TEST_true(BN_one(exp_p2)))
+ goto err;
+
+ BN_zero(exp_m);
+
+ /* input of 0 is even, so must fail */
+ if (!TEST_int_eq(BN_mod_exp2_mont(exp_result, exp_a1, exp_p1, exp_a2,
+ exp_p2, exp_m, ctx, NULL), 0))
+ goto err;
+
+ res = 1;
+
+err:
+ BN_free(exp_result);
+ BN_free(exp_a1);
+ BN_free(exp_p1);
+ BN_free(exp_a2);
+ BN_free(exp_p2);
+ BN_free(exp_m);
+ return res;
+}
+
static int file_test_run(STANZA *s)
{
static const FILETEST filetests[] = {
ADD_TEST(test_gcd_prime);
ADD_ALL_TESTS(test_mod_exp, (int)OSSL_NELEM(ModExpTests));
ADD_ALL_TESTS(test_mod_exp_consttime, (int)OSSL_NELEM(ModExpTests));
+ ADD_TEST(test_mod_exp2_mont);
} else {
ADD_ALL_TESTS(run_file_tests, n);
}
{- rebase_files("../apps",
split(/\s+/, $target{apps_init_src})) -}
INCLUDE[ec_internal_test]=../include ../crypto/ec
- DEPEND[ec_internal_test]=../apps/libapps.a ../libcrypto.a libtestutil.a
+ DEPEND[ec_internal_test]=../libcrypto.a libtestutil.a
SOURCE[curve448_internal_test]=curve448_internal_test.c
INCLUDE[curve448_internal_test]=.. ../include ../crypto/ec/curve448
/*
- * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
}
#endif /* OPENSSL_NO_DH */
+typedef struct {
+ int data;
+} custom_dgst_ctx;
+
+static int custom_md_init_called = 0;
+static int custom_md_cleanup_called = 0;
+
+static int custom_md_init(EVP_MD_CTX *ctx)
+{
+ custom_dgst_ctx *p = EVP_MD_CTX_md_data(ctx);
+
+ if (p == NULL)
+ return 0;
+
+ custom_md_init_called++;
+ return 1;
+}
+
+static int custom_md_cleanup(EVP_MD_CTX *ctx)
+{
+ custom_dgst_ctx *p = EVP_MD_CTX_md_data(ctx);
+
+ if (p == NULL)
+ /* Nothing to do */
+ return 1;
+
+ custom_md_cleanup_called++;
+ return 1;
+}
+
+static int test_custom_md_meth(void)
+{
+ EVP_MD_CTX *mdctx = NULL;
+ EVP_MD *tmp = NULL;
+ char mess[] = "Test Message\n";
+ unsigned char md_value[EVP_MAX_MD_SIZE];
+ unsigned int md_len;
+ int testresult = 0;
+ int nid;
+
+ custom_md_init_called = custom_md_cleanup_called = 0;
+
+ nid = OBJ_create("1.3.6.1.4.1.16604.998866.1", "custom-md", "custom-md");
+ if (!TEST_int_ne(nid, NID_undef))
+ goto err;
+ tmp = EVP_MD_meth_new(nid, NID_undef);
+ if (!TEST_ptr(tmp))
+ goto err;
+
+ if (!TEST_true(EVP_MD_meth_set_init(tmp, custom_md_init))
+ || !TEST_true(EVP_MD_meth_set_cleanup(tmp, custom_md_cleanup))
+ || !TEST_true(EVP_MD_meth_set_app_datasize(tmp,
+ sizeof(custom_dgst_ctx))))
+ goto err;
+
+ mdctx = EVP_MD_CTX_new();
+ if (!TEST_ptr(mdctx)
+ /*
+ * Initing our custom md and then initing another md should
+ * result in the init and cleanup functions of the custom md
+ * from being called.
+ */
+ || !TEST_true(EVP_DigestInit_ex(mdctx, tmp, NULL))
+ || !TEST_true(EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL))
+ || !TEST_true(EVP_DigestUpdate(mdctx, mess, strlen(mess)))
+ || !TEST_true(EVP_DigestFinal_ex(mdctx, md_value, &md_len))
+ || !TEST_int_eq(custom_md_init_called, 1)
+ || !TEST_int_eq(custom_md_cleanup_called, 1))
+ goto err;
+
+ testresult = 1;
+ err:
+ EVP_MD_CTX_free(mdctx);
+ EVP_MD_meth_free(tmp);
+ return testresult;
+}
+
#if !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_DYNAMIC_ENGINE)
/* Test we can create a signature keys with an associated ENGINE */
static int test_signatures_with_engine(int tst)
ADD_ALL_TESTS(test_gcm_reinit, OSSL_NELEM(gcm_reinit_tests));
ADD_ALL_TESTS(test_evp_updated_iv, OSSL_NELEM(evp_updated_iv_tests));
+ ADD_TEST(test_custom_md_meth);
#if !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_DYNAMIC_ENGINE)
# ifndef OPENSSL_NO_EC
ADD_ALL_TESTS(test_signatures_with_engine, 3);
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
ModSqrt = a1d52989f12f204d3d2167d9b1e6c8a6174c0c786a979a5952383b7b8bd186
A = 2eee37cf06228a387788188e650bc6d8a2ff402931443f69156a29155eca07dcb45f3aac238d92943c0c25c896098716baa433f25bd696a142f5a69d5d937e81
P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f
+
+# Negative testcases for BN_mod_sqrt()
+
+# This one triggers an infinite loop with unfixed implementation
+# It should just fail.
+ModSqrt = -1
+A = 20a7ee
+P = 460201
+
+ModSqrt = -1
+A = 65bebdb00a96fc814ec44b81f98b59fba3c30203928fa5214c51e0a97091645280c947b005847f239758482b9bfc45b066fde340d1fe32fc9c1bf02e1b2d0ed
+P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f
#! /usr/bin/env perl
-# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
setup("test_genrsa");
-plan tests => 5;
+plan tests => 7;
# We want to know that an absurdly small number of bits isn't support
is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "genrsa -3 8");
"genrsa -f4 $good");
ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])),
"rsa -check");
+ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest.pem', '-out', 'genrsatest-enc.pem',
+ '-aes256', '-passout', 'pass:x' ])),
+ "rsa encrypt");
+ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest-enc.pem', '-passin', 'pass:x' ])),
+ "rsa decrypt");
#! /usr/bin/env perl
-# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
use warnings;
use File::Spec;
-use OpenSSL::Test qw/:DEFAULT with srctop_file bldtop_file/;
+use OpenSSL::Test qw/:DEFAULT with srctop_file bldtop_dir/;
use OpenSSL::Test::Utils;
setup("test_dgst");
my $testdata = srctop_file('test', 'data.bin');
# intentionally using -engine twice, please do not remove the duplicate line
my @macdata = run(app(['openssl', 'dgst', '-sha1',
- '-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest",
- '-engine', $^O eq 'linux' ? bldtop_file("engines", "ossltest.so") : "ossltest",
+ '-engine', "ossltest",
+ '-engine', "ossltest",
$testdata]), capture => 1);
chomp(@macdata);
my $expected = qr/SHA1\(\Q$testdata\E\)= 000102030405060708090a0b0c0d0e0f10111213/;
#
-# Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
Ctrl.p = p:1
Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
-# Out of memory
+# Out of memory - request > 2 GB of memory
KDF = scrypt
Ctrl.pass = pass:pleaseletmein
Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:1048576
+Ctrl.N = N:2097152
Ctrl.r = r:8
Ctrl.p = p:1
-Result = KDF_MISMATCH
+Result = KDF_DERIVE_ERROR
#! /usr/bin/env perl
-# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# https://www.openssl.org/source/license.html
-use OpenSSL::Test qw/:DEFAULT srctop_file/;
+use OpenSSL::Test qw/:DEFAULT srctop_dir/;
setup("test_verify_extra");
plan tests => 1;
ok(run(test(["verify_extra_test",
- srctop_file("test", "certs", "roots.pem"),
- srctop_file("test", "certs", "untrusted.pem"),
- srctop_file("test", "certs", "bad.pem"),
- srctop_file("test", "certs", "rootCA.pem")])));
+ srctop_dir("test", "certs")])));
#! /usr/bin/env perl
-# Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
subtest 'RSA/(EC)DHE/PSK tests' => sub {
######################################################################
- plan tests => 6;
+ plan tests => 10;
SKIP: {
skip "TLSv1.0 is not supported by this OpenSSL build", 6
}
}
+ SKIP: {
+ skip "TLSv1.1 is not supported by this OpenSSL build", 4
+ if $no_tls1_1;
+
+ SKIP: {
+ skip "skipping auto DHE PSK test at SECLEVEL 3", 1
+ if ($no_dh || $no_psk);
+
+ ok(run(test(['ssltest_old', '-tls1_1', '-dhe4096', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:DHE-PSK-AES256-CBC-SHA384'])),
+ 'test auto DHE PSK meets security strength');
+ }
+
+ SKIP: {
+ skip "skipping auto ECDHE PSK test at SECLEVEL 3", 1
+ if ($no_ec || $no_psk);
+
+ ok(run(test(['ssltest_old', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:ECDHE-PSK-AES256-CBC-SHA384'])),
+ 'test auto ECDHE PSK meets security strength');
+ }
+
+ SKIP: {
+ skip "skipping no RSA PSK at SECLEVEL 3 test", 1
+ if ($no_rsa || $no_psk);
+
+ ok(!run(test(['ssltest_old', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:RSA-PSK-AES256-CBC-SHA384'])),
+ 'test auto RSA PSK does not meet security level 3 requirements (PFS)');
+ }
+
+ SKIP: {
+ skip "skipping no PSK at SECLEVEL 3 test", 1
+ if ($no_psk);
+
+ ok(!run(test(['ssltest_old', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:PSK-AES256-CBC-SHA384'])),
+ 'test auto PSK does not meet security level 3 requirements (PFS)');
+ }
+ }
+
};
subtest 'Custom Extension tests' => sub {
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
static DH *get_dh1024(void);
static DH *get_dh1024dsa(void);
static DH *get_dh2048(void);
+static DH *get_dh4096(void);
#endif
static char *psk_key = NULL; /* by default PSK is not used */
fprintf(stderr,
" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
fprintf(stderr,
- " -dhe2048 - use 2048 bit key (rfc3526 pime) for DHE\n");
+ " -dhe2048 - use 2048 bit key (rfc3526 prime) for DHE\n");
+ fprintf(stderr,
+ " -dhe4096 - use 4096 bit key (rfc3526 prime) for DHE\n");
fprintf(stderr, " -no_dhe - disable DHE\n");
#endif
#ifndef OPENSSL_NO_EC
#ifndef OPENSSL_NO_TLS1
fprintf(stderr, " -tls1 - use TLSv1\n");
#endif
+#ifndef OPENSSL_NO_TLS1_1
+ fprintf(stderr, " -tls1_1 - use TLSv1.1\n");
+#endif
+#ifndef OPENSSL_NO_TLS1_2
+ fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
+#endif
#ifndef OPENSSL_NO_DTLS
fprintf(stderr, " -dtls - use DTLS\n");
#ifndef OPENSSL_NO_DTLS1
int badop = 0;
enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
int force = 0;
- int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0;
+ int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_1 = 0, tls1_2 = 0, ssl3 = 0;
int ret = EXIT_FAILURE;
int client_auth = 0;
int server_auth = 0, i;
#ifndef OPENSSL_NO_DH
DH *dh;
int dhe512 = 0, dhe1024dsa = 0;
- int dhe2048 = 0;
+ int dhe2048 = 0, dhe4096 = 0;
#endif
int no_dhe = 0;
int no_psk = 0;
fprintf(stderr,
"ignoring -dhe512, since I'm compiled without DH\n");
#endif
+ } else if (strcmp(*argv, "-dhe4096") == 0) {
+#ifndef OPENSSL_NO_DH
+ dhe4096 = 1;
+#else
+ fprintf(stderr,
+ "ignoring -dhe4096, since I'm compiled without DH\n");
+#endif
} else if (strcmp(*argv, "-dhe2048") == 0) {
#ifndef OPENSSL_NO_DH
dhe2048 = 1;
}
else if (strcmp(*argv, "-tls1_2") == 0) {
tls1_2 = 1;
+ } else if (strcmp(*argv, "-tls1_1") == 0) {
+ tls1_1 = 1;
} else if (strcmp(*argv, "-tls1") == 0) {
tls1 = 1;
} else if (strcmp(*argv, "-ssl3") == 0) {
goto end;
}
- if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
- fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
+ if (ssl3 + tls1 + tls1_1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
+ fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
"be requested.\n");
EXIT(1);
}
no_protocol = 1;
else
#endif
+#ifdef OPENSSL_NO_TLS1_1
+ if (tls1_1)
+ no_protocol = 1;
+ else
+#endif
#ifdef OPENSSL_NO_TLS1_2
if (tls1_2)
no_protocol = 1;
goto end;
}
- if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
+ if (!ssl3 && !tls1 && !tls1_1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
&& !reuse && !force) {
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
- "or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
+ "or add one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
} else if (tls1) {
min_version = TLS1_VERSION;
max_version = TLS1_VERSION;
+ } else if (tls1_1) {
+ min_version = TLS1_1_VERSION;
+ max_version = TLS1_1_VERSION;
} else if (tls1_2) {
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
dh = get_dh512();
else if (dhe2048)
dh = get_dh2048();
+ else if (dhe4096)
+ dh = get_dh4096();
else
dh = get_dh1024();
SSL_CTX_set_tmp_dh(s_ctx, dh);
BN_free(g);
return NULL;
}
+
+static DH *get_dh4096(void)
+{
+ BIGNUM *p = NULL, *g = NULL;
+ DH *dh = NULL;
+
+ if ((dh = DH_new()) == NULL)
+ return NULL;
+
+ g = BN_new();
+ if (g == NULL || !BN_set_word(g, 2))
+ goto err;
+
+ p = BN_get_rfc3526_prime_4096(NULL);
+ if (p == NULL)
+ goto err;
+
+ if (!DH_set0_pqg(dh, p, NULL, g))
+ goto err;
+
+ return dh;
+
+ err:
+ DH_free(dh);
+ BN_free(p);
+ BN_free(g);
+ return NULL;
+}
#endif
#ifndef OPENSSL_NO_PSK
/*
- * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/crypto.h>
#include <openssl/bio.h>
#include <openssl/x509.h>
+#include <openssl/x509v3.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include "testutil.h"
-static const char *roots_f;
-static const char *untrusted_f;
-static const char *bad_f;
-static const char *good_f;
+static const char *certs_dir;
+static char *roots_f = NULL;
+static char *untrusted_f = NULL;
+static char *bad_f = NULL;
+static char *good_f = NULL;
+static char *sroot_cert = NULL;
+static char *ca_cert = NULL;
+static char *ee_cert = NULL;
static X509 *load_cert_pem(const char *file)
{
return test_self_signed(bad_f, 0);
}
+static int do_test_purpose(int purpose, int expected)
+{
+ X509 *eecert = load_cert_pem(ee_cert); /* may result in NULL */
+ X509 *untrcert = load_cert_pem(ca_cert);
+ X509 *trcert = load_cert_pem(sroot_cert);
+ STACK_OF(X509) *trusted = sk_X509_new_null();
+ STACK_OF(X509) *untrusted = sk_X509_new_null();
+ X509_STORE_CTX *ctx = X509_STORE_CTX_new();
+ int testresult = 0;
+
+ if (!TEST_ptr(eecert)
+ || !TEST_ptr(untrcert)
+ || !TEST_ptr(trcert)
+ || !TEST_ptr(trusted)
+ || !TEST_ptr(untrusted)
+ || !TEST_ptr(ctx))
+ goto err;
+
+
+ if (!TEST_true(sk_X509_push(trusted, trcert)))
+ goto err;
+ trcert = NULL;
+ if (!TEST_true(sk_X509_push(untrusted, untrcert)))
+ goto err;
+ untrcert = NULL;
+
+ if (!TEST_true(X509_STORE_CTX_init(ctx, NULL, eecert, untrusted)))
+ goto err;
+
+ if (!TEST_true(X509_STORE_CTX_set_purpose(ctx, purpose)))
+ goto err;
+
+ /*
+ * X509_STORE_CTX_set0_trusted_stack() is bady named. Despite the set0 name
+ * we are still responsible for freeing trusted after we have finished with
+ * it.
+ */
+ X509_STORE_CTX_set0_trusted_stack(ctx, trusted);
+
+ if (!TEST_int_eq(X509_verify_cert(ctx), expected))
+ goto err;
+
+ testresult = 1;
+ err:
+ sk_X509_pop_free(trusted, X509_free);
+ sk_X509_pop_free(untrusted, X509_free);
+ X509_STORE_CTX_free(ctx);
+ X509_free(eecert);
+ X509_free(untrcert);
+ X509_free(trcert);
+ return testresult;
+}
+
+static int test_purpose_ssl_client(void)
+{
+ return do_test_purpose(X509_PURPOSE_SSL_CLIENT, 0);
+}
+
+static int test_purpose_ssl_server(void)
+{
+ return do_test_purpose(X509_PURPOSE_SSL_SERVER, 1);
+}
+
+static int test_purpose_any(void)
+{
+ return do_test_purpose(X509_PURPOSE_ANY, 1);
+}
+
int setup_tests(void)
{
- if (!TEST_ptr(roots_f = test_get_argument(0))
- || !TEST_ptr(untrusted_f = test_get_argument(1))
- || !TEST_ptr(bad_f = test_get_argument(2))
- || !TEST_ptr(good_f = test_get_argument(3))) {
- TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem good.pem\n");
+ if (!TEST_ptr(certs_dir = test_get_argument(0))) {
+ TEST_error("usage: verify_extra_test certs-dir\n");
return 0;
}
+ if (!TEST_ptr(roots_f = test_mk_file_path(certs_dir, "roots.pem"))
+ || !TEST_ptr(untrusted_f = test_mk_file_path(certs_dir, "untrusted.pem"))
+ || !TEST_ptr(bad_f = test_mk_file_path(certs_dir, "bad.pem"))
+ || !TEST_ptr(good_f = test_mk_file_path(certs_dir, "rootCA.pem"))
+ || !TEST_ptr(sroot_cert = test_mk_file_path(certs_dir, "sroot-cert.pem"))
+ || !TEST_ptr(ca_cert = test_mk_file_path(certs_dir, "ca-cert.pem"))
+ || !TEST_ptr(ee_cert = test_mk_file_path(certs_dir, "ee-cert.pem")))
+ goto err;
+
ADD_TEST(test_alt_chains_cert_forgery);
ADD_TEST(test_store_ctx);
ADD_TEST(test_self_signed_good);
ADD_TEST(test_self_signed_bad);
+ ADD_TEST(test_purpose_ssl_client);
+ ADD_TEST(test_purpose_ssl_server);
+ ADD_TEST(test_purpose_any);
return 1;
+ err:
+ cleanup_tests();
+ return 0;
+}
+
+void cleanup_tests(void)
+{
+ OPENSSL_free(roots_f);
+ OPENSSL_free(untrusted_f);
+ OPENSSL_free(bad_f);
+ OPENSSL_free(good_f);
+ OPENSSL_free(sroot_cert);
+ OPENSSL_free(ca_cert);
+ OPENSSL_free(ee_cert);
}