diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 38ad82fe694525b758fd53ca6129938a26ba42e7..f0cfc0bb7e41c515ecebbd987e6bb4a3a71eeef3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ permissions: jobs: check_update: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - name: install unifdef run: | @@ -42,7 +42,7 @@ jobs: run: git diff --exit-code check_docs: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: config @@ -62,7 +62,7 @@ jobs: # We are not as strict with libraries, but rather adapt to what's # expected to be available in a certain version of each platform. check-ansi: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: config @@ -71,7 +71,7 @@ jobs: run: make -s -j4 basic_gcc: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -91,7 +91,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} basic_clang: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -127,7 +127,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} minimal: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -144,7 +144,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} no-deprecated: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -160,11 +160,8 @@ jobs: - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} - no-shared: - strategy: - matrix: - os: [ ubuntu-latest, macos-latest ] - runs-on: ${{matrix.os}} + no-shared-ubuntu: + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -174,12 +171,32 @@ jobs: - name: make run: make -s -j4 - name: get cpu info - run: ./util/opensslwrap.sh version -c + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + + no-shared-macos: + runs-on: macos-latest + if: github.server_url == 'https://github.com' + steps: + - uses: actions/checkout@v4 + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + - name: config + run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump + - name: make + run: make -s -j4 + - name: get cpu info + run: | + sysctl machdep.cpu + ./util/opensslwrap.sh version -c - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} non-caching: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -196,7 +213,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 TESTS="-test_fuzz* -test_ssl_* -test_sslapi -test_evp -test_cmp_http -test_verify -test_cms -test_store -test_enc -[01][0-9]" address_ub_sanitizer: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -213,7 +230,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 fuzz_tests: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -230,7 +247,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 TESTS="test_fuzz*" memory_sanitizer: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -248,7 +265,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 threads_sanitizer: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -265,7 +282,7 @@ jobs: run: make V=1 TESTS="test_threads test_internal_provider test_provfetch test_provider test_pbe test_evp_kdf test_pkcs12 test_store test_evp test_quic*" test HARNESS_JOBS=${HARNESS_JOBS:-4} enable_non-default_options: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -284,7 +301,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} fips_and_ktls: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -303,7 +320,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} no-legacy: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -320,7 +337,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} legacy: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -341,11 +358,8 @@ jobs: # build tree # - That building, testing and installing works with a read-only source # tree - out-of-readonly-source-and-install: - strategy: - matrix: - os: [ubuntu-latest, macos-latest ] - runs-on: ${{matrix.os}} + out-of-readonly-source-and-install-ubuntu: + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 with: @@ -368,7 +382,45 @@ jobs: run: make -s -j4 working-directory: ./build - name: get cpu info - run: ./util/opensslwrap.sh version -c + run: | + cat /proc/cpuinfo + ./util/opensslwrap.sh version -c + working-directory: ./build + - name: make test + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} + working-directory: ./build + - name: make install + run: make install + working-directory: ./build + + out-of-readonly-source-and-install-macos: + runs-on: macos-latest + if: github.server_url == 'https://github.com' + steps: + - uses: actions/checkout@v4 + with: + path: ./source + - name: checkout fuzz/corpora submodule + run: git submodule update --init --depth 1 fuzz/corpora + working-directory: ./source + - name: make source read-only + run: chmod -R a-w ./source + - name: create build and install directories + run: | + mkdir ./build + mkdir ./install + - name: config + run: | + ../source/config --banner=Configured enable-fips enable-quic enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd) + perl configdata.pm --dump + working-directory: ./build + - name: make + run: make -s -j4 + working-directory: ./build + - name: get cpu info + run: | + sysctl machdep.cpu + ./util/opensslwrap.sh version -c working-directory: ./build - name: make test run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} @@ -378,7 +430,7 @@ jobs: working-directory: ./build external-tests: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 with: @@ -411,7 +463,7 @@ jobs: run: make test TESTS="test_external_oqsprovider" external-test-pyca: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} strategy: matrix: RUST: @@ -427,7 +479,7 @@ jobs: - name: make run: make -s -j4 - name: Setup Python - uses: actions/setup-python@v4.7.1 + uses: actions/setup-python@v5.0.0 with: python-version: ${{ matrix.PYTHON }} - uses: actions-rs/toolchain@v1 @@ -444,7 +496,7 @@ jobs: run: make test TESTS="test_external_pyca" VERBOSE=1 external-test-cf-quiche: - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/cross-compiles.yml b/.github/workflows/cross-compiles.yml index 21683b731dffd3d61907df5af201d604c1a92080..c3dd90cab9a0af7885df03e1e6f241404cdb0c63 100644 --- a/.github/workflows/cross-compiles.yml +++ b/.github/workflows/cross-compiles.yml @@ -148,7 +148,7 @@ jobs: tests: none } ] - runs-on: ubuntu-latest + runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} steps: - name: install package repository if: matrix.platform.ppa != '' diff --git a/.github/workflows/fips-checksums.yml b/.github/workflows/fips-checksums.yml index 1b56755bfbb176882b0fe31839240f06bffe5d11..a9777a23943708bf7b3f619a590624e6c7447caa 100644 --- a/.github/workflows/fips-checksums.yml +++ b/.github/workflows/fips-checksums.yml @@ -69,7 +69,7 @@ jobs: - name: save PR number run: echo ${{ github.event.number }} > ./artifact/pr_num - name: save artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: fips_checksum path: artifact/ diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8ff02cee2757eb128df60965f04a1a2cb7c2ca5f..e167416be561b6adfb713a40ed74b3dea5d66348 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,7 +26,7 @@ jobs: fuzz-seconds: 600 dry-run: false - name: Upload Crash - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: failure() with: name: artifacts diff --git a/.github/workflows/provider-compatibility.yml b/.github/workflows/provider-compatibility.yml index 8fc125cbd83e5c07330b9f44f442d19ab70a79d9..afb2782690bc93bc48241282957b66a3bc4860c9 100644 --- a/.github/workflows/provider-compatibility.yml +++ b/.github/workflows/provider-compatibility.yml @@ -93,7 +93,7 @@ jobs: -providers working-directory: ${{ matrix.release.dir }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 with: name: ${{ matrix.release.tgz }} path: ${{ matrix.release.tgz }} @@ -169,7 +169,7 @@ jobs: run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} working-directory: ${{ matrix.branch.dir }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 with: name: ${{ matrix.branch.tgz }} path: ${{ matrix.branch.tgz }} @@ -201,7 +201,7 @@ jobs: fi continue-on-error: true - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 if: steps.early_exit.outcome == 'success' with: name: ${{ matrix.tree_a }}.tar.gz @@ -209,7 +209,7 @@ jobs: if: steps.early_exit.outcome == 'success' run: tar xzf "${{ matrix.tree_a }}.tar.gz" - - uses: actions/download-artifact@v3 + - uses: actions/download-artifact@v4 if: steps.early_exit.outcome == 'success' with: name: ${{ matrix.tree_b }}.tar.gz diff --git a/.github/workflows/run-checker-daily.yml b/.github/workflows/run-checker-daily.yml index 157746f39ff57d910167633e010beccee66e725b..eda5005f68f9e577be377d83a0f40833a10cad54 100644 --- a/.github/workflows/run-checker-daily.yml +++ b/.github/workflows/run-checker-daily.yml @@ -130,7 +130,8 @@ jobs: no-zlib, enable-zlib-dynamic, no-zlib-dynamic, - -DOPENSSL_NO_BUILTIN_OVERFLOW_CHECKING + -DOPENSSL_NO_BUILTIN_OVERFLOW_CHECKING, + -DSSL3_ALIGN_PAYLOAD=4 ] runs-on: ubuntu-latest steps: diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index c80741cf517cf30c52219ab41050ddd7ad156ed9..1892b08481faa966c969285976041430cc21ee34 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -25,7 +25,7 @@ jobs: config: enable-fips - arch: win32 config: --strict-warnings no-fips - runs-on: ${{matrix.os}} + runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -75,7 +75,7 @@ jobs: os: - windows-2019 - windows-2022 - runs-on: ${{matrix.os}} + runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -113,7 +113,7 @@ jobs: os: - windows-2019 - windows-2022 - runs-on: ${{matrix.os}} + runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }} steps: - uses: actions/checkout@v4 - name: checkout fuzz/corpora submodule @@ -159,7 +159,7 @@ jobs: # are we really learning sth new from win32? So let's save some CO2 for now disabling this # - arch: win32 # config: -DCMAKE_C_COMPILER=gcc --strict-warnings no-fips - runs-on: ${{matrix.os}} + runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }} env: CYGWIN_NOWINPATH: 1 SHELLOPTS: igncr diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf index d1a15a1152747b4197d8cd7ff00bd4a30e60eaaa..7fb0fda8666694a5aab8ed720431444725766455 100644 --- a/Configurations/10-main.conf +++ b/Configurations/10-main.conf @@ -821,12 +821,13 @@ my %targets = ( asm_arch => 'riscv32', }, - # loongarch64 below refers to contemporary LOONGARCH Architecture + # loongarch64 below refers to contemporary LoongArch Architecture # specifications, "linux64-loongarch64" => { inherit_from => [ "linux-generic64"], perlasm_scheme => "linux64", asm_arch => 'loongarch64', + lib_cppflags => add("-DL_ENDIAN"), }, #### IA-32 targets... diff --git a/crypto/chacha/asm/chacha-loongarch64.pl b/crypto/chacha/asm/chacha-loongarch64.pl index ea9cc7ecce237bfe92534e8a5deaf45816180d4a..9eed5860de9a710ba92d876117c0778b0ace0f13 100644 --- a/crypto/chacha/asm/chacha-loongarch64.pl +++ b/crypto/chacha/asm/chacha-loongarch64.pl @@ -17,6 +17,14 @@ my ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$r$_",(4..11)); my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$x)=map("\$r$_",(12..21)); my ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8)=map("\$r$_",(23..31)); +# The saved floating-point registers in the LP64D ABI. In LoongArch +# with vector extension, the low 64 bits of a vector register alias with +# the corresponding FPR. So we must save and restore the corresponding +# FPR if we'll write into a vector register. The ABI only requires +# saving and restoring the FPR (i.e. 64 bits of the corresponding vector +# register), not the entire vector register. +my ($fs0,$fs1,$fs2,$fs3,$fs4,$fs5,$fs6,$fs7)=map("\$f$_",(24..31)); + # Here is the 128-bit vector register layout for LSX extension. my ($vr0,$vr1,$vr2,$vr3,$vr4,$vr5,$vr6,$vr7,$vr8,$vr9,$vr10, $vr11,$vr12,$vr13,$vr14,$vr15,$vr16,$vr17,$vr18,$vr19, @@ -66,13 +74,25 @@ ChaCha20_ctr32: la.pcrel $t0,OPENSSL_loongarch_hwcap_P ld.w $t0,$t0,0 + bleu $len,$t3,.LChaCha20_1x # goto 1x when len <= 64 + + andi $t0,$t0,LOONGARCH_HWCAP_LASX | LOONGARCH_HWCAP_LSX + beqz $t0,.LChaCha20_1x + + addi.d $sp,$sp,-64 + fst.d $fs0,$sp,0 + fst.d $fs1,$sp,8 + fst.d $fs2,$sp,16 + fst.d $fs3,$sp,24 + fst.d $fs4,$sp,32 + fst.d $fs5,$sp,40 + fst.d $fs6,$sp,48 + fst.d $fs7,$sp,56 + andi $t1,$t0,LOONGARCH_HWCAP_LASX bnez $t1,.LChaCha20_8x - andi $t2,$t0,LOONGARCH_HWCAP_LSX - bnez $t2,.LChaCha20_4x - - b .LChaCha20_1x + b .LChaCha20_4x EOF @@ -442,8 +462,6 @@ $code .= < p else y + // Last Mod + // return y - p if y > p else y mov $s4,$s0 mov $s5,$s1 mov $s6,$s2 @@ -533,44 +533,44 @@ $code.=<<___; .align 5 ecp_sm2p256_mul: AARCH64_SIGN_LINK_REGISTER - # Store scalar registers + // Store scalar registers stp x29,x30,[sp,#-80]! add x29,sp,#0 stp x16,x17,[sp,#16] stp x18,x19,[sp,#64] - # Load inputs + // Load inputs ldp $s0,$s1,[x1] ldp $s2,$s3,[x1,#16] ldp $s4,$s5,[x2] ldp $s6,$s7,[x2,#16] -### multiplication ### - # ======================== - # s3 s2 s1 s0 - # * s7 s6 s5 s4 - # ------------------------ - # + s0 s0 s0 s0 - # * * * * - # s7 s6 s5 s4 - # s1 s1 s1 s1 - # * * * * - # s7 s6 s5 s4 - # s2 s2 s2 s2 - # * * * * - # s7 s6 s5 s4 - # s3 s3 s3 s3 - # * * * * - # s7 s6 s5 s4 - # ------------------------ - # s7 s6 s5 s4 s3 s2 s1 s0 - # ======================== - -### s0*s4 ### +// ### multiplication ### + // ======================== + // s3 s2 s1 s0 + // * s7 s6 s5 s4 + // ------------------------ + // + s0 s0 s0 s0 + // * * * * + // s7 s6 s5 s4 + // s1 s1 s1 s1 + // * * * * + // s7 s6 s5 s4 + // s2 s2 s2 s2 + // * * * * + // s7 s6 s5 s4 + // s3 s3 s3 s3 + // * * * * + // s7 s6 s5 s4 + // ------------------------ + // s7 s6 s5 s4 s3 s2 s1 s0 + // ======================== + +// ### s0*s4 ### mul $t5,$s0,$s4 umulh $t2,$s0,$s4 -### s1*s4 + s0*s5 ### +// ### s1*s4 + s0*s5 ### mul $t0,$s1,$s4 umulh $t1,$s1,$s4 adds $t2,$t2,$t0 @@ -582,7 +582,7 @@ ecp_sm2p256_mul: adcs $t3,$t3,$t1 adcs $t4,xzr,xzr -### s2*s4 + s1*s5 + s0*s6 ### +// ### s2*s4 + s1*s5 + s0*s6 ### mul $t0,$s2,$s4 umulh $t1,$s2,$s4 adds $t3,$t3,$t0 @@ -600,7 +600,7 @@ ecp_sm2p256_mul: adcs $t4,$t4,$t1 adcs $t6,$t6,xzr -### s3*s4 + s2*s5 + s1*s6 + s0*s7 ### +// ### s3*s4 + s2*s5 + s1*s6 + s0*s7 ### mul $t0,$s3,$s4 umulh $t1,$s3,$s4 adds $t4,$t4,$t0 @@ -625,7 +625,7 @@ ecp_sm2p256_mul: adcs $t6,$t6,$t1 adcs $t7,$t7,xzr -### s3*s5 + s2*s6 + s1*s7 ### +// ### s3*s5 + s2*s6 + s1*s7 ### mul $t0,$s3,$s5 umulh $t1,$s3,$s5 adds $t6,$t6,$t0 @@ -644,7 +644,7 @@ ecp_sm2p256_mul: adcs $t7,$t7,$t1 adcs $t8,$t8,xzr -### s3*s6 + s2*s7 ### +// ### s3*s6 + s2*s7 ### mul $t0,$s3,$s6 umulh $t1,$s3,$s6 adds $t7,$t7,$t0 @@ -657,7 +657,7 @@ ecp_sm2p256_mul: adcs $t8,$t8,$t1 adcs $t6,$t6,xzr -### s3*s7 ### +// ### s3*s7 ### mul $t0,$s3,$s7 umulh $t1,$s3,$s7 adds $s6,$t8,$t0 @@ -668,15 +668,15 @@ ecp_sm2p256_mul: mov $s2,$t3 mov $s3,$t4 - # result of mul: s7 s6 s5 s4 s3 s2 s1 s0 + // result of mul: s7 s6 s5 s4 s3 s2 s1 s0 -### Reduction ### +// ### Reduction ### RDC stp $s0,$s1,[x0] stp $s2,$s3,[x0,#16] - # Restore scalar registers + // Restore scalar registers ldp x16,x17,[sp,#16] ldp x18,x19,[sp,#64] ldp x29,x30,[sp],#80 @@ -692,48 +692,48 @@ ecp_sm2p256_mul: ecp_sm2p256_sqr: AARCH64_SIGN_LINK_REGISTER - # Store scalar registers + // Store scalar registers stp x29,x30,[sp,#-80]! add x29,sp,#0 stp x16,x17,[sp,#16] stp x18,x19,[sp,#64] - # Load inputs + // Load inputs ldp $s4,$s5,[x1] ldp $s6,$s7,[x1,#16] -### square ### - # ======================== - # s7 s6 s5 s4 - # * s7 s6 s5 s4 - # ------------------------ - # + s4 s4 s4 s4 - # * * * * - # s7 s6 s5 s4 - # s5 s5 s5 s5 - # * * * * - # s7 s6 s5 s4 - # s6 s6 s6 s6 - # * * * * - # s7 s6 s5 s4 - # s7 s7 s7 s7 - # * * * * - # s7 s6 s5 s4 - # ------------------------ - # s7 s6 s5 s4 s3 s2 s1 s0 - # ======================== - -### s4*s5 ### +// ### square ### + // ======================== + // s7 s6 s5 s4 + // * s7 s6 s5 s4 + // ------------------------ + // + s4 s4 s4 s4 + // * * * * + // s7 s6 s5 s4 + // s5 s5 s5 s5 + // * * * * + // s7 s6 s5 s4 + // s6 s6 s6 s6 + // * * * * + // s7 s6 s5 s4 + // s7 s7 s7 s7 + // * * * * + // s7 s6 s5 s4 + // ------------------------ + // s7 s6 s5 s4 s3 s2 s1 s0 + // ======================== + +// ### s4*s5 ### mul $s1,$s4,$s5 umulh $s2,$s4,$s5 -### s4*s6 ### +// ### s4*s6 ### mul $t0,$s6,$s4 umulh $s3,$s6,$s4 adds $s2,$s2,$t0 adcs $s3,$s3,xzr -### s4*s7 + s5*s6 ### +// ### s4*s7 + s5*s6 ### mul $t0,$s7,$s4 umulh $t1,$s7,$s4 adds $s3,$s3,$t0 @@ -745,19 +745,19 @@ ecp_sm2p256_sqr: adcs $s0,$s0,$t1 adcs $t2,xzr,xzr -### s5*s7 ### +// ### s5*s7 ### mul $t0,$s7,$s5 umulh $t1,$s7,$s5 adds $s0,$s0,$t0 adcs $t2,$t2,$t1 -### s6*s7 ### +// ### s6*s7 ### mul $t0,$s7,$s6 umulh $t1,$s7,$s6 adds $t2,$t2,$t0 adcs $t3,$t1,xzr -### 2*(t3,t2,s0,s3,s2,s1) ### +// ### 2*(t3,t2,s0,s3,s2,s1) ### adds $s1,$s1,$s1 adcs $s2,$s2,$s2 adcs $s3,$s3,$s3 @@ -766,19 +766,19 @@ ecp_sm2p256_sqr: adcs $t3,$t3,$t3 adcs $t4,xzr,xzr -### s4*s4 ### +// ### s4*s4 ### mul $t5,$s4,$s4 umulh $t6,$s4,$s4 -### s5*s5 ### +// ### s5*s5 ### mul $s4,$s5,$s5 umulh $s5,$s5,$s5 -### s6*s6 ### +// ### s6*s6 ### mul $t0,$s6,$s6 umulh $t1,$s6,$s6 -### s7*s7 ### +// ### s7*s7 ### mul $t7,$s7,$s7 umulh $t8,$s7,$s7 @@ -796,15 +796,15 @@ ecp_sm2p256_sqr: mov $s6,$t3 mov $s7,$t4 - # result of mul: s7 s6 s5 s4 s3 s2 s1 s0 + // result of mul: s7 s6 s5 s4 s3 s2 s1 s0 -### Reduction ### +// ### Reduction ### RDC stp $s0,$s1,[x0] stp $s2,$s3,[x0,#16] - # Restore scalar registers + // Restore scalar registers ldp x16,x17,[sp,#16] ldp x18,x19,[sp,#64] ldp x29,x30,[sp],#80 diff --git a/crypto/ec/ecp_sm2p256.c b/crypto/ec/ecp_sm2p256.c index 6ec42455299b31772c53f07e923a510f57a9cc7b..7668b61378b629fd0ae17ccb317cd943a6376a17 100644 --- a/crypto/ec/ecp_sm2p256.c +++ b/crypto/ec/ecp_sm2p256.c @@ -40,28 +40,28 @@ typedef struct { #if !defined(OPENSSL_NO_SM2_PRECOMP) /* Coordinates of G, for which we have precomputed tables */ -static const BN_ULONG def_xG[P256_LIMBS] ALIGN32 = { +ALIGN32 static const BN_ULONG def_xG[P256_LIMBS] = { 0x715a4589334c74c7, 0x8fe30bbff2660be1, 0x5f9904466a39c994, 0x32c4ae2c1f198119 }; -static const BN_ULONG def_yG[P256_LIMBS] ALIGN32 = { +ALIGN32 static const BN_ULONG def_yG[P256_LIMBS] = { 0x02df32e52139f0a0, 0xd0a9877cc62a4740, 0x59bdcee36b692153, 0xbc3736a2f4f6779c, }; #endif /* p and order for SM2 according to GB/T 32918.5-2017 */ -static const BN_ULONG def_p[P256_LIMBS] ALIGN32 = { +ALIGN32 static const BN_ULONG def_p[P256_LIMBS] = { 0xffffffffffffffff, 0xffffffff00000000, 0xffffffffffffffff, 0xfffffffeffffffff }; -static const BN_ULONG def_ord[P256_LIMBS] ALIGN32 = { +ALIGN32 static const BN_ULONG def_ord[P256_LIMBS] = { 0x53bbf40939d54123, 0x7203df6b21c6052b, 0xffffffffffffffff, 0xfffffffeffffffff }; -static const BN_ULONG ONE[P256_LIMBS] ALIGN32 = {1, 0, 0, 0}; +ALIGN32 static const BN_ULONG ONE[P256_LIMBS] = {1, 0, 0, 0}; /* Functions implemented in assembly */ /* @@ -139,10 +139,10 @@ static ossl_inline int is_greater(const BN_ULONG *a, const BN_ULONG *b) /* Binary algorithm for inversion in Fp */ #define BN_MOD_INV(out, in, mod_div, mod_sub, mod) \ do { \ - BN_ULONG u[4] ALIGN32; \ - BN_ULONG v[4] ALIGN32; \ - BN_ULONG x1[4] ALIGN32 = {1, 0, 0, 0}; \ - BN_ULONG x2[4] ALIGN32 = {0}; \ + ALIGN32 BN_ULONG u[4]; \ + ALIGN32 BN_ULONG v[4]; \ + ALIGN32 BN_ULONG x1[4] = {1, 0, 0, 0}; \ + ALIGN32 BN_ULONG x2[4] = {0}; \ \ if (is_zeros(in)) \ return; \ @@ -188,9 +188,9 @@ static ossl_inline void ecp_sm2p256_mod_ord_inverse(BN_ULONG* out, static void ecp_sm2p256_point_double(P256_POINT *R, const P256_POINT *P) { unsigned int i; - BN_ULONG tmp0[P256_LIMBS] ALIGN32; - BN_ULONG tmp1[P256_LIMBS] ALIGN32; - BN_ULONG tmp2[P256_LIMBS] ALIGN32; + ALIGN32 BN_ULONG tmp0[P256_LIMBS]; + ALIGN32 BN_ULONG tmp1[P256_LIMBS]; + ALIGN32 BN_ULONG tmp2[P256_LIMBS]; /* zero-check P->Z */ if (is_zeros(P->Z)) { @@ -225,10 +225,10 @@ static void ecp_sm2p256_point_add_affine(P256_POINT *R, const P256_POINT *P, const P256_POINT_AFFINE *Q) { unsigned int i; - BN_ULONG tmp0[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG tmp1[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG tmp2[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG tmp3[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG tmp0[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG tmp1[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG tmp2[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG tmp3[P256_LIMBS] = {0}; /* zero-check P->Z */ if (is_zeros(P->Z)) { @@ -288,9 +288,9 @@ static void ecp_sm2p256_point_add(P256_POINT *R, const P256_POINT *P, const P256_POINT *Q) { unsigned int i; - BN_ULONG tmp0[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG tmp1[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG tmp2[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG tmp0[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG tmp1[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG tmp2[P256_LIMBS] = {0}; /* zero-check P | Q ->Z */ if (is_zeros(P->Z)) { @@ -382,7 +382,7 @@ static void ecp_sm2p256_point_P_mul_by_scalar(P256_POINT *R, const BN_ULONG *k, { int i, init = 0; unsigned int index, mask = 0x0f; - P256_POINT precomputed[16] ALIGN64; + ALIGN64 P256_POINT precomputed[16]; memset(R, 0, sizeof(P256_POINT)); @@ -427,8 +427,8 @@ static void ecp_sm2p256_point_P_mul_by_scalar(P256_POINT *R, const BN_ULONG *k, static void ecp_sm2p256_point_get_affine(P256_POINT_AFFINE *R, const P256_POINT *P) { - BN_ULONG z_inv3[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG z_inv2[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG z_inv3[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG z_inv2[P256_LIMBS] = {0}; if (is_one(P->Z)) { memcpy(R->X, P->X, 32); @@ -461,13 +461,13 @@ static int ecp_sm2p256_get_affine(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { - BN_ULONG z_inv2[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG z_inv3[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG x_aff[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG y_aff[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG point_x[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG point_y[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG point_z[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG z_inv2[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG z_inv3[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG x_aff[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG y_aff[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG point_x[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG point_y[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG point_z[P256_LIMBS] = {0}; if (EC_POINT_is_at_infinity(group, point)) { ECerr(ERR_LIB_EC, EC_R_POINT_AT_INFINITY); @@ -510,7 +510,7 @@ static int ecp_sm2p256_windowed_mul(const EC_GROUP *group, unsigned int i; int ret = 0; const BIGNUM **scalars = NULL; - BN_ULONG k[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG k[P256_LIMBS] = {0}; P256_POINT kP; ALIGN32 union { P256_POINT p; @@ -572,7 +572,7 @@ static int ecp_sm2p256_points_mul(const EC_GROUP *group, { int ret = 0, p_is_infinity = 0; const EC_POINT *generator = NULL; - BN_ULONG k[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG k[P256_LIMBS] = {0}; ALIGN32 union { P256_POINT p; P256_POINT_AFFINE a; @@ -646,9 +646,9 @@ err: static int ecp_sm2p256_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { - BN_ULONG a_fe[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG b_fe[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG r_fe[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG a_fe[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG b_fe[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG r_fe[P256_LIMBS] = {0}; if (a == NULL || b == NULL || r == NULL) return 0; @@ -670,8 +670,8 @@ static int ecp_sm2p256_field_mul(const EC_GROUP *group, BIGNUM *r, static int ecp_sm2p256_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { - BN_ULONG a_fe[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG r_fe[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG a_fe[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG r_fe[P256_LIMBS] = {0}; if (a == NULL || r == NULL) return 0; @@ -693,8 +693,8 @@ static int ecp_sm2p256_inv_mod_ord(const EC_GROUP *group, BIGNUM *r, const BIGNUM *x, BN_CTX *ctx) { int ret = 0; - BN_ULONG t[P256_LIMBS] ALIGN32 = {0}; - BN_ULONG out[P256_LIMBS] ALIGN32 = {0}; + ALIGN32 BN_ULONG t[P256_LIMBS] = {0}; + ALIGN32 BN_ULONG out[P256_LIMBS] = {0}; if (bn_wexpand(r, P256_LIMBS) == NULL) { ECerr(ERR_LIB_EC, ERR_R_BN_LIB); diff --git a/doc/man3/OPENSSL_LH_COMPFUNC.pod b/doc/man3/OPENSSL_LH_COMPFUNC.pod index 07df271b59050c49752ed0b75ff2c7530287c8b7..059f080e3e99f5e24f2aa3bdbf17fd635ab419da 100644 --- a/doc/man3/OPENSSL_LH_COMPFUNC.pod +++ b/doc/man3/OPENSSL_LH_COMPFUNC.pod @@ -8,10 +8,12 @@ LHASH_DOALL_ARG_FN_TYPE, IMPLEMENT_LHASH_HASH_FN, IMPLEMENT_LHASH_COMP_FN, lh_TYPE_new, lh_TYPE_free, lh_TYPE_flush, lh_TYPE_insert, lh_TYPE_delete, lh_TYPE_retrieve, -lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error, +lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_num_items, lh_TYPE_get_down_load, +lh_TYPE_set_down_load, lh_TYPE_error, OPENSSL_LH_new, OPENSSL_LH_free, OPENSSL_LH_flush, OPENSSL_LH_insert, OPENSSL_LH_delete, OPENSSL_LH_retrieve, -OPENSSL_LH_doall, OPENSSL_LH_doall_arg, OPENSSL_LH_error +OPENSSL_LH_doall, OPENSSL_LH_doall_arg, OPENSSL_LH_num_items, +OPENSSL_LH_get_down_load, OPENSSL_LH_set_down_load, OPENSSL_LH_error - dynamic hash table =head1 SYNOPSIS @@ -36,6 +38,10 @@ OPENSSL_LH_doall, OPENSSL_LH_doall_arg, OPENSSL_LH_error void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func, TYPE *arg); + unsigned long lh_TYPE_num_items(OPENSSL_LHASH *lh); + unsigned long lh_TYPE_get_down_load(OPENSSL_LHASH *lh); + void lh_TYPE_set_down_load(OPENSSL_LHASH *lh, unsigned long dl); + int lh_TYPE_error(LHASH_OF(TYPE) *table); typedef int (*OPENSSL_LH_COMPFUNC)(const void *, const void *); @@ -54,8 +60,14 @@ OPENSSL_LH_doall, OPENSSL_LH_doall_arg, OPENSSL_LH_error void OPENSSL_LH_doall(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNC func); void OPENSSL_LH_doall_arg(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNCARG func, void *arg); + unsigned long OPENSSL_LH_num_items(OPENSSL_LHASH *lh); + unsigned long OPENSSL_LH_get_down_load(OPENSSL_LHASH *lh); + void OPENSSL_LH_set_down_load(OPENSSL_LHASH *lh, unsigned long dl); + int OPENSSL_LH_error(OPENSSL_LHASH *lh); + #define LH_LOAD_MULT /* integer constant */ + The following macro is deprecated: DEFINE_LHASH_OF(TYPE); @@ -157,15 +169,6 @@ For example: /* Then the hash table itself can be deallocated */ lh_TYPE_free(hashtable); -When doing this, be careful if you delete entries from the hash table -in your callbacks: the table may decrease in size, moving the item -that you are currently on down lower in the hash table - this could -cause some entries to be skipped during the iteration. The second -best solution to this problem is to set hash-Edown_load=0 before -you start (which will stop the hash table ever decreasing in size). -The best solution is probably to avoid deleting items from the hash -table inside a "doall" callback! - B_doall_arg>() is the same as B_doall>() except that I will be called with I as the second argument and I should be of type B(B>) (a callback prototype @@ -187,21 +190,47 @@ that is provided by the caller): lh_TYPE_doall_arg(hashtable, LHASH_DOALL_ARG_FN(TYPE_print), BIO, logging_bio); +Note that it is by default B safe to use B_delete>() inside a +callback passed to B_doall>() or B_doall_arg>(). The +reason for this is that deleting an item from the hash table may result in the +hash table being contracted to a smaller size and rehashed. +B_doall>() and B_doall_arg>() are unsafe and will exhibit +undefined behaviour under these conditions, as these functions assume the hash +table size and bucket pointers do not change during the call. + +If it is desired to use B_doall>() or B_doall_arg>() with +B_delete>(), it is essential that you call +B_set_down_load>() with a I argument of 0 first. This +disables hash table contraction and guarantees that it will be safe to delete +items from a hash table during a call to B_doall>() or +B_doall_arg>(). + +It is never safe to call B_insert>() during a call to +B_doall>() or B_doall_arg>(). B_error>() can be used to determine if an error occurred in the last operation. +B_num_items>() returns the number of items in the hash table. + +B_get_down_load>() and B_set_down_load>() get and set the +factor used to determine when the hash table is contracted. The factor is the +load factor at or below which hash table contraction will occur, multiplied by +B, where the load factor is the number of items divided by the +number of nodes. Setting this value to 0 disables hash table contraction. + OPENSSL_LH_new() is the same as the B_new>() except that it is not type specific. So instead of returning an B)> value it returns a B. In the same way the functions OPENSSL_LH_free(), OPENSSL_LH_flush(), OPENSSL_LH_insert(), OPENSSL_LH_delete(), -OPENSSL_LH_retrieve(), OPENSSL_LH_doall(), OPENSSL_LH_doall_arg(), and -OPENSSL_LH_error() are equivalent to the similarly named B> functions -except that they return or use a B where the equivalent B> -function returns or uses a B *> or B) *>. B> -functions are implemented as type checked wrappers around the B -functions. Most applications should not call the B functions -directly. +OPENSSL_LH_retrieve(), OPENSSL_LH_doall(), OPENSSL_LH_doall_arg(), +OPENSSL_LH_num_items(), OPENSSL_LH_get_down_load(), OPENSSL_LH_set_down_load() +and OPENSSL_LH_error() are equivalent to the similarly named B> +functions except that they return or use a B where the equivalent +B> function returns or uses a B *> or B) *>. +B> functions are implemented as type checked wrappers around the +B functions. Most applications should not call the B +functions directly. =head1 RETURN VALUES diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 423777c18dd40fa13671c6718958a352783c38fb..7da423e24300e62a2b2931f5e0a4d0324a856f37 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -147,6 +147,7 @@ int tls_setup_write_buffer(OSSL_RECORD_LAYER *rl, size_t numwpipes, TLS_BUFFER *wb; size_t currpipe; size_t defltlen = 0; + size_t contenttypelen = 0; if (firstlen == 0 || (numwpipes > 1 && nextlen == 0)) { if (rl->isdtls) @@ -154,21 +155,26 @@ int tls_setup_write_buffer(OSSL_RECORD_LAYER *rl, size_t numwpipes, else headerlen = SSL3_RT_HEADER_LENGTH; + /* TLSv1.3 adds an extra content type byte after payload data */ + if (rl->version == TLS1_3_VERSION) + contenttypelen = 1; + #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD != 0 align = SSL3_ALIGN_PAYLOAD - 1; #endif - defltlen = rl->max_frag_len + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD - + headerlen + align + rl->eivlen; + defltlen = align + headerlen + rl->eivlen + rl->max_frag_len + + contenttypelen + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; #ifndef OPENSSL_NO_COMP if (tls_allow_compression(rl)) defltlen += SSL3_RT_MAX_COMPRESSED_OVERHEAD; #endif /* * We don't need to add eivlen here since empty fragments only occur - * when we don't have an explicit IV + * when we don't have an explicit IV. The contenttype byte will also + * always be 0 in these protocol versions */ - if (!(rl->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) + if ((rl->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) == 0) defltlen += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; } diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 3142370016846e0458ed19c4a511d85f3dfb5161..8b07a14664e71fcec15e3f6e1abd381e8803e3be 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -898,9 +898,12 @@ static int ctrl_switch_option(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl *cmd) /* Find index of command in table */ size_t idx = cmd - ssl_conf_cmds; const ssl_switch_tbl *scmd; + /* Sanity check index */ - if (idx >= OSSL_NELEM(ssl_cmd_switches)) + if (idx >= OSSL_NELEM(ssl_cmd_switches)) { + ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); return 0; + } /* Obtain switches entry with same index */ scmd = ssl_cmd_switches + idx; ssl_set_option(cctx, scmd->name_flags, scmd->option_value, 1); @@ -916,28 +919,33 @@ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value) } if (!ssl_conf_cmd_skip_prefix(cctx, &cmd)) - return -2; + goto unknown_cmd; runcmd = ssl_conf_cmd_lookup(cctx, cmd); if (runcmd) { - int rv; + int rv = -3; + if (runcmd->value_type == SSL_CONF_TYPE_NONE) { return ctrl_switch_option(cctx, runcmd); } if (value == NULL) - return -3; + goto bad_value; rv = runcmd->cmd(cctx, value); if (rv > 0) return 2; - if (rv == -2) - return -2; + if (rv != -2) + rv = 0; + + bad_value: if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) ERR_raise_data(ERR_LIB_SSL, SSL_R_BAD_VALUE, - "cmd=%s, value=%s", cmd, value); - return 0; + "cmd=%s, value=%s", cmd, + value != NULL ? value : ""); + return rv; } + unknown_cmd: if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) ERR_raise_data(ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME, "cmd=%s", cmd); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 0150589feae9b55e8aff2fcd903065337fbd6af4..cf59d2dfa57268a8ee62304a69c10f760ce5cfb2 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -6023,6 +6023,7 @@ uint64_t SSL_set_options(SSL *s, uint64_t op) /* Ignore return value */ sc->rlayer.rrlmethod->set_options(sc->rlayer.rrl, options); + sc->rlayer.wrlmethod->set_options(sc->rlayer.wrl, options); return sc->options; } @@ -6035,6 +6036,7 @@ uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op) uint64_t SSL_clear_options(SSL *s, uint64_t op) { SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); + OSSL_PARAM options[2], *opts = options; #ifndef OPENSSL_NO_QUIC if (IS_QUIC(s)) @@ -6044,7 +6046,17 @@ uint64_t SSL_clear_options(SSL *s, uint64_t op) if (sc == NULL) return 0; - return sc->options &= ~op; + sc->options &= ~op; + + *opts++ = OSSL_PARAM_construct_uint64(OSSL_LIBSSL_RECORD_LAYER_PARAM_OPTIONS, + &sc->options); + *opts = OSSL_PARAM_construct_end(); + + /* Ignore return value */ + sc->rlayer.rrlmethod->set_options(sc->rlayer.rrl, options); + sc->rlayer.wrlmethod->set_options(sc->rlayer.wrl, options); + + return sc->options; } STACK_OF(X509) *SSL_get0_verified_chain(const SSL *s) diff --git a/ssl/ssl_mcnf.c b/ssl/ssl_mcnf.c index c2366e41e365db7cb4529e8395f41c8a78dd780a..8bccce84d465dbef6b1fb74859d747fb755ec367 100644 --- a/ssl/ssl_mcnf.c +++ b/ssl/ssl_mcnf.c @@ -24,7 +24,7 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) { SSL_CONF_CTX *cctx = NULL; size_t i, idx, cmd_count; - int rv = 0; + int err = 1; unsigned int flags; const SSL_METHOD *meth; const SSL_CONF_CMD *cmds; @@ -66,24 +66,22 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) flags |= SSL_CONF_FLAG_CLIENT; SSL_CONF_CTX_set_flags(cctx, flags); prev_libctx = OSSL_LIB_CTX_set0_default(libctx); + err = 0; for (i = 0; i < cmd_count; i++) { char *cmdstr, *arg; + int rv; conf_ssl_get_cmd(cmds, i, &cmdstr, &arg); rv = SSL_CONF_cmd(cctx, cmdstr, arg); - if (rv <= 0) { - int errcode = rv == -2 ? SSL_R_UNKNOWN_COMMAND : SSL_R_BAD_VALUE; - - ERR_raise_data(ERR_LIB_SSL, errcode, - "section=%s, cmd=%s, arg=%s", name, cmdstr, arg); - goto err; - } + if (rv <= 0) + ++err; } - rv = SSL_CONF_CTX_finish(cctx); + if (!SSL_CONF_CTX_finish(cctx)) + ++err; err: OSSL_LIB_CTX_set0_default(prev_libctx); SSL_CONF_CTX_free(cctx); - return rv <= 0 ? 0 : 1; + return err == 0; } int SSL_config(SSL *s, const char *name) diff --git a/test/README.md b/test/README.md index fe25bd8b4ecbf13c874114a94d6ff20386f17edb..746a0156ceeaef65637a5b9a794798581a4bb90f 100644 --- a/test/README.md +++ b/test/README.md @@ -42,7 +42,7 @@ the make variable TESTS to specify them, like this: $ make TESTS='test_rsa test_dsa' test # Unix $ mms/macro="TESTS=test_rsa test_dsa" test ! OpenVMS - $ nmake TESTS='test_rsa test_dsa' test # Windows + $ nmake TESTS="test_rsa test_dsa" test # Windows And of course, you can combine (Unix examples shown): diff --git a/test/evp_test.c b/test/evp_test.c index cef7b1b9e83bcf7dc7082314528d7a94012609b7..ecc7f7fe209c2f28c8f0b605fd6a68edb1e73780 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1514,7 +1514,7 @@ static int mac_test_run_mac(EVP_TEST *t) EVP_MAC_CTX *ctx = NULL; unsigned char *got = NULL; size_t got_len = 0, size = 0; - size_t size_before_init, size_after_init, size_val = 0; + size_t size_before_init = 0, size_after_init, size_val = 0; int i, block_size = -1, output_size = -1; OSSL_PARAM params[21], sizes[3], *psizes = sizes; size_t params_n = 0; @@ -1622,7 +1622,8 @@ static int mac_test_run_mac(EVP_TEST *t) t->err = "MAC_CREATE_ERROR"; goto err; } - size_before_init = EVP_MAC_CTX_get_mac_size(ctx); + if (fips_provider_version_gt(libctx, 3, 2, 0)) + size_before_init = EVP_MAC_CTX_get_mac_size(ctx); if (!EVP_MAC_init(ctx, expected->key, expected->key_len, params)) { t->err = "MAC_INIT_ERROR"; goto err; diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 0e1ebc50cd90485828917e25f92b2efb17a4a477..6a9792128be15fea9c483916ff87c0a3ed80a9bb 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -50,7 +50,7 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) $no_rc2 = 1 if disabled("legacy"); -plan tests => 22; +plan tests => 23; ok(run(test(["pkcs7_test"])), "test pkcs7"); @@ -222,13 +222,15 @@ my @smime_pkcs7_tests = ( \&final_compare ], - [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used", + [ "enveloped content test streaming S/MIME format, DES, 3 recipients, cert and key files used", [ "{cmd1}", @defaultprov, "-encrypt", "-in", $smcont, "-stream", "-out", "{output}.cms", $smrsa1, catfile($smdir, "smrsa2.pem"), - catfile($smdir, "smrsa3.pem") ], - [ "{cmd2}", @defaultprov, "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"), + catfile($smdir, "smrsa3-cert.pem") ], + [ "{cmd2}", @defaultprov, "-decrypt", + "-recip", catfile($smdir, "smrsa3-cert.pem"), + "-inkey", catfile($smdir, "smrsa3-key.pem"), "-in", "{output}.cms", "-out", "{output}.txt" ], \&final_compare ], @@ -1165,3 +1167,51 @@ with({ exit_checker => sub { return shift == 3; } }, ])), "Check for failure when cipher does not have an assigned OID (issue#22225)"); }); + +# Test encrypt to three recipients, and decrypt using key-only; +# i.e. do not follow the recommended practice of providing the +# recipient cert in the decrypt op. +# +# Use RSAES-OAEP for key-transport, not RSAES-PKCS-v1_5. +# +# Because the cert is not provided during decrypt, all RSA ciphertexts +# are decrypted in turn, and when/if there is a valid decryption, it +# is assumed the correct content-key has been recovered. +# +# That process may fail with RSAES-PKCS-v1_5 b/c there is a +# non-negligible chance that decrypting a random input using +# RSAES-PKCS-v1_5 can result in a valid plaintext (so two content-keys +# could be recovered and the wrong one might be used). +# +# See https://github.com/openssl/project/issues/380 +subtest "encrypt to three recipients with RSA-OAEP, key only decrypt" => sub { + plan tests => 3; + + my $pt = srctop_file("test", "smcont.txt"); + my $ct = "smtst.cms"; + my $ptpt = "smtst.txt"; + + ok(run(app(['openssl', 'cms', + @defaultprov, + '-encrypt', '-aes128', + '-in', $pt, + '-out', $ct, + '-stream', + '-recip', catfile($smdir, "smrsa1.pem"), + '-keyopt', 'rsa_padding_mode:oaep', + '-recip', catfile($smdir, "smrsa2.pem"), + '-keyopt', 'rsa_padding_mode:oaep', + '-recip', catfile($smdir, "smrsa3-cert.pem"), + '-keyopt', 'rsa_padding_mode:oaep', + ])), + "encrypt to three recipients with RSA-OAEP (avoid openssl/project issue#380)"); + ok(run(app(['openssl', 'cms', + @defaultprov, + '-decrypt', '-aes128', + '-in', $ct, + '-out', $ptpt, + '-inkey', catfile($smdir, "smrsa3-key.pem"), + ])), + "decrypt with key only"); + is(compare($pt, $ptpt), 0, "compare original message with decrypted ciphertext"); +}; diff --git a/test/smime-certs/mksmime-certs.sh b/test/smime-certs/mksmime-certs.sh index ab7e22a136e2867891c0ee8b6291bc9d89362dce..0edf1d789e3f48ce78cdc2656ad05401c2f850e4 100644 --- a/test/smime-certs/mksmime-certs.sh +++ b/test/smime-certs/mksmime-certs.sh @@ -30,6 +30,9 @@ gen smrsa2.pem "/CN=Test SMIME EE RSA #2" usr_rsa_cert >>smrsa2.pem cp ../certs/ee-key-4096.pem smrsa3.pem gen smrsa3.pem "/CN=Test SMIME EE RSA #3" usr_rsa_cert >>smrsa3.pem +$OPENSSL x509 -in smrsa3.pem > smrsa3-cert.pem +$OPENSSL pkey -in smrsa3.pem > smrsa3-key.pem + # Create DSA certificates with respective extensions cp ../certs/server-dsa-key.pem smdsa1.pem diff --git a/test/smime-certs/smrsa3-cert.pem b/test/smime-certs/smrsa3-cert.pem new file mode 100644 index 0000000000000000000000000000000000000000..70004acb86988e15ca51448d1e61f1a659487bf1 --- /dev/null +++ b/test/smime-certs/smrsa3-cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDeTCCAmGgAwIBAgIUIDyc//j/LoNDesZTGbPBoVarv4EwDQYJKoZIhvcNAQEL +BQAwRDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxHTAbBgNV +BAMMFFRlc3QgUy9NSU1FIFJTQSBSb290MCAXDTIyMDYwMjE1MzMxM1oYDzIxMjIw +NTA5MTUzMzEzWjBFMQswCQYDVQQGEwJVSzEWMBQGA1UECgwNT3BlblNTTCBHcm91 +cDEeMBwGA1UEAwwVVGVzdCBTL01JTUUgRUUgUlNBICMzMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA+QP7d56K4/9eu7aChtWILYNxvqWeDcJeWvX5Z5vC +XUjFuUxBD9U0rw1SBLgFYu8aqAJ+oXsqaGjJARifgKEqPUe7pnYYatr55lhTbHR+ +qA88p1V4sclEaPNWKzd7J/V3eeYr04kqWV5XYhAq9k9AWLzsNIePe2z7OoGPS6oK +wRzWFRd5RYXTpmFr/tqknbYvtYFd7duKb9QqytgHV+RKXXeY0fnjZ7frLmaqDwtI +U3DY7MyS3Hw2BVx72vQXBNA364HGEpqEgVOdzI7et0wpSumaFXDye714xUR53L7N +f3fp3PQXS/RbBiNXs7KUsHCR6nsdsIKO+sg66gxOLNt6zwIDAQABo2AwXjAMBgNV +HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUN9pGq/UFS3o50rTi +V+AYgAk+3R4wHwYDVR0jBBgwFoAUFcETIWviVV+nah1XINbP86lzZFkwDQYJKoZI +hvcNAQELBQADggEBAGcOh380/6aJqMpYBssuf2CB3DX/hGKdvEF7fF8iNSfl5HHq +112kHl3MhbL9Th/safJq9sLDJqjXRNdVCUJJbU4YI2P2gsi04paC0qxWxMLtzQLd +CE7ki2xH94Fuu/dThbpzZBABROO1RrdI24GDGt9t4Gf0WVkobmT/zNlwGppKTIB2 +iV/Ug30iKr/C49UzwUIa+XXXujkjPTmGSnrKwVQNxQh81rb+iTL7GEnNuqDsatHW +ZyLS2SaVdG5tMqDkITPMDGjehUzJcAbVc8Bv4m8Ukuov3uDj2Doc6MxlvrVkV0AE +BcSCb/bWQJJ/X4LQZlx9cMk4NINxV9UeFPZOefg= +-----END CERTIFICATE----- diff --git a/test/smime-certs/smrsa3-key.pem b/test/smime-certs/smrsa3-key.pem new file mode 100644 index 0000000000000000000000000000000000000000..216d70b61b74c2038afd5fbbf612e7cf54956fec --- /dev/null +++ b/test/smime-certs/smrsa3-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQD5A/t3norj/167 +toKG1Ygtg3G+pZ4Nwl5a9flnm8JdSMW5TEEP1TSvDVIEuAVi7xqoAn6heypoaMkB +GJ+AoSo9R7umdhhq2vnmWFNsdH6oDzynVXixyURo81YrN3sn9Xd55ivTiSpZXldi +ECr2T0BYvOw0h497bPs6gY9LqgrBHNYVF3lFhdOmYWv+2qSdti+1gV3t24pv1CrK +2AdX5Epdd5jR+eNnt+suZqoPC0hTcNjszJLcfDYFXHva9BcE0DfrgcYSmoSBU53M +jt63TClK6ZoVcPJ7vXjFRHncvs1/d+nc9BdL9FsGI1ezspSwcJHqex2wgo76yDrq +DE4s23rPAgMBAAECggEAEDi+VWD5VUpjD5zWOoPQiRDGBJBhtMAKkl6okxEmXvWb +Xz3STFnjHgA1JFHW3bRU9BHI9k8vSHmnlnkfKb3V/ZX5IHNcKCHb/x9NBak+QLVQ +0zLtfE9vxiTC0B/oac+MPaiD4hYFQ81pFwK6VS0Poi8ZCBJtOkRqfUvsyV8zZrgh +/6cs4mwOVyZPFRgF9eWXYv7PJz8pNRizhII0iv9H/r2I3DzsZLPCg7c29mP+I/SG +A7Pl82UXjtOc0KurGY2M5VheZjxJT/k/FLMkWY2GS5n6dfcyzsVSKb25HoeuvQsI +vs1mKs+Onbobdc17hCcKVJzbi3DwXs5XDhrEzfHccQKBgQD88uBxVCRV31PsCN6I +pKxQDGgz+1BqPqe7KMRiZI7HgDUK0eCM3/oG089/jsBtJcSxnScLSVNBjQ+xGiFi +YCD4icQoJSzpqJyR6gDq5lTHASAe+9LWRW771MrtyACQWNXowYEyu8AjekrZkCUS +wIKVpw57oWykzIoS7ixZsJ8gxwKBgQD8BPWqJEsLiQvOlS5E/g88eV1KTpxm9Xs+ +BbwsDXZ7m4Iw5lYaUu5CwBB/2jkGGRl8Q/EfAdUT7gXv3t6x5b1qMXaIczmRGYto +NuI3AH2MPxAa7lg5TgBgie1r7PKwyPMfG3CtDx6n8W5sexgJpbIy5u7E+U6d8s1o +c7EcsefduQKBgCkHJAx9v18GWFBip+W2ABUDzisQSlzRSNd8p03mTZpiWzgkDq4K +7j0JQhDIkMGjbKH6gYi9Hfn17WOmf1+7g92MSvrP/NbxeGPadsejEIEu14zu/6Wt +oXDLdRbYZ+8B2cBlEpWuCl42yck8Lic6fnPTou++oSah3otvglYR5d2lAoGACd8L +3FE1m0sP6lSPjmZBJIZAcDOqDqJY5HIHD9arKGZL8CxlfPx4lqa9PrTGfQWoqORk +YmmI9hHhq6aYJHGyPKGZWfjhbVyJyFg1/h+Hy2GA+P0S+ZOjkiR050BNtTz5wOMr +Q6wO8FcVkywzIdWaqEHBYne9a5RiFVBKxKv3QAkCgYBxmCBKajFkMVb4Uc55WqJs +Add0mctGgmZ1l5vq81eWe3wjM8wgfJgaD3Q3gwx2ABUX/R+OsVWSh4o5ZR86sYoz +TviknBHF8GeDLjpT49+04fEaz336J2JOptF9zIpz7ZK1nrOEjzaZGtumReVjUP7X +fNcb5iDYqZRzD8ixBbLxUw== +-----END PRIVATE KEY----- diff --git a/test/sysdefault.cnf b/test/sysdefault.cnf index 20712b5bda40cd7878927ccbf74b54206f10a418..1c8915074a7829c671f1986481fdbc2bda24f899 100644 --- a/test/sysdefault.cnf +++ b/test/sysdefault.cnf @@ -18,5 +18,6 @@ new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1 system_default = ssl_default_sect [ssl_default_sect] +SignatureAlgorithms = RSA+SHA256:nonex MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt index 3f1d205bcadb74a43ebea8f36f68a7aa667452aa..d6906f6ddc92d95b84e9c677783b19eebdb1415c 100644 --- a/util/missingcrypto.txt +++ b/util/missingcrypto.txt @@ -745,9 +745,6 @@ OCSP_response_status_str(3) OCSP_url_svcloc_new(3) OPENSSL_DIR_end(3) OPENSSL_DIR_read(3) -OPENSSL_LH_get_down_load(3) -OPENSSL_LH_num_items(3) -OPENSSL_LH_set_down_load(3) OPENSSL_LH_strhash(3) OPENSSL_asc2uni(3) OPENSSL_die(3)