diff --git a/CVE-2019-1551.patch b/CVE-2019-1551.patch deleted file mode 100644 index 320fd437faddac16738bd87abdb05e95eab60be5..0000000000000000000000000000000000000000 --- a/CVE-2019-1551.patch +++ /dev/null @@ -1,757 +0,0 @@ -From 419102400a2811582a7a3d4a4e317d72e5ce0a8f Mon Sep 17 00:00:00 2001 -From: Andy Polyakov -Date: Wed, 4 Dec 2019 12:48:21 +0100 -Subject: [PATCH] Fix an overflow bug in rsaz_512_sqr - -There is an overflow bug in the x64_64 Montgomery squaring procedure used in -exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis -suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a -result of this defect would be very difficult to perform and are not believed -likely. Attacks against DH512 are considered just feasible. However, for an -attack the target would have to re-use the DH512 private key, which is not -recommended anyway. Also applications directly using the low level API -BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. - -CVE-2019-1551 - -Reviewed-by: Paul Dale -Reviewed-by: Bernd Edlinger -(Merged from https://github.com/openssl/openssl/pull/10575) ---- - crypto/bn/asm/rsaz-x86_64.pl | 381 ++++++++++++++++++++++--------------------- - 1 file changed, 197 insertions(+), 184 deletions(-) - -diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl -index b1797b6..7534d5c 100755 ---- a/crypto/bn/asm/rsaz-x86_64.pl -+++ b/crypto/bn/asm/rsaz-x86_64.pl -@@ -116,7 +116,7 @@ rsaz_512_sqr: # 25-29% faster than rsaz_512_mul - subq \$128+24, %rsp - .cfi_adjust_cfa_offset 128+24 - .Lsqr_body: -- movq $mod, %rbp # common argument -+ movq $mod, %xmm1 # common off-load - movq ($inp), %rdx - movq 8($inp), %rax - movq $n0, 128(%rsp) -@@ -134,7 +134,8 @@ $code.=<<___; - .Loop_sqr: - movl $times,128+8(%rsp) - #first iteration -- movq %rdx, %rbx -+ movq %rdx, %rbx # 0($inp) -+ mov %rax, %rbp # 8($inp) - mulq %rdx - movq %rax, %r8 - movq 16($inp), %rax -@@ -173,31 +174,29 @@ $code.=<<___; - mulq %rbx - addq %rax, %r14 - movq %rbx, %rax -- movq %rdx, %r15 -- adcq \$0, %r15 -+ adcq \$0, %rdx - -- addq %r8, %r8 #shlq \$1, %r8 -- movq %r9, %rcx -- adcq %r9, %r9 #shld \$1, %r8, %r9 -+ xorq %rcx,%rcx # rcx:r8 = r8 << 1 -+ addq %r8, %r8 -+ movq %rdx, %r15 -+ adcq \$0, %rcx - - mulq %rax -- movq %rax, (%rsp) -- addq %rdx, %r8 -- adcq \$0, %r9 -+ addq %r8, %rdx -+ adcq \$0, %rcx - -- movq %r8, 8(%rsp) -- shrq \$63, %rcx -+ movq %rax, (%rsp) -+ movq %rdx, 8(%rsp) - - #second iteration -- movq 8($inp), %r8 - movq 16($inp), %rax -- mulq %r8 -+ mulq %rbp - addq %rax, %r10 - movq 24($inp), %rax - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r11 - movq 32($inp), %rax - adcq \$0, %rdx -@@ -205,7 +204,7 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r12 - movq 40($inp), %rax - adcq \$0, %rdx -@@ -213,7 +212,7 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r13 - movq 48($inp), %rax - adcq \$0, %rdx -@@ -221,7 +220,7 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r14 - movq 56($inp), %rax - adcq \$0, %rdx -@@ -229,39 +228,39 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -- mulq %r8 -+ mulq %rbp - addq %rax, %r15 -- movq %r8, %rax -+ movq %rbp, %rax - adcq \$0, %rdx - addq %rbx, %r15 -- movq %rdx, %r8 -- movq %r10, %rdx -- adcq \$0, %r8 -+ adcq \$0, %rdx - -- add %rdx, %rdx -- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10 -- movq %r11, %rbx -- adcq %r11, %r11 #shld \$1, %r10, %r11 -+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1 -+ addq %r9, %r9 -+ movq %rdx, %r8 -+ adcq %r10, %r10 -+ adcq \$0, %rbx - - mulq %rax -+ addq %rcx, %rax -+ movq 16($inp), %rbp -+ adcq \$0, %rdx - addq %rax, %r9 -+ movq 24($inp), %rax - adcq %rdx, %r10 -- adcq \$0, %r11 -+ adcq \$0, %rbx - - movq %r9, 16(%rsp) - movq %r10, 24(%rsp) -- shrq \$63, %rbx - - #third iteration -- movq 16($inp), %r9 -- movq 24($inp), %rax -- mulq %r9 -+ mulq %rbp - addq %rax, %r12 - movq 32($inp), %rax - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -+ mulq %rbp - addq %rax, %r13 - movq 40($inp), %rax - adcq \$0, %rdx -@@ -269,7 +268,7 @@ $code.=<<___; - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -+ mulq %rbp - addq %rax, %r14 - movq 48($inp), %rax - adcq \$0, %rdx -@@ -277,9 +276,7 @@ $code.=<<___; - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -- movq %r12, %r10 -- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12 -+ mulq %rbp - addq %rax, %r15 - movq 56($inp), %rax - adcq \$0, %rdx -@@ -287,36 +284,40 @@ $code.=<<___; - movq %rdx, %rcx - adcq \$0, %rcx - -- mulq %r9 -- shrq \$63, %r10 -+ mulq %rbp - addq %rax, %r8 -- movq %r9, %rax -+ movq %rbp, %rax - adcq \$0, %rdx - addq %rcx, %r8 -- movq %rdx, %r9 -- adcq \$0, %r9 -+ adcq \$0, %rdx - -- movq %r13, %rcx -- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13 -+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1 -+ addq %r11, %r11 -+ movq %rdx, %r9 -+ adcq %r12, %r12 -+ adcq \$0, %rcx - - mulq %rax -+ addq %rbx, %rax -+ movq 24($inp), %r10 -+ adcq \$0, %rdx - addq %rax, %r11 -+ movq 32($inp), %rax - adcq %rdx, %r12 -- adcq \$0, %r13 -+ adcq \$0, %rcx - - movq %r11, 32(%rsp) - movq %r12, 40(%rsp) -- shrq \$63, %rcx - - #fourth iteration -- movq 24($inp), %r10 -- movq 32($inp), %rax -+ mov %rax, %r11 # 32($inp) - mulq %r10 - addq %rax, %r14 - movq 40($inp), %rax - movq %rdx, %rbx - adcq \$0, %rbx - -+ mov %rax, %r12 # 40($inp) - mulq %r10 - addq %rax, %r15 - movq 48($inp), %rax -@@ -325,9 +326,8 @@ $code.=<<___; - movq %rdx, %rbx - adcq \$0, %rbx - -+ mov %rax, %rbp # 48($inp) - mulq %r10 -- movq %r14, %r12 -- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14 - addq %rax, %r8 - movq 56($inp), %rax - adcq \$0, %rdx -@@ -336,32 +336,33 @@ $code.=<<___; - adcq \$0, %rbx - - mulq %r10 -- shrq \$63, %r12 - addq %rax, %r9 - movq %r10, %rax - adcq \$0, %rdx - addq %rbx, %r9 -- movq %rdx, %r10 -- adcq \$0, %r10 -+ adcq \$0, %rdx - -- movq %r15, %rbx -- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15 -+ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1 -+ addq %r13, %r13 -+ movq %rdx, %r10 -+ adcq %r14, %r14 -+ adcq \$0, %rbx - - mulq %rax -+ addq %rcx, %rax -+ adcq \$0, %rdx - addq %rax, %r13 -+ movq %r12, %rax # 40($inp) - adcq %rdx, %r14 -- adcq \$0, %r15 -+ adcq \$0, %rbx - - movq %r13, 48(%rsp) - movq %r14, 56(%rsp) -- shrq \$63, %rbx - - #fifth iteration -- movq 32($inp), %r11 -- movq 40($inp), %rax - mulq %r11 - addq %rax, %r8 -- movq 48($inp), %rax -+ movq %rbp, %rax # 48($inp) - movq %rdx, %rcx - adcq \$0, %rcx - -@@ -369,97 +370,99 @@ $code.=<<___; - addq %rax, %r9 - movq 56($inp), %rax - adcq \$0, %rdx -- movq %r8, %r12 -- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8 - addq %rcx, %r9 - movq %rdx, %rcx - adcq \$0, %rcx - -+ mov %rax, %r14 # 56($inp) - mulq %r11 -- shrq \$63, %r12 - addq %rax, %r10 - movq %r11, %rax - adcq \$0, %rdx - addq %rcx, %r10 -- movq %rdx, %r11 -- adcq \$0, %r11 -+ adcq \$0, %rdx - -- movq %r9, %rcx -- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9 -+ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1 -+ addq %r15, %r15 -+ movq %rdx, %r11 -+ adcq %r8, %r8 -+ adcq \$0, %rcx - - mulq %rax -+ addq %rbx, %rax -+ adcq \$0, %rdx - addq %rax, %r15 -+ movq %rbp, %rax # 48($inp) - adcq %rdx, %r8 -- adcq \$0, %r9 -+ adcq \$0, %rcx - - movq %r15, 64(%rsp) - movq %r8, 72(%rsp) -- shrq \$63, %rcx - - #sixth iteration -- movq 40($inp), %r12 -- movq 48($inp), %rax - mulq %r12 - addq %rax, %r10 -- movq 56($inp), %rax -+ movq %r14, %rax # 56($inp) - movq %rdx, %rbx - adcq \$0, %rbx - - mulq %r12 - addq %rax, %r11 - movq %r12, %rax -- movq %r10, %r15 -- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10 - adcq \$0, %rdx -- shrq \$63, %r15 - addq %rbx, %r11 -- movq %rdx, %r12 -- adcq \$0, %r12 -+ adcq \$0, %rdx - -- movq %r11, %rbx -- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11 -+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1 -+ addq %r9, %r9 -+ movq %rdx, %r12 -+ adcq %r10, %r10 -+ adcq \$0, %rbx - - mulq %rax -+ addq %rcx, %rax -+ adcq \$0, %rdx - addq %rax, %r9 -+ movq %r14, %rax # 56($inp) - adcq %rdx, %r10 -- adcq \$0, %r11 -+ adcq \$0, %rbx - - movq %r9, 80(%rsp) - movq %r10, 88(%rsp) - - #seventh iteration -- movq 48($inp), %r13 -- movq 56($inp), %rax -- mulq %r13 -+ mulq %rbp - addq %rax, %r12 -- movq %r13, %rax -- movq %rdx, %r13 -- adcq \$0, %r13 -+ movq %rbp, %rax -+ adcq \$0, %rdx - -- xorq %r14, %r14 -- shlq \$1, %rbx -- adcq %r12, %r12 #shld \$1, %rbx, %r12 -- adcq %r13, %r13 #shld \$1, %r12, %r13 -- adcq %r14, %r14 #shld \$1, %r13, %r14 -+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1 -+ addq %r11, %r11 -+ movq %rdx, %r13 -+ adcq %r12, %r12 -+ adcq \$0, %rcx - - mulq %rax -+ addq %rbx, %rax -+ adcq \$0, %rdx - addq %rax, %r11 -+ movq %r14, %rax # 56($inp) - adcq %rdx, %r12 -- adcq \$0, %r13 -+ adcq \$0, %rcx - - movq %r11, 96(%rsp) - movq %r12, 104(%rsp) - - #eighth iteration -- movq 56($inp), %rax -+ xorq %rbx, %rbx # rbx:r13 = r13 << 1 -+ addq %r13, %r13 -+ adcq \$0, %rbx -+ - mulq %rax -- addq %rax, %r13 -+ addq %rcx, %rax - adcq \$0, %rdx -- -- addq %rdx, %r14 -- -- movq %r13, 112(%rsp) -- movq %r14, 120(%rsp) -+ addq %r13, %rax -+ adcq %rbx, %rdx - - movq (%rsp), %r8 - movq 8(%rsp), %r9 -@@ -469,6 +472,10 @@ $code.=<<___; - movq 40(%rsp), %r13 - movq 48(%rsp), %r14 - movq 56(%rsp), %r15 -+ movq %xmm1, %rbp -+ -+ movq %rax, 112(%rsp) -+ movq %rdx, 120(%rsp) - - call __rsaz_512_reduce - -@@ -500,9 +507,9 @@ $code.=<<___; - .Loop_sqrx: - movl $times,128+8(%rsp) - movq $out, %xmm0 # off-load -- movq %rbp, %xmm1 # off-load - #first iteration - mulx %rax, %r8, %r9 -+ mov %rax, %rbx - - mulx 16($inp), %rcx, %r10 - xor %rbp, %rbp # cf=0, of=0 -@@ -510,40 +517,39 @@ $code.=<<___; - mulx 24($inp), %rax, %r11 - adcx %rcx, %r9 - -- mulx 32($inp), %rcx, %r12 -+ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12 - adcx %rax, %r10 - -- mulx 40($inp), %rax, %r13 -+ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13 - adcx %rcx, %r11 - -- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14 -+ mulx 48($inp), %rcx, %r14 - adcx %rax, %r12 - adcx %rcx, %r13 - -- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15 -+ mulx 56($inp), %rax, %r15 - adcx %rax, %r14 - adcx %rbp, %r15 # %rbp is 0 - -- mov %r9, %rcx -- shld \$1, %r8, %r9 -- shl \$1, %r8 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -- adcx %rdx, %r8 -- mov 8($inp), %rdx -- adcx %rbp, %r9 -+ mulx %rdx, %rax, $out -+ mov %rbx, %rdx # 8($inp) -+ xor %rcx, %rcx -+ adox %r8, %r8 -+ adcx $out, %r8 -+ adox %rbp, %rcx -+ adcx %rbp, %rcx - - mov %rax, (%rsp) - mov %r8, 8(%rsp) - - #second iteration -- mulx 16($inp), %rax, %rbx -+ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx - adox %rax, %r10 - adcx %rbx, %r11 - -- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8 -+ mulx 24($inp), $out, %r8 - adox $out, %r11 -+ .byte 0x66 - adcx %r8, %r12 - - mulx 32($inp), %rax, %rbx -@@ -561,24 +567,25 @@ $code.=<<___; - .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8 - adox $out, %r15 - adcx %rbp, %r8 -+ mulx %rdx, %rax, $out - adox %rbp, %r8 -+ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx - -- mov %r11, %rbx -- shld \$1, %r10, %r11 -- shld \$1, %rcx, %r10 -- -- xor %ebp,%ebp -- mulx %rdx, %rax, %rcx -- mov 16($inp), %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r9, %r9 -+ adcx %rbp, $out -+ adox %r10, %r10 - adcx %rax, %r9 -- adcx %rcx, %r10 -- adcx %rbp, %r11 -+ adox %rbp, %rbx -+ adcx $out, %r10 -+ adcx %rbp, %rbx - - mov %r9, 16(%rsp) - .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp) - - #third iteration -- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9 -+ mulx 24($inp), $out, %r9 - adox $out, %r12 - adcx %r9, %r13 - -@@ -586,7 +593,7 @@ $code.=<<___; - adox %rax, %r13 - adcx %rcx, %r14 - -- mulx 40($inp), $out, %r9 -+ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9 - adox $out, %r14 - adcx %r9, %r15 - -@@ -594,27 +601,28 @@ $code.=<<___; - adox %rax, %r15 - adcx %rcx, %r8 - -- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9 -+ mulx 56($inp), $out, %r9 - adox $out, %r8 - adcx %rbp, %r9 -+ mulx %rdx, %rax, $out - adox %rbp, %r9 -+ mov 24($inp), %rdx - -- mov %r13, %rcx -- shld \$1, %r12, %r13 -- shld \$1, %rbx, %r12 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rcx, %rcx -+ adcx %rbx, %rax -+ adox %r11, %r11 -+ adcx %rbp, $out -+ adox %r12, %r12 - adcx %rax, %r11 -- adcx %rdx, %r12 -- mov 24($inp), %rdx -- adcx %rbp, %r13 -+ adox %rbp, %rcx -+ adcx $out, %r12 -+ adcx %rbp, %rcx - - mov %r11, 32(%rsp) -- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp) -+ mov %r12, 40(%rsp) - - #fourth iteration -- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx -+ mulx 32($inp), %rax, %rbx - adox %rax, %r14 - adcx %rbx, %r15 - -@@ -629,25 +637,25 @@ $code.=<<___; - mulx 56($inp), $out, %r10 - adox $out, %r9 - adcx %rbp, %r10 -+ mulx %rdx, %rax, $out - adox %rbp, %r10 -+ mov 32($inp), %rdx - -- .byte 0x66 -- mov %r15, %rbx -- shld \$1, %r14, %r15 -- shld \$1, %rcx, %r14 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r13, %r13 -+ adcx %rbp, $out -+ adox %r14, %r14 - adcx %rax, %r13 -- adcx %rdx, %r14 -- mov 32($inp), %rdx -- adcx %rbp, %r15 -+ adox %rbp, %rbx -+ adcx $out, %r14 -+ adcx %rbp, %rbx - - mov %r13, 48(%rsp) - mov %r14, 56(%rsp) - - #fifth iteration -- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11 -+ mulx 40($inp), $out, %r11 - adox $out, %r8 - adcx %r11, %r9 - -@@ -658,18 +666,19 @@ $code.=<<___; - mulx 56($inp), $out, %r11 - adox $out, %r10 - adcx %rbp, %r11 -+ mulx %rdx, %rax, $out -+ mov 40($inp), %rdx - adox %rbp, %r11 - -- mov %r9, %rcx -- shld \$1, %r8, %r9 -- shld \$1, %rbx, %r8 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rcx, %rcx -+ adcx %rbx, %rax -+ adox %r15, %r15 -+ adcx %rbp, $out -+ adox %r8, %r8 - adcx %rax, %r15 -- adcx %rdx, %r8 -- mov 40($inp), %rdx -- adcx %rbp, %r9 -+ adox %rbp, %rcx -+ adcx $out, %r8 -+ adcx %rbp, %rcx - - mov %r15, 64(%rsp) - mov %r8, 72(%rsp) -@@ -682,18 +691,19 @@ $code.=<<___; - .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12 - adox $out, %r11 - adcx %rbp, %r12 -+ mulx %rdx, %rax, $out - adox %rbp, %r12 -+ mov 48($inp), %rdx - -- mov %r11, %rbx -- shld \$1, %r10, %r11 -- shld \$1, %rcx, %r10 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r9, %r9 -+ adcx %rbp, $out -+ adox %r10, %r10 - adcx %rax, %r9 -- adcx %rdx, %r10 -- mov 48($inp), %rdx -- adcx %rbp, %r11 -+ adcx $out, %r10 -+ adox %rbp, %rbx -+ adcx %rbp, %rbx - - mov %r9, 80(%rsp) - mov %r10, 88(%rsp) -@@ -703,31 +713,31 @@ $code.=<<___; - adox %rax, %r12 - adox %rbp, %r13 - -- xor %r14, %r14 -- shld \$1, %r13, %r14 -- shld \$1, %r12, %r13 -- shld \$1, %rbx, %r12 -- -- xor %ebp, %ebp -- mulx %rdx, %rax, %rdx -- adcx %rax, %r11 -- adcx %rdx, %r12 -+ mulx %rdx, %rax, $out -+ xor %rcx, %rcx - mov 56($inp), %rdx -- adcx %rbp, %r13 -+ adcx %rbx, %rax -+ adox %r11, %r11 -+ adcx %rbp, $out -+ adox %r12, %r12 -+ adcx %rax, %r11 -+ adox %rbp, %rcx -+ adcx $out, %r12 -+ adcx %rbp, %rcx - - .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp) - .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp) - - #eighth iteration - mulx %rdx, %rax, %rdx -- adox %rax, %r13 -- adox %rbp, %rdx -+ xor %rbx, %rbx -+ adcx %rcx, %rax -+ adox %r13, %r13 -+ adcx %rbp, %rdx -+ adox %rbp, %rbx -+ adcx %r13, %rax -+ adcx %rdx, %rbx - -- .byte 0x66 -- add %rdx, %r14 -- -- movq %r13, 112(%rsp) -- movq %r14, 120(%rsp) - movq %xmm0, $out - movq %xmm1, %rbp - -@@ -741,6 +751,9 @@ $code.=<<___; - movq 48(%rsp), %r14 - movq 56(%rsp), %r15 - -+ movq %rax, 112(%rsp) -+ movq %rbx, 120(%rsp) -+ - call __rsaz_512_reducex - - addq 64(%rsp), %r8 --- -1.7.12.4 - diff --git a/CVE-2020-1967.patch b/CVE-2020-1967.patch new file mode 100644 index 0000000000000000000000000000000000000000..b9f36dcb95a3c638c70f0d404baf3121137100b4 --- /dev/null +++ b/CVE-2020-1967.patch @@ -0,0 +1,48 @@ +From a87f3fe01a5a894aa27ccd6a239155fd129988e4 Mon Sep 17 00:00:00 2001 +From: Benjamin Kaduk +Date: Fri Apr 10 12:27:28 2020 -0700 +Subject: Fix NULL dereference in SSL_check_chain() for TLS 1.3 + +In the tls1_check_sig_alg() helper function, we loop through the list of +"signature_algorithms_cert" values received from the client and attempt +to look up each one in turn in our internal table that maps wire +codepoint to string-form name, digest and/or signature NID, etc., in +order to compare the signature scheme from the peer's list against what +is used to sign the certificates in the certificate chain we're +checking. Unfortunately, when the peer sends a value that we don't +support, the lookup returns NULL, but we unconditionally dereference the +lookup result for the comparison, leading to an application crash +triggerable by an unauthenticated client. + +Since we will not be able to say anything about algorithms we don't +recognize, treat NULL return from lookup as "does not match". + +We currently only apply the "signature_algorithm_cert" checks on TLS 1.3 +connections, so previous TLS versions are unaffected. SSL_check_chain() +is not called directly from libssl, but may be used by the application +inside a callback (e.g., client_hello or cert callback) to verify that a +candidate certificate chain will be acceptable to the client. + +CVE-2020-1967 + +Reviewed-by: Matt Caswell +--- + openssl-1.1.1f/ssl/t1_lib.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c +index 0ff0d37..5a4389c 100644 +--- a/ssl/t1_lib.c ++++ b/ssl/t1_lib.c +@@ -2132,7 +2132,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) + sigalg = use_pc_sigalgs + ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i]) + : s->shared_sigalgs[i]; +- if (sig_nid == sigalg->sigandhash) ++ if (sigalg != NULL && sig_nid == sigalg->sigandhash) + return 1; + } + return 0; +-- +1.8.3.1 + diff --git a/openssl-1.1.1-fips.patch b/openssl-1.1.1-fips.patch index 90630698ef3ed631df33e3bb24b5ba1d0020188c..c17f6e837b9b53bcd3c07c67d39a6e3bdeacb20e 100644 --- a/openssl-1.1.1-fips.patch +++ b/openssl-1.1.1-fips.patch @@ -1,7 +1,7 @@ -diff -up openssl-1.1.1d/apps/pkcs12.c.fips openssl-1.1.1d/apps/pkcs12.c ---- openssl-1.1.1d/apps/pkcs12.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/apps/pkcs12.c 2019-09-13 15:13:11.022525640 +0200 -@@ -126,7 +126,7 @@ int pkcs12_main(int argc, char **argv) +diff -up openssl-1.1.1e/apps/pkcs12.c.fips openssl-1.1.1e/apps/pkcs12.c +--- openssl-1.1.1e/apps/pkcs12.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/apps/pkcs12.c 2020-03-17 17:30:52.020567497 +0100 +@@ -127,7 +127,7 @@ int pkcs12_main(int argc, char **argv) int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; # ifndef OPENSSL_NO_RC2 @@ -10,10 +10,10 @@ diff -up openssl-1.1.1d/apps/pkcs12.c.fips openssl-1.1.1d/apps/pkcs12.c # else int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; # endif -diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c ---- openssl-1.1.1d/apps/speed.c.fips 2019-10-03 16:51:22.019915908 +0200 -+++ openssl-1.1.1d/apps/speed.c 2019-10-03 17:40:09.909994582 +0200 -@@ -1595,7 +1595,8 @@ int speed_main(int argc, char **argv) +diff -up openssl-1.1.1e/apps/speed.c.fips openssl-1.1.1e/apps/speed.c +--- openssl-1.1.1e/apps/speed.c.fips 2020-03-17 17:30:51.997567897 +0100 ++++ openssl-1.1.1e/apps/speed.c 2020-03-17 17:30:52.021567479 +0100 +@@ -1593,7 +1593,8 @@ int speed_main(int argc, char **argv) continue; if (strcmp(*argv, "rsa") == 0) { for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++) @@ -23,7 +23,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c continue; } if (found(*argv, rsa_choices, &i)) { -@@ -1605,7 +1606,9 @@ int speed_main(int argc, char **argv) +@@ -1603,7 +1604,9 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_DSA if (strcmp(*argv, "dsa") == 0) { @@ -34,7 +34,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c dsa_doit[R_DSA_2048] = 1; continue; } -@@ -1636,19 +1639,21 @@ int speed_main(int argc, char **argv) +@@ -1634,19 +1637,21 @@ int speed_main(int argc, char **argv) } if (strcmp(*argv, "ecdh") == 0) { for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) @@ -60,7 +60,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c eddsa_doit[i] = 2; continue; } -@@ -1737,23 +1742,31 @@ int speed_main(int argc, char **argv) +@@ -1735,23 +1740,31 @@ int speed_main(int argc, char **argv) /* No parameters; turn on everything. */ if ((argc == 0) && !doit[D_EVP]) { for (i = 0; i < ALGOR_NUM; i++) @@ -98,7 +98,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c #endif } for (i = 0; i < ALGOR_NUM; i++) -@@ -1801,30 +1814,46 @@ int speed_main(int argc, char **argv) +@@ -1799,30 +1812,46 @@ int speed_main(int argc, char **argv) AES_set_encrypt_key(key24, 192, &aes_ks2); AES_set_encrypt_key(key32, 256, &aes_ks3); #ifndef OPENSSL_NO_CAMELLIA @@ -155,7 +155,7 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c #endif #ifndef SIGALRM # ifndef OPENSSL_NO_DES -@@ -2122,6 +2151,7 @@ int speed_main(int argc, char **argv) +@@ -2120,6 +2149,7 @@ int speed_main(int argc, char **argv) for (i = 0; i < loopargs_len; i++) { loopargs[i].hctx = HMAC_CTX_new(); @@ -163,10 +163,10 @@ diff -up openssl-1.1.1d/apps/speed.c.fips openssl-1.1.1d/apps/speed.c if (loopargs[i].hctx == NULL) { BIO_printf(bio_err, "HMAC malloc failure, exiting..."); exit(1); -diff -up openssl-1.1.1d/Configure.fips openssl-1.1.1d/Configure ---- openssl-1.1.1d/Configure.fips 2019-09-13 15:13:11.017525727 +0200 -+++ openssl-1.1.1d/Configure 2019-09-13 15:13:11.023525622 +0200 -@@ -307,7 +307,7 @@ $config{sdirs} = [ +diff -up openssl-1.1.1e/Configure.fips openssl-1.1.1e/Configure +--- openssl-1.1.1e/Configure.fips 2020-03-17 17:30:52.015567584 +0100 ++++ openssl-1.1.1e/Configure 2020-03-17 17:30:52.022567462 +0100 +@@ -319,7 +319,7 @@ $config{sdirs} = [ "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", @@ -175,9 +175,9 @@ diff -up openssl-1.1.1d/Configure.fips openssl-1.1.1d/Configure "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" ]; -diff -up openssl-1.1.1d/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1d/crypto/cmac/cm_pmeth.c ---- openssl-1.1.1d/crypto/cmac/cm_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/cmac/cm_pmeth.c 2019-09-13 15:13:11.023525622 +0200 +diff -up openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1e/crypto/cmac/cm_pmeth.c +--- openssl-1.1.1e/crypto/cmac/cm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/cmac/cm_pmeth.c 2020-03-17 17:30:52.022567462 +0100 @@ -129,7 +129,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_C const EVP_PKEY_METHOD cmac_pkey_meth = { @@ -187,9 +187,9 @@ diff -up openssl-1.1.1d/crypto/cmac/cm_pmeth.c.fips openssl-1.1.1d/crypto/cmac/c pkey_cmac_init, pkey_cmac_copy, pkey_cmac_cleanup, -diff -up openssl-1.1.1d/crypto/dh/dh_err.c.fips openssl-1.1.1d/crypto/dh/dh_err.c ---- openssl-1.1.1d/crypto/dh/dh_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_err.c 2019-09-13 15:13:11.023525622 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_err.c.fips openssl-1.1.1e/crypto/dh/dh_err.c +--- openssl-1.1.1e/crypto/dh/dh_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_err.c 2020-03-17 17:30:52.022567462 +0100 @@ -25,6 +25,9 @@ static const ERR_STRING_DATA DH_str_func {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), @@ -215,13 +215,13 @@ diff -up openssl-1.1.1d/crypto/dh/dh_err.c.fips openssl-1.1.1d/crypto/dh/dh_err. {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, -diff -up openssl-1.1.1d/crypto/dh/dh_gen.c.fips openssl-1.1.1d/crypto/dh/dh_gen.c ---- openssl-1.1.1d/crypto/dh/dh_gen.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_gen.c 2019-09-13 15:13:11.023525622 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_gen.c.fips openssl-1.1.1e/crypto/dh/dh_gen.c +--- openssl-1.1.1e/crypto/dh/dh_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_gen.c 2020-03-17 18:03:31.005320382 +0100 @@ -16,6 +16,9 @@ #include "internal/cryptlib.h" #include - #include "dh_locl.h" + #include "dh_local.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -261,13 +261,13 @@ diff -up openssl-1.1.1d/crypto/dh/dh_gen.c.fips openssl-1.1.1d/crypto/dh/dh_gen. ctx = BN_CTX_new(); if (ctx == NULL) goto err; -diff -up openssl-1.1.1d/crypto/dh/dh_key.c.fips openssl-1.1.1d/crypto/dh/dh_key.c ---- openssl-1.1.1d/crypto/dh/dh_key.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_key.c 2019-09-13 15:13:11.024525605 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_key.c.fips openssl-1.1.1e/crypto/dh/dh_key.c +--- openssl-1.1.1e/crypto/dh/dh_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_key.c 2020-03-17 18:03:52.706940641 +0100 @@ -11,6 +11,9 @@ #include "internal/cryptlib.h" - #include "dh_locl.h" - #include "internal/bn_int.h" + #include "dh_local.h" + #include "crypto/bn.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -347,9 +347,9 @@ diff -up openssl-1.1.1d/crypto/dh/dh_key.c.fips openssl-1.1.1d/crypto/dh/dh_key. dh->flags |= DH_FLAG_CACHE_MONT_P; return 1; } -diff -up openssl-1.1.1d/crypto/dh/dh_pmeth.c.fips openssl-1.1.1d/crypto/dh/dh_pmeth.c ---- openssl-1.1.1d/crypto/dh/dh_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dh/dh_pmeth.c 2019-09-13 15:13:11.024525605 +0200 +diff -up openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips openssl-1.1.1e/crypto/dh/dh_pmeth.c +--- openssl-1.1.1e/crypto/dh/dh_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dh/dh_pmeth.c 2020-03-17 17:30:52.023567444 +0100 @@ -480,7 +480,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX * const EVP_PKEY_METHOD dh_pkey_meth = { @@ -368,9 +368,9 @@ diff -up openssl-1.1.1d/crypto/dh/dh_pmeth.c.fips openssl-1.1.1d/crypto/dh/dh_pm pkey_dh_init, pkey_dh_copy, pkey_dh_cleanup, -diff -up openssl-1.1.1d/crypto/dsa/dsa_err.c.fips openssl-1.1.1d/crypto/dsa/dsa_err.c ---- openssl-1.1.1d/crypto/dsa/dsa_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_err.c 2019-09-13 15:14:33.737079876 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_err.c.fips openssl-1.1.1e/crypto/dsa/dsa_err.c +--- openssl-1.1.1e/crypto/dsa/dsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_err.c 2020-03-17 17:30:52.023567444 +0100 @@ -16,12 +16,15 @@ static const ERR_STRING_DATA DSA_str_functs[] = { {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"}, @@ -402,13 +402,13 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_err.c.fips openssl-1.1.1d/crypto/dsa/dsa_ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"}, -diff -up openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips openssl-1.1.1d/crypto/dsa/dsa_gen.c ---- openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_gen.c 2019-09-13 15:13:11.046525220 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips openssl-1.1.1e/crypto/dsa/dsa_gen.c +--- openssl-1.1.1e/crypto/dsa/dsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_gen.c 2020-03-17 18:02:14.626656877 +0100 @@ -22,12 +22,22 @@ #include #include - #include "dsa_locl.h" + #include "dsa_local.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -566,16 +566,16 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_gen.c.fips openssl-1.1.1d/crypto/dsa/dsa_ +} + +#endif -diff -up openssl-1.1.1d/crypto/dsa/dsa_key.c.fips openssl-1.1.1d/crypto/dsa/dsa_key.c ---- openssl-1.1.1d/crypto/dsa/dsa_key.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_key.c 2019-09-13 15:13:11.046525220 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_key.c.fips openssl-1.1.1e/crypto/dsa/dsa_key.c +--- openssl-1.1.1e/crypto/dsa/dsa_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_key.c 2020-03-17 18:02:51.103018604 +0100 @@ -13,10 +13,49 @@ #include - #include "dsa_locl.h" + #include "dsa_local.h" +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +static int fips_check_dsa(DSA *dsa) +{ @@ -648,12 +648,12 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_key.c.fips openssl-1.1.1d/crypto/dsa/dsa_ ok = 1; err: -diff -up openssl-1.1.1d/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1d/crypto/dsa/dsa_ossl.c ---- openssl-1.1.1d/crypto/dsa/dsa_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_ossl.c 2019-09-13 15:13:11.047525203 +0200 +diff -up openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1e/crypto/dsa/dsa_ossl.c +--- openssl-1.1.1e/crypto/dsa/dsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_ossl.c 2020-03-19 17:11:22.037994064 +0100 @@ -14,6 +14,9 @@ #include - #include "dsa_locl.h" + #include "dsa_local.h" #include +#ifdef OPENSSL_FIPS +# include @@ -710,10 +710,10 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_ossl.c.fips openssl-1.1.1d/crypto/dsa/dsa dsa->flags |= DSA_FLAG_CACHE_MONT_P; return 1; } -diff -up openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1d/crypto/dsa/dsa_pmeth.c ---- openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/dsa/dsa_pmeth.c 2019-09-13 15:13:11.047525203 +0200 -@@ -215,8 +215,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT +diff -up openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1e/crypto/dsa/dsa_pmeth.c +--- openssl-1.1.1e/crypto/dsa/dsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/dsa/dsa_pmeth.c 2020-03-17 17:30:52.025567409 +0100 +@@ -211,8 +211,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT BN_GENCB_free(pcb); return 0; } @@ -724,7 +724,7 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1d/crypto/dsa/ds BN_GENCB_free(pcb); if (ret) EVP_PKEY_assign_DSA(pkey, dsa); -@@ -245,7 +245,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX +@@ -241,7 +241,7 @@ static int pkey_dsa_keygen(EVP_PKEY_CTX const EVP_PKEY_METHOD dsa_pkey_meth = { EVP_PKEY_DSA, @@ -733,12 +733,12 @@ diff -up openssl-1.1.1d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.1d/crypto/dsa/ds pkey_dsa_init, pkey_dsa_copy, pkey_dsa_cleanup, -diff -up openssl-1.1.1d/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1d/crypto/ec/ecdh_ossl.c ---- openssl-1.1.1d/crypto/ec/ecdh_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ecdh_ossl.c 2019-09-13 15:13:11.047525203 +0200 +diff -up openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdh_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdh_ossl.c.fips 2020-03-17 17:30:52.025567409 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdh_ossl.c 2020-03-17 18:01:24.704530440 +0100 @@ -19,9 +19,20 @@ #include - #include "ec_lcl.h" + #include "ec_local.h" +#ifdef OPENSSL_FIPS +# include @@ -757,12 +757,12 @@ diff -up openssl-1.1.1d/crypto/ec/ecdh_ossl.c.fips openssl-1.1.1d/crypto/ec/ecdh if (ecdh->group->meth->ecdh_compute_key == NULL) { ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH); return 0; -diff -up openssl-1.1.1d/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1d/crypto/ec/ecdsa_ossl.c ---- openssl-1.1.1d/crypto/ec/ecdsa_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ecdsa_ossl.c 2019-09-13 15:13:11.047525203 +0200 +diff -up openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1e/crypto/ec/ecdsa_ossl.c +--- openssl-1.1.1e/crypto/ec/ecdsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ecdsa_ossl.c 2020-03-17 18:01:41.642234061 +0100 @@ -14,6 +14,10 @@ - #include "internal/bn_int.h" - #include "ec_lcl.h" + #include "crypto/bn.h" + #include "ec_local.h" +#ifdef OPENSSL_FIPS +# include @@ -799,9 +799,9 @@ diff -up openssl-1.1.1d/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.1d/crypto/ec/ecd /* check input values */ if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { -diff -up openssl-1.1.1d/crypto/ec/ec_key.c.fips openssl-1.1.1d/crypto/ec/ec_key.c ---- openssl-1.1.1d/crypto/ec/ec_key.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ec_key.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/ec/ec_key.c.fips openssl-1.1.1e/crypto/ec/ec_key.c +--- openssl-1.1.1e/crypto/ec/ec_key.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_key.c 2020-03-17 17:30:52.026567392 +0100 @@ -178,14 +178,62 @@ ENGINE *EC_KEY_get0_engine(const EC_KEY return eckey->engine; } @@ -809,7 +809,7 @@ diff -up openssl-1.1.1d/crypto/ec/ec_key.c.fips openssl-1.1.1d/crypto/ec/ec_key. +#ifdef OPENSSL_FIPS + +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +static int fips_check_ec(EC_KEY *key) +{ @@ -867,9 +867,9 @@ diff -up openssl-1.1.1d/crypto/ec/ec_key.c.fips openssl-1.1.1d/crypto/ec/ec_key. ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED); return 0; } -diff -up openssl-1.1.1d/crypto/ec/ec_pmeth.c.fips openssl-1.1.1d/crypto/ec/ec_pmeth.c ---- openssl-1.1.1d/crypto/ec/ec_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/ec/ec_pmeth.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips openssl-1.1.1e/crypto/ec/ec_pmeth.c +--- openssl-1.1.1e/crypto/ec/ec_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/ec/ec_pmeth.c 2020-03-17 17:30:52.026567392 +0100 @@ -438,7 +438,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX * const EVP_PKEY_METHOD ec_pkey_meth = { @@ -879,9 +879,9 @@ diff -up openssl-1.1.1d/crypto/ec/ec_pmeth.c.fips openssl-1.1.1d/crypto/ec/ec_pm pkey_ec_init, pkey_ec_copy, pkey_ec_cleanup, -diff -up openssl-1.1.1d/crypto/evp/c_allc.c.fips openssl-1.1.1d/crypto/evp/c_allc.c ---- openssl-1.1.1d/crypto/evp/c_allc.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/c_allc.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/evp/c_allc.c.fips openssl-1.1.1e/crypto/evp/c_allc.c +--- openssl-1.1.1e/crypto/evp/c_allc.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/c_allc.c 2020-03-17 17:30:52.027567375 +0100 @@ -17,6 +17,9 @@ void openssl_add_all_ciphers_int(void) { @@ -963,9 +963,9 @@ diff -up openssl-1.1.1d/crypto/evp/c_allc.c.fips openssl-1.1.1d/crypto/evp/c_all + } +#endif } -diff -up openssl-1.1.1d/crypto/evp/c_alld.c.fips openssl-1.1.1d/crypto/evp/c_alld.c ---- openssl-1.1.1d/crypto/evp/c_alld.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/c_alld.c 2019-09-13 15:13:11.048525186 +0200 +diff -up openssl-1.1.1e/crypto/evp/c_alld.c.fips openssl-1.1.1e/crypto/evp/c_alld.c +--- openssl-1.1.1e/crypto/evp/c_alld.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/c_alld.c 2020-03-17 17:30:52.027567375 +0100 @@ -16,6 +16,9 @@ void openssl_add_all_digests_int(void) @@ -1001,13 +1001,13 @@ diff -up openssl-1.1.1d/crypto/evp/c_alld.c.fips openssl-1.1.1d/crypto/evp/c_all + } +#endif } -diff -up openssl-1.1.1d/crypto/evp/digest.c.fips openssl-1.1.1d/crypto/evp/digest.c ---- openssl-1.1.1d/crypto/evp/digest.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/digest.c 2019-09-13 15:13:11.049525168 +0200 +diff -up openssl-1.1.1e/crypto/evp/digest.c.fips openssl-1.1.1e/crypto/evp/digest.c +--- openssl-1.1.1e/crypto/evp/digest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/digest.c 2020-03-17 17:38:57.528093469 +0100 @@ -14,6 +14,9 @@ #include - #include "internal/evp_int.h" - #include "evp_locl.h" + #include "crypto/evp.h" + #include "evp_local.h" +#ifdef OPENSSL_FIPS +# include +#endif @@ -1064,9 +1064,9 @@ diff -up openssl-1.1.1d/crypto/evp/digest.c.fips openssl-1.1.1d/crypto/evp/diges OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret = ctx->digest->final(ctx, md); if (size != NULL) -diff -up openssl-1.1.1d/crypto/evp/e_aes.c.fips openssl-1.1.1d/crypto/evp/e_aes.c ---- openssl-1.1.1d/crypto/evp/e_aes.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_aes.c 2019-09-13 17:19:00.558994569 +0200 +diff -up openssl-1.1.1e/crypto/evp/e_aes.c.fips openssl-1.1.1e/crypto/evp/e_aes.c +--- openssl-1.1.1e/crypto/evp/e_aes.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_aes.c 2020-03-17 17:30:52.028567357 +0100 @@ -397,7 +397,7 @@ static int aesni_xts_init_key(EVP_CIPHER * This addresses Rogaway's vulnerability. * See comment in aes_xts_init_key() below. @@ -1189,9 +1189,9 @@ diff -up openssl-1.1.1d/crypto/evp/e_aes.c.fips openssl-1.1.1d/crypto/evp/e_aes. | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) -diff -up openssl-1.1.1d/crypto/evp/e_des3.c.fips openssl-1.1.1d/crypto/evp/e_des3.c ---- openssl-1.1.1d/crypto/evp/e_des3.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_des3.c 2019-09-13 15:13:11.050525151 +0200 +diff -up openssl-1.1.1e/crypto/evp/e_des3.c.fips openssl-1.1.1e/crypto/evp/e_des3.c +--- openssl-1.1.1e/crypto/evp/e_des3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_des3.c 2020-03-17 17:30:52.029567340 +0100 @@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, # define des_ede3_cbc_cipher des_ede_cbc_cipher # define des_ede3_ecb_cipher des_ede_ecb_cipher @@ -1218,9 +1218,9 @@ diff -up openssl-1.1.1d/crypto/evp/e_des3.c.fips openssl-1.1.1d/crypto/evp/e_des static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) -diff -up openssl-1.1.1d/crypto/evp/e_null.c.fips openssl-1.1.1d/crypto/evp/e_null.c ---- openssl-1.1.1d/crypto/evp/e_null.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/e_null.c 2019-09-13 15:13:11.051525133 +0200 +diff -up openssl-1.1.1e/crypto/evp/e_null.c.fips openssl-1.1.1e/crypto/evp/e_null.c +--- openssl-1.1.1e/crypto/evp/e_null.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/e_null.c 2020-03-17 17:30:52.029567340 +0100 @@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c const unsigned char *in, size_t inl); static const EVP_CIPHER n_cipher = { @@ -1231,30 +1231,28 @@ diff -up openssl-1.1.1d/crypto/evp/e_null.c.fips openssl-1.1.1d/crypto/evp/e_nul null_init_key, null_cipher, NULL, -diff -up openssl-1.1.1d/crypto/evp/evp_enc.c.fips openssl-1.1.1d/crypto/evp/evp_enc.c ---- openssl-1.1.1d/crypto/evp/evp_enc.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_enc.c 2019-09-13 15:13:11.051525133 +0200 -@@ -17,10 +17,19 @@ +diff -up openssl-1.1.1e/crypto/evp/evp_enc.c.fips openssl-1.1.1e/crypto/evp/evp_enc.c +--- openssl-1.1.1e/crypto/evp/evp_enc.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_enc.c 2020-03-17 17:39:52.663129373 +0100 +@@ -17,9 +17,18 @@ #include - #include "internal/evp_int.h" - #include "evp_locl.h" + #include "crypto/evp.h" + #include "evp_local.h" +#ifdef OPENSSL_FIPS +# include +#endif int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) { -- if (c == NULL) +#ifdef OPENSSL_FIPS + if (FIPS_selftest_failed()) { + FIPSerr(FIPS_F_EVP_CIPHER_CTX_RESET, FIPS_R_FIPS_SELFTEST_FAILED); + return 0; + } +#endif -+ if (c == NULL) + if (c == NULL) return 1; if (c->cipher != NULL) { - if (c->cipher->cleanup && !c->cipher->cleanup(c)) @@ -39,6 +48,12 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) @@ -1309,9 +1307,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_enc.c.fips openssl-1.1.1d/crypto/evp/evp_ if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { if (!ctx->cipher->init(ctx, key, iv, enc)) -diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_err.c ---- openssl-1.1.1d/crypto/evp/evp_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_err.c 2019-09-13 15:25:47.290298192 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_err.c.fips openssl-1.1.1e/crypto/evp/evp_err.c +--- openssl-1.1.1e/crypto/evp/evp_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_err.c 2020-03-17 17:30:52.030567322 +0100 @@ -23,6 +23,7 @@ static const ERR_STRING_DATA EVP_str_fun {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0), "aes_t4_xts_init_key"}, @@ -1328,7 +1326,7 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION), "error loading section"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE), -@@ -248,6 +250,7 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -249,6 +251,7 @@ static const ERR_STRING_DATA EVP_str_rea {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, @@ -1336,7 +1334,7 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"}, -@@ -273,6 +276,8 @@ static const ERR_STRING_DATA EVP_str_rea +@@ -274,6 +277,8 @@ static const ERR_STRING_DATA EVP_str_rea "wrap mode not allowed"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"}, @@ -1345,9 +1343,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_err.c.fips openssl-1.1.1d/crypto/evp/evp_ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS), "xts duplicated keys"}, {0, NULL} -diff -up openssl-1.1.1d/crypto/evp/evp_lib.c.fips openssl-1.1.1d/crypto/evp/evp_lib.c ---- openssl-1.1.1d/crypto/evp/evp_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/evp_lib.c 2019-09-13 15:13:11.051525133 +0200 +diff -up openssl-1.1.1e/crypto/evp/evp_lib.c.fips openssl-1.1.1e/crypto/evp/evp_lib.c +--- openssl-1.1.1e/crypto/evp/evp_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/evp_lib.c 2020-03-17 17:30:52.030567322 +0100 @@ -192,6 +192,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) @@ -1358,9 +1356,9 @@ diff -up openssl-1.1.1d/crypto/evp/evp_lib.c.fips openssl-1.1.1d/crypto/evp/evp_ return ctx->cipher->do_cipher(ctx, out, in, inl); } -diff -up openssl-1.1.1d/crypto/evp/m_sha1.c.fips openssl-1.1.1d/crypto/evp/m_sha1.c ---- openssl-1.1.1d/crypto/evp/m_sha1.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/m_sha1.c 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/evp/m_sha1.c.fips openssl-1.1.1e/crypto/evp/m_sha1.c +--- openssl-1.1.1e/crypto/evp/m_sha1.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha1.c 2020-03-17 17:30:52.030567322 +0100 @@ -95,7 +95,7 @@ static const EVP_MD sha1_md = { NID_sha1, NID_sha1WithRSAEncryption, @@ -1424,9 +1422,9 @@ diff -up openssl-1.1.1d/crypto/evp/m_sha1.c.fips openssl-1.1.1d/crypto/evp/m_sha init512, update512, final512, -diff -up openssl-1.1.1d/crypto/evp/m_sha3.c.fips openssl-1.1.1d/crypto/evp/m_sha3.c ---- openssl-1.1.1d/crypto/evp/m_sha3.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/m_sha3.c 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/evp/m_sha3.c.fips openssl-1.1.1e/crypto/evp/m_sha3.c +--- openssl-1.1.1e/crypto/evp/m_sha3.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/m_sha3.c 2020-03-17 17:30:52.031567305 +0100 @@ -295,7 +295,7 @@ const EVP_MD *EVP_sha3_##bitlen(void) NID_sha3_##bitlen, \ NID_RSA_SHA3_##bitlen, \ @@ -1481,9 +1479,9 @@ diff -up openssl-1.1.1d/crypto/evp/m_sha3.c.fips openssl-1.1.1d/crypto/evp/m_sha shake_init, \ sha3_update, \ sha3_final, \ -diff -up openssl-1.1.1d/crypto/evp/pmeth_lib.c.fips openssl-1.1.1d/crypto/evp/pmeth_lib.c ---- openssl-1.1.1d/crypto/evp/pmeth_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/evp/pmeth_lib.c 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips openssl-1.1.1e/crypto/evp/pmeth_lib.c +--- openssl-1.1.1e/crypto/evp/pmeth_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/evp/pmeth_lib.c 2020-03-17 17:30:52.031567305 +0100 @@ -131,7 +131,15 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKE pmeth = ENGINE_get_pkey_meth(e, id); else @@ -1500,9 +1498,9 @@ diff -up openssl-1.1.1d/crypto/evp/pmeth_lib.c.fips openssl-1.1.1d/crypto/evp/pm if (pmeth == NULL) { #ifndef OPENSSL_NO_ENGINE -diff -up openssl-1.1.1d/crypto/fips/build.info.fips openssl-1.1.1d/crypto/fips/build.info ---- openssl-1.1.1d/crypto/fips/build.info.fips 2019-09-13 15:13:11.052525116 +0200 -+++ openssl-1.1.1d/crypto/fips/build.info 2019-09-13 15:13:11.052525116 +0200 +diff -up openssl-1.1.1e/crypto/fips/build.info.fips openssl-1.1.1e/crypto/fips/build.info +--- openssl-1.1.1e/crypto/fips/build.info.fips 2020-03-17 17:30:52.032567287 +0100 ++++ openssl-1.1.1e/crypto/fips/build.info 2020-03-17 17:30:52.032567287 +0100 @@ -0,0 +1,15 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ @@ -1519,9 +1517,9 @@ diff -up openssl-1.1.1d/crypto/fips/build.info.fips openssl-1.1.1d/crypto/fips/b +SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c +INCLUDE[fips_standalone_hmac]=../../include +DEPEND[fips_standalone_hmac]=../../libcrypto -diff -up openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_aes_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_aes_selftest.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_aes_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_aes_selftest.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_aes_selftest.c 2020-03-17 17:30:52.033567270 +0100 @@ -0,0 +1,372 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -1576,7 +1574,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1d/cryp +#include +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +#endif + +#ifdef OPENSSL_FIPS @@ -1895,9 +1893,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.1d/cryp +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips.c.fips openssl-1.1.1d/crypto/fips/fips.c ---- openssl-1.1.1d/crypto/fips/fips.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips.c.fips openssl-1.1.1e/crypto/fips/fips.c +--- openssl-1.1.1e/crypto/fips/fips.c.fips 2020-03-17 17:30:52.033567270 +0100 ++++ openssl-1.1.1e/crypto/fips/fips.c 2020-03-17 17:30:52.033567270 +0100 @@ -0,0 +1,526 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -2425,9 +2423,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips.c.fips openssl-1.1.1d/crypto/fips/fips. +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_cmac_selftest.c 2020-03-17 17:30:52.033567270 +0100 @@ -0,0 +1,156 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -2481,7 +2479,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1d/cry +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "fips_locl.h" + @@ -2585,9 +2583,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.1d/cry + return rv; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_des_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips 2019-09-13 15:13:11.053525098 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_des_selftest.c 2019-09-13 15:13:11.053525098 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_des_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_des_selftest.c.fips 2020-03-17 17:30:52.034567253 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_des_selftest.c 2020-03-17 17:30:52.034567253 +0100 @@ -0,0 +1,133 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -2642,7 +2640,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1d/cryp +#include +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +#endif +#include + @@ -2722,9 +2720,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.1d/cryp + return ret; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_dh_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_dh_selftest.c.fips 2019-09-13 15:13:11.055525063 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_dh_selftest.c 2019-09-13 15:13:11.055525063 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dh_selftest.c.fips 2020-03-17 17:30:52.038567183 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dh_selftest.c 2020-03-17 17:30:52.038567183 +0100 @@ -0,0 +1,180 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -2906,9 +2904,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.1d/crypt + return ret; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c.fips 2019-09-13 15:13:11.055525063 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c 2019-09-13 15:13:11.055525063 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c.fips 2020-03-17 17:30:52.040567148 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_ctr.c 2020-03-17 17:30:52.039567165 +0100 @@ -0,0 +1,406 @@ +/* fips/rand/fips_drbg_ctr.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3316,9 +3314,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.1d/crypto/f + + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_hash.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_hash.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hash.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hash.c.fips 2020-03-17 17:30:52.041567130 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hash.c 2020-03-17 17:30:52.040567148 +0100 @@ -0,0 +1,354 @@ +/* fips/rand/fips_drbg_hash.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3379,7 +3377,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1d/crypto/ +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "fips_rand_lcl.h" + @@ -3674,9 +3672,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.1d/crypto/ + + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c.fips 2020-03-17 17:30:52.042567113 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_hmac.c 2020-03-17 17:30:52.042567113 +0100 @@ -0,0 +1,262 @@ +/* fips/rand/fips_drbg_hmac.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -3940,9 +3938,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.1d/crypto/ + + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_lib.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_lib.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_lib.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_lib.c.fips 2020-03-17 17:30:52.043567095 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_lib.c 2020-03-17 17:30:52.043567095 +0100 @@ -0,0 +1,528 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. @@ -4000,7 +3998,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1d/crypto/f +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "fips_locl.h" +#include "fips_rand_lcl.h" @@ -4472,9 +4470,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.1d/crypto/f +{ + /* Just backwards compatibility API call with no effect. */ +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_rand.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_rand.c.fips 2019-09-13 15:13:11.056525046 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_rand.c 2019-09-13 15:13:11.056525046 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_rand.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_rand.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_rand.c 2020-03-17 17:30:52.044567078 +0100 @@ -0,0 +1,185 @@ +/* fips/rand/fips_drbg_rand.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -4661,9 +4659,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.1d/crypto/ +{ + return &rand_drbg_meth; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c.fips 2019-09-13 15:13:11.057525028 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c 2019-09-13 15:13:11.057525028 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c.fips 2020-03-17 17:30:52.044567078 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.c 2020-03-17 17:30:52.044567078 +0100 @@ -0,0 +1,828 @@ +/* fips/rand/fips_drbg_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -5493,9 +5491,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.1d/cry + FIPS_drbg_free(dctx); + return rv; +} -diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h ---- openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h.fips 2019-09-13 15:13:11.057525028 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h 2019-09-13 15:13:11.057525028 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h +--- openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h.fips 2020-03-17 17:30:52.045567061 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_drbg_selftest.h 2020-03-17 17:30:52.045567061 +0100 @@ -0,0 +1,1791 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -7288,9 +7286,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.1d/cry + 0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79, + 0xc2, 0xd6, 0xfd, 0xa5 +}; -diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips 2019-09-13 15:13:11.057525028 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c 2019-09-13 15:13:11.057525028 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_dsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 @@ -0,0 +1,195 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -7345,7 +7343,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/cryp +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include +#include @@ -7444,7 +7442,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/cryp +{ + DSA *dsa = NULL; + EVP_PKEY *pk = NULL; -+ int ret = -1; ++ int ret = 0; + BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL; + + fips_load_key_component(p, dsa_test_2048); @@ -7487,9 +7485,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.1d/cryp + return ret; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdh_selftest.c 2020-03-17 17:30:52.046567043 +0100 @@ -0,0 +1,242 @@ +/* fips/ecdh/fips_ecdh_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -7644,24 +7642,24 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/cry + d = BN_bin2bn(ecd->d1, ecd->d1len, d); + + if (!x || !y || !d || !ztmp) { -+ rv = -1; ++ rv = 0; + goto err; + } + + ec1 = EC_KEY_new_by_curve_name(ecd->curve); + if (!ec1) { -+ rv = -1; ++ rv = 0; + goto err; + } + EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); + + if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y)) { -+ rv = -1; ++ rv = 0; + goto err; + } + + if (!EC_KEY_set_private_key(ec1, d)) { -+ rv = -1; ++ rv = 0; + goto err; + } + @@ -7669,30 +7667,30 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/cry + y = BN_bin2bn(ecd->y2, ecd->y2len, y); + + if (!x || !y) { -+ rv = -1; ++ rv = 0; + goto err; + } + + ec2 = EC_KEY_new_by_curve_name(ecd->curve); + if (!ec2) { -+ rv = -1; ++ rv = 0; + goto err; + } + EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH); + + if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y)) { -+ rv = -1; ++ rv = 0; + goto err; + } + + ecp = EC_KEY_get0_public_key(ec2); + if (!ecp) { -+ rv = -1; ++ rv = 0; + goto err; + } + + if (!ECDH_compute_key(ztmp, ecd->zlen, ecp, ec1, 0)) { -+ rv = -1; ++ rv = 0; + goto err; + } + @@ -7733,9 +7731,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.1d/cry +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c.fips 2020-03-17 17:30:52.046567043 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ecdsa_selftest.c 2020-03-17 17:30:52.046567043 +0100 @@ -0,0 +1,166 @@ +/* fips/ecdsa/fips_ecdsa_selftest.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -7798,7 +7796,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1d/cr +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include +#include @@ -7903,9 +7901,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.1d/cr +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_err.h.fips openssl-1.1.1d/crypto/fips/fips_err.h ---- openssl-1.1.1d/crypto/fips/fips_err.h.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_err.h 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_err.h.fips openssl-1.1.1e/crypto/fips/fips_err.h +--- openssl-1.1.1e/crypto/fips/fips_err.h.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_err.h 2020-03-17 17:30:52.047567026 +0100 @@ -0,0 +1,197 @@ +/* crypto/fips_err.h */ +/* ==================================================================== @@ -8104,9 +8102,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_err.h.fips openssl-1.1.1d/crypto/fips/f +#endif + return 1; +} -diff -up openssl-1.1.1d/crypto/fips/fips_ers.c.fips openssl-1.1.1d/crypto/fips/fips_ers.c ---- openssl-1.1.1d/crypto/fips/fips_ers.c.fips 2019-09-13 15:13:11.058525011 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_ers.c 2019-09-13 15:13:11.058525011 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_ers.c.fips openssl-1.1.1e/crypto/fips/fips_ers.c +--- openssl-1.1.1e/crypto/fips/fips_ers.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_ers.c 2020-03-17 17:30:52.047567026 +0100 @@ -0,0 +1,7 @@ +#include + @@ -8115,9 +8113,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_ers.c.fips openssl-1.1.1d/crypto/fips/f +#else +static void *dummy = &dummy; +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c.fips 2019-09-13 15:13:11.059524993 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c 2019-09-13 15:13:11.059524993 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c.fips 2020-03-17 17:30:52.047567026 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_hmac_selftest.c 2020-03-17 17:30:52.047567026 +0100 @@ -0,0 +1,134 @@ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. @@ -8253,9 +8251,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.1d/cry + return 1; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_locl.h.fips openssl-1.1.1d/crypto/fips/fips_locl.h ---- openssl-1.1.1d/crypto/fips/fips_locl.h.fips 2019-09-13 15:13:11.059524993 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_locl.h 2019-09-13 15:13:11.059524993 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_locl.h.fips openssl-1.1.1e/crypto/fips/fips_locl.h +--- openssl-1.1.1e/crypto/fips/fips_locl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_locl.h 2020-03-17 17:30:52.048567008 +0100 @@ -0,0 +1,71 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8328,9 +8326,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_locl.h.fips openssl-1.1.1d/crypto/fips/ +} +# endif +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_post.c.fips openssl-1.1.1d/crypto/fips/fips_post.c ---- openssl-1.1.1d/crypto/fips/fips_post.c.fips 2019-09-13 15:13:11.059524993 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_post.c 2019-09-13 15:13:11.059524993 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_post.c.fips openssl-1.1.1e/crypto/fips/fips_post.c +--- openssl-1.1.1e/crypto/fips/fips_post.c.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_post.c 2020-03-17 17:30:52.048567008 +0100 @@ -0,0 +1,224 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8400,7 +8398,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_post.c.fips openssl-1.1.1d/crypto/fips/ +/* Power on self test (POST) support functions */ + +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +# include "fips_locl.h" + +/* Run all selftests */ @@ -8556,9 +8554,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_post.c.fips openssl-1.1.1d/crypto/fips/ + return 1; +} +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1d/crypto/fips/fips_rand_lcl.h ---- openssl-1.1.1d/crypto/fips/fips_rand_lcl.h.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_rand_lcl.h 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1e/crypto/fips/fips_rand_lcl.h +--- openssl-1.1.1e/crypto/fips/fips_rand_lcl.h.fips 2020-03-17 17:30:52.048567008 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lcl.h 2020-03-17 17:30:52.048567008 +0100 @@ -0,0 +1,203 @@ +/* fips/rand/fips_rand_lcl.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL @@ -8763,9 +8761,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.1d/crypto/f +#define FIPS_digestupdate EVP_DigestUpdate +#define FIPS_digestfinal EVP_DigestFinal +#define M_EVP_MD_size EVP_MD_size -diff -up openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1d/crypto/fips/fips_rand_lib.c ---- openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_rand_lib.c 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1e/crypto/fips/fips_rand_lib.c +--- openssl-1.1.1e/crypto/fips/fips_rand_lib.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rand_lib.c 2020-03-17 17:30:52.049566991 +0100 @@ -0,0 +1,234 @@ +/* ==================================================================== + * Copyright (c) 2011 The OpenSSL Project. All rights reserved. @@ -8827,7 +8825,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1d/crypto/f +#include +#include +#include -+#include "internal/fips_int.h" ++#include "crypto/fips.h" +#include +#include "e_os.h" + @@ -9001,9 +8999,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.1d/crypto/f +# endif +} + -diff -up openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c.fips 2020-03-17 17:30:52.049566991 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_rsa_selftest.c 2020-03-17 17:30:52.049566991 +0100 @@ -0,0 +1,338 @@ +/* ==================================================================== + * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. @@ -9058,7 +9056,7 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1d/cryp +#include +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" +#endif +#include +#include @@ -9343,9 +9341,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.1d/cryp +} + +#endif /* def OPENSSL_FIPS */ -diff -up openssl-1.1.1d/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1d/crypto/fips/fips_sha_selftest.c ---- openssl-1.1.1d/crypto/fips/fips_sha_selftest.c.fips 2019-09-13 15:13:11.060524976 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_sha_selftest.c 2019-09-13 15:13:11.060524976 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1e/crypto/fips/fips_sha_selftest.c +--- openssl-1.1.1e/crypto/fips/fips_sha_selftest.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_sha_selftest.c 2020-03-17 17:30:52.050566973 +0100 @@ -0,0 +1,223 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9570,9 +9568,9 @@ diff -up openssl-1.1.1d/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.1d/cryp +} + +#endif -diff -up openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c ---- openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c.fips 2019-09-13 15:13:11.061524958 +0200 -+++ openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c +--- openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/fips/fips_standalone_hmac.c 2020-03-17 17:30:52.050566973 +0100 @@ -0,0 +1,127 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9701,10 +9699,10 @@ diff -up openssl-1.1.1d/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.1d/c +#endif + return 0; +} -diff -up openssl-1.1.1d/crypto/hmac/hmac.c.fips openssl-1.1.1d/crypto/hmac/hmac.c ---- openssl-1.1.1d/crypto/hmac/hmac.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/hmac/hmac.c 2019-09-13 15:13:11.061524958 +0200 -@@ -43,6 +43,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo +diff -up openssl-1.1.1e/crypto/hmac/hmac.c.fips openssl-1.1.1e/crypto/hmac/hmac.c +--- openssl-1.1.1e/crypto/hmac/hmac.c.fips 2020-03-17 17:30:52.050566973 +0100 ++++ openssl-1.1.1e/crypto/hmac/hmac.c 2020-03-17 17:38:16.969802663 +0100 +@@ -44,6 +44,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo return 0; if (key != NULL) { @@ -9716,11 +9714,11 @@ diff -up openssl-1.1.1d/crypto/hmac/hmac.c.fips openssl-1.1.1d/crypto/hmac/hmac. + goto err; +#endif reset = 1; + j = EVP_MD_block_size(md); - if (!ossl_assert(j <= (int)sizeof(ctx->key))) -diff -up openssl-1.1.1d/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1d/crypto/hmac/hm_pmeth.c ---- openssl-1.1.1d/crypto/hmac/hm_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/hmac/hm_pmeth.c 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1e/crypto/hmac/hm_pmeth.c +--- openssl-1.1.1e/crypto/hmac/hm_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/hmac/hm_pmeth.c 2020-03-17 17:30:52.051566956 +0100 @@ -180,7 +180,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_C const EVP_PKEY_METHOD hmac_pkey_meth = { @@ -9730,9 +9728,9 @@ diff -up openssl-1.1.1d/crypto/hmac/hm_pmeth.c.fips openssl-1.1.1d/crypto/hmac/h pkey_hmac_init, pkey_hmac_copy, pkey_hmac_cleanup, -diff -up openssl-1.1.1d/crypto/include/internal/fips_int.h.fips openssl-1.1.1d/crypto/include/internal/fips_int.h ---- openssl-1.1.1d/crypto/include/internal/fips_int.h.fips 2019-09-13 15:13:11.061524958 +0200 -+++ openssl-1.1.1d/crypto/include/internal/fips_int.h 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/include/crypto/fips.h.fips openssl-1.1.1e/include/crypto/fips.h +--- openssl-1.1.1e/include/crypto/fips.h.fips 2020-03-17 17:30:52.051566956 +0100 ++++ openssl-1.1.1e/include/crypto/fips.h 2020-03-17 17:30:52.051566956 +0100 @@ -0,0 +1,98 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -9832,14 +9830,14 @@ diff -up openssl-1.1.1d/crypto/include/internal/fips_int.h.fips openssl-1.1.1d/c +void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr); + +#endif -diff -up openssl-1.1.1d/crypto/o_fips.c.fips openssl-1.1.1d/crypto/o_fips.c ---- openssl-1.1.1d/crypto/o_fips.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/o_fips.c 2019-09-13 15:13:11.061524958 +0200 +diff -up openssl-1.1.1e/crypto/o_fips.c.fips openssl-1.1.1e/crypto/o_fips.c +--- openssl-1.1.1e/crypto/o_fips.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_fips.c 2020-03-17 17:30:52.052566939 +0100 @@ -8,17 +8,28 @@ */ #include "internal/cryptlib.h" -+#include "internal/fips_int.h" ++#include "crypto/fips.h" int FIPS_mode(void) { @@ -9864,9 +9862,9 @@ diff -up openssl-1.1.1d/crypto/o_fips.c.fips openssl-1.1.1d/crypto/o_fips.c return 0; +#endif } -diff -up openssl-1.1.1d/crypto/o_init.c.fips openssl-1.1.1d/crypto/o_init.c ---- openssl-1.1.1d/crypto/o_init.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/o_init.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/o_init.c.fips openssl-1.1.1e/crypto/o_init.c +--- openssl-1.1.1e/crypto/o_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/o_init.c 2020-03-17 17:30:52.052566939 +0100 @@ -7,8 +7,68 @@ * https://www.openssl.org/source/license.html */ @@ -9884,7 +9882,7 @@ diff -up openssl-1.1.1d/crypto/o_init.c.fips openssl-1.1.1d/crypto/o_init.c +# include +# include +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" + @@ -9936,12 +9934,12 @@ diff -up openssl-1.1.1d/crypto/o_init.c.fips openssl-1.1.1d/crypto/o_init.c /* * Perform any essential OpenSSL initialization operations. Currently does -diff -up openssl-1.1.1d/crypto/rand/rand_lib.c.fips openssl-1.1.1d/crypto/rand/rand_lib.c ---- openssl-1.1.1d/crypto/rand/rand_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rand/rand_lib.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/rand/rand_lib.c.fips openssl-1.1.1e/crypto/rand/rand_lib.c +--- openssl-1.1.1e/crypto/rand/rand_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rand/rand_lib.c 2020-03-17 17:35:56.471259207 +0100 @@ -16,6 +16,10 @@ #include "internal/thread_once.h" - #include "rand_lcl.h" + #include "rand_local.h" #include "e_os.h" +#ifdef OPENSSL_FIPS +# include @@ -9950,7 +9948,7 @@ diff -up openssl-1.1.1d/crypto/rand/rand_lib.c.fips openssl-1.1.1d/crypto/rand/r #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ -@@ -959,3 +963,15 @@ int RAND_status(void) +@@ -961,3 +965,15 @@ int RAND_status(void) return meth->status(); return 0; } @@ -9966,9 +9964,9 @@ diff -up openssl-1.1.1d/crypto/rand/rand_lib.c.fips openssl-1.1.1d/crypto/rand/r + return 1; +} +#endif -diff -up openssl-1.1.1d/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1d/crypto/rsa/rsa_crpt.c ---- openssl-1.1.1d/crypto/rsa/rsa_crpt.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_crpt.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1e/crypto/rsa/rsa_crpt.c +--- openssl-1.1.1e/crypto/rsa/rsa_crpt.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_crpt.c 2020-03-17 17:30:52.055566886 +0100 @@ -27,24 +27,52 @@ int RSA_size(const RSA *r) int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) @@ -10022,9 +10020,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_crpt.c.fips openssl-1.1.1d/crypto/rsa/rsa return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); } -diff -up openssl-1.1.1d/crypto/rsa/rsa_err.c.fips openssl-1.1.1d/crypto/rsa/rsa_err.c ---- openssl-1.1.1d/crypto/rsa/rsa_err.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_err.c 2019-09-13 15:13:11.062524941 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_err.c.fips openssl-1.1.1e/crypto/rsa/rsa_err.c +--- openssl-1.1.1e/crypto/rsa/rsa_err.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_err.c 2020-03-17 17:30:52.055566886 +0100 @@ -16,6 +16,8 @@ static const ERR_STRING_DATA RSA_str_functs[] = { {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"}, @@ -10093,16 +10091,16 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_err.c.fips openssl-1.1.1d/crypto/rsa/rsa_ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE), "unsupported signature type"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"}, -diff -up openssl-1.1.1d/crypto/rsa/rsa_gen.c.fips openssl-1.1.1d/crypto/rsa/rsa_gen.c ---- openssl-1.1.1d/crypto/rsa/rsa_gen.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_gen.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips openssl-1.1.1e/crypto/rsa/rsa_gen.c +--- openssl-1.1.1e/crypto/rsa/rsa_gen.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_gen.c 2020-03-17 17:33:55.560367363 +0100 @@ -18,6 +18,76 @@ #include "internal/cryptlib.h" #include - #include "rsa_locl.h" + #include "rsa_local.h" +#ifdef OPENSSL_FIPS +# include -+# include "internal/fips_int.h" ++# include "crypto/fips.h" + +int fips_check_rsa(RSA *rsa) +{ @@ -10488,9 +10486,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_gen.c.fips openssl-1.1.1d/crypto/rsa/rsa_ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb) { -diff -up openssl-1.1.1d/crypto/rsa/rsa_lib.c.fips openssl-1.1.1d/crypto/rsa/rsa_lib.c ---- openssl-1.1.1d/crypto/rsa/rsa_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_lib.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips openssl-1.1.1e/crypto/rsa/rsa_lib.c +--- openssl-1.1.1e/crypto/rsa/rsa_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_lib.c 2020-03-17 17:30:52.056566869 +0100 @@ -34,6 +34,12 @@ int RSA_set_method(RSA *rsa, const RSA_M * to deal with which ENGINE it comes from. */ @@ -10533,12 +10531,12 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_lib.c.fips openssl-1.1.1d/crypto/rsa/rsa_ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { goto err; } -diff -up openssl-1.1.1d/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1d/crypto/rsa/rsa_ossl.c ---- openssl-1.1.1d/crypto/rsa/rsa_ossl.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_ossl.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1e/crypto/rsa/rsa_ossl.c +--- openssl-1.1.1e/crypto/rsa/rsa_ossl.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_ossl.c 2020-03-17 17:34:32.289726964 +0100 @@ -12,6 +12,10 @@ - #include "rsa_locl.h" - #include "internal/constant_time_locl.h" + #include "rsa_local.h" + #include "internal/constant_time.h" +#ifdef OPENSSL_FIPS +# include @@ -10652,9 +10650,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_ossl.c.fips openssl-1.1.1d/crypto/rsa/rsa if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); return -1; -diff -up openssl-1.1.1d/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1d/crypto/rsa/rsa_pmeth.c ---- openssl-1.1.1d/crypto/rsa/rsa_pmeth.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_pmeth.c 2019-09-13 15:13:11.063524923 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1e/crypto/rsa/rsa_pmeth.c +--- openssl-1.1.1e/crypto/rsa/rsa_pmeth.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_pmeth.c 2020-03-17 17:30:52.056566869 +0100 @@ -756,7 +756,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX const EVP_PKEY_METHOD rsa_pkey_meth = { @@ -10673,9 +10671,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_pmeth.c.fips openssl-1.1.1d/crypto/rsa/rs pkey_rsa_init, pkey_rsa_copy, pkey_rsa_cleanup, -diff -up openssl-1.1.1d/crypto/rsa/rsa_sign.c.fips openssl-1.1.1d/crypto/rsa/rsa_sign.c ---- openssl-1.1.1d/crypto/rsa/rsa_sign.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/rsa/rsa_sign.c 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips openssl-1.1.1e/crypto/rsa/rsa_sign.c +--- openssl-1.1.1e/crypto/rsa/rsa_sign.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/rsa/rsa_sign.c 2020-03-17 17:30:52.057566851 +0100 @@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch unsigned char *tmps = NULL; const unsigned char *encoded = NULL; @@ -10702,9 +10700,9 @@ diff -up openssl-1.1.1d/crypto/rsa/rsa_sign.c.fips openssl-1.1.1d/crypto/rsa/rsa if (encrypt_len <= 0) goto err; -diff -up openssl-1.1.1d/crypto/sha/sha256.c.fips openssl-1.1.1d/crypto/sha/sha256.c ---- openssl-1.1.1d/crypto/sha/sha256.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/sha/sha256.c 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/sha/sha256.c.fips openssl-1.1.1e/crypto/sha/sha256.c +--- openssl-1.1.1e/crypto/sha/sha256.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha256.c 2020-03-17 17:30:52.057566851 +0100 @@ -18,6 +18,9 @@ int SHA224_Init(SHA256_CTX *c) @@ -10725,9 +10723,9 @@ diff -up openssl-1.1.1d/crypto/sha/sha256.c.fips openssl-1.1.1d/crypto/sha/sha25 memset(c, 0, sizeof(*c)); c->h[0] = 0x6a09e667UL; c->h[1] = 0xbb67ae85UL; -diff -up openssl-1.1.1d/crypto/sha/sha512.c.fips openssl-1.1.1d/crypto/sha/sha512.c ---- openssl-1.1.1d/crypto/sha/sha512.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/crypto/sha/sha512.c 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/sha/sha512.c.fips openssl-1.1.1e/crypto/sha/sha512.c +--- openssl-1.1.1e/crypto/sha/sha512.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/crypto/sha/sha512.c 2020-03-17 17:30:52.057566851 +0100 @@ -98,6 +98,9 @@ int sha512_256_init(SHA512_CTX *c) int SHA384_Init(SHA512_CTX *c) @@ -10748,9 +10746,9 @@ diff -up openssl-1.1.1d/crypto/sha/sha512.c.fips openssl-1.1.1d/crypto/sha/sha51 c->h[0] = U64(0x6a09e667f3bcc908); c->h[1] = U64(0xbb67ae8584caa73b); c->h[2] = U64(0x3c6ef372fe94f82b); -diff -up openssl-1.1.1d/crypto/sha/sha_locl.h.fips openssl-1.1.1d/crypto/sha/sha_locl.h ---- openssl-1.1.1d/crypto/sha/sha_locl.h.fips 2019-09-13 15:13:10.837528873 +0200 -+++ openssl-1.1.1d/crypto/sha/sha_locl.h 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/crypto/sha/sha_local.h.fips openssl-1.1.1e/crypto/sha/sha_local.h +--- openssl-1.1.1e/crypto/sha/sha_local.h.fips 2020-03-17 17:30:51.766571925 +0100 ++++ openssl-1.1.1e/crypto/sha/sha_local.h 2020-03-17 17:31:00.996410998 +0100 @@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c int HASH_INIT(SHA_CTX *c) @@ -10761,9 +10759,9 @@ diff -up openssl-1.1.1d/crypto/sha/sha_locl.h.fips openssl-1.1.1d/crypto/sha/sha memset(c, 0, sizeof(*c)); c->h0 = INIT_DATA_h0; c->h1 = INIT_DATA_h1; -diff -up openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod ---- openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod 2019-09-13 15:13:11.064524906 +0200 +diff -up openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod +--- openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/doc/man3/DSA_generate_parameters.pod 2020-03-17 17:31:00.996410998 +0100 @@ -30,8 +30,10 @@ B is the length of the prime p to For lengths under 2048 bits, the length of q is 160 bits; for lengths greater than or equal to 2048 bits, the length of q is set to 256 bits. @@ -10777,9 +10775,9 @@ diff -up openssl-1.1.1d/doc/man3/DSA_generate_parameters.pod.fips openssl-1.1.1d DSA_generate_parameters_ex() places the iteration count in *B and a counter used for finding a generator in -diff -up openssl-1.1.1d/include/openssl/crypto.h.fips openssl-1.1.1d/include/openssl/crypto.h ---- openssl-1.1.1d/include/openssl/crypto.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/crypto.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/crypto.h.fips openssl-1.1.1e/include/openssl/crypto.h +--- openssl-1.1.1e/include/openssl/crypto.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/crypto.h 2020-03-17 17:31:00.997410980 +0100 @@ -331,6 +331,11 @@ int OPENSSL_isservice(void); int FIPS_mode(void); int FIPS_mode_set(int r); @@ -10792,9 +10790,9 @@ diff -up openssl-1.1.1d/include/openssl/crypto.h.fips openssl-1.1.1d/include/ope void OPENSSL_init(void); # ifdef OPENSSL_SYS_UNIX void OPENSSL_fork_prepare(void); -diff -up openssl-1.1.1d/include/openssl/dherr.h.fips openssl-1.1.1d/include/openssl/dherr.h ---- openssl-1.1.1d/include/openssl/dherr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dherr.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/dherr.h.fips openssl-1.1.1e/include/openssl/dherr.h +--- openssl-1.1.1e/include/openssl/dherr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dherr.h 2020-03-17 17:31:00.998410963 +0100 @@ -36,6 +36,9 @@ int ERR_load_DH_strings(void); # define DH_F_DH_CMS_DECRYPT 114 # define DH_F_DH_CMS_SET_PEERKEY 115 @@ -10820,9 +10818,9 @@ diff -up openssl-1.1.1d/include/openssl/dherr.h.fips openssl-1.1.1d/include/open # define DH_R_PARAMETER_ENCODING_ERROR 105 # define DH_R_PEER_KEY_ERROR 111 # define DH_R_SHARED_INFO_ERROR 113 -diff -up openssl-1.1.1d/include/openssl/dh.h.fips openssl-1.1.1d/include/openssl/dh.h ---- openssl-1.1.1d/include/openssl/dh.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dh.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/dh.h.fips openssl-1.1.1e/include/openssl/dh.h +--- openssl-1.1.1e/include/openssl/dh.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dh.h 2020-03-17 17:31:00.998410963 +0100 @@ -31,6 +31,7 @@ extern "C" { # endif @@ -10831,9 +10829,9 @@ diff -up openssl-1.1.1d/include/openssl/dh.h.fips openssl-1.1.1d/include/openssl # define DH_FLAG_CACHE_MONT_P 0x01 -diff -up openssl-1.1.1d/include/openssl/dsaerr.h.fips openssl-1.1.1d/include/openssl/dsaerr.h ---- openssl-1.1.1d/include/openssl/dsaerr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dsaerr.h 2019-09-13 15:16:32.263008157 +0200 +diff -up openssl-1.1.1e/include/openssl/dsaerr.h.fips openssl-1.1.1e/include/openssl/dsaerr.h +--- openssl-1.1.1e/include/openssl/dsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsaerr.h 2020-03-17 17:31:00.999410945 +0100 @@ -29,8 +29,11 @@ int ERR_load_DSA_strings(void); */ # define DSA_F_DSAPARAMS_PRINT 100 @@ -10860,9 +10858,9 @@ diff -up openssl-1.1.1d/include/openssl/dsaerr.h.fips openssl-1.1.1d/include/ope # define DSA_R_PARAMETER_ENCODING_ERROR 105 # define DSA_R_Q_NOT_PRIME 113 # define DSA_R_SEED_LEN_SMALL 110 -diff -up openssl-1.1.1d/include/openssl/dsa.h.fips openssl-1.1.1d/include/openssl/dsa.h ---- openssl-1.1.1d/include/openssl/dsa.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/dsa.h 2019-09-13 15:13:11.065524888 +0200 +diff -up openssl-1.1.1e/include/openssl/dsa.h.fips openssl-1.1.1e/include/openssl/dsa.h +--- openssl-1.1.1e/include/openssl/dsa.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/dsa.h 2020-03-17 17:31:01.000410928 +0100 @@ -31,6 +31,7 @@ extern "C" { # endif @@ -10871,9 +10869,9 @@ diff -up openssl-1.1.1d/include/openssl/dsa.h.fips openssl-1.1.1d/include/openss # define DSA_FLAG_CACHE_MONT_P 0x01 # if OPENSSL_API_COMPAT < 0x10100000L -diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/openssl/evperr.h ---- openssl-1.1.1d/include/openssl/evperr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/evperr.h 2019-09-13 15:18:17.552167810 +0200 +diff -up openssl-1.1.1e/include/openssl/evperr.h.fips openssl-1.1.1e/include/openssl/evperr.h +--- openssl-1.1.1e/include/openssl/evperr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evperr.h 2020-03-17 17:31:01.000410928 +0100 @@ -24,14 +24,15 @@ int ERR_load_EVP_strings(void); * EVP function codes. */ @@ -10901,7 +10899,7 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/ope # define EVP_R_DIFFERENT_KEY_TYPES 101 # define EVP_R_DIFFERENT_PARAMETERS 153 # define EVP_R_ERROR_LOADING_SECTION 165 -@@ -184,6 +186,7 @@ int ERR_load_EVP_strings(void); +@@ -185,6 +187,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 # define EVP_R_PUBLIC_KEY_NOT_RSA 106 @@ -10909,7 +10907,7 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/ope # define EVP_R_UNKNOWN_CIPHER 160 # define EVP_R_UNKNOWN_DIGEST 161 # define EVP_R_UNKNOWN_OPTION 169 -@@ -199,6 +202,7 @@ int ERR_load_EVP_strings(void); +@@ -200,6 +203,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_UNSUPPORTED_SALT_TYPE 126 # define EVP_R_WRAP_MODE_NOT_ALLOWED 170 # define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 @@ -10918,9 +10916,9 @@ diff -up openssl-1.1.1d/include/openssl/evperr.h.fips openssl-1.1.1d/include/ope +# define EVP_R_XTS_DUPLICATED_KEYS 192 #endif -diff -up openssl-1.1.1d/include/openssl/evp.h.fips openssl-1.1.1d/include/openssl/evp.h ---- openssl-1.1.1d/include/openssl/evp.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/evp.h 2019-09-13 15:13:11.066524871 +0200 +diff -up openssl-1.1.1e/include/openssl/evp.h.fips openssl-1.1.1e/include/openssl/evp.h +--- openssl-1.1.1e/include/openssl/evp.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/evp.h 2020-03-17 17:31:01.001410911 +0100 @@ -1324,6 +1324,9 @@ void EVP_PKEY_asn1_set_security_bits(EVP */ # define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 @@ -10931,9 +10929,9 @@ diff -up openssl-1.1.1d/include/openssl/evp.h.fips openssl-1.1.1d/include/openss const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, -diff -up openssl-1.1.1d/include/openssl/fips.h.fips openssl-1.1.1d/include/openssl/fips.h ---- openssl-1.1.1d/include/openssl/fips.h.fips 2019-09-13 15:13:11.066524871 +0200 -+++ openssl-1.1.1d/include/openssl/fips.h 2019-09-13 15:13:11.066524871 +0200 +diff -up openssl-1.1.1e/include/openssl/fips.h.fips openssl-1.1.1e/include/openssl/fips.h +--- openssl-1.1.1e/include/openssl/fips.h.fips 2020-03-17 17:31:01.002410893 +0100 ++++ openssl-1.1.1e/include/openssl/fips.h 2020-03-17 17:31:01.002410893 +0100 @@ -0,0 +1,187 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -11122,9 +11120,9 @@ diff -up openssl-1.1.1d/include/openssl/fips.h.fips openssl-1.1.1d/include/opens +} +# endif +#endif -diff -up openssl-1.1.1d/include/openssl/fips_rand.h.fips openssl-1.1.1d/include/openssl/fips_rand.h ---- openssl-1.1.1d/include/openssl/fips_rand.h.fips 2019-09-13 15:13:11.066524871 +0200 -+++ openssl-1.1.1d/include/openssl/fips_rand.h 2019-09-13 15:13:11.066524871 +0200 +diff -up openssl-1.1.1e/include/openssl/fips_rand.h.fips openssl-1.1.1e/include/openssl/fips_rand.h +--- openssl-1.1.1e/include/openssl/fips_rand.h.fips 2020-03-17 17:31:01.003410876 +0100 ++++ openssl-1.1.1e/include/openssl/fips_rand.h 2020-03-17 17:31:01.003410876 +0100 @@ -0,0 +1,145 @@ +/* ==================================================================== + * Copyright (c) 2003 The OpenSSL Project. All rights reserved. @@ -11271,9 +11269,9 @@ diff -up openssl-1.1.1d/include/openssl/fips_rand.h.fips openssl-1.1.1d/include/ +# endif +# endif +#endif -diff -up openssl-1.1.1d/include/openssl/opensslconf.h.in.fips openssl-1.1.1d/include/openssl/opensslconf.h.in ---- openssl-1.1.1d/include/openssl/opensslconf.h.in.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/opensslconf.h.in 2019-09-13 15:13:11.067524853 +0200 +diff -up openssl-1.1.1e/include/openssl/opensslconf.h.in.fips openssl-1.1.1e/include/openssl/opensslconf.h.in +--- openssl-1.1.1e/include/openssl/opensslconf.h.in.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/opensslconf.h.in 2020-03-17 17:31:01.003410876 +0100 @@ -150,6 +150,11 @@ extern "C" { #define RC4_INT {- $config{rc4_int} -} @@ -11286,10 +11284,10 @@ diff -up openssl-1.1.1d/include/openssl/opensslconf.h.in.fips openssl-1.1.1d/inc #ifdef __cplusplus } #endif -diff -up openssl-1.1.1d/include/openssl/randerr.h.fips openssl-1.1.1d/include/openssl/randerr.h ---- openssl-1.1.1d/include/openssl/randerr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/randerr.h 2019-09-13 15:13:11.067524853 +0200 -@@ -37,6 +37,7 @@ int ERR_load_RAND_strings(void); +diff -up openssl-1.1.1e/include/openssl/randerr.h.fips openssl-1.1.1e/include/openssl/randerr.h +--- openssl-1.1.1e/include/openssl/randerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/randerr.h 2020-03-17 17:31:01.004410858 +0100 +@@ -38,6 +38,7 @@ int ERR_load_RAND_strings(void); # define RAND_F_RAND_DRBG_SET 104 # define RAND_F_RAND_DRBG_SET_DEFAULTS 121 # define RAND_F_RAND_DRBG_UNINSTANTIATE 118 @@ -11297,9 +11295,9 @@ diff -up openssl-1.1.1d/include/openssl/randerr.h.fips openssl-1.1.1d/include/op # define RAND_F_RAND_LOAD_FILE 111 # define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 122 # define RAND_F_RAND_POOL_ADD 103 -diff -up openssl-1.1.1d/include/openssl/rand.h.fips openssl-1.1.1d/include/openssl/rand.h ---- openssl-1.1.1d/include/openssl/rand.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/rand.h 2019-09-13 15:13:11.067524853 +0200 +diff -up openssl-1.1.1e/include/openssl/rand.h.fips openssl-1.1.1e/include/openssl/rand.h +--- openssl-1.1.1e/include/openssl/rand.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rand.h 2020-03-17 17:31:01.004410858 +0100 @@ -69,6 +69,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM)) # endif @@ -11312,9 +11310,9 @@ diff -up openssl-1.1.1d/include/openssl/rand.h.fips openssl-1.1.1d/include/opens #ifdef __cplusplus } -diff -up openssl-1.1.1d/include/openssl/rsaerr.h.fips openssl-1.1.1d/include/openssl/rsaerr.h ---- openssl-1.1.1d/include/openssl/rsaerr.h.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/include/openssl/rsaerr.h 2019-09-13 15:13:11.067524853 +0200 +diff -up openssl-1.1.1e/include/openssl/rsaerr.h.fips openssl-1.1.1e/include/openssl/rsaerr.h +--- openssl-1.1.1e/include/openssl/rsaerr.h.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/include/openssl/rsaerr.h 2020-03-17 17:31:01.005410841 +0100 @@ -25,6 +25,7 @@ int ERR_load_RSA_strings(void); */ # define RSA_F_CHECK_PADDING_MD 140 @@ -11370,9 +11368,9 @@ diff -up openssl-1.1.1d/include/openssl/rsaerr.h.fips openssl-1.1.1d/include/ope # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 # define RSA_R_VALUE_MISSING 147 # define RSA_R_WRONG_SIGNATURE_LENGTH 119 -diff -up openssl-1.1.1d/ssl/s3_lib.c.fips openssl-1.1.1d/ssl/s3_lib.c ---- openssl-1.1.1d/ssl/s3_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/ssl/s3_lib.c 2019-10-03 16:53:51.140362311 +0200 +diff -up openssl-1.1.1e/ssl/s3_lib.c.fips openssl-1.1.1e/ssl/s3_lib.c +--- openssl-1.1.1e/ssl/s3_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/s3_lib.c 2020-03-17 17:31:01.007410806 +0100 @@ -43,7 +43,7 @@ static SSL_CIPHER tls13_ciphers[] = { SSL_AEAD, TLS1_3_VERSION, TLS1_3_VERSION, @@ -11472,9 +11470,9 @@ diff -up openssl-1.1.1d/ssl/s3_lib.c.fips openssl-1.1.1d/ssl/s3_lib.c SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, 256, -diff -up openssl-1.1.1d/ssl/ssl_ciph.c.fips openssl-1.1.1d/ssl/ssl_ciph.c ---- openssl-1.1.1d/ssl/ssl_ciph.c.fips 2019-09-13 15:13:11.019525692 +0200 -+++ openssl-1.1.1d/ssl/ssl_ciph.c 2019-09-13 15:13:11.068524836 +0200 +diff -up openssl-1.1.1e/ssl/ssl_ciph.c.fips openssl-1.1.1e/ssl/ssl_ciph.c +--- openssl-1.1.1e/ssl/ssl_ciph.c.fips 2020-03-17 17:30:52.017567549 +0100 ++++ openssl-1.1.1e/ssl/ssl_ciph.c 2020-03-17 17:31:01.008410788 +0100 @@ -387,7 +387,7 @@ int ssl_load_ciphers(void) } } @@ -11513,9 +11511,9 @@ diff -up openssl-1.1.1d/ssl/ssl_ciph.c.fips openssl-1.1.1d/ssl/ssl_ciph.c if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { OPENSSL_free(co_list); sk_SSL_CIPHER_free(cipherstack); -diff -up openssl-1.1.1d/ssl/ssl_init.c.fips openssl-1.1.1d/ssl/ssl_init.c ---- openssl-1.1.1d/ssl/ssl_init.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/ssl/ssl_init.c 2019-09-13 15:13:11.068524836 +0200 +diff -up openssl-1.1.1e/ssl/ssl_init.c.fips openssl-1.1.1e/ssl/ssl_init.c +--- openssl-1.1.1e/ssl/ssl_init.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/ssl_init.c 2020-03-17 17:31:01.009410771 +0100 @@ -27,6 +27,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " "Adding SSL ciphers and digests\n"); @@ -11559,10 +11557,10 @@ diff -up openssl-1.1.1d/ssl/ssl_init.c.fips openssl-1.1.1d/ssl/ssl_init.c #ifndef OPENSSL_NO_COMP # ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " -diff -up openssl-1.1.1d/ssl/ssl_lib.c.fips openssl-1.1.1d/ssl/ssl_lib.c ---- openssl-1.1.1d/ssl/ssl_lib.c.fips 2019-09-13 15:13:11.019525692 +0200 -+++ openssl-1.1.1d/ssl/ssl_lib.c 2019-09-13 15:13:11.069524818 +0200 -@@ -2916,6 +2916,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m +diff -up openssl-1.1.1e/ssl/ssl_lib.c.fips openssl-1.1.1e/ssl/ssl_lib.c +--- openssl-1.1.1e/ssl/ssl_lib.c.fips 2020-03-17 17:30:52.018567531 +0100 ++++ openssl-1.1.1e/ssl/ssl_lib.c 2020-03-17 17:31:01.011410736 +0100 +@@ -2970,6 +2970,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) return NULL; @@ -11574,7 +11572,7 @@ diff -up openssl-1.1.1d/ssl/ssl_lib.c.fips openssl-1.1.1d/ssl/ssl_lib.c if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; -@@ -2972,13 +2977,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m +@@ -3026,13 +3031,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m if (ret->param == NULL) goto err; @@ -11599,9 +11597,9 @@ diff -up openssl-1.1.1d/ssl/ssl_lib.c.fips openssl-1.1.1d/ssl/ssl_lib.c } if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) -diff -up openssl-1.1.1d/ssl/ssl_locl.h.fips openssl-1.1.1d/ssl/ssl_locl.h ---- openssl-1.1.1d/ssl/ssl_locl.h.fips 2019-09-13 15:13:10.901527755 +0200 -+++ openssl-1.1.1d/ssl/ssl_locl.h 2019-09-13 15:13:11.069524818 +0200 +diff -up openssl-1.1.1e/ssl/ssl_local.h.fips openssl-1.1.1e/ssl/ssl_local.h +--- openssl-1.1.1e/ssl/ssl_local.h.fips 2020-03-17 17:30:51.842570600 +0100 ++++ openssl-1.1.1e/ssl/ssl_local.h 2020-03-17 17:31:10.740241108 +0100 @@ -1516,6 +1516,7 @@ typedef struct tls_group_info_st { # define TLS_CURVE_PRIME 0x0 # define TLS_CURVE_CHAR2 0x1 @@ -11610,10 +11608,10 @@ diff -up openssl-1.1.1d/ssl/ssl_locl.h.fips openssl-1.1.1d/ssl/ssl_locl.h typedef struct cert_pkey_st CERT_PKEY; -diff -up openssl-1.1.1d/ssl/t1_lib.c.fips openssl-1.1.1d/ssl/t1_lib.c ---- openssl-1.1.1d/ssl/t1_lib.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/ssl/t1_lib.c 2019-09-13 15:13:11.069524818 +0200 -@@ -158,11 +158,11 @@ static const TLS_GROUP_INFO nid_list[] = +diff -up openssl-1.1.1e/ssl/t1_lib.c.fips openssl-1.1.1e/ssl/t1_lib.c +--- openssl-1.1.1e/ssl/t1_lib.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/ssl/t1_lib.c 2020-03-17 17:31:10.741241091 +0100 +@@ -159,11 +159,11 @@ static const TLS_GROUP_INFO nid_list[] = {NID_secp192k1, 80, TLS_CURVE_PRIME}, /* secp192k1 (18) */ {NID_X9_62_prime192v1, 80, TLS_CURVE_PRIME}, /* secp192r1 (19) */ {NID_secp224k1, 112, TLS_CURVE_PRIME}, /* secp224k1 (20) */ @@ -11629,7 +11627,7 @@ diff -up openssl-1.1.1d/ssl/t1_lib.c.fips openssl-1.1.1d/ssl/t1_lib.c {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ -@@ -257,6 +257,8 @@ int tls_curve_allowed(SSL *s, uint16_t c +@@ -258,6 +258,8 @@ int tls_curve_allowed(SSL *s, uint16_t c if (cinfo->flags & TLS_CURVE_CHAR2) return 0; # endif @@ -11638,9 +11636,9 @@ diff -up openssl-1.1.1d/ssl/t1_lib.c.fips openssl-1.1.1d/ssl/t1_lib.c ctmp[0] = curve >> 8; ctmp[1] = curve & 0xff; return ssl_security(s, op, cinfo->secbits, cinfo->nid, (void *)ctmp); -diff -up openssl-1.1.1d/test/dsatest.c.fips openssl-1.1.1d/test/dsatest.c ---- openssl-1.1.1d/test/dsatest.c.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/dsatest.c 2019-09-13 15:13:11.070524801 +0200 +diff -up openssl-1.1.1e/test/dsatest.c.fips openssl-1.1.1e/test/dsatest.c +--- openssl-1.1.1e/test/dsatest.c.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/dsatest.c 2020-03-17 17:31:10.741241091 +0100 @@ -24,41 +24,42 @@ #ifndef OPENSSL_NO_DSA static int dsa_cb(int p, int n, BN_GENCB *arg); @@ -11723,9 +11721,9 @@ diff -up openssl-1.1.1d/test/dsatest.c.fips openssl-1.1.1d/test/dsatest.c goto end; if (!TEST_int_eq(h, 2)) goto end; -diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt ---- openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt.fips 2019-09-10 15:13:07.000000000 +0200 -+++ openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt 2019-09-13 15:13:11.070524801 +0200 +diff -up openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt +--- openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt.fips 2020-03-17 15:31:17.000000000 +0100 ++++ openssl-1.1.1e/test/recipes/30-test_evp_data/evpciph.txt 2020-03-17 17:31:10.742241073 +0100 @@ -1206,6 +1206,7 @@ Key = 0000000000000000000000000000000000 IV = 00000000000000000000000000000000 Plaintext = 0000000000000000000000000000000000000000000000000000000000000000 @@ -11734,13 +11732,13 @@ diff -up openssl-1.1.1d/test/recipes/30-test_evp_data/evpciph.txt.fips openssl-1 Cipher = aes-128-xts Key = 1111111111111111111111111111111122222222222222222222222222222222 -diff -up openssl-1.1.1d/util/libcrypto.num.fips openssl-1.1.1d/util/libcrypto.num ---- openssl-1.1.1d/util/libcrypto.num.fips 2019-09-13 15:13:11.071524783 +0200 -+++ openssl-1.1.1d/util/libcrypto.num 2019-09-13 15:15:39.895923481 +0200 -@@ -4582,3 +4582,38 @@ OPENSSL_INIT_set_config_file_flags - EVP_PKEY_get0_engine 4536 1_1_1c EXIST::FUNCTION:ENGINE - X509_get0_authority_serial 4537 1_1_1d EXIST::FUNCTION: - X509_get0_authority_issuer 4538 1_1_1d EXIST::FUNCTION: +diff -up openssl-1.1.1e/util/libcrypto.num.fips openssl-1.1.1e/util/libcrypto.num +--- openssl-1.1.1e/util/libcrypto.num.fips 2020-03-17 17:31:10.744241038 +0100 ++++ openssl-1.1.1e/util/libcrypto.num 2020-03-17 17:32:37.851722261 +0100 +@@ -4587,3 +4587,38 @@ EVP_PKEY_meth_set_digestverify + EVP_PKEY_meth_get_digestverify 4541 1_1_1e EXIST::FUNCTION: + EVP_PKEY_meth_get_digestsign 4542 1_1_1e EXIST::FUNCTION: + RSA_get0_pss_params 4543 1_1_1e EXIST::FUNCTION:RSA +FIPS_drbg_reseed 6348 1_1_0g EXIST::FUNCTION: +FIPS_selftest_check 6349 1_1_0g EXIST::FUNCTION: +FIPS_rand_set_method 6350 1_1_0g EXIST::FUNCTION: diff --git a/openssl-1.1.1d.tar.gz b/openssl-1.1.1d.tar.gz deleted file mode 100644 index 216017a51bdb35aecaf6f72f192420a3bbe5a0cc..0000000000000000000000000000000000000000 Binary files a/openssl-1.1.1d.tar.gz and /dev/null differ diff --git a/openssl-1.1.1f.tar.gz b/openssl-1.1.1f.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b9ae421603e536cdef1f4e818245ea766f449c44 Binary files /dev/null and b/openssl-1.1.1f.tar.gz differ diff --git a/openssl.spec b/openssl.spec index 3786b6eb89bce68abfb5d6f6f1b52ca14b66ad6a..c5cdbf7bc49c8e03ddff94f6bdd7571a815aa0c6 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,8 +1,8 @@ %define soversion 1.1 Name: openssl Epoch: 1 -Version: 1.1.1d -Release: 9 +Version: 1.1.1f +Release: 1 Summary: Cryptography and SSL/TLS Toolkit License: OpenSSL and SSLeay URL: https://www.openssl.org/ @@ -10,8 +10,7 @@ Source0: https://www.openssl.org/source/old/1.1.1/%{name}-%{version}.tar.gz Source1: Makefile.certificate Patch1: openssl-1.1.1-build.patch Patch2: openssl-1.1.1-fips.patch -Patch3: CVE-2019-1551.patch -Patch4: use-the-correct-maximum-indent.patch +Patch3: CVE-2020-1967.patch BuildRequires: gcc make lksctp-tools-devel coreutils util-linux zlib-devel @@ -187,6 +186,9 @@ make test || : %{_pkgdocdir}/html/ %changelog +* Tue May 12 2020 openEuler Buildteam - 1:1.1.1f-1 +- update openssl-1.1.1d to openssl-1.1.1f and fix CVE-2020-1967 + * Wed Mar 18 2020 steven - 1:1.1.1d-9 - fix division zero issue which found by oss-fuzz diff --git a/use-the-correct-maximum-indent.patch b/use-the-correct-maximum-indent.patch deleted file mode 100644 index e0439b04d9134d2da80a578e0ddc4d5b5598e51c..0000000000000000000000000000000000000000 --- a/use-the-correct-maximum-indent.patch +++ /dev/null @@ -1,32 +0,0 @@ -From a6105ef40d65b35818f2b8ae8ca9e57ca6956d1d Mon Sep 17 00:00:00 2001 -From: Kurt Roeckx -Date: Fri, 20 Sep 2019 20:26:42 +0200 -Subject: [PATCH] Use the correct maximum indent - -Found by OSS-Fuzz - -Reviewed-by: Richard Levitte -Reviewed-by: Paul Dale - -GH: #9959 ---- - crypto/bio/b_dump.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c -index e4ad3615f4..018c4acb27 100644 ---- a/crypto/bio/b_dump.c -+++ b/crypto/bio/b_dump.c -@@ -37,8 +37,8 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u), - - if (indent < 0) - indent = 0; -- else if (indent > 128) -- indent = 128; -+ else if (indent > 64) -+ indent = 64; - - dump_width = DUMP_WIDTH_LESS_INDENT(indent); - rows = len / dump_width; --- -1.8.3.1