Build failed: openssl master.37650

2020-10-22 Thread AppVeyor 



Build openssl master.37650 failed


Commit b54792798b by Pauli on 10/23/2020 4:52 AM:

RAND: Moving seeding out of the FIPS provider.


Configure your notification preferences

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-rc2

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

70-test_servername.t ... ok
70-test_sslcbcpadding.t  ok
70-test_sslcertstatus.t  ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . ok
70-test_sslversions.t .. ok
70-test_sslvertol.t  ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t  ok
70-test_tls13messages.t  ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok

# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok

Could not read any certificates from -in file from 
../../../openssl/test/certs/v3-certs-RC2.p12
C0E0B4FA507F:error::digital envelope routines:EVP_PBE_CipherInit:unknown 
cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC
../../util/wrap.pl ../../apps/openssl pkcs12 -export -in 
../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider 
default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 
=> 1
not ok 5 - test_pkcs12_passcert
# --
#   Failed test 'test_pkcs12_passcert'
#   at ../openssl/test/recipes/80-test_pkcs12.t line 93.
# Looks like you failed 1 test of 5.80-test_pkcs12.t ... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/5 subtests 
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t .. ok
90-test_tls13ccs.t . ok
90-test_tls13encryption.t .. ok
90-test_tls13secrets.t . ok
90-test_v3name.t ... ok
95-test_external_boringssl.t ... skipped: No external tests in this 
configuration
95-test_external_gost_engine.t . skipped: No external tests in this 
configuration
95-test_external_krb5.t  skipped: No external tests in this 
configuration
95-test_external_pyca.t  skipped: No external tests in this 
configuration
99-test_ecstress.t . ok
99-test_fuzz.t . ok

Test Summary Report

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-posix-io

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in 
> doc/man1/openssl-dsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in 
> doc/man1/openssl-ec.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in 
> doc/man1/openssl-enc.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-fipsinstall.pod.in > 
doc/man1/openssl-fipsinstall.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in 
> doc/man1/openssl-kdf.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in 
> doc/man1/openssl-mac.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars 
"../openssl/util/dofile.pl" "-oMakefile" 
../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod
/usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars

Build completed: openssl master.37649

2020-10-22 Thread AppVeyor 


Build openssl master.37649 completed



Commit a911b84879 by Richard Levitte on 10/23/2020 1:05 AM:

configdata.pm.in: Make a HERE document stricter.


Configure your notification preferences

Build failed: openssl master.37648

2020-10-22 Thread AppVeyor 



Build openssl master.37648 failed


Commit 04f7bce522 by Rich Salz on 10/23/2020 12:25 AM:

checkpoint; fix fuzz random


Configure your notification preferences

Build failed: openssl master.37647

2020-10-22 Thread AppVeyor 



Build openssl master.37647 failed


Commit 325fd19029 by Frühbeck Thomas on 10/22/2020 9:04 PM:

verify fails on AKID with authorityCertIssuer #13223


Configure your notification preferences

Build failed: openssl master.37646

2020-10-22 Thread AppVeyor 



Build openssl master.37646 failed


Commit 5f644dc839 by Frühbeck Thomas on 10/22/2020 9:04 PM:

verify fails on AKID with authorityCertIssuer #13223


Configure your notification preferences

Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

../../../../../enable-fuzz-afl/util/wrap.pl 
../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf 
-section 'Mock credentials' -certout 
../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0
not ok 38 - unprotected request
# --
#   Failed test 'unprotected request'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
# Looks like you failed 3 tests of 38.
not ok 5 - CMP app CLI Mock credentials
# --
# cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
# setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact 
http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received 
IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending 
CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received 
PKICONF
# save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled 
certificate(s), saving to file 
'../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem'
../../../../../enable-fuzz-afl/util/wrap.pl 
../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf 
-section 'Mock enrollment' -certout 
../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 
-certout 
../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem 
-out_trusted root.crt => 0
not ok 43 - popo RAVERIFIED
# --
# cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
# setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact 
http://127.0.0.1:1700/pkix/
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received 
IP
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending 
CERTCONF
# send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received 
PKICONF
# save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled 
certificate(s), saving to file 
'../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem'
../../../../../enable-fuzz-afl/util/wrap.pl 
../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf 
-section 'Mock enrollment' -certout 
../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 
-certout 
../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem 
-out_trusted root.crt => 0
not ok 47 - popo NONE
# --
#   Failed test 'popo NONE'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
# cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning:

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-ui-console

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

#   Failed test 'p10cr csr non-existing file'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem 
-out_trusted root.crt -csr empty.txt => 139
not ok 78 - p10cr csr empty file
# --
#   Failed test 'p10cr csr empty file'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem 
-out_trusted root.crt -revreason 5 => 139
not ok 79 - ir + ignored revocation
# --
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem 
-out_trusted root.crt => 139
not ok 82 - cr
# --
#   Failed test 'cr'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem 
-out_trusted root.crt -oldcert 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem 
-server '127.0.0.1:1700' -cert 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem 
-key new.key -extracerts issuing.crt => 139
not ok 83 - kur explicit options
# --
#   Failed test 'kur explicit options'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd kur -subject "" -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem
 -oldcert "" -server '127.0.0.1:1700' -cert 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem 
-key new.key -extracerts issuing.crt -secret "" => 139
not ok 84 - kur minimal options
# --
../../../../../no-ui-console/util/wrap.pl 
../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 
'Mock enrollment' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' 
-no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem 
-out_trusted root.crt -oldcert 
../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem 
-server '127.0.0.1:1700' => 139
not ok 86 - kur newkey is

Build failed: openssl master.37645

2020-10-22 Thread AppVeyor 



Build openssl master.37645 failed


Commit 2cfa5e503c by Rich Salz on 10/21/2020 2:39 PM:

Add RAND_swap_{primary,public,private}


Configure your notification preferences

Build completed: openssl master.37644

2020-10-22 Thread AppVeyor 


Build openssl master.37644 completed



Commit 1af09f077f by Jordan Montgomery on 10/22/2020 6:12 AM:

Add info on terminating arrays to OSSL_PARAM documentation


Configure your notification preferences

Still Failing: openssl/openssl#38172 (master - 85209c0)

2020-10-22 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #38172
Status: Still Failing

Duration: 1 hr, 43 mins, and 31 secs
Commit: 85209c0 (master)
Author: Pauli
Message: Remove EVP_aes_(128|192|256)_siv functions

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/13195)

View the changeset: 
https://github.com/openssl/openssl/compare/fc1ccdffe96b...85209c07459b

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/191677926?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Build failed: openssl master.37643

2020-10-22 Thread AppVeyor 



Build openssl master.37643 failed


Commit 85209c0745 by Pauli on 10/22/2020 12:35 PM:

Remove EVP_aes_(128|192|256)_siv functions


Configure your notification preferences

Still Failing: openssl/openssl#38171 (master - fc1ccdf)

2020-10-22 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #38171
Status: Still Failing

Duration: 1 hr, 37 mins, and 38 secs
Commit: fc1ccdf (master)
Author: Pauli
Message: enc: change the text to reference `-list` instead of the deprecated 
`-ciphers`

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/13204)

View the changeset: 
https://github.com/openssl/openssl/compare/a49d0a491c65...fc1ccdffe96b

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/191676793?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still Failing: openssl/openssl#38170 (master - a49d0a4)

2020-10-22 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #38170
Status: Still Failing

Duration: 1 hr, 42 mins, and 38 secs
Commit: a49d0a4 (master)
Author: Shane Lontis
Message: Rename EVP_KDF_reset() to EVP_KDF_CTX_reset().

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13116)

View the changeset: 
https://github.com/openssl/openssl/compare/42445046354a...a49d0a491c65

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/191619132?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

[openssl] master update

2020-10-22 Thread Dr . Paul Dale 
The branch master has been updated
   via  85209c07459b1c6007e0fc550f40c05deec78531 (commit)
  from  fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 (commit)


- Log -
commit 85209c07459b1c6007e0fc550f40c05deec78531
Author: Pauli 
Date:   Tue Oct 20 22:15:10 2020 +1000

Remove EVP_aes_(128|192|256)_siv functions

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/13195)

---

Summary of changes:
 crypto/evp/c_allc.c|   5 ---
 crypto/evp/e_aes.c | 111 -
 include/openssl/evp.h  |   5 ---
 util/libcrypto.num |   3 --
 util/missingcrypto.txt |   3 --
 5 files changed, 127 deletions(-)

diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index df8e5a5bcb..6c50501b62 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -190,11 +190,6 @@ void openssl_add_all_ciphers_int(void)
 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
 EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-#ifndef OPENSSL_NO_SIV
-EVP_add_cipher(EVP_aes_128_siv());
-EVP_add_cipher(EVP_aes_192_siv());
-EVP_add_cipher(EVP_aes_256_siv());
-#endif
 #ifndef OPENSSL_NO_ARIA
 EVP_add_cipher(EVP_aria_128_ecb());
 EVP_add_cipher(EVP_aria_128_cbc());
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 08abd5fb09..96ee5d1403 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -4002,114 +4002,3 @@ BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB,
 BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB,
 EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
 #endif /* OPENSSL_NO_OCB */
-
-/* AES-SIV mode */
-#ifndef OPENSSL_NO_SIV
-
-typedef SIV128_CONTEXT EVP_AES_SIV_CTX;
-
-#define aesni_siv_init_key aes_siv_init_key
-static int aes_siv_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-const unsigned char *iv, int enc)
-{
-const EVP_CIPHER *ctr;
-const EVP_CIPHER *cbc;
-SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx);
-int klen = EVP_CIPHER_CTX_key_length(ctx) / 2;
-
-if (key == NULL)
-return 1;
-
-switch (klen) {
-case 16:
-cbc = EVP_aes_128_cbc();
-ctr = EVP_aes_128_ctr();
-break;
-case 24:
-cbc = EVP_aes_192_cbc();
-ctr = EVP_aes_192_ctr();
-break;
-case 32:
-cbc = EVP_aes_256_cbc();
-ctr = EVP_aes_256_ctr();
-break;
-default:
-return 0;
-}
-
-/* klen is the length of the underlying cipher, not the input key,
-   which should be twice as long */
-return CRYPTO_siv128_init(sctx, key, klen, cbc, ctr, NULL, NULL);
-}
-
-#define aesni_siv_cipher aes_siv_cipher
-static int aes_siv_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-  const unsigned char *in, size_t len)
-{
-SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx);
-
-/* EncryptFinal or DecryptFinal */
-if (in == NULL)
-return CRYPTO_siv128_finish(sctx);
-
-/* Deal with associated data */
-if (out == NULL)
-return CRYPTO_siv128_aad(sctx, in, len);
-
-if (EVP_CIPHER_CTX_encrypting(ctx))
-return CRYPTO_siv128_encrypt(sctx, in, out, len);
-
-return CRYPTO_siv128_decrypt(sctx, in, out, len);
-}
-
-#define aesni_siv_cleanup aes_siv_cleanup
-static int aes_siv_cleanup(EVP_CIPHER_CTX *c)
-{
-SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c);
-
-return CRYPTO_siv128_cleanup(sctx);
-}
-
-
-#define aesni_siv_ctrl aes_siv_ctrl
-static int aes_siv_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c);
-SIV128_CONTEXT *sctx_out;
-
-switch (type) {
-case EVP_CTRL_INIT:
-return CRYPTO_siv128_cleanup(sctx);
-
-case EVP_CTRL_SET_SPEED:
-return CRYPTO_siv128_speed(sctx, arg);
-
-case EVP_CTRL_AEAD_SET_TAG:
-if (!EVP_CIPHER_CTX_encrypting(c))
-return CRYPTO_siv128_set_tag(sctx, ptr, arg);
-return 1;
-
-case EVP_CTRL_AEAD_GET_TAG:
-if (!EVP_CIPHER_CTX_encrypting(c))
-return 0;
-return CRYPTO_siv128_get_tag(sctx, ptr, arg);
-
-case EVP_CTRL_COPY:
-sctx_out = EVP_C_DATA(SIV128_CONTEXT, (EVP_CIPHER_CTX*)ptr);
-return CRYPTO_siv128_copy_ctx(sctx_out, sctx);
-
-default:
-return -1;
-
-}
-}
-
-#define SIV_FLAGS(EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \
-  | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
-  | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_COPY \
-  | EVP_CIPH_CTRL_INIT)
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 0, siv, SIV, SIV_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 192, 1, 0, siv, SIV, SIV_FLAGS)

[openssl] master update

2020-10-22 Thread Dr . Paul Dale 
The branch master has been updated
   via  fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 (commit)
  from  a49d0a491c659aacabadc957ab11c738db03a734 (commit)


- Log -
commit fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854
Author: Pauli 
Date:   Wed Oct 21 14:30:31 2020 +1000

enc: change the text to reference `-list` instead of the deprecated 
`-ciphers`

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/13204)

---

Summary of changes:
 doc/man1/openssl-enc.pod.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in
index 954b17e778..27da1c70aa 100644
--- a/doc/man1/openssl-enc.pod.in
+++ b/doc/man1/openssl-enc.pod.in
@@ -256,7 +256,7 @@ Blowfish and RC5 algorithms use a 128 bit key.
 Note that some of these ciphers can be disabled at compile time
 and some are available only if an appropriate engine is configured
 in the configuration file. The output when invoking this command
-with the B<-ciphers> option (that is C) is
+with the B<-list> option (that is C) is
 a list of ciphers, supported by your version of OpenSSL, including
 ones provided by configured engines.

Still Failing: openssl/openssl#38169 (master - 4244504)

2020-10-22 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #38169
Status: Still Failing

Duration: 1 hr, 22 mins, and 33 secs
Commit: 4244504 (master)
Author: Shane Lontis
Message: Remove ossl_prov_util_nid_to_name()

This removes a TODO.
This function is not needed since any place that needs to do the
conversion normally has a special case name2nid table.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13202)

View the changeset: 
https://github.com/openssl/openssl/compare/3d914185b783...42445046354a

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/191618571?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-err

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

65-test_cmp_vfy.t .. ok
66-test_ossl_store.t ... ok
70-test_asyncio.t .. ok
70-test_bad_dtls.t . ok
70-test_clienthello.t .. ok
70-test_comp.t . ok
70-test_key_share.t  ok
70-test_packet.t ... ok
70-test_recordlen.t  ok
70-test_renegotiation.t  ok
70-test_servername.t ... ok
70-test_sslcbcpadding.t  ok
70-test_sslcertstatus.t  ok
70-test_sslextension.t . ok
70-test_sslmessages.t .. ok
70-test_sslrecords.t ... ok
70-test_sslsessiontick.t ... ok
70-test_sslsigalgs.t ... ok
70-test_sslsignature.t . ok
70-test_sslskewith0p.t . ok
70-test_sslversions.t .. ok
70-test_sslvertol.t  ok
70-test_tls13alerts.t .. ok
70-test_tls13cookie.t .. ok
70-test_tls13downgrade.t ... ok
70-test_tls13hrr.t . ok
70-test_tls13kexmodes.t  ok
70-test_tls13messages.t  ok
70-test_tls13psk.t . ok
70-test_tlsextms.t . ok
70-test_verify_extra.t . ok
70-test_wpacket.t .. ok
71-test_ssl_ctx.t .. ok
80-test_ca.t ... ok
80-test_cipherbytes.t .. ok
80-test_cipherlist.t ... ok
80-test_ciphername.t ... ok

# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . ok
80-test_dtls_mtu.t . ok
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok
80-test_ssl_new.t .. ok
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t .. ok
90-test_tls13ccs.t . ok
90-test_tls13encryption.t .. ok
90-test_tls13secrets.t . ok
90-test_v3name.t ... ok
95-test_external_boringssl.t ... skipped: No external tests in this 
configuration
95-test_external_gost_engine.t . skipped: No external tests in this 
configuration
95-test_external_krb5.t  skipped: No external tests in this 
configuration
95-test_external_pyca.t  skipped: No external tests in this 
configuration
99-test_ecstress.t . ok
99-test_fuzz.t . ok

Test Summary Report
---
04-test_err.t(Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
Files=212, Tests=3455, 725 wallclock secs (13.78 usr  1.26 sys + 654.84 cusr 
65.69 csys = 735.57 CPU)
Result: FAIL
Makefile:3214: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-engine

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-certs -noout ../../../../openssl/test/testx509.pem => 1
not ok 409 - Checking that -certs returns 1 object on a certificate file
# --
#   Failed test 'Checking that -certs returns 1 object on a certificate file'
#   at ../openssl/test/recipes/90-test_store.t line 205.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-certs -noout ../../../../openssl/test/testcrl.pem => 1
not ok 410 - Checking that -certs returns 0 objects on a CRL file
# --
#   Failed test 'Checking that -certs returns 0 objects on a CRL file'
#   at ../openssl/test/recipes/90-test_store.t line 208.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls 
-noout ../../../../openssl/test/testx509.pem => 1
not ok 411 - Checking that -crls returns 0 objects on a certificate file
# --
#   Failed test 'Checking that -crls returns 0 objects on a certificate file'
#   at ../openssl/test/recipes/90-test_store.t line 212.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls 
-noout ../../../../openssl/test/testcrl.pem => 1
not ok 412 - Checking that -crls returns 1 object on a CRL file
# --
#   Failed test 'Checking that -crls returns 1 object on a CRL file'
#   at ../openssl/test/recipes/90-test_store.t line 215.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1
not ok 413
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 226.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification 
Authority' rehash => 1
not ok 414
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 229.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1
not ok 415
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 233.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1
not ok 416
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 236.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic 
-noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server 
Certification Authority' rehash => 1
not ok 417
# --
#   Failed test at ../openssl/test/recipes/90-test_store.t line 239.
storeutl: Unknown message digest: engine
storeutl: Use -help for summary.
../../../util/wrap.pl ../../../apps/openssl

[openssl] master update

2020-10-22 Thread shane . lontis 
The branch master has been updated
   via  a49d0a491c659aacabadc957ab11c738db03a734 (commit)
   via  1ba21239ddbd1b18a3676efaa8dd9402e1468818 (commit)
   via  90a2576b9bbb327141df0bd244830b462fcaeee6 (commit)
  from  42445046354a4ac7671143600e888c6b230e56ff (commit)


- Log -
commit a49d0a491c659aacabadc957ab11c738db03a734
Author: Shane Lontis 
Date:   Tue Oct 13 14:33:01 2020 +1000

Rename EVP_KDF_reset() to EVP_KDF_CTX_reset().

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13116)

commit 1ba21239ddbd1b18a3676efaa8dd9402e1468818
Author: Shane Lontis 
Date:   Tue Oct 13 14:30:12 2020 +1000

Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size().

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13116)

commit 90a2576b9bbb327141df0bd244830b462fcaeee6
Author: Shane Lontis 
Date:   Tue Oct 13 14:22:17 2020 +1000

Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size().

Fixes #11320

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13116)

---

Summary of changes:
 apps/fipsinstall.c|  2 +-
 crypto/evp/kdf_lib.c  |  4 ++--
 crypto/evp/mac_lib.c  |  4 ++--
 doc/man3/EVP_KDF.pod  | 18 +-
 doc/man3/EVP_MAC.pod  |  9 -
 doc/man7/EVP_KDF-HKDF.pod |  6 +++---
 doc/man7/EVP_KDF-KB.pod   |  2 +-
 doc/man7/EVP_KDF-KRB5KDF.pod  |  4 ++--
 doc/man7/EVP_KDF-SS.pod   |  2 +-
 doc/man7/EVP_KDF-SSHKDF.pod   |  4 ++--
 doc/man7/EVP_KDF-X942.pod |  2 +-
 doc/man7/EVP_KDF-X963.pod |  2 +-
 doc/man7/EVP_MAC-BLAKE2.pod   |  2 +-
 doc/man7/EVP_MAC-CMAC.pod |  2 +-
 doc/man7/EVP_MAC-GMAC.pod |  2 +-
 doc/man7/EVP_MAC-HMAC.pod |  2 +-
 doc/man7/EVP_MAC-KMAC.pod |  2 +-
 doc/man7/EVP_MAC-Poly1305.pod |  2 +-
 doc/man7/EVP_MAC-Siphash.pod  |  2 +-
 include/openssl/evp.h |  2 +-
 include/openssl/kdf.h |  4 ++--
 providers/implementations/kdfs/kbkdf.c|  2 +-
 providers/implementations/kdfs/sskdf.c|  2 +-
 providers/implementations/kdfs/tls1_prf.c |  2 +-
 ssl/t1_lib.c  |  2 +-
 util/libcrypto.num|  6 +++---
 26 files changed, 46 insertions(+), 47 deletions(-)

diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c
index cb78489eef..d1cda24941 100644
--- a/apps/fipsinstall.c
+++ b/apps/fipsinstall.c
@@ -80,7 +80,7 @@ static int do_mac(EVP_MAC_CTX *ctx, unsigned char *tmp, BIO 
*in,
 
 if (!EVP_MAC_init(ctx))
 goto err;
-if (EVP_MAC_size(ctx) > outsz)
+if (EVP_MAC_CTX_get_mac_size(ctx) > outsz)
 goto end;
 while ((i = BIO_read(in, (char *)tmp, BUFSIZE)) != 0) {
 if (i < 0 || !EVP_MAC_update(ctx, tmp, i))
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index 9ccaec8cc1..7a3e9d681c 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -110,7 +110,7 @@ const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx)
 return ctx->meth;
 }
 
-void EVP_KDF_reset(EVP_KDF_CTX *ctx)
+void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx)
 {
 if (ctx == NULL)
 return;
@@ -119,7 +119,7 @@ void EVP_KDF_reset(EVP_KDF_CTX *ctx)
 ctx->meth->reset(ctx->data);
 }
 
-size_t EVP_KDF_size(EVP_KDF_CTX *ctx)
+size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx)
 {
 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 size_t s;
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index d76ffedcb8..ac8bfb150c 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -82,7 +82,7 @@ EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx)
 return ctx->meth;
 }
 
-size_t EVP_MAC_size(EVP_MAC_CTX *ctx)
+size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
 {
 size_t sz = 0;
 
@@ -124,7 +124,7 @@ int EVP_MAC_final(EVP_MAC_CTX *ctx,
 if (out != NULL)
 res = ctx->meth->final(ctx->data, out, , outsize);
 else
-l = EVP_MAC_size(ctx);
+l = EVP_MAC_CTX_get_mac_size(ctx);
 if (outl != NULL)
 *outl = l;
 return res;
diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod
index 3dba50cdb6..103eafe8c1 100644
--- a/doc/man3/EVP_KDF.pod
+++ b/doc/man3/EVP_KDF.pod
@@ -4,8 +4,8 @@
 
 EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref,
 EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup,
-EVP_KDF_reset, EVP_KDF_derive,
-EVP_KDF_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a,
+EVP_KDF_CTX_reset, EVP_KDF_derive,
+EVP_KDF_CTX_get_kdf_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a,
 EVP_KDF_number, EVP_KDF_name,

[openssl] master update

2020-10-22 Thread shane . lontis 
The branch master has been updated
   via  42445046354a4ac7671143600e888c6b230e56ff (commit)
  from  3d914185b7830a5530b31d3430c9cc16835aeb02 (commit)


- Log -
commit 42445046354a4ac7671143600e888c6b230e56ff
Author: Shane Lontis 
Date:   Wed Oct 21 10:57:52 2020 +1000

Remove ossl_prov_util_nid_to_name()

This removes a TODO.
This function is not needed since any place that needs to do the
conversion normally has a special case name2nid table.

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/13202)

---

Summary of changes:
 doc/internal/man3/ossl_prov_util_nid_to_name.pod | 35 -
 providers/common/build.info  |  2 +-
 providers/common/include/prov/providercommon.h   |  2 -
 providers/common/nid_to_name.c   | 21 -
 providers/fips/fipsprov.c| 98 
 5 files changed, 1 insertion(+), 157 deletions(-)
 delete mode 100644 doc/internal/man3/ossl_prov_util_nid_to_name.pod
 delete mode 100644 providers/common/nid_to_name.c

diff --git a/doc/internal/man3/ossl_prov_util_nid_to_name.pod 
b/doc/internal/man3/ossl_prov_util_nid_to_name.pod
deleted file mode 100644
index 31eec076c5..00
--- a/doc/internal/man3/ossl_prov_util_nid_to_name.pod
+++ /dev/null
@@ -1,35 +0,0 @@
-=pod
-
-=head1 NAME
-
-ossl_prov_util_nid_to_name
-- provider utility functions
-
-=head1 SYNOPSIS
-
- #include "prov/providercommon.h"
-
- const char *ossl_prov_util_nid_to_name(int nid);
-
-=head1 DESCRIPTION
-
-The ossl_prov_util_nid_to_name() returns the name of an algorithm given a NID
-in the I parameter. For the default and legacy providers it is equivalent
-to calling OBJ_nid2sn(). The FIPS provider does not have the object database
-code available to it (because that code relies on the ASN.1 code), so this
-function is a static lookup of all known FIPS algorithm NIDs.
-
-=head1 RETURN VALUES
-
-Returns a pointer to the algorithm name, or NULL on error.
-
-=head1 COPYRIGHT
-
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L.
-
-=cut
diff --git a/providers/common/build.info b/providers/common/build.info
index 2179b2a0f8..b6d56682a9 100644
--- a/providers/common/build.info
+++ b/providers/common/build.info
@@ -3,5 +3,5 @@ SUBDIRS=der
 SOURCE[../libcommon.a]=provider_err.c provider_ctx.c
 $FIPSCOMMON=provider_util.c capabilities.c bio_prov.c digest_to_nid.c\
 securitycheck.c
-SOURCE[../libnonfips.a]=$FIPSCOMMON nid_to_name.c securitycheck_default.c
+SOURCE[../libnonfips.a]=$FIPSCOMMON securitycheck_default.c
 SOURCE[../libfips.a]=$FIPSCOMMON securitycheck_fips.c
diff --git a/providers/common/include/prov/providercommon.h 
b/providers/common/include/prov/providercommon.h
index 622fe1977e..33bd8bd732 100644
--- a/providers/common/include/prov/providercommon.h
+++ b/providers/common/include/prov/providercommon.h
@@ -12,8 +12,6 @@
 
 const OSSL_CORE_HANDLE *FIPS_get_core_handle(OSSL_LIB_CTX *ctx);
 
-const char *ossl_prov_util_nid_to_name(int nid);
-
 int ossl_cipher_capable_aes_cbc_hmac_sha1(void);
 int ossl_cipher_capable_aes_cbc_hmac_sha256(void);
 
diff --git a/providers/common/nid_to_name.c b/providers/common/nid_to_name.c
deleted file mode 100644
index af2a7cbc6a..00
--- a/providers/common/nid_to_name.c
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include 
-#include "prov/providercommon.h"
-
-/*
- * The FIPS provider has its own version of this in fipsprov.c because it does
- * not have OBJ_nid2sn();
- */
-const char *ossl_prov_util_nid_to_name(int nid)
-{
-   return OBJ_nid2sn(nid);
-}
-
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 93b5dede67..a4e6601071 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -10,7 +10,6 @@
 #include 
 #include 
 #include 
-#include  /* NIDs used by ossl_prov_util_nid_to_name() */
 #include 
 #include  /* RAND_get0_public() */
 #include "internal/cryptlib.h"
@@ -184,103 +183,6 @@ static int fips_self_test(void *provctx)
 return SELF_TEST_post(_params, 1) ? 1 : 0;
 }
 
-/* FIPS specific version of the function of the same name in provlib.c */
-/* TODO(3.0) - Is this function needed ? */
-const char *ossl_prov_util_nid_to_name(int nid)
-{
-/* We don't

Build completed: openssl master.37637

2020-10-22 Thread AppVeyor 


Build openssl master.37637 completed



Commit ed307d2679 by Jordan Montgomery on 10/22/2020 6:12 AM:

Add info on terminating arrays to OSSL_PARAM documentation


Configure your notification preferences

SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dh

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dh

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dgram

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):


# 80-test_cms.t .. ok
80-test_cmsapi.t ... ok
80-test_ct.t ... ok
80-test_dane.t . ok
80-test_dtls.t . skipped: No DTLS protocols are supported 
by this OpenSSL build
80-test_dtls_mtu.t . skipped: test_dtls_mtu needs DTLS and PSK 
support enabled
80-test_dtlsv1listen.t . ok
80-test_http.t . ok
80-test_ocsp.t . ok
80-test_pkcs12.t ... ok

# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:475
# 0x0
not ok 7 - iteration 7
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:475
# 0x0
not ok 8 - iteration 8
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:475
# 0x0
not ok 9 - iteration 9
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:475
# 0x0
not ok 10 - iteration 10
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:475
# 0x0
not ok 11 - iteration 11
# --
# ERROR: (ptr) 'server_ctx != NULL' failed @ 
../openssl/test/ssl_test.c:475
# 0x0
not ok 12 - iteration 12
# --
not ok 1 - test_handshake
# --
../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips 
../../../openssl/test/fips-and-base.cnf => 1
not ok 9 - running ssl_test 04-client_auth.cnf
# --
#   Failed test 'running ssl_test 04-client_auth.cnf'
#   at ../openssl/test/recipes/80-test_ssl_new.t line 173.
# Looks like you failed 1 test of 9.
not ok 5 - Test configuration 04-client_auth.cnf
# --
# Looks like you failed 1 test of 31.80-test_ssl_new.t .. 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/31 subtests 
80-test_ssl_old.t .. ok
80-test_ssl_test_ctx.t . ok
80-test_sslcorrupt.t ... ok
80-test_tsa.t .. ok
80-test_x509aux.t .. ok

# 81-test_cmp_cli.t .. ok
90-test_asn1_time.t  ok
90-test_async.t  ok
90-test_bio_enc.t .. ok
90-test_bio_memleak.t .. ok
90-test_constant_time.t  ok
90-test_fatalerr.t . ok
90-test_gmdiff.t ... ok
90-test_gost.t . ok
90-test_ige.t .. ok
90-test_includes.t . ok
90-test_memleak.t .. ok
90-test_overhead.t . ok
90-test_secmem.t ... ok
90-test_shlibload.t  ok
90-test_srp.t .. ok
90-test_sslapi.t ... ok
90-test_sslbuffers.t ... ok
90-test_store.t  ok
90-test_sysdefault.t ... ok
90-test_threads.t .. ok
90-test_time_offset.t .. ok
90-test_tls13ccs.t . ok
90-test_tls13encryption.t .. ok
90-test_tls13secrets.t . ok
90-test_v3name.t ... ok
95-test_external_boringssl.t ... skipped: No external tests in this

Still Failing: openssl/openssl#38166 (master - 3d91418)

2020-10-22 Thread Travis CI 
Build Update for openssl/openssl
-

Build: #38166
Status: Still Failing

Duration: 1 hr, 33 mins, and 15 secs
Commit: 3d91418 (master)
Author: Nicola Tuveri
Message: Constify OSSL_FUNC_keymgmt_has()

The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only.

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/13200)

View the changeset: 
https://github.com/openssl/openssl/compare/a135948ddaa4...3d914185b783

View the full build log and details: 
https://travis-ci.com/github/openssl/openssl/builds/191567996?utm_medium=notification_source=email


--

You can unsubscribe from build emails from the openssl/openssl repository going 
to 
https://travis-ci.com/account/preferences/unsubscribe?repository=13885459_medium=notification_source=email.
Or unsubscribe from *all* email updating your settings at 
https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email.
Or configure specific recipients for build notifications in your .travis.yml 
file. See https://docs.travis-ci.com/user/notifications.

Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des

2020-10-22 Thread OpenSSL run-checker 
Platform and configuration command:

$ uname -a
Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-des

Commit log since last time:

0934cf4834 Unexport internal MSBLOB and PVK functions
8300a8742b Work around Windows ftell() bug as per Microsoft engineering's 
suggestion
0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint()
3795b2a302 Document EVP_PKEY_set1_encoded_public_key()
5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to 
EVP_PKEY_set1_encoded_public_key
6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before 
checking
ec5059c3ef Fix Aes-xts potential failure on aarch64
6be235a092 Prefix crlNumber output with 0x.
1dc5128577 Fix no-dh
ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings
ee55a20727 DH: have DH_set_length() increment the dirty count.
0ba71d6a63 DH: make the private key length importable / exportable

Build log ended with (last 100 lines):

not ok 79 - ir + ignored revocation
# --
Could not read private key for CMP client certificate from signer.p12
C070F53D377F:error::digital envelope routines:EVP_PBE_CipherInit:unknown 
cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC
Unable to load private key for CMP client certificate
cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context
# cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp 
-config ../Mock/test.cnf -section 'Mock enrollment' -certout 
../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 
127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout 
../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted 
root.crt => 1
not ok 82 - cr
# --
#   Failed test 'cr'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
Could not open file or uri for loading CMP client certificate (optionally with 
chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem
C050E6A9207F:error::STORE routines:ossl_store_get0_loader_int:unregistered 
scheme:../openssl/crypto/store/store_register.c:240:scheme=file
C050E6A9207F:error::system library:file_open:No such file or 
directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling
 stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem)
cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context
# cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration 
file '../Mock/test.cnf'
# opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is 
empty string, resetting option
# setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject 
'/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides 
the subject of 
'../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR
# warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 
'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert
../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp 
-config ../Mock/test.cnf -section 'Mock enrollment' -certout 
../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 
127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout 
../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted 
root.crt -oldcert 
../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server 
'127.0.0.1:1700' -cert 
../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key 
new.key -extracerts issuing.crt => 1
not ok 83 - kur explicit options
# --
#   Failed test 'kur explicit options'
#   at ../openssl/test/recipes/81-test_cmp_cli.t line 183.
Could not open file or uri for loading CMP client certificate (optionally with 
chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem
C000F812057F:error::STORE routines:ossl_store_get0_loader_int:unregistered 
scheme:../openssl/crypto/store/store_register.c:240:scheme=file
C000F812057F:error::system library:file_open:No such file or 
directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling
 stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem)
cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context
#