Re: [openssl/openssl] 6332f4: CI: add GCC 11

[Dr Paul Dale]

This was a force push to remove the "CLA: trivial" lines in the commit 
messages.
The CLA lines were missed by the reviewers and I merged them earlier 
today.  The author quickly submitted an ICLA once I realised and 
mentioned it.



Pauli


On 27/6/22 12:18, pauli wrote:

   Branch: refs/heads/master
   Home:   https://github.openssl.org/openssl/openssl
   Commit: 6332f4c4a2c153869b169d250d9736962abe12c6
   
https://github.openssl.org/openssl/openssl/commit/6332f4c4a2c153869b169d250d9736962abe12c6
   Author: Sam James 
   Date:   2022-06-27 (Mon, 27 Jun 2022)

   Changed paths:
 M .github/workflows/compiler-zoo.yml

   Log Message:
   ---
   CI: add GCC 11

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18639)


   Commit: 712c13c57b97e2e25ca23048f3ba6f50115cacd7
   
https://github.openssl.org/openssl/openssl/commit/712c13c57b97e2e25ca23048f3ba6f50115cacd7
   Author: Sam James 
   Date:   2022-06-27 (Mon, 27 Jun 2022)

   Changed paths:
 M .github/workflows/compiler-zoo.yml

   Log Message:
   ---
   CI: Upgrade to Ubuntu 22.04 to add GCC 12, Clang 13, Clang 14

Notably, this might have caught #18225, as Clang 14 wasn't - and is not yet
until this commit - in OpenSSL's CI.

It makes sense to ensure CI tests compilers used in newer Linux distributions:
* Fedora 36 ships with GCC 12
* Ubuntu 22.04 ships with Clang 14

We switch from 'ubuntu-latest' (which can change meaning but currently points
to ubuntu-20.04) to ubuntu-20.04 for the older existing compilers, and
ubuntu-22.04 for the newer ones added by this commit.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18639)


   Commit: 6162a2402d6b47c597c271bfb6a67d64bf183383
   
https://github.openssl.org/openssl/openssl/commit/6162a2402d6b47c597c271bfb6a67d64bf183383
   Author: Sam James 
   Date:   2022-06-27 (Mon, 27 Jun 2022)

   Changed paths:
 M test/test_test.c

   Log Message:
   ---
   test: placate Clang's --Wbitwise-instead-of-logical

```
test/test_test.c:58:9: note: cast one or both operands to int to silence this 
warning
test/test_test.c:58:9: error: use of bitwise '|' with boolean operands 
[-Werror,-Wbitwise-instead-of-logical]
 if (!TEST(1, TEST_uint_eq(3u, 3u))
 ^~
test/test_test.c:58:9: note: cast one or both operands to int to silence this 
warning
```

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18639)


Compare: 
https://github.openssl.org/openssl/openssl/compare/1a645b98a212...6162a2402d6b

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  413ffdd1b6b6345f1b8891d1865fa090bcde5957 (commit)
  from  66d422c5738b74c6bd9d8b34e219eb98b6fcd60a (commit)


- Log -
commit 413ffdd1b6b6345f1b8891d1865fa090bcde5957
Author: Jiasheng Jiang 
Date:   Thu Feb 17 17:47:00 2022 +0800

test/crltest.c: Add check for glue2bio

As the glue2bio() could return NULL pointer if fails,
it should be better to check the return value in order
to avoid the use of NULL pointer.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17718)

(cherry picked from commit 18cb1740cc0fd11940836fa2fcaf6d3634c00e90)

---

Summary of changes:
 test/crltest.c | 24 ++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/test/crltest.c b/test/crltest.c
index 5d255d368a..f258c75efe 100644
--- a/test/crltest.c
+++ b/test/crltest.c
@@ -200,9 +200,16 @@ static BIO *glue2bio(const char **pem, char **out)
  */
 static X509_CRL *CRL_from_strings(const char **pem)
 {
+X509_CRL *crl;
 char *p;
 BIO *b = glue2bio(pem, );
-X509_CRL *crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
+
+if (b == NULL) {
+OPENSSL_free(p);
+return NULL;
+}
+
+crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
 
 OPENSSL_free(p);
 BIO_free(b);
@@ -214,9 +221,16 @@ static X509_CRL *CRL_from_strings(const char **pem)
  */
 static X509 *X509_from_strings(const char **pem)
 {
+X509 *x;
 char *p;
 BIO *b = glue2bio(pem, );
-X509 *x = PEM_read_bio_X509(b, NULL, NULL, NULL);
+
+if (b == NULL) {
+OPENSSL_free(p);
+return NULL;
+}
+
+x = PEM_read_bio_X509(b, NULL, NULL, NULL);
 
 OPENSSL_free(p);
 BIO_free(b);
@@ -363,6 +377,12 @@ static int test_reuse_crl(void)
 char *p;
 BIO *b = glue2bio(kRevokedCRL, );
 
+if (b == NULL) {
+OPENSSL_free(p);
+X509_CRL_free(reused_crl);
+return 0;
+}
+
 reused_crl = PEM_read_bio_X509_CRL(b, _crl, NULL, NULL);
 
 OPENSSL_free(p);

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  18cb1740cc0fd11940836fa2fcaf6d3634c00e90 (commit)
  from  cf21d1c62dcd92be624ea0fb8a86d91e4fbeed93 (commit)


- Log -
commit 18cb1740cc0fd11940836fa2fcaf6d3634c00e90
Author: Jiasheng Jiang 
Date:   Thu Feb 17 17:47:00 2022 +0800

test/crltest.c: Add check for glue2bio

As the glue2bio() could return NULL pointer if fails,
it should be better to check the return value in order
to avoid the use of NULL pointer.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17718)

---

Summary of changes:
 test/crltest.c | 24 ++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/test/crltest.c b/test/crltest.c
index 3b76f4f0ae..2c0a8153c6 100644
--- a/test/crltest.c
+++ b/test/crltest.c
@@ -200,9 +200,16 @@ static BIO *glue2bio(const char **pem, char **out)
  */
 static X509_CRL *CRL_from_strings(const char **pem)
 {
+X509_CRL *crl;
 char *p;
 BIO *b = glue2bio(pem, );
-X509_CRL *crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
+
+if (b == NULL) {
+OPENSSL_free(p);
+return NULL;
+}
+
+crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL);
 
 OPENSSL_free(p);
 BIO_free(b);
@@ -214,9 +221,16 @@ static X509_CRL *CRL_from_strings(const char **pem)
  */
 static X509 *X509_from_strings(const char **pem)
 {
+X509 *x;
 char *p;
 BIO *b = glue2bio(pem, );
-X509 *x = PEM_read_bio_X509(b, NULL, NULL, NULL);
+
+if (b == NULL) {
+OPENSSL_free(p);
+return NULL;
+}
+
+x = PEM_read_bio_X509(b, NULL, NULL, NULL);
 
 OPENSSL_free(p);
 BIO_free(b);
@@ -363,6 +377,12 @@ static int test_reuse_crl(void)
 char *p;
 BIO *b = glue2bio(kRevokedCRL, );
 
+if (b == NULL) {
+OPENSSL_free(p);
+X509_CRL_free(reused_crl);
+return 0;
+}
+
 reused_crl = PEM_read_bio_X509_CRL(b, _crl, NULL, NULL);
 
 OPENSSL_free(p);

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  66d422c5738b74c6bd9d8b34e219eb98b6fcd60a (commit)
  from  e19edf7361b952674135b8500144df6afec18319 (commit)


- Log -
commit 66d422c5738b74c6bd9d8b34e219eb98b6fcd60a
Author: Jiasheng Jiang 
Date:   Fri Feb 18 10:13:08 2022 +0800

bio_enc.c: add check for BIO_new_mem_buf

Since the memory allocation may fail, the BIO_new_mem_buf() may
return NULL pointer.
Therefore, it should be better to check it and return error if fails.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17730)

(cherry picked from commit cf21d1c62dcd92be624ea0fb8a86d91e4fbeed93)

---

Summary of changes:
 test/bio_enc_test.c | 52 +---
 1 file changed, 37 insertions(+), 15 deletions(-)

diff --git a/test/bio_enc_test.c b/test/bio_enc_test.c
index b383cdce1c..d3f914b656 100644
--- a/test/bio_enc_test.c
+++ b/test/bio_enc_test.c
@@ -38,7 +38,7 @@ static const unsigned char IV[] = {
 static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
 const unsigned char* iv)
 {
-BIO *b;
+BIO *b, *mem;
 static unsigned char inp[BUF_SIZE] = { 0 };
 unsigned char out[BUF_SIZE], ref[BUF_SIZE];
 int i, lref, len;
@@ -54,8 +54,11 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 if (!TEST_ptr(b))
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT)))
-return 0;
-BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
+goto err;
+mem = BIO_new_mem_buf(inp, DATA_SIZE);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 lref = BIO_read(b, ref, sizeof(ref));
 BIO_free_all(b);
 
@@ -66,16 +69,19 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
 TEST_info("Split encrypt failed @ operation %d", i);
-return 0;
+goto err;
 }
-BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
+mem = BIO_new_mem_buf(inp, DATA_SIZE);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 memset(out, 0, sizeof(out));
 out[i] = ~ref[i];
 len = BIO_read(b, out, i);
 /* check for overstep */
 if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
 TEST_info("Encrypt overstep check failed @ operation %d", i);
-return 0;
+goto err;
 }
 len += BIO_read(b, out + len, sizeof(out) - len);
 BIO_free_all(b);
@@ -95,9 +101,12 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
 TEST_info("Small chunk encrypt failed @ operation %d", i);
-return 0;
+goto err;
 }
-BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
+mem = BIO_new_mem_buf(inp, DATA_SIZE);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 memset(out, 0, sizeof(out));
 for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
 len += delta;
@@ -117,9 +126,12 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 if (!TEST_ptr(b))
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT)))
-return 0;
+goto err;
 /* Use original reference output as input */
-BIO_push(b, BIO_new_mem_buf(ref, lref));
+mem = BIO_new_mem_buf(ref, lref);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 (void)BIO_flush(b);
 memset(out, 0, sizeof(out));
 len = BIO_read(b, out, sizeof(out));
@@ -135,16 +147,19 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) {
 TEST_info("Split decrypt failed @ operation %d", i);
-return 0;
+goto err;
 }
-BIO_push(b, BIO_new_mem_buf(ref, lref));
+mem = BIO_new_mem_buf(ref, lref);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 memset(out, 0, sizeof(out));
 out[i] = ~ref[i];
 len = BIO_read(b, out, i);
 /* check for overstep */
 if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
 TEST_info("Decrypt overstep check failed @ operation %d", i);
-return 0;
+goto err;
 }
 len += BIO_read(b, out + len, sizeof(out) - len);
 BIO_free_all(b);
@@ -164,9 +179,12 @@ static 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  cf21d1c62dcd92be624ea0fb8a86d91e4fbeed93 (commit)
  from  cbb6f4dbf0ce42b4cc4385d7b95236710504068d (commit)


- Log -
commit cf21d1c62dcd92be624ea0fb8a86d91e4fbeed93
Author: Jiasheng Jiang 
Date:   Fri Feb 18 10:13:08 2022 +0800

bio_enc.c: add check for BIO_new_mem_buf

Since the memory allocation may fail, the BIO_new_mem_buf() may
return NULL pointer.
Therefore, it should be better to check it and return error if fails.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17730)

---

Summary of changes:
 test/bio_enc_test.c | 52 +---
 1 file changed, 37 insertions(+), 15 deletions(-)

diff --git a/test/bio_enc_test.c b/test/bio_enc_test.c
index 0b95fae1cd..ffc69d00bf 100644
--- a/test/bio_enc_test.c
+++ b/test/bio_enc_test.c
@@ -38,7 +38,7 @@ static const unsigned char IV[] = {
 static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
 const unsigned char* iv)
 {
-BIO *b;
+BIO *b, *mem;
 static unsigned char inp[BUF_SIZE] = { 0 };
 unsigned char out[BUF_SIZE], ref[BUF_SIZE];
 int i, lref, len;
@@ -54,8 +54,11 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 if (!TEST_ptr(b))
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT)))
-return 0;
-BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
+goto err;
+mem = BIO_new_mem_buf(inp, DATA_SIZE);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 lref = BIO_read(b, ref, sizeof(ref));
 BIO_free_all(b);
 
@@ -66,16 +69,19 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
 TEST_info("Split encrypt failed @ operation %d", i);
-return 0;
+goto err;
 }
-BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
+mem = BIO_new_mem_buf(inp, DATA_SIZE);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 memset(out, 0, sizeof(out));
 out[i] = ~ref[i];
 len = BIO_read(b, out, i);
 /* check for overstep */
 if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
 TEST_info("Encrypt overstep check failed @ operation %d", i);
-return 0;
+goto err;
 }
 len += BIO_read(b, out + len, sizeof(out) - len);
 BIO_free_all(b);
@@ -95,9 +101,12 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) {
 TEST_info("Small chunk encrypt failed @ operation %d", i);
-return 0;
+goto err;
 }
-BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE));
+mem = BIO_new_mem_buf(inp, DATA_SIZE);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 memset(out, 0, sizeof(out));
 for (len = 0; (delta = BIO_read(b, out + len, i)); ) {
 len += delta;
@@ -117,9 +126,12 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 if (!TEST_ptr(b))
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT)))
-return 0;
+goto err;
 /* Use original reference output as input */
-BIO_push(b, BIO_new_mem_buf(ref, lref));
+mem = BIO_new_mem_buf(ref, lref);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 (void)BIO_flush(b);
 memset(out, 0, sizeof(out));
 len = BIO_read(b, out, sizeof(out));
@@ -135,16 +147,19 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 return 0;
 if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) {
 TEST_info("Split decrypt failed @ operation %d", i);
-return 0;
+goto err;
 }
-BIO_push(b, BIO_new_mem_buf(ref, lref));
+mem = BIO_new_mem_buf(ref, lref);
+if (!TEST_ptr(mem))
+goto err;
+BIO_push(b, mem);
 memset(out, 0, sizeof(out));
 out[i] = ~ref[i];
 len = BIO_read(b, out, i);
 /* check for overstep */
 if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
 TEST_info("Decrypt overstep check failed @ operation %d", i);
-return 0;
+goto err;
 }
 len += BIO_read(b, out + len, sizeof(out) - len);
 BIO_free_all(b);
@@ -164,9 +179,12 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const 
unsigned char* key,
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  e19edf7361b952674135b8500144df6afec18319 (commit)
  from  6f4a98ce2157aca169709c80ea579e80e39011b6 (commit)


- Log -
commit e19edf7361b952674135b8500144df6afec18319
Author: Carlo Teubner <435950+c4...@users.noreply.github.com>
Date:   Fri Feb 18 10:00:52 2022 +

X509_VERIFY_PARAM_set_flags.pod: fix typos

CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17731)

(cherry picked from commit cbb6f4dbf0ce42b4cc4385d7b95236710504068d)

---

Summary of changes:
 doc/man3/X509_VERIFY_PARAM_set_flags.pod | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod 
b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
index 1213627be7..55bdf877b3 100644
--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -249,8 +249,8 @@ certificate. An error occurs if a suitable CRL cannot be 
found.
 B enables CRL checking for the entire certificate
 chain.
 
-B disabled critical extension checking. By default
-any unhandled critical extensions in certificates or (if checked) CRLs results
+B disables critical extension checking. By default
+any unhandled critical extensions in certificates or (if checked) CRLs result
 in a fatal error. If this flag is set unhandled critical extensions are
 ignored. B setting this option for anything other than debugging
 purposes can be a security risk. Finer control over which extensions are

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  cbb6f4dbf0ce42b4cc4385d7b95236710504068d (commit)
  from  632e8be2b570959dc3781c6956171e7e49f1aa58 (commit)


- Log -
commit cbb6f4dbf0ce42b4cc4385d7b95236710504068d
Author: Carlo Teubner <435950+c4...@users.noreply.github.com>
Date:   Fri Feb 18 10:00:52 2022 +

X509_VERIFY_PARAM_set_flags.pod: fix typos

CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17731)

---

Summary of changes:
 doc/man3/X509_VERIFY_PARAM_set_flags.pod | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod 
b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
index 4437b93fd6..62ef00bc33 100644
--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -249,8 +249,8 @@ certificate. An error occurs if a suitable CRL cannot be 
found.
 B enables CRL checking for the entire certificate
 chain.
 
-B disabled critical extension checking. By default
-any unhandled critical extensions in certificates or (if checked) CRLs results
+B disables critical extension checking. By default
+any unhandled critical extensions in certificates or (if checked) CRLs result
 in a fatal error. If this flag is set unhandled critical extensions are
 ignored. B setting this option for anything other than debugging
 purposes can be a security risk. Finer control over which extensions are

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  632e8be2b570959dc3781c6956171e7e49f1aa58 (commit)
  from  42659159f4d4a8c16a0e9b089d40a5831b60cbb6 (commit)


- Log -
commit 632e8be2b570959dc3781c6956171e7e49f1aa58
Author: Raul Ferrando 
Date:   Tue Feb 15 16:02:41 2022 +0100

Add -quiet option to pkcs7 for -print_certs

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17708)

---

Summary of changes:
 apps/pkcs7.c  | 13 +
 doc/man1/openssl-pkcs7.pod.in |  6 ++
 test/recipes/25-test_pkcs7.t  | 15 ++-
 .../grfc.pem => recipes/25-test_pkcs7_data/grfc.out}  |  1 +
 4 files changed, 30 insertions(+), 5 deletions(-)
 copy test/{certs/grfc.pem => recipes/25-test_pkcs7_data/grfc.out} (99%)

diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index ac2dec152a..a95ea25377 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -23,8 +23,8 @@
 typedef enum OPTION_choice {
 OPT_COMMON,
 OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_NOOUT,
-OPT_TEXT, OPT_PRINT, OPT_PRINT_CERTS, OPT_ENGINE,
-OPT_PROV_ENUM
+OPT_TEXT, OPT_PRINT, OPT_PRINT_CERTS, OPT_QUIET,
+OPT_ENGINE, OPT_PROV_ENUM
 } OPTION_CHOICE;
 
 const OPTIONS pkcs7_options[] = {
@@ -46,6 +46,8 @@ const OPTIONS pkcs7_options[] = {
 {"print", OPT_PRINT, '-', "Print out all fields of the PKCS7 structure"},
 {"print_certs", OPT_PRINT_CERTS, '-',
  "Print_certs  print any certs or crl in the input"},
+{"quiet", OPT_QUIET, '-',
+ "When used with -print_certs, it produces a cleaner output"},
 
 OPT_PROV_OPTIONS,
 {NULL}
@@ -58,7 +60,7 @@ int pkcs7_main(int argc, char **argv)
 BIO *in = NULL, *out = NULL;
 int informat = FORMAT_PEM, outformat = FORMAT_PEM;
 char *infile = NULL, *outfile = NULL, *prog;
-int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, ret = 1;
+int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, quiet = 0, ret 
= 1;
 OPTION_CHOICE o;
 OSSL_LIB_CTX *libctx = app_get0_libctx();
 
@@ -100,6 +102,9 @@ int pkcs7_main(int argc, char **argv)
 case OPT_PRINT_CERTS:
 print_certs = 1;
 break;
+case OPT_QUIET:
+quiet = 1;
+break;
 case OPT_ENGINE:
 e = setup_engine(opt_arg(), 0);
 break;
@@ -171,7 +176,7 @@ int pkcs7_main(int argc, char **argv)
 x = sk_X509_value(certs, i);
 if (text)
 X509_print(out, x);
-else
+else if (!quiet)
 dump_cert_text(out, x);
 
 if (!noout)
diff --git a/doc/man1/openssl-pkcs7.pod.in b/doc/man1/openssl-pkcs7.pod.in
index efd772d1d4..eeb5c356f0 100644
--- a/doc/man1/openssl-pkcs7.pod.in
+++ b/doc/man1/openssl-pkcs7.pod.in
@@ -19,6 +19,7 @@ B B
 [B<-out> I]
 [B<-print>]
 [B<-print_certs>]
+[B<-quiet>]
 [B<-text>]
 [B<-noout>]
 {- $OpenSSL::safe::opt_engine_synopsis -}{- 
$OpenSSL::safe::opt_provider_synopsis -}
@@ -63,6 +64,11 @@ Print out the full PKCS7 object.
 Prints out any certificates or CRLs contained in the file. They are
 preceded by their subject and issuer names in one line format.
 
+=item B<-quiet>
+
+When used with -print_certs, prints out just the PEM-encoded 
+certificates without any other output. 
+
 =item B<-text>
 
 Prints out certificate details in full rather than just subject and
diff --git a/test/recipes/25-test_pkcs7.t b/test/recipes/25-test_pkcs7.t
index 37cd43dc6b..2905fe8fe0 100644
--- a/test/recipes/25-test_pkcs7.t
+++ b/test/recipes/25-test_pkcs7.t
@@ -15,10 +15,15 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
 
 setup("test_pkcs7");
 
-plan tests => 3;
+plan tests => 6;
 
 require_ok(srctop_file('test','recipes','tconversion.pl'));
 
+my @path = qw(test certs);
+my $pemfile = "grfc.pem";
+my $p7file = "grfc.p7b";
+my $out = "grfc.out";
+
 subtest 'pkcs7 conversions -- pkcs7' => sub {
 tconversion( -type => 'p7', -in => srctop_file("test", "testp7.pem"),
  -args => ["pkcs7"] );
@@ -27,3 +32,11 @@ subtest 'pkcs7 conversions -- pkcs7d' => sub {
 tconversion( -type => 'p7d', -in => srctop_file("test", "pkcs7-1.pem"),
  -args => ["pkcs7"] );
 };
+ok(run(app(["openssl", "crl2pkcs7", "-nocrl",
+"-certfile", srctop_file(@path, $pemfile),
+"-out", $p7file])));
+ok(run(app(["openssl", "pkcs7", "-print_certs", "-quiet",
+"-in", $p7file,
+"-out", $out])));
+is(cmp_text($out, srctop_file('test', 'recipes', '25-test_pkcs7_data', 
'grfc.out')),
+0, 'Comparing output');
\ No newline at end of file
diff --git a/test/certs/grfc.pem b/test/recipes/25-test_pkcs7_data/grfc.out
similarity index 99%
copy from 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  6f4a98ce2157aca169709c80ea579e80e39011b6 (commit)
  from  06c20d437ba2554da33a47b9e62b1da5559a38f7 (commit)


- Log -
commit 6f4a98ce2157aca169709c80ea579e80e39011b6
Author: Matt Caswell 
Date:   Tue Feb 22 11:49:04 2022 +

Undeprecate OPENSSL_VERSION_NUMBER and OpenSSL_version_num()

This macro and function were deprecated in the documentation but not in
the source.

Following an OTC vote the deprecation has been removed from the
documentation.

See https://github.com/openssl/technical-policies/issues/26

Fixes #17517

Reviewed-by: Tim Hudson 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17750)

(cherry picked from commit 42659159f4d4a8c16a0e9b089d40a5831b60cbb6)

---

Summary of changes:
 doc/man3/OpenSSL_version.pod | 52 +---
 util/other.syms  |  2 +-
 2 files changed, 21 insertions(+), 33 deletions(-)

diff --git a/doc/man3/OpenSSL_version.pod b/doc/man3/OpenSSL_version.pod
index 034bd718fe..a0a9021431 100644
--- a/doc/man3/OpenSSL_version.pod
+++ b/doc/man3/OpenSSL_version.pod
@@ -38,8 +38,6 @@ OpenSSL_version_num, OPENSSL_info
 
  const char *OPENSSL_info(int t);
 
-Deprecated:
-
  /* from openssl/opensslv.h */
  #define OPENSSL_VERSION_NUMBER 0xL
 
@@ -81,6 +79,25 @@ version for the headers in use is at least at the given 
pre-requisite major
 header version number (B.B) is
 greater than or equal to B.B.
 
+B is a combination of the major, minor and
+patch version into a single integer 0xMNN00PP0L, where:
+
+=over 4
+
+=item M
+
+is the number from B, in hexadecimal notation
+
+=item NN
+
+is the number from B, in hexadecimal notation
+
+=item PP
+
+is the number from B, in hexadecimal notation
+
+=back
+
 =head2 Functions
 
 OPENSSL_version_major(), OPENSSL_version_minor(), OPENSSL_version_patch(),
@@ -198,35 +215,6 @@ For x86 the string looks like 
C.
 
 For an unknown I, NULL is returned.
 
-=head1 BACKWARD COMPATIBILITY
-
-For compatibility, some older macros and functions are retained or
-synthesised.
-They are all considered deprecated.
-
-=head2 Macros
-
-B is a combination of the major, minor and
-patch version into a single integer 0xMNN00PP0L, where:
-
-=over 4
-
-=item M
-
-is the number from B, in hexadecimal notation
-
-=item NN
-
-is the number from B, in hexadecimal notation
-
-=item PP
-
-is the number from B, in hexadecimal notation
-
-=back
-
-=head2 Functions
-
 OpenSSL_version_num() returns the value of B.
 
 =head1 RETURN VALUES
@@ -248,7 +236,7 @@ L
 =head1 HISTORY
 
 The macros and functions described here were added in OpenSSL 3.0,
-with the exception of the L ones.
+except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().
 
 =head1 COPYRIGHT
 
diff --git a/util/other.syms b/util/other.syms
index 1ebffd1d26..0c0d147b33 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -362,7 +362,7 @@ OPENSSL_MSTRdefine
 OPENSSL_MSTR_HELPER define
 OPENSSL_VERSION_MAJOR   define
 OPENSSL_VERSION_MINOR   define
-OPENSSL_VERSION_NUMBER  define deprecated 3.0.0
+OPENSSL_VERSION_NUMBER  define
 OPENSSL_VERSION_PATCH   define
 OPENSSL_VERSION_PRE_RELEASE define
 OPENSSL_VERSION_PREREQ  define

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  42659159f4d4a8c16a0e9b089d40a5831b60cbb6 (commit)
  from  0bc2fda3d3b76bd07243aef3eb7f824da3820b2d (commit)


- Log -
commit 42659159f4d4a8c16a0e9b089d40a5831b60cbb6
Author: Matt Caswell 
Date:   Tue Feb 22 11:49:04 2022 +

Undeprecate OPENSSL_VERSION_NUMBER and OpenSSL_version_num()

This macro and function were deprecated in the documentation but not in
the source.

Following an OTC vote the deprecation has been removed from the
documentation.

See https://github.com/openssl/technical-policies/issues/26

Fixes #17517

Reviewed-by: Tim Hudson 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17750)

---

Summary of changes:
 doc/man3/OpenSSL_version.pod | 52 +---
 util/other.syms  |  2 +-
 2 files changed, 21 insertions(+), 33 deletions(-)

diff --git a/doc/man3/OpenSSL_version.pod b/doc/man3/OpenSSL_version.pod
index 034bd718fe..a0a9021431 100644
--- a/doc/man3/OpenSSL_version.pod
+++ b/doc/man3/OpenSSL_version.pod
@@ -38,8 +38,6 @@ OpenSSL_version_num, OPENSSL_info
 
  const char *OPENSSL_info(int t);
 
-Deprecated:
-
  /* from openssl/opensslv.h */
  #define OPENSSL_VERSION_NUMBER 0xL
 
@@ -81,6 +79,25 @@ version for the headers in use is at least at the given 
pre-requisite major
 header version number (B.B) is
 greater than or equal to B.B.
 
+B is a combination of the major, minor and
+patch version into a single integer 0xMNN00PP0L, where:
+
+=over 4
+
+=item M
+
+is the number from B, in hexadecimal notation
+
+=item NN
+
+is the number from B, in hexadecimal notation
+
+=item PP
+
+is the number from B, in hexadecimal notation
+
+=back
+
 =head2 Functions
 
 OPENSSL_version_major(), OPENSSL_version_minor(), OPENSSL_version_patch(),
@@ -198,35 +215,6 @@ For x86 the string looks like 
C.
 
 For an unknown I, NULL is returned.
 
-=head1 BACKWARD COMPATIBILITY
-
-For compatibility, some older macros and functions are retained or
-synthesised.
-They are all considered deprecated.
-
-=head2 Macros
-
-B is a combination of the major, minor and
-patch version into a single integer 0xMNN00PP0L, where:
-
-=over 4
-
-=item M
-
-is the number from B, in hexadecimal notation
-
-=item NN
-
-is the number from B, in hexadecimal notation
-
-=item PP
-
-is the number from B, in hexadecimal notation
-
-=back
-
-=head2 Functions
-
 OpenSSL_version_num() returns the value of B.
 
 =head1 RETURN VALUES
@@ -248,7 +236,7 @@ L
 =head1 HISTORY
 
 The macros and functions described here were added in OpenSSL 3.0,
-with the exception of the L ones.
+except for OPENSSL_VERSION_NUMBER and OpenSSL_version_num().
 
 =head1 COPYRIGHT
 
diff --git a/util/other.syms b/util/other.syms
index ae675b78f4..974fe62f6a 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -362,7 +362,7 @@ OPENSSL_MSTRdefine
 OPENSSL_MSTR_HELPER define
 OPENSSL_VERSION_MAJOR   define
 OPENSSL_VERSION_MINOR   define
-OPENSSL_VERSION_NUMBER  define deprecated 3.0.0
+OPENSSL_VERSION_NUMBER  define
 OPENSSL_VERSION_PATCH   define
 OPENSSL_VERSION_PRE_RELEASE define
 OPENSSL_VERSION_PREREQ  define

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  06c20d437ba2554da33a47b9e62b1da5559a38f7 (commit)
  from  9c1973e1c57d7de4d57f10545b3e9c921b34df23 (commit)


- Log -
commit 06c20d437ba2554da33a47b9e62b1da5559a38f7
Author: msa42 
Date:   Mon Feb 21 18:23:34 2022 +

doc: Fix KDF example for scrypt

CLA: trivial

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17745)

(cherry picked from commit 0bc2fda3d3b76bd07243aef3eb7f824da3820b2d)

---

Summary of changes:
 doc/man1/openssl-kdf.pod.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man1/openssl-kdf.pod.in b/doc/man1/openssl-kdf.pod.in
index 2880d1ff9d..548f69c707 100644
--- a/doc/man1/openssl-kdf.pod.in
+++ b/doc/man1/openssl-kdf.pod.in
@@ -166,7 +166,7 @@ Use PBKDF2 to create a hex-encoded derived key from a 
password and salt:
 Use scrypt to create a hex-encoded derived key from a password and salt:
 
 openssl kdf -keylen 64 -kdfopt pass:password -kdfopt salt:NaCl \
--kdfopt N:1024 -kdfopt r:8 -kdfopt p:16 \
+-kdfopt n:1024 -kdfopt r:8 -kdfopt p:16 \
 -kdfopt maxmem_bytes:10485760 SCRYPT
 
 =head1 NOTES

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  0bc2fda3d3b76bd07243aef3eb7f824da3820b2d (commit)
  from  7e1eda483ec9ead36c05066b45ecad618475544c (commit)


- Log -
commit 0bc2fda3d3b76bd07243aef3eb7f824da3820b2d
Author: msa42 
Date:   Mon Feb 21 18:23:34 2022 +

doc: Fix KDF example for scrypt

CLA: trivial

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17745)

---

Summary of changes:
 doc/man1/openssl-kdf.pod.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man1/openssl-kdf.pod.in b/doc/man1/openssl-kdf.pod.in
index 2880d1ff9d..548f69c707 100644
--- a/doc/man1/openssl-kdf.pod.in
+++ b/doc/man1/openssl-kdf.pod.in
@@ -166,7 +166,7 @@ Use PBKDF2 to create a hex-encoded derived key from a 
password and salt:
 Use scrypt to create a hex-encoded derived key from a password and salt:
 
 openssl kdf -keylen 64 -kdfopt pass:password -kdfopt salt:NaCl \
--kdfopt N:1024 -kdfopt r:8 -kdfopt p:16 \
+-kdfopt n:1024 -kdfopt r:8 -kdfopt p:16 \
 -kdfopt maxmem_bytes:10485760 SCRYPT
 
 =head1 NOTES

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  0ec286a62840c2a0de4b7a1b5063ace3338a925f (commit)
  from  46119286c16341734b3cb60945fb07d1ea30eb81 (commit)


- Log -
commit 0ec286a62840c2a0de4b7a1b5063ace3338a925f
Author: xkernel 
Date:   Mon Feb 21 15:29:25 2022 +0800

check *libctx which is allocated by OSSL_LIB_CTX_new()

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17740)

(cherry picked from commit 8d215738a05350baa583c47a2c52371d9cff3197)

---

Summary of changes:
 test/tls-provider.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/test/tls-provider.c b/test/tls-provider.c
index 9ac1db51b3..3b7be54331 100644
--- a/test/tls-provider.c
+++ b/test/tls-provider.c
@@ -840,6 +840,9 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle,
 {
 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
 
+if (libctx == NULL)
+return 0;
+
 *provctx = libctx;
 
 /*

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  8d215738a05350baa583c47a2c52371d9cff3197 (commit)
  from  b0317df2311769e02d9ceb4e7afe19521f8ffbf1 (commit)


- Log -
commit 8d215738a05350baa583c47a2c52371d9cff3197
Author: xkernel 
Date:   Mon Feb 21 15:29:25 2022 +0800

check *libctx which is allocated by OSSL_LIB_CTX_new()

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17740)

---

Summary of changes:
 test/tls-provider.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/test/tls-provider.c b/test/tls-provider.c
index 7bff6e7406..c658514854 100644
--- a/test/tls-provider.c
+++ b/test/tls-provider.c
@@ -840,6 +840,9 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle,
 {
 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
 
+if (libctx == NULL)
+return 0;
+
 *provctx = libctx;
 
 /*

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  46119286c16341734b3cb60945fb07d1ea30eb81 (commit)
  from  ad910cc482c8e06d04a141a9f5f79172a6e56f66 (commit)


- Log -
commit 46119286c16341734b3cb60945fb07d1ea30eb81
Author: Jiasheng Jiang 
Date:   Mon Feb 21 10:54:29 2022 +0800

test/sslapitest.c: Add check for SSL_CTX_new

As the potential failure of the memory allocation, it should
be better to check the return value of SSL_CTX_new() and return
error if fails, like SSL_CTX_new_ex().

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17739)

(cherry picked from commit b0317df2311769e02d9ceb4e7afe19521f8ffbf1)

---

Summary of changes:
 test/sslapitest.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 9056fa28f1..b2f3471548 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -8074,8 +8074,12 @@ static int test_cert_cb_int(int prot, int tst)
 else
 cert_cb_cnt = 0;
 
-if (tst == 2)
+if (tst == 2) {
 snictx = SSL_CTX_new(TLS_server_method());
+if (!TEST_ptr(snictx))
+goto end;
+}
+
 SSL_CTX_set_cert_cb(sctx, cert_cb, snictx);
 
 if (!TEST_true(create_ssl_objects(sctx, cctx, , ,

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  b0317df2311769e02d9ceb4e7afe19521f8ffbf1 (commit)
  from  a044af49c43ec8fe099deeb5d06501ddf70abf7a (commit)


- Log -
commit b0317df2311769e02d9ceb4e7afe19521f8ffbf1
Author: Jiasheng Jiang 
Date:   Mon Feb 21 10:54:29 2022 +0800

test/sslapitest.c: Add check for SSL_CTX_new

As the potential failure of the memory allocation, it should
be better to check the return value of SSL_CTX_new() and return
error if fails, like SSL_CTX_new_ex().

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17739)

---

Summary of changes:
 test/sslapitest.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 181d0ef686..8ba5d8125c 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -8090,8 +8090,12 @@ static int test_cert_cb_int(int prot, int tst)
 else
 cert_cb_cnt = 0;
 
-if (tst == 2)
+if (tst == 2) {
 snictx = SSL_CTX_new(TLS_server_method());
+if (!TEST_ptr(snictx))
+goto end;
+}
+
 SSL_CTX_set_cert_cb(sctx, cert_cb, snictx);
 
 if (!TEST_true(create_ssl_objects(sctx, cctx, , ,

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  f596bbe4da779b56eea34d96168b557d78e1149a (commit)
  from  7b3041eba1c6e177eede0d6311d53a6b9ff58051 (commit)


- Log -
commit f596bbe4da779b56eea34d96168b557d78e1149a
Author: Deepankar Bhattacharjee 
Date:   Mon Sep 20 10:45:15 2021 -0400

chacha20 performance optimizations for ppc64le with 8x lanes,
Performance increase around 50%.

Co-authored-by: Madhusudhanan Duraisamy 

Co-authored-by: Nilamjyoti Goswami 

Co-authored-by: Siva Sundar Anbareeswaran 

Reviewed-by: Danny Tsen 
Tested-by: Danny Tsen 
Signed-off-by: Danny 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/16637)

---

Summary of changes:
 crypto/chacha/asm/chachap10-ppc.pl | 1354 
 crypto/chacha/build.info   |3 +-
 crypto/chacha/chacha_ppc.c |   15 +-
 crypto/perlasm/ppc-xlate.pl|   17 +
 crypto/ppccap.c|9 +
 crypto/ppccpuid.pl |   11 +
 include/crypto/ppc_arch.h  |1 +
 7 files changed, 1404 insertions(+), 6 deletions(-)
 create mode 100755 crypto/chacha/asm/chachap10-ppc.pl

diff --git a/crypto/chacha/asm/chachap10-ppc.pl 
b/crypto/chacha/asm/chachap10-ppc.pl
new file mode 100755
index 00..752fc731e2
--- /dev/null
+++ b/crypto/chacha/asm/chachap10-ppc.pl
@@ -0,0 +1,1354 @@
+#! /usr/bin/env perl
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+#
+# 
+# Written by Andy Polyakov  for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# 
+#
+# October 2015
+#
+# ChaCha20 for PowerPC/AltiVec.
+#
+# June 2018
+#
+# Add VSX 2.07 code path. Original 3xAltiVec+1xIALU is well-suited for
+# processors that can't issue more than one vector instruction per
+# cycle. But POWER8 (and POWER9) can issue a pair, and vector-only 4x
+# interleave would perform better. Incidentally PowerISA 2.07 (first
+# implemented by POWER8) defined new usable instructions, hence 4xVSX
+# code path...
+#
+# Performance in cycles per byte out of large buffer.
+#
+#  IALU/gcc-4.x3xAltiVec+1xIALU4xVSX
+#
+# Freescale e300   13.6/+115%  -   -
+# PPC74x0/G4e  6.81/+310%  3.81-
+# PPC970/G59.29/+160%  ?   -
+# POWER7   8.62/+61%   3.35-
+# POWER8   8.70/+51%   2.912.09
+# POWER9   8.80/+29%   4.44(*) 2.45(**)
+#
+# (*)  this is trade-off result, it's possible to improve it, but
+#  then it would negatively affect all others;
+# (**) POWER9 seems to be "allergic" to mixing vector and integer
+#  instructions, which is why switch to vector-only code pays
+#  off that much;
+
+# $output is the last argument if it looks like a file (it has an extension)
+# $flavour is the first argument if it doesn't look like a file
+$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef;
+$flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef;
+
+if ($flavour =~ /64/) {
+   $SIZE_T =8;
+   $LRSAVE =2*$SIZE_T;
+   $STU="stdu";
+   $POP="ld";
+   $PUSH   ="std";
+   $UCMP   ="cmpld";
+} elsif ($flavour =~ /32/) {
+   $SIZE_T =4;
+   $LRSAVE =$SIZE_T;
+   $STU="stwu";
+   $POP="lwz";
+   $PUSH   ="stw";
+   $UCMP   ="cmplw";
+} else { die "nonsense $flavour"; }
+
+$LITTLE_ENDIAN = ($flavour=~/le$/) ? 1 : 0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour \"$output\""
+or die "can't call $xlate: $!";
+
+$LOCALS=6*$SIZE_T;
+$FRAME=$LOCALS+64+18*$SIZE_T;  # 64 is for local variables
+
+sub AUTOLOAD() # thunk [simplified] x86-style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; $opcode =~ s/_/\./;
+$code .= "\t$opcode\t".join(',',@_)."\n";
+}
+
+my $sp = "r1";
+
+my ($out,$inp,$len,$key,$ctr) = map("r$_",(3..7));
+
+
+{{{
+my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3,
+$xc0,$xc1,$xc2,$xc3, 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  5675a5aaf6a2e489022bcfc18330dae9263e598e (commit)
  from  eee4287febb296afae3de9e21c5d9cbae14a9802 (commit)


- Log -
commit 5675a5aaf6a2e489022bcfc18330dae9263e598e
Author: Pauli 
Date:   Wed Feb 16 10:41:58 2022 +1100

x509: handle returns from X509_TRUST_get_by_id() more consistently

Reviewed-by: Bernd Edlinger 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/17709)

(cherry picked from commit 7b3041eba1c6e177eede0d6311d53a6b9ff58051)

---

Summary of changes:
 crypto/x509/x509_trust.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index 0888e16c15..fa30c738a7 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -72,7 +72,7 @@ int X509_check_trust(X509 *x, int id, int flags)
 return obj_trust(NID_anyExtendedKeyUsage, x,
  flags | X509_TRUST_DO_SS_COMPAT);
 idx = X509_TRUST_get_by_id(id);
-if (idx == -1)
+if (idx < 0)
 return default_trust(id, x, flags);
 pt = X509_TRUST_get0(idx);
 return pt->check_trust(pt, x, flags);
@@ -112,7 +112,7 @@ int X509_TRUST_get_by_id(int id)
 
 int X509_TRUST_set(int *t, int trust)
 {
-if (X509_TRUST_get_by_id(trust) == -1) {
+if (X509_TRUST_get_by_id(trust) < 0) {
 ERR_raise(ERR_LIB_X509, X509_R_INVALID_TRUST);
 return 0;
 }
@@ -162,7 +162,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 trtmp->arg2 = arg2;
 
 /* If its a new entry manage the dynamic table */
-if (idx == -1) {
+if (idx < 0) {
 if (trtable == NULL
 && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
 ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
@@ -175,7 +175,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 }
 return 1;
  err:
-if (idx == -1) {
+if (idx < 0) {
 OPENSSL_free(trtmp->name);
 OPENSSL_free(trtmp);
 }

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  7b3041eba1c6e177eede0d6311d53a6b9ff58051 (commit)
  from  09dca557332a2187598932388ac7bd7bbf16172b (commit)


- Log -
commit 7b3041eba1c6e177eede0d6311d53a6b9ff58051
Author: Pauli 
Date:   Wed Feb 16 10:41:58 2022 +1100

x509: handle returns from X509_TRUST_get_by_id() more consistently

Reviewed-by: Bernd Edlinger 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/17709)

---

Summary of changes:
 crypto/x509/x509_trust.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index bf674737f8..d3b9ad345d 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -72,7 +72,7 @@ int X509_check_trust(X509 *x, int id, int flags)
 return obj_trust(NID_anyExtendedKeyUsage, x,
  flags | X509_TRUST_DO_SS_COMPAT);
 idx = X509_TRUST_get_by_id(id);
-if (idx == -1)
+if (idx < 0)
 return default_trust(id, x, flags);
 pt = X509_TRUST_get0(idx);
 return pt->check_trust(pt, x, flags);
@@ -112,7 +112,7 @@ int X509_TRUST_get_by_id(int id)
 
 int X509_TRUST_set(int *t, int trust)
 {
-if (X509_TRUST_get_by_id(trust) == -1) {
+if (X509_TRUST_get_by_id(trust) < 0) {
 ERR_raise(ERR_LIB_X509, X509_R_INVALID_TRUST);
 return 0;
 }
@@ -162,7 +162,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 trtmp->arg2 = arg2;
 
 /* If its a new entry manage the dynamic table */
-if (idx == -1) {
+if (idx < 0) {
 if (trtable == NULL
 && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
 ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
@@ -175,7 +175,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 }
 return 1;
  err:
-if (idx == -1) {
+if (idx < 0) {
 OPENSSL_free(trtmp->name);
 OPENSSL_free(trtmp);
 }

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  7850cc8307b9105f37dde864d5c8c881c522b28a (commit)
  from  b089d546242bbc073aefb6f6471586e484118863 (commit)


- Log -
commit 7850cc8307b9105f37dde864d5c8c881c522b28a
Author: EasySec 
Date:   Sat Feb 12 02:07:34 2022 +0100

enc : add support for wrap mode

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17691)

---

Summary of changes:
 apps/enc.c  | 25 +++--
 crypto/evp/c_allc.c |  3 +++
 doc/man1/openssl-enc.pod.in | 20 +++-
 3 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/apps/enc.c b/apps/enc.c
index b14129d9b0..d50baa6d2f 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -127,6 +127,8 @@ int enc_main(int argc, char **argv)
 int pbkdf2 = 0;
 int iter = 0;
 long n;
+int streamable = 1;
+int wrap = 0;
 struct doall_enc_ciphers dec;
 #ifdef ZLIB
 int do_zlib = 0;
@@ -298,6 +300,10 @@ int enc_main(int argc, char **argv)
 /* Get the cipher name, either from progname (if set) or flag. */
 if (!opt_cipher(ciphername, ))
 goto opthelp;
+if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_WRAP_MODE)) {
+wrap = 1;
+streamable = 0;
+}
 if (digestname != NULL) {
 if (!opt_md(digestname, ))
 goto opthelp;
@@ -328,6 +334,10 @@ int enc_main(int argc, char **argv)
 buff = app_malloc(EVP_ENCODE_LENGTH(bsize), "evp buffer");
 
 if (infile == NULL) {
+if (!streamable) {
+BIO_printf(bio_err, "Unstreamable cipher mode\n");
+goto end;
+}
 in = dup_bio_in(informat);
 } else {
 in = bio_open_default(infile, 'r', informat);
@@ -524,7 +534,8 @@ int enc_main(int argc, char **argv)
 }
 }
 if ((hiv == NULL) && (str == NULL)
-&& EVP_CIPHER_get_iv_length(cipher) != 0) {
+&& EVP_CIPHER_get_iv_length(cipher) != 0
+&& wrap == 0) {
 /*
  * No IV was explicitly set and no IV was generated.
  * Hence the IV is undefined, making correct decryption impossible.
@@ -551,6 +562,9 @@ int enc_main(int argc, char **argv)
 
 BIO_get_cipher_ctx(benc, );
 
+if (wrap == 1)
+EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+
 if (!EVP_CipherInit_ex(ctx, cipher, e, NULL, NULL, enc)) {
 BIO_printf(bio_err, "Error setting cipher %s\n",
EVP_CIPHER_get0_name(cipher));
@@ -561,7 +575,8 @@ int enc_main(int argc, char **argv)
 if (nopad)
 EVP_CIPHER_CTX_set_padding(ctx, 0);
 
-if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
+if (!EVP_CipherInit_ex(ctx, NULL, NULL, key,
+   (hiv == NULL && wrap == 1 ? NULL : iv), enc)) {
 BIO_printf(bio_err, "Error setting cipher %s\n",
EVP_CIPHER_get0_name(cipher));
 ERR_print_errors(bio_err);
@@ -607,10 +622,16 @@ int enc_main(int argc, char **argv)
 inl = BIO_read(rbio, (char *)buff, bsize);
 if (inl <= 0)
 break;
+if (!streamable && !BIO_eof(rbio)) {/* do not output data */
+BIO_printf(bio_err, "Unstreamable cipher mode\n");
+goto end;
+}
 if (BIO_write(wbio, (char *)buff, inl) != inl) {
 BIO_printf(bio_err, "error writing output file\n");
 goto end;
 }
+if (!streamable)
+break;
 }
 if (!BIO_flush(wbio)) {
 BIO_printf(bio_err, "bad decrypt\n");
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index d556b5ab28..350a0e0527 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -149,6 +149,7 @@ void openssl_add_all_ciphers_int(void)
 EVP_add_cipher(EVP_aes_128_wrap());
 EVP_add_cipher_alias(SN_id_aes128_wrap, "aes128-wrap");
 EVP_add_cipher(EVP_aes_128_wrap_pad());
+EVP_add_cipher_alias(SN_id_aes128_wrap_pad, "aes128-wrap-pad");
 EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
 EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
 EVP_add_cipher(EVP_aes_192_ecb());
@@ -166,6 +167,7 @@ void openssl_add_all_ciphers_int(void)
 EVP_add_cipher(EVP_aes_192_wrap());
 EVP_add_cipher_alias(SN_id_aes192_wrap, "aes192-wrap");
 EVP_add_cipher(EVP_aes_192_wrap_pad());
+EVP_add_cipher_alias(SN_id_aes192_wrap_pad, "aes192-wrap-pad");
 EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
 EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
 EVP_add_cipher(EVP_aes_256_ecb());
@@ -184,6 +186,7 @@ void openssl_add_all_ciphers_int(void)
 EVP_add_cipher(EVP_aes_256_wrap());
 EVP_add_cipher_alias(SN_id_aes256_wrap, "aes256-wrap");
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  d5530efada83825ef239a8458db541adc4b422ec (commit)
  from  3d27ac8d92ef89c202b518cf6c4e15477eb594b2 (commit)


- Log -
commit d5530efada83825ef239a8458db541adc4b422ec
Author: Tomas Mraz 
Date:   Thu Feb 10 11:49:37 2022 +0100

Add back check for the DH public key size

This is needed for TLS-1.3.

Also add check for uncompressed point format for ECDHE as
the other formats are not allowed by RFC 8446.

Fixes #17667

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17678)

---

Summary of changes:
 ssl/ssl_local.h  |  3 +++
 ssl/statem/extensions_clnt.c |  4 ++--
 ssl/statem/extensions_srvr.c |  6 +++---
 ssl/t1_lib.c | 19 +++
 4 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 58a3e9e08a..aee8f9272f 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -811,6 +811,9 @@ int ssl_hmac_final(SSL_HMAC *ctx, unsigned char *md, size_t 
*len,
 size_t ssl_hmac_size(const SSL_HMAC *ctx);
 
 int ssl_get_EC_curve_nid(const EVP_PKEY *pkey);
+__owur int tls13_set_encoded_pub_key(EVP_PKEY *pkey,
+ const unsigned char *enckey,
+ size_t enckeylen);
 
 typedef struct tls_group_info_st {
 char *tlsname;   /* Curve Name as in TLS specs */
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index c5de5ca5ba..0d90f0cc65 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1856,8 +1856,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, 
unsigned int context, X509 *x,
 return 0;
 }
 
-if (EVP_PKEY_set1_encoded_public_key(skey, PACKET_data(_pt),
- PACKET_remaining(_pt)) <= 
0) {
+if (tls13_set_encoded_pub_key(skey, PACKET_data(_pt),
+  PACKET_remaining(_pt)) <= 0) {
 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_ECPOINT);
 EVP_PKEY_free(skey);
 return 0;
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index fa64435a00..c2506879ef 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -665,9 +665,9 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned 
int context, X509 *x,
 return 0;
 }
 
-if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp,
-PACKET_data(_pt),
-PACKET_remaining(_pt)) <= 0) {
+if (tls13_set_encoded_pub_key(s->s3.peer_tmp,
+  PACKET_data(_pt),
+  PACKET_remaining(_pt)) <= 0) {
 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_ECPOINT);
 return 0;
 }
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ad248c4cdf..218e8a3ae8 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3532,3 +3532,22 @@ int ssl_get_EC_curve_nid(const EVP_PKEY *pkey)
 
 return NID_undef;
 }
+
+__owur int tls13_set_encoded_pub_key(EVP_PKEY *pkey,
+ const unsigned char *enckey,
+ size_t enckeylen)
+{
+if (EVP_PKEY_is_a(pkey, "DH")) {
+int bits = EVP_PKEY_get_bits(pkey);
+
+if (bits <= 0 || enckeylen != (size_t)bits / 8)
+/* the encoded key must be padded to the length of the p */
+return 0;
+} else if (EVP_PKEY_is_a(pkey, "EC")) {
+if (enckeylen < 3 /* point format and at least 1 byte for x and y */
+|| enckey[0] != 0x04)
+return 0;
+}
+
+return EVP_PKEY_set1_encoded_public_key(pkey, enckey, enckeylen);
+}

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  59de5a5e8603fb5e2e7b0aa78224152700ad905a (commit)
  from  3948abaf4458aac66bf47546874d0fb5a73a78a0 (commit)


- Log -
commit 59de5a5e8603fb5e2e7b0aa78224152700ad905a
Author: Todd Short 
Date:   Wed Feb 9 15:59:37 2022 -0500

Force macOS 10.15 or later to be 64-bit

macOS Catalina (10.15) no longer supports 32-bit applications.
Do not wait 5 seconds to give the user the option of using KERNEL_BITS=32
Do not accept the KERNEL_BITS=32 option

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17675)

(cherry picked from commit b926548b362531e8a64e7482c081611fab7183a8)

---

Summary of changes:
 util/perl/OpenSSL/config.pm | 8 
 1 file changed, 8 insertions(+)

diff --git a/util/perl/OpenSSL/config.pm b/util/perl/OpenSSL/config.pm
index 81e9a03b48..17786defad 100755
--- a/util/perl/OpenSSL/config.pm
+++ b/util/perl/OpenSSL/config.pm
@@ -485,6 +485,14 @@ EOF
   [ 'x86_64-apple-darwin.*',
 sub {
 my $KERNEL_BITS = $ENV{KERNEL_BITS} // '';
+# macOS >= 10.15 is 64-bit only
+my $SW_VERS = `sw_vers -productVersion 2>/dev/null`;
+if ($SW_VERS =~ /^(\d+)\.(\d+)\.(\d+)$/) {
+if ($1 > 10 || ($1 == 10 && $2 >= 15)) {
+die "32-bit applications not supported on macOS 10.15 or 
later\n" if $KERNEL_BITS eq '32';
+return { target => "darwin64-x86_64" };
+}
+}
 return { target => "darwin-i386" } if $KERNEL_BITS eq '32';
 
 print <

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  b926548b362531e8a64e7482c081611fab7183a8 (commit)
  from  065121ff198a84106023013420dedd57ac4ff53a (commit)


- Log -
commit b926548b362531e8a64e7482c081611fab7183a8
Author: Todd Short 
Date:   Wed Feb 9 15:59:37 2022 -0500

Force macOS 10.15 or later to be 64-bit

macOS Catalina (10.15) no longer supports 32-bit applications.
Do not wait 5 seconds to give the user the option of using KERNEL_BITS=32
Do not accept the KERNEL_BITS=32 option

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17675)

---

Summary of changes:
 util/perl/OpenSSL/config.pm | 8 
 1 file changed, 8 insertions(+)

diff --git a/util/perl/OpenSSL/config.pm b/util/perl/OpenSSL/config.pm
index fd4cce3c25..cb2f5097a8 100755
--- a/util/perl/OpenSSL/config.pm
+++ b/util/perl/OpenSSL/config.pm
@@ -485,6 +485,14 @@ EOF
   [ 'x86_64-apple-darwin.*',
 sub {
 my $KERNEL_BITS = $ENV{KERNEL_BITS} // '';
+# macOS >= 10.15 is 64-bit only
+my $SW_VERS = `sw_vers -productVersion 2>/dev/null`;
+if ($SW_VERS =~ /^(\d+)\.(\d+)\.(\d+)$/) {
+if ($1 > 10 || ($1 == 10 && $2 >= 15)) {
+die "32-bit applications not supported on macOS 10.15 or 
later\n" if $KERNEL_BITS eq '32';
+return { target => "darwin64-x86_64" };
+}
+}
 return { target => "darwin-i386" } if $KERNEL_BITS eq '32';
 
 print <

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  fc27d9f3af95aa33e5028c6cef8d56d1c7f17436 (commit)
  from  b32b2167155cafc4ac133f49d9cd04a249e443c8 (commit)


- Log -
commit fc27d9f3af95aa33e5028c6cef8d56d1c7f17436
Author: Pauli 
Date:   Wed Feb 9 11:17:57 2022 +1100

Change condition to avoid spurious compiler complaints.

X509_TRUST_get0() is checking < 0, the code here was checking == -1.  Both 
are
equivalent in this situation but gcc-12 has conniptions about a subsequent
possible NULL dereference (which isn't possible).

Fixes #17665

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17668)

(cherry picked from commit b84c6e86dd8ca88444207080808d1d598856041f)

---

Summary of changes:
 crypto/x509/x509_trust.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index ff578aee73..0888e16c15 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -134,7 +134,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 /* Get existing entry if any */
 idx = X509_TRUST_get_by_id(id);
 /* Need a new entry */
-if (idx == -1) {
+if (idx < 0) {
 if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
 ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
 return 0;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  b84c6e86dd8ca88444207080808d1d598856041f (commit)
  from  378c50f63dceb3a85bb4937a3499283b10d295b6 (commit)


- Log -
commit b84c6e86dd8ca88444207080808d1d598856041f
Author: Pauli 
Date:   Wed Feb 9 11:17:57 2022 +1100

Change condition to avoid spurious compiler complaints.

X509_TRUST_get0() is checking < 0, the code here was checking == -1.  Both 
are
equivalent in this situation but gcc-12 has conniptions about a subsequent
possible NULL dereference (which isn't possible).

Fixes #17665

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17668)

---

Summary of changes:
 crypto/x509/x509_trust.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index e71db0c9a1..bf674737f8 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -134,7 +134,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 /* Get existing entry if any */
 idx = X509_TRUST_get_by_id(id);
 /* Need a new entry */
-if (idx == -1) {
+if (idx < 0) {
 if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
 ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
 return 0;

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  b32b2167155cafc4ac133f49d9cd04a249e443c8 (commit)
  from  09ade84a4a9e082c785cb51a9db2e85a45097cbd (commit)


- Log -
commit b32b2167155cafc4ac133f49d9cd04a249e443c8
Author: Kevin K Biju 
Date:   Sat Feb 5 18:09:45 2022 +0530

Added checking for buflen overflow due to MAX_MISALIGNMENT.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17646)

(cherry picked from commit 4b3777c9ad4a2058a9b87afb26289039ebf4a6c1)

---

Summary of changes:
 apps/speed.c  | 8 ++--
 doc/man1/openssl-speed.pod.in | 2 ++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index 9be01bb4b2..b730a5c2b5 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -452,7 +452,7 @@ static const OPT_PAIR sm2_choices[SM2_NUM] = {
 static double sm2_results[SM2_NUM][2];/* 2 ops: sign then verify */
 #endif /* OPENSSL_NO_SM2 */
 
-#define COND(unused_cond) (run && count < 0x7fff)
+#define COND(unused_cond) (run && count < INT_MAX)
 #define COUNT(d) (count)
 
 typedef struct loopargs_st {
@@ -1775,6 +1775,10 @@ int speed_main(int argc, char **argv)
 buflen = lengths[size_num - 1];
 if (buflen < 36)/* size of random vector in RSA benchmark */
 buflen = 36;
+if (INT_MAX - (MAX_MISALIGNMENT + 1) < buflen) {
+BIO_printf(bio_err, "Error: buffer size too large\n");
+goto end;
+}
 buflen += MAX_MISALIGNMENT + 1;
 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
@@ -3618,7 +3622,7 @@ static void multiblock_speed(const EVP_CIPHER 
*evp_cipher, int lengths_single,
 for (j = 0; j < num; j++) {
 print_message(alg_name, 0, mblengths[j], seconds->sym);
 Time_F(START);
-for (count = 0; run && count < 0x7fff; count++) {
+for (count = 0; run && count < INT_MAX; count++) {
 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
 size_t len = mblengths[j];
diff --git a/doc/man1/openssl-speed.pod.in b/doc/man1/openssl-speed.pod.in
index bfe992797a..29181ea970 100644
--- a/doc/man1/openssl-speed.pod.in
+++ b/doc/man1/openssl-speed.pod.in
@@ -101,6 +101,8 @@ Run benchmarks for I seconds.
 =item B<-bytes> I
 
 Run benchmarks on I-byte buffers. Affects ciphers, digests and the CSPRNG.
+The limit on the size of the buffer is INT_MAX - 64 bytes, which for a 32-bit 
+int would be 2147483583 bytes.
 
 =item B<-mr>
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  378c50f63dceb3a85bb4937a3499283b10d295b6 (commit)
  from  64dc57419ddd9329f7062b048dee5ecd9306 (commit)


- Log -
commit 378c50f63dceb3a85bb4937a3499283b10d295b6
Author: Kevin K Biju 
Date:   Sat Feb 5 18:09:45 2022 +0530

Added checking for buflen overflow due to MAX_MISALIGNMENT.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17646)

---

Summary of changes:
 apps/speed.c  | 8 ++--
 doc/man1/openssl-speed.pod.in | 2 ++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index a790f280db..2201489fb4 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -456,7 +456,7 @@ static const OPT_PAIR sm2_choices[SM2_NUM] = {
 static double sm2_results[SM2_NUM][2];/* 2 ops: sign then verify */
 #endif /* OPENSSL_NO_SM2 */
 
-#define COND(unused_cond) (run && count < 0x7fff)
+#define COND(unused_cond) (run && count < INT_MAX)
 #define COUNT(d) (count)
 
 typedef struct loopargs_st {
@@ -1779,6 +1779,10 @@ int speed_main(int argc, char **argv)
 buflen = lengths[size_num - 1];
 if (buflen < 36)/* size of random vector in RSA benchmark */
 buflen = 36;
+if (INT_MAX - (MAX_MISALIGNMENT + 1) < buflen) {
+BIO_printf(bio_err, "Error: buffer size too large\n");
+goto end;
+}
 buflen += MAX_MISALIGNMENT + 1;
 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
@@ -3613,7 +3617,7 @@ static void multiblock_speed(const EVP_CIPHER 
*evp_cipher, int lengths_single,
 for (j = 0; j < num; j++) {
 print_message(alg_name, 0, mblengths[j], seconds->sym);
 Time_F(START);
-for (count = 0; run && count < 0x7fff; count++) {
+for (count = 0; run && count < INT_MAX; count++) {
 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
 size_t len = mblengths[j];
diff --git a/doc/man1/openssl-speed.pod.in b/doc/man1/openssl-speed.pod.in
index bfe992797a..98e3bac037 100644
--- a/doc/man1/openssl-speed.pod.in
+++ b/doc/man1/openssl-speed.pod.in
@@ -101,6 +101,8 @@ Run benchmarks for I seconds.
 =item B<-bytes> I
 
 Run benchmarks on I-byte buffers. Affects ciphers, digests and the CSPRNG.
+The limit on the size of the buffer is INT_MAX - 64 bytes, which for a 32-bit
+int would be 2147483583 bytes.
 
 =item B<-mr>
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  09ade84a4a9e082c785cb51a9db2e85a45097cbd (commit)
  from  828bbe3795c82fe060f823ff117a753e81fb48d3 (commit)


- Log -
commit 09ade84a4a9e082c785cb51a9db2e85a45097cbd
Author: EasySec 
Date:   Mon Feb 7 23:16:39 2022 +0100

Fix small typo in EVP_KEYEXCH-ECDH.html doc example

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17657)

(cherry picked from commit 0fdb31669f88cbf5d63ba16d82d95c6c84575dc0)

---

Summary of changes:
 doc/man7/EVP_KEYEXCH-ECDH.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man7/EVP_KEYEXCH-ECDH.pod b/doc/man7/EVP_KEYEXCH-ECDH.pod
index a710625f22..69d0d87b35 100644
--- a/doc/man7/EVP_KEYEXCH-ECDH.pod
+++ b/doc/man7/EVP_KEYEXCH-ECDH.pod
@@ -88,7 +88,7 @@ key but also using X963KDF with a user key material:
 size_t secret_len = out_len;
 unsigned int pad = 1;
 OSSL_PARAM params[6];
-EVP_PKET_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
+EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
 
 EVP_PKEY_derive_init(dctx);
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  0fdb31669f88cbf5d63ba16d82d95c6c84575dc0 (commit)
  from  3a23f01268ec47bf3423b849cc226be220745522 (commit)


- Log -
commit 0fdb31669f88cbf5d63ba16d82d95c6c84575dc0
Author: EasySec 
Date:   Mon Feb 7 23:16:39 2022 +0100

Fix small typo in EVP_KEYEXCH-ECDH.html doc example

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17657)

---

Summary of changes:
 doc/man7/EVP_KEYEXCH-ECDH.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man7/EVP_KEYEXCH-ECDH.pod b/doc/man7/EVP_KEYEXCH-ECDH.pod
index a710625f22..69d0d87b35 100644
--- a/doc/man7/EVP_KEYEXCH-ECDH.pod
+++ b/doc/man7/EVP_KEYEXCH-ECDH.pod
@@ -88,7 +88,7 @@ key but also using X963KDF with a user key material:
 size_t secret_len = out_len;
 unsigned int pad = 1;
 OSSL_PARAM params[6];
-EVP_PKET_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
+EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);
 
 EVP_PKEY_derive_init(dctx);
 

[openssl] OpenSSL_1_1_1-stable update

[Dr . Paul Dale]

The branch OpenSSL_1_1_1-stable has been updated
   via  8aa353679f0ad72f478a4800c22ad30f6b972370 (commit)
  from  191c9e6c242b85184b72ccd52d2d9af5e1122637 (commit)


- Log -
commit 8aa353679f0ad72f478a4800c22ad30f6b972370
Author: Pauli 
Date:   Tue Feb 1 12:37:25 2022 +1100

scrypt: increase memory usage beyond limit

This brings these tests in line with 3.0 and master and makes them
fail correctly.

Fixes #17612

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17619)

---

Summary of changes:
 test/recipes/30-test_evp_data/evpkdf.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/test/recipes/30-test_evp_data/evpkdf.txt 
b/test/recipes/30-test_evp_data/evpkdf.txt
index 34c7e6ae65..2824cb2f16 100644
--- a/test/recipes/30-test_evp_data/evpkdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf.txt
@@ -294,12 +294,12 @@ Ctrl.r = r:8
 Ctrl.p = p:1
 Output = 
7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
 
-# Out of memory
+# Out of memory - request > 2 GB of memory
 KDF = scrypt
 Ctrl.pass = pass:pleaseletmein
 Ctrl.salt = salt:SodiumChloride
-Ctrl.N = N:1048576
+Ctrl.N = N:2097152
 Ctrl.r = r:8
 Ctrl.p = p:1
-Result = KDF_MISMATCH
+Result = KDF_DERIVE_ERROR
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  3a23f01268ec47bf3423b849cc226be220745522 (commit)
  from  09030ee73693411c19b596cb0e0f43eb512ac0e6 (commit)


- Log -
commit 3a23f01268ec47bf3423b849cc226be220745522
Author: Tom Cosgrove 
Date:   Mon Feb 7 14:44:56 2022 +

aarch64: fix branch target indications in arm64cpuid.pl and keccak1600

Add missing AARCH64_VALID_CALL_TARGET to armv8_rng_probe(). Also add
these to the functions defined by gen_random(), and note that this Perl
sub prints the assembler out directly, not going via the $code xlate
mechanism (and therefore coming before the include of arm_arch.h). So
fix this too.

In KeccakF1600_int, AARCH64_SIGN_LINK_REGISTER functions as
AARCH64_VALID_CALL_TARGET on BTI-only builds, so it needs to come before
the 'adr' line.

Change-Id: If241efe71591c88253a3e36647ced00300c3c1a3

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17653)

---

Summary of changes:
 crypto/arm64cpuid.pl   | 9 ++---
 crypto/sha/asm/keccak1600-armv8.pl | 2 +-
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/crypto/arm64cpuid.pl b/crypto/arm64cpuid.pl
index ebea4be59c..3ba593a488 100755
--- a/crypto/arm64cpuid.pl
+++ b/crypto/arm64cpuid.pl
@@ -189,6 +189,7 @@ CRYPTO_memcmp:
 .globl _armv8_rng_probe
 .type  _armv8_rng_probe,%function
 _armv8_rng_probe:
+   AARCH64_VALID_CALL_TARGET
mrs x0, s3_3_c2_c4_0// rndr
mrs x0, s3_3_c2_c4_1// rndrrs
ret
@@ -199,7 +200,7 @@ sub gen_random {
 my $rdop = shift;
 my $rand_reg = $rdop eq "rndr" ? "s3_3_c2_c4_0" : "s3_3_c2_c4_1";
 
-print<<___;
+return <<___;
 // Fill buffer with Randomly Generated Bytes
 // inputs:  char * in x0 - Pointer to buffer
 //  size_t in x1 - Number of bytes to write to buffer
@@ -208,6 +209,7 @@ print<<___;
 .type  OPENSSL_${rdop}_asm,%function
 .align 4
 OPENSSL_${rdop}_asm:
+   AARCH64_VALID_CALL_TARGET
mov x2,xzr
mov x3,xzr
 
@@ -244,8 +246,9 @@ OPENSSL_${rdop}_asm:
 .size  OPENSSL_${rdop}_asm,.-OPENSSL_${rdop}_asm
 ___
 }
-gen_random("rndr");
-gen_random("rndrrs");
+
+$code .= gen_random("rndr");
+$code .= gen_random("rndrrs");
 
 print $code;
 close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/sha/asm/keccak1600-armv8.pl 
b/crypto/sha/asm/keccak1600-armv8.pl
index cf54b62c63..40f7aa7a69 100755
--- a/crypto/sha/asm/keccak1600-armv8.pl
+++ b/crypto/sha/asm/keccak1600-armv8.pl
@@ -126,8 +126,8 @@ $code.=<<___;
 .type  KeccakF1600_int,%function
 .align 5
 KeccakF1600_int:
-   adr $C[2],iotas
AARCH64_SIGN_LINK_REGISTER
+   adr $C[2],iotas
stp $C[2],x30,[sp,#16]  // 32 bytes on top are mine
b   .Loop
 .align 4

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  828bbe3795c82fe060f823ff117a753e81fb48d3 (commit)
  from  ebdec62c38494739d9cb4cdd6b1c4a511d169a90 (commit)


- Log -
commit 828bbe3795c82fe060f823ff117a753e81fb48d3
Author: Jiasheng Jiang 
Date:   Sat Feb 5 19:31:11 2022 +0800

Add the check after calling OPENSSL_strdup

Since the potential failure of the memory allocation, the
OPENSSL_strdup() could return NULL pointer.
Therefore, it should be better to check it in order to guarantee the
success of the configuration, same as the check for
SSL_CTX_set_srp_username().

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17643)

(cherry picked from commit 09030ee73693411c19b596cb0e0f43eb512ac0e6)

---

Summary of changes:
 test/helpers/handshake_srp.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c
index f18e5c81a6..11825d1dca 100644
--- a/test/helpers/handshake_srp.c
+++ b/test/helpers/handshake_srp.c
@@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, 
SSL_CTX *server2_ctx,
 SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
 server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
 server_ctx_data->srp_password = 
OPENSSL_strdup(extra->server.srp_password);
+if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password 
== NULL) {
+OPENSSL_free(server_ctx_data->srp_user);
+OPENSSL_free(server_ctx_data->srp_password);
+server_ctx_data->srp_user = NULL;
+server_ctx_data->srp_password = NULL;
+return 0;
+}
 SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
 }
 if (extra->server2.srp_user != NULL) {
@@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, 
SSL_CTX *server2_ctx,
 SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
 server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
 server2_ctx_data->srp_password = 
OPENSSL_strdup(extra->server2.srp_password);
+if (server2_ctx_data->srp_user == NULL || 
server2_ctx_data->srp_password == NULL) {
+OPENSSL_free(server2_ctx_data->srp_user);
+OPENSSL_free(server2_ctx_data->srp_password);
+server2_ctx_data->srp_user = NULL;
+server2_ctx_data->srp_password = NULL;
+return 0;
+}
 SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
 }
 if (extra->client.srp_user != NULL) {
@@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, 
SSL_CTX *server2_ctx,
 return 0;
 SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
 client_ctx_data->srp_password = 
OPENSSL_strdup(extra->client.srp_password);
+if (client_ctx_data->srp_password == NULL)
+return 0;
 SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
 }
 return 1;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  09030ee73693411c19b596cb0e0f43eb512ac0e6 (commit)
  from  29af9fba64fd3e4e086808f2360501b463627ea2 (commit)


- Log -
commit 09030ee73693411c19b596cb0e0f43eb512ac0e6
Author: Jiasheng Jiang 
Date:   Sat Feb 5 19:31:11 2022 +0800

Add the check after calling OPENSSL_strdup

Since the potential failure of the memory allocation, the
OPENSSL_strdup() could return NULL pointer.
Therefore, it should be better to check it in order to guarantee the
success of the configuration, same as the check for
SSL_CTX_set_srp_username().

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17643)

---

Summary of changes:
 test/helpers/handshake_srp.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/test/helpers/handshake_srp.c b/test/helpers/handshake_srp.c
index f18e5c81a6..11825d1dca 100644
--- a/test/helpers/handshake_srp.c
+++ b/test/helpers/handshake_srp.c
@@ -49,6 +49,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, 
SSL_CTX *server2_ctx,
 SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
 server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
 server_ctx_data->srp_password = 
OPENSSL_strdup(extra->server.srp_password);
+if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password 
== NULL) {
+OPENSSL_free(server_ctx_data->srp_user);
+OPENSSL_free(server_ctx_data->srp_password);
+server_ctx_data->srp_user = NULL;
+server_ctx_data->srp_password = NULL;
+return 0;
+}
 SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
 }
 if (extra->server2.srp_user != NULL) {
@@ -57,6 +64,13 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, 
SSL_CTX *server2_ctx,
 SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
 server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
 server2_ctx_data->srp_password = 
OPENSSL_strdup(extra->server2.srp_password);
+if (server2_ctx_data->srp_user == NULL || 
server2_ctx_data->srp_password == NULL) {
+OPENSSL_free(server2_ctx_data->srp_user);
+OPENSSL_free(server2_ctx_data->srp_password);
+server2_ctx_data->srp_user = NULL;
+server2_ctx_data->srp_password = NULL;
+return 0;
+}
 SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
 }
 if (extra->client.srp_user != NULL) {
@@ -65,6 +79,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, 
SSL_CTX *server2_ctx,
 return 0;
 SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
 client_ctx_data->srp_password = 
OPENSSL_strdup(extra->client.srp_password);
+if (client_ctx_data->srp_password == NULL)
+return 0;
 SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
 }
 return 1;

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  ebdec62c38494739d9cb4cdd6b1c4a511d169a90 (commit)
  from  e44b212bdce225fd2d7e2349a7f787e7c9ade4fd (commit)


- Log -
commit ebdec62c38494739d9cb4cdd6b1c4a511d169a90
Author: Matt Caswell 
Date:   Mon Feb 7 10:32:08 2022 +

Fix an enginetest failure when compiled with no-deprecated --api=1.1.1

Fixes #17649

Reviewed-by: Tomas Mraz 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17652)

(cherry picked from commit 29af9fba64fd3e4e086808f2360501b463627ea2)

---

Summary of changes:
 test/enginetest.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/enginetest.c b/test/enginetest.c
index 04e61743a1..c00e1f82c4 100644
--- a/test/enginetest.c
+++ b/test/enginetest.c
@@ -24,6 +24,7 @@
 # include 
 # include 
 # include 
+# include 
 
 static void display_engine_list(void)
 {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  29af9fba64fd3e4e086808f2360501b463627ea2 (commit)
  from  2a6994cfa08368a710d66caaae4fc07ad35631bf (commit)


- Log -
commit 29af9fba64fd3e4e086808f2360501b463627ea2
Author: Matt Caswell 
Date:   Mon Feb 7 10:32:08 2022 +

Fix an enginetest failure when compiled with no-deprecated --api=1.1.1

Fixes #17649

Reviewed-by: Tomas Mraz 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17652)

---

Summary of changes:
 test/enginetest.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/enginetest.c b/test/enginetest.c
index 04e61743a1..c00e1f82c4 100644
--- a/test/enginetest.c
+++ b/test/enginetest.c
@@ -24,6 +24,7 @@
 # include 
 # include 
 # include 
+# include 
 
 static void display_engine_list(void)
 {

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  e44b212bdce225fd2d7e2349a7f787e7c9ade4fd (commit)
  from  53234cb0f408bbfbb04ea0e12f1fc61feb2aa600 (commit)


- Log -
commit e44b212bdce225fd2d7e2349a7f787e7c9ade4fd
Author: Daniel 
Date:   Sun Feb 6 15:01:14 2022 +0100

Send auxiliary messages to bio_err.

Fixes openssl#17613.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17650)

(cherry picked from commit 2a6994cfa08368a710d66caaae4fc07ad35631bf)

---

Summary of changes:
 apps/x509.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/x509.c b/apps/x509.c
index 2880ae792a..c9c10c260e 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -706,9 +706,9 @@ int x509_main(int argc, char **argv)
: "Certificate request self-signature did not match the 
contents\n");
 goto end;
 }
-BIO_printf(out, "Certificate request self-signature ok\n");
+BIO_printf(bio_err, "Certificate request self-signature ok\n");
 
-print_name(out, "subject=", X509_REQ_get_subject_name(req));
+print_name(bio_err, "subject=", X509_REQ_get_subject_name(req));
 } else if (!x509toreq && ext_copy != EXT_COPY_UNSET) {
 BIO_printf(bio_err, "Warning: ignoring -copy_extensions since neither 
-x509toreq nor -req is given\n");
 }

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  2a6994cfa08368a710d66caaae4fc07ad35631bf (commit)
  from  aefbcde29166caf851cf388361d70fd0dcf17d87 (commit)


- Log -
commit 2a6994cfa08368a710d66caaae4fc07ad35631bf
Author: Daniel 
Date:   Sun Feb 6 15:01:14 2022 +0100

Send auxiliary messages to bio_err.

Fixes openssl#17613.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17650)

---

Summary of changes:
 apps/x509.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/x509.c b/apps/x509.c
index 29dc74ca9e..f62f809a9c 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -711,9 +711,9 @@ int x509_main(int argc, char **argv)
: "Certificate request self-signature did not match the 
contents\n");
 goto err;
 }
-BIO_printf(out, "Certificate request self-signature ok\n");
+BIO_printf(bio_err, "Certificate request self-signature ok\n");
 
-print_name(out, "subject=", X509_REQ_get_subject_name(req));
+print_name(bio_err, "subject=", X509_REQ_get_subject_name(req));
 } else if (!x509toreq && ext_copy != EXT_COPY_UNSET) {
 BIO_printf(bio_err, "Warning: ignoring -copy_extensions since neither 
-x509toreq nor -req is given\n");
 }

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  71efa57da1cc6ae6ab731b9127189c101ce6f908 (commit)
  from  25e02422374d4c5e7327320513230339db9b180b (commit)


- Log -
commit 71efa57da1cc6ae6ab731b9127189c101ce6f908
Author: Ankit Das 
Date:   Wed Feb 2 23:38:41 2022 +0530

Fix SIZE_MAX not defined on z/OS etc

Fixes openssl#17629 by including internal/numbers.h which defines SIZE_MAX

CLA: trivial

Fixes #17629

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17632)

(cherry picked from commit 25a0a44dc6223e515f5e91e41798cccf09c5612b)

---

Summary of changes:
 apps/speed.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/speed.c b/apps/speed.c
index ada559228d..9be01bb4b2 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -29,6 +29,7 @@
 #include 
 #include "apps.h"
 #include "progs.h"
+#include "internal/numbers.h"
 #include 
 #include 
 #include 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  25a0a44dc6223e515f5e91e41798cccf09c5612b (commit)
  from  984cc9a0284ee4800862aa305f9f178827baf459 (commit)


- Log -
commit 25a0a44dc6223e515f5e91e41798cccf09c5612b
Author: Ankit Das 
Date:   Wed Feb 2 23:38:41 2022 +0530

Fix SIZE_MAX not defined on z/OS etc

Fixes openssl#17629 by including internal/numbers.h which defines SIZE_MAX

CLA: trivial

Fixes #17629

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17632)

---

Summary of changes:
 apps/speed.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/speed.c b/apps/speed.c
index 89a55c4efa..a790f280db 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -29,6 +29,7 @@
 #include 
 #include "apps.h"
 #include "progs.h"
+#include "internal/numbers.h"
 #include 
 #include 
 #include 

[openssl] OpenSSL_1_1_1-stable update

[Dr . Paul Dale]

The branch OpenSSL_1_1_1-stable has been updated
   via  191c9e6c242b85184b72ccd52d2d9af5e1122637 (commit)
  from  624f858c82a05c41c3185785a3a4a396a7e23161 (commit)


- Log -
commit 191c9e6c242b85184b72ccd52d2d9af5e1122637
Author: Thomas1664 <46387399+thomas1...@users.noreply.github.com>
Date:   Thu Jan 20 10:02:59 2022 +0100

Correct return type for BIO_ptr_ctrl

Fixes #17549
CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17636)

(cherry picked from commit 984cc9a0284ee4800862aa305f9f178827baf459)

---

Summary of changes:
 doc/man3/BIO_ctrl.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/BIO_ctrl.pod b/doc/man3/BIO_ctrl.pod
index 2e438c3ce9..a87abc7994 100644
--- a/doc/man3/BIO_ctrl.pod
+++ b/doc/man3/BIO_ctrl.pod
@@ -16,7 +16,7 @@ BIO_get_info_callback, BIO_set_info_callback, BIO_info_cb
 
  long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
  long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
- char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
  long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
 
  int BIO_reset(BIO *b);

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  25e02422374d4c5e7327320513230339db9b180b (commit)
  from  25ee18e7f8803f6aaaeca15b49ba46d3e4d3f817 (commit)


- Log -
commit 25e02422374d4c5e7327320513230339db9b180b
Author: Thomas1664 <46387399+thomas1...@users.noreply.github.com>
Date:   Thu Jan 20 10:02:59 2022 +0100

Correct return type for BIO_ptr_ctrl

Fixes #17549
CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17636)

(cherry picked from commit 984cc9a0284ee4800862aa305f9f178827baf459)

---

Summary of changes:
 doc/man3/BIO_ctrl.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/BIO_ctrl.pod b/doc/man3/BIO_ctrl.pod
index bcdeac6f7b..cfb505e314 100644
--- a/doc/man3/BIO_ctrl.pod
+++ b/doc/man3/BIO_ctrl.pod
@@ -17,7 +17,7 @@ BIO_get_ktls_recv
 
  long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
  long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
- char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
  long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
 
  int BIO_reset(BIO *b);

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  984cc9a0284ee4800862aa305f9f178827baf459 (commit)
  from  345c99b6654b8313c792d54f829943068911ddbd (commit)


- Log -
commit 984cc9a0284ee4800862aa305f9f178827baf459
Author: Thomas1664 <46387399+thomas1...@users.noreply.github.com>
Date:   Thu Jan 20 10:02:59 2022 +0100

Correct return type for BIO_ptr_ctrl

Fixes #17549
CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17636)

---

Summary of changes:
 doc/man3/BIO_ctrl.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/BIO_ctrl.pod b/doc/man3/BIO_ctrl.pod
index bcdeac6f7b..cfb505e314 100644
--- a/doc/man3/BIO_ctrl.pod
+++ b/doc/man3/BIO_ctrl.pod
@@ -17,7 +17,7 @@ BIO_get_ktls_recv
 
  long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
  long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *cb);
- char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+ void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
  long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
 
  int BIO_reset(BIO *b);

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  345c99b6654b8313c792d54f829943068911ddbd (commit)
  from  b2f90e93a07d992515782511a5770aa7cf7dc28f (commit)


- Log -
commit 345c99b6654b8313c792d54f829943068911ddbd
Author: Danny Tsen 
Date:   Thu Jan 27 18:49:59 2022 -0600

Fixed counter overflow

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17607)

---

Summary of changes:
 crypto/modes/asm/aes-gcm-ppc.pl|  1 -
 include/crypto/aes_platform.h  | 22 --
 .../ciphers/cipher_aes_gcm_hw_ppc.inc  | 82 +-
 3 files changed, 96 insertions(+), 9 deletions(-)

diff --git a/crypto/modes/asm/aes-gcm-ppc.pl b/crypto/modes/asm/aes-gcm-ppc.pl
index 1ca2a77dc5..6624e6c05b 100644
--- a/crypto/modes/asm/aes-gcm-ppc.pl
+++ b/crypto/modes/asm/aes-gcm-ppc.pl
@@ -81,7 +81,6 @@ open STDOUT,"| $^X $xlate $flavour \"$output\""
 
 $code=<<___;
 .machine"any"
-.abiversion 2
 .text
 
 # 4x loops
diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
index 45021dfd9f..11ab823468 100644
--- a/include/crypto/aes_platform.h
+++ b/include/crypto/aes_platform.h
@@ -77,15 +77,23 @@ void AES_xts_decrypt(const unsigned char *inp, unsigned 
char *out, size_t len,
 #   define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)
 #   define AES_GCM_ENC_BYTES 128
 #   define AES_GCM_DEC_BYTES 128
-size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t 
len,
- const void *key, unsigned char ivec[16], u64 *Xi);
-size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t 
len,
- const void *key, unsigned char ivec[16], u64 *Xi);
-void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
-#   define AES_gcm_encrypt ppc_aes_gcm_encrypt
-#   define AES_gcm_decrypt ppc_aes_gcm_decrypt
+size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out,
+   size_t len, const void *key, unsigned char ivec[16],
+   u64 *Xi);
+size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out,
+   size_t len, const void *key, unsigned char ivec[16],
+   u64 *Xi);
+size_t ppc_aes_gcm_encrypt_wrap(const unsigned char *in, unsigned char *out,
+size_t len, const void *key,
+unsigned char ivec[16], u64 *Xi);
+size_t ppc_aes_gcm_decrypt_wrap(const unsigned char *in, unsigned char *out,
+size_t len, const void *key,
+unsigned char ivec[16], u64 *Xi);
+#   define AES_gcm_encrypt ppc_aes_gcm_encrypt_wrap
+#   define AES_gcm_decrypt ppc_aes_gcm_decrypt_wrap
 #   define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \
   (gctx)->gcm.ghash==gcm_ghash_p8)
+void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
 #  endif /* PPC */
 
 #  if (defined(__arm__) || defined(__arm) || defined(__aarch64__))
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc 
b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
index dfc6bcbf58..4eed0f4ab0 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
@@ -13,7 +13,7 @@
  */
 
 static int aes_ppc_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
- size_t keylen)
+   size_t keylen)
 {
 PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx;
 AES_KEY *ks = >ks.ks;
@@ -23,6 +23,86 @@ static int aes_ppc_gcm_initkey(PROV_GCM_CTX *ctx, const 
unsigned char *key,
 return 1;
 }
 
+
+extern size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out, 
size_t len,
+  const void *key, unsigned char ivec[16], u64 
*Xi);
+extern size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out, 
size_t len,
+  const void *key, unsigned char ivec[16], u64 
*Xi);
+
+static inline u32 UTO32(unsigned char *buf)
+{
+return ((u32) buf[0] << 24) | ((u32) buf[1] << 16) | ((u32) buf[2] << 8) | 
((u32) buf[3]);
+}
+
+static inline u32 add32TOU(unsigned char buf[4], u32 n)
+{
+u32 r;
+
+r = UTO32(buf);
+r += n;
+buf[0] = (unsigned char) (r >> 24) & 0xFF;
+buf[1] = (unsigned char) (r >> 16) & 0xFF;
+buf[2] = (unsigned char) (r >> 8) & 0xFF;
+buf[3] = (unsigned char) r & 0xFF;
+return r;
+}
+
+static size_t aes_p10_gcm_crypt(const unsigned char *in, unsigned char *out, 
size_t len,
+const void *key, unsigned char ivec[16], 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  25ee18e7f8803f6aaaeca15b49ba46d3e4d3f817 (commit)
  from  6e47da6363e9e32c14f0c3a750ca04cd189c85fe (commit)


- Log -
commit 25ee18e7f8803f6aaaeca15b49ba46d3e4d3f817
Author: Jiasheng Jiang 
Date:   Wed Feb 2 19:45:59 2022 +0800

evp_test: Add the missing check after calling OPENSSL_strdup and 
sk_OPENSSL_STRING_new_null

Since the memory allocation may fail, the 'mac_name' and 'controls'
could be NULL.
And the 'mac_name' will be printed in mac_test_run_mac() without check.
Also the result of 'params_n +
sk_OPENSSL_STRING_num(expected->controls)' in
mac_test_run_mac() will be 'params_n - 1' if allocation fails , which
does not make sense.
Therefore, it should be better to check them in order to guarantee the
complete success of initiation.
If fails, we also need to free the 'mdat' to avoid the memory leak.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17628)

(cherry picked from commit b2f90e93a07d992515782511a5770aa7cf7dc28f)

---

Summary of changes:
 test/evp_test.c | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/test/evp_test.c b/test/evp_test.c
index f2b0924e2f..5e69b37b9b 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1181,9 +1181,18 @@ static int mac_test_init(EVP_TEST *t, const char *alg)
 return 0;
 
 mdat->type = type;
-mdat->mac_name = OPENSSL_strdup(alg);
+if (!TEST_ptr(mdat->mac_name = OPENSSL_strdup(alg))) {
+OPENSSL_free(mdat);
+return 0;
+}
+
 mdat->mac = mac;
-mdat->controls = sk_OPENSSL_STRING_new_null();
+if (!TEST_ptr(mdat->controls = sk_OPENSSL_STRING_new_null())) {
+OPENSSL_free(mdat->mac_name);
+OPENSSL_free(mdat);
+return 0;
+}
+
 mdat->output_size = mdat->block_size = -1;
 t->data = mdat;
 return 1;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  b2f90e93a07d992515782511a5770aa7cf7dc28f (commit)
  from  07c5465e9855cc485c4a84da8a4251a843bec258 (commit)


- Log -
commit b2f90e93a07d992515782511a5770aa7cf7dc28f
Author: Jiasheng Jiang 
Date:   Wed Feb 2 19:45:59 2022 +0800

evp_test: Add the missing check after calling OPENSSL_strdup and 
sk_OPENSSL_STRING_new_null

Since the memory allocation may fail, the 'mac_name' and 'controls'
could be NULL.
And the 'mac_name' will be printed in mac_test_run_mac() without check.
Also the result of 'params_n +
sk_OPENSSL_STRING_num(expected->controls)' in
mac_test_run_mac() will be 'params_n - 1' if allocation fails , which
does not make sense.
Therefore, it should be better to check them in order to guarantee the
complete success of initiation.
If fails, we also need to free the 'mdat' to avoid the memory leak.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17628)

---

Summary of changes:
 test/evp_test.c | 13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/test/evp_test.c b/test/evp_test.c
index 6c4e64c159..a1b6bce8fa 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1201,9 +1201,18 @@ static int mac_test_init(EVP_TEST *t, const char *alg)
 return 0;
 
 mdat->type = type;
-mdat->mac_name = OPENSSL_strdup(alg);
+if (!TEST_ptr(mdat->mac_name = OPENSSL_strdup(alg))) {
+OPENSSL_free(mdat);
+return 0;
+}
+
 mdat->mac = mac;
-mdat->controls = sk_OPENSSL_STRING_new_null();
+if (!TEST_ptr(mdat->controls = sk_OPENSSL_STRING_new_null())) {
+OPENSSL_free(mdat->mac_name);
+OPENSSL_free(mdat);
+return 0;
+}
+
 mdat->output_size = mdat->block_size = -1;
 t->data = mdat;
 return 1;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  07c5465e9855cc485c4a84da8a4251a843bec258 (commit)
  from  70f39a487d3f7d976a01e0ee7ae98a82ceeea7a0 (commit)


- Log -
commit 07c5465e9855cc485c4a84da8a4251a843bec258
Author: Dimitris Apostolou 
Date:   Thu Feb 3 18:51:26 2022 +0200

Fix typos

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17634)

---

Summary of changes:
 apps/speed.c |  2 +-
 crypto/bn/bn_lib.c   |  4 +-
 crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl | 84 ++--
 crypto/modes/asm/aes-gcm-ppc.pl  |  4 +-
 4 files changed, 47 insertions(+), 47 deletions(-)

diff --git a/apps/speed.c b/apps/speed.c
index 43c0802295..89a55c4efa 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1466,7 +1466,7 @@ int speed_main(int argc, char **argv)
 uint8_t ecdh_doit[EC_NUM] = { 0 };
 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
 
-/* checks declarated curves against choices list. */
+/* checks declared curves against choices list. */
 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
 
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 9b19a7243c..b49c8a3bd2 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -452,7 +452,7 @@ static BIGNUM *bin2bn(const unsigned char *s, int len, 
BIGNUM *ret,
 
 /*
  * The loop that does the work iterates from least to most
- * significant BIGNUM chunk, so we adapt parameters to tranfer
+ * significant BIGNUM chunk, so we adapt parameters to transfer
  * input bytes accordingly.
  */
 switch (endianess) {
@@ -591,7 +591,7 @@ static int bn2binpad(const BIGNUM *a, unsigned char *to, 
int tolen,
 /*
  * The loop that does the work iterates from least significant
  * to most significant BIGNUM limb, so we adapt parameters to
- * tranfer output bytes accordingly.
+ * transfer output bytes accordingly.
  */
 switch (endianess) {
 case LITTLE:
diff --git a/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl 
b/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl
index 1aaad663d7..8e492a8ee6 100644
--- a/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl
+++ b/crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl
@@ -1098,7 +1098,7 @@ unroll8_eor3_aes_gcm_enc_128_kernel:
ins $acc_m.d[0], $h78k.d[1] @ GHASH 
final-7 block - mid
 
eor $rk4v.8b, $rk4v.8b, $res0.8b@ GHASH 
final-7 block - mid
-   movi$t0.8b, #0  @ 
surpress further partial tag feed in
+   movi$t0.8b, #0  @ 
supress further partial tag feed in
 
eor3$res1b, $ctr_t1b, $ctr1b, $t1.16b   @ AES 
final-6 block - result
 
@@ -1119,7 +1119,7 @@ unroll8_eor3_aes_gcm_enc_128_kernel:
pmull   $rk3q1, $res0.1d, $h7.1d@ GHASH 
final-6 block - low
 
eor $rk4v.8b, $rk4v.8b, $res0.8b@ GHASH 
final-6 block - mid
-   movi$t0.8b, #0  @ 
surpress further partial tag feed in
+   movi$t0.8b, #0  @ 
supress further partial tag feed in
 
pmull   $rk4v.1q, $rk4v.1d, $h78k.1d@ GHASH 
final-6 block - mid
pmull2  $rk2q1, $res0.2d, $h7.2d@ GHASH 
final-6 block - high
@@ -1148,7 +1148,7 @@ unroll8_eor3_aes_gcm_enc_128_kernel:
 
eor3$res1b, $ctr_t1b, $ctr3b, $t1.16b   @ AES 
final-4 block - result
pmull   $rk3q1, $res0.1d, $h6.1d@ GHASH 
final-5 block - low
-   movi$t0.8b, #0  @ 
surpress further partial tag feed in
+   movi$t0.8b, #0  @ 
supress further partial tag feed in
 
pmull2  $rk4v.1q, $rk4v.2d, $h56k.2d@ GHASH 
final-5 block - mid
eor $acc_lb, $acc_lb, $rk3  @ GHASH 
final-5 block - low
@@ -1165,7 +1165,7 @@ unroll8_eor3_aes_gcm_enc_128_kernel:
eor $res0b, $res0b, $t0.16b @ feed 
in partial tag
 
ins $rk4v.d[0], $res0.d[1]  @ GHASH 
final-4 block - mid
-   movi$t0.8b, #0  @ 
surpress further partial tag feed in
+   movi$t0.8b, #0  @ 
supress further partial tag feed in
pmull2  $rk2q1, 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  70f39a487d3f7d976a01e0ee7ae98a82ceeea7a0 (commit)
   via  b30b45b7247d056b569e2b5139f8b503d36e646c (commit)
   via  80ce874a093087b919e1c722427df30f81f5dad5 (commit)
  from  d5f9166bacfb3757dfd6117310ad54ab749b11f9 (commit)


- Log -
commit 70f39a487d3f7d976a01e0ee7ae98a82ceeea7a0
Author: Pauli 
Date:   Thu Jan 27 13:33:36 2022 +1100

evp enc: cache cipher key length

Instead of doing a heavy params based query every time a context is
asked for its key length, this value is cached in the context and only
queried if it could have been modified.

Fixes #17064

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17543)

commit b30b45b7247d056b569e2b5139f8b503d36e646c
Author: Pauli 
Date:   Wed Jan 26 15:04:51 2022 +1100

evp enc: cache cipher IV length

Instead of doing a heavy params based query every time a context is asked 
for
its IV length, this value is cached in the context and only queried if it 
could
have been modified.

Fixes #17064

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17543)

commit 80ce874a093087b919e1c722427df30f81f5dad5
Author: Pauli 
Date:   Thu Jan 27 12:51:13 2022 +1100

aes: avoid accessing key length field directly

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17543)

---

Summary of changes:
 crypto/evp/e_aes.c   | 305 +++
 crypto/evp/e_aes_cbc_hmac_sha1.c |  23 ++-
 crypto/evp/evp_enc.c |  38 -
 crypto/evp/evp_lib.c |  68 ++---
 crypto/evp/evp_local.h   |   1 +
 5 files changed, 303 insertions(+), 132 deletions(-)

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 445a28445a..7915d327fa 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -146,20 +146,21 @@ static int aesni_init_key(EVP_CIPHER_CTX *ctx, const 
unsigned char *key,
 {
 int ret, mode;
 EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
+const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
 
+if (keylen <= 0) {
+ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
+return 0;
+}
 mode = EVP_CIPHER_CTX_get_mode(ctx);
 if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
 && !enc) {
-ret = aesni_set_decrypt_key(key,
-EVP_CIPHER_CTX_get_key_length(ctx) * 8,
->ks.ks);
+ret = aesni_set_decrypt_key(key, keylen, >ks.ks);
 dat->block = (block128_f) aesni_decrypt;
 dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
 (cbc128_f) aesni_cbc_encrypt : NULL;
 } else {
-ret = aesni_set_encrypt_key(key,
-EVP_CIPHER_CTX_get_key_length(ctx) * 8,
->ks.ks);
+ret = aesni_set_encrypt_key(key, keylen, >ks.ks);
 dat->block = (block128_f) aesni_encrypt;
 if (mode == EVP_CIPH_CBC_MODE)
 dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt;
@@ -223,12 +224,19 @@ static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned 
char *out,
 static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
   const unsigned char *iv, int enc)
 {
-EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
-if (!iv && !key)
+EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX, ctx);
+
+if (iv == NULL && key == NULL)
 return 1;
+
 if (key) {
-aesni_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
-  >ks.ks);
+const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
+
+if (keylen <= 0) {
+ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
+return 0;
+}
+aesni_set_encrypt_key(key, keylen, >ks.ks);
 CRYPTO_gcm128_init(>gcm, >ks, (block128_f) aesni_encrypt);
 gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
 /*
@@ -262,14 +270,19 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const 
unsigned char *key,
 {
 EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
 
-if (!iv && !key)
+if (iv == NULL && key == NULL)
 return 1;
 
 if (key) {
 /* The key is two half length keys in reality */
-const int bytes = EVP_CIPHER_CTX_get_key_length(ctx) / 2;
+const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
+const int bytes = keylen / 2;
 const int bits = bytes * 8;
 
+if (keylen <= 0) {
+ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
+return 0;
+}
 /*
  * Verify that the two keys are different.
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  41d979c7f5f70ab06fcf5a4880c252e40e99ad98 (commit)
  from  1fdd4da451a8e11b58f8a16c18d3d85e68c18188 (commit)


- Log -
commit 41d979c7f5f70ab06fcf5a4880c252e40e99ad98
Author: Jiasheng Jiang 
Date:   Thu Jan 27 09:49:56 2022 +0800

x509: add the check for X509_STORE_lock

Since we may fail to get the lock, for example there is no lock, the
X509_STORE_lock() will return 0.
Therefore, we should check it in order to prevent the dirty data.

Signed-off-by: Jiasheng Jiang 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17598)

---

Summary of changes:
 crypto/x509/x509_lu.c | 32 +---
 1 file changed, 25 insertions(+), 7 deletions(-)

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 3b76b92f71..cd6207b1ed 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -321,7 +321,9 @@ int X509_STORE_CTX_get_by_subject(const X509_STORE_CTX *vs,
 stmp.type = X509_LU_NONE;
 stmp.data.ptr = NULL;
 
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store))
+return 0;
+
 tmp = X509_OBJECT_retrieve_by_subject(store->objs, type, name);
 X509_STORE_unlock(store);
 
@@ -371,7 +373,12 @@ static int x509_store_add(X509_STORE *store, void *x, int 
crl) {
 return 0;
 }
 
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store)) {
+obj->type = X509_LU_NONE;
+X509_OBJECT_free(obj);
+return 0;
+}
+
 if (X509_OBJECT_retrieve_match(store->objs, obj)) {
 ret = 1;
 } else {
@@ -553,7 +560,9 @@ STACK_OF(X509) *X509_STORE_get1_all_certs(X509_STORE *store)
 }
 if ((sk = sk_X509_new_null()) == NULL)
 return NULL;
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store))
+goto out_free;
+
 objs = X509_STORE_get0_objects(store);
 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
 X509 *cert = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
@@ -567,6 +576,7 @@ STACK_OF(X509) *X509_STORE_get1_all_certs(X509_STORE *store)
 
  err:
 X509_STORE_unlock(store);
+ out_free:
 sk_X509_pop_free(sk, X509_free);
 return NULL;
 }
@@ -583,7 +593,9 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX 
*ctx,
 if (store == NULL)
 return NULL;
 
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store))
+return NULL;
+
 idx = x509_object_idx_cnt(store->objs, X509_LU_X509, nm, );
 if (idx < 0) {
 /*
@@ -601,7 +613,8 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX 
*ctx,
 return NULL;
 }
 X509_OBJECT_free(xobj);
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store))
+return NULL;
 idx = x509_object_idx_cnt(store->objs, X509_LU_X509, nm, );
 if (idx < 0) {
 X509_STORE_unlock(store);
@@ -642,7 +655,10 @@ STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(const 
X509_STORE_CTX *ctx,
 return NULL;
 }
 X509_OBJECT_free(xobj);
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store)) {
+sk_X509_CRL_free(sk);
+return NULL;
+}
 idx = x509_object_idx_cnt(store->objs, X509_LU_CRL, nm, );
 if (idx < 0) {
 X509_STORE_unlock(store);
@@ -744,7 +760,9 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, 
X509_STORE_CTX *ctx, X509 *x)
 
 /* Find index of first currently valid cert accepted by 'check_issued' */
 ret = 0;
-X509_STORE_lock(store);
+if (!X509_STORE_lock(store))
+return 0;
+
 idx = x509_object_idx_cnt(store->objs, X509_LU_X509, xn, );
 if (idx != -1) { /* should be true as we've had at least one match */
 /* Look through all matching certs for suitable issuer */

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  1fdd4da451a8e11b58f8a16c18d3d85e68c18188 (commit)
  from  b882e1bb0b520f264f2ea1f53e753a5ef1a5974a (commit)


- Log -
commit 1fdd4da451a8e11b58f8a16c18d3d85e68c18188
Author: Ross Burton 
Date:   Thu Jan 27 12:03:11 2022 +

apps/progs.pl: use SOURCE_DATE_EPOCH if defined for copyright year

As with 11d7d903, use SOURCE_DATE_EPOCH for the copyright year if it is
defined, to avoid reproducibility problems.

CLA: trivial

Signed-off-by: Ross Burton 
Change-Id: I1bea19070411a69155c43de7082350fb2c499da3

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17601)

(cherry picked from commit 27aca04e13ca8a9bead49de7bc380110ecb7064e)

---

Summary of changes:
 apps/progs.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/progs.pl b/apps/progs.pl
index 8a5759a961..77054902b4 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -21,7 +21,7 @@ die "Unrecognised option, must be -C or -H\n"
 my %commands = ();
 my $cmdre= qr/^\s*int\s+([a-z_][a-z0-9_]*)_main\(\s*int\s+argc\s*,/;
 my $apps_openssl = shift @ARGV;
-my $YEAR = [localtime()]->[5] + 1900;
+my $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH} || time())]->[5] + 1900;
 
 # because the program apps/openssl has object files as sources, and
 # they then have the corresponding C files as source, we need to chain

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  27aca04e13ca8a9bead49de7bc380110ecb7064e (commit)
  from  7c7c3561ebfb26799e2d12b5f9f0826731a6a06b (commit)


- Log -
commit 27aca04e13ca8a9bead49de7bc380110ecb7064e
Author: Ross Burton 
Date:   Thu Jan 27 12:03:11 2022 +

apps/progs.pl: use SOURCE_DATE_EPOCH if defined for copyright year

As with 11d7d903, use SOURCE_DATE_EPOCH for the copyright year if it is
defined, to avoid reproducibility problems.

CLA: trivial

Signed-off-by: Ross Burton 
Change-Id: I1bea19070411a69155c43de7082350fb2c499da3

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17601)

---

Summary of changes:
 apps/progs.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/progs.pl b/apps/progs.pl
index 8a5759a961..77054902b4 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -21,7 +21,7 @@ die "Unrecognised option, must be -C or -H\n"
 my %commands = ();
 my $cmdre= qr/^\s*int\s+([a-z_][a-z0-9_]*)_main\(\s*int\s+argc\s*,/;
 my $apps_openssl = shift @ARGV;
-my $YEAR = [localtime()]->[5] + 1900;
+my $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH} || time())]->[5] + 1900;
 
 # because the program apps/openssl has object files as sources, and
 # they then have the corresponding C files as source, we need to chain

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  1751356267f64d5db8824cf4ff5b3496e15972da (commit)
   via  b9d8ad3f157fa816c423bec6f7b4328ef894577c (commit)
   via  d3aaf4e9e71944d869ae47821d7b5a8402234ee8 (commit)
   via  43332e405bea83a2d553e0519fdb04170879bc96 (commit)
   via  769cd46540b2ec2a2d91ee3886b9e4f9d78e9a51 (commit)
   via  2722eeceaa993f4488b295a22d2e1178f5ba1ce1 (commit)
   via  59558f9d8824747024b6ab756f3798a577ecae48 (commit)
   via  cdcdcf5c6fa382c879cb3503609519d56fa62e81 (commit)
   via  fe01052f775d1b5dff86ff9b405b6b0df5efd3cf (commit)
   via  4c1a841c3de645674ed2af92da25f7f5736fae1c (commit)
   via  d54c52c28ebb780e2ffc5b7752d35359215cf0a6 (commit)
   via  95bd5ff65985e992827f7178deda84d95b1e6f66 (commit)
   via  0a10f71d3071bae0183cd4277da64d100f6b48eb (commit)
   via  6585d3aa7638c8cea2d4bb9f10e7298002f652e5 (commit)
   via  c8adf19d2da318cd7b007753d6c8a7f9dc94d4ed (commit)
   via  5b030ec0800d4ad6022ecd00e18a19f77ada0b04 (commit)
  from  a841d450a443efccf4df02922ebe02e4c2f11a2b (commit)


- Log -
commit 1751356267f64d5db8824cf4ff5b3496e15972da
Author: Pauli 
Date:   Wed Jan 26 12:01:57 2022 +1100

indentation fix

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit b9d8ad3f157fa816c423bec6f7b4328ef894577c
Author: Pauli 
Date:   Tue Jan 25 11:54:56 2022 +1100

tls1 prf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit d3aaf4e9e71944d869ae47821d7b5a8402234ee8
Author: Pauli 
Date:   Tue Jan 25 11:54:42 2022 +1100

pkcs12 kdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 43332e405bea83a2d553e0519fdb04170879bc96
Author: Pauli 
Date:   Tue Jan 25 11:47:23 2022 +1100

test: change pkey kdf dup fail test to a pkey kdf dup success test

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 769cd46540b2ec2a2d91ee3886b9e4f9d78e9a51
Author: Pauli 
Date:   Mon Jan 24 17:38:57 2022 +1100

k942 kdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 2722eeceaa993f4488b295a22d2e1178f5ba1ce1
Author: Pauli 
Date:   Mon Jan 24 17:32:16 2022 +1100

ss KDF: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 59558f9d8824747024b6ab756f3798a577ecae48
Author: Pauli 
Date:   Mon Jan 24 17:22:37 2022 +1100

ssh kdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit cdcdcf5c6fa382c879cb3503609519d56fa62e81
Author: Pauli 
Date:   Mon Jan 24 17:17:58 2022 +1100

scrypt: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit fe01052f775d1b5dff86ff9b405b6b0df5efd3cf
Author: Pauli 
Date:   Mon Jan 24 17:08:58 2022 +1100

pvk kdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 4c1a841c3de645674ed2af92da25f7f5736fae1c
Author: Pauli 
Date:   Mon Jan 24 17:02:29 2022 +1100

krb5kdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit d54c52c28ebb780e2ffc5b7752d35359215cf0a6
Author: Pauli 
Date:   Mon Jan 24 16:58:54 2022 +1100

kbkdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 95bd5ff65985e992827f7178deda84d95b1e6f66
Author: Pauli 
Date:   Mon Jan 24 16:51:24 2022 +1100

hkdf: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 0a10f71d3071bae0183cd4277da64d100f6b48eb
Author: Pauli 
Date:   Mon Jan 24 16:22:54 2022 +1100

pbkdf2: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 6585d3aa7638c8cea2d4bb9f10e7298002f652e5
Author: Pauli 
Date:   Mon Jan 24 16:17:44 2022 +1100

pbkdf1: implement ctx dup operation

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit c8adf19d2da318cd7b007753d6c8a7f9dc94d4ed
Author: Pauli 
Date:   Mon Jan 24 16:17:25 2022 +1100

evp_test: add a ctx dup operation to the KDF tests

Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/17572)

commit 5b030ec0800d4ad6022ecd00e18a19f77ada0b04
Author: Pauli 
Date:   Wed Jan 26 15:21:51 2022 +1100

prov: add a safe memdup function 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  b882e1bb0b520f264f2ea1f53e753a5ef1a5974a (commit)
  from  1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1 (commit)


- Log -
commit b882e1bb0b520f264f2ea1f53e753a5ef1a5974a
Author: EasySec 
Date:   Sat Jan 29 00:59:24 2022 +0100

Fix bad HTML formatting in EVP_KEYEXCH-DH.html because of missing newline 
in pod file

Reviewed-by: Shane Lontis 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17609)

(cherry picked from commit a841d450a443efccf4df02922ebe02e4c2f11a2b)

---

Summary of changes:
 doc/man7/EVP_KEYEXCH-DH.pod | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/man7/EVP_KEYEXCH-DH.pod b/doc/man7/EVP_KEYEXCH-DH.pod
index fc38531ae9..44811f1e37 100644
--- a/doc/man7/EVP_KEYEXCH-DH.pod
+++ b/doc/man7/EVP_KEYEXCH-DH.pod
@@ -58,6 +58,7 @@ To convert the received peer's public key from DER format on 
the host:
 
 To derive a shared secret on the host using the host's key and the peer's 
public
 key:
+
 /* It is assumed that the host_key and peer_pub_key are set up */
 void derive_secret(EVP_KEY *host_key, EVP_PKEY *peer_pub_key)
 {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  a841d450a443efccf4df02922ebe02e4c2f11a2b (commit)
  from  9927749ec2b8fc4b6146f0bd54cb6a44b8295974 (commit)


- Log -
commit a841d450a443efccf4df02922ebe02e4c2f11a2b
Author: EasySec 
Date:   Sat Jan 29 00:59:24 2022 +0100

Fix bad HTML formatting in EVP_KEYEXCH-DH.html because of missing newline 
in pod file

Reviewed-by: Shane Lontis 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17609)

---

Summary of changes:
 doc/man7/EVP_KEYEXCH-DH.pod | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/man7/EVP_KEYEXCH-DH.pod b/doc/man7/EVP_KEYEXCH-DH.pod
index fc38531ae9..44811f1e37 100644
--- a/doc/man7/EVP_KEYEXCH-DH.pod
+++ b/doc/man7/EVP_KEYEXCH-DH.pod
@@ -58,6 +58,7 @@ To convert the received peer's public key from DER format on 
the host:
 
 To derive a shared secret on the host using the host's key and the peer's 
public
 key:
+
 /* It is assumed that the host_key and peer_pub_key are set up */
 void derive_secret(EVP_KEY *host_key, EVP_PKEY *peer_pub_key)
 {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  9927749ec2b8fc4b6146f0bd54cb6a44b8295974 (commit)
  from  e180bf641ed23010073b0882d63d5dfd48409602 (commit)


- Log -
commit 9927749ec2b8fc4b6146f0bd54cb6a44b8295974
Author: Juergen Christ 
Date:   Fri Jan 28 10:53:43 2022 +0100

Fix endianness problem in params_api_test

On a big endian machine, we get test failures in params_api_test like

# ERROR: (memory) 'buf1 == buf2' failed @ test/params_api_test.c:473
# --- buf1
# +++ buf2
# :-e901
# :+01e9
#   
#
# OPENSSL_TEST_RAND_ORDER=1643313367
not ok 157 - iteration 3

They are due to an additional conversion copy.  Remove this copy to solve 
the
problem.

Signed-off-by: Juergen Christ 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17608)

---

Summary of changes:
 test/params_api_test.c | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/test/params_api_test.c b/test/params_api_test.c
index d073477d5a..8aa6676e32 100644
--- a/test/params_api_test.c
+++ b/test/params_api_test.c
@@ -428,14 +428,15 @@ static int test_param_bignum(int n)
 int ret = 0;
 
 param.data = bnbuf;
-param.data_size = len;
+param.data_size = sizeof(bnbuf);
 
-le_copy(buf, len, raw_values[n].value, len);
 if (!TEST_ptr(b = BN_lebin2bn(raw_values[n].value, (int)len, NULL)))
 goto err;
 
-if (!TEST_true(OSSL_PARAM_set_BN(, b))
-|| !TEST_mem_eq(bnbuf, param.return_size, buf, param.return_size))
+if (!TEST_true(OSSL_PARAM_set_BN(, b)))
+goto err;
+le_copy(buf, len, bnbuf, sizeof(bnbuf));
+if (!TEST_mem_eq(raw_values[n].value, len, buf, len))
 goto err;
 param.data_size = param.return_size;
 if (!TEST_true(OSSL_PARAM_get_BN(, ))
@@ -451,7 +452,7 @@ err:
 
 static int test_param_signed_bignum(int n)
 {
-unsigned char buf1[MAX_LEN], buf2[MAX_LEN], bnbuf[MAX_LEN];
+unsigned char buf[MAX_LEN], bnbuf[MAX_LEN];
 const size_t len = raw_values[n].len;
 BIGNUM *b = NULL, *c = NULL;
 OSSL_PARAM param = OSSL_PARAM_DEFN("bn", OSSL_PARAM_INTEGER, NULL, 0);
@@ -460,7 +461,6 @@ static int test_param_signed_bignum(int n)
 param.data = bnbuf;
 param.data_size = sizeof(bnbuf);
 
-le_copy(buf1, len, raw_values[n].value, len);
 if (!TEST_ptr(b = BN_signed_lebin2bn(raw_values[n].value, (int)len, NULL)))
 goto err;
 
@@ -469,8 +469,8 @@ static int test_param_signed_bignum(int n)
 goto err;
 if (!TEST_true(OSSL_PARAM_set_BN(, b)))
 goto err;
-le_copy(buf2, len, bnbuf, sizeof(bnbuf));
-if (!TEST_mem_eq(buf1, len, buf2, len))
+le_copy(buf, len, bnbuf, sizeof(bnbuf));
+if (!TEST_mem_eq(raw_values[n].value, len, buf, len))
 goto err;
 param.data_size = param.return_size;
 if (!TEST_true(OSSL_PARAM_get_BN(, ))

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1 (commit)
  from  cb7e50ba3f250a9c9978a964e98a8c8940833595 (commit)


- Log -
commit 1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1
Author: Pauli 
Date:   Thu Jan 27 15:05:48 2022 +1100

aes: make the no-asm constant time code path not the default

After OMC and OTC discussions, the 95% performance loss resulting from
the constant time code was deemed excessive for something outside of
our security policy.

The option to use the constant time code exists as it was in OpenSSL 1.1.1.

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17600)

---

Summary of changes:
 CHANGES.md| 7 +++
 crypto/aes/aes_core.c | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index 50002e0af6..a7980daaeb 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,6 +30,13 @@ breaking changes, and mappings for the large list of 
deprecated functions.
 
 ### Changes between 3.0.1 and 3.0.2 [xx XXX ]
 
+ * Made the AES constant time code for no-asm configurations
+   optional due to the resulting 95% performance degradation.
+   The AES constant time code can be enabled, for no assembly
+   builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME
+
+   *Paul Dale*
+
  * Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty
passphrase strings.
 
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 7b9989fd47..d3eaab349f 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -50,7 +50,7 @@
 #include 
 #include "aes_local.h"
 
-#if !defined(OPENSSL_NO_AES_CONST_TIME) && !defined(AES_ASM)
+#if defined(OPENSSL_AES_CONST_TIME) && !defined(AES_ASM)
 
 # if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
 #  define U64(C) C##UI64

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  e180bf641ed23010073b0882d63d5dfd48409602 (commit)
  from  7fde39de848f062d6db45bf9e69439db2100b9bb (commit)


- Log -
commit e180bf641ed23010073b0882d63d5dfd48409602
Author: Pauli 
Date:   Thu Jan 27 15:05:48 2022 +1100

aes: make the no-asm constant time code path not the default

After OMC and OTC discussions, the 95% performance loss resulting from
the constant time code was deemed excessive for something outside of
our security policy.

The option to use the constant time code exists as it was in OpenSSL 1.1.1.

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17600)

---

Summary of changes:
 CHANGES.md| 9 +
 crypto/aes/aes_core.c | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index a542e25374..3799c28c97 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -90,6 +90,15 @@ breaking changes, and mappings for the large list of 
deprecated functions.
 
 [Migration guide]: 
https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
 
+### Changes between 3.0.1 and 3.0.2 [xx XXX ]
+
+ * Made the AES constant time code for no-asm configurations
+   optional due to the resulting 95% performance degradation.
+   The AES constant time code can be enabled, for no assembly
+   builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME
+
+   *Paul Dale*
+
 ### Changes between 3.0.0 and 3.0.1 [14 dec 2021]
 
  * Fixed invalid handling of X509_verify_cert() internal errors in libssl
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 7b9989fd47..d3eaab349f 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -50,7 +50,7 @@
 #include 
 #include "aes_local.h"
 
-#if !defined(OPENSSL_NO_AES_CONST_TIME) && !defined(AES_ASM)
+#if defined(OPENSSL_AES_CONST_TIME) && !defined(AES_ASM)
 
 # if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
 #  define U64(C) C##UI64

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  4ac8e51e3272c7d7f2e7d62da699f52e0112ac05 (commit)
  from  17a27b8979d8dab8e57f2dad68d85dc2033cfeda (commit)


- Log -
commit 4ac8e51e3272c7d7f2e7d62da699f52e0112ac05
Author: Tomas Mraz 
Date:   Tue Jan 25 18:10:26 2022 +0100

Fix IV length of DES EDE ECB implementations

Fixes #17587

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17591)

(cherry picked from commit d450eb84c802b2f78971f905b251a0fb89ebb7d1)

---

Summary of changes:
 providers/implementations/ciphers/cipher_tdes.c |  6 +-
 providers/implementations/ciphers/cipher_tdes_default.c |  2 +-
 test/recipes/30-test_evp_data/evpciph_des3_common.txt   | 15 ++-
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/providers/implementations/ciphers/cipher_tdes.c 
b/providers/implementations/ciphers/cipher_tdes.c
index e63c143755..409e2b8306 100644
--- a/providers/implementations/ciphers/cipher_tdes.c
+++ b/providers/implementations/ciphers/cipher_tdes.c
@@ -19,11 +19,7 @@
 #include "cipher_tdes.h"
 #include "prov/implementations.h"
 
-/*
- * NOTE: ECB mode does not use an IV - but existing test code is setting
- * an IV. Fixing this could potentially make applications break.
- */
 /* ossl_tdes_ede3_ecb_functions */
-IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 64, block);
+IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 0, block);
 /* ossl_tdes_ede3_cbc_functions */
 IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block);
diff --git a/providers/implementations/ciphers/cipher_tdes_default.c 
b/providers/implementations/ciphers/cipher_tdes_default.c
index 0e75d0ff11..4d1fe5c3f9 100644
--- a/providers/implementations/ciphers/cipher_tdes_default.c
+++ b/providers/implementations/ciphers/cipher_tdes_default.c
@@ -26,7 +26,7 @@ IMPLEMENT_tdes_cipher(ede3, EDE3, cfb1, CFB, TDES_FLAGS, 
64*3,  8, 64, stream);
 IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64*3,  8, 64, stream);
 
 /* ossl_tdes_ede2_ecb_functions */
-IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 64, block);
+IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 0, block);
 /* ossl_tdes_ede2_cbc_functions */
 IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64*2, 64, 64, block);
 /* ossl_tdes_ede2_ofb_functions */
diff --git a/test/recipes/30-test_evp_data/evpciph_des3_common.txt 
b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
index 30be60e842..d5e8f9728a 100644
--- a/test/recipes/30-test_evp_data/evpciph_des3_common.txt
+++ b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
@@ -11,7 +11,7 @@
 #   PrivPubKeyPair Sign Verify VerifyRecover
 # and continue until a blank line. Lines starting with a pound sign are 
ignored.
 
-Title = DES3 Test
+Title = DES3 Tests
 
 # DES EDE3 CBC tests (from destest)
 Cipher = DES-EDE3-CBC
@@ -20,3 +20,16 @@ IV = fedcba9876543210
 Plaintext = 37363534333231204E6F77206973207468652074696D6520666F7220
 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
 NextIV = 1c673812cfde9675
+
+# DES EDE3 ECB test
+Cipher = DES-EDE3-ECB
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F7220
+Ciphertext = 62c10cc9efbf15aaa5ae2e487b690e56d8b1dfb8f5c5b293855e77dd9024b1b1
+
+# DES EDE ECB test
+Availablein = default
+Cipher = DES-EDE-ECB
+Key = 0123456789abcdeffedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F7220
+Ciphertext = 4d1332e49f380e23d80a0d8b2bae5e4e6a0094171abcfc27df2bfd40da9f4e4d

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  d450eb84c802b2f78971f905b251a0fb89ebb7d1 (commit)
  from  748a2967ffd52cf86696582fb1074d513493f469 (commit)


- Log -
commit d450eb84c802b2f78971f905b251a0fb89ebb7d1
Author: Tomas Mraz 
Date:   Tue Jan 25 18:10:26 2022 +0100

Fix IV length of DES EDE ECB implementations

Fixes #17587

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17591)

---

Summary of changes:
 providers/implementations/ciphers/cipher_tdes.c |  6 +-
 providers/implementations/ciphers/cipher_tdes_default.c |  2 +-
 test/recipes/30-test_evp_data/evpciph_des3_common.txt   | 15 ++-
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/providers/implementations/ciphers/cipher_tdes.c 
b/providers/implementations/ciphers/cipher_tdes.c
index e63c143755..409e2b8306 100644
--- a/providers/implementations/ciphers/cipher_tdes.c
+++ b/providers/implementations/ciphers/cipher_tdes.c
@@ -19,11 +19,7 @@
 #include "cipher_tdes.h"
 #include "prov/implementations.h"
 
-/*
- * NOTE: ECB mode does not use an IV - but existing test code is setting
- * an IV. Fixing this could potentially make applications break.
- */
 /* ossl_tdes_ede3_ecb_functions */
-IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 64, block);
+IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 0, block);
 /* ossl_tdes_ede3_cbc_functions */
 IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block);
diff --git a/providers/implementations/ciphers/cipher_tdes_default.c 
b/providers/implementations/ciphers/cipher_tdes_default.c
index 0e75d0ff11..4d1fe5c3f9 100644
--- a/providers/implementations/ciphers/cipher_tdes_default.c
+++ b/providers/implementations/ciphers/cipher_tdes_default.c
@@ -26,7 +26,7 @@ IMPLEMENT_tdes_cipher(ede3, EDE3, cfb1, CFB, TDES_FLAGS, 
64*3,  8, 64, stream);
 IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64*3,  8, 64, stream);
 
 /* ossl_tdes_ede2_ecb_functions */
-IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 64, block);
+IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 0, block);
 /* ossl_tdes_ede2_cbc_functions */
 IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64*2, 64, 64, block);
 /* ossl_tdes_ede2_ofb_functions */
diff --git a/test/recipes/30-test_evp_data/evpciph_des3_common.txt 
b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
index 30be60e842..d5e8f9728a 100644
--- a/test/recipes/30-test_evp_data/evpciph_des3_common.txt
+++ b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
@@ -11,7 +11,7 @@
 #   PrivPubKeyPair Sign Verify VerifyRecover
 # and continue until a blank line. Lines starting with a pound sign are 
ignored.
 
-Title = DES3 Test
+Title = DES3 Tests
 
 # DES EDE3 CBC tests (from destest)
 Cipher = DES-EDE3-CBC
@@ -20,3 +20,16 @@ IV = fedcba9876543210
 Plaintext = 37363534333231204E6F77206973207468652074696D6520666F7220
 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
 NextIV = 1c673812cfde9675
+
+# DES EDE3 ECB test
+Cipher = DES-EDE3-ECB
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F7220
+Ciphertext = 62c10cc9efbf15aaa5ae2e487b690e56d8b1dfb8f5c5b293855e77dd9024b1b1
+
+# DES EDE ECB test
+Availablein = default
+Cipher = DES-EDE-ECB
+Key = 0123456789abcdeffedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F7220
+Ciphertext = 4d1332e49f380e23d80a0d8b2bae5e4e6a0094171abcfc27df2bfd40da9f4e4d

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  44a563dde1584cd9284e80b6e45ee5019be8d36c (commit)
  from  d94c2f1b98318cea4416c4dcd5e5f878de8d458f (commit)


- Log -
commit 44a563dde1584cd9284e80b6e45ee5019be8d36c
Author: Danny Tsen 
Date:   Mon Oct 18 10:51:42 2021 -0400

AES-GCM performance optimzation with stitched method for p9+ ppc64le

Assembly code reviewed by Shricharan Srivatsan 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/16854)

---

Summary of changes:
 crypto/modes/asm/aes-gcm-ppc.pl| 1439 
 crypto/modes/build.info|3 +-
 include/crypto/aes_platform.h  |   12 +
 .../implementations/ciphers/cipher_aes_gcm_hw.c|2 +
 ..._gcm_hw_aesni.inc => cipher_aes_gcm_hw_ppc.inc} |   15 +-
 5 files changed, 1463 insertions(+), 8 deletions(-)
 create mode 100644 crypto/modes/asm/aes-gcm-ppc.pl
 copy providers/implementations/ciphers/{cipher_aes_gcm_hw_aesni.inc => 
cipher_aes_gcm_hw_ppc.inc} (67%)

diff --git a/crypto/modes/asm/aes-gcm-ppc.pl b/crypto/modes/asm/aes-gcm-ppc.pl
new file mode 100644
index 00..29d4e2e6fb
--- /dev/null
+++ b/crypto/modes/asm/aes-gcm-ppc.pl
@@ -0,0 +1,1439 @@
+#! /usr/bin/env perl
+# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2021- IBM Inc. All rights reserved
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+#
+#===
+# Written by Danny Tsen  for OpenSSL Project,
+#
+# GHASH is based on the Karatsuba multiplication method.
+#
+#Xi xor X1
+#
+#X1 * H^4 + X2 * H^3 + x3 * H^2 + X4 * H =
+#  (X1.h * H4.h + xX.l * H4.l + X1 * H4) +
+#  (X2.h * H3.h + X2.l * H3.l + X2 * H3) +
+#  (X3.h * H2.h + X3.l * H2.l + X3 * H2) +
+#  (X4.h * H.h + X4.l * H.l + X4 * H)
+#
+# Xi = v0
+# H Poly = v2
+# Hash keys = v3 - v14
+# ( H.l, H, H.h)
+# ( H^2.l, H^2, H^2.h)
+# ( H^3.l, H^3, H^3.h)
+# ( H^4.l, H^4, H^4.h)
+#
+# v30 is IV
+# v31 - counter 1
+#
+# AES used,
+# vs0 - vs14 for round keys
+# v15, v16, v17, v18, v19, v20, v21, v22 for 8 blocks (encrypted)
+#
+# This implementation uses stitched AES-GCM approach to improve overall 
performance.
+# AES is implemented with 8x blocks and GHASH is using 2 4x blocks.
+#
+# Current large block (16384 bytes) performance per second with 128 bit key --
+#
+#Encrypt  Decrypt
+# Power10[le] (3.5GHz)   5.32G5.26G
+#
+# 
===
+#
+# $output is the last argument if it looks like a file (it has an extension)
+# $flavour is the first argument if it doesn't look like a file
+$output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef;
+$flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef;
+
+if ($flavour =~ /64/) {
+   $SIZE_T=8;
+   $LRSAVE=2*$SIZE_T;
+   $STU="stdu";
+   $POP="ld";
+   $PUSH="std";
+   $UCMP="cmpld";
+   $SHRI="srdi";
+} elsif ($flavour =~ /32/) {
+   $SIZE_T=4;
+   $LRSAVE=$SIZE_T;
+   $STU="stwu";
+   $POP="lwz";
+   $PUSH="stw";
+   $UCMP="cmplw";
+   $SHRI="srwi";
+} else { die "nonsense $flavour"; }
+
+$sp="r1";
+$FRAME=6*$SIZE_T+13*16;# 13*16 is for v20-v31 offload
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour \"$output\""
+or die "can't call $xlate: $!";
+
+$code=<<___;
+.machine"any"
+.abiversion 2
+.text
+
+# 4x loops
+# v15 - v18 - input states
+# vs1 - vs9 - round keys
+#
+.macro Loop_aes_middle4x
+   xxlor   19+32, 1, 1
+   xxlor   20+32, 2, 2
+   xxlor   21+32, 3, 3
+   xxlor   22+32, 4, 4
+
+   vcipher 15, 15, 19
+   vcipher 16, 16, 19
+   vcipher 17, 17, 19
+   vcipher 18, 18, 19
+
+   vcipher 15, 15, 20
+   vcipher 16, 16, 20
+   vcipher 17, 17, 20
+   vcipher 18, 18, 20
+
+   vcipher 15, 15, 21
+   vcipher 16, 16, 21
+   vcipher 17, 17, 21
+   vcipher 18, 18, 21
+
+   vcipher 15, 15, 22
+   vcipher 16, 16, 22
+   vcipher 17, 17, 22
+   vcipher 18, 18, 22
+
+   xxlor   19+32, 5, 5
+   xxlor   20+32, 6, 6
+   xxlor   21+32, 7, 7
+   xxlor   22+32, 8, 8
+
+   vcipher 15, 15, 19
+   vcipher 16, 16, 19
+   vcipher 17, 17, 19
+   vcipher 18, 18, 19
+
+   vcipher 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  d94c2f1b98318cea4416c4dcd5e5f878de8d458f (commit)
  from  1bfd20f08c042072cae44a9eb81626cbfff81116 (commit)


- Log -
commit d94c2f1b98318cea4416c4dcd5e5f878de8d458f
Author: Todd Short 
Date:   Thu Jan 20 14:38:33 2022 -0500

`make clean` should clean up fips provider shared object.

Reviewed-by: Matt Caswell 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17556)

(cherry picked from commit 45036df45048c6498efa49d3572869830d05df45)

---

Summary of changes:
 Configurations/unix-Makefile.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Configurations/unix-Makefile.tmpl 
b/Configurations/unix-Makefile.tmpl
index 52d2f6a64e..6d4039c33f 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -582,7 +582,7 @@ clean: libclean
$(RM) $(MANDOCS3)
$(RM) $(MANDOCS5)
$(RM) $(MANDOCS7)
-   $(RM) $(PROGRAMS) $(TESTPROGS) $(MODULES) $(SCRIPTS)
+   $(RM) $(PROGRAMS) $(TESTPROGS) $(MODULES) $(FIPSMODULE) $(SCRIPTS)
$(RM) $(GENERATED_MANDATORY) $(GENERATED)
-find . -name '*{- platform->depext() -}' \! -name '.*' \! -type d 
-exec $(RM) {} \;
-find . -name '*{- platform->objext() -}' \! -name '.*' \! -type d 
-exec $(RM) {} \;

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  45036df45048c6498efa49d3572869830d05df45 (commit)
  from  9d0a228ae2c2af274995566ae79f3b07c2937069 (commit)


- Log -
commit 45036df45048c6498efa49d3572869830d05df45
Author: Todd Short 
Date:   Thu Jan 20 14:38:33 2022 -0500

`make clean` should clean up fips provider shared object.

Reviewed-by: Matt Caswell 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17556)

---

Summary of changes:
 Configurations/unix-Makefile.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Configurations/unix-Makefile.tmpl 
b/Configurations/unix-Makefile.tmpl
index 52d2f6a64e..6d4039c33f 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -582,7 +582,7 @@ clean: libclean
$(RM) $(MANDOCS3)
$(RM) $(MANDOCS5)
$(RM) $(MANDOCS7)
-   $(RM) $(PROGRAMS) $(TESTPROGS) $(MODULES) $(SCRIPTS)
+   $(RM) $(PROGRAMS) $(TESTPROGS) $(MODULES) $(FIPSMODULE) $(SCRIPTS)
$(RM) $(GENERATED_MANDATORY) $(GENERATED)
-find . -name '*{- platform->depext() -}' \! -name '.*' \! -type d 
-exec $(RM) {} \;
-find . -name '*{- platform->objext() -}' \! -name '.*' \! -type d 
-exec $(RM) {} \;

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  9d0a228ae2c2af274995566ae79f3b07c2937069 (commit)
  from  a28dbfe7c84b6a43746d0e2ef4153e2a13067c4a (commit)


- Log -
commit 9d0a228ae2c2af274995566ae79f3b07c2937069
Author: Pauli 
Date:   Fri Jan 21 17:09:46 2022 +1100

self_test.h: fix the C++ wrapping

Fixes #17557

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17562)

(cherry picked from commit 1bfd20f08c042072cae44a9eb81626cbfff81116)

---

Summary of changes:
 include/openssl/self_test.h | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/include/openssl/self_test.h b/include/openssl/self_test.h
index 77c600a0d1..6d6c96abf8 100644
--- a/include/openssl/self_test.h
+++ b/include/openssl/self_test.h
@@ -73,10 +73,6 @@ extern "C" {
 # define OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND   "TLS13_KDF_EXPAND"
 # define OSSL_SELF_TEST_DESC_RNG"RNG"
 
-# ifdef __cplusplus
-}
-# endif
-
 void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK *cb,
  void *cbarg);
 void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb,
@@ -90,4 +86,7 @@ void OSSL_SELF_TEST_onbegin(OSSL_SELF_TEST *st, const char 
*type,
 int OSSL_SELF_TEST_oncorrupt_byte(OSSL_SELF_TEST *st, unsigned char *bytes);
 void OSSL_SELF_TEST_onend(OSSL_SELF_TEST *st, int ret);
 
+# ifdef __cplusplus
+}
+# endif
 #endif /* OPENSSL_SELF_TEST_H */

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  1bfd20f08c042072cae44a9eb81626cbfff81116 (commit)
  from  e1cd94f2dca4056ce042c62b89c468dffc088033 (commit)


- Log -
commit 1bfd20f08c042072cae44a9eb81626cbfff81116
Author: Pauli 
Date:   Fri Jan 21 17:09:46 2022 +1100

self_test.h: fix the C++ wrapping

Fixes #17557

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17562)

---

Summary of changes:
 include/openssl/self_test.h | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/include/openssl/self_test.h b/include/openssl/self_test.h
index 77c600a0d1..6d6c96abf8 100644
--- a/include/openssl/self_test.h
+++ b/include/openssl/self_test.h
@@ -73,10 +73,6 @@ extern "C" {
 # define OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND   "TLS13_KDF_EXPAND"
 # define OSSL_SELF_TEST_DESC_RNG"RNG"
 
-# ifdef __cplusplus
-}
-# endif
-
 void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK *cb,
  void *cbarg);
 void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb,
@@ -90,4 +86,7 @@ void OSSL_SELF_TEST_onbegin(OSSL_SELF_TEST *st, const char 
*type,
 int OSSL_SELF_TEST_oncorrupt_byte(OSSL_SELF_TEST *st, unsigned char *bytes);
 void OSSL_SELF_TEST_onend(OSSL_SELF_TEST *st, int ret);
 
+# ifdef __cplusplus
+}
+# endif
 #endif /* OPENSSL_SELF_TEST_H */

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  bca6cc53d4592ccbe78eeede3bc79f09d149603c (commit)
  from  acce055778ecbf72e06a254b3a9bf2a2907e5170 (commit)


- Log -
commit bca6cc53d4592ccbe78eeede3bc79f09d149603c
Author: fangming.fang 
Date:   Tue Jan 18 02:58:08 2022 +

Fix sm3ss1 translation issue in sm3-armv8.pl

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17542)

---

Summary of changes:
 crypto/sm3/asm/sm3-armv8.pl | 15 +++
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/crypto/sm3/asm/sm3-armv8.pl b/crypto/sm3/asm/sm3-armv8.pl
index bb71b2eade..f0555fd3f2 100644
--- a/crypto/sm3/asm/sm3-armv8.pl
+++ b/crypto/sm3/asm/sm3-armv8.pl
@@ -109,7 +109,7 @@ ___
 
 $code=<<___;
 #include "arm_arch.h"
-.arch  armv8.2-a+sm4
+.arch  armv8.2-a
 .text
 ___
 
@@ -222,8 +222,8 @@ my %sm3partopcode = (
"sm3partw1" =>   0xce60C000,
 "sm3partw2" =>   0xce60C400);
 
-my %sm3sslopcode = (
-   "sm3ssl"=>   0xce40);
+my %sm3ss1opcode = (
+   "sm3ss1"=>   0xce40);
 
 my %sm3ttopcode = (
"sm3tt1a"   =>   0xce408000,
@@ -241,14 +241,13 @@ sub unsm3part {
$mnemonic,$arg;
 }
 
-sub unsm3ssl {
+sub unsm3ss1 {
my ($mnemonic,$arg)=@_;
 
-   $arg=~ m/[qv](\d+)[^,]*,\s*[qv](\d+)[^,]*,\s*[qv](\d+)[^,]*,
-\s*[qv](\d+)/o
+   $arg=~ 
m/[qv](\d+)[^,]*,\s*[qv](\d+)[^,]*,\s*[qv](\d+)[^,]*,\s*[qv](\d+)/o
&&
sprintf ".inst\t0x%08x\t//%s %s",
-   $sm3sslopcode{$mnemonic}|$1|($2<<5)|($3<<16)|($4<<10),
+   $sm3ss1opcode{$mnemonic}|$1|($2<<5)|($3<<16)|($4<<10),
$mnemonic,$arg;
 }
 
@@ -274,7 +273,7 @@ foreach(split("\n",$code)) {
s/\`([^\`]*)\`/eval($1)/ge;
 
s/\b(sm3partw[1-2])\s+([qv].*)/unsm3part($1,$2)/ge;
-   s/\b(sm3ssl)\s+([qv].*)/unsm3ssl($1,$2)/ge;
+   s/\b(sm3ss1)\s+([qv].*)/unsm3ss1($1,$2)/ge;
s/\b(sm3tt[1-2][a-b])\s+([qv].*)/unsm3tt($1,$2)/ge;
print $_,"\n";
 }

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  078439d78d1d1435f0ebaf97819daa38a8c81ad5 (commit)
  from  174adc705c2c3921cb3da34ce11641c159bd139b (commit)


- Log -
commit 078439d78d1d1435f0ebaf97819daa38a8c81ad5
Author: Pauli 
Date:   Thu Jan 13 12:19:23 2022 +1100

ssl: better support TSAN operations

For platforms that do not have native TSAN support, locking needs to be used
instead.  This adds the locking.

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17489)

(cherry picked from commit acce055778ecbf72e06a254b3a9bf2a2907e5170)

---

Summary of changes:
 ssl/ssl_lib.c| 47 +++
 ssl/ssl_local.h  | 30 ++
 ssl/ssl_sess.c   | 11 ++-
 ssl/statem/extensions.c  | 13 +++--
 ssl/statem/statem_clnt.c |  2 +-
 ssl/statem/statem_lib.c  | 17 ++---
 6 files changed, 93 insertions(+), 27 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f3993f0bc3..14030f8ebc 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2451,6 +2451,17 @@ LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
 return ctx->sessions;
 }
 
+static int ssl_tsan_load(SSL_CTX *ctx, TSAN_QUALIFIER int *stat)
+{
+int res = 0;
+
+if (ssl_tsan_lock(ctx)) {
+res = tsan_load(stat);
+ssl_tsan_unlock(ctx);
+}
+return res;
+}
+
 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 {
 long l;
@@ -2506,27 +2517,27 @@ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, 
void *parg)
 case SSL_CTRL_SESS_NUMBER:
 return lh_SSL_SESSION_num_items(ctx->sessions);
 case SSL_CTRL_SESS_CONNECT:
-return tsan_load(>stats.sess_connect);
+return ssl_tsan_load(ctx, >stats.sess_connect);
 case SSL_CTRL_SESS_CONNECT_GOOD:
-return tsan_load(>stats.sess_connect_good);
+return ssl_tsan_load(ctx, >stats.sess_connect_good);
 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
-return tsan_load(>stats.sess_connect_renegotiate);
+return ssl_tsan_load(ctx, >stats.sess_connect_renegotiate);
 case SSL_CTRL_SESS_ACCEPT:
-return tsan_load(>stats.sess_accept);
+return ssl_tsan_load(ctx, >stats.sess_accept);
 case SSL_CTRL_SESS_ACCEPT_GOOD:
-return tsan_load(>stats.sess_accept_good);
+return ssl_tsan_load(ctx, >stats.sess_accept_good);
 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
-return tsan_load(>stats.sess_accept_renegotiate);
+return ssl_tsan_load(ctx, >stats.sess_accept_renegotiate);
 case SSL_CTRL_SESS_HIT:
-return tsan_load(>stats.sess_hit);
+return ssl_tsan_load(ctx, >stats.sess_hit);
 case SSL_CTRL_SESS_CB_HIT:
-return tsan_load(>stats.sess_cb_hit);
+return ssl_tsan_load(ctx, >stats.sess_cb_hit);
 case SSL_CTRL_SESS_MISSES:
-return tsan_load(>stats.sess_miss);
+return ssl_tsan_load(ctx, >stats.sess_miss);
 case SSL_CTRL_SESS_TIMEOUTS:
-return tsan_load(>stats.sess_timeout);
+return ssl_tsan_load(ctx, >stats.sess_timeout);
 case SSL_CTRL_SESS_CACHE_FULL:
-return tsan_load(>stats.sess_cache_full);
+return ssl_tsan_load(ctx, >stats.sess_cache_full);
 case SSL_CTRL_MODE:
 return (ctx->mode |= larg);
 case SSL_CTRL_CLEAR_MODE:
@@ -3199,6 +3210,14 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char 
*propq,
 return NULL;
 }
 
+#ifdef TSAN_REQUIRES_LOCKING
+ret->tsan_lock = CRYPTO_THREAD_lock_new();
+if (ret->tsan_lock == NULL) {
+ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
+goto err;
+}
+#endif
+
 ret->libctx = libctx;
 if (propq != NULL) {
 ret->propq = OPENSSL_strdup(propq);
@@ -3465,6 +3484,9 @@ void SSL_CTX_free(SSL_CTX *a)
 OPENSSL_free(a->sigalg_lookup_cache);
 
 CRYPTO_THREAD_lock_free(a->lock);
+#ifdef TSAN_REQUIRES_LOCKING
+CRYPTO_THREAD_lock_free(a->tsan_lock);
+#endif
 
 OPENSSL_free(a->propq);
 
@@ -3733,11 +3755,12 @@ void ssl_update_cache(SSL *s, int mode)
 /* auto flush every 255 connections */
 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
 TSAN_QUALIFIER int *stat;
+
 if (mode & SSL_SESS_CACHE_CLIENT)
 stat = >session_ctx->stats.sess_connect_good;
 else
 stat = >session_ctx->stats.sess_accept_good;
-if ((tsan_load(stat) & 0xff) == 0xff)
+if ((ssl_tsan_load(s->session_ctx, stat) & 0xff) == 0xff)
 SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
 }
 }
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index ce93049180..9f119a9d79 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -898,6 +898,9 @@ struct ssl_ctx_st {
  

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  acce055778ecbf72e06a254b3a9bf2a2907e5170 (commit)
  from  ed16b0fc282d29f755e656043e8a70553ef7bea5 (commit)


- Log -
commit acce055778ecbf72e06a254b3a9bf2a2907e5170
Author: Pauli 
Date:   Thu Jan 13 12:19:23 2022 +1100

ssl: better support TSAN operations

For platforms that do not have native TSAN support, locking needs to be used
instead.  This adds the locking.

Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17489)

---

Summary of changes:
 ssl/ssl_lib.c| 47 +++
 ssl/ssl_local.h  | 30 ++
 ssl/ssl_sess.c   | 11 ++-
 ssl/statem/extensions.c  | 13 +++--
 ssl/statem/statem_clnt.c |  2 +-
 ssl/statem/statem_lib.c  | 17 ++---
 6 files changed, 93 insertions(+), 27 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 20fe8bc786..655eac0b7c 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2451,6 +2451,17 @@ LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
 return ctx->sessions;
 }
 
+static int ssl_tsan_load(SSL_CTX *ctx, TSAN_QUALIFIER int *stat)
+{
+int res = 0;
+
+if (ssl_tsan_lock(ctx)) {
+res = tsan_load(stat);
+ssl_tsan_unlock(ctx);
+}
+return res;
+}
+
 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 {
 long l;
@@ -2506,27 +2517,27 @@ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, 
void *parg)
 case SSL_CTRL_SESS_NUMBER:
 return lh_SSL_SESSION_num_items(ctx->sessions);
 case SSL_CTRL_SESS_CONNECT:
-return tsan_load(>stats.sess_connect);
+return ssl_tsan_load(ctx, >stats.sess_connect);
 case SSL_CTRL_SESS_CONNECT_GOOD:
-return tsan_load(>stats.sess_connect_good);
+return ssl_tsan_load(ctx, >stats.sess_connect_good);
 case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
-return tsan_load(>stats.sess_connect_renegotiate);
+return ssl_tsan_load(ctx, >stats.sess_connect_renegotiate);
 case SSL_CTRL_SESS_ACCEPT:
-return tsan_load(>stats.sess_accept);
+return ssl_tsan_load(ctx, >stats.sess_accept);
 case SSL_CTRL_SESS_ACCEPT_GOOD:
-return tsan_load(>stats.sess_accept_good);
+return ssl_tsan_load(ctx, >stats.sess_accept_good);
 case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
-return tsan_load(>stats.sess_accept_renegotiate);
+return ssl_tsan_load(ctx, >stats.sess_accept_renegotiate);
 case SSL_CTRL_SESS_HIT:
-return tsan_load(>stats.sess_hit);
+return ssl_tsan_load(ctx, >stats.sess_hit);
 case SSL_CTRL_SESS_CB_HIT:
-return tsan_load(>stats.sess_cb_hit);
+return ssl_tsan_load(ctx, >stats.sess_cb_hit);
 case SSL_CTRL_SESS_MISSES:
-return tsan_load(>stats.sess_miss);
+return ssl_tsan_load(ctx, >stats.sess_miss);
 case SSL_CTRL_SESS_TIMEOUTS:
-return tsan_load(>stats.sess_timeout);
+return ssl_tsan_load(ctx, >stats.sess_timeout);
 case SSL_CTRL_SESS_CACHE_FULL:
-return tsan_load(>stats.sess_cache_full);
+return ssl_tsan_load(ctx, >stats.sess_cache_full);
 case SSL_CTRL_MODE:
 return (ctx->mode |= larg);
 case SSL_CTRL_CLEAR_MODE:
@@ -3199,6 +3210,14 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char 
*propq,
 return NULL;
 }
 
+#ifdef TSAN_REQUIRES_LOCKING
+ret->tsan_lock = CRYPTO_THREAD_lock_new();
+if (ret->tsan_lock == NULL) {
+ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
+goto err;
+}
+#endif
+
 ret->libctx = libctx;
 if (propq != NULL) {
 ret->propq = OPENSSL_strdup(propq);
@@ -3465,6 +3484,9 @@ void SSL_CTX_free(SSL_CTX *a)
 OPENSSL_free(a->sigalg_lookup_cache);
 
 CRYPTO_THREAD_lock_free(a->lock);
+#ifdef TSAN_REQUIRES_LOCKING
+CRYPTO_THREAD_lock_free(a->tsan_lock);
+#endif
 
 OPENSSL_free(a->propq);
 
@@ -3733,11 +3755,12 @@ void ssl_update_cache(SSL *s, int mode)
 /* auto flush every 255 connections */
 if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
 TSAN_QUALIFIER int *stat;
+
 if (mode & SSL_SESS_CACHE_CLIENT)
 stat = >session_ctx->stats.sess_connect_good;
 else
 stat = >session_ctx->stats.sess_accept_good;
-if ((tsan_load(stat) & 0xff) == 0xff)
+if ((ssl_tsan_load(s->session_ctx, stat) & 0xff) == 0xff)
 SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
 }
 }
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index ddae48b2af..2c83505660 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -898,6 +898,9 @@ struct ssl_ctx_st {
 * other processes - spooky
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  ed16b0fc282d29f755e656043e8a70553ef7bea5 (commit)
   via  0be4b0403d2f65adf0d037581223dbebd0fa135e (commit)
   via  0324ae3e98725f722b7d7871c23fbbff596a5bf6 (commit)
   via  4e62f1a3af36512a1f5e1273d2dc54e3ce7f5fca (commit)
   via  2c9da416a608e2aaf19c16d920baddf2473c8392 (commit)
  from  15b7175f558bf9eb057ec3266685486f727dd70f (commit)


- Log -
commit ed16b0fc282d29f755e656043e8a70553ef7bea5
Author: Pauli 
Date:   Mon Jan 17 13:09:41 2022 +1100

test: add cipher context dup test

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17529)

commit 0be4b0403d2f65adf0d037581223dbebd0fa135e
Author: Pauli 
Date:   Fri Jan 7 11:47:20 2022 +1100

test: add digest context dup tests

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17529)

commit 0324ae3e98725f722b7d7871c23fbbff596a5bf6
Author: Pauli 
Date:   Fri Jan 7 11:47:02 2022 +1100

doc: document digest and cipher dup functions

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17529)

commit 4e62f1a3af36512a1f5e1273d2dc54e3ce7f5fca
Author: Pauli 
Date:   Fri Jan 7 11:46:33 2022 +1100

Add context dup functions for digests and ciphers

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17529)

commit 2c9da416a608e2aaf19c16d920baddf2473c8392
Author: Pauli 
Date:   Fri Jan 7 11:45:33 2022 +1100

fix indentation

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17529)

---

Summary of changes:
 crypto/evp/digest.c   | 11 +++
 crypto/evp/evp_enc.c  | 11 +++
 doc/man3/EVP_DigestInit.pod   | 17 +--
 doc/man3/EVP_EncryptInit.pod  | 20 
 include/openssl/evp.h |  2 ++
 providers/implementations/digests/sha3_prov.c |  2 +-
 providers/implementations/kdfs/pbkdf2.c   |  8 ++---
 test/evp_extra_test2.c| 16 ++
 test/evp_test.c   | 44 +++
 util/libcrypto.num|  2 ++
 10 files changed, 114 insertions(+), 19 deletions(-)

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index d4685e6489..db2eed6355 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -505,6 +505,17 @@ legacy:
 return ret;
 }
 
+EVP_MD_CTX *EVP_MD_CTX_dup(const EVP_MD_CTX *in)
+{
+EVP_MD_CTX *out = EVP_MD_CTX_new();
+
+if (out != NULL && !EVP_MD_CTX_copy_ex(out, in)) {
+EVP_MD_CTX_free(out);
+out = NULL;
+}
+return out;
+}
+
 int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 {
 EVP_MD_CTX_reset(out);
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 519cab3f2b..1c02cafa16 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1346,6 +1346,17 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, 
unsigned char *key)
 #endif /* FIPS_MODULE */
 }
 
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_dup(const EVP_CIPHER_CTX *in)
+{
+EVP_CIPHER_CTX *out = EVP_CIPHER_CTX_new();
+
+if (out != NULL && !EVP_CIPHER_CTX_copy(out, in)) {
+EVP_CIPHER_CTX_free(out);
+out = NULL;
+}
+return out;
+}
+
 int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 {
 if ((in == NULL) || (in->cipher == NULL)) {
diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index 5b9d75b704..2a2a17f27f 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -4,8 +4,8 @@
 
 EVP_MD_fetch, EVP_MD_up_ref, EVP_MD_free,
 EVP_MD_get_params, EVP_MD_gettable_params,
-EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_copy,
-EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl,
+EVP_MD_CTX_new, EVP_MD_CTX_reset, EVP_MD_CTX_free, EVP_MD_CTX_dup,
+EVP_MD_CTX_copy, EVP_MD_CTX_copy_ex, EVP_MD_CTX_ctrl,
 EVP_MD_CTX_set_params, EVP_MD_CTX_get_params,
 EVP_MD_settable_ctx_params, EVP_MD_gettable_ctx_params,
 EVP_MD_CTX_settable_params, EVP_MD_CTX_gettable_params,
@@ -63,6 +63,7 @@ EVP_MD_CTX_type, EVP_MD_CTX_pkey_ctx, EVP_MD_CTX_md_data
  int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
  int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
 
+ EVP_MD_CTX *EVP_MD_CTX_dup(const EVP_MD_CTX *in);
  int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
 
  int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
@@ -295,6 +296,12 @@ It retrieves the digest value from I and places it in 
I-sized I.
 After calling this function no additional calls to EVP_DigestUpdate() can be
 made, but EVP_DigestInit_ex2() can be called to initialize a new operation.
 
+=item EVP_MD_CTX_dup()
+
+Can be used to duplicate 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  14951ef01f9b54d804baf2fabdf0a715c630827b (commit)
   via  b461aff257e57b8ba8e72667078fdf6d5047bc91 (commit)
   via  a09a342ffb459d0913954111b7802815e9a3481a (commit)
   via  d715dbd8e566e7827ce8b2e9b6687c2bcd8a89a0 (commit)
   via  e52698f9e33d77419dca827774e5d0bc1815100d (commit)
   via  1e3317278e4890e812a032b39c7c9dc43ca01458 (commit)
  from  f242ce9817157817b19ccb303fd436fe487539b3 (commit)


- Log -
commit 14951ef01f9b54d804baf2fabdf0a715c630827b
Author: Pauli 
Date:   Mon Jan 17 16:51:03 2022 +1100

e_dasync: remove empty statement

Reviewed-by: Tim Hudson 
Reviewed-by: Bernd Edlinger 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17528)

commit b461aff257e57b8ba8e72667078fdf6d5047bc91
Author: Pauli 
Date:   Mon Jan 17 16:50:16 2022 +1100

demo: remove end of line whitespace

Reviewed-by: Tim Hudson 
Reviewed-by: Bernd Edlinger 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17528)

commit a09a342ffb459d0913954111b7802815e9a3481a
Author: Pauli 
Date:   Mon Jan 17 16:49:58 2022 +1100

speed: rework if condition to avoid empty statement

Reviewed-by: Tim Hudson 
Reviewed-by: Bernd Edlinger 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17528)

commit d715dbd8e566e7827ce8b2e9b6687c2bcd8a89a0
Author: Pauli 
Date:   Mon Jan 17 10:37:20 2022 +1100

replace ;; with ; as statement separator

Fixes #17525

Reviewed-by: Tim Hudson 
Reviewed-by: Bernd Edlinger 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17528)

commit e52698f9e33d77419dca827774e5d0bc1815100d
Author: Pauli 
Date:   Mon Jan 17 10:36:46 2022 +1100

apps/ca: replace ;; with ; as statement separator

Reviewed-by: Tim Hudson 
Reviewed-by: Bernd Edlinger 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17528)

commit 1e3317278e4890e812a032b39c7c9dc43ca01458
Author: Pauli 
Date:   Mon Jan 17 10:36:06 2022 +1100

ssl: replace ;; with ; as statement separator

Reviewed-by: Tim Hudson 
Reviewed-by: Bernd Edlinger 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/17528)

---

Summary of changes:
 apps/ca.c| 2 +-
 apps/speed.c | 4 +---
 crypto/rsa/rsa_backend.c | 2 +-
 crypto/x509/x509_trust.c | 2 +-
 demos/digest/EVP_MD_demo.c   | 2 +-
 engines/e_dasync.c   | 1 -
 providers/implementations/keymgmt/dh_kmgmt.c | 2 +-
 ssl/ssl_rsa.c| 2 +-
 ssl/statem/statem_lib.c  | 2 +-
 ssl/t1_lib.c | 2 +-
 10 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index a9d6c5c1a6..271f7de9df 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1855,7 +1855,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 
*x509,
 p = "Valid";
 else
 p = "\ninvalid type, Data base error\n";
-BIO_printf(bio_err, "Type  :%s\n", p);;
+BIO_printf(bio_err, "Type  :%s\n", p);
 if (rrow[DB_type][0] == DB_TYPE_REV) {
 p = rrow[DB_exp_date];
 if (p == NULL)
diff --git a/apps/speed.c b/apps/speed.c
index 0ee7347f5b..02e7b1f9b2 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -3551,9 +3551,7 @@ static int do_multi(int multi, int size_num)
 d = atof(sstrsep(, sep));
 ffdh_results[k][0] += d;
 # endif /* OPENSSL_NO_DH */
-} else if (HAS_PREFIX(buf, "+H:")) {
-;
-} else {
+} else if (!HAS_PREFIX(buf, "+H:")) {
 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
n);
 }
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c
index dc397a6676..ae071f18bf 100644
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -523,7 +523,7 @@ int ossl_rsa_pss_get_param_unverified(const RSA_PSS_PARAMS 
*pss,
 if (pss->trailerField)
 *ptrailerField = ASN1_INTEGER_get(pss->trailerField);
 else
-*ptrailerField = ossl_rsa_pss_params_30_trailerfield(_params);;
+*ptrailerField = ossl_rsa_pss_params_30_trailerfield(_params);
 
 return 1;
 }
diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c
index ff578aee73..e71db0c9a1 100644
--- a/crypto/x509/x509_trust.c
+++ b/crypto/x509/x509_trust.c
@@ -166,7 +166,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST 
*, X509 *, int),
 if (trtable == NULL
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  5f7757265bfd7ccdf1973bf09f9d72634ea70949 (commit)
  from  454358be49b55c313fe3781bc6f5f6c644787f87 (commit)


- Log -
commit 5f7757265bfd7ccdf1973bf09f9d72634ea70949
Author: Kevin Jones 
Date:   Sat Jan 15 01:38:41 2022 +

Fix mistake in ERR_peek_error_all documentation.

The `func` parameter was incorrect. It was documented as `const char *func`
instead of `const char **func`.

CLA: trivial

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17522)

(cherry picked from commit f242ce9817157817b19ccb303fd436fe487539b3)

---

Summary of changes:
 doc/man3/ERR_get_error.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/ERR_get_error.pod b/doc/man3/ERR_get_error.pod
index 6518458907..924c650184 100644
--- a/doc/man3/ERR_get_error.pod
+++ b/doc/man3/ERR_get_error.pod
@@ -31,7 +31,7 @@ ERR_get_error_line_data, ERR_peek_error_line_data, 
ERR_peek_last_error_line_data
  const char **func,
  const char **data, int *flags);
  unsigned long ERR_peek_error_all(const char **file, int *line,
-  const char *func,
+  const char **func,
   const char **data, int *flags);
  unsigned long ERR_peek_last_error_all(const char **file, int *line,
const char *func,

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  f242ce9817157817b19ccb303fd436fe487539b3 (commit)
  from  cfbb5fcf4424395a1a23751556ea12c56b80b57e (commit)


- Log -
commit f242ce9817157817b19ccb303fd436fe487539b3
Author: Kevin Jones 
Date:   Sat Jan 15 01:38:41 2022 +

Fix mistake in ERR_peek_error_all documentation.

The `func` parameter was incorrect. It was documented as `const char *func`
instead of `const char **func`.

CLA: trivial

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17522)

---

Summary of changes:
 doc/man3/ERR_get_error.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/ERR_get_error.pod b/doc/man3/ERR_get_error.pod
index b5374e7652..4019bdd541 100644
--- a/doc/man3/ERR_get_error.pod
+++ b/doc/man3/ERR_get_error.pod
@@ -31,7 +31,7 @@ ERR_get_error_line_data, ERR_peek_error_line_data, 
ERR_peek_last_error_line_data
  const char **func,
  const char **data, int *flags);
  unsigned long ERR_peek_error_all(const char **file, int *line,
-  const char *func,
+  const char **func,
   const char **data, int *flags);
  unsigned long ERR_peek_last_error_all(const char **file, int *line,
const char *func,

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  ba4f941b081897747e8432296cd14bebafc97920 (commit)
  from  63c0fbcf865a711161feccd90aec9bf2e0e49199 (commit)


- Log -
commit ba4f941b081897747e8432296cd14bebafc97920
Author: EasySec 
Date:   Thu Jan 13 23:30:30 2022 +0100

Fix typo in SSL_CTX_set_dh_auto

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17499)

(cherry picked from commit 144316d276adf5b8172316f7bc20b372b8e31ac8)

---

Summary of changes:
 doc/man3/SSL_CTX_set_tmp_dh_callback.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod 
b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
index aacf82a80f..4340989976 100644
--- a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
+++ b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
@@ -11,7 +11,7 @@ SSL_set_tmp_dh_callback, SSL_set_tmp_dh
 
  #include 
 
- long SSL_CTX_set_dh_auto(SSL *s, int onoff);
+ long SSL_CTX_set_dh_auto(SSL_CTX *ctx, int onoff);
  long SSL_set_dh_auto(SSL *s, int onoff);
  int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey);
  int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey);

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  144316d276adf5b8172316f7bc20b372b8e31ac8 (commit)
  from  d73a7a3a71270aaadb4e4e678ae9bd3cef8b9cbd (commit)


- Log -
commit 144316d276adf5b8172316f7bc20b372b8e31ac8
Author: EasySec 
Date:   Thu Jan 13 23:30:30 2022 +0100

Fix typo in SSL_CTX_set_dh_auto

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17499)

---

Summary of changes:
 doc/man3/SSL_CTX_set_tmp_dh_callback.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod 
b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
index bf8441294a..c9f06e9895 100644
--- a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
+++ b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod
@@ -11,7 +11,7 @@ SSL_set_tmp_dh_callback, SSL_set_tmp_dh
 
  #include 
 
- long SSL_CTX_set_dh_auto(SSL *s, int onoff);
+ long SSL_CTX_set_dh_auto(SSL_CTX *ctx, int onoff);
  long SSL_set_dh_auto(SSL *s, int onoff);
  int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey);
  int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey);

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  63c0fbcf865a711161feccd90aec9bf2e0e49199 (commit)
  from  a8779af2f5cb76ac2563c28c1fdbdf314f0a6ebb (commit)


- Log -
commit 63c0fbcf865a711161feccd90aec9bf2e0e49199
Author: Dmytro Podgornyi 
Date:   Wed Jan 12 19:25:23 2022 +0200

ssl/t1_enc: Fix kTLS RX offload path

During counting of the unprocessed records, return code is treated in a
wrong way. This forces kTLS RX path to be skipped in case of presence
of unprocessed records.

CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17492)

(cherry picked from commit d73a7a3a71270aaadb4e4e678ae9bd3cef8b9cbd)

---

Summary of changes:
 ssl/t1_enc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 51688d4f2e..101cba6490 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -122,7 +122,7 @@ static int count_unprocessed_records(SSL *s)
 return -1;
 
 /* Read until next record */
-if (PACKET_get_length_prefixed_2(, ))
+if (!PACKET_get_length_prefixed_2(, ))
 return -1;
 
 count += 1;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  d73a7a3a71270aaadb4e4e678ae9bd3cef8b9cbd (commit)
  from  57645339ab645fe5abffe14fc005b5402ce03b84 (commit)


- Log -
commit d73a7a3a71270aaadb4e4e678ae9bd3cef8b9cbd
Author: Dmytro Podgornyi 
Date:   Wed Jan 12 19:25:23 2022 +0200

ssl/t1_enc: Fix kTLS RX offload path

During counting of the unprocessed records, return code is treated in a
wrong way. This forces kTLS RX path to be skipped in case of presence
of unprocessed records.

CLA: trivial

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17492)

---

Summary of changes:
 ssl/t1_enc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 51688d4f2e..101cba6490 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -122,7 +122,7 @@ static int count_unprocessed_records(SSL *s)
 return -1;
 
 /* Read until next record */
-if (PACKET_get_length_prefixed_2(, ))
+if (!PACKET_get_length_prefixed_2(, ))
 return -1;
 
 count += 1;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  57645339ab645fe5abffe14fc005b5402ce03b84 (commit)
  from  04bc3c1277b8b20dc29f96933f7be592c0535aa8 (commit)


- Log -
commit 57645339ab645fe5abffe14fc005b5402ce03b84
Author: Pauli 
Date:   Sat Jan 1 12:43:31 2022 +1100

property: reduce memory consumption when OPENSSL_SMALL_FOOTPRINT is defined.

This takes out the lock step stacks that allow a fast property to name
resolution.  Follow on from #17325.

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17388)

---

Summary of changes:
 crypto/property/property_string.c | 50 +++
 1 file changed, 46 insertions(+), 4 deletions(-)

diff --git a/crypto/property/property_string.c 
b/crypto/property/property_string.c
index 6c61bfbbb2..9191453d5a 100644
--- a/crypto/property/property_string.c
+++ b/crypto/property/property_string.c
@@ -40,8 +40,10 @@ typedef struct {
 PROP_TABLE *prop_values;
 OSSL_PROPERTY_IDX prop_name_idx;
 OSSL_PROPERTY_IDX prop_value_idx;
+#ifndef OPENSSL_SMALL_FOOTPRINT
 STACK_OF(OPENSSL_CSTRING) *prop_namelist;
 STACK_OF(OPENSSL_CSTRING) *prop_valuelist;
+#endif
 } PROPERTY_STRING_DATA;
 
 static unsigned long property_hash(const PROPERTY_STRING *a)
@@ -80,9 +82,11 @@ static void property_string_data_free(void *vpropdata)
 CRYPTO_THREAD_lock_free(propdata->lock);
 property_table_free(>prop_names);
 property_table_free(>prop_values);
+#ifndef OPENSSL_SMALL_FOOTPRINT
 sk_OPENSSL_CSTRING_free(propdata->prop_namelist);
 sk_OPENSSL_CSTRING_free(propdata->prop_valuelist);
 propdata->prop_namelist = propdata->prop_valuelist = NULL;
+#endif
 propdata->prop_name_idx = propdata->prop_value_idx = 0;
 
 OPENSSL_free(propdata);
@@ -99,13 +103,17 @@ static void *property_string_data_new(OSSL_LIB_CTX *ctx) {
   _cmp);
 propdata->prop_values = lh_PROPERTY_STRING_new(_hash,
_cmp);
+#ifndef OPENSSL_SMALL_FOOTPRINT
 propdata->prop_namelist = sk_OPENSSL_CSTRING_new_null();
 propdata->prop_valuelist = sk_OPENSSL_CSTRING_new_null();
+#endif
 if (propdata->lock == NULL
-|| propdata->prop_names == NULL
-|| propdata->prop_values == NULL
+#ifndef OPENSSL_SMALL_FOOTPRINT
 || propdata->prop_namelist == NULL
-|| propdata->prop_valuelist == NULL) {
+|| propdata->prop_valuelist == NULL
+#endif
+|| propdata->prop_names == NULL
+|| propdata->prop_values == NULL) {
 property_string_data_free(propdata);
 return NULL;
 }
@@ -141,7 +149,6 @@ static OSSL_PROPERTY_IDX ossl_property_string(OSSL_LIB_CTX 
*ctx, int name,
 {
 PROPERTY_STRING p, *ps, *ps_new;
 PROP_TABLE *t;
-STACK_OF(OPENSSL_CSTRING) *slist;
 OSSL_PROPERTY_IDX *pidx;
 PROPERTY_STRING_DATA *propdata
 = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_PROPERTY_STRING_INDEX,
@@ -166,19 +173,25 @@ static OSSL_PROPERTY_IDX 
ossl_property_string(OSSL_LIB_CTX *ctx, int name,
 pidx = name ? >prop_name_idx : >prop_value_idx;
 ps = lh_PROPERTY_STRING_retrieve(t, );
 if (ps == NULL && (ps_new = new_property_string(s, pidx)) != NULL) {
+#ifndef OPENSSL_SMALL_FOOTPRINT
+STACK_OF(OPENSSL_CSTRING) *slist;
+
 slist = name ? propdata->prop_namelist : propdata->prop_valuelist;
 if (sk_OPENSSL_CSTRING_push(slist, ps_new->s) <= 0) {
 property_free(ps_new);
 CRYPTO_THREAD_unlock(propdata->lock);
 return 0;
 }
+#endif
 lh_PROPERTY_STRING_insert(t, ps_new);
 if (lh_PROPERTY_STRING_error(t)) {
 /*-
  * Undo the previous push which means also decrementing the
  * index and freeing the allocated storage.
  */
+#ifndef OPENSSL_SMALL_FOOTPRINT
 sk_OPENSSL_CSTRING_pop(slist);
+#endif
 property_free(ps_new);
 --*pidx;
 CRYPTO_THREAD_unlock(propdata->lock);
@@ -191,6 +204,21 @@ static OSSL_PROPERTY_IDX ossl_property_string(OSSL_LIB_CTX 
*ctx, int name,
 return ps != NULL ? ps->idx : 0;
 }
 
+#ifdef OPENSSL_SMALL_FOOTPRINT
+struct find_str_st {
+const char *str;
+OSSL_PROPERTY_IDX idx;
+};
+
+static void find_str_fn(PROPERTY_STRING *prop, void *vfindstr)
+{
+struct find_str_st *findstr = vfindstr;
+
+if (prop->idx == findstr->idx)
+findstr->str = prop->s;
+}
+#endif
+
 static const char *ossl_property_str(int name, OSSL_LIB_CTX *ctx,
  OSSL_PROPERTY_IDX idx)
 {
@@ -206,8 +234,22 @@ static const char *ossl_property_str(int name, 
OSSL_LIB_CTX *ctx,
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  2ee3e38f8f456db4b5afb023ae0472ff79204369 (commit)
  from  941c877bdb71038f6beeaf416d9b7b7951ff1f19 (commit)


- Log -
commit 2ee3e38f8f456db4b5afb023ae0472ff79204369
Author: Pauli 
Date:   Thu Jan 13 12:30:59 2022 +1100

coverity 1497107: dereference after null check

Add null checks to avoid dereferencing a pointer that could be null.

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
Reviewed-by: David von Oheimb 
(Merged from https://github.com/openssl/openssl/pull/17488)

---

Summary of changes:
 apps/lib/apps.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 25a6b6bcc3..07dd4550f2 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -696,10 +696,13 @@ int load_cert_certs(const char *uri,
 if (ret) {
 if (pcert != NULL)
 warn_cert(uri, *pcert, 0, vpm);
-warn_certs(uri, *pcerts, 1, vpm);
+if (pcerts != NULL)
+warn_certs(uri, *pcerts, 1, vpm);
 } else {
-sk_X509_pop_free(*pcerts, X509_free);
-*pcerts = NULL;
+if (pcerts != NULL) {
+sk_X509_pop_free(*pcerts, X509_free);
+*pcerts = NULL;
+}
 }
 return ret;
 }

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  8c870f6bed241ec80c67453e60592461f0d8f2b8 (commit)
  from  79c7acc59bb98c2b8451b048ed1dd8cc517df76e (commit)


- Log -
commit 8c870f6bed241ec80c67453e60592461f0d8f2b8
Author: Pauli 
Date:   Thu Jan 13 12:30:59 2022 +1100

coverity 1497107: dereference after null check

Add null checks to avoid dereferencing a pointer that could be null.

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
Reviewed-by: David von Oheimb 
(Merged from https://github.com/openssl/openssl/pull/17488)

---

Summary of changes:
 apps/lib/apps.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 7ca30ef590..77edc1d936 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -691,10 +691,13 @@ int load_cert_certs(const char *uri,
 if (ret) {
 if (pcert != NULL)
 warn_cert(uri, *pcert, 0, vpm);
-warn_certs(uri, *pcerts, 1, vpm);
+if (pcerts != NULL)
+warn_certs(uri, *pcerts, 1, vpm);
 } else {
-OSSL_STACK_OF_X509_free(*pcerts);
-*pcerts = NULL;
+if (pcerts != NULL) {
+OSSL_STACK_OF_X509_free(*pcerts);
+*pcerts = NULL;
+}
 }
 return ret;
 }

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  589e0ab4ebf35e1e73d826ad08160b9e6060e616 (commit)
   via  d1a488e944275a1b5db50ce02c1593aedb37c1f9 (commit)
   via  a69b93afd26d8da664e19847432cebe3c7d3fbb3 (commit)
   via  cc05c3ea8c585eb58a46602f94c59e3c17f4383d (commit)
   via  d1ec05915686019eec8fa8de9890292980fc5d6e (commit)
   via  3517a3e055d3ed27b70441e2ee087fbb709b58da (commit)
  from  cca25d5eb83b56ae27d81bd72bebf69c2f393e43 (commit)


- Log -
commit 589e0ab4ebf35e1e73d826ad08160b9e6060e616
Author: Pauli 
Date:   Wed Jan 12 15:01:17 2022 +1100

drbg: add handling for cases where TSAN isn't available

Most of the DRGB code is run under lock from the EVP layer.  This is relied
on to make the majority of TSAN operations safe.  However, it is still 
necessary
to enable locking for all DRBGs created.

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit d1a488e944275a1b5db50ce02c1593aedb37c1f9
Author: Pauli 
Date:   Wed Jan 12 14:45:07 2022 +1100

lhash: use lock when TSAN not available for statistics gathering

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit a69b93afd26d8da664e19847432cebe3c7d3fbb3
Author: Pauli 
Date:   Wed Jan 12 14:25:46 2022 +1100

mem: do not produce usage counts when tsan is unavailable.

Doing the tsan operations under lock would be difficult to arrange here 
(locks
require memory allocation).

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit cc05c3ea8c585eb58a46602f94c59e3c17f4383d
Author: Pauli 
Date:   Wed Jan 12 14:22:23 2022 +1100

core namemap: use updated tsan lock detection capabilities

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit d1ec05915686019eec8fa8de9890292980fc5d6e
Author: Pauli 
Date:   Wed Jan 12 13:26:38 2022 +1100

tsan: make detecting the need for locking when using tsan easier

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit 3517a3e055d3ed27b70441e2ee087fbb709b58da
Author: Pauli 
Date:   Wed Jan 12 14:24:49 2022 +1100

threadstest: add write check to lock checking

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

---

Summary of changes:
 crypto/core_namemap.c  | 15 --
 crypto/lhash/lh_stats.c| 25 
 crypto/lhash/lhash.c   | 55 ++
 crypto/lhash/lhash_local.h |  3 ++
 crypto/mem.c   | 14 ++---
 include/internal/tsan_assist.h |  8 -
 providers/implementations/rands/drbg.c |  4 +++
 test/threadstest.c |  2 ++
 8 files changed, 95 insertions(+), 31 deletions(-)

diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c
index 2bee5ef194..6cb0ec5a06 100644
--- a/crypto/core_namemap.c
+++ b/crypto/core_namemap.c
@@ -37,11 +37,7 @@ struct ossl_namemap_st {
 CRYPTO_RWLOCK *lock;
 LHASH_OF(NAMENUM_ENTRY) *namenum;  /* Name->number mapping */
 
-#ifdef tsan_ld_acq
-TSAN_QUALIFIER int max_number; /* Current max number TSAN version */
-#else
-int max_number;/* Current max number plain version */
-#endif
+TSAN_QUALIFIER int max_number; /* Current max number */
 };
 
 /* LHASH callbacks */
@@ -99,10 +95,7 @@ static const OSSL_LIB_CTX_METHOD stored_namemap_method = {
 
 int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
 {
-#ifdef tsan_ld_acq
-/* Have TSAN support */
-return namemap == NULL || tsan_load(>max_number) == 0;
-#else
+#ifdef TSAN_REQUIRES_LOCKING
 /* No TSAN support */
 int rv;
 
@@ -114,6 +107,9 @@ int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
 rv = namemap->max_number == 0;
 CRYPTO_THREAD_unlock(namemap->lock);
 return rv;
+#else
+/* Have TSAN support */
+return namemap == NULL || tsan_load(>max_number) == 0;
 #endif
 }
 
@@ -260,6 +256,7 @@ static int namemap_add_name_n(OSSL_NAMEMAP *namemap, int 
number,
 || (namenum->name = OPENSSL_strndup(name, name_len)) == NULL)
 goto err;
 
+/* The tsan_counter use here is safe since we're under lock */
 namenum->number =
 number != 0 ? number : 1 + tsan_counter(>max_number);
 (void)lh_NAMENUM_ENTRY_insert(namemap->namenum, namenum);
diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
index 5e38c42580..0d4bc72608 100644
--- a/crypto/lhash/lh_stats.c
+++ b/crypto/lhash/lh_stats.c
@@ -61,6 +61,14 @@ void OPENSSL_LH_node_usage_stats(const OPENSSL_LHASH *lh, 
FILE *fp)
 
 void OPENSSL_LH_stats_bio(const OPENSSL_LHASH *lh, BIO *out)
 {
+int omit_tsan = 0;
+
+#ifdef 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  3d4d5305c292f5db62b4abf732f6682b2ada6f44 (commit)
   via  8ff861dcee38a41ce93374753e8c462e4b9012e2 (commit)
   via  43f132778b138870120d965f2fb61aa7411b78b2 (commit)
   via  5c41cee225094e6298799b709278b0431643fb1f (commit)
   via  e6b8f359e79cdbe09033d02eaad7ecb4e24adb73 (commit)
   via  d8ed9e4a9079b55a84bdbbc3172d36aa3be8bed7 (commit)
   via  e22cbe5e67461470590e6fb8858c95285fcdea0e (commit)
   via  1fc97807d3a3b5e3065a7df80d1ad3601ccc5e2f (commit)
  from  9c5d1451292566e546d5dd01c7f19950fa34391d (commit)


- Log -
commit 3d4d5305c292f5db62b4abf732f6682b2ada6f44
Author: Pauli 
Date:   Wed Jan 12 14:22:29 2022 +1100

threadstest: use locking for tsan operations if required

Not all platforms support tsan operations, those that don't need to have an
alternative locking path.

Fixes #17447

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit 8ff861dcee38a41ce93374753e8c462e4b9012e2
Author: Pauli 
Date:   Wed Jan 12 15:01:17 2022 +1100

drbg: add handling for cases where TSAN isn't available

Most of the DRGB code is run under lock from the EVP layer.  This is relied
on to make the majority of TSAN operations safe.  However, it is still 
necessary
to enable locking for all DRBGs created.

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit 43f132778b138870120d965f2fb61aa7411b78b2
Author: Pauli 
Date:   Wed Jan 12 14:45:07 2022 +1100

lhash: use lock when TSAN not available for statistics gathering

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit 5c41cee225094e6298799b709278b0431643fb1f
Author: Pauli 
Date:   Wed Jan 12 14:25:46 2022 +1100

mem: do not produce usage counts when tsan is unavailable.

Doing the tsan operations under lock would be difficult to arrange here 
(locks
require memory allocation).

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit e6b8f359e79cdbe09033d02eaad7ecb4e24adb73
Author: Pauli 
Date:   Wed Jan 12 14:25:35 2022 +1100

object: use updated tsan lock detection capabilities

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit d8ed9e4a9079b55a84bdbbc3172d36aa3be8bed7
Author: Pauli 
Date:   Wed Jan 12 14:22:23 2022 +1100

core namemap: use updated tsan lock detection capabilities

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit e22cbe5e67461470590e6fb8858c95285fcdea0e
Author: Pauli 
Date:   Wed Jan 12 13:26:38 2022 +1100

tsan: make detecting the need for locking when using tsan easier

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

commit 1fc97807d3a3b5e3065a7df80d1ad3601ccc5e2f
Author: Pauli 
Date:   Wed Jan 12 14:24:49 2022 +1100

threadstest: add write check to lock checking

Reviewed-by: Bernd Edlinger 
(Merged from https://github.com/openssl/openssl/pull/17479)

---

Summary of changes:
 crypto/core_namemap.c  | 15 --
 crypto/lhash/lh_stats.c| 25 
 crypto/lhash/lhash.c   | 55 ++
 crypto/lhash/lhash_local.h |  3 ++
 crypto/mem.c   | 14 ++---
 crypto/objects/obj_dat.c   | 20 -
 include/internal/tsan_assist.h |  8 -
 providers/implementations/rands/drbg.c |  4 +++
 test/threadstest.c | 30 +--
 9 files changed, 126 insertions(+), 48 deletions(-)

diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c
index 2bee5ef194..6cb0ec5a06 100644
--- a/crypto/core_namemap.c
+++ b/crypto/core_namemap.c
@@ -37,11 +37,7 @@ struct ossl_namemap_st {
 CRYPTO_RWLOCK *lock;
 LHASH_OF(NAMENUM_ENTRY) *namenum;  /* Name->number mapping */
 
-#ifdef tsan_ld_acq
-TSAN_QUALIFIER int max_number; /* Current max number TSAN version */
-#else
-int max_number;/* Current max number plain version */
-#endif
+TSAN_QUALIFIER int max_number; /* Current max number */
 };
 
 /* LHASH callbacks */
@@ -99,10 +95,7 @@ static const OSSL_LIB_CTX_METHOD stored_namemap_method = {
 
 int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
 {
-#ifdef tsan_ld_acq
-/* Have TSAN support */
-return namemap == NULL || tsan_load(>max_number) == 0;
-#else
+#ifdef TSAN_REQUIRES_LOCKING
 /* No TSAN support */
 int rv;
 
@@ -114,6 +107,9 @@ int ossl_namemap_empty(OSSL_NAMEMAP *namemap)
 rv = namemap->max_number == 0;
 CRYPTO_THREAD_unlock(namemap->lock);
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  cca25d5eb83b56ae27d81bd72bebf69c2f393e43 (commit)
  from  f7e71772becc0dba8a0cae9766b78ea42819b849 (commit)


- Log -
commit cca25d5eb83b56ae27d81bd72bebf69c2f393e43
Author: Pauli 
Date:   Wed Jan 12 12:28:29 2022 +1100

Avoid using a macro expansion in a macro when statically initialising

Circumvents a problem with ancient PA-RISC compilers on HP/UX.

Fixes #17477

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17478)

(cherry picked from commit 9c5d1451292566e546d5dd01c7f19950fa34391d)

---

Summary of changes:
 providers/fips/self_test_data.inc | 12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/providers/fips/self_test_data.inc 
b/providers/fips/self_test_data.inc
index dd39ab5252..f2c1af04b6 100644
--- a/providers/fips/self_test_data.inc
+++ b/providers/fips/self_test_data.inc
@@ -18,7 +18,7 @@
 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
 #define ST_KAT_PARAM_UTF8STRING(name, data)
\
 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
-#define ST_KAT_PARAM_UTF8CHAR(name, data)\
+#define ST_KAT_PARAM_UTF8CHAR(name, data)  
\
 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
 #define ST_KAT_PARAM_INT(name, i)  
\
 { name, OSSL_PARAM_INTEGER, ITM(i) }
@@ -1291,9 +1291,15 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
 ST_KAT_PARAM_END()
 };
 
+/*-
+ * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
+ * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
+ * HP/UX PA-RISC compilers.
+ */
+static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
+
 static const ST_KAT_PARAM rsa_enc_params[] = {
-ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
-OSSL_PKEY_RSA_PAD_MODE_NONE),
+ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
 ST_KAT_PARAM_END()
 };
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  9c5d1451292566e546d5dd01c7f19950fa34391d (commit)
  from  64a644530e023d3064db9027b0977d33b1d2ad9a (commit)


- Log -
commit 9c5d1451292566e546d5dd01c7f19950fa34391d
Author: Pauli 
Date:   Wed Jan 12 12:28:29 2022 +1100

Avoid using a macro expansion in a macro when statically initialising

Circumvents a problem with ancient PA-RISC compilers on HP/UX.

Fixes #17477

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17478)

---

Summary of changes:
 providers/fips/self_test_data.inc | 12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/providers/fips/self_test_data.inc 
b/providers/fips/self_test_data.inc
index dd39ab5252..f2c1af04b6 100644
--- a/providers/fips/self_test_data.inc
+++ b/providers/fips/self_test_data.inc
@@ -18,7 +18,7 @@
 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
 #define ST_KAT_PARAM_UTF8STRING(name, data)
\
 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
-#define ST_KAT_PARAM_UTF8CHAR(name, data)\
+#define ST_KAT_PARAM_UTF8CHAR(name, data)  
\
 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
 #define ST_KAT_PARAM_INT(name, i)  
\
 { name, OSSL_PARAM_INTEGER, ITM(i) }
@@ -1291,9 +1291,15 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
 ST_KAT_PARAM_END()
 };
 
+/*-
+ * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
+ * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
+ * HP/UX PA-RISC compilers.
+ */
+static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
+
 static const ST_KAT_PARAM rsa_enc_params[] = {
-ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
-OSSL_PKEY_RSA_PAD_MODE_NONE),
+ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
 ST_KAT_PARAM_END()
 };
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  a10a576090022e583a06271ceced8e38dd509657 (commit)
   via  3ee3a2bd1e5763b0df5c0a2cba3b06edc26f5276 (commit)
   via  3831351da50b7ce07edba88056394a7a33c5e5d5 (commit)
   via  291c5b3e39f4c98e61cf7f65056fe49780d1f0ac (commit)
   via  ac1082f00f991aca1c6e8282717fece16e9bb41f (commit)
   via  826da1451b2525b70f93fcc57ed5dbab61a19591 (commit)
  from  b82fd89d8bae1445c89ec90d1a6145fe3216d2d7 (commit)


- Log -
commit a10a576090022e583a06271ceced8e38dd509657
Author: Pauli 
Date:   Mon Jan 10 11:36:24 2022 +1100

param dup: add errors to failure returns

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/17440)

commit 3ee3a2bd1e5763b0df5c0a2cba3b06edc26f5276
Author: Pauli 
Date:   Mon Jan 10 11:33:06 2022 +1100

param build set: add errors to failure returns

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/17440)

commit 3831351da50b7ce07edba88056394a7a33c5e5d5
Author: Pauli 
Date:   Mon Jan 10 11:31:45 2022 +1100

param build: add errors to failure returns

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/17440)

commit 291c5b3e39f4c98e61cf7f65056fe49780d1f0ac
Author: Pauli 
Date:   Mon Jan 10 11:10:34 2022 +1100

test: check for properly raised errors during param conversion

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/17440)

commit ac1082f00f991aca1c6e8282717fece16e9bb41f
Author: Pauli 
Date:   Fri Jan 7 22:11:10 2022 +1100

params: add error messages for built in param conversions

Specifically:
* out of range
* unsigned negatives
* inexact reals
* bad param types
* buffers that are too small
* null function arguments
* unknown sizes of real

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/17440)

commit 826da1451b2525b70f93fcc57ed5dbab61a19591
Author: Pauli 
Date:   Fri Jan 7 22:10:38 2022 +1100

err: add additional errors

Reviewed-by: Richard Levitte 
(Merged from https://github.com/openssl/openssl/pull/17440)

---

Summary of changes:
 crypto/cpt_err.c  |  20 ++-
 crypto/err/openssl.txt|  15 ++-
 crypto/param_build.c  |   4 +-
 crypto/param_build_set.c  |   4 +-
 crypto/params.c   | 305 +++---
 crypto/params_dup.c   |  12 +-
 include/crypto/cryptoerr.h|   2 +-
 include/openssl/cryptoerr.h   |  11 +-
 test/params_conversion_test.c |  15 ++-
 9 files changed, 324 insertions(+), 64 deletions(-)

diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index 8574f31a81..02d631466c 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -29,14 +29,32 @@ static const ERR_STRING_DATA CRYPTO_str_reasons[] = {
 "insufficient param size"},
 {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE),
 "insufficient secure data space"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INTEGER_OVERFLOW),
+"integer overflow"},
 {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NEGATIVE_VALUE),
 "invalid negative value"},
 {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NULL_ARGUMENT),
 "invalid null argument"},
 {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_OSSL_PARAM_TYPE),
 "invalid ossl param type"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_NO_PARAMS_TO_MERGE),
+"no params to merge"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_NO_SPACE_FOR_TERMINATING_NULL),
+"no space for terminating null"},
 {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ODD_NUMBER_OF_DIGITS),
 "odd number of digits"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_CANNOT_BE_REPRESENTED_EXACTLY),
+"param cannot be represented exactly"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_NOT_INTEGER_TYPE),
+"param not integer type"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_OF_INCOMPATIBLE_TYPE),
+"param of incompatible type"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, 
CRYPTO_R_PARAM_UNSIGNED_INTEGER_NEGATIVE_VALUE_UNSUPPORTED),
+"param unsigned integer negative value unsupported"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, 
CRYPTO_R_PARAM_UNSUPPORTED_FLOATING_POINT_FORMAT),
+"param unsupported floating point format"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, 
CRYPTO_R_PARAM_VALUE_TOO_LARGE_FOR_DESTINATION),
+"param value too large for 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  3755dc294d2e24b741e235550d063850464467cb (commit)
  from  b64b8e39cfb5e89c0af8b9127a414cf529192846 (commit)


- Log -
commit 3755dc294d2e24b741e235550d063850464467cb
Author: Tomas Mraz 
Date:   Mon Jan 10 17:26:33 2022 +0100

pkeyutl: Fix regression with -kdflen option

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17461)

(cherry picked from commit b82fd89d8bae1445c89ec90d1a6145fe3216d2d7)

---

Summary of changes:
 apps/pkeyutl.c | 26 +-
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 73012e3069..891f2280e3 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -464,23 +464,23 @@ int pkeyutl_main(int argc, char **argv)
 }
 goto end;
 }
-if (kdflen != 0) {
-buf_outlen = kdflen;
-rv = 1;
+if (rawin) {
+/* rawin allocates the buffer in do_raw_keyop() */
+rv = do_raw_keyop(pkey_op, mctx, pkey, in, filesize, NULL, 0,
+  _out, (size_t *)_outlen);
 } else {
-if (rawin) {
-/* rawin allocates the buffer in do_raw_keyop() */
-rv = do_raw_keyop(pkey_op, mctx, pkey, in, filesize, NULL, 0,
-  _out, (size_t *)_outlen);
+if (kdflen != 0) {
+buf_outlen = kdflen;
+rv = 1;
 } else {
 rv = do_keyop(ctx, pkey_op, NULL, (size_t *)_outlen,
   buf_in, (size_t)buf_inlen);
-if (rv > 0 && buf_outlen != 0) {
-buf_out = app_malloc(buf_outlen, "buffer output");
-rv = do_keyop(ctx, pkey_op,
-  buf_out, (size_t *)_outlen,
-  buf_in, (size_t)buf_inlen);
-}
+}
+if (rv > 0 && buf_outlen != 0) {
+buf_out = app_malloc(buf_outlen, "buffer output");
+rv = do_keyop(ctx, pkey_op,
+  buf_out, (size_t *)_outlen,
+  buf_in, (size_t)buf_inlen);
 }
 }
 if (rv <= 0) {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  b82fd89d8bae1445c89ec90d1a6145fe3216d2d7 (commit)
  from  f5e97b3702916e69873746108ac7c100a31d2241 (commit)


- Log -
commit b82fd89d8bae1445c89ec90d1a6145fe3216d2d7
Author: Tomas Mraz 
Date:   Mon Jan 10 17:26:33 2022 +0100

pkeyutl: Fix regression with -kdflen option

Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17461)

---

Summary of changes:
 apps/pkeyutl.c | 26 +-
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 9e18dfc0e9..01c4f064d2 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -463,23 +463,23 @@ int pkeyutl_main(int argc, char **argv)
 }
 goto end;
 }
-if (kdflen != 0) {
-buf_outlen = kdflen;
-rv = 1;
+if (rawin) {
+/* rawin allocates the buffer in do_raw_keyop() */
+rv = do_raw_keyop(pkey_op, mctx, pkey, in, filesize, NULL, 0,
+  _out, (size_t *)_outlen);
 } else {
-if (rawin) {
-/* rawin allocates the buffer in do_raw_keyop() */
-rv = do_raw_keyop(pkey_op, mctx, pkey, in, filesize, NULL, 0,
-  _out, (size_t *)_outlen);
+if (kdflen != 0) {
+buf_outlen = kdflen;
+rv = 1;
 } else {
 rv = do_keyop(ctx, pkey_op, NULL, (size_t *)_outlen,
   buf_in, (size_t)buf_inlen);
-if (rv > 0 && buf_outlen != 0) {
-buf_out = app_malloc(buf_outlen, "buffer output");
-rv = do_keyop(ctx, pkey_op,
-  buf_out, (size_t *)_outlen,
-  buf_in, (size_t)buf_inlen);
-}
+}
+if (rv > 0 && buf_outlen != 0) {
+buf_out = app_malloc(buf_outlen, "buffer output");
+rv = do_keyop(ctx, pkey_op,
+  buf_out, (size_t *)_outlen,
+  buf_in, (size_t)buf_inlen);
 }
 }
 if (rv <= 0) {

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  b64b8e39cfb5e89c0af8b9127a414cf529192846 (commit)
  from  56de678e426e619f01e70247fa669c45986aa205 (commit)


- Log -
commit b64b8e39cfb5e89c0af8b9127a414cf529192846
Author: Matt Caswell 
Date:   Mon Jan 10 14:46:46 2022 +

Ensure we test fetching encoder/decoder/store loader with a query string

Although we had a test for fetching an encoder/decoder/store loader it
did not use a query string. The issue highlighted by #17456 only occurs
if a query string is used.

Reviewed-by: Tomas Mraz 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17459)

---

Summary of changes:
 test/provfetchtest.c | 19 +--
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/test/provfetchtest.c b/test/provfetchtest.c
index 95ae87910e..aae9b40057 100644
--- a/test/provfetchtest.c
+++ b/test/provfetchtest.c
@@ -225,6 +225,7 @@ static int dummy_provider_init(const OSSL_CORE_HANDLE 
*handle,
  * Test 1: Encoder
  * Test 2: Store loader
  * Test 3: EVP_RAND
+ * Test 4-7: As above, but additionally with a query string
  */
 static int fetch_test(int tst)
 {
@@ -236,6 +237,7 @@ static int fetch_test(int tst)
 OSSL_STORE_LOADER *loader = NULL;
 int testresult = 0;
 unsigned char buf[32];
+int query = tst > 3;
 
 if (!TEST_ptr(libctx))
 goto err;
@@ -246,24 +248,29 @@ static int fetch_test(int tst)
 || !TEST_ptr(dummyprov = OSSL_PROVIDER_load(libctx, "dummy-prov")))
 goto err;
 
-switch(tst) {
+switch (tst % 4) {
 case 0:
-decoder = OSSL_DECODER_fetch(libctx, "DUMMY", NULL);
+decoder = OSSL_DECODER_fetch(libctx, "DUMMY",
+ query ? "provider=dummy" : NULL);
 if (!TEST_ptr(decoder))
 goto err;
 break;
 case 1:
-encoder = OSSL_ENCODER_fetch(libctx, "DUMMY", NULL);
+encoder = OSSL_ENCODER_fetch(libctx, "DUMMY",
+ query ? "provider=dummy" : NULL);
 if (!TEST_ptr(encoder))
 goto err;
 break;
 case 2:
-loader = OSSL_STORE_LOADER_fetch(libctx, "DUMMY", NULL);
+loader = OSSL_STORE_LOADER_fetch(libctx, "DUMMY",
+ query ? "provider=dummy" : NULL);
 if (!TEST_ptr(loader))
 goto err;
 break;
 case 3:
-if (!TEST_true(RAND_set_DRBG_type(libctx, "DUMMY", NULL, NULL, NULL))
+if (!TEST_true(RAND_set_DRBG_type(libctx, "DUMMY",
+  query ? "provider=dummy" : NULL,
+  NULL, NULL))
 || !TEST_int_ge(RAND_bytes_ex(libctx, buf, sizeof(buf), 0), 1))
 goto err;
 break;
@@ -284,7 +291,7 @@ static int fetch_test(int tst)
 
 int setup_tests(void)
 {
-ADD_ALL_TESTS(fetch_test, 4);
+ADD_ALL_TESTS(fetch_test, 8);
 
 return 1;
 }

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  56de678e426e619f01e70247fa669c45986aa205 (commit)
  from  408ba1775a82bad57f2e1a4bb4078e4b82cef10b (commit)


- Log -
commit 56de678e426e619f01e70247fa669c45986aa205
Author: Matt Caswell 
Date:   Mon Jan 10 14:45:16 2022 +

Fix Decoder, Encoder and Store loader fetching

Attempting to fetch one of the above and providing a query string was
failing with an internal assertion error. We must ensure that we give the
provider when calling ossl_method_store_cache_set()

Fixes #17456

Reviewed-by: Tomas Mraz 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17459)

(cherry picked from commit cd1981a0dc165ab6af5e2945beaaa9efe4484cee)

---

Summary of changes:
 crypto/encode_decode/decoder_meth.c | 5 +++--
 crypto/encode_decode/encoder_meth.c | 5 +++--
 crypto/store/store_meth.c   | 5 +++--
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/crypto/encode_decode/decoder_meth.c 
b/crypto/encode_decode/decoder_meth.c
index 6d44437314..25407b8999 100644
--- a/crypto/encode_decode/decoder_meth.c
+++ b/crypto/encode_decode/decoder_meth.c
@@ -375,13 +375,14 @@ inner_ossl_decoder_fetch(struct decoder_data_st 
*methdata, int id,
 construct_decoder,
 destruct_decoder
 };
+OSSL_PROVIDER *prov = NULL;
 
 methdata->id = id;
 methdata->names = name;
 methdata->propquery = properties;
 methdata->flag_construct_error_occurred = 0;
 if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_DECODER,
-NULL, 0 /* !force_cache */,
+, 0 /* !force_cache */,
 , methdata)) != NULL) {
 /*
  * If construction did create a method for us, we know that
@@ -392,7 +393,7 @@ inner_ossl_decoder_fetch(struct decoder_data_st *methdata, 
int id,
 if (id == 0 && name != NULL)
 id = ossl_namemap_name2num(namemap, name);
 if (id != 0)
-ossl_method_store_cache_set(store, NULL, id, properties, 
method,
+ossl_method_store_cache_set(store, prov, id, properties, 
method,
 up_ref_decoder, free_decoder);
 }
 
diff --git a/crypto/encode_decode/encoder_meth.c 
b/crypto/encode_decode/encoder_meth.c
index 9c0214db6b..43eca755ac 100644
--- a/crypto/encode_decode/encoder_meth.c
+++ b/crypto/encode_decode/encoder_meth.c
@@ -385,13 +385,14 @@ inner_ossl_encoder_fetch(struct encoder_data_st 
*methdata, int id,
 construct_encoder,
 destruct_encoder
 };
+OSSL_PROVIDER *prov = NULL;
 
 methdata->id = id;
 methdata->names = name;
 methdata->propquery = properties;
 methdata->flag_construct_error_occurred = 0;
 if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_ENCODER,
-NULL, 0 /* !force_cache */,
+, 0 /* !force_cache */,
 , methdata)) != NULL) {
 /*
  * If construction did create a method for us, we know that
@@ -401,7 +402,7 @@ inner_ossl_encoder_fetch(struct encoder_data_st *methdata, 
int id,
  */
 if (id == 0)
 id = ossl_namemap_name2num(namemap, name);
-ossl_method_store_cache_set(store, NULL, id, properties, method,
+ossl_method_store_cache_set(store, prov, id, properties, method,
 up_ref_encoder, free_encoder);
 }
 
diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c
index e79ec871fd..10b56bc685 100644
--- a/crypto/store/store_meth.c
+++ b/crypto/store/store_meth.c
@@ -317,13 +317,14 @@ inner_loader_fetch(struct loader_data_st *methdata, int 
id,
 construct_loader,
 destruct_loader
 };
+OSSL_PROVIDER *prov = NULL;
 
 methdata->scheme_id = id;
 methdata->scheme = scheme;
 methdata->propquery = properties;
 methdata->flag_construct_error_occurred = 0;
 if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_STORE,
-NULL, 0 /* !force_cache */,
+, 0 /* !force_cache */,
 , methdata)) != NULL) {
 /*
  * If construction did create a method for us, we know that there
@@ -332,7 +333,7 @@ inner_loader_fetch(struct loader_data_st *methdata, int id,
  */
 if (id == 0)

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  f5e97b3702916e69873746108ac7c100a31d2241 (commit)
   via  cd1981a0dc165ab6af5e2945beaaa9efe4484cee (commit)
  from  254217a4a0c9e64869495447a0e6bdc2323d4cd1 (commit)


- Log -
commit f5e97b3702916e69873746108ac7c100a31d2241
Author: Matt Caswell 
Date:   Mon Jan 10 14:46:46 2022 +

Ensure we test fetching encoder/decoder/store loader with a query string

Although we had a test for fetching an encoder/decoder/store loader it
did not use a query string. The issue highlighted by #17456 only occurs
if a query string is used.

Reviewed-by: Tomas Mraz 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17459)

commit cd1981a0dc165ab6af5e2945beaaa9efe4484cee
Author: Matt Caswell 
Date:   Mon Jan 10 14:45:16 2022 +

Fix Decoder, Encoder and Store loader fetching

Attempting to fetch one of the above and providing a query string was
failing with an internal assertion error. We must ensure that we give the
provider when calling ossl_method_store_cache_set()

Fixes #17456

Reviewed-by: Tomas Mraz 
Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17459)

---

Summary of changes:
 crypto/encode_decode/decoder_meth.c |  5 +++--
 crypto/encode_decode/encoder_meth.c |  5 +++--
 crypto/store/store_meth.c   |  5 +++--
 test/provfetchtest.c| 19 +--
 4 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/crypto/encode_decode/decoder_meth.c 
b/crypto/encode_decode/decoder_meth.c
index 6d44437314..25407b8999 100644
--- a/crypto/encode_decode/decoder_meth.c
+++ b/crypto/encode_decode/decoder_meth.c
@@ -375,13 +375,14 @@ inner_ossl_decoder_fetch(struct decoder_data_st 
*methdata, int id,
 construct_decoder,
 destruct_decoder
 };
+OSSL_PROVIDER *prov = NULL;
 
 methdata->id = id;
 methdata->names = name;
 methdata->propquery = properties;
 methdata->flag_construct_error_occurred = 0;
 if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_DECODER,
-NULL, 0 /* !force_cache */,
+, 0 /* !force_cache */,
 , methdata)) != NULL) {
 /*
  * If construction did create a method for us, we know that
@@ -392,7 +393,7 @@ inner_ossl_decoder_fetch(struct decoder_data_st *methdata, 
int id,
 if (id == 0 && name != NULL)
 id = ossl_namemap_name2num(namemap, name);
 if (id != 0)
-ossl_method_store_cache_set(store, NULL, id, properties, 
method,
+ossl_method_store_cache_set(store, prov, id, properties, 
method,
 up_ref_decoder, free_decoder);
 }
 
diff --git a/crypto/encode_decode/encoder_meth.c 
b/crypto/encode_decode/encoder_meth.c
index 9c0214db6b..43eca755ac 100644
--- a/crypto/encode_decode/encoder_meth.c
+++ b/crypto/encode_decode/encoder_meth.c
@@ -385,13 +385,14 @@ inner_ossl_encoder_fetch(struct encoder_data_st 
*methdata, int id,
 construct_encoder,
 destruct_encoder
 };
+OSSL_PROVIDER *prov = NULL;
 
 methdata->id = id;
 methdata->names = name;
 methdata->propquery = properties;
 methdata->flag_construct_error_occurred = 0;
 if ((method = ossl_method_construct(methdata->libctx, OSSL_OP_ENCODER,
-NULL, 0 /* !force_cache */,
+, 0 /* !force_cache */,
 , methdata)) != NULL) {
 /*
  * If construction did create a method for us, we know that
@@ -401,7 +402,7 @@ inner_ossl_encoder_fetch(struct encoder_data_st *methdata, 
int id,
  */
 if (id == 0)
 id = ossl_namemap_name2num(namemap, name);
-ossl_method_store_cache_set(store, NULL, id, properties, method,
+ossl_method_store_cache_set(store, prov, id, properties, method,
 up_ref_encoder, free_encoder);
 }
 
diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c
index e79ec871fd..10b56bc685 100644
--- a/crypto/store/store_meth.c
+++ b/crypto/store/store_meth.c
@@ -317,13 +317,14 @@ inner_loader_fetch(struct loader_data_st *methdata, int 
id,
 construct_loader,
 destruct_loader
 };
+OSSL_PROVIDER *prov = NULL;
 
 methdata->scheme_id = id;
 methdata->scheme = scheme;
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  408ba1775a82bad57f2e1a4bb4078e4b82cef10b (commit)
  from  576cc3ecb34a8909bf549798430de95fc0fb4042 (commit)


- Log -
commit 408ba1775a82bad57f2e1a4bb4078e4b82cef10b
Author: Matt Caswell 
Date:   Fri Jan 7 17:30:39 2022 +

Clarify the int param getter documentation

OSSL_PARAMs that are of type OSSL_PARAM_INTEGER or
OSSL_PARAM_UNSIGNED_INTEGER can be obtained using any of the functions
EVP_PKEY_get_int_param(), EVP_PKEY_get_size_t_param() or
EVP_PKEY_get_bn_param(). The former two will fail if the parameter is too
large to fit into the C variable. We clarify this in the documentation.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17445)

(cherry picked from commit 254217a4a0c9e64869495447a0e6bdc2323d4cd1)

---

Summary of changes:
 doc/man3/EVP_PKEY_gettable_params.pod | 9 +
 1 file changed, 9 insertions(+)

diff --git a/doc/man3/EVP_PKEY_gettable_params.pod 
b/doc/man3/EVP_PKEY_gettable_params.pod
index 23ac4bd8b0..29b8ec822b 100644
--- a/doc/man3/EVP_PKEY_gettable_params.pod
+++ b/doc/man3/EVP_PKEY_gettable_params.pod
@@ -37,6 +37,15 @@ EVP_PKEY_gettable_params() returns a constant list of 
I indicating
 the names and types of key parameters that can be retrieved.
 See L for information about parameters.
 
+An B of type B or
+B is of arbitrary length. Such a parameter can be
+obtained using any of the functions EVP_PKEY_get_int_param(),
+EVP_PKEY_get_size_t_param() or EVP_PKEY_get_bn_param(). Attempting to
+obtain an integer value that does not fit into a native C B type will 
cause
+EVP_PKEY_get_int_param() to fail. Similarly attempting to obtain an integer
+value that is negative or does not fit into a native C B type using
+EVP_PKEY_get_size_t_param() will also fail.
+
 EVP_PKEY_get_int_param() retrieves a key I integer value I<*out>
 associated with a name of I.
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  254217a4a0c9e64869495447a0e6bdc2323d4cd1 (commit)
  from  e5fb4b1469f317aa92768cdf804dfa29b72cb8f3 (commit)


- Log -
commit 254217a4a0c9e64869495447a0e6bdc2323d4cd1
Author: Matt Caswell 
Date:   Fri Jan 7 17:30:39 2022 +

Clarify the int param getter documentation

OSSL_PARAMs that are of type OSSL_PARAM_INTEGER or
OSSL_PARAM_UNSIGNED_INTEGER can be obtained using any of the functions
EVP_PKEY_get_int_param(), EVP_PKEY_get_size_t_param() or
EVP_PKEY_get_bn_param(). The former two will fail if the parameter is too
large to fit into the C variable. We clarify this in the documentation.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17445)

---

Summary of changes:
 doc/man3/EVP_PKEY_gettable_params.pod | 9 +
 1 file changed, 9 insertions(+)

diff --git a/doc/man3/EVP_PKEY_gettable_params.pod 
b/doc/man3/EVP_PKEY_gettable_params.pod
index a3ccf8ec5f..383ca6eb58 100644
--- a/doc/man3/EVP_PKEY_gettable_params.pod
+++ b/doc/man3/EVP_PKEY_gettable_params.pod
@@ -37,6 +37,15 @@ EVP_PKEY_gettable_params() returns a constant list of 
I indicating
 the names and types of key parameters that can be retrieved.
 See L for information about parameters.
 
+An B of type B or
+B is of arbitrary length. Such a parameter can be
+obtained using any of the functions EVP_PKEY_get_int_param(),
+EVP_PKEY_get_size_t_param() or EVP_PKEY_get_bn_param(). Attempting to
+obtain an integer value that does not fit into a native C B type will 
cause
+EVP_PKEY_get_int_param() to fail. Similarly attempting to obtain an integer
+value that is negative or does not fit into a native C B type using
+EVP_PKEY_get_size_t_param() will also fail.
+
 EVP_PKEY_get_int_param() retrieves a key I integer value I<*out>
 associated with a name of I.
 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  576cc3ecb34a8909bf549798430de95fc0fb4042 (commit)
  from  afaa7755aa3e577348e1267d5ad34da695292917 (commit)


- Log -
commit 576cc3ecb34a8909bf549798430de95fc0fb4042
Author: Peiwei Hu 
Date:   Wed Jan 5 23:17:53 2022 +0800

Fix: some patches related to error exiting

Signed-off-by: Peiwei Hu 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17443)

---

Summary of changes:
 apps/verify.c| 1 +
 crypto/ec/ec_lib.c   | 4 ++--
 crypto/x509/v3_crld.c| 1 +
 crypto/x509/v3_sxnet.c   | 8 +---
 ssl/statem/statem_clnt.c | 2 +-
 test/evp_test.c  | 2 +-
 6 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/apps/verify.c b/apps/verify.c
index acf80c65c4..a403f301fc 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -263,6 +263,7 @@ static int check(X509_STORE *ctx, const char *file,
 if (x509_ctrl_string(x, opt) <= 0) {
 BIO_printf(bio_err, "parameter error \"%s\"\n", opt);
 ERR_print_errors(bio_err);
+X509_free(x);
 return 0;
 }
 }
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 3d3cf96962..2d85d4f23a 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1710,8 +1710,8 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM 
params[],
 ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING);
 if (ptmp != NULL
 && !ossl_ec_encoding_param2id(ptmp, _flag)) {
-ECerr(0, EC_R_INVALID_ENCODING);
-return 0;
+ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
+goto err;
 }
 if (encoding_flag == OPENSSL_EC_NAMED_CURVE) {
 ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index bc755f5f0d..e704d419f7 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -83,6 +83,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, 
X509V3_CTX *ctx,
 return -1;
 dnsect = X509V3_get_section(ctx, cnf->value);
 if (!dnsect) {
+X509_NAME_free(nm);
 ERR_raise(ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND);
 return -1;
 }
diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c
index 3e5ae048be..4c925900dd 100644
--- a/crypto/x509/v3_sxnet.c
+++ b/crypto/x509/v3_sxnet.c
@@ -167,11 +167,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, 
const char *user,
 goto err;
 if (!ASN1_INTEGER_set(sx->version, 0))
 goto err;
-*psx = sx;
 } else
 sx = *psx;
 if (SXNET_get_id_INTEGER(sx, zone)) {
 ERR_raise(ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID);
+if (*psx == NULL)
+SXNET_free(sx);
 return 0;
 }
 
@@ -185,13 +186,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, 
const char *user,
 if (!sk_SXNETID_push(sx->ids, id))
 goto err;
 id->zone = zone;
+*psx = sx;
 return 1;
 
  err:
 ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
 SXNETID_free(id);
-SXNET_free(sx);
-*psx = NULL;
+if (*psx == NULL)
+SXNET_free(sx);
 return 0;
 }
 
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 435888db21..f4e2c15600 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2926,7 +2926,7 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt)
 encoded_pub_len = EVP_PKEY_get1_encoded_public_key(ckey, _pub);
 if (encoded_pub_len == 0) {
 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-EVP_PKEY_free(skey);
+EVP_PKEY_free(ckey);
 return EXT_RETURN_FAIL;
 }
 
diff --git a/test/evp_test.c b/test/evp_test.c
index eda8c827f9..47d4e6c878 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -2516,7 +2516,7 @@ static int rand_test_run(EVP_TEST *t)
 item->pr_entropyB_len);
 params[1] = OSSL_PARAM_construct_end();
 if (!TEST_true(EVP_RAND_CTX_set_params(expected->parent, params)))
-return 0;
+goto err;
 }
 if (!TEST_true(EVP_RAND_generate
(expected->ctx, got, got_len,

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  7e1ec537a91d1f33c50e8f70dff82a4ed6668e9a (commit)
  from  79fc479baf848e91a991a215d775d8aae844fbe5 (commit)


- Log -
commit 7e1ec537a91d1f33c50e8f70dff82a4ed6668e9a
Author: Gerd Hoffmann 
Date:   Fri Jan 7 12:58:27 2022 +0100

crypto/bio: fix build on UEFI

When compiling openssl for tianocore compiling abs_val() and pow_10()
fails with the following error because SSE support is disabled:

   crypto/bio/bio_print.c:587:46: error: SSE register return with SSE 
disabled

Fix that by using EFIAPI calling convention when compiling for UEFI.

Signed-off-by: Gerd Hoffmann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17442)

(cherry picked from commit 328bf5adf9e23da523d4195db309083aa02403c4)

---

Summary of changes:
 crypto/bio/bio_print.c | 9 +
 1 file changed, 9 insertions(+)

diff --git a/crypto/bio/bio_print.c b/crypto/bio/bio_print.c
index 1ea9a1a3c6..60b28c61ff 100644
--- a/crypto/bio/bio_print.c
+++ b/crypto/bio/bio_print.c
@@ -13,6 +13,7 @@
 #include "crypto/ctype.h"
 #include "internal/numbers.h"
 #include 
+#include 
 
 /*
  * Copyright Patrick Powell 1995
@@ -512,7 +513,11 @@ fmtint(char **sbuffer,
 return 1;
 }
 
+#ifdef OPENSSL_SYS_UEFI
+static LDOUBLE EFIAPI abs_val(LDOUBLE value)
+#else
 static LDOUBLE abs_val(LDOUBLE value)
+#endif
 {
 LDOUBLE result = value;
 if (value < 0)
@@ -520,7 +525,11 @@ static LDOUBLE abs_val(LDOUBLE value)
 return result;
 }
 
+#ifdef OPENSSL_SYS_UEFI
+static LDOUBLE EFIAPI pow_10(int in_exp)
+#else
 static LDOUBLE pow_10(int in_exp)
+#endif
 {
 LDOUBLE result = 1;
 while (in_exp) {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  328bf5adf9e23da523d4195db309083aa02403c4 (commit)
  from  40c24d74deaad8a0ad7566a68ea5ea757bc3ccef (commit)


- Log -
commit 328bf5adf9e23da523d4195db309083aa02403c4
Author: Gerd Hoffmann 
Date:   Fri Jan 7 12:58:27 2022 +0100

crypto/bio: fix build on UEFI

When compiling openssl for tianocore compiling abs_val() and pow_10()
fails with the following error because SSE support is disabled:

   crypto/bio/bio_print.c:587:46: error: SSE register return with SSE 
disabled

Fix that by using EFIAPI calling convention when compiling for UEFI.

Signed-off-by: Gerd Hoffmann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17442)

---

Summary of changes:
 crypto/bio/bio_print.c | 9 +
 1 file changed, 9 insertions(+)

diff --git a/crypto/bio/bio_print.c b/crypto/bio/bio_print.c
index 1ea9a1a3c6..60b28c61ff 100644
--- a/crypto/bio/bio_print.c
+++ b/crypto/bio/bio_print.c
@@ -13,6 +13,7 @@
 #include "crypto/ctype.h"
 #include "internal/numbers.h"
 #include 
+#include 
 
 /*
  * Copyright Patrick Powell 1995
@@ -512,7 +513,11 @@ fmtint(char **sbuffer,
 return 1;
 }
 
+#ifdef OPENSSL_SYS_UEFI
+static LDOUBLE EFIAPI abs_val(LDOUBLE value)
+#else
 static LDOUBLE abs_val(LDOUBLE value)
+#endif
 {
 LDOUBLE result = value;
 if (value < 0)
@@ -520,7 +525,11 @@ static LDOUBLE abs_val(LDOUBLE value)
 return result;
 }
 
+#ifdef OPENSSL_SYS_UEFI
+static LDOUBLE EFIAPI pow_10(int in_exp)
+#else
 static LDOUBLE pow_10(int in_exp)
+#endif
 {
 LDOUBLE result = 1;
 while (in_exp) {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  e1c122711edc3b9d64e506a51c3c0482569b7498 (commit)
  from  21095479c016f2ceaca0f71078fd27f0e9ba9375 (commit)


- Log -
commit e1c122711edc3b9d64e506a51c3c0482569b7498
Author: yangyangtiantianlonglong 
Date:   Fri Dec 31 11:00:57 2021 +0800

Delete unused param about get_construct_message_f

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17385)

---

Summary of changes:
 ssl/statem/statem.c   | 4 ++--
 ssl/statem/statem_clnt.c  | 2 +-
 ssl/statem/statem_local.h | 4 ++--
 ssl/statem/statem_srvr.c  | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 4c463974ea..42a6577d5e 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -768,7 +768,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
 WRITE_TRAN(*transition) (SSL *s);
 WORK_STATE(*pre_work) (SSL *s, WORK_STATE wst);
 WORK_STATE(*post_work) (SSL *s, WORK_STATE wst);
-int (*get_construct_message_f) (SSL *s, WPACKET *pkt,
+int (*get_construct_message_f) (SSL *s,
 int (**confunc) (SSL *s, WPACKET *pkt),
 int *mt);
 void (*cb) (const SSL *ssl, int type, int val) = NULL;
@@ -833,7 +833,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
 case WORK_FINISHED_STOP:
 return SUB_STATE_END_HANDSHAKE;
 }
-if (!get_construct_message_f(s, , , )) {
+if (!get_construct_message_f(s, , )) {
 /* SSLfatal() already called */
 return SUB_STATE_ERROR;
 }
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 05f915bd91..63008bcba0 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -879,7 +879,7 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE 
wst)
  *   1: Success
  *   0: Error
  */
-int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt,
+int ossl_statem_client_construct_message(SSL *s,
  confunc_f *confunc, int *mt)
 {
 OSSL_STATEM *st = >statem;
diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h
index 1883b0166f..326abeba18 100644
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -75,7 +75,7 @@ int ossl_statem_client_read_transition(SSL *s, int mt);
 WRITE_TRAN ossl_statem_client_write_transition(SSL *s);
 WORK_STATE ossl_statem_client_pre_work(SSL *s, WORK_STATE wst);
 WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst);
-int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt,
+int ossl_statem_client_construct_message(SSL *s,
  confunc_f *confunc, int *mt);
 size_t ossl_statem_client_max_message_size(SSL *s);
 MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt);
@@ -88,7 +88,7 @@ int ossl_statem_server_read_transition(SSL *s, int mt);
 WRITE_TRAN ossl_statem_server_write_transition(SSL *s);
 WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst);
 WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst);
-int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt,
+int ossl_statem_server_construct_message(SSL *s,
  confunc_f *confunc,int *mt);
 size_t ossl_statem_server_max_message_size(SSL *s);
 MSG_PROCESS_RETURN ossl_statem_server_process_message(SSL *s, PACKET *pkt);
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 045abfcbc0..cc65ee2d0e 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1014,7 +1014,7 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, 
WORK_STATE wst)
  *   1: Success
  *   0: Error
  */
-int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt,
+int ossl_statem_server_construct_message(SSL *s,
  confunc_f *confunc, int *mt)
 {
 OSSL_STATEM *st = >statem;

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  10481d33844218694929a7bad57314411a33ab74 (commit)
  from  22778abad905536fa6c93cdc6fffc8c736dfee79 (commit)


- Log -
commit 10481d33844218694929a7bad57314411a33ab74
Author: Peiwei Hu 
Date:   Wed Jan 5 23:17:53 2022 +0800

Fix: some patches related to error exiting

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17417)

---

Summary of changes:
 apps/verify.c| 1 +
 crypto/ec/ec_lib.c   | 4 ++--
 crypto/objects/obj_dat.c | 5 +++--
 crypto/x509/v3_crld.c| 1 +
 crypto/x509/v3_sxnet.c   | 8 +---
 ssl/statem/statem_clnt.c | 2 +-
 test/evp_test.c  | 2 +-
 7 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/apps/verify.c b/apps/verify.c
index 24bbebf3f3..d504acd5b8 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -263,6 +263,7 @@ static int check(X509_STORE *ctx, const char *file,
 if (x509_ctrl_string(x, opt) <= 0) {
 BIO_printf(bio_err, "parameter error \"%s\"\n", opt);
 ERR_print_errors(bio_err);
+X509_free(x);
 return 0;
 }
 }
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 3d3cf96962..2d85d4f23a 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1710,8 +1710,8 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM 
params[],
 ptmp = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_EC_ENCODING);
 if (ptmp != NULL
 && !ossl_ec_encoding_param2id(ptmp, _flag)) {
-ECerr(0, EC_R_INVALID_ENCODING);
-return 0;
+ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
+goto err;
 }
 if (encoding_flag == OPENSSL_EC_NAMED_CURVE) {
 ERR_raise(ERR_LIB_EC, EC_R_INVALID_ENCODING);
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index eef80d63ce..26d2508e86 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -747,16 +747,17 @@ int OBJ_create(const char *oid, const char *sn, const 
char *ln)
 if ((sn != NULL && OBJ_sn2nid(sn) != NID_undef)
 || (ln != NULL && OBJ_ln2nid(ln) != NID_undef)) {
 ERR_raise(ERR_LIB_OBJ, OBJ_R_OID_EXISTS);
-goto err;
+return 0;
 }
 
 /* Convert numerical OID string to an ASN1_OBJECT structure */
 tmpoid = OBJ_txt2obj(oid, 1);
 if (tmpoid == NULL)
-goto err;
+return 0;
 
 if (!ossl_obj_write_lock(1)) {
 ERR_raise(ERR_LIB_OBJ, ERR_R_UNABLE_TO_GET_WRITE_LOCK);
+ASN1_OBJECT_free(tmpoid);
 return 0;
 }
 
diff --git a/crypto/x509/v3_crld.c b/crypto/x509/v3_crld.c
index b831f775db..0f239ca568 100644
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@@ -83,6 +83,7 @@ static int set_dist_point_name(DIST_POINT_NAME **pdp, 
X509V3_CTX *ctx,
 return -1;
 dnsect = X509V3_get_section(ctx, cnf->value);
 if (!dnsect) {
+X509_NAME_free(nm);
 ERR_raise(ERR_LIB_X509V3, X509V3_R_SECTION_NOT_FOUND);
 return -1;
 }
diff --git a/crypto/x509/v3_sxnet.c b/crypto/x509/v3_sxnet.c
index 4b19ce07d5..9d4113386a 100644
--- a/crypto/x509/v3_sxnet.c
+++ b/crypto/x509/v3_sxnet.c
@@ -167,11 +167,12 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, 
const char *user,
 goto err;
 if (!ASN1_INTEGER_set(sx->version, 0))
 goto err;
-*psx = sx;
 } else
 sx = *psx;
 if (SXNET_get_id_INTEGER(sx, zone)) {
 ERR_raise(ERR_LIB_X509V3, X509V3_R_DUPLICATE_ZONE_ID);
+if (*psx == NULL)
+SXNET_free(sx);
 return 0;
 }
 
@@ -183,13 +184,14 @@ int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, 
const char *user,
 if (!sk_SXNETID_push(sx->ids, id))
 goto err;
 id->zone = zone;
+*psx = sx;
 return 1;
 
  err:
 ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE);
 SXNETID_free(id);
-SXNET_free(sx);
-*psx = NULL;
+if (*psx == NULL)
+SXNET_free(sx);
 return 0;
 }
 
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index b7e40e6db8..05f915bd91 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2926,7 +2926,7 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt)
 encoded_pub_len = EVP_PKEY_get1_encoded_public_key(ckey, _pub);
 if (encoded_pub_len == 0) {
 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-EVP_PKEY_free(skey);
+EVP_PKEY_free(ckey);
 return EXT_RETURN_FAIL;
 }
 
diff --git a/test/evp_test.c b/test/evp_test.c
index 6ae862b044..d068d6fa8e 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -2510,7 +2510,7 @@ static int rand_test_run(EVP_TEST *t)

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  e33f05660447c69e89f2e9f5d3140a56322411d5 (commit)
  from  277a8334cd4a213619fe92107dd393eab6d8a801 (commit)


- Log -
commit e33f05660447c69e89f2e9f5d3140a56322411d5
Author: Peiwei Hu 
Date:   Thu Jan 6 09:47:05 2022 +0800

providers/implementations/keymgmt/rsa_kmgmt.c: refactor gen_init

There is risk to pass the gctx with NULL value to rsa_gen_set_params
which dereference gctx directly.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17429)

(cherry picked from commit 22778abad905536fa6c93cdc6fffc8c736dfee79)

---

Summary of changes:
 providers/implementations/keymgmt/rsa_kmgmt.c | 19 ---
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c 
b/providers/implementations/keymgmt/rsa_kmgmt.c
index b1c3011f14..29e5d10813 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -454,19 +454,24 @@ static void *gen_init(void *provctx, int selection, int 
rsa_type,
 gctx->libctx = libctx;
 if ((gctx->pub_exp = BN_new()) == NULL
 || !BN_set_word(gctx->pub_exp, RSA_F4)) {
-BN_free(gctx->pub_exp);
-OPENSSL_free(gctx);
-return NULL;
+goto err;
 }
 gctx->nbits = 2048;
 gctx->primes = RSA_DEFAULT_PRIME_NUM;
 gctx->rsa_type = rsa_type;
+} else {
+goto err;
 }
-if (!rsa_gen_set_params(gctx, params)) {
-OPENSSL_free(gctx);
-return NULL;
-}
+
+if (!rsa_gen_set_params(gctx, params))
+goto err;
 return gctx;
+
+err:
+if (gctx != NULL)
+BN_free(gctx->pub_exp);
+OPENSSL_free(gctx);
+return NULL;
 }
 
 static void *rsa_gen_init(void *provctx, int selection,

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  22778abad905536fa6c93cdc6fffc8c736dfee79 (commit)
  from  6e98b7f153fcf9dfad1053fbb3a592166837c6fc (commit)


- Log -
commit 22778abad905536fa6c93cdc6fffc8c736dfee79
Author: Peiwei Hu 
Date:   Thu Jan 6 09:47:05 2022 +0800

providers/implementations/keymgmt/rsa_kmgmt.c: refactor gen_init

There is risk to pass the gctx with NULL value to rsa_gen_set_params
which dereference gctx directly.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17429)

---

Summary of changes:
 providers/implementations/keymgmt/rsa_kmgmt.c | 19 ---
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c 
b/providers/implementations/keymgmt/rsa_kmgmt.c
index b1c3011f14..29e5d10813 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -454,19 +454,24 @@ static void *gen_init(void *provctx, int selection, int 
rsa_type,
 gctx->libctx = libctx;
 if ((gctx->pub_exp = BN_new()) == NULL
 || !BN_set_word(gctx->pub_exp, RSA_F4)) {
-BN_free(gctx->pub_exp);
-OPENSSL_free(gctx);
-return NULL;
+goto err;
 }
 gctx->nbits = 2048;
 gctx->primes = RSA_DEFAULT_PRIME_NUM;
 gctx->rsa_type = rsa_type;
+} else {
+goto err;
 }
-if (!rsa_gen_set_params(gctx, params)) {
-OPENSSL_free(gctx);
-return NULL;
-}
+
+if (!rsa_gen_set_params(gctx, params))
+goto err;
 return gctx;
+
+err:
+if (gctx != NULL)
+BN_free(gctx->pub_exp);
+OPENSSL_free(gctx);
+return NULL;
 }
 
 static void *rsa_gen_init(void *provctx, int selection,

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  8e5ba8d0be7410fb784d5895d97dcc23d6266715 (commit)
   via  f1c7b44ebb826ba89f5b74ae455d7e03dbe98642 (commit)
  from  d0bfe6dc399e7071b660160d3470a050f0240013 (commit)


- Log -
commit 8e5ba8d0be7410fb784d5895d97dcc23d6266715
Author: Pauli 
Date:   Tue Jan 4 10:52:52 2022 +1100

Revert "property: use a stack to efficiently convert index to string"

This reverts commit e4a32f209ce6dcb380a7dc8c10a42946345ff38f.

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/17403)

commit f1c7b44ebb826ba89f5b74ae455d7e03dbe98642
Author: Pauli 
Date:   Tue Jan 4 10:52:49 2022 +1100

Revert "test: add some unit tests for the property to string functions"

This reverts commit e1436d54b9de5012d1716212c7329e46cf21a24a.

Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/17403)

---

Summary of changes:
 crypto/property/property_string.c | 114 +-
 test/property_test.c  |  61 ++--
 2 files changed, 78 insertions(+), 97 deletions(-)

diff --git a/crypto/property/property_string.c 
b/crypto/property/property_string.c
index 6c61bfbbb2..38deab5af0 100644
--- a/crypto/property/property_string.c
+++ b/crypto/property/property_string.c
@@ -40,8 +40,6 @@ typedef struct {
 PROP_TABLE *prop_values;
 OSSL_PROPERTY_IDX prop_name_idx;
 OSSL_PROPERTY_IDX prop_value_idx;
-STACK_OF(OPENSSL_CSTRING) *prop_namelist;
-STACK_OF(OPENSSL_CSTRING) *prop_valuelist;
 } PROPERTY_STRING_DATA;
 
 static unsigned long property_hash(const PROPERTY_STRING *a)
@@ -80,9 +78,6 @@ static void property_string_data_free(void *vpropdata)
 CRYPTO_THREAD_lock_free(propdata->lock);
 property_table_free(>prop_names);
 property_table_free(>prop_values);
-sk_OPENSSL_CSTRING_free(propdata->prop_namelist);
-sk_OPENSSL_CSTRING_free(propdata->prop_valuelist);
-propdata->prop_namelist = propdata->prop_valuelist = NULL;
 propdata->prop_name_idx = propdata->prop_value_idx = 0;
 
 OPENSSL_free(propdata);
@@ -95,21 +90,24 @@ static void *property_string_data_new(OSSL_LIB_CTX *ctx) {
 return NULL;
 
 propdata->lock = CRYPTO_THREAD_lock_new();
+if (propdata->lock == NULL)
+goto err;
+
 propdata->prop_names = lh_PROPERTY_STRING_new(_hash,
   _cmp);
+if (propdata->prop_names == NULL)
+goto err;
+
 propdata->prop_values = lh_PROPERTY_STRING_new(_hash,
_cmp);
-propdata->prop_namelist = sk_OPENSSL_CSTRING_new_null();
-propdata->prop_valuelist = sk_OPENSSL_CSTRING_new_null();
-if (propdata->lock == NULL
-|| propdata->prop_names == NULL
-|| propdata->prop_values == NULL
-|| propdata->prop_namelist == NULL
-|| propdata->prop_valuelist == NULL) {
-property_string_data_free(propdata);
-return NULL;
-}
+if (propdata->prop_values == NULL)
+goto err;
+
 return propdata;
+
+err:
+property_string_data_free(propdata);
+return NULL;
 }
 
 static const OSSL_LIB_CTX_METHOD property_string_data_method = {
@@ -136,65 +134,57 @@ static PROPERTY_STRING *new_property_string(const char *s,
 return ps;
 }
 
-static OSSL_PROPERTY_IDX ossl_property_string(OSSL_LIB_CTX *ctx, int name,
-  int create, const char *s)
+static OSSL_PROPERTY_IDX ossl_property_string(CRYPTO_RWLOCK *lock,
+  PROP_TABLE *t,
+  OSSL_PROPERTY_IDX *pidx,
+  const char *s)
 {
 PROPERTY_STRING p, *ps, *ps_new;
-PROP_TABLE *t;
-STACK_OF(OPENSSL_CSTRING) *slist;
-OSSL_PROPERTY_IDX *pidx;
-PROPERTY_STRING_DATA *propdata
-= ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_PROPERTY_STRING_INDEX,
-_string_data_method);
 
-if (propdata == NULL)
-return 0;
-
-t = name ? propdata->prop_names : propdata->prop_values;
 p.s = s;
-if (!CRYPTO_THREAD_read_lock(propdata->lock)) {
+if (!CRYPTO_THREAD_read_lock(lock)) {
 ERR_raise(ERR_LIB_CRYPTO, ERR_R_UNABLE_TO_GET_READ_LOCK);
 return 0;
 }
 ps = lh_PROPERTY_STRING_retrieve(t, );
-if (ps == NULL && create) {
-CRYPTO_THREAD_unlock(propdata->lock);
-if (!CRYPTO_THREAD_write_lock(propdata->lock)) {
+if (ps == NULL && pidx != NULL) {
+CRYPTO_THREAD_unlock(lock);
+if (!CRYPTO_THREAD_write_lock(lock)) {
 ERR_raise(ERR_LIB_CRYPTO, ERR_R_UNABLE_TO_GET_WRITE_LOCK);
 return 0;
 }
-pidx = name ? >prop_name_idx : 

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  d0bfe6dc399e7071b660160d3470a050f0240013 (commit)
  from  5135551613f134d39fe34442d08b38d5221175b9 (commit)


- Log -
commit d0bfe6dc399e7071b660160d3470a050f0240013
Author: Matt Caswell 
Date:   Wed Dec 29 13:42:58 2021 +

Validate the category in OSSL_trace_end()

OSSL_trace_end() should validate that the category it has been passed
by the caler is valid, and return immediately if not.

Fixes #17353

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Matthias St. Pierre 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17371)

(cherry picked from commit ee8a61e158c42c327c3303101083422b9a7cc504)

---

Summary of changes:
 crypto/trace.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/trace.c b/crypto/trace.c
index f012b617ab..cc0b477698 100644
--- a/crypto/trace.c
+++ b/crypto/trace.c
@@ -496,6 +496,8 @@ void OSSL_trace_end(int category, BIO * channel)
 char *suffix = NULL;
 
 category = ossl_trace_get_category(category);
+if (category < 0)
+return;
 suffix = trace_channels[category].suffix;
 if (channel != NULL
 && ossl_assert(channel == current_channel)) {

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  ee8a61e158c42c327c3303101083422b9a7cc504 (commit)
  from  0088ef48c3e7d9c68e5b3c75cb077da601d22f37 (commit)


- Log -
commit ee8a61e158c42c327c3303101083422b9a7cc504
Author: Matt Caswell 
Date:   Wed Dec 29 13:42:58 2021 +

Validate the category in OSSL_trace_end()

OSSL_trace_end() should validate that the category it has been passed
by the caler is valid, and return immediately if not.

Fixes #17353

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Matthias St. Pierre 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/17371)

---

Summary of changes:
 crypto/trace.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/trace.c b/crypto/trace.c
index f012b617ab..cc0b477698 100644
--- a/crypto/trace.c
+++ b/crypto/trace.c
@@ -496,6 +496,8 @@ void OSSL_trace_end(int category, BIO * channel)
 char *suffix = NULL;
 
 category = ossl_trace_get_category(category);
+if (category < 0)
+return;
 suffix = trace_channels[category].suffix;
 if (channel != NULL
 && ossl_assert(channel == current_channel)) {

[openssl] openssl-3.0 update

[Dr . Paul Dale]

The branch openssl-3.0 has been updated
   via  e1436d54b9de5012d1716212c7329e46cf21a24a (commit)
   via  e4a32f209ce6dcb380a7dc8c10a42946345ff38f (commit)
  from  824b0d56e757f4a5c0f8af48add768db33d8ce51 (commit)


- Log -
commit e1436d54b9de5012d1716212c7329e46cf21a24a
Author: Pauli 
Date:   Tue Dec 21 11:44:49 2021 +1100

test: add some unit tests for the property to string functions

That is: ossl_property_name_str and ossl_property_value_str.

These only have high level tests during the creation of child library
contexts.

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17325)

(cherry picked from commit 9f6841e9d8964943cf5f616543750cee85c4911c)

commit e4a32f209ce6dcb380a7dc8c10a42946345ff38f
Author: Pauli 
Date:   Tue Dec 21 11:44:31 2021 +1100

property: use a stack to efficiently convert index to string

The existing code does this conversion by searching the hash table for the
appropriate index which is slow and expensive.

Fixes #15867

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/17325)

(cherry picked from commit 2e3c59356f847a76a90f9f837d4983428df6eb19)

---

Summary of changes:
 crypto/property/property_string.c | 114 +-
 test/property_test.c  |  61 ++--
 2 files changed, 97 insertions(+), 78 deletions(-)

diff --git a/crypto/property/property_string.c 
b/crypto/property/property_string.c
index 38deab5af0..6c61bfbbb2 100644
--- a/crypto/property/property_string.c
+++ b/crypto/property/property_string.c
@@ -40,6 +40,8 @@ typedef struct {
 PROP_TABLE *prop_values;
 OSSL_PROPERTY_IDX prop_name_idx;
 OSSL_PROPERTY_IDX prop_value_idx;
+STACK_OF(OPENSSL_CSTRING) *prop_namelist;
+STACK_OF(OPENSSL_CSTRING) *prop_valuelist;
 } PROPERTY_STRING_DATA;
 
 static unsigned long property_hash(const PROPERTY_STRING *a)
@@ -78,6 +80,9 @@ static void property_string_data_free(void *vpropdata)
 CRYPTO_THREAD_lock_free(propdata->lock);
 property_table_free(>prop_names);
 property_table_free(>prop_values);
+sk_OPENSSL_CSTRING_free(propdata->prop_namelist);
+sk_OPENSSL_CSTRING_free(propdata->prop_valuelist);
+propdata->prop_namelist = propdata->prop_valuelist = NULL;
 propdata->prop_name_idx = propdata->prop_value_idx = 0;
 
 OPENSSL_free(propdata);
@@ -90,24 +95,21 @@ static void *property_string_data_new(OSSL_LIB_CTX *ctx) {
 return NULL;
 
 propdata->lock = CRYPTO_THREAD_lock_new();
-if (propdata->lock == NULL)
-goto err;
-
 propdata->prop_names = lh_PROPERTY_STRING_new(_hash,
   _cmp);
-if (propdata->prop_names == NULL)
-goto err;
-
 propdata->prop_values = lh_PROPERTY_STRING_new(_hash,
_cmp);
-if (propdata->prop_values == NULL)
-goto err;
-
+propdata->prop_namelist = sk_OPENSSL_CSTRING_new_null();
+propdata->prop_valuelist = sk_OPENSSL_CSTRING_new_null();
+if (propdata->lock == NULL
+|| propdata->prop_names == NULL
+|| propdata->prop_values == NULL
+|| propdata->prop_namelist == NULL
+|| propdata->prop_valuelist == NULL) {
+property_string_data_free(propdata);
+return NULL;
+}
 return propdata;
-
-err:
-property_string_data_free(propdata);
-return NULL;
 }
 
 static const OSSL_LIB_CTX_METHOD property_string_data_method = {
@@ -134,57 +136,65 @@ static PROPERTY_STRING *new_property_string(const char *s,
 return ps;
 }
 
-static OSSL_PROPERTY_IDX ossl_property_string(CRYPTO_RWLOCK *lock,
-  PROP_TABLE *t,
-  OSSL_PROPERTY_IDX *pidx,
-  const char *s)
+static OSSL_PROPERTY_IDX ossl_property_string(OSSL_LIB_CTX *ctx, int name,
+  int create, const char *s)
 {
 PROPERTY_STRING p, *ps, *ps_new;
+PROP_TABLE *t;
+STACK_OF(OPENSSL_CSTRING) *slist;
+OSSL_PROPERTY_IDX *pidx;
+PROPERTY_STRING_DATA *propdata
+= ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_PROPERTY_STRING_INDEX,
+_string_data_method);
 
+if (propdata == NULL)
+return 0;
+
+t = name ? propdata->prop_names : propdata->prop_values;
 p.s = s;
-if (!CRYPTO_THREAD_read_lock(lock)) {
+if (!CRYPTO_THREAD_read_lock(propdata->lock)) {
 ERR_raise(ERR_LIB_CRYPTO, ERR_R_UNABLE_TO_GET_READ_LOCK);
 return 0;
 }
 ps = lh_PROPERTY_STRING_retrieve(t, );
-if (ps == NULL && pidx != NULL) {
-CRYPTO_THREAD_unlock(lock);
-if