[openssl/openssl] 63df86: Add CODE-OF-CONDUCT.md

2022-08-18 Thread Matthias St. Pierre 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 63df86b041aaafba3e4998b2e3872fa8695a2377
  
https://github.com/openssl/openssl/commit/63df86b041aaafba3e4998b2e3872fa8695a2377
  Author: Dr. Matthias St. Pierre 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
A CODE-OF-CONDUCT.md

  Log Message:
  ---
  Add CODE-OF-CONDUCT.md

Fixes #18820

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19002)

[openssl/openssl] 425e97: Add some documentation for X509_gmtime_adj()

2022-08-18 Thread Matt Caswell 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 425e972dfaf867affb5b3d438d9ca67bb6aeed65
  
https://github.com/openssl/openssl/commit/425e972dfaf867affb5b3d438d9ca67bb6aeed65
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M doc/man3/X509_cmp_time.pod
M util/missingcrypto.txt

  Log Message:
  ---
  Add some documentation for X509_gmtime_adj()

Other very similar functions were documented, but this one was missing.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18974)

[openssl/openssl] 405d6d: Add some documentation for X509_gmtime_adj()

2022-08-18 Thread Matt Caswell 
  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 405d6dcd09388d34cad8290601dd726d9484f6c0
  
https://github.com/openssl/openssl/commit/405d6dcd09388d34cad8290601dd726d9484f6c0
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M doc/man3/X509_cmp_time.pod
M util/missingcrypto.txt

  Log Message:
  ---
  Add some documentation for X509_gmtime_adj()

Other very similar functions were documented, but this one was missing.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18974)

(cherry picked from commit 425e972dfaf867affb5b3d438d9ca67bb6aeed65)

[openssl/openssl] 340fe5: Update session timeout code with OSSL_TIME

2022-08-18 Thread Todd Short 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 340fe504e42e3e4b6399caff165097cedc994c5e
  
https://github.com/openssl/openssl/commit/340fe504e42e3e4b6399caff165097cedc994c5e
  Author: Todd Short 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M include/internal/time.h
M ssl/ssl_local.h
M ssl/ssl_sess.c

  Log Message:
  ---
  Update session timeout code with OSSL_TIME

Reviewed-by: Matt Caswell 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18985)

[openssl/openssl] 79a1f3: Add the recordmethod header from the draft design

2022-08-18 Thread Matt Caswell 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 79a1f3e4bb62c10d9604718f6814bb8bdde4ffd6
  
https://github.com/openssl/openssl/commit/79a1f3e4bb62c10d9604718f6814bb8bdde4ffd6
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
A ssl/record/recordmethod.h

  Log Message:
  ---
  Add the recordmethod header from the draft design

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 11653dcd6ecbc7ff3c53f694474ece08ce4473aa
  
https://github.com/openssl/openssl/commit/11653dcd6ecbc7ff3c53f694474ece08ce4473aa
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M ssl/record/recordmethod.h

  Log Message:
  ---
  Fix compilation issues in the imported recordmethod.h

Also, rename the "new" function pointer to "new_record_layer" to avoid a
C++ reserved name

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 34a4068cc402c38e2134a6b46d9633ad3112bfa5
  
https://github.com/openssl/openssl/commit/34a4068cc402c38e2134a6b46d9633ad3112bfa5
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M ssl/build.info
A ssl/record/tlsrecord.c

  Log Message:
  ---
  Add a skeleton TLS record method

It doesn't yet do anything. This is a placeholder which will be filled in
by susbsequent commits.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 0c974fc754e4b0525819ca9f6c3e124141b690ad
  
https://github.com/openssl/openssl/commit/0c974fc754e4b0525819ca9f6c3e124141b690ad
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M ssl/record/recordmethod.h

  Log Message:
  ---
  Make settings and options parameters const in recordmethod.h

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: e2d5742b1460c45bf39094ea08e4e85a8f507ea8
  
https://github.com/openssl/openssl/commit/e2d5742b1460c45bf39094ea08e4e85a8f507ea8
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M crypto/err/openssl.txt
M include/openssl/core_names.h
M include/openssl/sslerr.h
M ssl/d1_lib.c
M ssl/ktls.c
M ssl/record/rec_layer_d1.c
M ssl/record/rec_layer_s3.c
M ssl/record/record_local.h
M ssl/record/recordmethod.h
M ssl/record/ssl3_buffer.c
M ssl/record/ssl3_record.c
M ssl/record/tlsrecord.c
M ssl/ssl_err.c
M ssl/ssl_lib.c
M ssl/ssl_local.h
M ssl/sslerr.h
M ssl/t1_enc.c

  Log Message:
  ---
  Transfer the functionality from ssl3_read_n to the new record layer

This transfers the low level function ssl3_read_n to the new record layer.
We temporarily make the read_n function a top level record layer function.
Eventually, in later commits in this refactor, we will remove it as a top
level function and it will just be called from read_record.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 26dad42e9ca609569073463165263173ab2a27ab
  
https://github.com/openssl/openssl/commit/26dad42e9ca609569073463165263173ab2a27ab
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M test/dtlstest.c
M test/helpers/ssltestlib.c
M test/helpers/ssltestlib.h
M test/quicapitest.c
M test/sslapitest.c

  Log Message:
  ---
  Add a DTLSv1_listen() test

Add a test to ensure that a connection started via DTLSv1_listen() can
be completed through to handshake success. Previous DTLSv1_listen()
testing only tested the function itself and did not confirm that a
connection can actually be achieved using it.

This is important to test some codepaths being affected by the record layer
refactor.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 4030869d24309bfb5292e7bec41cd2b3012ba99d
  
https://github.com/openssl/openssl/commit/4030869d24309bfb5292e7bec41cd2b3012ba99d
  Author: Matt Caswell 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M crypto/err/openssl.txt
M include/openssl/sslerr.h
M ssl/record/rec_layer_s3.c
M ssl/record/record.h
M ssl/record/record_local.h
M ssl/record/recordmethod.h
M ssl/record/ssl3_record.c
M ssl/record/tlsrecord.c
M ssl/ssl_err.c
M ssl/statem/statem_lib.c
M test/sslapitest.c

  Log Message:
  ---
  Convert ssl3_get_record to tls_read_record

We move the old ssl3_get_record function to conform with the new record
layer design.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: aedbb71b6334a6cb616cf31cbb5de02109a2c5ed

[openssl/openssl] e8a557: Coverity: misuses of time_t

2022-08-18 Thread Pauli 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: e8a557dc3c1ed16faff4aeb39268f8f5a3f8b81d
  
https://github.com/openssl/openssl/commit/e8a557dc3c1ed16faff4aeb39268f8f5a3f8b81d
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity: misuses of time_t

Coverity 1508506:

Fixes a bug in the cookie code which would have caused problems for
ten minutes before and after the lower 32 bits of time_t rolled over.

Coverity 1508534 & 1508540:

Avoid problems when the lower 32 bits of time_t roll over by delaying
the cast to integer until after the time delta has been computed.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19004)

[openssl/openssl] a6cadc: Coverity 1508534 & 1508540: misuses of time_t

2022-08-18 Thread Pauli 
  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: a6cadcbdc3b4f3fbd0fd228e41177f0661b68264
  
https://github.com/openssl/openssl/commit/a6cadcbdc3b4f3fbd0fd228e41177f0661b68264
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity 1508534 & 1508540:  misuses of time_t

Avoid problems when the lower 32 bits of time_t roll over by delaying
the cast to integer until after the time delta has been computed.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19004)

(cherry picked from commit e8a557dc3c1ed16faff4aeb39268f8f5a3f8b81d)

[openssl/openssl] 552603: Coverity 1508534 & 1508540: misuses of time_t

2022-08-18 Thread Pauli 
  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: 552603edfed18f30466277d29b70939390fea65b
  
https://github.com/openssl/openssl/commit/552603edfed18f30466277d29b70939390fea65b
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity 1508534 & 1508540:  misuses of time_t

Avoid problems when the lower 32 bits of time_t roll over by delaying
the cast to integer until after the time delta has been computed.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19004)

(cherry picked from commit a6cadcbdc3b4f3fbd0fd228e41177f0661b68264)

Coverity Scan: Analysis completed for openssl/openssl

2022-08-18 Thread scan-admin 


Your request for analysis of openssl/openssl has been completed 
successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DtPT6_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHO-2BDy1JRpoEmb1AuNtM34v0DGFzrz5HlCJQulbnVWZ23UpC8SY-2Berp3OuBDtScyEGT-2FXgMru-2FPk17IgGkkugzBVViRMmkkeb-2BzGl3aVsu1dF7t9ZvXQWKWgM85lofTLqFg1OkufGqP8AyRqTs5Dr38egw1-2FTSnM2qhlIguTa-2BPvwMnETP34Ya4wzsdscJTeic-3D

Build ID: 474392

Analysis Summary:
   New defects found: 3
   Defects eliminated: 5

If you have difficulty understanding any defects, email us at 
scan-ad...@coverity.com,
or post your question to StackOverflow
at 
https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DN9pu_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHO-2BDy1JRpoEmb1AuNtM34v0DGFzrz5HlCJQulbnVWZ290ST4pvkDnTBcDofCdhquzZBEv-2FNxGNe034QdEVzTSFy3mqX2akiE02ux5djZs5o6LrthoqJEVJPuC2x6afENU-2FkI9t05vSKJd5disCKv6mzPpM4tejM-2F-2F3BKdw402DZVToZnWak3ybmVJi-2FETuwu8-3D

[openssl/openssl] 2c0560: Fix ossl_x509v3_cache_extensions(): EXFLAG_NO_FING...

2022-08-18 Thread David von Oheimb 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 2c05607cd91fc5aab6d61f0324104d63a091d705
  
https://github.com/openssl/openssl/commit/2c05607cd91fc5aab6d61f0324104d63a091d705
  Author: Dr. David von Oheimb 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M crypto/x509/v3_purp.c
M test/cmp_ctx_test.c
M test/recipes/65-test_cmp_ctx.t

  Log Message:
  ---
  Fix ossl_x509v3_cache_extensions(): EXFLAG_NO_FINGERPRINT should not be an 
error

This allows reverting the recent workaround on cmp_ctx_test regarding X509_new()

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: David von Oheimb 
(Merged from https://github.com/openssl/openssl/pull/16043)

[openssl/openssl] b5db23: ec_kmgmt.c: Do not crash when getting OSSL_PKEY_PA...

2022-08-18 Thread Tomáš Mráz 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: b5db237def7e22ccea1a540ec777045b3ce4600e
  
https://github.com/openssl/openssl/commit/b5db237def7e22ccea1a540ec777045b3ce4600e
  Author: Tomas Mraz 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M providers/implementations/keymgmt/ec_kmgmt.c

  Log Message:
  ---
  ec_kmgmt.c: Do not crash when getting OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY

If the public key is not set on the key, return error instead of crash.

Fixes #18495

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18902)


  Commit: 3a1596f4e3d710c163279a20e6b844d371886e73
  
https://github.com/openssl/openssl/commit/3a1596f4e3d710c163279a20e6b844d371886e73
  Author: Tomas Mraz 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M test/evp_extra_test.c

  Log Message:
  ---
  Add testcases for EVP_PKEY_get1_encoded_public_key

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18902)


  Commit: 58135cb3c020805354ecc869aca040934d1299c8
  
https://github.com/openssl/openssl/commit/58135cb3c020805354ecc869aca040934d1299c8
  Author: Tomas Mraz 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M doc/man3/EVP_PKEY_fromdata.pod
M doc/man7/EVP_PKEY-EC.pod

  Log Message:
  ---
  Clarify documentation in regards to EC key parameters

Also clarify that EVP_PKEY_fromdata ignores parameters that
are unknown or incorrect for given selection.

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18902)


Compare: https://github.com/openssl/openssl/compare/2c05607cd91f...58135cb3c020

[openssl/openssl] 93bb2c: ec_kmgmt.c: Do not crash when getting OSSL_PKEY_PA...

2022-08-18 Thread Tomáš Mráz 
  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 93bb2c45ecdaa531c0215969d5f3f0d93c1ec18f
  
https://github.com/openssl/openssl/commit/93bb2c45ecdaa531c0215969d5f3f0d93c1ec18f
  Author: Tomas Mraz 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M providers/implementations/keymgmt/ec_kmgmt.c

  Log Message:
  ---
  ec_kmgmt.c: Do not crash when getting OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY

If the public key is not set on the key, return error instead of crash.

Fixes #18495

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18902)

(cherry picked from commit b5db237def7e22ccea1a540ec777045b3ce4600e)


  Commit: d6d977c807343112d137ced096dece84303ded46
  
https://github.com/openssl/openssl/commit/d6d977c807343112d137ced096dece84303ded46
  Author: Tomas Mraz 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M test/evp_extra_test.c

  Log Message:
  ---
  Add testcases for EVP_PKEY_get1_encoded_public_key

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18902)

(cherry picked from commit 3a1596f4e3d710c163279a20e6b844d371886e73)


  Commit: e2fccd7b1eed8d4ec4fe74eae9320ced2bac203b
  
https://github.com/openssl/openssl/commit/e2fccd7b1eed8d4ec4fe74eae9320ced2bac203b
  Author: Tomas Mraz 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M doc/man3/EVP_PKEY_fromdata.pod
M doc/man7/EVP_PKEY-EC.pod

  Log Message:
  ---
  Clarify documentation in regards to EC key parameters

Also clarify that EVP_PKEY_fromdata ignores parameters that
are unknown or incorrect for given selection.

Reviewed-by: Paul Dale 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18902)

(cherry picked from commit 58135cb3c020805354ecc869aca040934d1299c8)


Compare: https://github.com/openssl/openssl/compare/682d4a1204bc...e2fccd7b1eed

[openssl/openssl] 1a68a3: crypto/x509/x509_vpm.c: update format of X509_VERI...

2022-08-18 Thread Lutz Jänicke 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 1a68a3e42142a2c188f4b69c7337438c89502143
  
https://github.com/openssl/openssl/commit/1a68a3e42142a2c188f4b69c7337438c89502143
  Author: Lutz Jaenicke 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M crypto/x509/x509_vpm.c

  Log Message:
  ---
  crypto/x509/x509_vpm.c: update format of X509_VERIFY_PARAM default_table

Put "}," on separate lines as suggested in PR #18567

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18567)


  Commit: 178696d6020878361a088086243d56203e0beaa9
  
https://github.com/openssl/openssl/commit/178696d6020878361a088086243d56203e0beaa9
  Author: Lutz Jaenicke 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M crypto/x509/v3_purp.c
M crypto/x509/x509_vpm.c
M doc/man1/openssl-verification-options.pod
M doc/man3/X509_STORE_CTX_new.pod
M doc/man3/X509_check_purpose.pod
M include/openssl/x509v3.h.in

  Log Message:
  ---
  X509: Add "code sign" as purpose for verification of certificates

Code signing certificates have other properties as for example described in
CA Browser Forum documents. This leads to "unsupported certificate purpose" 
errors when
verifying signed objects.
This patch adds the purpose "codesign" to the table in X.509 certificate 
verification and
the verification parameter "code_sign" to X509_VERIFY_PARAM.

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18567)


  Commit: 61a97676914df358dd014a9b6fe2ba01b0ebe508
  
https://github.com/openssl/openssl/commit/61a97676914df358dd014a9b6fe2ba01b0ebe508
  Author: Lutz Jaenicke 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
A test/certs/ee-codesign-anyextkeyusage.pem
A test/certs/ee-codesign-crlsign.pem
A test/certs/ee-codesign-keycertsign.pem
A test/certs/ee-codesign-noncritical.pem
A test/certs/ee-codesign-serverauth.pem
A test/certs/ee-codesign.pem
M test/certs/mkcert.sh
M test/certs/setup.sh
M test/recipes/25-test_verify.t

  Log Message:
  ---
  X509: add tests for purpose code signing in verify application

Correct configuration according to CA Browser forum:
  KU: critical,digitalSignature
  XKU: codeSiging

Note: I did not find any other document formally defining the requirements
for code signing certificates.

Some combinations are explicitly forbidden, some flags can be ignored

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18567)


  Commit: 19914fec9bac08ca7c7917eddc1b7d1dba67e4a7
  
https://github.com/openssl/openssl/commit/19914fec9bac08ca7c7917eddc1b7d1dba67e4a7
  Author: Lutz Jaenicke 
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
M test/recipes/80-test_cms.t
M test/smime-certs/ca.cnf
A test/smime-certs/csrsa1.pem
M test/smime-certs/mksmime-certs.sh

  Log Message:
  ---
  cms: Create test for for purpose verification in cms application

The tests only cover the correct handling of the codesigning purpose in the 
certificates
in the context of the cms command line tool.
The interpretation of the certificate purpose is tested in the context of the 
"verify"
app. The correct handling of the cms objects is tested by other tests in 
80-test_cms.t.

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18567)


Compare: https://github.com/openssl/openssl/compare/58135cb3c020...19914fec9bac