[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  a291cfdfdee0cb40a684e1c379eff88ba43f784b (commit)
  from  9698a56e82da0262146c0f74b40d132f99099850 (commit)


- Log -
commit a291cfdfdee0cb40a684e1c379eff88ba43f784b
Author: Pauli 
Date:   Wed Aug 25 10:06:11 2021 +1000

doc: document the rsa_oaep_md: pkeyopt

This was missing but essential for using non-SHA1 digests with OAEP.

Fixes #15998

Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16410)

---

Summary of changes:
 doc/man1/openssl-pkeyutl.pod.in | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/doc/man1/openssl-pkeyutl.pod.in b/doc/man1/openssl-pkeyutl.pod.in
index 06365ef76d..b0054ead66 100644
--- a/doc/man1/openssl-pkeyutl.pod.in
+++ b/doc/man1/openssl-pkeyutl.pod.in
@@ -262,6 +262,11 @@ B block structure.
 For PSS and OAEP padding sets the MGF1 digest. If the MGF1 digest is not
 explicitly set in PSS mode then the signing digest is used.
 
+=item BI
+
+Sets the digest used for the OAEP hash function. If not explicitly set then
+SHA1 is used.
+
 =back
 
 =head1 RSA-PSS ALGORITHM
@@ -391,6 +396,11 @@ Verify some data using an L certificate and a 
specific ID:
  openssl pkeyutl -verify -certin -in file -inkey sm2.cert -sigfile sig \
 -rawin -digest sm3 -pkeyopt distid:someid
 
+Decrypt some data using a private key with OAEP padding using SHA256:
+
+ openssl pkeyutl -decrypt -in file -inkey key.pem -out secret \
+-pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256
+
 =head1 SEE ALSO
 
 L,

[openssl] OpenSSL_1_1_1-stable update

[Dr . Paul Dale]

The branch OpenSSL_1_1_1-stable has been updated
   via  7a1a91556cc271d38944410b133a2ab5e2cf8ca8 (commit)
  from  18622c7625436d7f99c0f51895c4d3cea233c62e (commit)


- Log -
commit 7a1a91556cc271d38944410b133a2ab5e2cf8ca8
Author: Tianjia Zhang 
Date:   Mon Aug 23 17:40:22 2021 +0800

apps/ciphers: Fix wrong return value when using -convert parameter

Command 'openssl ciphers -convert ' always returns failure,
this patch set the correct return value.

Signed-off-by: Tianjia Zhang 

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16383)

(cherry picked from commit 8b4e9c5265ffd3457ad37133502a9d8a4e8daccd)

---

Summary of changes:
 apps/ciphers.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/ciphers.c b/apps/ciphers.c
index 0bb33a4aca..e403130eeb 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -172,6 +172,7 @@ int ciphers_main(int argc, char **argv)
 if (convert != NULL) {
 BIO_printf(bio_out, "OpenSSL cipher name: %s\n",
OPENSSL_cipher_name(convert));
+ret = 0;
 goto end;
 }
 

[openssl] master update

[Dr . Paul Dale]

The branch master has been updated
   via  9698a56e82da0262146c0f74b40d132f99099850 (commit)
   via  31656f27855ddd477349f5960b29d605d32fe38d (commit)
  from  69b920bb134417213adce260e15da3f751922cf4 (commit)


- Log -
commit 9698a56e82da0262146c0f74b40d132f99099850
Author: Pauli 
Date:   Tue Aug 24 09:40:52 2021 +1000

aes-wrap: improve error handling

The AES wrap cipher was return -1 on error from the provider rather than 0.
This is fixed.

There was a problem with the error handling in AES wrap which fell back to a
default "final error".  This adds a fix for the error and more specific 
errors
for the different failure possibilities.

Fixes #16387

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16391)

commit 31656f27855ddd477349f5960b29d605d32fe38d
Author: Pauli 
Date:   Tue Aug 24 09:40:28 2021 +1000

Add invalid input length error

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16391)

---

Summary of changes:
 crypto/err/openssl.txt |  1 +
 include/openssl/proverr.h  |  1 +
 providers/common/provider_err.c|  2 ++
 providers/implementations/ciphers/cipher_aes_wrp.c | 28 --
 4 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index da3fee84d1..b47293a27a 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -992,6 +992,7 @@ PROV_R_INVALID_DATA:115:invalid data
 PROV_R_INVALID_DIGEST:122:invalid digest
 PROV_R_INVALID_DIGEST_LENGTH:166:invalid digest length
 PROV_R_INVALID_DIGEST_SIZE:218:invalid digest size
+PROV_R_INVALID_INPUT_LENGTH:230:invalid input length
 PROV_R_INVALID_ITERATION_COUNT:123:invalid iteration count
 PROV_R_INVALID_IV_LENGTH:109:invalid iv length
 PROV_R_INVALID_KEY:158:invalid key
diff --git a/include/openssl/proverr.h b/include/openssl/proverr.h
index bdfdda2c93..ad67a8f897 100644
--- a/include/openssl/proverr.h
+++ b/include/openssl/proverr.h
@@ -59,6 +59,7 @@
 # define PROV_R_INVALID_DIGEST122
 # define PROV_R_INVALID_DIGEST_LENGTH 166
 # define PROV_R_INVALID_DIGEST_SIZE   218
+# define PROV_R_INVALID_INPUT_LENGTH  230
 # define PROV_R_INVALID_ITERATION_COUNT   123
 # define PROV_R_INVALID_IV_LENGTH 109
 # define PROV_R_INVALID_KEY   158
diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c
index d08192e64b..344c122112 100644
--- a/providers/common/provider_err.c
+++ b/providers/common/provider_err.c
@@ -80,6 +80,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = {
 "invalid digest length"},
 {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_DIGEST_SIZE),
 "invalid digest size"},
+{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_INPUT_LENGTH),
+"invalid input length"},
 {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_ITERATION_COUNT),
 "invalid iteration count"},
 {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IV_LENGTH), "invalid iv length"},
diff --git a/providers/implementations/ciphers/cipher_aes_wrp.c 
b/providers/implementations/ciphers/cipher_aes_wrp.c
index f797db4596..8bddf475e2 100644
--- a/providers/implementations/ciphers/cipher_aes_wrp.c
+++ b/providers/implementations/ciphers/cipher_aes_wrp.c
@@ -152,16 +152,22 @@ static int aes_wrap_cipher_internal(void *vctx, unsigned 
char *out,
 return 0;
 
 /* Input length must always be non-zero */
-if (inlen == 0)
+if (inlen == 0) {
+ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH);
 return -1;
+}
 
 /* If decrypting need at least 16 bytes and multiple of 8 */
-if (!ctx->enc && (inlen < 16 || inlen & 0x7))
+if (!ctx->enc && (inlen < 16 || inlen & 0x7)) {
+ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH);
 return -1;
+}
 
 /* If not padding input must be multiple of 8 */
-if (!pad && inlen & 0x7)
+if (!pad && inlen & 0x7) {
+ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH);
 return -1;
+}
 
 if (out == NULL) {
 if (ctx->enc) {
@@ -182,7 +188,15 @@ static int aes_wrap_cipher_internal(void *vctx, unsigned 
char *out,
 
 rv = wctx->wrapfn(>ks.ks, ctx->iv_set ? ctx->iv : NULL, out, in,
   inlen, ctx->block);
-return rv ? (int)rv : -1;
+if (!rv) {
+ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
+return -1;
+}
+if (rv > INT_MAX) {
+ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
+return -1;
+}
+return (int)rv;
 }
 
 static int aes_wrap_final(void *vctx, unsigned char *out, size_t *outl,

Still FAILED build of OpenSSL branch master with options enable-fuzz-afl no-shared no-module

[OpenSSL run-checker]

Platform and configuration command:

$ uname -a
Linux run 5.4.0-74-generic #83-Ubuntu SMP Sat May 8 02:35:39 UTC 2021 x86_64 
x86_64 x86_64 GNU/Linux
$ CC=afl-clang-fast ../openssl/config enable-fuzz-afl no-shared no-module

Commit log since last time:

69b920bb13 CMS app: Fix new -wrap option
e5f8935c5b changes: add note about 3DES key wrap matching the standard
3d491c054e test: add unit tests for TDES key wrap
06447b58b2 Avoid using undefined value in generate_stateless_cookie_callback
0760d132da Avoid invoking memcpy if size is zero or the supplied buffer is NULL
562d4cd3c3 Fix the array size of dtlsseq in tls1_enc
1501de3380 Add multilib to the NonStop configuration definitions.
33a62d448c VMS: Correct faulty source directory specification
8b4e9c5265 apps/ciphers: Fix wrong return value when using -convert parameter
32f7be2ab7 APPS: Fix result type of dump_cert_text() and behavior of 
print_name() on out==NULL
fdd436436d news/changes: fix formatting nits
e1c2913833 cpp: fix included files to avoid failure in no-deprecated builds
2576b70d43 sm2: fix error raise to not fail make update

Build log ended with (last 100 lines):

# SSL_accept() failed -1, 1
# 40E777A5A27F:error:068C0100:asn1 encoding 
routines:ASN1_STRING_set:malloc failure:../openssl/crypto/asn1/asn1_lib.c:311:
# 40E777A5A27F:error:068C0100:asn1 encoding 
routines:asn1_ex_c2i:malloc failure:../openssl/crypto/asn1/tasn_dec.c:944:
# 40E777A5A27F:error:0688010A:asn1 encoding 
routines:asn1_template_noexp_d2i:nested asn1 
error:../openssl/crypto/asn1/tasn_dec.c:685:Field=session_id, 
Type=SSL_SESSION_ASN1
# 40E777A5A27F:error:0A0C0103:SSL 
routines:construct_stateless_ticket:internal 
error:../openssl/ssl/statem/statem_srvr.c:3706:
# INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
# SSL_connect() failed -1, 1
# 40E777A5A27F:error:0A000438:SSL routines:ssl3_read_bytes:tlsv1 
alert internal error:../openssl/ssl/record/rec_layer_s3.c:1584:SSL alert number 
80
# ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, 
SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:9260
# false
# OPENSSL_TEST_RAND_ORDER=1629930058
not ok 372 - iteration 7
# --
# OPENSSL_TEST_RAND_ORDER=1629930058
not ok 74 - test_dh_auto
# --
# INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
# SSL_accept() failed -1, 1
# 40E777A5A27F:error:068C0100:asn1 encoding 
routines:ASN1_STRING_set:malloc failure:../openssl/crypto/asn1/asn1_lib.c:311:
# 40E777A5A27F:error:068C0100:asn1 encoding routines:asn1_ex_c2i:malloc 
failure:../openssl/crypto/asn1/tasn_dec.c:944:
# 40E777A5A27F:error:0688010A:asn1 encoding 
routines:asn1_template_noexp_d2i:nested asn1 
error:../openssl/crypto/asn1/tasn_dec.c:685:
# 40E777A5A27F:error:0688010A:asn1 encoding 
routines:asn1_template_ex_d2i:nested asn1 
error:../openssl/crypto/asn1/tasn_dec.c:537:Field=session_id_context, 
Type=SSL_SESSION_ASN1
# 40E777A5A27F:error:0A0C0103:SSL 
routines:construct_stateless_ticket:internal 
error:../openssl/ssl/statem/statem_srvr.c:3706:
# INFO:  @ ../openssl/test/helpers/ssltestlib.c:1004
# No progress made
# ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, 
SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:9315
# false
# OPENSSL_TEST_RAND_ORDER=1629930058
not ok 75 - test_sni_tls13
# --
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs 
../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/cpVNSglCXd 
default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# --
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 32.
# Looks like you failed 1 test of 1.90-test_sslapi.t ... 
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests 

Test Summary Report
---
80-test_ssl_new.t(Wstat: 7168 Tests: 30 Failed: 28)
  Failed tests:  1-21, 23-28, 30
  Non-zero exit status: 28
20-test_spkac.t  (Wstat: 512 Tests: 4 Failed: 2)
  Failed tests:  2, 4
  Non-zero exit status: 2
25-test_crl.t(Wstat: 256 Tests: 10 Failed: 1)
  Failed test:  3
  Non-zero exit status: 1
25-test_sid.t(Wstat: 256 Tests: 2 Failed: 1)
  Failed test:  2
  Non-zero exit status: 1
65-test_cmp_ctx.t(Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
70-test_asyncio.t(Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
70-test_clienthello.t(Wstat: 

[openssl] master update

[beldmit]

The branch master has been updated
   via  69b920bb134417213adce260e15da3f751922cf4 (commit)
  from  e5f8935c5bdf4677618017f7d907ce1d9e3df6a6 (commit)


- Log -
commit 69b920bb134417213adce260e15da3f751922cf4
Author: Dr. David von Oheimb 
Date:   Tue Aug 24 12:15:41 2021 +0200

CMS app: Fix new -wrap option

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/16396)

---

Summary of changes:
 apps/cms.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/cms.c b/apps/cms.c
index b30273f171..76c7896719 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -680,7 +680,7 @@ int cms_main(int argc, char **argv)
 goto end;
 break;
 case OPT_WRAP:
-wrapname = opt_unknown();
+wrapname = opt_arg();
 break;
 case OPT_AES128_WRAP:
 case OPT_AES192_WRAP:

[openssl] master update

[tomas]

The branch master has been updated
   via  e5f8935c5bdf4677618017f7d907ce1d9e3df6a6 (commit)
   via  3d491c054ea8f662dc9dc499d3029d126a8726d3 (commit)
  from  06447b58b234be050d405c6c75bfc987c6dcfdf9 (commit)


- Log -
commit e5f8935c5bdf4677618017f7d907ce1d9e3df6a6
Author: Pauli 
Date:   Tue Aug 24 19:07:18 2021 +1000

changes: add note about 3DES key wrap matching the standard

Also note that it is no longer interoperable with 1.1.1.

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16343)

commit 3d491c054ea8f662dc9dc499d3029d126a8726d3
Author: Pauli 
Date:   Wed Aug 18 11:58:11 2021 +1000

test: add unit tests for TDES key wrap

This functionality was completely untested.

Doesn't fix #16002 since that's a bug against 1.1.1.

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16343)

---

Summary of changes:
 CHANGES.md |  5 
 test/destest.c | 75 ++
 2 files changed, 80 insertions(+)

diff --git a/CHANGES.md b/CHANGES.md
index 905ad50a50..ac10632734 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -40,6 +40,11 @@ breaking changes, and mappings for the large list of 
deprecated functions.
 
*Jan Lána*
 
+ * The triple DES key wrap functionality now conforms to RFC 3217 but is
+   no longer interoperable with OpenSSL 1.1.1.
+
+   *Paul Dale*
+
  * The ERR_GET_FUNC() function was removed.  With the loss of meaningful
function codes, this function can only cause problems for calling
applications.
diff --git a/test/destest.c b/test/destest.c
index b61c9eecc8..d2f3cfe6a7 100644
--- a/test/destest.c
+++ b/test/destest.c
@@ -17,6 +17,7 @@
 #include 
 
 #include "testutil.h"
+#include "internal/nelem.h"
 
 #ifndef OPENSSL_NO_DES
 # include 
@@ -697,6 +698,79 @@ static int test_des_quad_cksum(void)
 return 0;
 return 1;
 }
+
+/*
+ * Test TDES based key wrapping.
+ * The wrapping process uses a randomly generated IV so it is difficult to
+ * undertake KATs.  End to end testing is performed instead.
+ */
+static const int test_des_key_wrap_sizes[] = {
+8, 16, 24, 32, 64, 80
+};
+
+static int test_des_key_wrap(int idx)
+{
+int in_bytes = test_des_key_wrap_sizes[idx];
+unsigned char in[100], c_txt[200], p_txt[200], key[24];
+int clen, clen_upd, clen_fin, plen, plen_upd, plen_fin, expect, bs, i;
+EVP_CIPHER *cipher = NULL;
+EVP_CIPHER_CTX *ctx = NULL;
+int res = 0;
+
+/* Some sanity checks and cipher loading */
+if (!TEST_size_t_le(in_bytes, sizeof(in))
+|| !TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, "DES3-WRAP", NULL))
+|| !TEST_int_eq(bs = EVP_CIPHER_get_block_size(cipher), 8)
+|| !TEST_size_t_eq(bs * 3u, sizeof(key))
+|| !TEST_true(in_bytes % bs == 0)
+|| !TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
+goto err;
+
+/* Create random data to end to end test */
+for (i = 0; i < in_bytes; i++)
+in[i] = test_random();
+
+/* Build the key */
+memcpy(key, cbc_key, sizeof(cbc_key));
+memcpy(key + sizeof(cbc_key), cbc2_key, sizeof(cbc2_key));
+memcpy(key + sizeof(cbc_key) + sizeof(cbc3_key), cbc_key, 
sizeof(cbc3_key));
+
+/* Wrap / encrypt the key */
+clen_upd = sizeof(c_txt);
+if (!TEST_true(EVP_EncryptInit(ctx, cipher, key, NULL))
+|| !TEST_true(EVP_EncryptUpdate(ctx, c_txt, _upd,
+in, in_bytes)))
+goto err;
+
+expect = (in_bytes + (bs - 1)) / bs * bs + 2 * bs;
+if (!TEST_int_eq(clen_upd, expect))
+goto err;
+
+clen_fin = sizeof(c_txt) - clen_upd;
+if (!TEST_true(EVP_EncryptFinal(ctx, c_txt + clen_upd, _fin))
+|| !TEST_int_eq(clen_fin, 0))
+goto err;
+clen = clen_upd + clen_fin;
+
+/* Decrypt the wrapped key */
+plen_upd = sizeof(p_txt);
+if (!TEST_true(EVP_DecryptInit(ctx, cipher, key, NULL))
+|| !TEST_true(EVP_DecryptUpdate(ctx, p_txt, _upd,
+c_txt, clen)))
+goto err;
+plen_fin = sizeof(p_txt) - plen_upd;
+if (!TEST_true(EVP_DecryptFinal(ctx, p_txt + plen_upd, _fin)))
+goto err;
+plen = plen_upd + plen_fin;
+
+if (!TEST_mem_eq(in, in_bytes, p_txt, plen))
+goto err;
+res = 1;
+ err:
+EVP_CIPHER_free(cipher);
+EVP_CIPHER_CTX_free(ctx);
+return res;
+}
 #endif
 
 int setup_tests(void)
@@ -722,6 +796,7 @@ int setup_tests(void)
 ADD_TEST(test_des_crypt);
 ADD_ALL_TESTS(test_input_align, 4);
 ADD_ALL_TESTS(test_output_align, 4);
+ADD_ALL_TESTS(test_des_key_wrap, OSSL_NELEM(test_des_key_wrap_sizes));
 #endif
 return 1;
 }

[openssl] OpenSSL_1_1_1-stable update

[tomas]

The branch OpenSSL_1_1_1-stable has been updated
   via  18622c7625436d7f99c0f51895c4d3cea233c62e (commit)
  from  cf2b1d6f11aa7ec4aa909ff1ecb9bee6892285d9 (commit)


- Log -
commit 18622c7625436d7f99c0f51895c4d3cea233c62e
Author: Bernd Edlinger 
Date:   Sun Aug 22 21:28:51 2021 +0200

Fix some strict gcc-12 warnings

Reviewed-by: Paul Dale 
Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16375)

---

Summary of changes:
 crypto/ec/curve448/field.h | 2 +-
 ssl/s3_cbc.c   | 2 +-
 ssl/ssl_local.h| 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/ec/curve448/field.h b/crypto/ec/curve448/field.h
index ccd04482d2..4ce263d436 100644
--- a/crypto/ec/curve448/field.h
+++ b/crypto/ec/curve448/field.h
@@ -62,7 +62,7 @@ mask_t gf_eq(const gf x, const gf y);
 mask_t gf_lobit(const gf x);
 mask_t gf_hibit(const gf x);
 
-void gf_serialize(uint8_t *serial, const gf x, int with_highbit);
+void gf_serialize(uint8_t serial[SER_BYTES], const gf x, int with_highbit);
 mask_t gf_deserialize(gf x, const uint8_t serial[SER_BYTES], int with_hibit,
   uint8_t hi_nmask);
 
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index aa7d63f84a..ae2a330ba5 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -128,7 +128,7 @@ char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
 int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
unsigned char *md_out,
size_t *md_out_size,
-   const unsigned char header[13],
+   const unsigned char *header,
const unsigned char *data,
size_t data_plus_mac_size,
size_t data_plus_mac_plus_padding_size,
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index f92472117a..9f346e30e8 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2622,7 +2622,7 @@ __owur char ssl3_cbc_record_digest_supported(const 
EVP_MD_CTX *ctx);
 __owur int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
   unsigned char *md_out,
   size_t *md_out_size,
-  const unsigned char header[13],
+  const unsigned char *header,
   const unsigned char *data,
   size_t data_plus_mac_size,
   size_t data_plus_mac_plus_padding_size,

[openssl] OpenSSL_1_1_1-stable update

[tomas]

The branch OpenSSL_1_1_1-stable has been updated
   via  cf2b1d6f11aa7ec4aa909ff1ecb9bee6892285d9 (commit)
  from  801abbe01ebd380a9b66f08d59fcc5e8738134a5 (commit)


- Log -
commit cf2b1d6f11aa7ec4aa909ff1ecb9bee6892285d9
Author: Bernd Edlinger 
Date:   Mon Aug 23 11:11:29 2021 +0200

Avoid using undefined value in generate_stateless_cookie_callback

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16381)

---

Summary of changes:
 apps/s_cb.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/s_cb.c b/apps/s_cb.c
index dee1b2e5b4..d066a423de 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -819,7 +819,9 @@ int generate_stateless_cookie_callback(SSL *ssl, unsigned 
char *cookie,
 {
 unsigned int temp;
 int res = generate_cookie_callback(ssl, cookie, );
-*cookie_len = temp;
+
+if (res != 0)
+*cookie_len = temp;
 return res;
 }
 

[openssl] master update

[tomas]

The branch master has been updated
   via  06447b58b234be050d405c6c75bfc987c6dcfdf9 (commit)
  from  0760d132da046063f6ac3c28bd2ee1d8505e6fcd (commit)


- Log -
commit 06447b58b234be050d405c6c75bfc987c6dcfdf9
Author: Bernd Edlinger 
Date:   Mon Aug 23 11:11:29 2021 +0200

Avoid using undefined value in generate_stateless_cookie_callback

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16384)

---

Summary of changes:
 apps/lib/s_cb.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index 245bae6249..c9a611aa3a 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -823,7 +823,8 @@ int generate_cookie_callback(SSL *ssl, unsigned char 
*cookie,
 size_t temp = 0;
 int res = generate_stateless_cookie_callback(ssl, cookie, );
 
-*cookie_len = (unsigned int)temp;
+if (res != 0)
+*cookie_len = (unsigned int)temp;
 return res;
 }
 

[openssl] master update

[tomas]

The branch master has been updated
   via  0760d132da046063f6ac3c28bd2ee1d8505e6fcd (commit)
  from  562d4cd3c35b32f2bc6ac0770b80ce394f8d76a4 (commit)


- Log -
commit 0760d132da046063f6ac3c28bd2ee1d8505e6fcd
Author: Paul Dreik 
Date:   Fri Nov 29 19:23:35 2019 +0100

Avoid invoking memcpy if size is zero or the supplied buffer is NULL

This allows for passing a NULL pointer with zero max_len.

Invoking memcpy on NULL is undefined behaviour, even if the size is zero.

https://en.cppreference.com/w/c/string/byte/memcpy

The function can now be queried for the necessary buffer length.

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/10541)

---

Summary of changes:
 crypto/asn1/evp_asn1.c | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c
index 3122c4724f..13d8ed3893 100644
--- a/crypto/asn1/evp_asn1.c
+++ b/crypto/asn1/evp_asn1.c
@@ -27,7 +27,10 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char 
*data, int len)
 return 1;
 }
 
-/* int max_len:  for returned value*/
+/* int max_len:  for returned value
+ * if passing NULL in data, nothing is copied but the necessary length
+ * for it is returned.
+ */
 int ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, int 
max_len)
 {
 int ret, num;
@@ -43,7 +46,8 @@ int ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned 
char *data, int max_l
 num = ret;
 else
 num = max_len;
-memcpy(data, p, num);
+if (num > 0 && data != NULL)
+memcpy(data, p, num);
 return ret;
 }
 

[openssl] OpenSSL_1_1_1-stable update

[tomas]

The branch OpenSSL_1_1_1-stable has been updated
   via  801abbe01ebd380a9b66f08d59fcc5e8738134a5 (commit)
  from  a2056b09fbef58bcb79b0fe8b88b592c560eb32f (commit)


- Log -
commit 801abbe01ebd380a9b66f08d59fcc5e8738134a5
Author: Bernd Edlinger 
Date:   Mon Aug 23 14:03:20 2021 +0200

Fix the array size of dtlsseq in tls1_enc

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16385)

(cherry picked from commit 562d4cd3c35b32f2bc6ac0770b80ce394f8d76a4)

---

Summary of changes:
 ssl/record/ssl3_record.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index e6a8bbd710..f158544789 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1039,7 +1039,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, 
int sending)
 
 if (SSL_IS_DTLS(s)) {
 /* DTLS does not support pipelining */
-unsigned char dtlsseq[9], *p = dtlsseq;
+unsigned char dtlsseq[8], *p = dtlsseq;
 
 s2n(sending ? DTLS_RECORD_LAYER_get_w_epoch(>rlayer) :
 DTLS_RECORD_LAYER_get_r_epoch(>rlayer), p);

[openssl] master update

[tomas]

The branch master has been updated
   via  562d4cd3c35b32f2bc6ac0770b80ce394f8d76a4 (commit)
  from  1501de3380aa1907a6b27c734a3c30f0962048ed (commit)


- Log -
commit 562d4cd3c35b32f2bc6ac0770b80ce394f8d76a4
Author: Bernd Edlinger 
Date:   Mon Aug 23 14:03:20 2021 +0200

Fix the array size of dtlsseq in tls1_enc

Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16385)

---

Summary of changes:
 ssl/record/ssl3_record.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 30af6508a7..b6ac61e0e8 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1047,7 +1047,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, 
int sending,
 
 if (SSL_IS_DTLS(s)) {
 /* DTLS does not support pipelining */
-unsigned char dtlsseq[9], *p = dtlsseq;
+unsigned char dtlsseq[8], *p = dtlsseq;
 
 s2n(sending ? DTLS_RECORD_LAYER_get_w_epoch(>rlayer) :
 DTLS_RECORD_LAYER_get_r_epoch(>rlayer), p);

[openssl] master update

[tomas]

The branch master has been updated
   via  1501de3380aa1907a6b27c734a3c30f0962048ed (commit)
  from  33a62d448c95c01a5bff7be8a00bf95b6a6a6f37 (commit)


- Log -
commit 1501de3380aa1907a6b27c734a3c30f0962048ed
Author: Richard Levitte 
Date:   Tue Aug 24 13:45:27 2021 +0200

Add multilib to the NonStop configuration definitions.

Fixes: #16373

Co-authored-by: Randall S. Becker 

Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16398)

---

Summary of changes:
 Configurations/50-nonstop.conf | 12 +++-
 NOTES-NONSTOP.md   |  8 +++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/Configurations/50-nonstop.conf b/Configurations/50-nonstop.conf
index 7524c50016..ed3fe828b3 100644
--- a/Configurations/50-nonstop.conf
+++ b/Configurations/50-nonstop.conf
@@ -203,12 +203,14 @@
   'nonstop-ilp32',
   'nonstop-efloat-x86_64',
   'nonstop-model-put' ],
+multilib => '-put',
 },
 'nonstop-nsx_64' => {
 inherit_from => [ 'nonstop-common',
   'nonstop-archenv-x86_64-oss',
   'nonstop-lp64-x86_64',
   'nonstop-efloat-x86_64' ],
+multilib => '64',
 disable  => ['threads'],
 },
 'nonstop-nsx_64_put' => {
@@ -217,13 +219,15 @@
   'nonstop-lp64-x86_64',
   'nonstop-efloat-x86_64',
   'nonstop-model-put' ],
+multilib => '64-put',
 },
 'nonstop-nsx_spt' => {
 inherit_from => [ 'nonstop-common',
-  'nonstop-archenv-x86_64-oss', 
+  'nonstop-archenv-x86_64-oss',
   'nonstop-ilp32',
   'nonstop-efloat-x86_64',
   'nonstop-model-spt' ],
+multilib => '-spt',
 },
 'nonstop-nsx_spt_floss' => {
 inherit_from => [ 'nonstop-common',
@@ -232,6 +236,7 @@
   'nonstop-efloat-x86_64',
   'nonstop-model-floss',
   'nonstop-model-spt'],
+multilib => '-spt',
 },
 'nonstop-nsx_g' => {
 inherit_from => [ 'nonstop-common',
@@ -261,12 +266,14 @@
   'nonstop-ilp32',
   'nonstop-efloat-itanium',
   'nonstop-model-put' ],
+multilib => '-put',
 },
 'nonstop-nse_64' => {
 inherit_from => [ 'nonstop-common',
   'nonstop-archenv-itanium-oss',
   'nonstop-lp64-itanium',
   'nonstop-efloat-itanium' ],
+multilib => '64',
 disable  => ['threads'],
 },
 'nonstop-nse_64_put' => {
@@ -275,6 +282,7 @@
   'nonstop-lp64-itanium',
   'nonstop-efloat-itanium',
   'nonstop-model-put' ],
+multilib => '64-put',
 },
 'nonstop-nse_spt' => {
 inherit_from => [ 'nonstop-common',
@@ -282,6 +290,7 @@
   'nonstop-ilp32',
   'nonstop-efloat-itanium',
   'nonstop-model-spt' ],
+multilib => '-spt',
 },
 'nonstop-nse_spt_floss' => {
 inherit_from => [ 'nonstop-common',
@@ -289,6 +298,7 @@
   'nonstop-ilp32',
   'nonstop-efloat-itanium',
   'nonstop-model-floss', 'nonstop-model-spt' ],
+multilib => '-spt',
 },
 'nonstop-nse_g' => {
 inherit_from => [ 'nonstop-common',
diff --git a/NOTES-NONSTOP.md b/NOTES-NONSTOP.md
index 171f394a9d..586fbabef0 100644
--- a/NOTES-NONSTOP.md
+++ b/NOTES-NONSTOP.md
@@ -56,8 +56,14 @@ options, and keeping your memory and float options 
consistent, for example:
 
  * For 1.1 `--prefix=/usr/local-ssl1.1 --openssldir=/usr/local-ssl1.1/ssl`
  * For 1.1 PUT `--prefix=/usr/local-ssl1.1_put 
--openssldir=/usr/local-ssl1.1_put/ssl`
+
+As of 3.0, the NonStop configurations use the multilib attribute to distinguish
+between different models:
+
  * For 3.0 `--prefix=/usr/local-ssl3.0 --openssldir=/usr/local-ssl3.0/ssl`
- * For 3.0 PUT `--prefix=/usr/local-ssl3.0_put 
--openssldir=/usr/local-ssl3.0_put/ssl`
+
+The PUT model is placed in `${prefix}/lib-put` for 32-bit models and
+`${prefix}/lib64-put` for 64-bit models.
 
 Use the `_RLD_LIB_PATH` environment 

[openssl] master update

[Richard Levitte]

The branch master has been updated
   via  33a62d448c95c01a5bff7be8a00bf95b6a6a6f37 (commit)
  from  8b4e9c5265ffd3457ad37133502a9d8a4e8daccd (commit)


- Log -
commit 33a62d448c95c01a5bff7be8a00bf95b6a6a6f37
Author: Richard Levitte 
Date:   Mon Aug 23 14:12:28 2021 +0200

VMS: Correct faulty source directory specification

$(SRCDIR)/doc doesn't work right on VMS.

Reviewed-by: Tim Hudson 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/16395)

---

Summary of changes:
 Configurations/descrip.mms.tmpl | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
index 3ffd387903..2d17ddebfd 100644
--- a/Configurations/descrip.mms.tmpl
+++ b/Configurations/descrip.mms.tmpl
@@ -886,9 +886,10 @@ EOF
   my $title = basename($args{src}, ".html");
   my $pod = $gen0;
   my $mkpod2html = sourcefile('util', 'mkpod2html.pl');
+  my $srcdoc = sourcedir('doc');
   return <<"EOF";
 $args{src} : $pod
-   \$(PERL) $mkpod2html -i $pod -o \$\@ -t "$title" -r "\$(SRCDIR)/doc"
+   \$(PERL) $mkpod2html -i $pod -o \$\@ -t "$title" -r "$srcdoc"
 EOF
   } elsif ($args{src} =~ /\.(\d)$/) {
   #

Coverity Scan: Analysis completed for OpenSSL-1.0.2

[scan-admin]

Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3D5cFn_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEKPQ-2BY5FHOkqNcOH6tkf1rSEzJJiHd0Wnf1xXbLpCUbBohANS96f12Hfbcgz-2ByeXB0KxbHfwHFgXJ0cNdqFCCsJg6XFjGb4f4anzkkPw2WZSqZ1frK0J89VIVoX3ROTS4Yhq78aE0DjM3-2F6J06SeqjEy8Si2VXHFy2V5tGe8rh9ucGtWuOThwmh-2F9i70CJZYM-3D

Build ID: 404121

Analysis Summary:
   New defects found: 0
   Defects eliminated: 0

Coverity Scan: Analysis completed for openssl/openssl

[scan-admin]

Your request for analysis of openssl/openssl has been completed 
successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DZmCo_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEk3RP2dXOG5V8dSqFdMV9MK-2FU-2FONFBFN3EjzOfX4yS9c-2Fr3hF-2Bz7aGjaUEcrnSuwF4hD94ewC6HliVXtM46d-2BD7aIoY6QmfV5rv3uY1AVIrsM-2BIWCMGGwXg0HhSeTlgfCbpoEVECcB4kx0l5HQ6oC60rUQ0qh5cK6NV2IuMEVzDW5HfPCclIaXcqOsQugXjgw-3D

Build ID: 404120

Analysis Summary:
   New defects found: 0
   Defects eliminated: 0

[openssl] master update

[tomas]

The branch master has been updated
   via  8b4e9c5265ffd3457ad37133502a9d8a4e8daccd (commit)
  from  32f7be2ab72ee22e98a2254709cb6128492b207a (commit)


- Log -
commit 8b4e9c5265ffd3457ad37133502a9d8a4e8daccd
Author: Tianjia Zhang 
Date:   Mon Aug 23 17:40:22 2021 +0800

apps/ciphers: Fix wrong return value when using -convert parameter

Command 'openssl ciphers -convert ' always returns failure,
this patch set the correct return value.

Signed-off-by: Tianjia Zhang 

Reviewed-by: Paul Yang 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/16383)

---

Summary of changes:
 apps/ciphers.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/ciphers.c b/apps/ciphers.c
index 6e4fedd9a7..9c494224a1 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -183,6 +183,7 @@ int ciphers_main(int argc, char **argv)
 if (convert != NULL) {
 BIO_printf(bio_out, "OpenSSL cipher name: %s\n",
OPENSSL_cipher_name(convert));
+ret = 0;
 goto end;
 }