[openssl] master update
The branch master has been updated
via 0a10825a009c830125fef94c81d34e41300a24a5 (commit)
from 8e22f9d6d956ad583afe10b986519731c113ac80 (commit)
- Log -
commit 0a10825a009c830125fef94c81d34e41300a24a5
Author: Bernd Edlinger
Date: Wed Oct 24 23:10:38 2018 +0200
Enable brainpool curves for TLS1.3
See the recently assigned brainpool code points at:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/7485)
---
Summary of changes:
include/internal/tlsgroups.h | 10 +++
ssl/s3_lib.c | 5 +-
ssl/ssl_local.h | 5 ++
ssl/statem/extensions.c | 2 +-
ssl/statem/extensions_clnt.c | 20 +-
ssl/statem/extensions_srvr.c | 15 ++--
ssl/statem/statem_lib.c | 6 ++
ssl/t1_lib.c | 129 +--
ssl/t1_trce.c| 3 +
test/ssl-tests/20-cert-select.cnf| 4 +-
test/ssl-tests/20-cert-select.cnf.in | 4 +-
11 files changed, 153 insertions(+), 50 deletions(-)
diff --git a/include/internal/tlsgroups.h b/include/internal/tlsgroups.h
index 8a35ced122..73fb53bc5f 100644
--- a/include/internal/tlsgroups.h
+++ b/include/internal/tlsgroups.h
@@ -41,6 +41,16 @@
# define OSSL_TLS_GROUP_ID_brainpoolP512r1 0x001C
# define OSSL_TLS_GROUP_ID_x25519 0x001D
# define OSSL_TLS_GROUP_ID_x448 0x001E
+# define OSSL_TLS_GROUP_ID_brainpoolP256r1_tls13 0x001F
+# define OSSL_TLS_GROUP_ID_brainpoolP384r1_tls13 0x0020
+# define OSSL_TLS_GROUP_ID_brainpoolP512r1_tls13 0x0021
+# define OSSL_TLS_GROUP_ID_gc256A 0x0022
+# define OSSL_TLS_GROUP_ID_gc256B 0x0023
+# define OSSL_TLS_GROUP_ID_gc256C 0x0024
+# define OSSL_TLS_GROUP_ID_gc256D 0x0025
+# define OSSL_TLS_GROUP_ID_gc512A 0x0026
+# define OSSL_TLS_GROUP_ID_gc512B 0x0027
+# define OSSL_TLS_GROUP_ID_gc512C 0x0028
# define OSSL_TLS_GROUP_ID_ffdhe20480x0100
# define OSSL_TLS_GROUP_ID_ffdhe30720x0101
# define OSSL_TLS_GROUP_ID_ffdhe40960x0102
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 88565a7000..1a89bde851 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3607,8 +3607,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
int *cptr = parg;
for (i = 0; i < clistlen; i++) {
+uint16_t cid = SSL_IS_TLS13(s)
+ ? ssl_group_id_tls13_to_internal(clist[i])
+ : clist[i];
const TLS_GROUP_INFO *cinf
-= tls1_group_id_lookup(s->ctx, clist[i]);
+= tls1_group_id_lookup(s->ctx, cid);
if (cinf != NULL)
cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 9b88140a28..ddae48b2af 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2169,6 +2169,9 @@ typedef enum downgrade_en {
#define TLSEXT_SIGALG_ed25519 0x0807
#define TLSEXT_SIGALG_ed448 0x0808
+#define TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256 0x081a
+#define TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384 0x081b
+#define TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512 0x081c
/* Known PSK key exchange modes */
#define TLSEXT_KEX_MODE_KE 0x00
@@ -2642,6 +2645,8 @@ __owur int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL
*s);
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
+__owur uint16_t ssl_group_id_internal_to_tls13(uint16_t curve_id);
+__owur uint16_t ssl_group_id_tls13_to_internal(uint16_t curve_id);
__owur const TLS_GROUP_INFO *tls1_group_id_lookup(SSL_CTX *ctx, uint16_t
curve_id);
__owur int tls1_group_id2nid(uint16_t group_id, int include_unknown);
__owur uint16_t tls1_nid2group_id(int nid);
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index bc437be26a..0ac8253be3 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1369,7 +1369,7 @@ static int final_key_share(SSL *s, unsigned int context,
int sent)
group_id = pgroups[i];
if (check_in_list(s, group_id, clntgroups, clnt_num_groups,
- 1))
+ 2))
break;
}
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index b38c9ca684..d6d4e55ce7 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -224,6 +224,21 @@ EXT_RETURN tls_construct_ctos_supported
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DlQFe_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGJlhd0xMz2Ma4KqBuQuV19c0VfCVcPj4Ww4CIno5tN4e95CtpgueEO52H6QCu04Ux5NMBbLlaWS-2BFOrdBHJqtfdwfkJhuUfQrYoDGruoX98zrVSnzewjkLH6Y40TmuEZU7cja-2F0H-2FuSlC2tbvcnmOAB7-2BEUe0DZTY0ihSnSM-2FqwMtJv5EJyZHbXFhVh9BiYD0-3D Build ID: 420063 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl] master update
The branch master has been updated
via 8e22f9d6d956ad583afe10b986519731c113ac80 (commit)
from bc6d9c9395a74a31b4e0c4a8cd729197adbf6a46 (commit)
- Log -
commit 8e22f9d6d956ad583afe10b986519731c113ac80
Author: Allan Jude
Date: Fri Nov 19 18:58:51 2021 +
Detect arm64-*-*bsd and enable assembly optimizations
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17084)
---
Summary of changes:
Configurations/10-main.conf | 8
util/perl/OpenSSL/config.pm | 1 +
2 files changed, 9 insertions(+)
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index 8414b34ed9..9f8fb32a86 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1062,6 +1062,14 @@ my %targets = (
perlasm_scheme => "elf",
},
+"BSD-aarch64" => {
+inherit_from => [ "BSD-generic64" ],
+lib_cppflags => add("-DL_ENDIAN"),
+bn_ops => "SIXTY_FOUR_BIT_LONG",
+asm_arch => 'aarch64',
+perlasm_scheme => "linux64",
+},
+
"bsdi-elf-gcc" => {
inherit_from => [ "BASE_unix" ],
CC => "gcc",
diff --git a/util/perl/OpenSSL/config.pm b/util/perl/OpenSSL/config.pm
index d8be17cdc5..e3802ade43 100755
--- a/util/perl/OpenSSL/config.pm
+++ b/util/perl/OpenSSL/config.pm
@@ -745,6 +745,7 @@ EOF
[ 'ia64-.*-.*bsd.*',{ target => "BSD-ia64" } ],
[ 'x86_64-.*-dragonfly.*', { target => "BSD-x86_64" } ],
[ 'amd64-.*-.*bsd.*', { target => "BSD-x86_64" } ],
+ [ 'arm64-.*-.*bsd.*', { target => "BSD-aarch64" } ],
[ '.*86.*-.*-.*bsd.*',
sub {
# mimic ld behaviour when it's looking for libc...
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated
via 7182ad7925077a825e451d09c59c2181d8533dc6 (commit)
from 1c981ebb6e3346ebd0e76d0100ad0e1e854dbdda (commit)
- Log -
commit 7182ad7925077a825e451d09c59c2181d8533dc6
Author: Matt Caswell
Date: Wed Nov 24 10:11:45 2021 +
Don't delete the doc/html directories when cleaning
The doc/html sub-dirs get created by Configure. Therefore they should
not be cleaned away by "nmake clean". Otherwise the following sequence
fails:
perl Configure VC-WIN64A
nmake clean
nmake
nmake install
Fixes #17114
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17128)
(cherry picked from commit bc6d9c9395a74a31b4e0c4a8cd729197adbf6a46)
---
Summary of changes:
Configurations/windows-makefile.tmpl | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/Configurations/windows-makefile.tmpl
b/Configurations/windows-makefile.tmpl
index 81a94ee19f..4718f118e3 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -462,10 +462,10 @@ libclean:
-del /Q /F $(LIBS) libcrypto.* libssl.* ossl_static.pdb
clean: libclean
- -rd /Q /S $(HTMLDOCS1_BLDDIRS)
- -rd /Q /S $(HTMLDOCS3_BLDDIRS)
- -rd /Q /S $(HTMLDOCS5_BLDDIRS)
- -rd /Q /S $(HTMLDOCS7_BLDDIRS)
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS1) || "\@rem" -}
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS3) || "\@rem" -}
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS5) || "\@rem" -}
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS7) || "\@rem" -}
{- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) || "\@rem" -}
{- join("\n\t", map { "-del /Q /F $_" } @MODULES) || "\@rem" -}
{- join("\n\t", map { "-del /Q /F $_" } @SCRIPTS) || "\@rem" -}
[openssl] master update
The branch master has been updated
via bc6d9c9395a74a31b4e0c4a8cd729197adbf6a46 (commit)
from 3e0441520b9a349dc50662919ea18f03dfc0d624 (commit)
- Log -
commit bc6d9c9395a74a31b4e0c4a8cd729197adbf6a46
Author: Matt Caswell
Date: Wed Nov 24 10:11:45 2021 +
Don't delete the doc/html directories when cleaning
The doc/html sub-dirs get created by Configure. Therefore they should
not be cleaned away by "nmake clean". Otherwise the following sequence
fails:
perl Configure VC-WIN64A
nmake clean
nmake
nmake install
Fixes #17114
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17128)
---
Summary of changes:
Configurations/windows-makefile.tmpl | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/Configurations/windows-makefile.tmpl
b/Configurations/windows-makefile.tmpl
index 81a94ee19f..4718f118e3 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -462,10 +462,10 @@ libclean:
-del /Q /F $(LIBS) libcrypto.* libssl.* ossl_static.pdb
clean: libclean
- -rd /Q /S $(HTMLDOCS1_BLDDIRS)
- -rd /Q /S $(HTMLDOCS3_BLDDIRS)
- -rd /Q /S $(HTMLDOCS5_BLDDIRS)
- -rd /Q /S $(HTMLDOCS7_BLDDIRS)
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS1) || "\@rem" -}
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS3) || "\@rem" -}
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS5) || "\@rem" -}
+ {- join("\n\t", map { "-del /Q /F $_" } @HTMLDOCS7) || "\@rem" -}
{- join("\n\t", map { "-del /Q /F $_" } @PROGRAMS) || "\@rem" -}
{- join("\n\t", map { "-del /Q /F $_" } @MODULES) || "\@rem" -}
{- join("\n\t", map { "-del /Q /F $_" } @SCRIPTS) || "\@rem" -}
