From 1149ead6f73d3cc7b5293d2db18ad67bd894bd24 Mon Sep 17 00:00:00 2001 From: RafaelGSS Date: Tue, 1 Nov 2022 20:07:49 -0300 Subject: [PATCH] deps: upgrade openssl sources to OpenSSL_1_1_1s This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1s+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: https://github.com/nodejs/node/pull/45274 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html Reviewed-By: Richard Lau Reviewed-By: Michael Dawson --- deps/openssl/openssl/CHANGES | 46 +++++ .../openssl/Configurations/10-main.conf | 9 +- deps/openssl/openssl/NEWS | 10 + deps/openssl/openssl/README-OpenSSL.md | 2 +- deps/openssl/openssl/README.md | 2 +- deps/openssl/openssl/apps/apps.c | 15 +- deps/openssl/openssl/apps/apps.h | 11 +- deps/openssl/openssl/apps/ca.c | 8 +- deps/openssl/openssl/apps/ocsp.c | 4 +- deps/openssl/openssl/apps/s_cb.c | 28 +-- deps/openssl/openssl/apps/x509.c | 16 +- .../openssl/crypto/aes/asm/aesv8-armx.pl | 64 ++++++- deps/openssl/openssl/crypto/asn1/charmap.pl | 9 +- deps/openssl/openssl/crypto/bn/bn_nist.c | 35 ++-- deps/openssl/openssl/crypto/bn/bn_prime.pl | 9 +- deps/openssl/openssl/crypto/conf/keysets.pl | 10 +- deps/openssl/openssl/crypto/ec/ec_key.c | 10 + .../openssl/openssl/crypto/objects/obj_dat.pl | 11 +- .../openssl/openssl/crypto/objects/objects.pl | 13 +- .../openssl/openssl/crypto/objects/objxref.pl | 13 +- deps/openssl/openssl/crypto/pem/pem_lib.c | 4 +- deps/openssl/openssl/crypto/rand/drbg_lib.c | 20 +- deps/openssl/openssl/crypto/rand/rand_lib.c | 8 +- deps/openssl/openssl/crypto/rand/rand_vms.c | 90 +++++---- deps/openssl/openssl/crypto/rand/rand_win.c | 6 +- deps/openssl/openssl/crypto/x509/x509_req.c | 46 +++-- deps/openssl/openssl/crypto/x509/x509_vfy.c | 4 +- deps/openssl/openssl/crypto/x509/x_all.c | 11 +- deps/openssl/openssl/crypto/x509v3/v3_addr.c | 17 +- deps/openssl/openssl/crypto/x509v3/v3_lib.c | 6 +- deps/openssl/openssl/crypto/x509v3/v3_utl.c | 9 +- deps/openssl/openssl/doc/man1/x509.pod | 24 ++- .../openssl/doc/man3/CMS_add0_cert.pod | 32 ++-- deps/openssl/openssl/doc/man3/CMS_verify.pod | 83 +++++---- deps/openssl/openssl/doc/man3/EC_KEY_new.pod | 20 +- .../openssl/doc/man3/EVP_EncryptInit.pod | 4 +- .../openssl/doc/man3/OPENSSL_LH_COMPFUNC.pod | 4 +- .../openssl/doc/man3/OPENSSL_init_crypto.pod | 4 +- deps/openssl/openssl/doc/man3/PKCS7_sign.pod | 47 +++-- .../doc/man3/PKCS7_sign_add_signer.pod | 55 +++--- .../openssl/openssl/doc/man3/PKCS7_verify.pod | 104 ++++++----- .../openssl/doc/man3/X509_STORE_CTX_new.pod | 10 +- deps/openssl/openssl/include/crypto/bn_conf.h | 1 - .../openssl/openssl/include/crypto/dso_conf.h | 1 - .../openssl/include/openssl/opensslconf.h | 1 - .../openssl/include/openssl/opensslv.h | 4 +- deps/openssl/openssl/ssl/packet.c | 8 +- deps/openssl/openssl/ssl/packet_local.h | 39 +++- .../openssl/openssl/ssl/record/rec_layer_s3.c | 16 +- deps/openssl/openssl/ssl/ssl_ciph.c | 6 +- deps/openssl/openssl/ssl/ssl_lib.c | 24 ++- deps/openssl/openssl/ssl/ssl_rsa.c | 83 ++++++--- .../openssl/ssl/statem/extensions_clnt.c | 5 +- .../openssl/ssl/statem/extensions_srvr.c | 21 +-- deps/openssl/openssl/ssl/tls13_enc.c | 3 +- deps/openssl/openssl/test/dtlstest.c | 90 ++++++++- deps/openssl/openssl/test/ec_internal_test.c | 36 +++- .../openssl/test/recipes/25-test_x509.t | 63 ++++++- deps/openssl/openssl/test/sslapitest.c | 173 ++++++++++++------ deps/openssl/openssl/test/ssltestlib.c | 35 +++- deps/openssl/openssl/test/ssltestlib.h | 3 +- deps/openssl/openssl/test/v3ext.c | 100 ++++++++++ .../openssl/openssl/test/x509_internal_test.c | 57 +++++- .../openssl/util/perl/OpenSSL/copyright.pm | 41 +++++ 64 files changed, 1299 insertions(+), 444 deletions(-) delete mode 100644 deps/openssl/openssl/include/crypto/bn_conf.h delete mode 100644 deps/openssl/openssl/include/crypto/dso_conf.h delete mode 100644 deps/openssl/openssl/include/openssl/opensslconf.h create mode 100644 deps/openssl/openssl/util/perl/OpenSSL/copyright.pm diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES index dcc7990c12285b..8350b037f42c9a 100644 --- a/deps/openssl/openssl/CHANGES +++ b/deps/openssl/openssl/CHANGES @@ -7,6 +7,52 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1r and 1.1.1s [1 Nov 2022] + + *) Fixed a regression introduced in 1.1.1r version not refreshing the + certificate data to be signed before signing the certificate. + + [Gibeom Gwon] + + Changes between 1.1.1q and 1.1.1r [11 Oct 2022] + + *) Fixed the linux-mips64 Configure target which was missing the + SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that + platform. + [Adam Joseph] + + *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was + causing incorrect results in some cases as a result. + [Paul Dale] + + *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to + report correct results in some cases + [Matt Caswell] + + *) Fixed a regression introduced in 1.1.1o for re-signing certificates with + different key sizes + [Todd Short] + + *) Added the loongarch64 target + [Shi Pujin] + + *) Fixed a DRBG seed propagation thread safety issue + [Bernd Edlinger] + + *) Fixed a memory leak in tls13_generate_secret + [Bernd Edlinger] + + *) Fixed reported performance degradation on aarch64. Restored the + implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid + 32-bit lane assignment in CTR mode") for 64bit targets only, since it is + reportedly 2-17% slower and the silicon errata only affects 32bit targets. + The new algorithm is still used for 32 bit targets. + [Bernd Edlinger] + + *) Added a missing header for memcmp that caused compilation failure on some + platforms + [Gregor Jasny] + Changes between 1.1.1p and 1.1.1q [5 Jul 2022] *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised diff --git a/deps/openssl/openssl/Configurations/10-main.conf b/deps/openssl/openssl/Configurations/10-main.conf index 2fcb96a0470108..f815a09b232155 100644 --- a/deps/openssl/openssl/Configurations/10-main.conf +++ b/deps/openssl/openssl/Configurations/10-main.conf @@ -742,7 +742,7 @@ my %targets = ( inherit_from => [ "linux-generic32", asm("mips64_asm") ], cflags => add("-mabi=n32"), cxxflags => add("-mabi=n32"), - bn_ops => "RC4_CHAR", + bn_ops => "RC4_CHAR SIXTY_FOUR_BIT", perlasm_scheme => "n32", multilib => "32", }, @@ -761,6 +761,13 @@ my %targets = ( perlasm_scheme => "linux64", }, + # loongarch64 below refers to contemporary LoongArch Architecture + # specifications, + "linux64-loongarch64" => { + inherit_from => [ "linux-generic64"], + perlasm_scheme => "linux64", + }, + #### IA-32 targets... #### These two targets are a bit aged and are to be used on older Linux #### machines where gcc doesn't understand -m32 and -m64 diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS index 75e9ba062df36b..c9e63eea63a6c0 100644 --- a/deps/openssl/openssl/NEWS +++ b/deps/openssl/openssl/NEWS @@ -5,6 +5,16 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022] + + o Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the + certificate data to be signed before signing the certificate. + + Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022] + + o Added a missing header for memcmp that caused compilation failure on + some platforms + Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022] o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms diff --git a/deps/openssl/openssl/README-OpenSSL.md b/deps/openssl/openssl/README-OpenSSL.md index 79f9c611a9335f..2f6d91c6337c6c 100644 --- a/deps/openssl/openssl/README-OpenSSL.md +++ b/deps/openssl/openssl/README-OpenSSL.md @@ -1,5 +1,5 @@ - OpenSSL 1.1.1q 5 Jul 2022 + OpenSSL 1.1.1s 1 Nov 2022 Copyright (c) 1998-2022 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson diff --git a/deps/openssl/openssl/README.md b/deps/openssl/openssl/README.md index f9021a0f10cb9c..cdeff646272f15 100644 --- a/deps/openssl/openssl/README.md +++ b/deps/openssl/openssl/README.md @@ -4,7 +4,7 @@ What This Is This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition to the website, the official source distribution is at . The OpenSSL `README` can be found at -[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1q%2Bquic/README-OpenSSL.md). +[README-OpenSSL.md](https://github.com/quictls/openssl/blob/OpenSSL_1_1_1s%2Bquic/README-OpenSSL.md). This fork adds APIs that can be used by QUIC implementations for connection handshakes. Quoting the IETF Working group diff --git a/deps/openssl/openssl/apps/apps.c b/deps/openssl/openssl/apps/apps.c index db5b48e4cf2f27..f2447fb0bef8b4 100644 --- a/deps/openssl/openssl/apps/apps.c +++ b/deps/openssl/openssl/apps/apps.c @@ -1376,7 +1376,8 @@ static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING) static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING) #undef BSIZE #define BSIZE 256 -BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) +BIGNUM *load_serial(const char *serialfile, int *exists, int create, + ASN1_INTEGER **retai) { BIO *in = NULL; BIGNUM *ret = NULL; @@ -1388,6 +1389,8 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) goto err; in = BIO_new_file(serialfile, "r"); + if (exists != NULL) + *exists = in != NULL; if (in == NULL) { if (!create) { perror(serialfile); @@ -1395,8 +1398,14 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) } ERR_clear_error(); ret = BN_new(); - if (ret == NULL || !rand_serial(ret, ai)) + if (ret == NULL) { BIO_printf(bio_err, "Out of memory\n"); + } else if (!rand_serial(ret, ai)) { + BIO_printf(bio_err, "Error creating random number to store in %s\n", + serialfile); + BN_free(ret); + ret = NULL; + } } else { if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) { BIO_printf(bio_err, "unable to load number from %s\n", @@ -1416,6 +1425,8 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) ai = NULL; } err: + if (ret == NULL) + ERR_print_errors(bio_err); BIO_free(in); ASN1_INTEGER_free(ai); return ret; diff --git a/deps/openssl/openssl/apps/apps.h b/deps/openssl/openssl/apps/apps.h index 34c3fd8633c1e8..3e8f50fda87b07 100644 --- a/deps/openssl/openssl/apps/apps.h +++ b/deps/openssl/openssl/apps/apps.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -527,9 +527,12 @@ typedef struct ca_db_st { } CA_DB; void* app_malloc(int sz, const char *what); -BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai); -int save_serial(const char *serialfile, const char *suffix, const BIGNUM *serial, - ASN1_INTEGER **retai); + +/* load_serial, save_serial, and rotate_serial are also used for CRL numbers */ +BIGNUM *load_serial(const char *serialfile, int *exists, int create, + ASN1_INTEGER **retai); +int save_serial(const char *serialfile, const char *suffix, + const BIGNUM *serial, ASN1_INTEGER **retai); int rotate_serial(const char *serialfile, const char *new_suffix, const char *old_suffix); int rand_serial(BIGNUM *b, ASN1_INTEGER *ai); diff --git a/deps/openssl/openssl/apps/ca.c b/deps/openssl/openssl/apps/ca.c index 390ac37493c84e..ea375ca0b1d3d0 100755 --- a/deps/openssl/openssl/apps/ca.c +++ b/deps/openssl/openssl/apps/ca.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -842,7 +842,8 @@ int ca_main(int argc, char **argv) goto end; } } else { - if ((serial = load_serial(serialfile, create_ser, NULL)) == NULL) { + serial = load_serial(serialfile, NULL, create_ser, NULL); + if (serial == NULL) { BIO_printf(bio_err, "error while loading serial number\n"); goto end; } @@ -1078,7 +1079,8 @@ int ca_main(int argc, char **argv) if ((crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER)) != NULL) - if ((crlnumber = load_serial(crlnumberfile, 0, NULL)) == NULL) { + if ((crlnumber = load_serial(crlnumberfile, NULL, 0, NULL)) + == NULL) { BIO_printf(bio_err, "error while loading CRL number\n"); goto end; } diff --git a/deps/openssl/openssl/apps/ocsp.c b/deps/openssl/openssl/apps/ocsp.c index 27ec94fa6b8d48..8f20864cea5188 100644 --- a/deps/openssl/openssl/apps/ocsp.c +++ b/deps/openssl/openssl/apps/ocsp.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -176,7 +176,7 @@ const OPTIONS ocsp_options[] = { {"no_intern", OPT_NO_INTERN, '-', "Don't search certificates contained in response for signer"}, {"badsig", OPT_BADSIG, '-', - "Corrupt last byte of loaded OSCP response signature (for test)"}, + "Corrupt last byte of loaded OCSP response signature (for test)"}, {"text", OPT_TEXT, '-', "Print text form of request and response"}, {"req_text", OPT_REQ_TEXT, '-', "Print text form of request"}, {"resp_text", OPT_RESP_TEXT, '-', "Print text form of response"}, diff --git a/deps/openssl/openssl/apps/s_cb.c b/deps/openssl/openssl/apps/s_cb.c index d066a423dee8c3..2f94c13393a502 100644 --- a/deps/openssl/openssl/apps/s_cb.c +++ b/deps/openssl/openssl/apps/s_cb.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -74,22 +74,28 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) } switch (err) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - BIO_puts(bio_err, "issuer= "); - X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert), - 0, get_nameopt()); - BIO_puts(bio_err, "\n"); + if (err_cert != NULL) { + BIO_puts(bio_err, "issuer= "); + X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert), + 0, get_nameopt()); + BIO_puts(bio_err, "\n"); + } break; case X509_V_ERR_CERT_NOT_YET_VALID: case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err, "notBefore="); - ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert)); - BIO_printf(bio_err, "\n"); + if (err_cert != NULL) { + BIO_printf(bio_err, "notBefore="); + ASN1_TIME_print(bio_err, X509_get0_notBefore(err_cert)); + BIO_printf(bio_err, "\n"); + } break; case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err, "notAfter="); - ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert)); - BIO_printf(bio_err, "\n"); + if (err_cert != NULL) { + BIO_printf(bio_err, "notAfter="); + ASN1_TIME_print(bio_err, X509_get0_notAfter(err_cert)); + BIO_printf(bio_err, "\n"); + } break; case X509_V_ERR_NO_EXPLICIT_POLICY: if (!verify_args.quiet) diff --git a/deps/openssl/openssl/apps/x509.c b/deps/openssl/openssl/apps/x509.c index 1f53504209dea8..8d4bf71a03eee8 100644 --- a/deps/openssl/openssl/apps/x509.c +++ b/deps/openssl/openssl/apps/x509.c @@ -400,7 +400,7 @@ int x509_main(int argc, char **argv) aliasout = ++num; break; case OPT_CACREATESERIAL: - CA_createserial = ++num; + CA_createserial = 1; break; case OPT_CLREXT: clrext = 1; @@ -590,7 +590,7 @@ int x509_main(int argc, char **argv) xca = load_cert(CAfile, CAformat, "CA Certificate"); if (xca == NULL) goto end; - if (!X509_set_issuer_name(x, X509_get_subject_name(xca))) + if (reqfile && !X509_set_issuer_name(x, X509_get_subject_name(xca))) goto end; } @@ -916,6 +916,7 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile, char *buf = NULL; ASN1_INTEGER *bs = NULL; BIGNUM *serial = NULL; + int defaultfile = 0, file_exists; if (serialfile == NULL) { const char *p = strrchr(CAfile, '.'); @@ -925,9 +926,10 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile, memcpy(buf, CAfile, len); memcpy(buf + len, POSTFIX, sizeof(POSTFIX)); serialfile = buf; + defaultfile = 1; } - serial = load_serial(serialfile, create, NULL); + serial = load_serial(serialfile, &file_exists, create || defaultfile, NULL); if (serial == NULL) goto end; @@ -936,8 +938,10 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile, goto end; } - if (!save_serial(serialfile, NULL, serial, &bs)) - goto end; + if (file_exists || create) + save_serial(serialfile, NULL, serial, &bs); + else + bs = BN_to_ASN1_INTEGER(serial, NULL); end: OPENSSL_free(buf); @@ -989,6 +993,8 @@ static int x509_certify(X509_STORE *ctx, const char *CAfile, const EVP_MD *diges goto end; } + if (!X509_set_issuer_name(x, X509_get_subject_name(xca))) + goto end; if (!X509_set_serialNumber(x, bs)) goto end; diff --git a/deps/openssl/openssl/crypto/aes/asm/aesv8-armx.pl b/deps/openssl/openssl/crypto/aes/asm/aesv8-armx.pl index 2b0e982996d18e..7edc436a53ca05 100755 --- a/deps/openssl/openssl/crypto/aes/asm/aesv8-armx.pl +++ b/deps/openssl/openssl/crypto/aes/asm/aesv8-armx.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -740,6 +740,21 @@ () #ifndef __ARMEB__ rev $ctr, $ctr #endif +___ +$code.=<<___ if ($flavour =~ /64/); + vorr $dat1,$dat0,$dat0 + add $tctr1, $ctr, #1 + vorr $dat2,$dat0,$dat0 + add $ctr, $ctr, #2 + vorr $ivec,$dat0,$dat0 + rev $tctr1, $tctr1 + vmov.32 ${dat1}[3],$tctr1 + b.ls .Lctr32_tail + rev $tctr2, $ctr + sub $len,$len,#3 // bias + vmov.32 ${dat2}[3],$tctr2 +___ +$code.=<<___ if ($flavour !~ /64/); add $tctr1, $ctr, #1 vorr $ivec,$dat0,$dat0 rev $tctr1, $tctr1 @@ -751,6 +766,8 @@ () vmov.32 ${ivec}[3],$tctr2 sub $len,$len,#3 // bias vorr $dat2,$ivec,$ivec +___ +$code.=<<___; b .Loop3x_ctr32 .align 4 @@ -777,11 +794,25 @@ () aese $dat1,q8 aesmc $tmp1,$dat1 vld1.8 {$in0},[$inp],#16 +___ +$code.=<<___ if ($flavour =~ /64/); + vorr $dat0,$ivec,$ivec +___ +$code.=<<___ if ($flavour !~ /64/); add $tctr0,$ctr,#1 +___ +$code.=<<___; aese $dat2,q8 aesmc $dat2,$dat2 vld1.8 {$in1},[$inp],#16 +___ +$code.=<<___ if ($flavour =~ /64/); + vorr $dat1,$ivec,$ivec +___ +$code.=<<___ if ($flavour !~ /64/); rev $tctr0,$tctr0 +___ +$code.=<<___; aese $tmp0,q9 aesmc $tmp0,$tmp0 aese $tmp1,q9 @@ -790,6 +821,12 @@ () mov $key_,$key aese $dat2,q9 aesmc $tmp2,$dat2 +___ +$code.=<<___ if ($flavour =~ /64/); + vorr $dat2,$ivec,$ivec + add $tctr0,$ctr,#1 +___ +$code.=<<___; aese $tmp0,q12 aesmc $tmp0,$tmp0 aese $tmp1,q12 @@ -805,22 +842,47 @@ () aese $tmp1,q13 aesmc $tmp1,$tmp1 veor $in2,$in2,$rndlast +___ +$code.=<<___ if ($flavour =~ /64/); + rev $tctr0,$tctr0 + aese $tmp2,q13 + aesmc $tmp2,$tmp2 + vmov.32 ${dat0}[3], $tctr0 +___ +$code.=<<___ if ($flavour !~ /64/); vmov.32 ${ivec}[3], $tctr0 aese $tmp2,q13 aesmc $tmp2,$tmp2 vorr $dat0,$ivec,$ivec +___ +$code.=<<___; rev $tctr1,$tctr1 aese $tmp0,q14 aesmc $tmp0,$tmp0 +___ +$code.=<<___ if ($flavour !~ /64/); vmov.32 ${ivec}[3], $tctr1 rev $tctr2,$ctr +___ +$code.=<<___; aese $tmp1,q14 aesmc $tmp1,$tmp1 +___ +$code.=<<___ if ($flavour =~ /64/); + vmov.32 ${dat1}[3], $tctr1 + rev $tctr2,$ctr + aese $tmp2,q14 + aesmc $tmp2,$tmp2 + vmov.32 ${dat2}[3], $tctr2 +___ +$code.=<<___ if ($flavour !~ /64/); vorr $dat1,$ivec,$ivec vmov.32 ${ivec}[3], $tctr2 aese $tmp2,q14 aesmc $tmp2,$tmp2 vorr $dat2,$ivec,$ivec +___ +$code.=<<___; subs $len,$len,#3 aese $tmp0,q15 aese $tmp1,q15 diff --git a/deps/openssl/openssl/crypto/asn1/charmap.pl b/deps/openssl/openssl/crypto/asn1/charmap.pl index dadd8df7749dfa..52fa5a7900ca1c 100644 --- a/deps/openssl/openssl/crypto/asn1/charmap.pl +++ b/deps/openssl/openssl/crypto/asn1/charmap.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -7,6 +7,9 @@ # https://www.openssl.org/source/license.html use strict; +use FindBin; +use lib "$FindBin::Bin/../../util/perl"; +use OpenSSL::copyright; my ($i, @arr); @@ -82,8 +85,8 @@ # Now generate the C code -# Output year depends on the year of the script. -my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; +# Year the file was generated. +my $YEAR = OpenSSL::copyright::year_of($0); print <[9])]->[5] + 1900; +# The year the output file is generated. +my $YEAR = OpenSSL::copyright::year_of($0); print <<"EOF"; /* * WARNING: do not edit! diff --git a/deps/openssl/openssl/crypto/conf/keysets.pl b/deps/openssl/openssl/crypto/conf/keysets.pl index 27a7214cc51925..9c9a00dea8d7a7 100644 --- a/deps/openssl/openssl/crypto/conf/keysets.pl +++ b/deps/openssl/openssl/crypto/conf/keysets.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -8,6 +8,9 @@ use strict; use warnings; +use FindBin; +use lib "$FindBin::Bin/../../util/perl"; +use OpenSSL::copyright; my $NUMBER = 0x0001; my $UPPER = 0x0002; @@ -54,9 +57,8 @@ push(@V_w32, $v); } -# Output year depends on the year of the script. -my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; - +# The year the output file is generated. +my $YEAR = OpenSSL::copyright::year_of($0); print <<"EOF"; /* * WARNING: do not edit! diff --git a/deps/openssl/openssl/crypto/ec/ec_key.c b/deps/openssl/openssl/crypto/ec/ec_key.c index 3017f0936c0d78..63799002bc980c 100644 --- a/deps/openssl/openssl/crypto/ec/ec_key.c +++ b/deps/openssl/openssl/crypto/ec/ec_key.c @@ -443,6 +443,16 @@ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) && key->meth->set_private(key, priv_key) == 0) return 0; + /* + * Return `0` to comply with legacy behavior for this function, see + * https://github.com/openssl/openssl/issues/18744#issuecomment-1195175696 + */ + if (priv_key == NULL) { + BN_clear_free(key->priv_key); + key->priv_key = NULL; + return 0; /* intentional for legacy compatibility */ + } + /* * We should never leak the bit length of the secret scalar in the key, * so we always set the `BN_FLG_CONSTTIME` flag on the internal `BIGNUM` diff --git a/deps/openssl/openssl/crypto/objects/obj_dat.pl b/deps/openssl/openssl/crypto/objects/obj_dat.pl index e5d38147eccf01..e1b4a02f288f58 100644 --- a/deps/openssl/openssl/crypto/objects/obj_dat.pl +++ b/deps/openssl/openssl/crypto/objects/obj_dat.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -9,6 +9,9 @@ use integer; use strict; use warnings; +use FindBin; +use lib "$FindBin::Bin/../../util/perl"; +use OpenSSL::copyright; # Generate the DER encoding for the given OID. sub der_it @@ -36,10 +39,8 @@ sub der_it return $ret; } -# Output year depends on the year of the script and the input file. -my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; -my $iYEAR = [localtime([stat($ARGV[0])]->[9])]->[5] + 1900; -$YEAR = $iYEAR if $iYEAR > $YEAR; +# The year the output file is generated. +my $YEAR = OpenSSL::copyright::latest(($0, $ARGV[0])); # Read input, parse all #define's into OID name and value. # Populate %ln and %sn with long and short names (%dupln and %dupsn) diff --git a/deps/openssl/openssl/crypto/objects/objects.pl b/deps/openssl/openssl/crypto/objects/objects.pl index d7d1962c9999f6..8b258d4df5098b 100644 --- a/deps/openssl/openssl/crypto/objects/objects.pl +++ b/deps/openssl/openssl/crypto/objects/objects.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -7,16 +7,15 @@ # https://www.openssl.org/source/license.html use Getopt::Std; +use FindBin; +use lib "$FindBin::Bin/../../util/perl"; +use OpenSSL::copyright; our($opt_n); getopts('n'); -# Output year depends on the year of the script and the input file. -my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; -my $iYEAR = [localtime([stat($ARGV[0])]->[9])]->[5] + 1900; -$YEAR = $iYEAR if $iYEAR > $YEAR; -$iYEAR = [localtime([stat($ARGV[1])]->[9])]->[5] + 1900; -$YEAR = $iYEAR if $iYEAR > $YEAR; +# The year the output file is generated. +my $YEAR = OpenSSL::copyright::latest(($0, $ARGV[1], $ARGV[0])); open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]"; $max_nid=0; diff --git a/deps/openssl/openssl/crypto/objects/objxref.pl b/deps/openssl/openssl/crypto/objects/objxref.pl index ce76cadae31c81..4d4b9074fc269c 100644 --- a/deps/openssl/openssl/crypto/objects/objxref.pl +++ b/deps/openssl/openssl/crypto/objects/objxref.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1998-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -8,18 +8,17 @@ use strict; +use FindBin; +use lib "$FindBin::Bin/../../util/perl"; +use OpenSSL::copyright; my %xref_tbl; my %oid_tbl; my ($mac_file, $xref_file) = @ARGV; -# Output year depends on the year of the script and the input file. -my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; -my $iYEAR = [localtime([stat($mac_file)]->[9])]->[5] + 1900; -$YEAR = $iYEAR if $iYEAR > $YEAR; -$iYEAR = [localtime([stat($xref_file)]->[9])]->[5] + 1900; -$YEAR = $iYEAR if $iYEAR > $YEAR; +# The year the output file is generated. +my $YEAR = OpenSSL::copyright::latest(($0, $mac_file, $xref_file)); open(IN, $mac_file) || die "Can't open $mac_file, $!\n"; diff --git a/deps/openssl/openssl/crypto/pem/pem_lib.c b/deps/openssl/openssl/crypto/pem/pem_lib.c index 2de093595d0d2e..aae42d98d2973a 100644 --- a/deps/openssl/openssl/crypto/pem/pem_lib.c +++ b/deps/openssl/openssl/crypto/pem/pem_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -621,7 +621,7 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, (BIO_write(bp, "-----\n", 6) != 6)) goto err; - i = strlen(header); + i = header != NULL ? strlen(header) : 0; if (i > 0) { if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1)) goto err; diff --git a/deps/openssl/openssl/crypto/rand/drbg_lib.c b/deps/openssl/openssl/crypto/rand/drbg_lib.c index 8c7c28c9703a4d..d32fa80cf89d60 100644 --- a/deps/openssl/openssl/crypto/rand/drbg_lib.c +++ b/deps/openssl/openssl/crypto/rand/drbg_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2011-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -354,13 +354,8 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg, drbg->state = DRBG_READY; drbg->generate_counter = 1; drbg->reseed_time = time(NULL); - if (drbg->enable_reseed_propagation) { - if (drbg->parent == NULL) - tsan_counter(&drbg->reseed_counter); - else - tsan_store(&drbg->reseed_counter, - tsan_load(&drbg->parent->reseed_counter)); - } + if (drbg->enable_reseed_propagation && drbg->parent == NULL) + tsan_counter(&drbg->reseed_counter); end: if (entropy != NULL && drbg->cleanup_entropy != NULL) @@ -444,13 +439,8 @@ int RAND_DRBG_reseed(RAND_DRBG *drbg, drbg->state = DRBG_READY; drbg->generate_counter = 1; drbg->reseed_time = time(NULL); - if (drbg->enable_reseed_propagation) { - if (drbg->parent == NULL) - tsan_counter(&drbg->reseed_counter); - else - tsan_store(&drbg->reseed_counter, - tsan_load(&drbg->parent->reseed_counter)); - } + if (drbg->enable_reseed_propagation && drbg->parent == NULL) + tsan_counter(&drbg->reseed_counter); end: if (entropy != NULL && drbg->cleanup_entropy != NULL) diff --git a/deps/openssl/openssl/crypto/rand/rand_lib.c b/deps/openssl/openssl/crypto/rand/rand_lib.c index 5c72fad8ca263b..3fdb56cb0024f0 100644 --- a/deps/openssl/openssl/crypto/rand/rand_lib.c +++ b/deps/openssl/openssl/crypto/rand/rand_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -172,8 +172,12 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg, if (RAND_DRBG_generate(drbg->parent, buffer, bytes_needed, prediction_resistance, - (unsigned char *)&drbg, sizeof(drbg)) != 0) + (unsigned char *)&drbg, sizeof(drbg)) != 0) { bytes = bytes_needed; + if (drbg->enable_reseed_propagation) + tsan_store(&drbg->reseed_counter, + tsan_load(&drbg->parent->reseed_counter)); + } rand_drbg_unlock(drbg->parent); rand_pool_add_end(pool, bytes, 8 * bytes); diff --git a/deps/openssl/openssl/crypto/rand/rand_vms.c b/deps/openssl/openssl/crypto/rand/rand_vms.c index a00f83bcc49114..969473730903c0 100644 --- a/deps/openssl/openssl/crypto/rand/rand_vms.c +++ b/deps/openssl/openssl/crypto/rand/rand_vms.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -479,31 +479,6 @@ size_t data_collect_method(RAND_POOL *pool) return rand_pool_entropy_available(pool); } -int rand_pool_add_nonce_data(RAND_POOL *pool) -{ - struct { - pid_t pid; - CRYPTO_THREAD_ID tid; - unsigned __int64 time; - } data = { 0 }; - - /* - * Add process id, thread id, and a high resolution timestamp - * (where available, which is OpenVMS v8.4 and up) to ensure that - * the nonce is unique with high probability for different process - * instances. - */ - data.pid = getpid(); - data.tid = CRYPTO_THREAD_get_current_id(); -#if __CRTL_VER >= 80400000 - sys$gettim_prec(&data.time); -#else - sys$gettim((void*)&data.time); -#endif - - return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); -} - /* * SYS$GET_ENTROPY METHOD * ====================== @@ -577,6 +552,59 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) return data_collect_method(pool); } +int rand_pool_add_nonce_data(RAND_POOL *pool) +{ + /* + * Two variables to ensure that two nonces won't ever be the same + */ + static unsigned __int64 last_time = 0; + static unsigned __int32 last_seq = 0; + + struct { + pid_t pid; + CRYPTO_THREAD_ID tid; + unsigned __int64 time; + unsigned __int32 seq; + } data; + + /* Erase the entire structure including any padding */ + memset(&data, 0, sizeof(data)); + + /* + * Add process id, thread id, a timestamp, and a sequence number in case + * the same time stamp is repeated, to ensure that the nonce is unique + * with high probability for different process instances. + * + * The normal OpenVMS time is specified to be high granularity (100ns), + * but the time update granularity given by sys$gettim() may be lower. + * + * OpenVMS version 8.4 (which is the latest for Alpha and Itanium) and + * on have sys$gettim_prec() as well, which is supposedly having a better + * time update granularity, but tests on Itanium (and even Alpha) have + * shown that compared with sys$gettim(), the difference is marginal, + * so of very little significance in terms of entropy. + * Given that, and that it's a high ask to expect everyone to have + * upgraded to OpenVMS version 8.4, only sys$gettim() is used, and a + * sequence number is added as well, in case sys$gettim() returns the + * same time value more than once. + * + * This function is assumed to be called under thread lock, and does + * therefore not take concurrency into account. + */ + data.pid = getpid(); + data.tid = CRYPTO_THREAD_get_current_id(); + data.seq = 0; + sys$gettim((void*)&data.time); + + if (data.time == last_time) { + data.seq = ++last_seq; + } else { + last_time = data.time; + last_seq = 0; + } + + return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); +} int rand_pool_add_additional_data(RAND_POOL *pool) { @@ -586,16 +614,12 @@ int rand_pool_add_additional_data(RAND_POOL *pool) } data = { 0 }; /* - * Add some noise from the thread id and a high resolution timer. - * The thread id adds a little randomness if the drbg is accessed - * concurrently (which is the case for the drbg). + * Add some noise from the thread id and a timer. The thread id adds a + * little randomness if the drbg is accessed concurrently (which is the + * case for the drbg). */ data.tid = CRYPTO_THREAD_get_current_id(); -#if __CRTL_VER >= 80400000 - sys$gettim_prec(&data.time); -#else sys$gettim((void*)&data.time); -#endif return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); } diff --git a/deps/openssl/openssl/crypto/rand/rand_win.c b/deps/openssl/openssl/crypto/rand/rand_win.c index 90365460085874..cdcd70103d98e1 100644 --- a/deps/openssl/openssl/crypto/rand/rand_win.c +++ b/deps/openssl/openssl/crypto/rand/rand_win.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,9 @@ # ifdef USE_BCRYPTGENRANDOM # include -# pragma comment(lib, "bcrypt.lib") +# ifdef _MSC_VER +# pragma comment(lib, "bcrypt.lib") +# endif # ifndef STATUS_SUCCESS # define STATUS_SUCCESS ((NTSTATUS)0x00000000L) # endif diff --git a/deps/openssl/openssl/crypto/x509/x509_req.c b/deps/openssl/openssl/crypto/x509/x509_req.c index dd674926ddb5fa..c2b8cb9f3e2db8 100644 --- a/deps/openssl/openssl/crypto/x509/x509_req.c +++ b/deps/openssl/openssl/crypto/x509/x509_req.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -167,7 +167,9 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) ext = X509_ATTRIBUTE_get0_type(attr, 0); break; } - if (!ext || (ext->type != V_ASN1_SEQUENCE)) + if (ext == NULL) /* no extensions is not an error */ + return sk_X509_EXTENSION_new_null(); + if (ext->type != V_ASN1_SEQUENCE) return NULL; p = ext->value.sequence->data; return (STACK_OF(X509_EXTENSION) *) @@ -227,44 +229,52 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc) X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc) { - return X509at_delete_attr(req->req_info.attributes, loc); + X509_ATTRIBUTE *attr = X509at_delete_attr(req->req_info.attributes, loc); + + if (attr != NULL) + req->req_info.enc.modified = 1; + return attr; } int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr) { - if (X509at_add1_attr(&req->req_info.attributes, attr)) - return 1; - return 0; + if (!X509at_add1_attr(&req->req_info.attributes, attr)) + return 0; + req->req_info.enc.modified = 1; + return 1; } int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj, - type, bytes, len)) - return 1; - return 0; + if (!X509at_add1_attr_by_OBJ(&req->req_info.attributes, obj, + type, bytes, len)) + return 0; + req->req_info.enc.modified = 1; + return 1; } int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_NID(&req->req_info.attributes, nid, - type, bytes, len)) - return 1; - return 0; + if (!X509at_add1_attr_by_NID(&req->req_info.attributes, nid, + type, bytes, len)) + return 0; + req->req_info.enc.modified = 1; + return 1; } int X509_REQ_add1_attr_by_txt(X509_REQ *req, const char *attrname, int type, const unsigned char *bytes, int len) { - if (X509at_add1_attr_by_txt(&req->req_info.attributes, attrname, - type, bytes, len)) - return 1; - return 0; + if (!X509at_add1_attr_by_txt(&req->req_info.attributes, attrname, + type, bytes, len)) + return 0; + req->req_info.enc.modified = 1; + return 1; } long X509_REQ_get_version(const X509_REQ *req) diff --git a/deps/openssl/openssl/crypto/x509/x509_vfy.c b/deps/openssl/openssl/crypto/x509/x509_vfy.c index b18489f67f6e48..925fbb54125834 100644 --- a/deps/openssl/openssl/crypto/x509/x509_vfy.c +++ b/deps/openssl/openssl/crypto/x509/x509_vfy.c @@ -973,14 +973,14 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) time_t *ptime; int i; - if (notify) - ctx->current_crl = crl; if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) ptime = &ctx->param->check_time; else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME) return 1; else ptime = NULL; + if (notify) + ctx->current_crl = crl; i = X509_cmp_time(X509_CRL_get0_lastUpdate(crl), ptime); if (i == 0) { diff --git a/deps/openssl/openssl/crypto/x509/x_all.c b/deps/openssl/openssl/crypto/x509/x_all.c index a4e9cdaee837ac..fcf6b5ba3780b9 100644 --- a/deps/openssl/openssl/crypto/x509/x_all.c +++ b/deps/openssl/openssl/crypto/x509/x_all.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -41,6 +41,13 @@ int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) { + /* + * Setting the modified flag before signing it. This makes the cached + * encoding to be ignored, so even if the certificate fields have changed, + * they are signed correctly. + * The X509_sign_ctx, X509_REQ_sign{,_ctx}, X509_CRL_sign{,_ctx} functions + * which exist below are the same. + */ x->cert_info.enc.modified = 1; return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), &x->cert_info.signature, &x->sig_alg, &x->signature, &x->cert_info, pkey, @@ -65,12 +72,14 @@ int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert) int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { + x->req_info.enc.modified = 1; return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL, x->signature, &x->req_info, pkey, md)); } int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx) { + x->req_info.enc.modified = 1; return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), &x->sig_alg, NULL, x->signature, &x->req_info, ctx); diff --git a/deps/openssl/openssl/crypto/x509v3/v3_addr.c b/deps/openssl/openssl/crypto/x509v3/v3_addr.c index ccce34ef2e48a4..f9c368bea40580 100644 --- a/deps/openssl/openssl/crypto/x509v3/v3_addr.c +++ b/deps/openssl/openssl/crypto/x509v3/v3_addr.c @@ -392,12 +392,14 @@ static int range_should_be_prefix(const unsigned char *min, /* * Construct a prefix. */ -static int make_addressPrefix(IPAddressOrRange **result, - unsigned char *addr, const int prefixlen) +static int make_addressPrefix(IPAddressOrRange **result, unsigned char *addr, + const int prefixlen, const int afilen) { int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8; IPAddressOrRange *aor = IPAddressOrRange_new(); + if (prefixlen < 0 || prefixlen > (afilen * 8)) + return 0; if (aor == NULL) return 0; aor->type = IPAddressOrRange_addressPrefix; @@ -437,7 +439,7 @@ static int make_addressRange(IPAddressOrRange **result, return 0; if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0) - return make_addressPrefix(result, min, prefixlen); + return make_addressPrefix(result, min, prefixlen, length); if ((aor = IPAddressOrRange_new()) == NULL) return 0; @@ -599,7 +601,9 @@ int X509v3_addr_add_prefix(IPAddrBlocks *addr, { IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi); IPAddressOrRange *aor; - if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen)) + + if (aors == NULL + || !make_addressPrefix(&aor, a, prefixlen, length_from_afi(afi))) return 0; if (sk_IPAddressOrRange_push(aors, aor)) return 1; @@ -996,7 +1000,10 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, switch (delim) { case '/': prefixlen = (int)strtoul(s + i2, &t, 10); - if (t == s + i2 || *t != '\0') { + if (t == s + i2 + || *t != '\0' + || prefixlen > (length * 8) + || prefixlen < 0) { X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR); X509V3_conf_err(val); diff --git a/deps/openssl/openssl/crypto/x509v3/v3_lib.c b/deps/openssl/openssl/crypto/x509v3/v3_lib.c index 97c1cbc20fed14..ea88ff2acd22b3 100644 --- a/deps/openssl/openssl/crypto/x509v3/v3_lib.c +++ b/deps/openssl/openssl/crypto/x509v3/v3_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -242,8 +242,10 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, } /* If delete, just delete it */ if (ext_op == X509V3_ADD_DELETE) { - if (!sk_X509_EXTENSION_delete(*x, extidx)) + extmp = sk_X509_EXTENSION_delete(*x, extidx); + if (extmp == NULL) return -1; + X509_EXTENSION_free(extmp); return 1; } } else { diff --git a/deps/openssl/openssl/crypto/x509v3/v3_utl.c b/deps/openssl/openssl/crypto/x509v3/v3_utl.c index a7ff4b4fb4d3ec..eac78259fc82c5 100644 --- a/deps/openssl/openssl/crypto/x509v3/v3_utl.c +++ b/deps/openssl/openssl/crypto/x509v3/v3_utl.c @@ -1087,12 +1087,17 @@ int a2i_ipadd(unsigned char *ipout, const char *ipasc) static int ipv4_from_asc(unsigned char *v4, const char *in) { - int a0, a1, a2, a3; - if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4) + const char *p; + int a0, a1, a2, a3, n; + + if (sscanf(in, "%d.%d.%d.%d%n", &a0, &a1, &a2, &a3, &n) != 4) return 0; if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255)) return 0; + p = in + n; + if (!(*p == '\0' || ossl_isspace(*p))) + return 0; v4[0] = a0; v4[1] = a1; v4[2] = a2; diff --git a/deps/openssl/openssl/doc/man1/x509.pod b/deps/openssl/openssl/doc/man1/x509.pod index 3c9b2f2263e35a..a94f099b356569 100644 --- a/deps/openssl/openssl/doc/man1/x509.pod +++ b/deps/openssl/openssl/doc/man1/x509.pod @@ -434,22 +434,26 @@ the CA certificate file. Sets the CA serial number file to use. -When the B<-CA> option is used to sign a certificate it uses a serial -number specified in a file. This file consists of one line containing -an even number of hex digits with the serial number to use. After each -use the serial number is incremented and written out to the file again. +When creating a certificate with this option, and with the B<-CA> option, +the certificate serial number is stored in the given file. +This file consists of one line containing +an even number of hex digits with the serial number used last time. +After reading this number, it is incremented and used, and the file is updated. The default filename consists of the CA certificate file base name with ".srl" appended. For example if the CA certificate file is called "mycacert.pem" it expects to find a serial number file called "mycacert.srl". +If the B<-CA> option is specified and neither <-CAserial> or <-CAcreateserial> +is given and the default serial number file does not exist, +a random number is generated; this is the recommended practice. + =item B<-CAcreateserial> -With this option the CA serial number file is created if it does not exist: -it will contain the serial number "02" and the certificate being signed will -have the 1 as its serial number. If the B<-CA> option is specified -and the serial number file does not exist a random number is generated; -this is the recommended practice. +With this option and the B<-CA> option +the CA serial number file is created if it does not exist. +A random number is generated, used for the certificate, +and saved into the serial number file determined as described above. =item B<-extfile filename> @@ -932,7 +936,7 @@ the old form must have their links rebuilt using B or similar. =head1 COPYRIGHT -Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/CMS_add0_cert.pod b/deps/openssl/openssl/doc/man3/CMS_add0_cert.pod index 9fbbe9d860481e..944f998746a48d 100644 --- a/deps/openssl/openssl/doc/man3/CMS_add0_cert.pod +++ b/deps/openssl/openssl/doc/man3/CMS_add0_cert.pod @@ -19,25 +19,33 @@ CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_ge =head1 DESCRIPTION -CMS_add0_cert() and CMS_add1_cert() add certificate B to B. -must be of type signed data or enveloped data. +CMS_add0_cert() and CMS_add1_cert() add certificate I to I. +I must be of type signed data or (authenticated) enveloped data. +For signed data, such a certificate can be used when signing or verifying +to fill in the signer certificate or to provide an extra CA certificate +that may be needed for chain building in certificate validation. -CMS_get1_certs() returns all certificates in B. +CMS_get1_certs() returns all certificates in I. -CMS_add0_crl() and CMS_add1_crl() add CRL B to B. CMS_get1_crls() -returns any CRLs in B. +CMS_add0_crl() and CMS_add1_crl() add CRL I to I. +I must be of type signed data or (authenticated) enveloped data. +For signed data, such a CRL may be used in certificate validation. +It may be given both for inclusion when signing a CMS message +and when verifying a signed CMS message. + +CMS_get1_crls() returns all CRLs in I. =head1 NOTES -The CMS_ContentInfo structure B must be of type signed data or enveloped +The CMS_ContentInfo structure I must be of type signed data or enveloped data or an error will be returned. -For signed data certificates and CRLs are added to the B and -B fields of SignedData structure. For enveloped data they are added to +For signed data certificates and CRLs are added to the I and +I fields of SignedData structure. For enveloped data they are added to B. -As the B<0> implies CMS_add0_cert() adds B internally to B and it -must not be freed up after the call as opposed to CMS_add1_cert() where B +As the I<0> implies CMS_add0_cert() adds I internally to I and it +must not be freed up after the call as opposed to CMS_add1_cert() where I must be freed up. The same certificate or CRL must not be added to the same cms structure more @@ -50,7 +58,7 @@ CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error which will occur -in practice is if the B type is invalid. +in practice is if the I type is invalid. =head1 SEE ALSO @@ -60,7 +68,7 @@ L =head1 COPYRIGHT -Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/CMS_verify.pod b/deps/openssl/openssl/doc/man3/CMS_verify.pod index c7dbb6b6c275b7..d7a423c30b298f 100644 --- a/deps/openssl/openssl/doc/man3/CMS_verify.pod +++ b/deps/openssl/openssl/doc/man3/CMS_verify.pod @@ -15,50 +15,58 @@ CMS_verify, CMS_get0_signers - verify a CMS SignedData structure =head1 DESCRIPTION -CMS_verify() verifies a CMS SignedData structure. B is the CMS_ContentInfo -structure to verify. B is a set of certificates in which to search for -the signing certificate(s). B is a trusted certificate store used for -chain verification. B is the detached content if the content is not -present in B. The content is written to B if it is not NULL. - -B is an optional set of flags, which can be used to modify the verify -operation. - -CMS_get0_signers() retrieves the signing certificate(s) from B, it may only +CMS_verify() is very similar to L. It verifies a +B structure contained in a structure of type B. +I points to the B structure to verify. +The optional I parameter refers to a set of certificates +in which to search for signing certificates. +I may contain extra untrusted CA certificates that may be used for +chain building as well as CRLs that may be used for certificate validation. +I may be NULL or point to +the trusted certificate store to use for chain verification. +I refers to the signed data if the content is detached from I. +Otherwise I should be NULL and the signed data must be in I. +The content is written to the BIO I unless it is NULL. +I is an optional set of flags, which can be used to modify the operation. + +CMS_get0_signers() retrieves the signing certificate(s) from I, it may only be called after a successful CMS_verify() operation. =head1 VERIFY PROCESS Normally the verify process proceeds as follows. -Initially some sanity checks are performed on B. The type of B must +Initially some sanity checks are performed on I. The type of I must be SignedData. There must be at least one signature on the data and if -the content is detached B cannot be B. +the content is detached I cannot be NULL. An attempt is made to locate all the signing certificate(s), first looking in -the B parameter (if it is not NULL) and then looking in any -certificates contained in the B structure itself. If any signing -certificate cannot be located the operation fails. +the I parameter (if it is not NULL) and then looking in any +certificates contained in the I structure unless B is set. +If any signing certificate cannot be located the operation fails. -Each signing certificate is chain verified using the B purpose and -the supplied trusted certificate store. Any internal certificates in the message -are used as untrusted CAs. If CRL checking is enabled in B any internal -CRLs are used in addition to attempting to look them up in B. If any -chain verify fails an error code is returned. +Each signing certificate is chain verified using the I purpose and +using the trusted certificate store I if supplied. +Any internal certificates in the message, which may have been added using +L, are used as untrusted CAs. +If CRL checking is enabled in I and B is not set, +any internal CRLs, which may have been added using L, +are used in addition to attempting to look them up in I. +If I is not NULL and any chain verify fails an error code is returned. -Finally the signed content is read (and written to B if it is not NULL) -and the signature's checked. +Finally the signed content is read (and written to I unless it is NULL) +and the signature is checked. -If all signature's verify correctly then the function is successful. +If all signatures verify correctly then the function is successful. -Any of the following flags (ored together) can be passed in the B +Any of the following flags (ored together) can be passed in the I parameter to change the default verify behaviour. If B is set the certificates in the message itself are not -searched when locating the signing certificate(s). This means that all the -signing certificates must be in the B parameter. +searched when locating the signing certificate(s). +This means that all the signing certificates must be in the I parameter. -If B is set and CRL checking is enabled in B then any +If B is set and CRL checking is enabled in I then any CRLs in the message itself are ignored. If the B flag is set MIME headers for type B are deleted @@ -66,7 +74,7 @@ from the content. If the content is not of type B then an error is returned. If B is set the signing certificates are not -verified. +chain verified. If B is set the signed attributes signature is not verified. @@ -77,20 +85,20 @@ If B is set then the content digest is not checked. One application of B is to only accept messages signed by a small number of certificates. The acceptable certificates would be passed -in the B parameter. In this case if the signer is not one of the -certificates supplied in B then the verify will fail because the +in the I parameter. In this case if the signer certificate is not one +of the certificates supplied in I then the verify will fail because the signer cannot be found. In some cases the standard techniques for looking up and validating certificates are not appropriate: for example an application may wish to lookup certificates in a database or perform customised verification. This -can be achieved by setting and verifying the signers certificates manually +can be achieved by setting and verifying the signer certificates manually using the signed data utility functions. Care should be taken when modifying the default verify behaviour, for example setting B will totally disable all content verification and any modified content will be considered valid. This combination is however -useful if one merely wishes to write the content to B and its validity +useful if one merely wishes to write the content to I and its validity is not considered important. Chain verification should arguably be performed using the signing time rather @@ -100,8 +108,7 @@ timestamp). =head1 RETURN VALUES -CMS_verify() returns 1 for a successful verification and zero if an error -occurred. +CMS_verify() returns 1 for a successful verification and 0 if an error occurred. CMS_get0_signers() returns all signers or NULL if an error occurred. @@ -109,8 +116,8 @@ The error can be obtained from L =head1 BUGS -The trusted certificate store is not searched for the signing certificate, -this is primarily due to the inadequacies of the current B +The trusted certificate store is not searched for the signing certificate. +This is primarily due to the inadequacies of the current B functionality. The lack of single pass processing means that the signed content must all @@ -118,11 +125,13 @@ be held in memory if it is not detached. =head1 SEE ALSO +L, L, L, +L, L, L =head1 COPYRIGHT -Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/EC_KEY_new.pod b/deps/openssl/openssl/doc/man3/EC_KEY_new.pod index 6507dc95cdffb8..2fdb4659b673ba 100644 --- a/deps/openssl/openssl/doc/man3/EC_KEY_new.pod +++ b/deps/openssl/openssl/doc/man3/EC_KEY_new.pod @@ -33,7 +33,7 @@ EC_KEY objects const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); - int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv); + int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key); const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); @@ -102,7 +102,9 @@ that it is valid. The functions EC_KEY_get0_group(), EC_KEY_set_group(), EC_KEY_get0_private_key(), EC_KEY_set_private_key(), EC_KEY_get0_public_key(), and EC_KEY_set_public_key() get and set the EC_GROUP object, the private key, -and the EC_POINT public key for the B respectively. +and the EC_POINT public key for the B respectively. The function +EC_KEY_set_private_key() accepts NULL as the priv_key argument to securely clear +the private key component from the EC_KEY. The functions EC_KEY_get_conv_form() and EC_KEY_set_conv_form() get and set the point_conversion_form for the B. For a description of @@ -160,10 +162,14 @@ EC_KEY_copy() returns a pointer to the destination key, or NULL on error. EC_KEY_get0_engine() returns a pointer to an ENGINE, or NULL if it wasn't set. -EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_private_key(), -EC_KEY_set_public_key(), EC_KEY_precompute_mult(), EC_KEY_generate_key(), -EC_KEY_check_key(), EC_KEY_set_public_key_affine_coordinates(), -EC_KEY_oct2key() and EC_KEY_oct2priv() return 1 on success or 0 on error. +EC_KEY_up_ref(), EC_KEY_set_group(), EC_KEY_set_public_key(), +EC_KEY_precompute_mult(), EC_KEY_generate_key(), EC_KEY_check_key(), +EC_KEY_set_public_key_affine_coordinates(), EC_KEY_oct2key() and +EC_KEY_oct2priv() return 1 on success or 0 on error. + +EC_KEY_set_private_key() returns 1 on success or 0 on error except when the +priv_key argument is NULL, in that case it returns 0, for legacy compatibility, +and should not be treated as an error. EC_KEY_get0_group() returns the EC_GROUP associated with the EC_KEY. @@ -184,7 +190,7 @@ L =head1 COPYRIGHT -Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2013-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod b/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod index 392ce5dbc579f0..a17459a06e0329 100644 --- a/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod +++ b/deps/openssl/openssl/doc/man3/EVP_EncryptInit.pod @@ -313,7 +313,7 @@ length. EVP_CIPHER_CTX_set_padding() always returns 1. EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV -length or zero if the cipher does not use an IV. +length, zero if the cipher does not use an IV and a negative value on error. EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER. @@ -661,7 +661,7 @@ EVP_CIPHER_CTX_reset(). =head1 COPYRIGHT -Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/OPENSSL_LH_COMPFUNC.pod b/deps/openssl/openssl/doc/man3/OPENSSL_LH_COMPFUNC.pod index ae0a4bbf978b78..29702aa0b58665 100644 --- a/deps/openssl/openssl/doc/man3/OPENSSL_LH_COMPFUNC.pod +++ b/deps/openssl/openssl/doc/man3/OPENSSL_LH_COMPFUNC.pod @@ -23,7 +23,7 @@ lh_TYPE_doall, lh_TYPE_doall_arg, lh_TYPE_error - dynamic hash table TYPE *lh_TYPE_insert(LHASH_OF(TYPE) *table, TYPE *data); TYPE *lh_TYPE_delete(LHASH_OF(TYPE) *table, TYPE *data); - TYPE *lh_retrieve(LHASH_OF(TYPE) *table, TYPE *data); + TYPE *lh_TYPE_retrieve(LHASH_OF(TYPE) *table, TYPE *data); void lh_TYPE_doall(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNC func); void lh_TYPE_doall_arg(LHASH_OF(TYPE) *table, OPENSSL_LH_DOALL_FUNCARG func, @@ -229,7 +229,7 @@ type checking. =head1 COPYRIGHT -Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/OPENSSL_init_crypto.pod b/deps/openssl/openssl/doc/man3/OPENSSL_init_crypto.pod index 3447f5f1138fb6..d01dba3d29dd46 100644 --- a/deps/openssl/openssl/doc/man3/OPENSSL_init_crypto.pod +++ b/deps/openssl/openssl/doc/man3/OPENSSL_init_crypto.pod @@ -81,7 +81,7 @@ B will be ignored. With this option the library will automatically load and make available all libcrypto digests. This option is a default option. Once selected subsequent calls to OPENSSL_init_crypto() with the option -B will be ignored. +B will be ignored. =item OPENSSL_INIT_NO_ADD_ALL_CIPHERS @@ -264,7 +264,7 @@ and OPENSSL_INIT_free() functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT -Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/PKCS7_sign.pod b/deps/openssl/openssl/doc/man3/PKCS7_sign.pod index 6fd54777d1f16c..11b62619103896 100644 --- a/deps/openssl/openssl/doc/man3/PKCS7_sign.pod +++ b/deps/openssl/openssl/doc/man3/PKCS7_sign.pod @@ -13,29 +13,26 @@ PKCS7_sign - create a PKCS#7 signedData structure =head1 DESCRIPTION -PKCS7_sign() creates and returns a PKCS#7 signedData structure. B is -the certificate to sign with, B is the corresponding private key. -B is an optional additional set of certificates to include in the PKCS#7 -structure (for example any intermediate CAs in the chain). +PKCS7_sign() creates and returns a PKCS#7 signedData structure. +I is the certificate to sign with, I is the corresponding +private key. I is an optional set of extra certificates to include +in the PKCS#7 structure (for example any intermediate CAs in the chain). -The data to be signed is read from BIO B. +The data to be signed is read from BIO I. -B is an optional set of flags. +I is an optional set of flags. -=head1 NOTES - -Any of the following flags (ored together) can be passed in the B -parameter. +Any of the following flags (ored together) can be passed in the I Many S/MIME clients expect the signed content to include valid MIME headers. If -the B flag is set MIME headers for type B are prepended +the B flag is set MIME headers for type C are prepended to the data. -If B is set the signer's certificate will not be included in the -PKCS7 structure, the signer's certificate must still be supplied in the -B parameter though. This can reduce the size of the signature if the -signers certificate can be obtained by other means: for example a previously -signed message. +If B is set the signer's certificate and the extra I +will not be included in the PKCS7 structure. +The signer's certificate must still be supplied in the I parameter +though. This can reduce the size of the signatures if the signer's certificates +can be obtained by other means: for example a previously signed message. The data being signed is included in the PKCS7 structure, unless B is set in which case it is omitted. This is used for PKCS7 @@ -59,7 +56,7 @@ these algorithms is disabled then it will not be included. If the flags B is set then the returned B structure is just initialized ready to perform the signing operation. The signing is however -B performed and the data to be signed is not read from the B +B performed and the data to be signed is not read from the I parameter. Signing is deferred until after the data has been written. In this way data can be signed in a single pass. @@ -80,17 +77,17 @@ BIO_new_PKCS7(). If a signer is specified it will use the default digest for the signing algorithm. This is B for both RSA and DSA keys. -The B, B and B parameters can all be -B if the B flag is set. One or more signers can be added +The I, I and I parameters can all be +NULL if the B flag is set. One or more signers can be added using the function PKCS7_sign_add_signer(). PKCS7_final() must also be called to finalize the structure if streaming is not enabled. Alternative signing digests can also be specified using this method. -If B and B are NULL then a certificates only +If I and I are NULL then a certificates only PKCS#7 structure is output. -In versions of OpenSSL before 1.0.0 the B and B parameters must -B be NULL. +In versions of OpenSSL before 1.0.0 the I and I parameters must +not be NULL. =head1 BUGS @@ -107,14 +104,14 @@ L, L =head1 HISTORY -The B flag, and the ability for B, B, -and B parameters to be B were added in OpenSSL 1.0.0. +The B flag, and the ability for I, I, +and I parameters to be NULL were added in OpenSSL 1.0.0. The B flag was added in OpenSSL 1.0.0. =head1 COPYRIGHT -Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/PKCS7_sign_add_signer.pod b/deps/openssl/openssl/doc/man3/PKCS7_sign_add_signer.pod index d4a27a2f619461..0bbd6d8dca7ce2 100644 --- a/deps/openssl/openssl/doc/man3/PKCS7_sign_add_signer.pod +++ b/deps/openssl/openssl/doc/man3/PKCS7_sign_add_signer.pod @@ -2,7 +2,8 @@ =head1 NAME -PKCS7_sign_add_signer - add a signer PKCS7 signed data structure +PKCS7_sign_add_signer, +PKCS7_add_certificate, PKCS7_add_crl - add information to PKCS7 structure =head1 SYNOPSIS @@ -10,22 +11,22 @@ PKCS7_sign_add_signer - add a signer PKCS7 signed data structure PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags); - + int PKCS7_add_certificate(PKCS7 *p7, X509 *cert); + int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl); =head1 DESCRIPTION -PKCS7_sign_add_signer() adds a signer with certificate B and private -key B using message digest B to a PKCS7 signed data structure -B. +PKCS7_sign_add_signer() adds a signer with certificate I and private +key I using message digest I to a PKCS7 signed data structure I. -The PKCS7 structure should be obtained from an initial call to PKCS7_sign() -with the flag B set or in the case or re-signing a valid PKCS7 +The B structure should be obtained from an initial call to PKCS7_sign() +with the flag B set or in the case or re-signing a valid PKCS#7 signed data structure. -If the B parameter is B then the default digest for the public +If the I parameter is NULL then the default digest for the public key algorithm will be used. -Unless the B flag is set the returned PKCS7 structure +Unless the B flag is set the returned B structure is not complete and must be finalized either by streaming (if applicable) or a call to PKCS7_final(). @@ -37,13 +38,13 @@ signed data structure where the simpler PKCS7_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed. -Any of the following flags (ored together) can be passed in the B +Any of the following flags (ored together) can be passed in the I parameter. If B is set then an attempt is made to copy the content -digest value from the PKCS7 structure: to add a signer to an existing structure. +digest value from the B structure: to add a signer to an existing structure. An error occurs if a matching digest value cannot be found to copy. The -returned PKCS7 structure will be valid and finalized when this flag is set. +returned B structure will be valid and finalized when this flag is set. If B is set in addition to B then the B structure will not be finalized so additional attributes @@ -51,8 +52,8 @@ can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is needed to finalize it. If B is set the signer's certificate will not be included in the -PKCS7 structure, the signer's certificate must still be supplied in the -B parameter though. This can reduce the size of the signature if the +B structure, the signer's certificate must still be supplied in the +I parameter though. This can reduce the size of the signature if the signers certificate can be obtained by other means: for example a previously signed message. @@ -66,20 +67,32 @@ If present the SMIMECapabilities attribute indicates support for the following algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is disabled then it will not be included. - -PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO -structure just added, this can be used to set additional attributes +PKCS7_sign_add_signers() returns an internal pointer to the B +structure just added, which can be used to set additional attributes before it is finalized. +PKCS7_add_certificate() adds to the B structure I the certificate +I, which may be an end-entity (signer) certificate +or a CA certificate useful for chain building. +This is done internally by L and similar signing functions. +It may have to be used before calling L +in order to provide any missing certificate(s) needed for verification. + +PKCS7_add_crl() adds the CRL I to the B structure I. +This may be called to provide certificate status information +to be included when signing or to use when verifying the B structure. + =head1 RETURN VALUES -PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO +PKCS7_sign_add_signers() returns an internal pointer to the B structure just added or NULL if an error occurs. +PKCS7_add_certificate() and PKCS7_add_crl() return 1 on success, 0 on error. + =head1 SEE ALSO -L, L, -L, +L, L, +L, L =head1 HISTORY @@ -87,7 +100,7 @@ The PPKCS7_sign_add_signer() function was added in OpenSSL 1.0.0. =head1 COPYRIGHT -Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/PKCS7_verify.pod b/deps/openssl/openssl/doc/man3/PKCS7_verify.pod index 9e238c565952eb..4418e5489c9fb0 100644 --- a/deps/openssl/openssl/doc/man3/PKCS7_verify.pod +++ b/deps/openssl/openssl/doc/man3/PKCS7_verify.pod @@ -15,64 +15,76 @@ PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure =head1 DESCRIPTION -PKCS7_verify() verifies a PKCS#7 signedData structure. B is the PKCS7 -structure to verify. B is a set of certificates in which to search for -the signer's certificate. B is a trusted certificate store (used for -chain verification). B is the signed data if the content is not -present in B (that is it is detached). The content is written to B -if it is not NULL. - -B is an optional set of flags, which can be used to modify the verify -operation. - -PKCS7_get0_signers() retrieves the signer's certificates from B, it does -B check their validity or whether any signatures are valid. The B -and B parameters have the same meanings as in PKCS7_verify(). +PKCS7_verify() is very similar to L. +It verifies a PKCS#7 signedData structure given in I. +The optional I parameter refers to a set of certificates +in which to search for signer's certificates. +I may contain extra untrusted CA certificates that may be used for +chain building as well as CRLs that may be used for certificate validation. +I may be NULL or point to +the trusted certificate store to use for chain verification. +I refers to the signed data if the content is detached from I. +Otherwise I should be NULL, and then the signed data must be in I. +The content is written to the BIO I unless it is NULL. +I is an optional set of flags, which can be used to modify the operation. + +PKCS7_get0_signers() retrieves the signer's certificates from I, it does +B check their validity or whether any signatures are valid. The I +and I parameters have the same meanings as in PKCS7_verify(). =head1 VERIFY PROCESS Normally the verify process proceeds as follows. -Initially some sanity checks are performed on B. The type of B must -be signedData. There must be at least one signature on the data and if -the content is detached B cannot be B. If the content is -not detached and B is not B, then the structure has both +Initially some sanity checks are performed on I. The type of I must +be SignedData. There must be at least one signature on the data and if +the content is detached I cannot be NULL. If the content is +not detached and I is not NULL then the structure has both embedded and external content. To treat this as an error, use the flag B. The default behavior allows this, for compatibility with older versions of OpenSSL. An attempt is made to locate all the signer's certificates, first looking in -the B parameter (if it is not B) and then looking in any certificates -contained in the B structure itself. If any signer's certificates cannot be -located the operation fails. +the I parameter (if it is not NULL). Then they are looked up in any +certificates contained in the I structure unless B is set. +If any signer's certificates cannot be located the operation fails. Each signer's certificate is chain verified using the B purpose and -the supplied trusted certificate store. Any internal certificates in the message -are used as untrusted CAs. If any chain verify fails an error code is returned. +using the trusted certificate store I if supplied. +Any internal certificates in the message, which may have been added using +L, are used as untrusted CAs unless B +is set. +If CRL checking is enabled in I and B is not set, +any internal CRLs, which may have been added using L, +are used in addition to attempting to look them up in I. +If I is not NULL and any chain verify fails an error code is returned. -Finally the signed content is read (and written to B is it is not NULL) and -the signature's checked. +Finally the signed content is read (and written to I unless it is NULL) +and the signature is checked. -If all signature's verify correctly then the function is successful. +If all signatures verify correctly then the function is successful. -Any of the following flags (ored together) can be passed in the B parameter -to change the default verify behaviour. Only the flag B is -meaningful to PKCS7_get0_signers(). +Any of the following flags (ored together) can be passed in the I +parameter to change the default verify behaviour. +Only the flag B is meaningful to PKCS7_get0_signers(). If B is set the certificates in the message itself are not -searched when locating the signer's certificate. This means that all the signers -certificates must be in the B parameter. +searched when locating the signer's certificates. +This means that all the signer's certificates must be in the I parameter. + +If B is set and CRL checking is enabled in I then any +CRLs in the message itself are ignored. -If the B flag is set MIME headers for type B are deleted -from the content. If the content is not of type B then an error is +If the B flag is set MIME headers for type C are deleted +from the content. If the content is not of type C then an error is returned. If B is set the signer's certificates are not chain verified. If B is set then the certificates contained in the message are not used as untrusted CAs. This means that the whole verify chain (apart from -the signer's certificate) must be contained in the trusted store. +the signer's certificates) must be contained in the trusted store. If B is set then the signatures on the data are not checked. @@ -80,46 +92,46 @@ If B is set then the signatures on the data are not checked. One application of B is to only accept messages signed by a small number of certificates. The acceptable certificates would be passed -in the B parameter. In this case if the signer is not one of the -certificates supplied in B then the verify will fail because the +in the I parameter. In this case if the signer's certificate is not one +of the certificates supplied in I then the verify will fail because the signer cannot be found. Care should be taken when modifying the default verify behaviour, for example setting B will totally disable all verification and any signed message will be considered valid. This combination is however -useful if one merely wishes to write the content to B and its validity +useful if one merely wishes to write the content to I and its validity is not considered important. -Chain verification should arguably be performed using the signing time rather +Chain verification should arguably be performed using the signing time rather than the current time. However, since the signing time is supplied by the signer it cannot be trusted without additional evidence (such as a trusted timestamp). =head1 RETURN VALUES -PKCS7_verify() returns one for a successful verification and zero -if an error occurs. +PKCS7_verify() returns 1 for a successful verification and 0 if an error occurs. -PKCS7_get0_signers() returns all signers or B if an error occurred. +PKCS7_get0_signers() returns all signers or NULL if an error occurred. -The error can be obtained from L +The error can be obtained from L. =head1 BUGS -The trusted certificate store is not searched for the signers certificate, -this is primarily due to the inadequacies of the current B +The trusted certificate store is not searched for the signer's certificates. +This is primarily due to the inadequacies of the current B functionality. -The lack of single pass processing and need to hold all data in memory as -mentioned in PKCS7_sign() also applies to PKCS7_verify(). +The lack of single pass processing means that the signed content must all +be held in memory if it is not detached. =head1 SEE ALSO +L, L, L, L, L =head1 COPYRIGHT -Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod index b8024dc4af6645..bf16c1eced2981 100644 --- a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod +++ b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_new.pod @@ -175,14 +175,18 @@ It should not normally be necessary for end user applications to call X509_STORE_CTX_purpose_inherit() directly. Typically applications should call X509_STORE_CTX_set_purpose() or X509_STORE_CTX_set_trust() instead. Using this function it is possible to set the purpose and trust values for the I at -the same time. The I and I arguments can have the same +the same time. +Both I and its internal verification parameter pointer must not be NULL. +The I and I arguments can have the same purpose values as described for X509_STORE_CTX_set_purpose() above. The I argument can have the same trust values as described in X509_STORE_CTX_set_trust() above. Any of the I, I or I values may also have the value 0 to indicate that the supplied parameter should be ignored. After calling this function the purpose to be used -for verification is set from the I argument, and the trust is set from -the I argument. If I is 0 then the trust value will be set from +for verification is set from the I argument unless the purpose was +already set in I before, and the trust is set from the I argument +unless the trust was already set in I before. +If I is 0 then the trust value will be set from the default trust value for I. If the default trust value for the purpose is I and I is 0 then the default trust value associated with the I value is used for the trust setting instead. diff --git a/deps/openssl/openssl/include/crypto/bn_conf.h b/deps/openssl/openssl/include/crypto/bn_conf.h deleted file mode 100644 index 79400c6472a49c..00000000000000 --- a/deps/openssl/openssl/include/crypto/bn_conf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../../config/bn_conf.h" diff --git a/deps/openssl/openssl/include/crypto/dso_conf.h b/deps/openssl/openssl/include/crypto/dso_conf.h deleted file mode 100644 index e7f2afa9872320..00000000000000 --- a/deps/openssl/openssl/include/crypto/dso_conf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../../config/dso_conf.h" diff --git a/deps/openssl/openssl/include/openssl/opensslconf.h b/deps/openssl/openssl/include/openssl/opensslconf.h deleted file mode 100644 index 76c99d433ab886..00000000000000 --- a/deps/openssl/openssl/include/openssl/opensslconf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../config/opensslconf.h" diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h index dafc04109bd7b1..bd8ee59c23692f 100644 --- a/deps/openssl/openssl/include/openssl/opensslv.h +++ b/deps/openssl/openssl/include/openssl/opensslv.h @@ -39,8 +39,8 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1010111fL -# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1q+quic 5 Jul 2022" +# define OPENSSL_VERSION_NUMBER 0x1010113fL +# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1s+quic 1 Nov 2022" /*- * The macros below are to be used for shared library (.so, .dll, ...) diff --git a/deps/openssl/openssl/ssl/packet.c b/deps/openssl/openssl/ssl/packet.c index 1ddde969f3b232..d6357495f53e79 100644 --- a/deps/openssl/openssl/ssl/packet.c +++ b/deps/openssl/openssl/ssl/packet.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -161,7 +161,7 @@ int WPACKET_set_flags(WPACKET *pkt, unsigned int flags) } /* Store the |value| of length |len| at location |data| */ -static int put_value(unsigned char *data, size_t value, size_t len) +static int put_value(unsigned char *data, uint64_t value, size_t len) { for (data += len - 1; len > 0; len--) { *data = (unsigned char)(value & 0xff); @@ -306,12 +306,12 @@ int WPACKET_start_sub_packet(WPACKET *pkt) return WPACKET_start_sub_packet_len__(pkt, 0); } -int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size) +int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t size) { unsigned char *data; /* Internal API, so should not fail */ - if (!ossl_assert(size <= sizeof(unsigned int)) + if (!ossl_assert(size <= sizeof(uint64_t)) || !WPACKET_allocate_bytes(pkt, size, &data) || !put_value(data, val, size)) return 0; diff --git a/deps/openssl/openssl/ssl/packet_local.h b/deps/openssl/openssl/ssl/packet_local.h index 1b6c2fb9bc3faf..ddb38892b0b243 100644 --- a/deps/openssl/openssl/ssl/packet_local.h +++ b/deps/openssl/openssl/ssl/packet_local.h @@ -1,5 +1,5 @@ /* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -227,6 +227,28 @@ __owur static ossl_inline int PACKET_peek_net_4(const PACKET *pkt, return 1; } +/* + * Peek ahead at 8 bytes in network order from |pkt| and store the value in + * |*data| + */ +__owur static ossl_inline int PACKET_peek_net_8(const PACKET *pkt, + uint64_t *data) +{ + if (PACKET_remaining(pkt) < 8) + return 0; + + *data = ((uint64_t)(*pkt->curr)) << 56; + *data |= ((uint64_t)(*(pkt->curr + 1))) << 48; + *data |= ((uint64_t)(*(pkt->curr + 2))) << 40; + *data |= ((uint64_t)(*(pkt->curr + 3))) << 32; + *data |= ((uint64_t)(*(pkt->curr + 4))) << 24; + *data |= ((uint64_t)(*(pkt->curr + 5))) << 16; + *data |= ((uint64_t)(*(pkt->curr + 6))) << 8; + *data |= *(pkt->curr + 7); + + return 1; +} + /* Equivalent of n2l */ /* Get 4 bytes in network order from |pkt| and store the value in |*data| */ __owur static ossl_inline int PACKET_get_net_4(PACKET *pkt, unsigned long *data) @@ -251,6 +273,17 @@ __owur static ossl_inline int PACKET_get_net_4_len(PACKET *pkt, size_t *data) return ret; } +/* Get 8 bytes in network order from |pkt| and store the value in |*data| */ +__owur static ossl_inline int PACKET_get_net_8(PACKET *pkt, uint64_t *data) +{ + if (!PACKET_peek_net_8(pkt, data)) + return 0; + + packet_forward(pkt, 8); + + return 1; +} + /* Peek ahead at 1 byte from |pkt| and store the value in |*data| */ __owur static ossl_inline int PACKET_peek_1(const PACKET *pkt, unsigned int *data) @@ -808,7 +841,7 @@ int WPACKET_sub_reserve_bytes__(WPACKET *pkt, size_t len, * 1 byte will fail. Don't call this directly. Use the convenience macros below * instead. */ -int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t bytes); +int WPACKET_put_bytes__(WPACKET *pkt, uint64_t val, size_t bytes); /* * Convenience macros for calling WPACKET_put_bytes with different @@ -822,6 +855,8 @@ int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t bytes); WPACKET_put_bytes__((pkt), (val), 3) #define WPACKET_put_bytes_u32(pkt, val) \ WPACKET_put_bytes__((pkt), (val), 4) +#define WPACKET_put_bytes_u64(pkt, val) \ + WPACKET_put_bytes__((pkt), (val), 8) /* Set a maximum size that we will not allow the WPACKET to grow beyond */ int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize); diff --git a/deps/openssl/openssl/ssl/record/rec_layer_s3.c b/deps/openssl/openssl/ssl/record/rec_layer_s3.c index cdc90ed0b39662..078bf9836c2e8c 100644 --- a/deps/openssl/openssl/ssl/record/rec_layer_s3.c +++ b/deps/openssl/openssl/ssl/record/rec_layer_s3.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -115,10 +115,22 @@ size_t ssl3_pending(const SSL *s) if (s->rlayer.rstate == SSL_ST_READ_BODY) return 0; + /* Take into account DTLS buffered app data */ + if (SSL_IS_DTLS(s)) { + DTLS1_RECORD_DATA *rdata; + pitem *item, *iter; + + iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q); + while ((item = pqueue_next(&iter)) != NULL) { + rdata = item->data; + num += rdata->rrec.length; + } + } + for (i = 0; i < RECORD_LAYER_get_numrpipes(&s->rlayer); i++) { if (SSL3_RECORD_get_type(&s->rlayer.rrec[i]) != SSL3_RT_APPLICATION_DATA) - return 0; + return num; num += SSL3_RECORD_get_length(&s->rlayer.rrec[i]); } diff --git a/deps/openssl/openssl/ssl/ssl_ciph.c b/deps/openssl/openssl/ssl/ssl_ciph.c index c8fede6014f32f..bc26aad7bbe7a0 100644 --- a/deps/openssl/openssl/ssl/ssl_ciph.c +++ b/deps/openssl/openssl/ssl/ssl_ciph.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * Copyright 2005 Nokia. All rights reserved. * @@ -1026,9 +1026,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str, * alphanumeric, so we call this an error. */ SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND); - retval = found = 0; - l++; - break; + return 0; } if (rule == CIPHER_SPECIAL) { diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c index 401f79914e7da5..1085f86c506ad3 100644 --- a/deps/openssl/openssl/ssl/ssl_lib.c +++ b/deps/openssl/openssl/ssl/ssl_lib.c @@ -1577,12 +1577,26 @@ int SSL_has_pending(const SSL *s) { /* * Similar to SSL_pending() but returns a 1 to indicate that we have - * unprocessed data available or 0 otherwise (as opposed to the number of - * bytes available). Unlike SSL_pending() this will take into account - * read_ahead data. A 1 return simply indicates that we have unprocessed - * data. That data may not result in any application data, or we may fail - * to parse the records for some reason. + * processed or unprocessed data available or 0 otherwise (as opposed to the + * number of bytes available). Unlike SSL_pending() this will take into + * account read_ahead data. A 1 return simply indicates that we have data. + * That data may not result in any application data, or we may fail to parse + * the records for some reason. */ + + /* Check buffered app data if any first */ + if (SSL_IS_DTLS(s)) { + DTLS1_RECORD_DATA *rdata; + pitem *item, *iter; + + iter = pqueue_iterator(s->rlayer.d->buffered_app_data.q); + while ((item = pqueue_next(&iter)) != NULL) { + rdata = item->data; + if (rdata->rrec.length > 0) + return 1; + } + } + if (RECORD_LAYER_processed_read_pending(&s->rlayer)) return 1; diff --git a/deps/openssl/openssl/ssl/ssl_rsa.c b/deps/openssl/openssl/ssl/ssl_rsa.c index 6457c0c0efa373..2df07bea678201 100644 --- a/deps/openssl/openssl/ssl/ssl_rsa.c +++ b/deps/openssl/openssl/ssl/ssl_rsa.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -727,6 +727,34 @@ static int serverinfoex_srv_parse_cb(SSL *s, unsigned int ext_type, return 1; } +static size_t extension_contextoff(unsigned int version) +{ + return version == SSL_SERVERINFOV1 ? 4 : 0; +} + +static size_t extension_append_length(unsigned int version, size_t extension_length) +{ + return extension_length + extension_contextoff(version); +} + +static void extension_append(unsigned int version, + const unsigned char *extension, + const size_t extension_length, + unsigned char *serverinfo) +{ + const size_t contextoff = extension_contextoff(version); + + if (contextoff > 0) { + /* We know this only uses the last 2 bytes */ + serverinfo[0] = 0; + serverinfo[1] = 0; + serverinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff; + serverinfo[3] = SYNTHV1CONTEXT & 0xff; + } + + memcpy(serverinfo + contextoff, extension, extension_length); +} + static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *arg) @@ -842,12 +870,36 @@ int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version, const unsigned char *serverinfo, size_t serverinfo_length) { - unsigned char *new_serverinfo; + unsigned char *new_serverinfo = NULL; if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (version == SSL_SERVERINFOV1) { + /* + * Convert serverinfo version v1 to v2 and call yourself recursively + * over the converted serverinfo. + */ + const size_t sinfo_length = extension_append_length(SSL_SERVERINFOV1, + serverinfo_length); + unsigned char *sinfo; + int ret; + + sinfo = OPENSSL_malloc(sinfo_length); + if (sinfo == NULL) { + SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, ERR_R_MALLOC_FAILURE); + return 0; + } + + extension_append(SSL_SERVERINFOV1, serverinfo, serverinfo_length, sinfo); + + ret = SSL_CTX_use_serverinfo_ex(ctx, SSL_SERVERINFOV2, sinfo, + sinfo_length); + + OPENSSL_free(sinfo); + return ret; + } if (!serverinfo_process_buffer(version, serverinfo, serverinfo_length, NULL)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_EX, SSL_R_INVALID_SERVERINFO_DATA); @@ -899,7 +951,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) char namePrefix2[] = "SERVERINFOV2 FOR "; int ret = 0; BIO *bin = NULL; - size_t num_extensions = 0, contextoff = 0; + size_t num_extensions = 0; if (ctx == NULL || file == NULL) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PASSED_NULL_PARAMETER); @@ -918,6 +970,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) for (num_extensions = 0;; num_extensions++) { unsigned int version; + size_t append_length; if (PEM_read_bio(bin, &name, &header, &extension, &extension_length) == 0) { @@ -962,11 +1015,6 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA); goto end; } - /* - * File does not have a context value so we must take account of - * this later. - */ - contextoff = 4; } else { /* 8 byte header: 4 bytes context, 2 bytes type, 2 bytes len */ if (extension_length < 8 @@ -977,25 +1025,16 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) } } /* Append the decoded extension to the serverinfo buffer */ - tmp = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length - + contextoff); + append_length = extension_append_length(version, extension_length); + tmp = OPENSSL_realloc(serverinfo, serverinfo_length + append_length); if (tmp == NULL) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE); goto end; } serverinfo = tmp; - if (contextoff > 0) { - unsigned char *sinfo = serverinfo + serverinfo_length; - - /* We know this only uses the last 2 bytes */ - sinfo[0] = 0; - sinfo[1] = 0; - sinfo[2] = (SYNTHV1CONTEXT >> 8) & 0xff; - sinfo[3] = SYNTHV1CONTEXT & 0xff; - } - memcpy(serverinfo + serverinfo_length + contextoff, - extension, extension_length); - serverinfo_length += extension_length + contextoff; + extension_append(version, extension, extension_length, + serverinfo + serverinfo_length); + serverinfo_length += append_length; OPENSSL_free(name); name = NULL; diff --git a/deps/openssl/openssl/ssl/statem/extensions_clnt.c b/deps/openssl/openssl/ssl/statem/extensions_clnt.c index a5b81eef805949..8f485b46dc5dc1 100644 --- a/deps/openssl/openssl/ssl/statem/extensions_clnt.c +++ b/deps/openssl/openssl/ssl/statem/extensions_clnt.c @@ -1002,7 +1002,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx) { #ifndef OPENSSL_NO_TLS1_3 - uint32_t now, agesec, agems = 0; + uint32_t agesec, agems = 0; size_t reshashsize = 0, pskhashsize = 0, binderoffset, msglen; unsigned char *resbinder = NULL, *pskbinder = NULL, *msgstart = NULL; const EVP_MD *handmd = NULL, *mdres = NULL, *mdpsk = NULL; @@ -1059,8 +1059,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, * this in multiple places in the code, so portability shouldn't be an * issue. */ - now = (uint32_t)time(NULL); - agesec = now - (uint32_t)s->session->time; + agesec = (uint32_t)(time(NULL) - s->session->time); /* * We calculate the age in seconds but the server may work in ms. Due to * rounding errors we could overestimate the age by up to 1s. It is diff --git a/deps/openssl/openssl/ssl/statem/extensions_srvr.c b/deps/openssl/openssl/ssl/statem/extensions_srvr.c index 1a70f3c6506f9e..52800902e77112 100644 --- a/deps/openssl/openssl/ssl/statem/extensions_srvr.c +++ b/deps/openssl/openssl/ssl/statem/extensions_srvr.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,16 +12,16 @@ #include "statem_local.h" #include "internal/cryptlib.h" -#define COOKIE_STATE_FORMAT_VERSION 0 +#define COOKIE_STATE_FORMAT_VERSION 1 /* * 2 bytes for packet length, 2 bytes for format version, 2 bytes for * protocol version, 2 bytes for group id, 2 bytes for cipher id, 1 byte for - * key_share present flag, 4 bytes for timestamp, 2 bytes for the hashlen, + * key_share present flag, 8 bytes for timestamp, 2 bytes for the hashlen, * EVP_MAX_MD_SIZE for transcript hash, 1 byte for app cookie length, app cookie * length bytes, SHA256_DIGEST_LENGTH bytes for the HMAC of the whole thing. */ -#define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 4 + 2 + EVP_MAX_MD_SIZE + 1 \ +#define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 8 + 2 + EVP_MAX_MD_SIZE + 1 \ + SSL_COOKIE_LENGTH + SHA256_DIGEST_LENGTH) /* @@ -741,7 +741,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, unsigned char hmac[SHA256_DIGEST_LENGTH]; unsigned char hrr[MAX_HRR_SIZE]; size_t rawlen, hmaclen, hrrlen, ciphlen; - unsigned long tm, now; + uint64_t tm, now; /* Ignore any cookie if we're not set up to verify it */ if (s->ctx->verify_stateless_cookie_cb == NULL @@ -851,7 +851,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } if (!PACKET_get_1(&cookie, &key_share) - || !PACKET_get_net_4(&cookie, &tm) + || !PACKET_get_net_8(&cookie, &tm) || !PACKET_get_length_prefixed_2(&cookie, &chhash) || !PACKET_get_length_prefixed_1(&cookie, &appcookie) || PACKET_remaining(&cookie) != SHA256_DIGEST_LENGTH) { @@ -861,7 +861,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } /* We tolerate a cookie age of up to 10 minutes (= 60 * 10 seconds) */ - now = (unsigned long)time(NULL); + now = time(NULL); if (tm > now || (now - tm) > 600) { /* Cookie is stale. Ignore it */ return 1; @@ -1167,7 +1167,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->ext.early_data_ok = 1; s->ext.ticket_expected = 1; } else { - uint32_t ticket_age = 0, now, agesec, agems; + uint32_t ticket_age = 0, agesec, agems; int ret; /* @@ -1209,8 +1209,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } ticket_age = (uint32_t)ticket_agel; - now = (uint32_t)time(NULL); - agesec = now - (uint32_t)sess->time; + agesec = (uint32_t)(time(NULL) - sess->time); agems = agesec * (uint32_t)1000; ticket_age -= sess->ext.tick_age_add; @@ -1837,7 +1836,7 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, &ciphlen) /* Is there a key_share extension present in this HRR? */ || !WPACKET_put_bytes_u8(pkt, s->s3->peer_tmp == NULL) - || !WPACKET_put_bytes_u32(pkt, (unsigned int)time(NULL)) + || !WPACKET_put_bytes_u64(pkt, time(NULL)) || !WPACKET_start_sub_packet_u16(pkt) || !WPACKET_reserve_bytes(pkt, EVP_MAX_MD_SIZE, &hashval1)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, diff --git a/deps/openssl/openssl/ssl/tls13_enc.c b/deps/openssl/openssl/ssl/tls13_enc.c index e4c72cdb28474f..8c656ea5de0343 100644 --- a/deps/openssl/openssl/ssl/tls13_enc.c +++ b/deps/openssl/openssl/ssl/tls13_enc.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -190,6 +190,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md, if (!ossl_assert(mdleni >= 0)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_GENERATE_SECRET, ERR_R_INTERNAL_ERROR); + EVP_PKEY_CTX_free(pctx); return 0; } mdlen = (size_t)mdleni; diff --git a/deps/openssl/openssl/test/dtlstest.c b/deps/openssl/openssl/test/dtlstest.c index 1d7b105fb6ac55..59b257db368c66 100644 --- a/deps/openssl/openssl/test/dtlstest.c +++ b/deps/openssl/openssl/test/dtlstest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -328,6 +328,93 @@ static int test_dtls_duplicate_records(void) return testresult; } +/* + * Test that swapping an app data record so that it is received before the + * Finished message still works. + */ +static int test_swap_app_data(void) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *sssl = NULL, *cssl = NULL; + int testresult = 0; + BIO *bio; + char msg[] = { 0x00, 0x01, 0x02, 0x03 }; + char buf[10]; + + if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, 0, + &sctx, &cctx, cert, privkey))) + return 0; + +#ifndef OPENSSL_NO_DTLS1_2 + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES128-SHA"))) + goto end; +#else + /* Default sigalgs are SHA1 based in priv_key), 1)) + goto err; + + /* Test compliance with legacy behavior for NULL private keys */ + if (!TEST_int_eq(EC_KEY_set_private_key(key, NULL), 0) + || !TEST_ptr_null(key->priv_key)) + goto err; + + testresult = 1; + + err: + EC_KEY_free(key); + EC_KEY_free(aux_key); + return testresult; +} + /* * Tests behavior of the decoded_from_explicit_params flag and API */ @@ -337,6 +370,7 @@ int setup_tests(void) ADD_TEST(field_tests_ec2_simple); #endif ADD_ALL_TESTS(field_tests_default, crv_len); + ADD_TEST(set_private_key); ADD_TEST(decoded_flag_test); ADD_ALL_TESTS(ecpkparams_i2d2i_test, crv_len); diff --git a/deps/openssl/openssl/test/recipes/25-test_x509.t b/deps/openssl/openssl/test/recipes/25-test_x509.t index f5ef0f996324db..853d30c8ba3946 100644 --- a/deps/openssl/openssl/test/recipes/25-test_x509.t +++ b/deps/openssl/openssl/test/recipes/25-test_x509.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -15,7 +15,11 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_x509"); -plan tests => 9; +plan tests => 16; + +# Prevent MSys2 filename munging for arguments that look like file paths but +# aren't +$ENV{MSYS2_ARG_CONV_EXCL} = "/CN="; require_ok(srctop_file('test','recipes','tconversion.pl')); @@ -46,4 +50,59 @@ subtest 'x509 -- second x.509 v3 certificate' => sub { subtest 'x509 -- pathlen' => sub { ok(run(test(["v3ext", srctop_file("test/certs", "pathlen.pem")]))); +}; + +# extracts issuer from a -text formatted-output +sub get_issuer { + my $f = shift(@_); + my $issuer = ""; + open my $fh, $f or die; + while (my $line = <$fh>) { + if ($line =~ /Issuer:/) { + $issuer = $line; + } + } + close $fh; + return $issuer; } + +# Tests for signing certs (broken in 1.1.1o) +my $a_key = "a-key.pem"; +my $a_cert = "a-cert.pem"; +my $a2_cert = "a2-cert.pem"; +my $ca_key = "ca-key.pem"; +my $ca_cert = "ca-cert.pem"; +my $cnf = srctop_file('apps', 'openssl.cnf'); + +# Create cert A +ok(run(app(["openssl", "req", "-x509", "-newkey", "rsa:2048", + "-config", $cnf, + "-keyout", $a_key, "-out", $a_cert, "-days", "365", + "-nodes", "-subj", "/CN=test.example.com"]))); +# Create cert CA - note key size +ok(run(app(["openssl", "req", "-x509", "-newkey", "rsa:4096", + "-config", $cnf, + "-keyout", $ca_key, "-out", $ca_cert, "-days", "3650", + "-nodes", "-subj", "/CN=ca.example.com"]))); +# Sign cert A with CA (errors on 1.1.1o) +ok(run(app(["openssl", "x509", "-in", $a_cert, "-CA", $ca_cert, + "-CAkey", $ca_key, "-set_serial", "1234567890", + "-preserve_dates", "-sha256", "-text", "-out", $a2_cert]))); +# verify issuer is CA +ok (get_issuer($a2_cert) =~ /CN = ca.example.com/); + +# Tests for issue #16080 (fixed in 1.1.1o) +my $b_key = "b-key.pem"; +my $b_csr = "b-cert.csr"; +my $b_cert = "b-cert.pem"; +# Create the CSR +ok(run(app(["openssl", "req", "-new", "-newkey", "rsa:4096", + "-keyout", $b_key, "-out", $b_csr, "-nodes", + "-config", $cnf, + "-subj", "/CN=b.example.com"]))); +# Sign it - position of "-text" matters! +ok(run(app(["openssl", "x509", "-req", "-text", "-CAcreateserial", + "-CA", $ca_cert, "-CAkey", $ca_key, + "-in", $b_csr, "-out", $b_cert]))); +# Verify issuer is CA +ok(get_issuer($b_cert) =~ /CN = ca.example.com/); diff --git a/deps/openssl/openssl/test/sslapitest.c b/deps/openssl/openssl/test/sslapitest.c index 5c85e3643a16d3..347dcc1acadbc3 100644 --- a/deps/openssl/openssl/test/sslapitest.c +++ b/deps/openssl/openssl/test/sslapitest.c @@ -85,20 +85,6 @@ struct sslapitest_log_counts { }; -static unsigned char serverinfov1[] = { - 0xff, 0xff, /* Dummy extension type */ - 0x00, 0x01, /* Extension length is 1 byte */ - 0xff /* Dummy extension data */ -}; - -static unsigned char serverinfov2[] = { - 0x00, 0x00, 0x00, - (unsigned char)(SSL_EXT_CLIENT_HELLO & 0xff), /* Dummy context - 4 bytes */ - 0xff, 0xff, /* Dummy extension type */ - 0x00, 0x01, /* Extension length is 1 byte */ - 0xff /* Dummy extension data */ -}; - static int hostname_cb(SSL *s, int *al, void *arg) { const char *hostname = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); @@ -4511,62 +4497,137 @@ static int test_custom_exts(int tst) return testresult; } -/* - * Test loading of serverinfo data in various formats. test_sslmessages actually - * tests to make sure the extensions appear in the handshake - */ -static int test_serverinfo(int tst) -{ - unsigned int version; - unsigned char *sibuf; - size_t sibuflen; - int ret, expected, testresult = 0; - SSL_CTX *ctx; +#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_3) - ctx = SSL_CTX_new(TLS_method()); - if (!TEST_ptr(ctx)) - goto end; +#define SYNTHV1CONTEXT (SSL_EXT_TLS1_2_AND_BELOW_ONLY \ + | SSL_EXT_CLIENT_HELLO \ + | SSL_EXT_TLS1_2_SERVER_HELLO \ + | SSL_EXT_IGNORE_ON_RESUMPTION) - if ((tst & 0x01) == 0x01) - version = SSL_SERVERINFOV2; - else - version = SSL_SERVERINFOV1; +#define TLS13CONTEXT (SSL_EXT_TLS1_3_CERTIFICATE \ + | SSL_EXT_TLS1_2_SERVER_HELLO \ + | SSL_EXT_CLIENT_HELLO) - if ((tst & 0x02) == 0x02) { - sibuf = serverinfov2; - sibuflen = sizeof(serverinfov2); - expected = (version == SSL_SERVERINFOV2); - } else { - sibuf = serverinfov1; - sibuflen = sizeof(serverinfov1); - expected = (version == SSL_SERVERINFOV1); +#define SERVERINFO_CUSTOM \ + 0x00, (char)TLSEXT_TYPE_signed_certificate_timestamp, \ + 0x00, 0x03, \ + 0x04, 0x05, 0x06 \ + +static const unsigned char serverinfo_custom_tls13[] = { + 0x00, 0x00, (TLS13CONTEXT >> 8) & 0xff, TLS13CONTEXT & 0xff, + SERVERINFO_CUSTOM +}; +static const unsigned char serverinfo_custom_v2[] = { + 0x00, 0x00, (SYNTHV1CONTEXT >> 8) & 0xff, SYNTHV1CONTEXT & 0xff, + SERVERINFO_CUSTOM +}; +static const unsigned char serverinfo_custom_v1[] = { + SERVERINFO_CUSTOM +}; +static const size_t serverinfo_custom_tls13_len = sizeof(serverinfo_custom_tls13); +static const size_t serverinfo_custom_v2_len = sizeof(serverinfo_custom_v2); +static const size_t serverinfo_custom_v1_len = sizeof(serverinfo_custom_v1); + +static int serverinfo_custom_parse_cb(SSL *s, unsigned int ext_type, + unsigned int context, + const unsigned char *in, + size_t inlen, X509 *x, + size_t chainidx, int *al, + void *parse_arg) +{ + const size_t len = serverinfo_custom_v1_len; + const unsigned char *si = &serverinfo_custom_v1[len - 3]; + int *p_cb_result = (int*)parse_arg; + *p_cb_result = TEST_mem_eq(in, inlen, si, 3); + return 1; +} + +static int test_serverinfo_custom(const int idx) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + int cb_result = 0; + + /* + * Following variables are set in the switch statement + * according to the test iteration. + * Default values do not make much sense: test would fail with them. + */ + int serverinfo_version = 0; + int protocol_version = 0; + unsigned int extension_context = 0; + const unsigned char *si = NULL; + size_t si_len = 0; + + const int call_use_serverinfo_ex = idx > 0; + switch (idx) { + case 0: /* FALLTHROUGH */ + case 1: + serverinfo_version = SSL_SERVERINFOV1; + protocol_version = TLS1_2_VERSION; + extension_context = SYNTHV1CONTEXT; + si = serverinfo_custom_v1; + si_len = serverinfo_custom_v1_len; + break; + case 2: + serverinfo_version = SSL_SERVERINFOV2; + protocol_version = TLS1_2_VERSION; + extension_context = SYNTHV1CONTEXT; + si = serverinfo_custom_v2; + si_len = serverinfo_custom_v2_len; + break; + case 3: + serverinfo_version = SSL_SERVERINFOV2; + protocol_version = TLS1_3_VERSION; + extension_context = TLS13CONTEXT; + si = serverinfo_custom_tls13; + si_len = serverinfo_custom_tls13_len; + break; } - if ((tst & 0x04) == 0x04) { - ret = SSL_CTX_use_serverinfo_ex(ctx, version, sibuf, sibuflen); - } else { - ret = SSL_CTX_use_serverinfo(ctx, sibuf, sibuflen); + if (!TEST_true(create_ssl_ctx_pair(TLS_method(), + TLS_method(), + protocol_version, + protocol_version, + &sctx, &cctx, cert, privkey))) + goto end; - /* - * The version variable is irrelevant in this case - it's what is in the - * buffer that matters - */ - if ((tst & 0x02) == 0x02) - expected = 0; - else - expected = 1; + if (call_use_serverinfo_ex) { + if (!TEST_true(SSL_CTX_use_serverinfo_ex(sctx, serverinfo_version, + si, si_len))) + goto end; + } else { + if (!TEST_true(SSL_CTX_use_serverinfo(sctx, si, si_len))) + goto end; } - if (!TEST_true(ret == expected)) + if (!TEST_true(SSL_CTX_add_custom_ext(cctx, TLSEXT_TYPE_signed_certificate_timestamp, + extension_context, + NULL, NULL, NULL, + serverinfo_custom_parse_cb, + &cb_result)) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_int_eq(SSL_do_handshake(clientssl), 1)) + goto end; + + if (!TEST_true(cb_result)) goto end; testresult = 1; end: - SSL_CTX_free(ctx); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); return testresult; } +#endif /* * Test that SSL_export_keying_material() produces expected results. There are @@ -7691,7 +7752,6 @@ int setup_tests(void) #else ADD_ALL_TESTS(test_custom_exts, 3); #endif - ADD_ALL_TESTS(test_serverinfo, 8); ADD_ALL_TESTS(test_export_key_mat, 6); #ifndef OPENSSL_NO_TLS1_3 ADD_ALL_TESTS(test_export_key_mat_early, 3); @@ -7723,6 +7783,9 @@ int setup_tests(void) ADD_TEST(test_set_verify_cert_store_ssl_ctx); ADD_TEST(test_set_verify_cert_store_ssl); ADD_TEST(test_inherit_verify_param); +#if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_3) + ADD_ALL_TESTS(test_serverinfo_custom, 4); +#endif #ifndef OPENSSL_NO_QUIC ADD_ALL_TESTS(test_quic_api, 9); ADD_ALL_TESTS(test_quic_early_data, 3); diff --git a/deps/openssl/openssl/test/ssltestlib.c b/deps/openssl/openssl/test/ssltestlib.c index 456afdf4716e07..422787b0f58284 100644 --- a/deps/openssl/openssl/test/ssltestlib.c +++ b/deps/openssl/openssl/test/ssltestlib.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -435,6 +435,39 @@ static int mempacket_test_read(BIO *bio, char *out, int outl) return outl; } +/* Take the last and penultimate packets and swap them around */ +int mempacket_swap_recent(BIO *bio) +{ + MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); + MEMPACKET *thispkt; + int numpkts = sk_MEMPACKET_num(ctx->pkts); + + /* We need at least 2 packets to be able to swap them */ + if (numpkts <= 1) + return 0; + + /* Get the penultimate packet */ + thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2); + if (thispkt == NULL) + return 0; + + if (sk_MEMPACKET_delete(ctx->pkts, numpkts - 2) != thispkt) + return 0; + + /* Re-add it to the end of the list */ + thispkt->num++; + if (sk_MEMPACKET_insert(ctx->pkts, thispkt, numpkts - 1) <= 0) + return 0; + + /* We also have to adjust the packet number of the other packet */ + thispkt = sk_MEMPACKET_value(ctx->pkts, numpkts - 2); + if (thispkt == NULL) + return 0; + thispkt->num--; + + return 1; +} + int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, int type) { diff --git a/deps/openssl/openssl/test/ssltestlib.h b/deps/openssl/openssl/test/ssltestlib.h index 17b278219a6e76..8f0a1b5308c374 100644 --- a/deps/openssl/openssl/test/ssltestlib.h +++ b/deps/openssl/openssl/test/ssltestlib.h @@ -1,5 +1,5 @@ /* - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -46,6 +46,7 @@ void bio_s_always_retry_free(void); #define MEMPACKET_CTRL_GET_DROP_REC (3 << 15) #define MEMPACKET_CTRL_SET_DUPLICATE_REC (4 << 15) +int mempacket_swap_recent(BIO *bio); int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, int type); diff --git a/deps/openssl/openssl/test/v3ext.c b/deps/openssl/openssl/test/v3ext.c index 386135fed8ab1f..2bc0f866e2b103 100644 --- a/deps/openssl/openssl/test/v3ext.c +++ b/deps/openssl/openssl/test/v3ext.c @@ -8,6 +8,7 @@ */ #include +#include #include #include #include @@ -224,6 +225,104 @@ static int test_addr_ranges(void) ASN1_OCTET_STRING_free(ip2); return testresult; } + +static struct extvalues_st { + const char *value; + int pass; +} extvalues[] = { + /* No prefix is ok */ + { "sbgp-ipAddrBlock = IPv4:192.0.0.1\n", 1 }, + { "sbgp-ipAddrBlock = IPv4:192.0.0.0/0\n", 1 }, + { "sbgp-ipAddrBlock = IPv4:192.0.0.0/1\n", 1 }, + { "sbgp-ipAddrBlock = IPv4:192.0.0.0/32\n", 1 }, + /* Prefix is too long */ + { "sbgp-ipAddrBlock = IPv4:192.0.0.0/33\n", 0 }, + /* Unreasonably large prefix */ + { "sbgp-ipAddrBlock = IPv4:192.0.0.0/12341234\n", 0 }, + /* Invalid IP addresses */ + { "sbgp-ipAddrBlock = IPv4:192.0.0\n", 0 }, + { "sbgp-ipAddrBlock = IPv4:256.0.0.0\n", 0 }, + { "sbgp-ipAddrBlock = IPv4:-1.0.0.0\n", 0 }, + { "sbgp-ipAddrBlock = IPv4:192.0.0.0.0\n", 0 }, + { "sbgp-ipAddrBlock = IPv3:192.0.0.0\n", 0 }, + + /* IPv6 */ + /* No prefix is ok */ + { "sbgp-ipAddrBlock = IPv6:2001:db8::\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001::db8\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000:0000\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001:db8::/0\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001:db8::/1\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001:db8::/32\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000:0000/32\n", 1 }, + { "sbgp-ipAddrBlock = IPv6:2001:db8::/128\n", 1 }, + /* Prefix is too long */ + { "sbgp-ipAddrBlock = IPv6:2001:db8::/129\n", 0 }, + /* Unreasonably large prefix */ + { "sbgp-ipAddrBlock = IPv6:2001:db8::/12341234\n", 0 }, + /* Invalid IP addresses */ + /* Not enough blocks of numbers */ + { "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000\n", 0 }, + /* Too many blocks of numbers */ + { "sbgp-ipAddrBlock = IPv6:2001:0db8:0000:0000:0000:0000:0000:0000:0000\n", 0 }, + /* First value too large */ + { "sbgp-ipAddrBlock = IPv6:1ffff:0db8:0000:0000:0000:0000:0000:0000\n", 0 }, + /* First value with invalid characters */ + { "sbgp-ipAddrBlock = IPv6:fffg:0db8:0000:0000:0000:0000:0000:0000\n", 0 }, + /* First value is negative */ + { "sbgp-ipAddrBlock = IPv6:-1:0db8:0000:0000:0000:0000:0000:0000\n", 0 } +}; + +static int test_ext_syntax(void) +{ + size_t i; + int testresult = 1; + + for (i = 0; i < OSSL_NELEM(extvalues); i++) { + X509V3_CTX ctx; + BIO *extbio = BIO_new_mem_buf(extvalues[i].value, + strlen(extvalues[i].value)); + CONF *conf; + long eline; + + if (!TEST_ptr(extbio)) + return 0 ; + + conf = NCONF_new(NULL); + if (!TEST_ptr(conf)) { + BIO_free(extbio); + return 0; + } + if (!TEST_long_gt(NCONF_load_bio(conf, extbio, &eline), 0)) { + testresult = 0; + } else { + X509V3_set_ctx_test(&ctx); + X509V3_set_nconf(&ctx, conf); + + if (extvalues[i].pass) { + if (!TEST_true(X509V3_EXT_add_nconf(conf, &ctx, "default", + NULL))) { + TEST_info("Value: %s", extvalues[i].value); + testresult = 0; + } + } else { + ERR_set_mark(); + if (!TEST_false(X509V3_EXT_add_nconf(conf, &ctx, "default", + NULL))) { + testresult = 0; + TEST_info("Value: %s", extvalues[i].value); + ERR_clear_last_mark(); + } else { + ERR_pop_to_mark(); + } + } + } + BIO_free(extbio); + NCONF_free(conf); + } + + return testresult; +} #endif /* OPENSSL_NO_RFC3779 */ int setup_tests(void) @@ -235,6 +334,7 @@ int setup_tests(void) #ifndef OPENSSL_NO_RFC3779 ADD_TEST(test_asid); ADD_TEST(test_addr_ranges); + ADD_TEST(test_ext_syntax); #endif /* OPENSSL_NO_RFC3779 */ return 1; } diff --git a/deps/openssl/openssl/test/x509_internal_test.c b/deps/openssl/openssl/test/x509_internal_test.c index d2f41d708509e1..bbfaadcfb91f58 100644 --- a/deps/openssl/openssl/test/x509_internal_test.c +++ b/deps/openssl/openssl/test/x509_internal_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -57,8 +57,63 @@ static int test_standard_exts(void) return good; } +typedef struct { + const char *ipasc; + const char *data; + int length; +} IP_TESTDATA; + +static IP_TESTDATA a2i_ipaddress_tests[] = { + {"127.0.0.1", "\x7f\x00\x00\x01", 4}, + {"1.2.3.4", "\x01\x02\x03\x04", 4}, + {"1.2.3.255", "\x01\x02\x03\xff", 4}, + {"1.2.3", NULL, 0}, + {"1.2.3 .4", NULL, 0}, + + {"::1", "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01", 16}, + {"1:1:1:1:1:1:1:1", "\x00\x01\x00\x01\x00\x01\x00\x01\x00\x01\x00\x01\x00\x01\x00\x01", 16}, + {"2001:db8::ff00:42:8329", "\x20\x01\x0d\xb8\x00\x00\x00\x00\x00\x00\xff\x00\x00\x42\x83\x29", 16}, + {"1:1:1:1:1:1:1:1.test", NULL, 0}, + {":::1", NULL, 0}, + {"2001::123g", NULL, 0}, + + {"example.test", NULL, 0}, + {"", NULL, 0}, + + {"1.2.3.4 ", "\x01\x02\x03\x04", 4}, + {" 1.2.3.4", "\x01\x02\x03\x04", 4}, + {" 1.2.3.4 ", "\x01\x02\x03\x04", 4}, + {"1.2.3.4.example.test", NULL, 0}, +}; + + +static int test_a2i_ipaddress(int idx) +{ + int good = 1; + ASN1_OCTET_STRING *ip; + int len = a2i_ipaddress_tests[idx].length; + + ip = a2i_IPADDRESS(a2i_ipaddress_tests[idx].ipasc); + if (len == 0) { + if (!TEST_ptr_null(ip)) { + good = 0; + TEST_note("'%s' should not be parsed as IP address", a2i_ipaddress_tests[idx].ipasc); + } + } else { + if (!TEST_ptr(ip) + || !TEST_int_eq(ASN1_STRING_length(ip), len) + || !TEST_mem_eq(ASN1_STRING_get0_data(ip), len, + a2i_ipaddress_tests[idx].data, len)) { + good = 0; + } + } + ASN1_OCTET_STRING_free(ip); + return good; +} + int setup_tests(void) { ADD_TEST(test_standard_exts); + ADD_ALL_TESTS(test_a2i_ipaddress, OSSL_NELEM(a2i_ipaddress_tests)); return 1; } diff --git a/deps/openssl/openssl/util/perl/OpenSSL/copyright.pm b/deps/openssl/openssl/util/perl/OpenSSL/copyright.pm new file mode 100644 index 00000000000000..f560f9d9dc8813 --- /dev/null +++ b/deps/openssl/openssl/util/perl/OpenSSL/copyright.pm @@ -0,0 +1,41 @@ +#! /usr/bin/env perl +# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +package OpenSSL::copyright; + +sub year_of { + my $file = shift; + + return $ENV{'OSSL_COPYRIGHT_YEAR'} if defined $ENV{'OSSL_COPYRIGHT_YEAR'}; + + # Use the file date for backward compatibility. + my $YEAR = [localtime([stat($file)]->[9])]->[5] + 1900; + + # See if git's available + open my $FH, + "git log -1 --date=short --format=format:%cd $file 2>/dev/null|" + or return $YEAR; + my $LINE = <$FH>; + close $FH; + $LINE =~ s/^([0-9]*)-.*/$1/ if $LINE; + $YEAR = $LINE if $LINE; + return $YEAR; +} + +sub latest { + my $l = 0; + foreach my $f (@_ ) { + my $y = year_of($f); + $l = $y if $y > $l; + } + return $l +} +1;