OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2025-12-06 12:20:27 +01:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

deps: upgrade openssl sources to openssl-3.5.4

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/60101
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
This commit is contained in:
Node.js GitHub Bot 2025-10-01 18:50:10 +00:00
parent eda67ac155
commit 01ce61ffbd
65 changed files with 364 additions and 226 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
deps/openssl/openssl/CHANGES.md vendored
View File

@ -28,6 +28,72 @@ OpenSSL Releases
OpenSSL 3.5
-----------
### Changes between 3.5.3 and 3.5.4 [30 Sep 2025]
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap
Issue summary: An application trying to decrypt CMS messages encrypted using
password based encryption can trigger an out-of-bounds read and write.
Impact summary: This out-of-bounds read may trigger a crash which leads to
Denial of Service for an application. The out-of-bounds write can cause
a memory corruption which can have various consequences including
a Denial of Service or Execution of attacker-supplied code.
The issue was reported by Stanislav Fort (Aisle Research).
([CVE-2025-9230])
*Viktor Dukhovni*
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM
Issue summary: A timing side-channel which could potentially allow remote
recovery of the private key exists in the SM2 algorithm implementation on
64 bit ARM platforms.
Impact summary: A timing side-channel in SM2 signature computations on
64 bit ARM platforms could allow recovering the private key by an attacker.
The issue was reported by Stanislav Fort (Aisle Research).
([CVE-2025-9231])
*Stanislav Fort and Tomáš Mráz*
* Fix Out-of-bounds read in HTTP client no_proxy handling
Issue summary: An application using the OpenSSL HTTP client API functions
may trigger an out-of-bounds read if the "no_proxy" environment variable is
set and the host portion of the authority component of the HTTP URL is an
IPv6 address.
Impact summary: An out-of-bounds read can trigger a crash which leads to
Denial of Service for an application.
The issue was reported by Stanislav Fort (Aisle Research).
([CVE-2025-9232])
*Stanislav Fort*
* The FIPS provider no longer performs a PCT on key import for ECX keys
(that was introduced in 3.5.2), following the latest update
on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
*Eugene Syromiatnikov*
* Fixed the length of the ASN.1 sequence for the SM3 digests of RSA-encrypted
signatures.
*Xiao Lou Dong Feng*
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
builds, as it broke some exiting applications that relied on the previous
3.x semantics, as documented in `OpenSSL_version(3)`.
*Richard Levitte*
### Changes between 3.5.2 and 3.5.3 [16 Sep 2025]
* Avoided a potential race condition introduced in 3.5.1, where
@ -21284,6 +21350,9 @@ ndif
<!-- Links -->
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143

38
deps/openssl/openssl/NEWS.md vendored
View File

@ -23,19 +23,46 @@ OpenSSL Releases
OpenSSL 3.5
-----------
### Major changes between OpenSSL 3.5.3 and OpenSSL 3.5.4 [30 Sep 2025]
OpenSSL 3.5.4 is a security patch release. The most severe CVE fixed in this
release is Moderate.
This release incorporates the following bug fixes and mitigations:
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
([CVE-2025-9230])
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
([CVE-2025-9231])
* Fix Out-of-bounds read in HTTP client no_proxy handling.
([CVE-2025-9232])
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
builds, as it broke some exiting applications that relied on the previous
3.x semantics, as documented in `OpenSSL_version(3)`.
### Major changes between OpenSSL 3.5.2 and OpenSSL 3.5.3 [16 Sep 2025]
OpenSSL 3.5.3 is a bug fix release.
This release incorporates the following bug fixes and mitigations:
* Added FIPS 140-3 PCT on DH key generation.
*Nikola Pajkovsky*
* Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
*Richard Levitte*
* Removed PCT on key import in the FIPS provider as it is not required by
the standard.
### Major changes between OpenSSL 3.5.1 and OpenSSL 3.5.2 [5 Aug 2025]
* none
OpenSSL 3.5.2 is a bug fix release.
This release incorporates the following bug fixes and mitigations:
* The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
### Major changes between OpenSSL 3.5.0 and OpenSSL 3.5.1 [1 Jul 2025]
@ -1913,6 +1940,9 @@ OpenSSL 0.9.x
* Support for various new platforms
<!-- Links -->
[CVE-2025-9232]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9232
[CVE-2025-9231]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9231
[CVE-2025-9230]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-9230
[CVE-2025-4575]: https://www.openssl.org/news/vulnerabilities.html#CVE-2025-4575
[CVE-2024-13176]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
[CVE-2024-9143]: https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143

4
deps/openssl/openssl/VERSION.dat vendored
View File

@ -1,7 +1,7 @@
MAJOR=3
MINOR=5
PATCH=3
PATCH=4
PRE_RELEASE_TAG=
BUILD_METADATA=
RELEASE_DATE="16 Sep 2025"
RELEASE_DATE="30 Sep 2025"
SHLIB_VERSION=3

18
deps/openssl/openssl/apps/storeutl.c vendored
View File

@ -331,14 +331,22 @@ int storeutl_main(int argc, char *argv[])
static int indent_printf(int indent, BIO *bio, const char *format, ...)
{
va_list args;
int ret;
int ret, vret;
ret = BIO_printf(bio, "%*s", indent, "");
if (ret < 0)
return ret;
va_start(args, format);
ret = BIO_printf(bio, "%*s", indent, "") + BIO_vprintf(bio, format, args);
vret = BIO_vprintf(bio, format, args);
va_end(args);
return ret;
if (vret < 0)
return vret;
if (vret > INT_MAX - ret)
return INT_MAX;
return ret + vret;
}
static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,

2
deps/openssl/openssl/crypto/bio/bss_file.c vendored
View File

@ -287,7 +287,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
if (fp == NULL) {
ERR_raise_data(ERR_LIB_SYS, get_last_sys_error(),
"calling fopen(%s, %s)",
ptr, p);
(const char *)ptr, p);
ERR_raise(ERR_LIB_BIO, ERR_R_SYS_LIB);
ret = 0;
break;

2
deps/openssl/openssl/crypto/cms/cms_pwri.c vendored
View File

@ -242,7 +242,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
/* Check byte failure */
goto err;
}
if (inlen < (size_t)(tmp[0] - 4)) {
if (inlen < 4 + (size_t)tmp[0]) {
/* Invalid length value */
goto err;
}

103
deps/openssl/openssl/crypto/ec/ecp_sm2p256.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2023-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -56,10 +56,6 @@ ALIGN32 static const BN_ULONG def_p[P256_LIMBS] = {
0xffffffffffffffff, 0xffffffff00000000,
0xffffffffffffffff, 0xfffffffeffffffff
};
ALIGN32 static const BN_ULONG def_ord[P256_LIMBS] = {
0x53bbf40939d54123, 0x7203df6b21c6052b,
0xffffffffffffffff, 0xfffffffeffffffff
};
ALIGN32 static const BN_ULONG ONE[P256_LIMBS] = {1, 0, 0, 0};
@ -177,13 +173,6 @@ static ossl_inline void ecp_sm2p256_mod_inverse(BN_ULONG* out,
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2, ecp_sm2p256_sub, def_p);
}
/* Modular inverse mod order |out| = |in|^(-1) % |ord|. */
static ossl_inline void ecp_sm2p256_mod_ord_inverse(BN_ULONG* out,
const BN_ULONG* in) {
BN_MOD_INV(out, in, ecp_sm2p256_div_by_2_mod_ord, ecp_sm2p256_sub_mod_ord,
def_ord);
}
/* Point double: R <- P + P */
static void ecp_sm2p256_point_double(P256_POINT *R, const P256_POINT *P)
{
@ -454,52 +443,6 @@ static int ecp_sm2p256_is_affine_G(const EC_POINT *generator)
}
#endif
/*
* Convert Jacobian coordinate point into affine coordinate (x,y)
*/
static int ecp_sm2p256_get_affine(const EC_GROUP *group,
const EC_POINT *point,
BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
{
ALIGN32 BN_ULONG z_inv2[P256_LIMBS] = {0};
ALIGN32 BN_ULONG z_inv3[P256_LIMBS] = {0};
ALIGN32 BN_ULONG x_aff[P256_LIMBS] = {0};
ALIGN32 BN_ULONG y_aff[P256_LIMBS] = {0};
ALIGN32 BN_ULONG point_x[P256_LIMBS] = {0};
ALIGN32 BN_ULONG point_y[P256_LIMBS] = {0};
ALIGN32 BN_ULONG point_z[P256_LIMBS] = {0};
if (EC_POINT_is_at_infinity(group, point)) {
ECerr(ERR_LIB_EC, EC_R_POINT_AT_INFINITY);
return 0;
}
if (ecp_sm2p256_bignum_field_elem(point_x, point->X) <= 0
|| ecp_sm2p256_bignum_field_elem(point_y, point->Y) <= 0
|| ecp_sm2p256_bignum_field_elem(point_z, point->Z) <= 0) {
ECerr(ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE);
return 0;
}
ecp_sm2p256_mod_inverse(z_inv3, point_z);
ecp_sm2p256_sqr(z_inv2, z_inv3);
if (x != NULL) {
ecp_sm2p256_mul(x_aff, point_x, z_inv2);
if (!bn_set_words(x, x_aff, P256_LIMBS))
return 0;
}
if (y != NULL) {
ecp_sm2p256_mul(z_inv3, z_inv3, z_inv2);
ecp_sm2p256_mul(y_aff, point_y, z_inv3);
if (!bn_set_words(y, y_aff, P256_LIMBS))
return 0;
}
return 1;
}
/* r = sum(scalar[i]*point[i]) */
static int ecp_sm2p256_windowed_mul(const EC_GROUP *group,
P256_POINT *r,
@ -689,44 +632,6 @@ static int ecp_sm2p256_field_sqr(const EC_GROUP *group, BIGNUM *r,
return 1;
}
static int ecp_sm2p256_inv_mod_ord(const EC_GROUP *group, BIGNUM *r,
const BIGNUM *x, BN_CTX *ctx)
{
int ret = 0;
ALIGN32 BN_ULONG t[P256_LIMBS] = {0};
ALIGN32 BN_ULONG out[P256_LIMBS] = {0};
if (bn_wexpand(r, P256_LIMBS) == NULL) {
ECerr(ERR_LIB_EC, ERR_R_BN_LIB);
goto err;
}
if ((BN_num_bits(x) > 256) || BN_is_negative(x)) {
BIGNUM *tmp;
if ((tmp = BN_CTX_get(ctx)) == NULL
|| !BN_nnmod(tmp, x, group->order, ctx)) {
ECerr(ERR_LIB_EC, ERR_R_BN_LIB);
goto err;
}
x = tmp;
}
if (!ecp_sm2p256_bignum_field_elem(t, x)) {
ECerr(ERR_LIB_EC, EC_R_COORDINATES_OUT_OF_RANGE);
goto err;
}
ecp_sm2p256_mod_ord_inverse(out, t);
if (!bn_set_words(r, out, P256_LIMBS))
goto err;
ret = 1;
err:
return ret;
}
const EC_METHOD *EC_GFp_sm2p256_method(void)
{
static const EC_METHOD ret = {
@ -747,7 +652,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
ossl_ec_GFp_simple_point_copy,
ossl_ec_GFp_simple_point_set_to_infinity,
ossl_ec_GFp_simple_point_set_affine_coordinates,
ecp_sm2p256_get_affine,
ossl_ec_GFp_simple_point_get_affine_coordinates,
0, 0, 0,
ossl_ec_GFp_simple_add,
ossl_ec_GFp_simple_dbl,
@ -763,7 +668,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
ecp_sm2p256_field_mul,
ecp_sm2p256_field_sqr,
0 /* field_div */,
0 /* field_inv */,
ossl_ec_GFp_simple_field_inv,
0 /* field_encode */,
0 /* field_decode */,
0 /* field_set_to_one */,
@ -779,7 +684,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void)
ossl_ecdsa_simple_sign_setup,
ossl_ecdsa_simple_sign_sig,
ossl_ecdsa_simple_verify_sig,
ecp_sm2p256_inv_mod_ord,
0, /* use constanttime fallback for inverse mod order */
0, /* blind_coordinates */
0, /* ladder_pre */
0, /* ladder_step */

25
deps/openssl/openssl/crypto/evp/bio_ok.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -560,7 +560,7 @@ static int block_in(BIO *b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
unsigned long tl = 0;
size_t tl = 0;
unsigned char tmp[EVP_MAX_MD_SIZE];
int md_size;
@ -571,15 +571,18 @@ static int block_in(BIO *b)
goto berr;
assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
tl = ctx->buf[0];
tl <<= 8;
tl |= ctx->buf[1];
tl <<= 8;
tl |= ctx->buf[2];
tl <<= 8;
tl |= ctx->buf[3];
tl = ((size_t)ctx->buf[0] << 24)
| ((size_t)ctx->buf[1] << 16)
| ((size_t)ctx->buf[2] << 8)
| ((size_t)ctx->buf[3]);
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size)
if (tl > OK_BLOCK_SIZE)
goto berr;
if (tl > SIZE_MAX - OK_BLOCK_BLOCK - (size_t)md_size)
goto berr;
if (ctx->buf_len < tl + OK_BLOCK_BLOCK + (size_t)md_size)
return 1;
if (!EVP_DigestUpdate(md,
@ -587,7 +590,7 @@ static int block_in(BIO *b)
goto berr;
if (!EVP_DigestFinal_ex(md, tmp, NULL))
goto berr;
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) {
if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, (size_t)md_size) == 0) {
/* there might be parts from next block lurking around ! */
ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size;
ctx->buf_len_save = ctx->buf_len;

2
deps/openssl/openssl/crypto/evp/ctrl_params_translate.c vendored
View File

@ -1356,7 +1356,7 @@ static int fix_rsa_padding_mode(enum state state,
if (i == OSSL_NELEM(str_value_map)) {
ERR_raise_data(ERR_LIB_RSA, RSA_R_UNKNOWN_PADDING_TYPE,
"[action:%d, state:%d] padding name %s",
ctx->action_type, state, ctx->p1);
ctx->action_type, state, (const char *)ctx->p2);
ctx->p1 = ret = -2;
} else if (state == POST_CTRL_TO_PARAMS) {
/* EVP_PKEY_CTRL_GET_RSA_PADDING weirdness explained further up */

15
deps/openssl/openssl/crypto/evp/p_lib.c vendored
View File

@ -1146,15 +1146,14 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey)
} else {
const OSSL_PROVIDER *prov = EVP_KEYMGMT_get0_provider(pkey->keymgmt);
OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
const char *supported_sig =
pkey->keymgmt->query_operation_name != NULL
? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE)
: EVP_KEYMGMT_get0_name(pkey->keymgmt);
EVP_SIGNATURE *signature = NULL;
EVP_SIGNATURE *sig;
const char *name;
signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL);
if (signature != NULL) {
EVP_SIGNATURE_free(signature);
name = evp_keymgmt_util_query_operation_name(pkey->keymgmt,
OSSL_OP_SIGNATURE);
sig = EVP_SIGNATURE_fetch(libctx, name, NULL);
if (sig != NULL) {
EVP_SIGNATURE_free(sig);
return 1;
}
}

1
deps/openssl/openssl/crypto/http/http_lib.c vendored
View File

@ -263,6 +263,7 @@ static int use_proxy(const char *no_proxy, const char *server)
/* strip leading '[' and trailing ']' from escaped IPv6 address */
sl -= 2;
strncpy(host, server + 1, sl);
host[sl] = '\0';
server = host;
}

14
deps/openssl/openssl/crypto/info.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -23,6 +23,9 @@
#if defined(__arm__) || defined(__arm) || defined(__aarch64__)
# include "arm_arch.h"
# define CPU_INFO_STR_LEN 128
#elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC)
# include "crypto/ppc_arch.h"
# define CPU_INFO_STR_LEN 128
#elif defined(__s390__) || defined(__s390x__)
# include "s390x_arch.h"
# define CPU_INFO_STR_LEN 2048
@ -77,6 +80,15 @@ DEFINE_RUN_ONCE_STATIC(init_info_strings)
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
" env:%s", env);
# elif defined(__powerpc__) || defined(__POWERPC__) || defined(_ARCH_PPC)
const char *env;
BIO_snprintf(ossl_cpu_info_str, sizeof(ossl_cpu_info_str),
CPUINFO_PREFIX "OPENSSL_ppccap=0x%x", OPENSSL_ppccap_P);
if ((env = getenv("OPENSSL_ppccap")) != NULL)
BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
" env:%s", env);
# elif defined(__s390__) || defined(__s390x__)
const char *env;

4
deps/openssl/openssl/crypto/ml_dsa/ml_dsa_key.c vendored
View File

@ -311,6 +311,7 @@ int ossl_ml_dsa_key_has(const ML_DSA_KEY *key, int selection)
static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
VECTOR *t1, VECTOR *t0)
{
int ret = 0;
const ML_DSA_PARAMS *params = key->params;
uint32_t k = params->k, l = params->l;
POLY *polys;
@ -343,9 +344,10 @@ static int public_from_private(const ML_DSA_KEY *key, EVP_MD_CTX *md_ctx,
/* Zeroize secret */
vector_zero(&s1_ntt);
ret = 1;
err:
OPENSSL_free(polys);
return 1;
return ret;
}
int ossl_ml_dsa_key_public_from_private(ML_DSA_KEY *key)

2
deps/openssl/openssl/crypto/ml_kem/ml_kem.c vendored
View File

@ -2046,5 +2046,5 @@ int ossl_ml_kem_pubkey_cmp(const ML_KEM_KEY *key1, const ML_KEM_KEY *key2)
* No match if just one of the public keys is not available, otherwise both
* are unavailable, and for now such keys are considered equal.
*/
return (ossl_ml_kem_have_pubkey(key1) ^ ossl_ml_kem_have_pubkey(key2));
return (!(ossl_ml_kem_have_pubkey(key1) ^ ossl_ml_kem_have_pubkey(key2)));
}

3
deps/openssl/openssl/crypto/modes/siv128.c vendored
View File

@ -202,9 +202,12 @@ int ossl_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
|| !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len,
sizeof(ctx->d.byte))) {
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
ctx->cipher_ctx = NULL;
EVP_MAC_CTX_free(ctx->mac_ctx_init);
ctx->mac_ctx_init = NULL;
EVP_MAC_CTX_free(mac_ctx);
EVP_MAC_free(ctx->mac);
ctx->mac = NULL;
return 0;
}
EVP_MAC_CTX_free(mac_ctx);

4
deps/openssl/openssl/crypto/perlasm/x86asm.pl vendored
View File

@ -174,9 +174,9 @@ sub ::vprotd
sub ::endbranch
{
&::generic("%ifdef __CET__\n");
&::generic("#ifdef __CET__\n");
&::data_byte(0xf3,0x0f,0x1e,0xfb);
&::generic("%endif\n");
&::generic("#endif\n");
}
# label management

2
deps/openssl/openssl/crypto/property/property_parse.c vendored
View File

@ -641,7 +641,7 @@ static void put_str(const char *str, char **buf, size_t *remain, size_t *needed)
}
quotes = quote != '\0';
if (*remain == 0) {
if (*remain <= (size_t)quotes) {
*needed += 2 * quotes;
return;
}

15
deps/openssl/openssl/crypto/rsa/rsa_gen.c vendored
View File

@ -734,18 +734,3 @@ err:
return ret;
}
#ifdef FIPS_MODULE
int ossl_rsa_key_pairwise_test(RSA *rsa)
{
OSSL_CALLBACK *stcb;
void *stcbarg;
int res;
OSSL_SELF_TEST_get_callback(rsa->libctx, &stcb, &stcbarg);
res = rsa_keygen_pairwise_test(rsa, stcb, stcbarg);
if (res <= 0)
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
return res;
}
#endif /* FIPS_MODULE */

4
deps/openssl/openssl/crypto/rsa/rsa_sign.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -129,7 +129,7 @@ static const unsigned char digestinfo_ripemd160_der[] = {
# ifndef OPENSSL_NO_SM3
/* SM3 (1 2 156 10197 1 401) */
static const unsigned char digestinfo_sm3_der[] = {
ASN1_SEQUENCE, 0x0f + SM3_DIGEST_LENGTH,
ASN1_SEQUENCE, 0x10 + SM3_DIGEST_LENGTH,
ASN1_SEQUENCE, 0x0c,
ASN1_OID, 0x08, 1 * 40 + 2, 0x81, 0x1c, 0xcf, 0x55, 1, 0x83, 0x78,
ASN1_NULL, 0x00,

12
deps/openssl/openssl/crypto/threads_pthread.c vendored
View File

@ -62,8 +62,10 @@ __tsan_mutex_post_lock((x), 0, 0)
/*
* The Non-Stop KLT thread model currently seems broken in its rwlock
* implementation
* Likewise is there a problem with the glibc implementation on riscv.
*/
# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_)
# if defined(PTHREAD_RWLOCK_INITIALIZER) && !defined(_KLT_MODEL_) \
&& !defined(__riscv)
# define USE_RWLOCK
# endif
@ -279,7 +281,7 @@ static struct rcu_qp *get_hold_current_qp(struct rcu_lock_st *lock)
/* if the idx hasn't changed, we're good, else try again */
if (qp_idx == ATOMIC_LOAD_N(uint32_t, &lock->reader_idx,
__ATOMIC_RELAXED))
__ATOMIC_ACQUIRE))
break;
ATOMIC_SUB_FETCH(&lock->qp_group[qp_idx].users, (uint64_t)1,
@ -403,8 +405,12 @@ static struct rcu_qp *update_qp(CRYPTO_RCU_LOCK *lock, uint32_t *curr_id)
*curr_id = lock->id_ctr;
lock->id_ctr++;
/*
* make the current state of everything visible by this release
* when get_hold_current_qp acquires the next qp
*/
ATOMIC_STORE_N(uint32_t, &lock->reader_idx, lock->current_alloc_idx,
__ATOMIC_RELAXED);
__ATOMIC_RELEASE);
/*
* this should make sure that the new value of reader_idx is visible in

3
deps/openssl/openssl/crypto/x509/t_x509.c vendored
View File

@ -219,7 +219,8 @@ int X509_ocspid_print(BIO *bp, X509 *x)
goto err;
if ((der = dertmp = OPENSSL_malloc(derlen)) == NULL)
goto err;
i2d_X509_NAME(subj, &dertmp);
if (i2d_X509_NAME(subj, &dertmp) < 0)
goto err;
md = EVP_MD_fetch(x->libctx, SN_sha1, x->propq);
if (md == NULL)

1
deps/openssl/openssl/crypto/x509/x509_lu.c vendored
View File

@ -408,7 +408,6 @@ static int x509_store_add(X509_STORE *store, void *x, int crl)
}
if (!X509_STORE_lock(store)) {
obj->type = X509_LU_NONE;
X509_OBJECT_free(obj);
return 0;
}

1
deps/openssl/openssl/include/crypto/bn_conf.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/bn_conf.h"

1
deps/openssl/openssl/include/crypto/dso_conf.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/dso_conf.h"

4
deps/openssl/openssl/include/crypto/rsa.h vendored
View File

@ -124,10 +124,6 @@ ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
# ifdef FIPS_MODULE
int ossl_rsa_key_pairwise_test(RSA *rsa);
# endif /* FIPS_MODULE */
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);

1
deps/openssl/openssl/include/internal/param_names.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/param_names.h"

1
deps/openssl/openssl/include/openssl/asn1.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/asn1.h"

1
deps/openssl/openssl/include/openssl/asn1t.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/asn1t.h"

1
deps/openssl/openssl/include/openssl/bio.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/bio.h"

1
deps/openssl/openssl/include/openssl/cmp.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/cmp.h"

1
deps/openssl/openssl/include/openssl/cms.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/cms.h"

1
deps/openssl/openssl/include/openssl/comp.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/comp.h"

1
deps/openssl/openssl/include/openssl/conf.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/conf.h"

1
deps/openssl/openssl/include/openssl/configuration.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/configuration.h"

1
deps/openssl/openssl/include/openssl/core_names.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/core_names.h"

1
deps/openssl/openssl/include/openssl/crmf.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/crmf.h"

1
deps/openssl/openssl/include/openssl/crypto.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/crypto.h"

1
deps/openssl/openssl/include/openssl/ct.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/ct.h"

1
deps/openssl/openssl/include/openssl/err.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/err.h"

1
deps/openssl/openssl/include/openssl/ess.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/ess.h"

1
deps/openssl/openssl/include/openssl/fipskey.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/fipskey.h"

1
deps/openssl/openssl/include/openssl/lhash.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/lhash.h"

1
deps/openssl/openssl/include/openssl/ocsp.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/ocsp.h"

1
deps/openssl/openssl/include/openssl/opensslv.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/opensslv.h"

4
deps/openssl/openssl/include/openssl/opensslv.h.in vendored
View File

@ -89,12 +89,12 @@ extern "C" {
# define OPENSSL_VERSION_TEXT "OpenSSL {- "$config{full_version} $config{release_date}" -}"
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PP0L */
# define OPENSSL_VERSION_NUMBER \
( (OPENSSL_VERSION_MAJOR<<28) \
|(OPENSSL_VERSION_MINOR<<20) \
|(OPENSSL_VERSION_PATCH<<4) \
|{- @config{prerelease} ? "0x0L" : "0xfL" -} )
|0x0L )
# ifdef __cplusplus
}

1
deps/openssl/openssl/include/openssl/pkcs12.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/pkcs12.h"

1
deps/openssl/openssl/include/openssl/pkcs7.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/pkcs7.h"

1
deps/openssl/openssl/include/openssl/safestack.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/safestack.h"

1
deps/openssl/openssl/include/openssl/srp.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/srp.h"

1
deps/openssl/openssl/include/openssl/ssl.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/ssl.h"

1
deps/openssl/openssl/include/openssl/ui.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/ui.h"

1
deps/openssl/openssl/include/openssl/x509.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/x509.h"

1
deps/openssl/openssl/include/openssl/x509_acert.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/x509_acert.h"

1
deps/openssl/openssl/include/openssl/x509_vfy.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/x509_vfy.h"

1
deps/openssl/openssl/include/openssl/x509v3.h vendored
View File

@ -1 +0,0 @@
#include "../../../config/x509v3.h"

20
deps/openssl/openssl/providers/fips-sources.checksums vendored
View File

@ -250,7 +250,7 @@ c685813be6ad35b0861ba888670ef54aa2b399d003472698e39426de6e52db59 crypto/initthr
f866aafae928db1b439ac950dc90744a2397dfe222672fe68b3798396190c8b0 crypto/mem_clr.c
18127868d868ca5705444c24f7dc385391ba31154fc04ff54949739e8fa7fdfc crypto/ml_dsa/ml_dsa_encoders.c
825105b0a2c4844b2b4229001650ff7e61e1348e52f1072210f70b97cd4adb71 crypto/ml_dsa/ml_dsa_hash.h
c82201cf1a17ff2d4b169dcd4402d3d56f4685e460a1447e021db4abd67f7f0e crypto/ml_dsa/ml_dsa_key.c
c467f4400d399aad6b51746ef2575d1e04d260a1bf901b35ca55624fe62e650e crypto/ml_dsa/ml_dsa_key.c
579c1a12a5c5f014476a6bf695dc271f63074fb187e23ffc3f9ccb5b7ea044f1 crypto/ml_dsa/ml_dsa_key.h
3f98eb0467033d0a40867ef1c1036dcfea5d231eeac2321196f7d7c7243edace crypto/ml_dsa/ml_dsa_key_compress.c
983d164bfa3dbe8d85ad1fdc24d897e79d9246d96d9c1862855c6c538b387ad9 crypto/ml_dsa/ml_dsa_local.h
@ -263,7 +263,7 @@ ff65c82c56e341f47df03d0c74de7fb537de0e68a4fa23fa07a9fdb51c511f1c crypto/ml_dsa/
1d7f57a41034988a4e7d4c9a998760d2ef802c5e90275d09a3ca31c5f3403d94 crypto/ml_dsa/ml_dsa_sign.c
5217ef237e21872205703b95577290c34898423466a465c7bd609b2eb4627964 crypto/ml_dsa/ml_dsa_sign.h
abd934284bcd8061027a69f437fa4410c6b72cd950be1ebe048244d036371208 crypto/ml_dsa/ml_dsa_vector.h
defc2e4e81ff1b78056c795bc0565f4241a259c2957abe84a51bcbc1e4ace3f1 crypto/ml_kem/ml_kem.c
8c4f7238f68f959f2ad1e2529c567364c5a8818898355c82818521e03239ea76 crypto/ml_kem/ml_kem.c
36e24eae5d38cc9666ae40e4e8a2dc12328e1159fea68447cb19dab174d25adf crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl
33357356cd739d4ae89d52f0804b6900e4b94d8829323819c6f64c8908e978df crypto/modes/asm/aes-gcm-armv8_64.pl
bcc09bdb474f045d04c983fa09c31a010c5a25513f53a5d3653ade91304f0f96 crypto/modes/asm/aes-gcm-avx512.pl
@ -306,7 +306,7 @@ f50450f7e5f6896fb8e3cde2fdc11cc543124c854ef9d88252a166606ca80081 crypto/params_
467c416422ecf61e3b713c5eb259fdbcb4aa73ae8dee61804d0b85cfd3fff4f7 crypto/property/defn_cache.c
91c1f1f8eb5588ed9da17386c244ae68a6a81717b1c7ab6c9f1a6a57973a039f crypto/property/property.c
66da4f28d408133fb544b14aeb9ad4913e7c5c67e2826e53f0dc5bf4d8fada26 crypto/property/property_local.h
d32105cb087d708d0504a787f74bc163cc398c299faf2e98d6bb5ae02f5ce9b7 crypto/property/property_parse.c
1e99a3934812f99dad79cbfbb6727ad61b6093711c1a6c74d4b50f9318152611 crypto/property/property_parse.c
a7cefda6a117550e2c76e0f307565ce1e11640b11ba10c80e469a837fd1212a3 crypto/property/property_query.c
20e69b9d594dfc443075eddbb0e6bcc0ed36ca51993cd50cc5a4f86eb31127f8 crypto/property/property_string.c
10644e9d20214660706de58d34edf635c110d4e4f2628cd5284a08c60ed9aff8 crypto/provider_core.c
@ -322,7 +322,7 @@ f0c8792a99132e0b9c027cfa7370f45594a115934cdc9e8f23bdd64abecaf7fd crypto/rsa/rsa
1b828f428f0e78b591378f7b780164c4574620c68f9097de041cbd576f811bf6 crypto/rsa/rsa_backend.c
38a102cd1da1f6ca5a46e6a22f018237964336274385f5c70cbedcaa6997647e crypto/rsa/rsa_chk.c
e762c599b17d5c89f4b1c9eb7d0ca1f04a95d815c86a3e72c30b231ce57fb199 crypto/rsa/rsa_crpt.c
0fa3e4687510e2d91c8f4b1c460b1d51375d9855ed825b3d6697620b146b52d1 crypto/rsa/rsa_gen.c
a3d20f27ae3cb41af5b62febd0bb19025e59d401b136306d570cdba103b15542 crypto/rsa/rsa_gen.c
f22bc4e2c3acab83e67820c906c1caf048ec1f0d4fcb7472c1bec753c75f8e93 crypto/rsa/rsa_lib.c
5ae8edaf654645996385fbd420ef73030762fc146bf41deb5294d6d83e257a16 crypto/rsa/rsa_local.h
cf0b75cd54b61b9b9a290ef18d0ddce9fb26a029a54eb3f720d9b25188440f00 crypto/rsa/rsa_mp_names.c
@ -416,7 +416,7 @@ a00e16963e1e2a0126c6a8e62da8a14f98de9736027654c925925dadd0ca3cc1 crypto/thread/
27ec0090f4243c96e4fbe1babfd4320c2a16615ffa368275433217d50a1ef76c crypto/thread/internal.c
67ba8d87fbbb7c9a9e438018e7ecfd1cedd4d00224be05755580d044f5f1317a crypto/threads_lib.c
b1a828491d9ce305802662561788facac92dff70cca9ead807f3e28741ff21e0 crypto/threads_none.c
c659f7ce5c4b59d2a1cff78485fa8e89c8d20d5798df4afc1b94ff635ffc0262 crypto/threads_pthread.c
491e9c29d4a7b4dd627ea25c20ce4a33103565b3108b618c41c6816dfc675569 crypto/threads_pthread.c
9c3bf7b4baa302a4017150fbcaa114ee9df935b18d5a3a8c8015003780d4e7de crypto/threads_win.c
7edd638df588b14711a50c98d458c4fc83f223ed03bc6c39c7c8edf7915b7cfa crypto/time.c
88c5f9f4d2611223d283ebd2ae10ae5ecbb9972d00f747d93fcb74b62641e3f9 crypto/x86_64cpuid.pl
@ -445,7 +445,7 @@ bbe5e52d84e65449a13e42cd2d6adce59b8ed6e73d6950917aa77dc1f3f5dff6 include/crypto
6e7762e7fb63f56d25b24f70209f4dc834c59a87f74467531ec81646f565dbe3 include/crypto/modes.h
920bc48a4dad3712bdcef188c0ce8e8a8304e0ce332b54843bab366fc5eab472 include/crypto/rand.h
71f23915ea74e93971fb0205901031be3abea7ffef2c52e4cc4848515079f68d include/crypto/rand_pool.h
b1df067691f9741ef9c42b2e5f12461bcd87b745514fc5701b9c9402fb10b224 include/crypto/rsa.h
6f16685ffbc97dc2ac1240bfddf4bbac2dd1ad83fff6da91aee6f3f64c6ee8ff include/crypto/rsa.h
32f0149ab1d82fddbdfbbc44e3078b4a4cc6936d35187e0f8d02cc0bc19f2401 include/crypto/security_bits.h
80338f3865b7c74aab343879432a6399507b834e2f55dd0e9ee7a5eeba11242a include/crypto/sha.h
dc7808729c3231a08bbe470b3e1b562420030f59f7bc05b14d7b516fa77b4f3a include/crypto/slh_dsa.h
@ -546,7 +546,7 @@ a8a45996fd21411cb7ed610bc202dbd06570cdfa0a2d14f7dfc8bfadc820e636 include/openss
cb6bca3913c60a57bac39583eee0f789d49c3d29be3ecde9aecc7f3287117aa5 include/openssl/objects.h
d25537af264684dff033dd8ae62b0348f868fcfec4aa51fa8f07bcfa4bd807ad include/openssl/objectserr.h
fe6acd42c3e90db31aaafc2236a7d30ebfa53c4c07ea4d8265064c7fcb951970 include/openssl/opensslconf.h
fc914a750d798ac9fc9287e6359cfa1da214b91651deaaaa7e1a46b595cd0425 include/openssl/opensslv.h.in
6c1a8837bbba633db2a8951ff29ccfe09e7d2a24a37ee2af90f2d897c190da9a include/openssl/opensslv.h.in
767d9d7d5051c937a3ce8a268c702902fda93eeaa210a94dfde1f45c23277d20 include/openssl/param_build.h
1c442aaaa4dda7fbf727a451bc676fb4d855ef617c14dc77ff2a5e958ae33c3e include/openssl/params.h
44f178176293c6ce8142890ff9dc2d466364c734e4e811f56bd62010c5403183 include/openssl/pkcs7.h.in
@ -618,8 +618,8 @@ f2581d7b4e105f2bb6d30908f3c2d9959313be08cec6dbeb49030c125a7676d3 providers/fips
669f76f742bcaaf28846b057bfab97da7c162d69da244de71b7c743bf16e430f providers/fips/include/fipscommon.h
f111fd7e016af8cc6f96cd8059c28227b328dd466ed137ae0c0bc0c3c3eec3ba providers/fips/self_test.c
5c2c6c2f69e2eb01b88fa35630f27948e00dd2c2fd351735c74f34ccb2005cbe providers/fips/self_test.h
663441de9aba1d1b81ce02b3acded520b88cc460330d4d98adb7450d9664c474 providers/fips/self_test_data.inc
2e568e2b161131240e97bd77a730c2299f961c2f1409ea8466422fc07f9be23f providers/fips/self_test_kats.c
df83c901ad13675fbbb4708b6087feba6099870ad3dd0e8d09cfdb6798419770 providers/fips/self_test_data.inc
6779d5afb3f48d82868b247ffb0a6a572f6e3964738296ad47e7ccafdb263c88 providers/fips/self_test_kats.c
dde79dfdedfe0e73006a0cf912fdde1ff109dfbc5ba6ecab319c938bc4275950 providers/implementations/asymciphers/rsa_enc.c
c2f1b12c64fc369dfc3b9bc9e76a76de7280e6429adaee55d332eb1971ad1879 providers/implementations/ciphers/cipher_aes.c
6ba7d817081cf0d87ba7bfb38cd9d70e41505480bb8bc796ef896f68d4514ea6 providers/implementations/ciphers/cipher_aes.h
@ -699,7 +699,7 @@ c764555b9dc9b273c280514a5d2d44156f82f3e99155a77c627f2c773209bcd7 providers/impl
24cc3cc8e8681c77b7f96c83293bd66045fd8ad69f756e673ca7f8ca9e82b0af providers/implementations/keymgmt/dsa_kmgmt.c
36a9c1c8658ce7918453827cb58ed52787e590e3f148c5510deeb2c16c25a29d providers/implementations/keymgmt/ec_kmgmt.c
258ae17bb2dd87ed1511a8eb3fe99eed9b77f5c2f757215ff6b3d0e8791fc251 providers/implementations/keymgmt/ec_kmgmt_imexport.inc
9728d696d249b2d224724c9872138a60e1998e5cfa5c49f3f48ad0666f7eed34 providers/implementations/keymgmt/ecx_kmgmt.c
11c27cc3c9f38885c484f25d11987e93f197aa90bef2fc1d6e8f508c2d014d4d providers/implementations/keymgmt/ecx_kmgmt.c
daf35a7ab961ef70aefca981d80407935904c5da39dca6692432d6e6bc98759d providers/implementations/keymgmt/kdf_legacy_kmgmt.c
d97d7c8d3410b3e560ef2becaea2a47948e22205be5162f964c5e51a7eef08cb providers/implementations/keymgmt/mac_legacy_kmgmt.c
a428de71082fd01e5dcfa030a6fc34f6700b86d037b4e22f015c917862a158ce providers/implementations/keymgmt/ml_dsa_kmgmt.c

2
deps/openssl/openssl/providers/fips.checksum vendored
View File

@ -1 +1 @@
8d0c2c2b986f4c98f511c9aa020e98aa984dce5976d8e1966a7721f8b559cda8 providers/fips-sources.checksums
c342f9dc7075a6ecd0e4b3c9db06e180765278a7bbae233ec1a65095a0e524ec providers/fips-sources.checksums

42
deps/openssl/openssl/providers/fips/self_test_data.inc vendored
View File

@ -1308,6 +1308,18 @@ static const ST_KAT_PARAM rsa_priv_key[] = {
ST_KAT_PARAM_END()
};
/*-
* Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
* ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
* HP/UX PA-RISC compilers.
*/
static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
static const ST_KAT_PARAM rsa_enc_params[] = {
ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
ST_KAT_PARAM_END()
};
static const unsigned char rsa_sig_msg[] = "Hello World!";
static const unsigned char rsa_expected_sig[256] = {
@ -3497,3 +3509,33 @@ static const ST_KAT_ASYM_KEYGEN st_kat_asym_keygen_tests[] = {
# endif
};
#endif /* !OPENSSL_NO_ML_DSA || !OPENSSL_NO_SLH_DSA */
static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
{
OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
"RSA",
1,
rsa_pub_key,
rsa_enc_params,
ITM(rsa_asym_plaintext_encrypt),
ITM(rsa_asym_expected_encrypt),
},
{
OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
"RSA",
0,
rsa_priv_key,
rsa_enc_params,
ITM(rsa_asym_expected_encrypt),
ITM(rsa_asym_plaintext_encrypt),
},
{
OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
"RSA",
0,
rsa_crt_key,
rsa_enc_params,
ITM(rsa_asym_expected_encrypt),
ITM(rsa_asym_plaintext_encrypt),
},
};

100
deps/openssl/openssl/providers/fips/self_test_kats.c vendored
View File

@ -812,6 +812,93 @@ err:
}
#endif
/*
* Test an encrypt or decrypt KAT..
*
* FIPS 140-2 IG D.9 states that separate KAT tests are needed for encrypt
* and decrypt..
*/
static int self_test_asym_cipher(const ST_KAT_ASYM_CIPHER *t, OSSL_SELF_TEST *st,
OSSL_LIB_CTX *libctx)
{
int ret = 0;
OSSL_PARAM *keyparams = NULL, *initparams = NULL;
OSSL_PARAM_BLD *keybld = NULL, *initbld = NULL;
EVP_PKEY_CTX *encctx = NULL, *keyctx = NULL;
EVP_PKEY *key = NULL;
BN_CTX *bnctx = NULL;
unsigned char out[256];
size_t outlen = sizeof(out);
OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER, t->desc);
bnctx = BN_CTX_new_ex(libctx);
if (bnctx == NULL)
goto err;
/* Load a public or private key from data */
keybld = OSSL_PARAM_BLD_new();
if (keybld == NULL
|| !add_params(keybld, t->key, bnctx))
goto err;
keyparams = OSSL_PARAM_BLD_to_param(keybld);
keyctx = EVP_PKEY_CTX_new_from_name(libctx, t->algorithm, NULL);
if (keyctx == NULL || keyparams == NULL)
goto err;
if (EVP_PKEY_fromdata_init(keyctx) <= 0
|| EVP_PKEY_fromdata(keyctx, &key, EVP_PKEY_KEYPAIR, keyparams) <= 0)
goto err;
/* Create a EVP_PKEY_CTX to use for the encrypt or decrypt operation */
encctx = EVP_PKEY_CTX_new_from_pkey(libctx, key, NULL);
if (encctx == NULL
|| (t->encrypt && EVP_PKEY_encrypt_init(encctx) <= 0)
|| (!t->encrypt && EVP_PKEY_decrypt_init(encctx) <= 0))
goto err;
/* Add any additional parameters such as padding */
if (t->postinit != NULL) {
initbld = OSSL_PARAM_BLD_new();
if (initbld == NULL)
goto err;
if (!add_params(initbld, t->postinit, bnctx))
goto err;
initparams = OSSL_PARAM_BLD_to_param(initbld);
if (initparams == NULL)
goto err;
if (EVP_PKEY_CTX_set_params(encctx, initparams) <= 0)
goto err;
}
if (t->encrypt) {
if (EVP_PKEY_encrypt(encctx, out, &outlen,
t->in, t->in_len) <= 0)
goto err;
} else {
if (EVP_PKEY_decrypt(encctx, out, &outlen,
t->in, t->in_len) <= 0)
goto err;
}
/* Check the KAT */
OSSL_SELF_TEST_oncorrupt_byte(st, out);
if (outlen != t->expected_len
|| memcmp(out, t->expected, t->expected_len) != 0)
goto err;
ret = 1;
err:
BN_CTX_free(bnctx);
EVP_PKEY_free(key);
EVP_PKEY_CTX_free(encctx);
EVP_PKEY_CTX_free(keyctx);
OSSL_PARAM_free(keyparams);
OSSL_PARAM_BLD_free(keybld);
OSSL_PARAM_free(initparams);
OSSL_PARAM_BLD_free(initbld);
OSSL_SELF_TEST_onend(st, ret);
return ret;
}
/*
* Test a data driven list of KAT's for digest algorithms.
* All tests are run regardless of if they fail or not.
@ -853,6 +940,17 @@ static int self_test_kems(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
return ret;
}
static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
{
int i, ret = 1;
for (i = 0; i < (int)OSSL_NELEM(st_kat_asym_cipher_tests); ++i) {
if (!self_test_asym_cipher(&st_kat_asym_cipher_tests[i], st, libctx))
ret = 0;
}
return ret;
}
static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
{
int i, ret = 1;
@ -1092,6 +1190,8 @@ int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx)
ret = 0;
if (!self_test_kems(st, libctx))
ret = 0;
if (!self_test_asym_ciphers(st, libctx))
ret = 0;
RAND_set0_private(libctx, saved_rand);
return ret;

7
deps/openssl/openssl/providers/implementations/kdfs/krb5kdf.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -350,7 +350,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
{
int klen, ret;
ret = EVP_EncryptInit_ex(ctx, cipher, engine, key, NULL);
ret = EVP_EncryptInit_ex(ctx, cipher, engine, NULL, NULL);
if (!ret)
goto out;
/* set the key len for the odd variable key len cipher */
@ -362,6 +362,9 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
goto out;
}
}
ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
if (!ret)
goto out;
/* we never want padding, either the length requested is a multiple of
* the cipher block size or we are passed a cipher that can cope with
* partial blocks via techniques like cipher text stealing */

8
deps/openssl/openssl/providers/implementations/keymgmt/ecx_kmgmt.c vendored
View File

@ -218,14 +218,6 @@ static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[])
include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
ok = ok && ossl_ecx_key_fromdata(key, params, include_private);
#ifdef FIPS_MODULE
if (ok > 0 && ecx_key_type_is_ed(key->type) && !ossl_fips_self_testing())
if (key->haspubkey && key->privkey != NULL) {
ok = ecd_fips140_pairwise_test(key, key->type, 1);
if (ok <= 0)
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
}
#endif /* FIPS_MODULE */
return ok;
}

7
deps/openssl/openssl/ssl/quic/quic_impl.c vendored
View File

@ -3197,6 +3197,7 @@ int ossl_quic_conn_stream_conclude(SSL *s)
QCTX ctx;
QUIC_STREAM *qs;
int err;
int ret;
if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, /*io=*/0, &ctx))
return 0;
@ -3204,13 +3205,15 @@ int ossl_quic_conn_stream_conclude(SSL *s)
qs = ctx.xso->stream;
if (!quic_mutation_allowed(ctx.qc, /*req_active=*/1)) {
ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
qctx_unlock(&ctx);
return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, SSL_R_PROTOCOL_IS_SHUTDOWN, NULL);
return ret;
}
if (!quic_validate_for_write(ctx.xso, &err)) {
ret = QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
qctx_unlock(&ctx);
return QUIC_RAISE_NON_NORMAL_ERROR(&ctx, err, NULL);
return ret;
}
if (ossl_quic_sstream_get_final_size(qs->sstream, NULL)) {

9
deps/openssl/openssl/ssl/record/methods/tls_common.c vendored
View File

@ -1,5 +1,5 @@
/*
* Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -1093,9 +1093,12 @@ int tls13_common_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec)
return 0;
}
if (rl->msg_callback != NULL)
rl->msg_callback(0, rl->version, SSL3_RT_INNER_CONTENT_TYPE, &rec->type,
if (rl->msg_callback != NULL) {
unsigned char ctype = (unsigned char)rec->type;
rl->msg_callback(0, rl->version, SSL3_RT_INNER_CONTENT_TYPE, &ctype,
1, rl->cbarg);
}
/*
* TLSv1.3 alert and handshake records are required to be non-zero in

5
deps/openssl/openssl/ssl/ssl_rsa.c vendored
View File

@ -1056,10 +1056,13 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr
}
}
if (!X509_up_ref(x509))
if (!X509_up_ref(x509)) {
OSSL_STACK_OF_X509_free(dup_chain);
goto out;
}
if (!EVP_PKEY_up_ref(privatekey)) {
OSSL_STACK_OF_X509_free(dup_chain);
X509_free(x509);
goto out;
}

4
deps/openssl/openssl/ssl/t1_trce.c vendored
View File

@ -549,8 +549,12 @@ static const ssl_trace_tbl ssl_groups_tbl[] = {
{258, "ffdhe4096"},
{259, "ffdhe6144"},
{260, "ffdhe8192"},
{512, "MLKEM512"},
{513, "MLKEM768"},
{514, "MLKEM1024"},
{4587, "SecP256r1MLKEM768"},
{4588, "X25519MLKEM768"},
{4589, "SecP384r1MLKEM1024"},
{25497, "X25519Kyber768Draft00"},
{25498, "SecP256r1Kyber768Draft00"},
{0xFF01, "arbitrary_explicit_prime_curves"},