SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync code with last improvements from OpenBSD

Browse source
This commit is contained in:
purplerain 2023-11-11 01:29:48 +00:00
parent 5903cbe575
commit 62d64fa864
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
841 changed files with 83929 additions and 40755 deletions
Download patch file Download diff file Expand all files Collapse all files

12
lib/libcrypto/asn1/asn1_item.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: asn1_item.c,v 1.17 2023/07/13 20:59:10 tb Exp $ */
/* $OpenBSD: asn1_item.c,v 1.18 2023/11/09 11:36:39 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -118,6 +118,7 @@
#include "asn1_local.h"
#include "evp_local.h"
#include "x509_local.h"
int
ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
@ -235,7 +236,6 @@ asn1_item_set_algorithm_identifiers(EVP_MD_CTX *ctx, X509_ALGOR *algor1,
X509_ALGOR *algor2)
{
EVP_PKEY *pkey;
ASN1_OBJECT *aobj;
const EVP_MD *md;
int sign_id, sign_param;
@ -254,21 +254,17 @@ asn1_item_set_algorithm_identifiers(EVP_MD_CTX *ctx, X509_ALGOR *algor1,
ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
return 0;
}
if ((aobj = OBJ_nid2obj(sign_id)) == NULL) {
ASN1error(ASN1_R_UNKNOWN_OBJECT_TYPE);
return 0;
}
sign_param = V_ASN1_UNDEF;
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
sign_param = V_ASN1_NULL;
if (algor1 != NULL) {
if (!X509_ALGOR_set0(algor1, aobj, sign_param, NULL))
if (!X509_ALGOR_set0_by_nid(algor1, sign_id, sign_param, NULL))
return 0;
}
if (algor2 != NULL) {
if (!X509_ALGOR_set0(algor2, aobj, sign_param, NULL))
if (!X509_ALGOR_set0_by_nid(algor2, sign_id, sign_param, NULL))
return 0;
}

93
lib/libcrypto/asn1/x_algor.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x_algor.c,v 1.31 2023/10/11 13:22:11 tb Exp $ */
/* $OpenBSD: x_algor.c,v 1.38 2023/11/01 20:41:12 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -149,26 +149,79 @@ X509_ALGOR_dup(X509_ALGOR *x)
return ASN1_item_dup(&X509_ALGOR_it, x);
}
static int
X509_ALGOR_set0_obj(X509_ALGOR *alg, ASN1_OBJECT *aobj)
{
ASN1_OBJECT_free(alg->algorithm);
alg->algorithm = aobj;
return 1;
}
static int
X509_ALGOR_set_obj_by_nid(X509_ALGOR *alg, int nid)
{
ASN1_OBJECT *aobj;
if ((aobj = OBJ_nid2obj(nid)) == NULL)
return 0;
if (!X509_ALGOR_set0_obj(alg, aobj))
return 0;
return 1;
}
static int
X509_ALGOR_set0_parameter(X509_ALGOR *alg, int parameter_type,
void *parameter_value)
{
if (parameter_type == V_ASN1_UNDEF) {
ASN1_TYPE_free(alg->parameter);
alg->parameter = NULL;
return 1;
}
if (alg->parameter == NULL)
alg->parameter = ASN1_TYPE_new();
if (alg->parameter == NULL)
return 0;
if (parameter_type != 0)
ASN1_TYPE_set(alg->parameter, parameter_type, parameter_value);
return 1;
}
int
X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
X509_ALGOR_set0_by_nid(X509_ALGOR *alg, int nid, int parameter_type,
void *parameter_value)
{
if (alg == NULL)
return 0;
if (ptype == V_ASN1_UNDEF) {
ASN1_TYPE_free(alg->parameter);
alg->parameter = NULL;
} else {
if (alg->parameter == NULL)
alg->parameter = ASN1_TYPE_new();
if (alg->parameter == NULL)
return 0;
if (ptype != 0)
ASN1_TYPE_set(alg->parameter, ptype, pval);
}
if (!X509_ALGOR_set_obj_by_nid(alg, nid))
return 0;
ASN1_OBJECT_free(alg->algorithm);
alg->algorithm = aobj;
if (!X509_ALGOR_set0_parameter(alg, parameter_type, parameter_value))
return 0;
return 1;
}
int
X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int parameter_type,
void *parameter_value)
{
if (alg == NULL)
return 0;
/* Set parameter first to preserve public API behavior on failure. */
if (!X509_ALGOR_set0_parameter(alg, parameter_type, parameter_value))
return 0;
if (!X509_ALGOR_set0_obj(alg, aobj))
return 0;
return 1;
}
@ -203,16 +256,16 @@ X509_ALGOR_get0(const ASN1_OBJECT **out_aobj, int *out_type,
int
X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md)
{
ASN1_OBJECT *aobj;
int param_type = V_ASN1_NULL;
int parameter_type = V_ASN1_NULL;
int nid = EVP_MD_type(md);
if ((EVP_MD_flags(md) & EVP_MD_FLAG_DIGALGID_ABSENT) != 0)
param_type = V_ASN1_UNDEF;
parameter_type = V_ASN1_UNDEF;
if ((aobj = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
if (!X509_ALGOR_set0_by_nid(alg, nid, parameter_type, NULL))
return 0;
return X509_ALGOR_set0(alg, aobj, param_type, NULL);
return 1;
}
void

73
lib/libcrypto/bn/bn_exp.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_exp.c,v 1.47 2023/07/08 12:21:58 beck Exp $ */
/* $OpenBSD: bn_exp.c,v 1.50 2023/10/19 10:27:27 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -180,11 +180,12 @@ int
BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
BN_CTX *ctx)
{
int i, j, bits, ret = 0, wstart, wend, window, wvalue;
int i, j, bits, wstart, wend, window, wvalue;
int start = 1;
BIGNUM *d;
BIGNUM *d, *q;
/* Table of variables obtained from 'ctx' */
BIGNUM *val[TABLE_SIZE];
int ret = 0;
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
@ -192,6 +193,11 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
return -1;
}
if (r == m) {
BNerror(BN_R_INVALID_ARGUMENT);
return 0;
}
bits = BN_num_bits(p);
if (bits == 0) {
/* x**0 mod 1 is still zero. */
@ -206,21 +212,24 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
BN_CTX_start(ctx);
if ((d = BN_CTX_get(ctx)) == NULL)
goto err;
if ((q = BN_CTX_get(ctx)) == NULL)
goto err;
if ((val[0] = BN_CTX_get(ctx)) == NULL)
goto err;
if (!BN_nnmod(val[0],a,m,ctx))
goto err; /* 1 */
if (!BN_nnmod(val[0], a, m, ctx))
goto err;
if (BN_is_zero(val[0])) {
BN_zero(r);
ret = 1;
goto err;
goto done;
}
if (!bn_copy(q, p))
goto err;
window = BN_window_bits_for_exponent_size(bits);
if (window > 1) {
if (!BN_mod_mul(d, val[0], val[0], m, ctx))
goto err; /* 2 */
goto err;
j = 1 << (window - 1);
for (i = 1; i < j; i++) {
if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
@ -240,7 +249,7 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
goto err;
for (;;) {
if (BN_is_bit_set(p, wstart) == 0) {
if (BN_is_bit_set(q, wstart) == 0) {
if (!start)
if (!BN_mod_mul(r, r, r, m, ctx))
goto err;
@ -259,7 +268,7 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
for (i = 1; i < window; i++) {
if (wstart - i < 0)
break;
if (BN_is_bit_set(p, wstart - i)) {
if (BN_is_bit_set(q, wstart - i)) {
wvalue <<= (i - wend);
wvalue |= 1;
wend = i;
@ -286,11 +295,14 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
if (wstart < 0)
break;
}
done:
ret = 1;
err:
err:
BN_CTX_end(ctx);
return (ret);
return ret;
}
LCRYPTO_ALIAS(BN_mod_exp_simple);
@ -698,12 +710,12 @@ BN_mod_exp_mont_internal(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIG
goto err;
}
if (!BN_to_montgomery(val[0], aa, mont, ctx))
goto err; /* 1 */
goto err;
window = BN_window_bits_for_exponent_size(bits);
if (window > 1) {
if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
goto err; /* 2 */
goto err;
j = 1 << (window - 1);
for (i = 1; i < j; i++) {
if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
@ -956,12 +968,13 @@ int
BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
BN_CTX *ctx)
{
int i, j, bits, ret = 0, wstart, wend, window, wvalue;
int i, j, bits, wstart, wend, window, wvalue;
int start = 1;
BIGNUM *aa;
BIGNUM *aa, *q;
/* Table of variables obtained from 'ctx' */
BIGNUM *val[TABLE_SIZE];
BN_RECP_CTX recp;
int ret = 0;
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
@ -985,6 +998,8 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
BN_CTX_start(ctx);
if ((aa = BN_CTX_get(ctx)) == NULL)
goto err;
if ((q = BN_CTX_get(ctx)) == NULL)
goto err;
if ((val[0] = BN_CTX_get(ctx)) == NULL)
goto err;
@ -1001,17 +1016,18 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
}
if (!BN_nnmod(val[0], a, m, ctx))
goto err; /* 1 */
goto err;
if (BN_is_zero(val[0])) {
BN_zero(r);
ret = 1;
goto err;
goto done;
}
if (!bn_copy(q, p))
goto err;
window = BN_window_bits_for_exponent_size(bits);
if (window > 1) {
if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx))
goto err; /* 2 */
goto err;
j = 1 << (window - 1);
for (i = 1; i < j; i++) {
if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
@ -1032,9 +1048,9 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
goto err;
for (;;) {
if (BN_is_bit_set(p, wstart) == 0) {
if (BN_is_bit_set(q, wstart) == 0) {
if (!start)
if (!BN_mod_mul_reciprocal(r, r,r, &recp, ctx))
if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
goto err;
if (wstart == 0)
break;
@ -1051,7 +1067,7 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
for (i = 1; i < window; i++) {
if (wstart - i < 0)
break;
if (BN_is_bit_set(p, wstart - i)) {
if (BN_is_bit_set(q, wstart - i)) {
wvalue <<= (i - wend);
wvalue |= 1;
wend = i;
@ -1063,12 +1079,12 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
/* add the 'bytes above' */
if (!start)
for (i = 0; i < j; i++) {
if (!BN_mod_mul_reciprocal(r, r,r, &recp, ctx))
if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
goto err;
}
/* wvalue will be an odd number < 2^window */
if (!BN_mod_mul_reciprocal(r, r,val[wvalue >> 1], &recp, ctx))
if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], &recp, ctx))
goto err;
/* move the 'window' down further */
@ -1078,12 +1094,15 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
if (wstart < 0)
break;
}
done:
ret = 1;
err:
err:
BN_CTX_end(ctx);
BN_RECP_CTX_free(&recp);
return (ret);
return ret;
}
static int

16
lib/libcrypto/cms/cms_dd.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cms_dd.c,v 1.15 2022/11/26 16:08:51 tb Exp $ */
/* $OpenBSD: cms_dd.c,v 1.17 2023/10/26 09:08:57 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
@ -54,13 +54,14 @@
#include <string.h>
#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/asn1.h>
#include <openssl/cms.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include "cms_local.h"
#include "x509_local.h"
/* CMS DigestedData Utilities */
@ -85,7 +86,8 @@ cms_DigestedData_create(const EVP_MD *md)
dd->version = 0;
dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
X509_ALGOR_set_md(dd->digestAlgorithm, md);
if (!X509_ALGOR_set_evp_md(dd->digestAlgorithm, md))
goto err;
return cms;

40
lib/libcrypto/cms/cms_sd.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cms_sd.c,v 1.28 2023/09/11 09:29:30 tb Exp $ */
/* $OpenBSD: cms_sd.c,v 1.29 2023/10/18 07:30:49 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
@ -52,18 +52,22 @@
* ====================================================================
*/
#include <stdlib.h>
#include <string.h>
#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/pem.h>
#include <openssl/asn1.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/cms.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
#include "asn1_local.h"
#include "cms_local.h"
#include "asn1/asn1_local.h"
#include "evp/evp_local.h"
#include "evp_local.h"
#include "x509_local.h"
/* CMS SignedData Utilities */
@ -279,7 +283,7 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
{
CMS_SignedData *sd;
CMS_SignerInfo *si = NULL;
X509_ALGOR *alg;
X509_ALGOR *alg = NULL;
int i, type;
if (!X509_check_private_key(signer, pk)) {
@ -337,26 +341,29 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
goto err;
}
X509_ALGOR_set_md(si->digestAlgorithm, md);
if (!X509_ALGOR_set_evp_md(si->digestAlgorithm, md))
goto err;
/* See if digest is present in digestAlgorithms */
for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
const X509_ALGOR *x509_alg;
const ASN1_OBJECT *aoid;
alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
X509_ALGOR_get0(&aoid, NULL, NULL, alg);
x509_alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
X509_ALGOR_get0(&aoid, NULL, NULL, x509_alg);
if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
break;
}
if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) {
alg = X509_ALGOR_new();
if (alg == NULL)
if ((alg = X509_ALGOR_new()) == NULL)
goto merr;
if (!X509_ALGOR_set_evp_md(alg, md))
goto merr;
X509_ALGOR_set_md(alg, md);
if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) {
X509_ALGOR_free(alg);
goto merr;
}
alg = NULL;
}
if (!(flags & CMS_KEY_PARAM) && !cms_sd_asn1_ctrl(si, 0))
@ -422,6 +429,7 @@ CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
CMSerror(ERR_R_MALLOC_FAILURE);
err:
ASN1_item_free((ASN1_VALUE *)si, &CMS_SignerInfo_it);
X509_ALGOR_free(alg);
return NULL;
}

13
lib/libcrypto/ec/ecx_methods.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ecx_methods.c,v 1.9 2023/07/22 19:33:25 tb Exp $ */
/* $OpenBSD: ecx_methods.c,v 1.10 2023/11/09 11:39:13 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
*
@ -27,6 +27,7 @@
#include "bytestring.h"
#include "curve25519_internal.h"
#include "evp_local.h"
#include "x509_local.h"
/*
* EVP PKEY and PKEY ASN.1 methods Ed25519 and X25519.
@ -729,16 +730,12 @@ static int
ecx_item_sign(EVP_MD_CTX *md_ctx, const ASN1_ITEM *it, void *asn,
X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *abs)
{
ASN1_OBJECT *aobj;
if ((aobj = OBJ_nid2obj(NID_ED25519)) == NULL)
return 0;
if (!X509_ALGOR_set0(algor1, aobj, V_ASN1_UNDEF, NULL))
if (!X509_ALGOR_set0_by_nid(algor1, NID_ED25519, V_ASN1_UNDEF, NULL))
return 0;
if (algor2 != NULL) {
if (!X509_ALGOR_set0(algor2, aobj, V_ASN1_UNDEF, NULL))
if (!X509_ALGOR_set0_by_nid(algor2, NID_ED25519, V_ASN1_UNDEF,
NULL))
return 0;
}

4
lib/libcrypto/evp/c_all.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: c_all.c,v 1.32 2023/07/24 10:24:58 jsing Exp $ */
/* $OpenBSD: c_all.c,v 1.33 2023/10/24 13:09:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -223,6 +223,8 @@ OpenSSL_add_all_ciphers_internal(void)
#ifndef OPENSSL_NO_CHACHA
EVP_add_cipher(EVP_chacha20());
EVP_add_cipher_alias(SN_chacha20, "ChaCha20");
EVP_add_cipher_alias(LN_chacha20, "chacha20");
#endif
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
EVP_add_cipher(EVP_chacha20_poly1305());

4
lib/libcrypto/evp/evp.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: evp.h,v 1.119 2023/08/25 12:37:33 schwarze Exp $ */
/* $OpenBSD: evp.h,v 1.120 2023/10/18 17:26:06 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -1325,8 +1325,6 @@ int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
size_t nonce_len, const unsigned char *in, size_t in_len,
const unsigned char *ad, size_t ad_len);
void EVP_add_alg_module(void);
void ERR_load_EVP_strings(void);
/* Error codes for the EVP functions. */

21
lib/libcrypto/man/BN_mod_inverse.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BN_mod_inverse.3,v 1.11 2021/11/30 18:34:35 tb Exp $
.\" $OpenBSD: BN_mod_inverse.3,v 1.13 2023/10/21 13:53:43 schwarze Exp $
.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
.\"
.\" This file was written by Ulf Moeller <ulf@openssl.org>.
@ -48,19 +48,19 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: November 30 2021 $
.Dd $Mdocdate: October 21 2023 $
.Dt BN_MOD_INVERSE 3
.Os
.Sh NAME
.Nm BN_mod_inverse
.Nd compute inverse modulo n
.Nd compute inverse modulo m
.Sh SYNOPSIS
.In openssl/bn.h
.Ft BIGNUM *
.Fo BN_mod_inverse
.Fa "BIGNUM *r"
.Fa "const BIGNUM *a"
.Fa "const BIGNUM *n"
.Fa "const BIGNUM *m"
.Fa "BN_CTX *ctx"
.Fc
.Sh DESCRIPTION
@ -68,24 +68,27 @@
computes the inverse of
.Fa a
modulo
.Fa n
.Fa m
and places the result in
.Fa r ,
so that
.Fa r
.Pq Li (a*r)%n==1 .
satisfies
.Li a * r == 1 (mod m) .
If
.Fa r
is
.Dv NULL ,
a new
.Vt BIGNUM
is created.
is allocated.
.Pp
If the flag
.Dv BN_FLG_CONSTTIME
is set on
.Fa a
or
.Fa n ,
.Fa m ,
it operates in constant time.
.Pp
.Fa ctx
@ -98,7 +101,7 @@ may be the same
as
.Fa a
or
.Fa n .
.Fa m .
.Sh RETURN VALUES
.Fn BN_mod_inverse
returns the

5
lib/libcrypto/man/openssl.cnf.5
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: openssl.cnf.5,v 1.8 2022/03/31 17:27:17 naddy Exp $
.\" $OpenBSD: openssl.cnf.5,v 1.9 2023/10/21 14:05:49 tb Exp $
.\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100
.\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400
.\"
@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: March 31 2022 $
.Dd $Mdocdate: October 21 2023 $
.Dt OPENSSL.CNF 5
.Os
.Sh NAME
@ -393,7 +393,6 @@ openssl_conf = openssl_conf_section
[openssl_conf_section]
# Configuration module list
alg_section = evp_sect
oid_section = new_oids
[new_oids]

16
lib/libcrypto/pkcs7/pk7_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: pk7_lib.c,v 1.26 2023/02/16 08:38:17 tb Exp $ */
/* $OpenBSD: pk7_lib.c,v 1.28 2023/11/09 19:08:07 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -370,6 +370,7 @@ int
PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
const EVP_MD *dgst)
{
int nid;
int ret;
/* We now need to add another PKCS7_SIGNER_INFO entry */
@ -390,10 +391,15 @@ PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
p7i->pkey = pkey;
/* Set the algorithms */
X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)),
V_ASN1_NULL, NULL);
/*
* Do not use X509_ALGOR_set_evp_md() to match historical behavior.
* A mistranslation of the ASN.1 from 1988 to 1997 syntax lost the
* OPTIONAL field, cf. the NOTE above RFC 5754, 2.1.
* Using X509_ALGOR_set_evp_md() would change encoding of the SHAs.
*/
nid = EVP_MD_type(dgst);
if (!X509_ALGOR_set0_by_nid(p7i->digest_alg, nid, V_ASN1_NULL, NULL))
return 0;
if (pkey->ameth && pkey->ameth->pkey_ctrl) {
ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN,

384
lib/libcrypto/rsa/rsa_ameth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rsa_ameth.c,v 1.33 2023/08/12 08:02:43 tb Exp $ */
/* $OpenBSD: rsa_ameth.c,v 1.51 2023/11/09 08:29:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
@ -72,6 +72,7 @@
#include "cryptlib.h"
#include "evp_local.h"
#include "rsa_local.h"
#include "x509_local.h"
#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si);
@ -82,6 +83,8 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri);
static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg);
static int rsa_alg_set_pkcs1_padding(X509_ALGOR *alg);
/* Set any parameters associated with pkey */
static int
rsa_param_encode(const EVP_PKEY *pkey, ASN1_STRING **pstr, int *pstrtype)
@ -567,52 +570,85 @@ rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
return -2;
}
if (alg)
X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
V_ASN1_NULL, 0);
if (alg != NULL)
return rsa_alg_set_pkcs1_padding(alg);
return 1;
}
/* Allocate and set algorithm ID from EVP_MD, defaults to SHA1. */
static int
rsa_md_to_algor(X509_ALGOR **palg, const EVP_MD *md)
rsa_md_to_algor(const EVP_MD *md, X509_ALGOR **out_alg)
{
X509_ALGOR *alg = NULL;
int ret = 0;
X509_ALGOR_free(*out_alg);
*out_alg = NULL;
/* RFC 8017 - default hash is SHA-1 and hence omitted. */
if (md == NULL || EVP_MD_type(md) == NID_sha1)
return 1;
*palg = X509_ALGOR_new();
if (*palg == NULL)
return 0;
X509_ALGOR_set_md(*palg, md);
return 1;
goto done;
if ((alg = X509_ALGOR_new()) == NULL)
goto err;
if (!X509_ALGOR_set_evp_md(alg, md))
goto err;
done:
*out_alg = alg;
alg = NULL;
ret = 1;
err:
X509_ALGOR_free(alg);
return ret;
}
/* Allocate and set MGF1 algorithm ID from EVP_MD. */
/*
* RFC 8017, A.2.1 and A.2.3 - encode maskGenAlgorithm for RSAES-OAEP
* and RSASSA-PSS. The default is mgfSHA1 and hence omitted.
*/
static int
rsa_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md)
rsa_mgf1md_to_maskGenAlgorithm(const EVP_MD *mgf1md, X509_ALGOR **out_alg)
{
X509_ALGOR *algtmp = NULL;
ASN1_STRING *stmp = NULL;
X509_ALGOR *alg = NULL;
X509_ALGOR *inner_alg = NULL;
ASN1_STRING *astr = NULL;
int ret = 0;
X509_ALGOR_free(*out_alg);
*out_alg = NULL;
*palg = NULL;
if (mgf1md == NULL || EVP_MD_type(mgf1md) == NID_sha1)
return 1;
/* need to embed algorithm ID inside another */
if (!rsa_md_to_algor(&algtmp, mgf1md))
goto done;
if ((inner_alg = X509_ALGOR_new()) == NULL)
goto err;
if (ASN1_item_pack(algtmp, &X509_ALGOR_it, &stmp) == NULL)
goto err;
*palg = X509_ALGOR_new();
if (*palg == NULL)
if (!X509_ALGOR_set_evp_md(inner_alg, mgf1md))
goto err;
X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp);
stmp = NULL;
if ((astr = ASN1_item_pack(inner_alg, &X509_ALGOR_it, NULL)) == NULL)
goto err;
if ((alg = X509_ALGOR_new()) == NULL)
goto err;
if (!X509_ALGOR_set0_by_nid(alg, NID_mgf1, V_ASN1_SEQUENCE, astr))
goto err;
astr = NULL;
done:
*out_alg = alg;
alg = NULL;
ret = 1;
err:
ASN1_STRING_free(stmp);
X509_ALGOR_free(algtmp);
if (*palg)
return 1;
return 0;
X509_ALGOR_free(alg);
X509_ALGOR_free(inner_alg);
ASN1_STRING_free(astr);
return ret;
}
/* Convert algorithm ID to EVP_MD, defaults to SHA1. */
@ -634,17 +670,17 @@ rsa_algor_to_md(X509_ALGOR *alg)
* suitable for setting an AlgorithmIdentifier.
*/
static RSA_PSS_PARAMS *
rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
rsa_ctx_to_pss(EVP_PKEY_CTX *pkey_ctx)
{
const EVP_MD *sigmd, *mgf1md;
EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx);
EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkey_ctx);
int saltlen;
if (EVP_PKEY_CTX_get_signature_md(pkctx, &sigmd) <= 0)
if (EVP_PKEY_CTX_get_signature_md(pkey_ctx, &sigmd) <= 0)
return NULL;
if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkey_ctx, &mgf1md) <= 0)
return NULL;
if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen))
if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkey_ctx, &saltlen))
return NULL;
if (saltlen == -1) {
saltlen = EVP_MD_size(sigmd);
@ -662,53 +698,47 @@ rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
RSA_PSS_PARAMS *
rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md, int saltlen)
{
RSA_PSS_PARAMS *pss = RSA_PSS_PARAMS_new();
RSA_PSS_PARAMS *pss = NULL;
if (pss == NULL)
if (mgf1md == NULL)
mgf1md = sigmd;
if ((pss = RSA_PSS_PARAMS_new()) == NULL)
goto err;
if (saltlen != 20) {
pss->saltLength = ASN1_INTEGER_new();
if (pss->saltLength == NULL)
if (!rsa_md_to_algor(sigmd, &pss->hashAlgorithm))
goto err;
if (!rsa_mgf1md_to_maskGenAlgorithm(mgf1md, &pss->maskGenAlgorithm))
goto err;
/* Translate mgf1md to X509_ALGOR in decoded form for internal use. */
if (!rsa_md_to_algor(mgf1md, &pss->maskHash))
goto err;
/* RFC 8017, A.2.3 - default saltLength is SHA_DIGEST_LENGTH. */
if (saltlen != SHA_DIGEST_LENGTH) {
if ((pss->saltLength = ASN1_INTEGER_new()) == NULL)
goto err;
if (!ASN1_INTEGER_set(pss->saltLength, saltlen))
goto err;
}
if (!rsa_md_to_algor(&pss->hashAlgorithm, sigmd))
goto err;
if (mgf1md == NULL)
mgf1md = sigmd;
if (!rsa_md_to_mgf1(&pss->maskGenAlgorithm, mgf1md))
goto err;
if (!rsa_md_to_algor(&pss->maskHash, mgf1md))
goto err;
return pss;
err:
RSA_PSS_PARAMS_free(pss);
return NULL;
}
static ASN1_STRING *
rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx)
{
RSA_PSS_PARAMS *pss = rsa_ctx_to_pss(pkctx);
ASN1_STRING *os;
if (pss == NULL)
return NULL;
os = ASN1_item_pack(pss, &RSA_PSS_PARAMS_it, NULL);
RSA_PSS_PARAMS_free(pss);
return os;
}
/*
* From PSS AlgorithmIdentifier set public key parameters. If pkey isn't NULL
* then the EVP_MD_CTX is setup and initialised. If it is NULL parameters are
* passed to pkctx instead.
* passed to pkey_ctx instead.
*/
static int
rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkey_ctx,
X509_ALGOR *sigalg, EVP_PKEY *pkey)
{
int rv = -1;
@ -731,11 +761,11 @@ rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
/* We have all parameters now set up context */
if (pkey) {
if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
if (!EVP_DigestVerifyInit(ctx, &pkey_ctx, md, NULL, pkey))
goto err;
} else {
const EVP_MD *checkmd;
if (EVP_PKEY_CTX_get_signature_md(pkctx, &checkmd) <= 0)
if (EVP_PKEY_CTX_get_signature_md(pkey_ctx, &checkmd) <= 0)
goto err;
if (EVP_MD_type(md) != EVP_MD_type(checkmd)) {
RSAerror(RSA_R_DIGEST_DOES_NOT_MATCH);
@ -743,13 +773,13 @@ rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
}
}
if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0)
if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) <= 0)
goto err;
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0)
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, saltlen) <= 0)
goto err;
if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1md) <= 0)
goto err;
/* Carry on */
rv = 1;
@ -799,14 +829,14 @@ rsa_cms_verify(CMS_SignerInfo *si)
{
int nid, nid2;
X509_ALGOR *alg;
EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
EVP_PKEY_CTX *pkey_ctx = CMS_SignerInfo_get0_pkey_ctx(si);
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
nid = OBJ_obj2nid(alg->algorithm);
if (nid == EVP_PKEY_RSA_PSS)
return rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
return rsa_pss_to_ctx(NULL, pkey_ctx, alg, NULL);
/* Only PSS allowed for PSS keys */
if (pkey_ctx_is_pss(pkctx)) {
if (pkey_ctx_is_pss(pkey_ctx)) {
RSAerror(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
return 0;
}
@ -841,32 +871,117 @@ rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
return -1;
}
static int
rsa_alg_set_pkcs1_padding(X509_ALGOR *alg)
{
return X509_ALGOR_set0_by_nid(alg, NID_rsaEncryption, V_ASN1_NULL, NULL);
}
static int
rsa_alg_set_pss_padding(X509_ALGOR *alg, EVP_PKEY_CTX *pkey_ctx)
{
RSA_PSS_PARAMS *pss = NULL;
ASN1_STRING *astr = NULL;
int ret = 0;
if (pkey_ctx == NULL)
goto err;
if ((pss = rsa_ctx_to_pss(pkey_ctx)) == NULL)
goto err;
if ((astr = ASN1_item_pack(pss, &RSA_PSS_PARAMS_it, NULL)) == NULL)
goto err;
if (!X509_ALGOR_set0_by_nid(alg, EVP_PKEY_RSA_PSS, V_ASN1_SEQUENCE, astr))
goto err;
astr = NULL;
ret = 1;
err:
ASN1_STRING_free(astr);
RSA_PSS_PARAMS_free(pss);
return ret;
}
#ifndef OPENSSL_NO_CMS
static int
rsa_alg_set_oaep_padding(X509_ALGOR *alg, EVP_PKEY_CTX *pkey_ctx)
{
const EVP_MD *md, *mgf1md;
RSA_OAEP_PARAMS *oaep = NULL;
ASN1_STRING *astr = NULL;
ASN1_OCTET_STRING *ostr = NULL;
unsigned char *label;
int labellen;
int ret = 0;
if (EVP_PKEY_CTX_get_rsa_oaep_md(pkey_ctx, &md) <= 0)
goto err;
if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkey_ctx, &mgf1md) <= 0)
goto err;
labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkey_ctx, &label);
if (labellen < 0)
goto err;
if ((oaep = RSA_OAEP_PARAMS_new()) == NULL)
goto err;
if (!rsa_md_to_algor(md, &oaep->hashFunc))
goto err;
if (!rsa_mgf1md_to_maskGenAlgorithm(mgf1md, &oaep->maskGenFunc))
goto err;
/* XXX - why do we not set oaep->maskHash here? */
if (labellen > 0) {
if ((oaep->pSourceFunc = X509_ALGOR_new()) == NULL)
goto err;
if ((ostr = ASN1_OCTET_STRING_new()) == NULL)
goto err;
if (!ASN1_OCTET_STRING_set(ostr, label, labellen))
goto err;
if (!X509_ALGOR_set0_by_nid(oaep->pSourceFunc, NID_pSpecified,
V_ASN1_OCTET_STRING, ostr))
goto err;
ostr = NULL;
}
if ((astr = ASN1_item_pack(oaep, &RSA_OAEP_PARAMS_it, NULL)) == NULL)
goto err;
if (!X509_ALGOR_set0_by_nid(alg, NID_rsaesOaep, V_ASN1_SEQUENCE, astr))
goto err;
astr = NULL;
ret = 1;
err:
RSA_OAEP_PARAMS_free(oaep);
ASN1_STRING_free(astr);
ASN1_OCTET_STRING_free(ostr);
return ret;
}
static int
rsa_cms_sign(CMS_SignerInfo *si)
{
int pad_mode = RSA_PKCS1_PADDING;
EVP_PKEY_CTX *pkey_ctx;
X509_ALGOR *alg;
EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
ASN1_STRING *os = NULL;
int pad_mode = RSA_PKCS1_PADDING;
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
if (pkctx) {
if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
if ((pkey_ctx = CMS_SignerInfo_get0_pkey_ctx(si)) != NULL) {
if (EVP_PKEY_CTX_get_rsa_padding(pkey_ctx, &pad_mode) <= 0)
return 0;
}
if (pad_mode == RSA_PKCS1_PADDING) {
X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
return 1;
}
/* We don't support it */
if (pad_mode != RSA_PKCS1_PSS_PADDING)
return 0;
os = rsa_ctx_to_pss_string(pkctx);
if (!os)
return 0;
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os);
return 1;
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
if (pad_mode == RSA_PKCS1_PADDING)
return rsa_alg_set_pkcs1_padding(alg);
if (pad_mode == RSA_PKCS1_PSS_PADDING)
return rsa_alg_set_pss_padding(alg, pkey_ctx);
return 0;
}
#endif
@ -874,30 +989,20 @@ static int
rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig)
{
EVP_PKEY_CTX *pkctx = ctx->pctx;
EVP_PKEY_CTX *pkey_ctx = ctx->pctx;
int pad_mode;
if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
if (EVP_PKEY_CTX_get_rsa_padding(pkey_ctx, &pad_mode) <= 0)
return 0;
if (pad_mode == RSA_PKCS1_PADDING)
return 2;
if (pad_mode == RSA_PKCS1_PSS_PADDING) {
ASN1_STRING *os1 = NULL;
os1 = rsa_ctx_to_pss_string(pkctx);
if (!os1)
if (!rsa_alg_set_pss_padding(alg1, pkey_ctx))
return 0;
/* Duplicate parameters if we have to */
if (alg2) {
ASN1_STRING *os2 = ASN1_STRING_dup(os1);
if (!os2) {
ASN1_STRING_free(os1);
if (alg2 != NULL) {
if (!rsa_alg_set_pss_padding(alg2, pkey_ctx))
return 0;
}
X509_ALGOR_set0(alg2, OBJ_nid2obj(EVP_PKEY_RSA_PSS),
V_ASN1_SEQUENCE, os2);
}
X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_RSA_PSS),
V_ASN1_SEQUENCE, os1);
return 3;
}
return 2;
@ -1007,66 +1112,23 @@ rsa_cms_decrypt(CMS_RecipientInfo *ri)
static int
rsa_cms_encrypt(CMS_RecipientInfo *ri)
{
const EVP_MD *md, *mgf1md;
RSA_OAEP_PARAMS *oaep = NULL;
ASN1_STRING *os = NULL;
X509_ALGOR *alg;
EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen;
unsigned char *label;
EVP_PKEY_CTX *pkey_ctx;
int pad_mode = RSA_PKCS1_PADDING;
if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) <= 0)
return 0;
if (pkctx) {
if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
if ((pkey_ctx = CMS_RecipientInfo_get0_pkey_ctx(ri)) != NULL) {
if (EVP_PKEY_CTX_get_rsa_padding(pkey_ctx, &pad_mode) <= 0)
return 0;
}
if (pad_mode == RSA_PKCS1_PADDING) {
X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
return 1;
}
/* Not supported */
if (pad_mode != RSA_PKCS1_OAEP_PADDING)
if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg))
return 0;
if (EVP_PKEY_CTX_get_rsa_oaep_md(pkctx, &md) <= 0)
goto err;
if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
goto err;
labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkctx, &label);
if (labellen < 0)
goto err;
oaep = RSA_OAEP_PARAMS_new();
if (oaep == NULL)
goto err;
if (!rsa_md_to_algor(&oaep->hashFunc, md))
goto err;
if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
goto err;
if (labellen > 0) {
ASN1_OCTET_STRING *los;
oaep->pSourceFunc = X509_ALGOR_new();
if (oaep->pSourceFunc == NULL)
goto err;
los = ASN1_OCTET_STRING_new();
if (los == NULL)
goto err;
if (!ASN1_OCTET_STRING_set(los, label, labellen)) {
ASN1_OCTET_STRING_free(los);
goto err;
}
X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified),
V_ASN1_OCTET_STRING, los);
}
/* create string with pss parameter encoding. */
if (!ASN1_item_pack(oaep, &RSA_OAEP_PARAMS_it, &os))
goto err;
X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, os);
os = NULL;
rv = 1;
err:
RSA_OAEP_PARAMS_free(oaep);
ASN1_STRING_free(os);
return rv;
if (pad_mode == RSA_PKCS1_PADDING)
return rsa_alg_set_pkcs1_padding(alg);
if (pad_mode == RSA_PKCS1_OAEP_PADDING)
return rsa_alg_set_oaep_padding(alg, pkey_ctx);
return 0;
}
#endif

15
lib/libcrypto/x509/x509.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509.h,v 1.101 2023/07/28 15:50:33 tb Exp $ */
/* $OpenBSD: x509.h,v 1.103 2023/11/02 20:25:48 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -527,7 +527,9 @@ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval,
const X509_ALGOR *algor);
#ifndef LIBRESSL_INTERNAL
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
#endif
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
X509_NAME *X509_NAME_dup(X509_NAME *xn);
@ -1081,13 +1083,10 @@ const STACK_OF(X509_ATTRIBUTE) *PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO
int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type,
const unsigned char *bytes, int len);
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
int ptype, void *pval,
unsigned char *penc, int penclen);
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
const unsigned char **pk, int *ppklen,
X509_ALGOR **pa,
X509_PUBKEY *pub);
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype,
void *pval, unsigned char *penc, int penclen);
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub);
int X509_check_trust(X509 *x, int id, int flags);
int X509_TRUST_get_count(void);

9
lib/libcrypto/x509/x509_addr.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_addr.c,v 1.90 2023/09/27 11:29:22 tb Exp $ */
/* $OpenBSD: x509_addr.c,v 1.91 2023/10/29 13:22:37 tb Exp $ */
/*
* Contributed to the OpenSSL Project by the American Registry for
* Internet Numbers ("ARIN").
@ -1886,8 +1886,11 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509) *chain,
if (ext == NULL) {
depth = 0;
cert = sk_X509_value(chain, depth);
if ((X509_get_extension_flags(cert) & EXFLAG_INVALID) != 0)
goto done;
if ((X509_get_extension_flags(cert) & EXFLAG_INVALID) != 0) {
if ((ret = verify_error(ctx, cert,
X509_V_ERR_INVALID_EXTENSION, depth)) == 0)
goto done;
}
if ((ext = cert->rfc3779_addr) == NULL)
goto done;
} else if (!X509v3_addr_is_canonical(ext)) {

4
lib/libcrypto/x509/x509_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_local.h,v 1.10 2023/10/11 13:05:18 tb Exp $ */
/* $OpenBSD: x509_local.h,v 1.11 2023/11/01 20:37:42 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2013.
*/
@ -380,6 +380,8 @@ int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
int name_cmp(const char *name, const char *cmp);
int X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md);
int X509_ALGOR_set0_by_nid(X509_ALGOR *alg, int nid, int parameter_type,
void *parameter_value);
int X509_policy_check(const STACK_OF(X509) *certs,
const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags,