sync with OpenBSD -current

lib/libcrypto/Makefile

@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.199 2024/07/09 16:41:44 tb Exp $
+# $OpenBSD: Makefile,v 1.200 2024/07/10 13:30:14 beck Exp $
 
 LIB=	crypto
 LIBREBUILD=y
@@ -53,7 +53,6 @@ CFLAGS+= -I${LCRYPTO_SRC}/x509
 
 VERSION_SCRIPT=	Symbols.map
 SYMBOL_LIST=	${.CURDIR}/Symbols.list
-SYMBOL_NAMESPACE=	${.CURDIR}/Symbols.namespace
 
 .if (${MACHINE_CPU} == "amd64") || (${MACHINE_CPU} == "i386")
 SYMBOL_LIST+=	${.CURDIR}/arch/${MACHINE_CPU}/Symbols.list
@@ -746,9 +745,9 @@ includes: prereq
 	    echo $$j; \
 	    eval "$$j"; \
 	done;
-${VERSION_SCRIPT}: ${SYMBOL_LIST} ${SYMBOL_NAMESPACE}
+${VERSION_SCRIPT}: ${SYMBOL_LIST}
 	{ printf '{\n\tglobal:\n'; \
-	  sed '/^[._a-zA-Z]/s/$$/;/; s/^/		/' ${SYMBOL_NAMESPACE}; \
+	  sed '/^[._a-zA-Z]/s/$$/;/; s/^/		_libre_/' ${SYMBOL_LIST}; \
 	  sed '/^[._a-zA-Z]/s/$$/;/; s/^/		/' ${SYMBOL_LIST}; \
 	  printf '\n\tlocal:\n\t\t*;\n};\n'; } >$@.tmp && mv $@.tmp $@
 

lib/libcrypto/kdf/tls1_prf.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls1_prf.c,v 1.39 2024/07/09 17:58:36 tb Exp $ */
+/*	$OpenBSD: tls1_prf.c,v 1.40 2024/07/10 06:53:27 tb Exp $ */
 /*
  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
  * 2016.
@@ -146,8 +146,7 @@ pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 }
 
 static int
-pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx,
-    const char *type, const char *value)
+pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
 {
 	if (value == NULL) {
 		KDFerror(KDF_R_VALUE_MISSING);
@@ -178,10 +177,8 @@ pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx,
 }
 
 static int
-tls1_prf_P_hash(const EVP_MD *md,
-    const unsigned char *secret, size_t secret_len,
-    const unsigned char *seed, size_t seed_len,
-    unsigned char *out, size_t out_len)
+tls1_prf_P_hash(const EVP_MD *md, const unsigned char *secret, size_t secret_len,
+    const unsigned char *seed, size_t seed_len, unsigned char *out, size_t out_len)
 {
 	int chunk;
 	EVP_MD_CTX *ctx = NULL, *ctx_tmp = NULL, *ctx_init = NULL;

lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_PKEY_CTX_set_hkdf_md.3,v 1.3 2023/09/13 13:46:52 schwarze Exp $
+.\" $OpenBSD: EVP_PKEY_CTX_set_hkdf_md.3,v 1.4 2024/07/10 07:57:37 tb Exp $
 .\" full merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100
 .\"
 .\" This file was written by Alessandro Ghedini <alessandro@ghedini.me>,
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 13 2023 $
+.Dd $Mdocdate: July 10 2024 $
 .Dt EVP_PKEY_CTX_SET_HKDF_MD 3
 .Os
 .Sh NAME
@@ -60,6 +60,7 @@
 .Nm EVP_PKEY_CTX_hkdf_mode
 .Nd HMAC-based Extract-and-Expand key derivation algorithm
 .Sh SYNOPSIS
+.In openssl/evp.h
 .In openssl/kdf.h
 .Ft int
 .Fo EVP_PKEY_CTX_hkdf_mode

lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3

@@ -0,0 +1,171 @@
+.\" $OpenBSD: EVP_PKEY_CTX_set_tls1_prf_md.3,v 1.2 2024/07/10 10:22:03 tb Exp $
+.\" full merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100
+.\"
+.\" This file was written by Dr Stephen Henson <steve@openssl.org>,
+.\" Copyright (c) 2016 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: July 10 2024 $
+.Dt EVP_PKEY_CTX_SET_TLS1_PRF_MD 3
+.Os
+.Sh NAME
+.Nm EVP_PKEY_CTX_set_tls1_prf_md ,
+.Nm EVP_PKEY_CTX_set1_tls1_prf_secret ,
+.Nm EVP_PKEY_CTX_add1_tls1_prf_seed
+.Nd TLS PRF key derivation algorithm
+.Sh SYNOPSIS
+.In openssl/evp.h
+.In openssl/kdf.h
+.Ft int
+.Fo EVP_PKEY_CTX_set_tls1_prf_md
+.Fa "EVP_PKEY_CTX *pctx"
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_PKEY_CTX_set1_tls1_prf_secret
+.Fa "EVP_PKEY_CTX *pctx"
+.Fa "unsigned char *sec"
+.Fa "int seclen"
+.Fc
+.Ft int
+.Fo EVP_PKEY_CTX_add1_tls1_prf_seed
+.Fa "EVP_PKEY_CTX *pctx"
+.Fa "unsigned char *seed"
+.Fa "int seedlen"
+.Fc
+.Sh DESCRIPTION
+The
+.Dv EVP_PKEY_TLS1_PRF
+algorithm implements the PRF key derivation function for TLS.
+It has no associated private key and only implements key derivation using
+.Xr EVP_PKEY_derive 3 .
+.Pp
+.Fn EVP_PKEY_set_tls1_prf_md
+sets the message digest associated with the TLS PRF.
+.Xr EVP_md5_sha1 3
+is treated as a special case which uses the PRF algorithm using both
+MD5 and SHA1 as used in TLS 1.0 and 1.1.
+.Pp
+.Fn EVP_PKEY_CTX_set_tls1_prf_secret
+sets the secret value of the TLS PRF to
+.Fa seclen
+bytes of the buffer
+.Fa sec .
+Any existing secret value is replaced and any seed is reset.
+.Pp
+.Fn EVP_PKEY_CTX_add1_tls1_prf_seed
+sets the seed to
+.Fa seedlen
+bytes of
+.Fa seed .
+If a seed is already set it is appended to the existing value.
+.Sh STRING CTRLS
+The TLS PRF also supports string based control operations using
+.Xr EVP_PKEY_CTX_ctrl_str 3 .
+The
+.Fa type
+parameter "md" uses the supplied
+.Fa value
+as the name of the digest algorithm to use.
+The
+.Fa type
+parameters "secret" and "seed" use the supplied
+.Fa value
+parameter as a secret or seed value.
+The names "hexsecret" and "hexseed" are similar except they take a hex
+string which is converted to binary.
+.Sh NOTES
+All these functions are implemented as macros.
+.Pp
+A context for the TLS PRF can be obtained by calling:
+.Bd -literal
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+.Ed
+.Pp
+The digest, secret value and seed must be set before a key is derived or
+an error occurs.
+.Pp
+The total length of all seeds cannot exceed 1024 bytes in length: this
+should be more than enough for any normal use of the TLS PRF.
+.Pp
+The output length of the PRF is specified by the length parameter in the
+.Xr EVP_PKEY_derive 3
+function.
+Since the output length is variable, setting the buffer to
+.Dv NULL
+is not meaningful for the TLS PRF.
+.Sh RETURN VALUES
+All these functions return 1 for success and 0 or a negative value for
+failure.
+In particular a return value of -2 indicates the operation is not
+supported by the public key algorithm.
+.Sh EXAMPLES
+This example derives 10 bytes using SHA-256 with the secret key "secret"
+and seed value "seed":
+.Bd -literal
+ EVP_PKEY_CTX *pctx;
+ unsigned char out[10];
+ size_t outlen = sizeof(out);
+
+ pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL);
+ if (EVP_PKEY_derive_init(pctx) <= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0)
+     /* Error */
+ if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0)
+     /* Error */
+ if (EVP_PKEY_derive(pctx, out, &outlen) <= 0)
+     /* Error */
+.Ed
+.Sh SEE ALSO
+.Xr EVP_PKEY_CTX_ctrl_str 3 ,
+.Xr EVP_PKEY_CTX_new 3 ,
+.Xr EVP_PKEY_derive 3
+.Sh HISTORY
+These functions first appeared in OpenSSL 1.1.0 and have been available since
+.Ox 7.6 .

lib/libcrypto/man/Makefile

@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.287 2024/05/12 11:50:36 tb Exp $
+# $OpenBSD: Makefile,v 1.288 2024/07/10 08:51:28 tb Exp $
 
 .include <bsd.own.mk>
 
@@ -176,6 +176,7 @@ MAN=	\
 	EVP_PKEY_CTX_get_operation.3 \
 	EVP_PKEY_CTX_new.3 \
 	EVP_PKEY_CTX_set_hkdf_md.3 \
+	EVP_PKEY_CTX_set_tls1_prf_md.3 \
 	EVP_PKEY_add1_attr.3 \
 	EVP_PKEY_asn1_get_count.3 \
 	EVP_PKEY_asn1_new.3 \