[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Richard Levitte
levitte at openssl.org
Tue Aug 15 10:55:13 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via d46d2da41c75ff765c914bf1c19063e97c8c519a (commit)
from 3735a900eddcb7a1355e43fa3ad8928db7837dcb (commit)
- Log -----------------------------------------------------------------
commit d46d2da41c75ff765c914bf1c19063e97c8c519a
Author: Richard Levitte <levitte at openssl.org>
Date: Thu Jul 6 10:11:17 2017 +0200
Fix 'no-cms'
Fixes #3867
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3873)
-----------------------------------------------------------------------
Summary of changes:
crypto/dh/dh.h | 2 ++
crypto/dh/dh_kdf.c | 4 ++++
crypto/dh/dh_pmeth.c | 9 ++++++++-
crypto/rsa/rsa_ameth.c | 2 +-
util/libeay.num | 2 +-
5 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index a228c7a..80b28fb 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -257,11 +257,13 @@ DH *DH_get_1024_160(void);
DH *DH_get_2048_224(void);
DH *DH_get_2048_256(void);
+# ifndef OPENSSL_NO_CMS
/* RFC2631 KDF */
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
ASN1_OBJECT *key_oid,
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+# endif
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c
index a882cb2..8947a08 100644
--- a/crypto/dh/dh_kdf.c
+++ b/crypto/dh/dh_kdf.c
@@ -51,6 +51,9 @@
* ====================================================================
*/
+#include <e_os.h>
+
+#ifndef OPENSSL_NO_CMS
#include <string.h>
#include <openssl/dh.h>
#include <openssl/evp.h>
@@ -185,3 +188,4 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
EVP_MD_CTX_cleanup(&mctx);
return rv;
}
+#endif
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index b58e3fa..6452482 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -207,7 +207,11 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_DH_KDF_TYPE:
if (p1 == -2)
return dctx->kdf_type;
+#ifdef OPENSSL_NO_CMS
+ if (p1 != EVP_PKEY_DH_KDF_NONE)
+#else
if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
+#endif
return -2;
dctx->kdf_type = p1;
return 1;
@@ -448,7 +452,9 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
return ret;
*keylen = ret;
return 1;
- } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
+ }
+#ifndef OPENSSL_NO_CMS
+ else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
unsigned char *Z = NULL;
size_t Zlen = 0;
if (!dctx->kdf_outlen || !dctx->kdf_oid)
@@ -479,6 +485,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
}
return ret;
}
+#endif
return 1;
}
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 951e1d5..ddead3d 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -768,6 +768,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
return 2;
}
+#ifndef OPENSSL_NO_CMS
static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
X509_ALGOR **pmaskHash)
{
@@ -791,7 +792,6 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
return pss;
}
-#ifndef OPENSSL_NO_CMS
static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
{
EVP_PKEY_CTX *pkctx;
diff --git a/util/libeay.num b/util/libeay.num
index 2094ab3..992abb2 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4370,7 +4370,7 @@ DH_compute_key_padded 4732 EXIST::FUNCTION:DH
ECDSA_METHOD_set_sign 4733 EXIST::FUNCTION:ECDSA
CMS_RecipientEncryptedKey_cert_cmp 4734 EXIST:!VMS:FUNCTION:CMS
CMS_RecipEncryptedKey_cert_cmp 4734 EXIST:VMS:FUNCTION:CMS
-DH_KDF_X9_42 4735 EXIST::FUNCTION:DH
+DH_KDF_X9_42 4735 EXIST::FUNCTION:CMS,DH
RSA_OAEP_PARAMS_free 4736 EXIST::FUNCTION:RSA
EVP_des_ede3_wrap 4737 EXIST::FUNCTION:DES
RSA_OAEP_PARAMS_it 4738 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
More information about the openssl-commits
mailing list