From openssl at openssl.org Fri Mar 1 01:28:04 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 01 Mar 2019 01:28:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec Message-ID: <1551403684.521253.5859.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec Commit log since last time: 69f6b3ceab apps/ca.c: only output DER with SPKAC input and when -out is chosen cee719c2d8 The use of the likes of UINT32_MAX requires internal/numbers.h Build log ended with (last 100 lines): ar r apps/libapps.a apps/libapps-lib-app_rand.o apps/libapps-lib-apps.o apps/libapps-lib-apps_ui.o apps/libapps-lib-bf_prefix.o apps/libapps-lib-fmt.o apps/libapps-lib-opt.o apps/libapps-lib-s_cb.o apps/libapps-lib-s_socket.o ar: creating apps/libapps.a ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -Icrypto -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s ar r libssl.a ssl/libssl-lib-bio_ssl.o ssl/libssl-lib-d1_lib.o ssl/libssl-lib-d1_msg.o ssl/libssl-lib-d1_srtp.o ssl/libssl-lib-methods.o ssl/libssl-lib-packet.o ssl/libssl-lib-pqueue.o ssl/libssl-lib-s3_cbc.o ssl/libssl-lib-s3_enc.o ssl/libssl-lib-s3_lib.o ssl/libssl-lib-s3_msg.o ssl/libssl-lib-ssl_asn1.o ssl/libssl-lib-ssl_cert.o ssl/libssl-lib-ssl_ciph.o ssl/libssl-lib-ssl_conf.o ssl/libssl-lib-ssl_err.o ssl/libssl-lib-ssl_init.o ssl/libssl-lib-ssl_lib.o ssl/libssl-lib-ssl_mcnf.o ssl/libssl-lib-ssl_rsa.o ssl/libssl-lib-ssl_sess.o ssl/libssl-lib-ssl_stat.o ssl/libssl-lib-ssl_txt.o ssl/libssl-lib-ssl_utst.o ssl/libssl-lib-t1_enc.o ssl/libssl-lib-t1_lib.o ssl/libssl-lib-t1_trce.o ssl/libssl-lib-tls13_enc.o ssl/libssl-lib-tls_srp.o ssl/record/libssl-lib-dtls1_bitmap.o ssl/record/libssl-lib-rec_layer_d1.o ssl/record/libssl-lib-rec_layer_s3.o ssl/record/libssl-lib-ssl3_buffer.o ssl/record/libssl-lib-ssl3_record.o ssl/record/libssl-lib-ssl3_record_tls13.o ssl/statem/libssl-lib-extensions.o ssl/statem/libssl-lib-extensions_clnt.o ssl/statem/libssl-lib-extensions_cust.o ssl/statem/libssl-lib-extensions_srvr.o ssl/statem/libssl-lib-statem.o ssl/statem/libssl-lib-statem_clnt.o ssl/statem/libssl-lib-statem_dtls.o ssl/statem/libssl-lib-statem_lib.o ssl/statem/libssl-lib-statem_srvr.o ar: creating libssl.a ar r test/libtestutil.a apps/libtestutil-lib-opt.o test/testutil/libtestutil-lib-basic_output.o test/testutil/libtestutil-lib-cb.o test/testutil/libtestutil-lib-driver.o test/testutil/libtestutil-lib-format_output.o test/testutil/libtestutil-lib-init.o test/testutil/libtestutil-lib-main.o test/testutil/libtestutil-lib-options.o test/testutil/libtestutil-lib-output_helpers.o test/testutil/libtestutil-lib-stanza.o test/testutil/libtestutil-lib-tap_bio.o test/testutil/libtestutil-lib-test_cleanup.o test/testutil/libtestutil-lib-test_options.o test/testutil/libtestutil-lib-tests.o ar: creating test/libtestutil.a ranlib test/libtestutil.a || echo Never mind. ranlib libssl.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -L. -Wl,-znodelete -shared -Wl,-Bsymbolic -Wl,-soname=libcrypto.so.3 \ -o libcrypto.so.3 -Wl,--version-script=libcrypto.ld crypto/aes/libcrypto-shlib-aes-x86_64.o crypto/aes/libcrypto-shlib-aes_cfb.o crypto/aes/libcrypto-shlib-aes_ecb.o crypto/aes/libcrypto-shlib-aes_ige.o crypto/aes/libcrypto-shlib-aes_misc.o crypto/aes/libcrypto-shlib-aes_ofb.o crypto/aes/libcrypto-shlib-aes_wrap.o crypto/aes/libcrypto-shlib-aesni-mb-x86_64.o crypto/aes/libcrypto-shlib-aesni-sha1-x86_64.o crypto/aes/libcrypto-shlib-aesni-sha256-x86_64.o crypto/aes/libcrypto-shlib-aesni-x86_64.o crypto/aes/libcrypto-shlib-bsaes-x86_64.o crypto/aes/libcrypto-shlib-vpaes-x86_64.o crypto/aria/libcrypto-shlib-aria.o crypto/asn1/libcrypto-shlib-a_bitstr.o crypto/asn1/libcrypto-shlib-a_d2i_fp.o crypto/asn1/libcrypto-shlib-a_digest.o crypto/asn1/libcrypto-shlib-a_dup.o crypto/asn1/libcrypto-shlib-a_gentm.o crypto/asn1/libcrypto-shlib-a_i2d_fp.o crypto/asn1/libcrypto-shlib-a_int.o crypto/asn1/libcrypto-shlib-a_mbstr.o crypto/asn1/libcrypto-shlib-a_object.o crypto/asn1/libcrypto-shlib-a_octet.o crypto/asn1/libcrypto-shlib-a_print.o crypto/asn1/libcrypto-shlib-a_sign.o crypto/asn1/libcrypto-shlib-a_strex.o crypto/asn1/libcrypto-shlib-a_strnid.o crypto/asn1/libcrypto-shlib-a_time.o crypto/asn1/libcrypto-shlib-a_type.o crypto/asn1/libcrypto-shlib-a_utctm.o crypto/asn1/libcrypto-shlib-a_utf8.o crypto/asn1/libcrypto-shlib-a_verify.o crypto/asn1/libcrypto-shlib-ameth_lib.o crypto/asn1/libcrypto-shlib-asn1_err.o crypto/asn1/libcrypto-shlib-asn1_gen.o crypto/asn1/libcrypto-shlib-asn1_item_list.o crypto/asn1/libcrypto-shlib-asn1_lib.o crypto/asn1/libcrypto-shlib-asn1_par.o crypto/asn1/libcrypto-shlib-asn_mime.o crypto/asn1/libcrypto-shlib-asn_moid.o crypto/asn1/libcrypto-shlib-asn_mstbl.o crypto/asn1/libcrypto-shlib-asn_pack.o crypto/asn1/libcrypto-shlib-bio_asn1.o crypto/asn1/libcrypto-shlib-bio_ndef.o crypto/asn1/libcrypto-shlib-d2i_pr.o crypto/asn1/libcrypto-shlib-d2i_pu.o crypto/asn1/libcrypto-shlib-evp_asn1.o crypto/asn1/libcrypto-shlib-f_int.o crypto/asn1/libcrypto-shlib-f_string.o crypto/asn1/libcrypto-shlib-i2d_pr.o crypto/asn1/libcrypto-shlib-i2d_pu.o crypto/asn1/libcrypto-shlib-n_pkey.o crypto/asn1/libcrypto-shlib-nsseq.o crypto/asn1/libcrypto-shlib-p5_pbe.o crypto/asn1/libcrypto-shlib-p5_pbev2.o crypto/asn1/libcrypto-shlib-p5_scrypt.o crypto/asn1/libcrypto-shlib-p8_pkey.o crypto/asn1/libcrypto-shlib-t_bitst.o crypto/asn1/libcrypto-shlib-t_pkey.o crypto/asn1/libcrypto-shlib-t_spki.o crypto/asn1/libcrypto-shlib-tasn_dec.o crypto/asn1/libcrypto-shlib-tasn_enc.o crypto/asn1/libcrypto-shlib-tasn_fre.o crypto/asn1/libcrypto-shlib-tasn_new.o crypto/asn1/libcrypto-shlib-tasn_prn.o crypto/asn1/libcrypto-shlib-tasn_scn.o crypto/asn1/libcrypto-shlib-tasn_typ.o crypto/asn1/libcrypto-shlib-tasn_utl.o crypto/asn1/libcrypto-shlib-x_algor.o crypto/asn1/libcrypto-shlib-x_bignum.o crypto/asn1/libcrypto-shlib-x_info.o crypto/asn1/libcrypto-shlib-x_int64.o crypto/asn1/libcrypto-shlib-x_long.o crypto/asn1/libcrypto-shlib-x_pkey.o crypto/asn1/libcrypto-shlib-x_sig.o crypto/asn1/libcrypto-shlib-x_spki.o crypto/asn1/libcrypto-shlib-x_val.o crypto/async/arch/libcrypto-shlib-async_null.o crypto/async/arch/libcrypto-shlib-async_posix.o crypto/async/arch/libcrypto-shlib-async_win.o crypto/async/libcrypto-shlib-async.o crypto/async/libcrypto-shlib-async_err.o crypto/async/libcrypto-shlib-async_wait.o crypto/bf/libcrypto-shlib-bf_cfb64.o crypto/bf/libcrypto-shlib-bf_ecb.o crypto/bf/libcrypto-shlib-bf_enc.o crypto/bf/libcrypto-shlib-bf_ofb64.o crypto/bf/libcrypto-shlib-bf_skey.o crypto/bio/libcrypto-shlib-b_addr.o crypto/bio/libcrypto-shlib-b_dump.o crypto/bio/libcrypto-shlib-b_print.o crypto/bio/libcrypto-shlib-b_sock.o crypto/bio/libcrypto-shlib-b_sock2.o crypto/bio/libcrypto-shlib-bf_buff.o crypto/bio/libcrypto-shlib-bf_lbuf.o crypto/bio/libcrypto-shlib-bf_nbio.o crypto/bio/libcrypto-shlib-bf_null.o crypto/bio/libcrypto-shlib-bio_cb.o crypto/bio/libcrypto-shlib-bio_err.o crypto/bio/libcrypto-shlib-bio_lib.o crypto/bio/libcrypto-shlib-bio_meth.o crypto/bio/libcrypto-shlib-bss_acpt.o crypto/bio/libcrypto-shlib-bss_bio.o crypto/bio/libcrypto-shlib-bss_conn.o crypto/bio/libcrypto-shlib-bss_dgram.o crypto/bio/libcrypto-shlib-bss_fd.o crypto/bio/libcrypto-shlib-bss_file.o crypto/bio/libcrypto-shlib-bss_log.o crypto/bio/libcrypto-shlib-bss_mem.o crypto/bio/libcrypto-shlib-bss_null.o crypto/bio/libcrypto-shlib-bss_sock.o crypto/blake2/libcrypto-shlib-blake2b.o crypto/blake2/libcrypto-shlib-blake2b_mac.o crypto/blake2/libcrypto-shlib-blake2s.o crypto/blake2/libcrypto-shlib-blake2s_mac.o crypto/blake2/libcrypto-shlib-m_blake2b.o crypto/blake2/libcrypto-shlib-m_blake2s.o crypto/bn/asm/libcrypto-shlib-x86_64-gcc.o crypto/bn/libcrypto-shlib-bn_add.o crypto/bn/libcrypto-shlib-bn_blind.o crypto/bn/libcrypto-shlib-bn_const.o crypto/bn/libcrypto-shlib-bn_ctx.o crypto/bn/libcrypto-shlib-bn_depr.o crypto/bn/libcrypto-shlib-bn_dh.o crypto/bn/libcrypto-shlib-bn_div.o crypto/bn/libcrypto-shlib-bn_err.o crypto/bn/libcrypto-shlib-bn_exp.o crypto/bn/libcrypto-shlib-bn_exp2.o crypto/bn/libcrypto-shlib-bn_gcd.o crypto/bn/libcrypto-shlib-bn_gf2m.o crypto/bn/libcrypto-shlib-bn_intern.o crypto/bn/libcrypto-shlib-bn_kron.o crypto/bn/libcrypto-shlib-bn_lib.o crypto/bn/libcrypto-shlib-bn_mod.o crypto/bn/libcrypto-shlib-bn_mont.o crypto/bn/libcrypto-shlib-bn_mpi.o crypto/bn/libcrypto-shlib-bn_mul.o crypto/bn/libcrypto-shlib-bn_nist.o crypto/bn/libcrypto-shlib-bn_prime.o crypto/bn/libcrypto-shlib-bn_print.o crypto/bn/libcrypto-shlib-bn_rand.o crypto/bn/libcrypto-shlib-bn_recp.o crypto/bn/libcrypto-shlib-bn_shift.o crypto/bn/libcrypto-shlib-bn_sqr.o crypto/bn/libcrypto-shlib-bn_sqrt.o crypto/bn/libcrypto-shlib-bn_srp.o crypto/bn/libcrypto-shlib-bn_word.o crypto/bn/libcrypto-shlib-bn_x931p.o crypto/bn/libcrypto-shlib-rsaz-avx2.o crypto/bn/libcrypto-shlib-rsaz-x86_64.o crypto/bn/libcrypto-shlib-rsaz_exp.o crypto/bn/libcrypto-shlib-x86_64-gf2m.o crypto/bn/libcrypto-shlib-x86_64-mont.o crypto/bn/libcrypto-shlib-x86_64-mont5.o crypto/buffer/libcrypto-shlib-buf_err.o crypto/buffer/libcrypto-shlib-buffer.o crypto/camellia/libcrypto-shlib-cmll-x86_64.o crypto/camellia/libcrypto-shlib-cmll_cfb.o crypto/camellia/libcrypto-shlib-cmll_ctr.o crypto/camellia/libcrypto-shlib-cmll_ecb.o crypto/camellia/libcrypto-shlib-cmll_misc.o crypto/camellia/libcrypto-shlib-cmll_ofb.o crypto/cast/libcrypto-shlib-c_cfb64.o crypto/cast/libcrypto-shlib-c_ecb.o crypto/cast/libcrypto-shlib-c_enc.o crypto/cast/libcrypto-shlib-c_ofb64.o crypto/cast/libcrypto-shlib-c_skey.o crypto/chacha/libcrypto-shlib-chacha-x86_64.o crypto/cmac/libcrypto-shlib-cm_ameth.o crypto/cmac/libcrypto-shlib-cm_meth.o crypto/cmac/libcrypto-shlib-cmac.o crypto/cms/libcrypto-shlib-cms_asn1.o crypto/cms/libcrypto-shlib-cms_att.o crypto/cms/libcrypto-shlib-cms_cd.o crypto/cms/libcrypto-shlib-cms_dd.o crypto/cms/libcrypto-shlib-cms_enc.o crypto/cms/libcrypto-shlib-cms_env.o crypto/cms/libcrypto-shlib-cms_err.o crypto/cms/libcrypto-shlib-cms_ess.o crypto/cms/libcrypto-shlib-cms_io.o crypto/cms/libcrypto-shlib-cms_kari.o crypto/cms/libcrypto-shlib-cms_lib.o crypto/cms/libcrypto-shlib-cms_pwri.o crypto/cms/libcrypto-shlib-cms_sd.o crypto/cms/libcrypto-shlib-cms_smime.o crypto/comp/libcrypto-shlib-c_zlib.o crypto/comp/libcrypto-shlib-comp_err.o crypto/comp/libcrypto-shlib-comp_lib.o crypto/conf/libcrypto-shlib-conf_api.o crypto/conf/libcrypto-shlib-conf_def.o crypto/conf/libcrypto-shlib-conf_err.o crypto/conf/libcrypto-shlib-conf_lib.o crypto/conf/libcrypto-shlib-conf_mall.o crypto/conf/libcrypto-shlib-conf_mod.o crypto/conf/libcrypto-shlib-conf_sap.o crypto/conf/libcrypto-shlib-conf_ssl.o crypto/ct/libcrypto-shlib-ct_b64.o crypto/ct/libcrypto-shlib-ct_err.o crypto/ct/libcrypto-shlib-ct_log.o crypto/ct/libcrypto-shlib-ct_oct.o crypto/ct/libcrypto-shlib-ct_policy.o crypto/ct/libcrypto-shlib-ct_prn.o crypto/ct/libcrypto-shlib-ct_sct.o crypto/ct/libcrypto-shlib-ct_sct_ctx.o crypto/ct/libcrypto-shlib-ct_vfy.o crypto/ct/libcrypto-shlib-ct_x509v3.o crypto/des/libcrypto-shlib-cbc_cksm.o crypto/des/libcrypto-shlib-cbc_enc.o crypto/des/libcrypto-shlib-cfb64ede.o crypto/des/libcrypto-shlib-cfb64enc.o crypto/des/libcrypto-shlib-cfb_enc.o crypto/des/libcrypto-shlib-des_enc.o crypto/des/libcrypto-shlib-ecb3_enc.o crypto/des/libcrypto-shlib-ecb_enc.o crypto/des/libcrypto-shlib-fcrypt.o crypto/des/libcrypto-shlib-fcrypt_b.o crypto/des/libcrypto-shlib-ofb64ede.o crypto/des/libcrypto-shlib-ofb64enc.o crypto/des/libcrypto-shlib-ofb_enc.o crypto/des/libcrypto-shlib-pcbc_enc.o crypto/des/libcrypto-shlib-qud_cksm.o crypto/des/libcrypto-shlib-rand_key.o crypto/des/libcrypto-shlib-set_key.o crypto/des/libcrypto-shlib-str2key.o crypto/des/libcrypto-shlib-xcbc_enc.o crypto/dh/libcrypto-shlib-dh_ameth.o crypto/dh/libcrypto-shlib-dh_asn1.o crypto/dh/libcrypto-shlib-dh_check.o crypto/dh/libcrypto-shlib-dh_depr.o crypto/dh/libcrypto-shlib-dh_err.o crypto/dh/libcrypto-shlib-dh_gen.o crypto/dh/libcrypto-shlib-dh_kdf.o crypto/dh/libcrypto-shlib-dh_key.o crypto/dh/libcrypto-shlib-dh_lib.o crypto/dh/libcrypto-shlib-dh_meth.o crypto/dh/libcrypto-shlib-dh_pmeth.o crypto/dh/libcrypto-shlib-dh_prn.o crypto/dh/libcrypto-shlib-dh_rfc5114.o crypto/dh/libcrypto-shlib-dh_rfc7919.o crypto/dsa/libcrypto-shlib-dsa_ameth.o crypto/dsa/libcrypto-shlib-dsa_asn1.o crypto/dsa/libcrypto-shlib-dsa_depr.o crypto/dsa/libcrypto-shlib-dsa_err.o crypto/dsa/libcrypto-shlib-dsa_gen.o crypto/dsa/libcrypto-shlib-dsa_key.o crypto/dsa/libcrypto-shlib-dsa_lib.o crypto/dsa/libcrypto-shlib-dsa_meth.o crypto/dsa/libcrypto-shlib-dsa_ossl.o crypto/dsa/libcrypto-shlib-dsa_pmeth.o crypto/dsa/libcrypto-shlib-dsa_prn.o crypto/dsa/libcrypto-shlib-dsa_sign.o crypto/dsa/libcrypto-shlib-dsa_vrf.o crypto/dso/libcrypto-shlib-dso_dl.o crypto/dso/libcrypto-shlib-dso_dlfcn.o crypto/dso/libcrypto-shlib-dso_err.o crypto/dso/libcrypto-shlib-dso_lib.o crypto/dso/libcrypto-shlib-dso_openssl.o crypto/dso/libcrypto-shlib-dso_vms.o crypto/dso/libcrypto-shlib-dso_win32.o crypto/engine/libcrypto-shlib-eng_all.o crypto/engine/libcrypto-shlib-eng_cnf.o crypto/engine/libcrypto-shlib-eng_ctrl.o crypto/engine/libcrypto-shlib-eng_dyn.o crypto/engine/libcrypto-shlib-eng_err.o crypto/engine/libcrypto-shlib-eng_fat.o crypto/engine/libcrypto-shlib-eng_init.o crypto/engine/libcrypto-shlib-eng_lib.o crypto/engine/libcrypto-shlib-eng_list.o crypto/engine/libcrypto-shlib-eng_openssl.o crypto/engine/libcrypto-shlib-eng_pkey.o crypto/engine/libcrypto-shlib-eng_rdrand.o crypto/engine/libcrypto-shlib-eng_table.o crypto/engine/libcrypto-shlib-tb_asnmth.o crypto/engine/libcrypto-shlib-tb_cipher.o crypto/engine/libcrypto-shlib-tb_dh.o crypto/engine/libcrypto-shlib-tb_digest.o crypto/engine/libcrypto-shlib-tb_dsa.o crypto/engine/libcrypto-shlib-tb_eckey.o crypto/engine/libcrypto-shlib-tb_pkmeth.o crypto/engine/libcrypto-shlib-tb_rand.o crypto/engine/libcrypto-shlib-tb_rsa.o crypto/err/libcrypto-shlib-err.o crypto/err/libcrypto-shlib-err_all.o crypto/err/libcrypto-shlib-err_prn.o crypto/ess/libcrypto-shlib-ess_asn1.o crypto/ess/libcrypto-shlib-ess_err.o crypto/ess/libcrypto-shlib-ess_lib.o crypto/evp/libcrypto-shlib-bio_b64.o crypto/evp/libcrypto-shlib-bio_enc.o crypto/evp/libcrypto-shlib-bio_md.o crypto/evp/libcrypto-shlib-bio_ok.o crypto/evp/libcrypto-shlib-c_allc.o crypto/evp/libcrypto-shlib-c_alld.o crypto/evp/libcrypto-shlib-c_allm.o crypto/evp/libcrypto-shlib-cmeth_lib.o crypto/evp/libcrypto-shlib-digest.o crypto/evp/libcrypto-shlib-e_aes.o crypto/evp/libcrypto-shlib-e_aes_cbc_hmac_sha1.o crypto/evp/libcrypto-shlib-e_aes_cbc_hmac_sha256.o crypto/evp/libcrypto-shlib-e_aria.o crypto/evp/libcrypto-shlib-e_bf.o crypto/evp/libcrypto-shlib-e_camellia.o crypto/evp/libcrypto-shlib-e_cast.o crypto/evp/libcrypto-shlib-e_chacha20_poly1305.o crypto/evp/libcrypto-shlib-e_des.o crypto/evp/libcrypto-shlib-e_des3.o crypto/evp/libcrypto-shlib-e_idea.o crypto/evp/libcrypto-shlib-e_null.o crypto/evp/libcrypto-shlib-e_old.o crypto/evp/libcrypto-shlib-e_rc2.o crypto/evp/libcrypto-shlib-e_rc4.o crypto/evp/libcrypto-shlib-e_rc4_hmac_md5.o crypto/evp/libcrypto-shlib-e_rc5.o crypto/evp/libcrypto-shlib-e_seed.o crypto/evp/libcrypto-shlib-e_sm4.o crypto/evp/libcrypto-shlib-e_xcbc_d.o crypto/evp/libcrypto-shlib-encode.o crypto/evp/libcrypto-shlib-evp_cnf.o crypto/evp/libcrypto-shlib-evp_enc.o crypto/evp/libcrypto-shlib-evp_err.o crypto/evp/libcrypto-shlib-evp_key.o crypto/evp/libcrypto-shlib-evp_lib.o crypto/evp/libcrypto-shlib-evp_pbe.o crypto/evp/libcrypto-shlib-evp_pkey.o crypto/evp/libcrypto-shlib-kdf_lib.o crypto/evp/libcrypto-shlib-m_md2.o crypto/evp/libcrypto-shlib-m_md4.o crypto/evp/libcrypto-shlib-m_md5.o crypto/evp/libcrypto-shlib-m_md5_sha1.o crypto/evp/libcrypto-shlib-m_mdc2.o crypto/evp/libcrypto-shlib-m_null.o crypto/evp/libcrypto-shlib-m_ripemd.o crypto/evp/libcrypto-shlib-m_sha1.o crypto/evp/libcrypto-shlib-m_sha3.o crypto/evp/libcrypto-shlib-m_sigver.o crypto/evp/libcrypto-shlib-m_wp.o crypto/evp/libcrypto-shlib-mac_lib.o crypto/evp/libcrypto-shlib-names.o crypto/evp/libcrypto-shlib-p5_crpt.o crypto/evp/libcrypto-shlib-p5_crpt2.o crypto/evp/libcrypto-shlib-p_dec.o crypto/evp/libcrypto-shlib-p_enc.o crypto/evp/libcrypto-shlib-p_lib.o crypto/evp/libcrypto-shlib-p_open.o crypto/evp/libcrypto-shlib-p_seal.o crypto/evp/libcrypto-shlib-p_sign.o crypto/evp/libcrypto-shlib-p_verify.o crypto/evp/libcrypto-shlib-pbe_scrypt.o crypto/evp/libcrypto-shlib-pkey_kdf.o crypto/evp/libcrypto-shlib-pkey_mac.o crypto/evp/libcrypto-shlib-pmeth_fn.o crypto/evp/libcrypto-shlib-pmeth_gn.o crypto/evp/libcrypto-shlib-pmeth_lib.o crypto/gmac/libcrypto-shlib-gmac.o crypto/hmac/libcrypto-shlib-hm_ameth.o crypto/hmac/libcrypto-shlib-hm_meth.o crypto/hmac/libcrypto-shlib-hmac.o crypto/idea/libcrypto-shlib-i_cbc.o crypto/idea/libcrypto-shlib-i_cfb64.o crypto/idea/libcrypto-shlib-i_ecb.o crypto/idea/libcrypto-shlib-i_ofb64.o crypto/idea/libcrypto-shlib-i_skey.o crypto/kdf/libcrypto-shlib-hkdf.o crypto/kdf/libcrypto-shlib-kdf_err.o crypto/kdf/libcrypto-shlib-kdf_util.o crypto/kdf/libcrypto-shlib-pbkdf2.o crypto/kdf/libcrypto-shlib-scrypt.o crypto/kdf/libcrypto-shlib-sshkdf.o crypto/kdf/libcrypto-shlib-tls1_prf.o crypto/kmac/libcrypto-shlib-kmac.o crypto/lhash/libcrypto-shlib-lh_stats.o crypto/lhash/libcrypto-shlib-lhash.o crypto/libcrypto-shlib-context.o crypto/libcrypto-shlib-cpt_err.o crypto/libcrypto-shlib-cryptlib.o crypto/libcrypto-shlib-ctype.o crypto/libcrypto-shlib-cversion.o crypto/libcrypto-shlib-ebcdic.o crypto/libcrypto-shlib-ex_data.o crypto/libcrypto-shlib-getenv.o crypto/libcrypto-shlib-init.o crypto/libcrypto-shlib-mem.o crypto/libcrypto-shlib-mem_dbg.o crypto/libcrypto-shlib-mem_sec.o crypto/libcrypto-shlib-o_dir.o crypto/libcrypto-shlib-o_fips.o crypto/libcrypto-shlib-o_fopen.o crypto/libcrypto-shlib-o_init.o crypto/libcrypto-shlib-o_str.o crypto/libcrypto-shlib-o_time.o crypto/libcrypto-shlib-sparse_array.o crypto/libcrypto-shlib-threads_none.o crypto/libcrypto-shlib-threads_pthread.o crypto/libcrypto-shlib-threads_win.o crypto/libcrypto-shlib-uid.o crypto/libcrypto-shlib-x86_64cpuid.o crypto/md4/libcrypto-shlib-md4_dgst.o crypto/md4/libcrypto-shlib-md4_one.o crypto/md5/libcrypto-shlib-md5-x86_64.o crypto/md5/libcrypto-shlib-md5_dgst.o crypto/md5/libcrypto-shlib-md5_one.o crypto/mdc2/libcrypto-shlib-mdc2_one.o crypto/mdc2/libcrypto-shlib-mdc2dgst.o crypto/modes/libcrypto-shlib-aesni-gcm-x86_64.o crypto/modes/libcrypto-shlib-cbc128.o crypto/modes/libcrypto-shlib-ccm128.o crypto/modes/libcrypto-shlib-cfb128.o crypto/modes/libcrypto-shlib-ctr128.o crypto/modes/libcrypto-shlib-cts128.o crypto/modes/libcrypto-shlib-gcm128.o crypto/modes/libcrypto-shlib-ghash-x86_64.o crypto/modes/libcrypto-shlib-ocb128.o crypto/modes/libcrypto-shlib-ofb128.o crypto/modes/libcrypto-shlib-siv128.o crypto/modes/libcrypto-shlib-wrap128.o crypto/modes/libcrypto-shlib-xts128.o crypto/objects/libcrypto-shlib-o_names.o crypto/objects/libcrypto-shlib-obj_dat.o crypto/objects/libcrypto-shlib-obj_err.o crypto/objects/libcrypto-shlib-obj_lib.o crypto/objects/libcrypto-shlib-obj_xref.o crypto/ocsp/libcrypto-shlib-ocsp_asn.o crypto/ocsp/libcrypto-shlib-ocsp_cl.o crypto/ocsp/libcrypto-shlib-ocsp_err.o crypto/ocsp/libcrypto-shlib-ocsp_ext.o crypto/ocsp/libcrypto-shlib-ocsp_ht.o crypto/ocsp/libcrypto-shlib-ocsp_lib.o crypto/ocsp/libcrypto-shlib-ocsp_prn.o crypto/ocsp/libcrypto-shlib-ocsp_srv.o crypto/ocsp/libcrypto-shlib-ocsp_vfy.o crypto/ocsp/libcrypto-shlib-v3_ocsp.o crypto/pem/libcrypto-shlib-pem_all.o crypto/pem/libcrypto-shlib-pem_err.o crypto/pem/libcrypto-shlib-pem_info.o crypto/pem/libcrypto-shlib-pem_lib.o crypto/pem/libcrypto-shlib-pem_oth.o crypto/pem/libcrypto-shlib-pem_pk8.o crypto/pem/libcrypto-shlib-pem_pkey.o crypto/pem/libcrypto-shlib-pem_sign.o crypto/pem/libcrypto-shlib-pem_x509.o crypto/pem/libcrypto-shlib-pem_xaux.o crypto/pem/libcrypto-shlib-pvkfmt.o crypto/pkcs12/libcrypto-shlib-p12_add.o crypto/pkcs12/libcrypto-shlib-p12_asn.o crypto/pkcs12/libcrypto-shlib-p12_attr.o crypto/pkcs12/libcrypto-shlib-p12_crpt.o crypto/pkcs12/libcrypto-shlib-p12_crt.o crypto/pkcs12/libcrypto-shlib-p12_decr.o crypto/pkcs12/libcrypto-shlib-p12_init.o crypto/pkcs12/libcrypto-shlib-p12_key.o crypto/pkcs12/libcrypto-shlib-p12_kiss.o crypto/pkcs12/libcrypto-shlib-p12_mutl.o crypto/pkcs12/libcrypto-shlib-p12_npas.o crypto/pkcs12/libcrypto-shlib-p12_p8d.o crypto/pkcs12/libcrypto-shlib-p12_p8e.o crypto/pkcs12/libcrypto-shlib-p12_sbag.o crypto/pkcs12/libcrypto-shlib-p12_utl.o crypto/pkcs12/libcrypto-shlib-pk12err.o crypto/pkcs7/libcrypto-shlib-bio_pk7.o crypto/pkcs7/libcrypto-shlib-pk7_asn1.o crypto/pkcs7/libcrypto-shlib-pk7_attr.o crypto/pkcs7/libcrypto-shlib-pk7_doit.o crypto/pkcs7/libcrypto-shlib-pk7_lib.o crypto/pkcs7/libcrypto-shlib-pk7_mime.o crypto/pkcs7/libcrypto-shlib-pk7_smime.o crypto/pkcs7/libcrypto-shlib-pkcs7err.o crypto/poly1305/libcrypto-shlib-poly1305-x86_64.o crypto/poly1305/libcrypto-shlib-poly1305.o crypto/poly1305/libcrypto-shlib-poly1305_ameth.o crypto/poly1305/libcrypto-shlib-poly1305_meth.o crypto/property/libcrypto-shlib-defn_cache.o crypto/property/libcrypto-shlib-property.o crypto/property/libcrypto-shlib-property_err.o crypto/property/libcrypto-shlib-property_parse.o crypto/property/libcrypto-shlib-property_string.o crypto/rand/libcrypto-shlib-drbg_ctr.o crypto/rand/libcrypto-shlib-drbg_hash.o crypto/rand/libcrypto-shlib-drbg_hmac.o crypto/rand/libcrypto-shlib-drbg_lib.o crypto/rand/libcrypto-shlib-rand_egd.o crypto/rand/libcrypto-shlib-rand_err.o crypto/rand/libcrypto-shlib-rand_lib.o crypto/rand/libcrypto-shlib-rand_unix.o crypto/rand/libcrypto-shlib-rand_vms.o crypto/rand/libcrypto-shlib-rand_win.o crypto/rand/libcrypto-shlib-randfile.o crypto/rc2/libcrypto-shlib-rc2_cbc.o crypto/rc2/libcrypto-shlib-rc2_ecb.o crypto/rc2/libcrypto-shlib-rc2_skey.o crypto/rc2/libcrypto-shlib-rc2cfb64.o crypto/rc2/libcrypto-shlib-rc2ofb64.o crypto/rc4/libcrypto-shlib-rc4-md5-x86_64.o crypto/rc4/libcrypto-shlib-rc4-x86_64.o crypto/ripemd/libcrypto-shlib-rmd_dgst.o crypto/ripemd/libcrypto-shlib-rmd_one.o crypto/rsa/libcrypto-shlib-rsa_ameth.o crypto/rsa/libcrypto-shlib-rsa_asn1.o crypto/rsa/libcrypto-shlib-rsa_chk.o crypto/rsa/libcrypto-shlib-rsa_crpt.o crypto/rsa/libcrypto-shlib-rsa_depr.o crypto/rsa/libcrypto-shlib-rsa_err.o crypto/rsa/libcrypto-shlib-rsa_gen.o crypto/rsa/libcrypto-shlib-rsa_lib.o crypto/rsa/libcrypto-shlib-rsa_meth.o crypto/rsa/libcrypto-shlib-rsa_mp.o crypto/rsa/libcrypto-shlib-rsa_none.o crypto/rsa/libcrypto-shlib-rsa_oaep.o crypto/rsa/libcrypto-shlib-rsa_ossl.o crypto/rsa/libcrypto-shlib-rsa_pk1.o crypto/rsa/libcrypto-shlib-rsa_pmeth.o crypto/rsa/libcrypto-shlib-rsa_prn.o crypto/rsa/libcrypto-shlib-rsa_pss.o crypto/rsa/libcrypto-shlib-rsa_saos.o crypto/rsa/libcrypto-shlib-rsa_sign.o crypto/rsa/libcrypto-shlib-rsa_ssl.o crypto/rsa/libcrypto-shlib-rsa_x931.o crypto/rsa/libcrypto-shlib-rsa_x931g.o crypto/seed/libcrypto-shlib-seed.o crypto/seed/libcrypto-shlib-seed_cbc.o crypto/seed/libcrypto-shlib-seed_cfb.o crypto/seed/libcrypto-shlib-seed_ecb.o crypto/seed/libcrypto-shlib-seed_ofb.o crypto/sha/libcrypto-shlib-keccak1600-x86_64.o crypto/sha/libcrypto-shlib-sha1-mb-x86_64.o crypto/sha/libcrypto-shlib-sha1-x86_64.o crypto/sha/libcrypto-shlib-sha1_one.o crypto/sha/libcrypto-shlib-sha1dgst.o crypto/sha/libcrypto-shlib-sha256-mb-x86_64.o crypto/sha/libcrypto-shlib-sha256-x86_64.o crypto/sha/libcrypto-shlib-sha256.o crypto/sha/libcrypto-shlib-sha512-x86_64.o crypto/sha/libcrypto-shlib-sha512.o crypto/siphash/libcrypto-shlib-siphash.o crypto/siphash/libcrypto-shlib-siphash_ameth.o crypto/siphash/libcrypto-shlib-siphash_meth.o crypto/sm3/libcrypto-shlib-m_sm3.o crypto/sm3/libcrypto-shlib-sm3.o crypto/sm4/libcrypto-shlib-sm4.o crypto/srp/libcrypto-shlib-srp_lib.o crypto/srp/libcrypto-shlib-srp_vfy.o crypto/stack/libcrypto-shlib-stack.o crypto/store/libcrypto-shlib-loader_file.o crypto/store/libcrypto-shlib-store_err.o crypto/store/libcrypto-shlib-store_init.o crypto/store/libcrypto-shlib-store_lib.o crypto/store/libcrypto-shlib-store_register.o crypto/store/libcrypto-shlib-store_strings.o crypto/ts/libcrypto-shlib-ts_asn1.o crypto/ts/libcrypto-shlib-ts_conf.o crypto/ts/libcrypto-shlib-ts_err.o crypto/ts/libcrypto-shlib-ts_lib.o crypto/ts/libcrypto-shlib-ts_req_print.o crypto/ts/libcrypto-shlib-ts_req_utils.o crypto/ts/libcrypto-shlib-ts_rsp_print.o crypto/ts/libcrypto-shlib-ts_rsp_sign.o crypto/ts/libcrypto-shlib-ts_rsp_utils.o crypto/ts/libcrypto-shlib-ts_rsp_verify.o crypto/ts/libcrypto-shlib-ts_verify_ctx.o crypto/txt_db/libcrypto-shlib-txt_db.o crypto/ui/libcrypto-shlib-ui_err.o crypto/ui/libcrypto-shlib-ui_lib.o crypto/ui/libcrypto-shlib-ui_null.o crypto/ui/libcrypto-shlib-ui_openssl.o crypto/ui/libcrypto-shlib-ui_util.o crypto/whrlpool/libcrypto-shlib-wp-x86_64.o crypto/whrlpool/libcrypto-shlib-wp_dgst.o crypto/x509/libcrypto-shlib-by_dir.o crypto/x509/libcrypto-shlib-by_file.o crypto/x509/libcrypto-shlib-t_crl.o crypto/x509/libcrypto-shlib-t_req.o crypto/x509/libcrypto-shlib-t_x509.o crypto/x509/libcrypto-shlib-x509_att.o crypto/x509/libcrypto-shlib-x509_cmp.o crypto/x509/libcrypto-shlib-x509_d2.o crypto/x509/libcrypto-shlib-x509_def.o crypto/x509/libcrypto-shlib-x509_err.o crypto/x509/libcrypto-shlib-x509_ext.o crypto/x509/libcrypto-shlib-x509_lu.o crypto/x509/libcrypto-shlib-x509_meth.o crypto/x509/libcrypto-shlib-x509_obj.o crypto/x509/libcrypto-shlib-x509_r2x.o crypto/x509/libcrypto-shlib-x509_req.o crypto/x509/libcrypto-shlib-x509_set.o crypto/x509/libcrypto-shlib-x509_trs.o crypto/x509/libcrypto-shlib-x509_txt.o crypto/x509/libcrypto-shlib-x509_v3.o crypto/x509/libcrypto-shlib-x509_vfy.o crypto/x509/libcrypto-shlib-x509_vpm.o crypto/x509/libcrypto-shlib-x509cset.o crypto/x509/libcrypto-shlib-x509name.o crypto/x509/libcrypto-shlib-x509rset.o crypto/x509/libcrypto-shlib-x509spki.o crypto/x509/libcrypto-shlib-x509type.o crypto/x509/libcrypto-shlib-x_all.o crypto/x509/libcrypto-shlib-x_attrib.o crypto/x509/libcrypto-shlib-x_crl.o crypto/x509/libcrypto-shlib-x_exten.o crypto/x509/libcrypto-shlib-x_name.o crypto/x509/libcrypto-shlib-x_pubkey.o crypto/x509/libcrypto-shlib-x_req.o crypto/x509/libcrypto-shlib-x_x509.o crypto/x509/libcrypto-shlib-x_x509a.o crypto/x509v3/libcrypto-shlib-pcy_cache.o crypto/x509v3/libcrypto-shlib-pcy_data.o crypto/x509v3/libcrypto-shlib-pcy_lib.o crypto/x509v3/libcrypto-shlib-pcy_map.o crypto/x509v3/libcrypto-shlib-pcy_node.o crypto/x509v3/libcrypto-shlib-pcy_tree.o crypto/x509v3/libcrypto-shlib-v3_addr.o crypto/x509v3/libcrypto-shlib-v3_admis.o crypto/x509v3/libcrypto-shlib-v3_akey.o crypto/x509v3/libcrypto-shlib-v3_akeya.o crypto/x509v3/libcrypto-shlib-v3_alt.o crypto/x509v3/libcrypto-shlib-v3_asid.o crypto/x509v3/libcrypto-shlib-v3_bcons.o crypto/x509v3/libcrypto-shlib-v3_bitst.o crypto/x509v3/libcrypto-shlib-v3_conf.o crypto/x509v3/libcrypto-shlib-v3_cpols.o crypto/x509v3/libcrypto-shlib-v3_crld.o crypto/x509v3/libcrypto-shlib-v3_enum.o crypto/x509v3/libcrypto-shlib-v3_extku.o crypto/x509v3/libcrypto-shlib-v3_genn.o crypto/x509v3/libcrypto-shlib-v3_ia5.o crypto/x509v3/libcrypto-shlib-v3_info.o crypto/x509v3/libcrypto-shlib-v3_int.o crypto/x509v3/libcrypto-shlib-v3_lib.o crypto/x509v3/libcrypto-shlib-v3_ncons.o crypto/x509v3/libcrypto-shlib-v3_pci.o crypto/x509v3/libcrypto-shlib-v3_pcia.o crypto/x509v3/libcrypto-shlib-v3_pcons.o crypto/x509v3/libcrypto-shlib-v3_pku.o crypto/x509v3/libcrypto-shlib-v3_pmaps.o crypto/x509v3/libcrypto-shlib-v3_prn.o crypto/x509v3/libcrypto-shlib-v3_purp.o crypto/x509v3/libcrypto-shlib-v3_skey.o crypto/x509v3/libcrypto-shlib-v3_sxnet.o crypto/x509v3/libcrypto-shlib-v3_tlsf.o crypto/x509v3/libcrypto-shlib-v3_utl.o crypto/x509v3/libcrypto-shlib-v3err.o \ -ldl -pthread clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DPADLOCK_ASM -c -o engines/padlock-dso-e_padlock-x86_64.o engines/e_padlock-x86_64.s clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-asn1pars.d.tmp -MT apps/openssl-bin-asn1pars.o -c -o apps/openssl-bin-asn1pars.o ../openssl/apps/asn1pars.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-ca.d.tmp -MT apps/openssl-bin-ca.o -c -o apps/openssl-bin-ca.o ../openssl/apps/ca.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-ciphers.d.tmp -MT apps/openssl-bin-ciphers.o -c -o apps/openssl-bin-ciphers.o ../openssl/apps/ciphers.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-cms.d.tmp -MT apps/openssl-bin-cms.o -c -o apps/openssl-bin-cms.o ../openssl/apps/cms.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-crl.d.tmp -MT apps/openssl-bin-crl.o -c -o apps/openssl-bin-crl.o ../openssl/apps/crl.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-crl2p7.d.tmp -MT apps/openssl-bin-crl2p7.o -c -o apps/openssl-bin-crl2p7.o ../openssl/apps/crl2p7.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-dgst.d.tmp -MT apps/openssl-bin-dgst.o -c -o apps/openssl-bin-dgst.o ../openssl/apps/dgst.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-dhparam.d.tmp -MT apps/openssl-bin-dhparam.o -c -o apps/openssl-bin-dhparam.o ../openssl/apps/dhparam.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-dsa.d.tmp -MT apps/openssl-bin-dsa.o -c -o apps/openssl-bin-dsa.o ../openssl/apps/dsa.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-dsaparam.d.tmp -MT apps/openssl-bin-dsaparam.o -c -o apps/openssl-bin-dsaparam.o ../openssl/apps/dsaparam.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-ec.d.tmp -MT apps/openssl-bin-ec.o -c -o apps/openssl-bin-ec.o ../openssl/apps/ec.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-ecparam.d.tmp -MT apps/openssl-bin-ecparam.o -c -o apps/openssl-bin-ecparam.o ../openssl/apps/ecparam.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-enc.d.tmp -MT apps/openssl-bin-enc.o -c -o apps/openssl-bin-enc.o ../openssl/apps/enc.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-engine.d.tmp -MT apps/openssl-bin-engine.o -c -o apps/openssl-bin-engine.o ../openssl/apps/engine.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-errstr.d.tmp -MT apps/openssl-bin-errstr.o -c -o apps/openssl-bin-errstr.o ../openssl/apps/errstr.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-gendsa.d.tmp -MT apps/openssl-bin-gendsa.o -c -o apps/openssl-bin-gendsa.o ../openssl/apps/gendsa.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-genpkey.d.tmp -MT apps/openssl-bin-genpkey.o -c -o apps/openssl-bin-genpkey.o ../openssl/apps/genpkey.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-genrsa.d.tmp -MT apps/openssl-bin-genrsa.o -c -o apps/openssl-bin-genrsa.o ../openssl/apps/genrsa.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-nseq.d.tmp -MT apps/openssl-bin-nseq.o -c -o apps/openssl-bin-nseq.o ../openssl/apps/nseq.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-ocsp.d.tmp -MT apps/openssl-bin-ocsp.o -c -o apps/openssl-bin-ocsp.o ../openssl/apps/ocsp.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-openssl.d.tmp -MT apps/openssl-bin-openssl.o -c -o apps/openssl-bin-openssl.o ../openssl/apps/openssl.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-passwd.d.tmp -MT apps/openssl-bin-passwd.o -c -o apps/openssl-bin-passwd.o ../openssl/apps/passwd.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-pkcs12.d.tmp -MT apps/openssl-bin-pkcs12.o -c -o apps/openssl-bin-pkcs12.o ../openssl/apps/pkcs12.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-pkcs7.d.tmp -MT apps/openssl-bin-pkcs7.o -c -o apps/openssl-bin-pkcs7.o ../openssl/apps/pkcs7.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-pkcs8.d.tmp -MT apps/openssl-bin-pkcs8.o -c -o apps/openssl-bin-pkcs8.o ../openssl/apps/pkcs8.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-pkey.d.tmp -MT apps/openssl-bin-pkey.o -c -o apps/openssl-bin-pkey.o ../openssl/apps/pkey.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-pkeyparam.d.tmp -MT apps/openssl-bin-pkeyparam.o -c -o apps/openssl-bin-pkeyparam.o ../openssl/apps/pkeyparam.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-pkeyutl.d.tmp -MT apps/openssl-bin-pkeyutl.o -c -o apps/openssl-bin-pkeyutl.o ../openssl/apps/pkeyutl.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-prime.d.tmp -MT apps/openssl-bin-prime.o -c -o apps/openssl-bin-prime.o ../openssl/apps/prime.c clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-rand.d.tmp -MT apps/openssl-bin-rand.o -c -o apps/openssl-bin-rand.o ../openssl/apps/rand.c ../openssl/apps/pkeyutl.c:530:15: error: unknown type name 'EC_GROUP' const EC_GROUP *group = NULL; ^ ../openssl/apps/pkeyutl.c:537:26: error: implicit declaration of function 'EVP_PKEY_get0_EC_KEY' is invalid in C99 [-Werror,-Wimplicit-function-declaration] if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL ^ clang -Iapps -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -MMD -MF apps/openssl-bin-rehash.d.tmp -MT apps/openssl-bin-rehash.o -c -o apps/openssl-bin-rehash.o ../openssl/apps/rehash.c ../openssl/apps/pkeyutl.c:537:26: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes] ../openssl/apps/pkeyutl.c:537:24: error: incompatible integer to pointer conversion assigning to 'EC_KEY *' (aka 'struct ec_key_st *') from 'int' [-Werror,-Wint-conversion] if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~ ../openssl/apps/pkeyutl.c:538:33: error: implicit declaration of function 'EC_KEY_get0_group' is invalid in C99 [-Werror,-Wimplicit-function-declaration] || (group = EC_KEY_get0_group(eckey)) == NULL ^ ../openssl/apps/pkeyutl.c:538:33: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes] ../openssl/apps/pkeyutl.c:539:31: error: implicit declaration of function 'EC_GROUP_get_curve_name' is invalid in C99 [-Werror,-Wimplicit-function-declaration] || (nid = EC_GROUP_get_curve_name(group)) == 0) ^ ../openssl/apps/pkeyutl.c:539:31: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes] 8 errors generated. Makefile:11984: recipe for target 'apps/openssl-bin-pkeyutl.o' failed make[1]: *** [apps/openssl-bin-pkeyutl.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-ec' Makefile:164: recipe for target 'all' failed make: *** [all] Error 2 From no-reply at appveyor.com Fri Mar 1 04:39:25 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 04:39:25 +0000 Subject: Build failed: openssl master.22993 Message-ID: <20190301043925.1.9F2746939E16A513@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 1 05:06:54 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 05:06:54 +0000 Subject: Build completed: openssl master.22994 Message-ID: <20190301050654.1.2E811479D825A885@appveyor.com> An HTML attachment was scrubbed... URL: From yang.yang at baishancloud.com Fri Mar 1 06:16:23 2019 From: yang.yang at baishancloud.com (yang.yang at baishancloud.com) Date: Fri, 01 Mar 2019 06:16:23 +0000 Subject: [openssl] master update Message-ID: <1551420983.324441.26786.nullmailer@dev.openssl.org> The branch master has been updated via cc838ee2d66f7295bf7a7e6695aab1080d6791e9 (commit) via 4564e77ae9dd1866e8a033f03511b6a1792c024e (commit) from 69f6b3ceaba493e70e1296880ea6c93e40714f0f (commit) - Log ----------------------------------------------------------------- commit cc838ee2d66f7295bf7a7e6695aab1080d6791e9 Author: Paul Yang Date: Tue Feb 26 13:51:02 2019 +0800 Add section order check in util/find-doc-nits This patch checks if the EXAMPLES section in a pod file is placed before the RETURN VALUES section. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8338) commit 4564e77ae9dd1866e8a033f03511b6a1792c024e Author: Paul Yang Date: Tue Feb 26 13:11:10 2019 +0800 Place return values after examples in doc Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8338) ----------------------------------------------------------------------- Summary of changes: doc/internal/man3/openssl_ctx_get_data.pod | 16 ++-- doc/man3/ASN1_TIME_set.pod | 64 ++++++------- doc/man3/ASN1_generate_nconf.pod | 14 +-- doc/man3/BIO_push.pod | 14 +-- doc/man3/BIO_s_file.pod | 36 +++---- doc/man3/CONF_modules_load_file.pod | 12 +-- doc/man3/EVP_PKEY_set1_RSA.pod | 14 +-- doc/man3/OBJ_nid2obj.pod | 22 ++--- doc/man3/OPENSSL_s390xcap.pod | 8 +- doc/man3/PEM_read_bio_PrivateKey.pod | 130 +++++++++++++------------- doc/man3/SSL_CONF_cmd.pod | 34 +++---- doc/man3/SSL_CTX_load_verify_locations.pod | 34 +++---- doc/man3/SSL_CTX_set1_sigalgs.pod | 8 +- doc/man3/SSL_CTX_set_generate_session_id.pod | 16 ++-- doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod | 8 +- doc/man3/SSL_CTX_set_tmp_dh_callback.pod | 16 ++-- doc/man3/SSL_load_client_CA_file.pod | 30 +++--- doc/man3/X509_NAME_add_entry_by_txt.pod | 18 ++-- doc/man3/X509_NAME_get_index_by_NID.pod | 24 ++--- doc/man3/d2i_X509.pod | 26 +++--- util/find-doc-nits | 14 +++ 21 files changed, 286 insertions(+), 272 deletions(-) diff --git a/doc/internal/man3/openssl_ctx_get_data.pod b/doc/internal/man3/openssl_ctx_get_data.pod index ee98dc2..db066ad 100644 --- a/doc/internal/man3/openssl_ctx_get_data.pod +++ b/doc/internal/man3/openssl_ctx_get_data.pod @@ -39,6 +39,14 @@ context is freed. openssl_ctx_get_data() is used to retrieve a pointer to the data in the library context C associated with the given C. +=head1 RETURN VALUES + +openssl_ctx_new_index() returns -1 on error, otherwise the allocated +index number. + +openssl_ctx_get_data() returns a pointer on success, or C on +failure. + =head1 EXAMPLES =head2 Initialization @@ -88,14 +96,6 @@ To get and use the data stored in the library context, simply do this: */ FOO *data = openssl_ctx_get_data(ctx, foo_index); -=head1 RETURN VALUES - -openssl_ctx_new_index() returns -1 on error, otherwise the allocated -index number. - -openssl_ctx_get_data() returns a pointer on success, or C on -failure. - =head1 SEE ALSO L diff --git a/doc/man3/ASN1_TIME_set.pod b/doc/man3/ASN1_TIME_set.pod index 009e6f6..9db9970 100644 --- a/doc/man3/ASN1_TIME_set.pod +++ b/doc/man3/ASN1_TIME_set.pod @@ -173,38 +173,6 @@ certificates complying with RFC5280 et al use GMT anyway. Use the ASN1_TIME_normalize() function to normalize the time value before printing to get GMT results. -=head1 EXAMPLES - -Set a time structure to one hour after the current time and print it out: - - #include - #include - - ASN1_TIME *tm; - time_t t; - BIO *b; - - t = time(NULL); - tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60); - b = BIO_new_fp(stdout, BIO_NOCLOSE); - ASN1_TIME_print(b, tm); - ASN1_STRING_free(tm); - BIO_free(b); - -Determine if one time is later or sooner than the current time: - - int day, sec; - - if (!ASN1_TIME_diff(&day, &sec, NULL, to)) - /* Invalid time format */ - - if (day > 0 || sec > 0) - printf("Later\n"); - else if (day < 0 || sec < 0) - printf("Sooner\n"); - else - printf("Same\n"); - =head1 RETURN VALUES ASN1_TIME_set(), ASN1_UTCTIME_set(), ASN1_GENERALIZEDTIME_set(), ASN1_TIME_adj(), @@ -238,6 +206,38 @@ ASN1_TIME_compare() returns -1 if B is before B, 0 if B equals B, or ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time structure on success or NULL if an error occurred. +=head1 EXAMPLES + +Set a time structure to one hour after the current time and print it out: + + #include + #include + + ASN1_TIME *tm; + time_t t; + BIO *b; + + t = time(NULL); + tm = ASN1_TIME_adj(NULL, t, 0, 60 * 60); + b = BIO_new_fp(stdout, BIO_NOCLOSE); + ASN1_TIME_print(b, tm); + ASN1_STRING_free(tm); + BIO_free(b); + +Determine if one time is later or sooner than the current time: + + int day, sec; + + if (!ASN1_TIME_diff(&day, &sec, NULL, to)) + /* Invalid time format */ + + if (day > 0 || sec > 0) + printf("Later\n"); + else if (day < 0 || sec < 0) + printf("Sooner\n"); + else + printf("Same\n"); + =head1 HISTORY The ASN1_TIME_to_tm() function was added in OpenSSL 1.1.1. diff --git a/doc/man3/ASN1_generate_nconf.pod b/doc/man3/ASN1_generate_nconf.pod index 1dfe9f7..0ea71d2 100644 --- a/doc/man3/ASN1_generate_nconf.pod +++ b/doc/man3/ASN1_generate_nconf.pod @@ -162,6 +162,13 @@ bits are zero. =back +=head1 RETURN VALUES + +ASN1_generate_nconf() and ASN1_generate_v3() return the encoded +data as an B structure or B if an error occurred. + +The error codes that can be obtained by L. + =head1 EXAMPLES A simple IA5String: @@ -247,13 +254,6 @@ structure: e=INTEGER:0x010001 -=head1 RETURN VALUES - -ASN1_generate_nconf() and ASN1_generate_v3() return the encoded -data as an B structure or B if an error occurred. - -The error codes that can be obtained by L. - =head1 SEE ALSO L diff --git a/doc/man3/BIO_push.pod b/doc/man3/BIO_push.pod index 02b6f18..c5919f3 100644 --- a/doc/man3/BIO_push.pod +++ b/doc/man3/BIO_push.pod @@ -36,6 +36,13 @@ The process of calling BIO_push() and BIO_pop() on a BIO may have additional consequences (a control call is made to the affected BIOs) any effects will be noted in the descriptions of individual BIOs. +=head1 RETURN VALUES + +BIO_push() returns the end of the chain, B. + +BIO_pop() returns the next BIO in the chain, or NULL if there is no next +BIO. + =head1 EXAMPLES For these examples suppose B and B are digest BIOs, B is @@ -62,13 +69,6 @@ by B and B. If the call: The call will return B and the new chain will be B data can be written to B as before. -=head1 RETURN VALUES - -BIO_push() returns the end of the chain, B. - -BIO_pop() returns the next BIO in the chain, or NULL if there is no next -BIO. - =head1 SEE ALSO L diff --git a/doc/man3/BIO_s_file.pod b/doc/man3/BIO_s_file.pod index 5f0cdbe..0d6cc98 100644 --- a/doc/man3/BIO_s_file.pod +++ b/doc/man3/BIO_s_file.pod @@ -80,6 +80,24 @@ On Windows BIO_new_files reserves for the filename argument to be UTF-8 encoded. In other words if you have to make it work in multi- lingual environment, encode file names in UTF-8. +=head1 RETURN VALUES + +BIO_s_file() returns the file BIO method. + +BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error +occurred. + +BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure +(although the current implementation never return 0). + +BIO_seek() returns the same value as the underlying fseek() function: +0 for success or -1 for failure. + +BIO_tell() returns the current file position. + +BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and +BIO_rw_filename() return 1 for success or 0 for failure. + =head1 EXAMPLES File BIO "hello world": @@ -122,24 +140,6 @@ Alternative technique: BIO_printf(out, "Hello World\n"); BIO_free(out); -=head1 RETURN VALUES - -BIO_s_file() returns the file BIO method. - -BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error -occurred. - -BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure -(although the current implementation never return 0). - -BIO_seek() returns the same value as the underlying fseek() function: -0 for success or -1 for failure. - -BIO_tell() returns the current file position. - -BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and -BIO_rw_filename() return 1 for success or 0 for failure. - =head1 BUGS BIO_reset() and BIO_seek() are implemented using fseek() on the underlying diff --git a/doc/man3/CONF_modules_load_file.pod b/doc/man3/CONF_modules_load_file.pod index 037c7f2..c0623eb 100644 --- a/doc/man3/CONF_modules_load_file.pod +++ b/doc/man3/CONF_modules_load_file.pod @@ -67,6 +67,12 @@ Applications can use the CONF_modules_load() function if they wish to load a configuration file themselves and have finer control over how errors are treated. +=head1 RETURN VALUES + +These functions return 1 for success and a zero or negative value for +failure. If module errors are not ignored the return code will reflect the +return value of the failing module (this will always be zero or negative). + =head1 EXAMPLES Load a configuration file and print out any errors and exit (missing file @@ -122,12 +128,6 @@ Load and parse configuration file manually, custom error handling: NCONF_free(cnf); } -=head1 RETURN VALUES - -These functions return 1 for success and a zero or negative value for -failure. If module errors are not ignored the return code will reflect the -return value of the failing module (this will always be zero or negative). - =head1 SEE ALSO L, L diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod index 67471c9..868e337 100644 --- a/doc/man3/EVP_PKEY_set1_RSA.pod +++ b/doc/man3/EVP_PKEY_set1_RSA.pod @@ -111,13 +111,6 @@ is no longer possible: the equivalent is EVP_PKEY_base_id(pkey). EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM key as part of its routine to load a private key. -=head1 EXAMPLES - -After loading an ECC key, it is possible to convert it to using SM2 -algorithms with EVP_PKEY_set_alias_type: - - EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); - =head1 RETURN VALUES EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and @@ -138,6 +131,13 @@ EVP_PKEY_set1_engine() returns 1 for success and 0 for failure. EVP_PKEY_set_alias_type() returns 1 for success and 0 for error. +=head1 EXAMPLES + +After loading an ECC key, it is possible to convert it to using SM2 +algorithms with EVP_PKEY_set_alias_type: + + EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); + =head1 SEE ALSO L diff --git a/doc/man3/OBJ_nid2obj.pod b/doc/man3/OBJ_nid2obj.pod index 0345062..79923d1 100644 --- a/doc/man3/OBJ_nid2obj.pod +++ b/doc/man3/OBJ_nid2obj.pod @@ -130,6 +130,17 @@ These functions cannot return B because an B can represent both an internal, constant, OID and a dynamically-created one. The latter cannot be constant because it needs to be freed after use. +=head1 RETURN VALUES + +OBJ_nid2obj() returns an B structure or B is an +error occurred. + +OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B +on error. + +OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return +a NID or B on error. + =head1 EXAMPLES Create an object for B: @@ -159,17 +170,6 @@ Instead B must point to a valid buffer and B should be set to a positive value. A buffer length of 80 should be more than enough to handle any OID encountered in practice. -=head1 RETURN VALUES - -OBJ_nid2obj() returns an B structure or B is an -error occurred. - -OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B -on error. - -OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return -a NID or B on error. - =head1 SEE ALSO L diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod index cf5cf8e..34c029a 100644 --- a/doc/man3/OPENSSL_s390xcap.pod +++ b/doc/man3/OPENSSL_s390xcap.pod @@ -139,6 +139,10 @@ the numbering is continuous across 64-bit mask boundaries. # 20 1<<43 KMA-GCM-AES-256 : +=head1 RETURN VALUES + +Not available. + =head1 EXAMPLES Disables all instruction set extensions which the z196 processor does not implement: @@ -153,10 +157,6 @@ Disables the KM-XTS-AES and and the KIMD-SHAKE function codes: OPENSSL_s390xcap="km:~0x2800:~0;kimd:~0xc000000:~0" -=head1 RETURN VALUES - -Not available. - =head1 SEE ALSO [1] z/Architecture Principles of Operation, SA22-7832-11 diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index 1f53815..54dc27e 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -298,71 +298,6 @@ arbitrary data to be passed to the callback by the application B return the number of characters in the passphrase or -1 if an error occurred. -=head1 EXAMPLES - -Although the PEM routines take several arguments in almost all applications -most of them are set to 0 or NULL. - -Read a certificate in PEM format from a BIO: - - X509 *x; - - x = PEM_read_bio_X509(bp, NULL, 0, NULL); - if (x == NULL) - /* Error */ - -Alternative method: - - X509 *x = NULL; - - if (!PEM_read_bio_X509(bp, &x, 0, NULL)) - /* Error */ - -Write a certificate to a BIO: - - if (!PEM_write_bio_X509(bp, x)) - /* Error */ - -Write a private key (using traditional format) to a BIO using -triple DES encryption, the pass phrase is prompted for: - - if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL)) - /* Error */ - -Write a private key (using PKCS#8 format) to a BIO using triple -DES encryption, using the pass phrase "hello": - - if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(), - NULL, 0, 0, "hello")) - /* Error */ - -Read a private key from a BIO using a pass phrase callback: - - key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key"); - if (key == NULL) - /* Error */ - -Skeleton pass phrase callback: - - int pass_cb(char *buf, int size, int rwflag, void *u) - { - - /* We'd probably do something else if 'rwflag' is 1 */ - printf("Enter pass phrase for \"%s\"\n", (char *)u); - - /* get pass phrase, length 'len' into 'tmp' */ - char *tmp = "hello"; - if (tmp == NULL) /* An error occurred */ - return -1; - - size_t len = strlen(tmp); - - if (len > size) - len = size; - memcpy(buf, tmp, len); - return len; - } - =head1 NOTES The old B write routines are retained for compatibility. @@ -460,6 +395,71 @@ if an error occurred. The write routines return 1 for success or 0 for failure. +=head1 EXAMPLES + +Although the PEM routines take several arguments in almost all applications +most of them are set to 0 or NULL. + +Read a certificate in PEM format from a BIO: + + X509 *x; + + x = PEM_read_bio_X509(bp, NULL, 0, NULL); + if (x == NULL) + /* Error */ + +Alternative method: + + X509 *x = NULL; + + if (!PEM_read_bio_X509(bp, &x, 0, NULL)) + /* Error */ + +Write a certificate to a BIO: + + if (!PEM_write_bio_X509(bp, x)) + /* Error */ + +Write a private key (using traditional format) to a BIO using +triple DES encryption, the pass phrase is prompted for: + + if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL)) + /* Error */ + +Write a private key (using PKCS#8 format) to a BIO using triple +DES encryption, using the pass phrase "hello": + + if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(), + NULL, 0, 0, "hello")) + /* Error */ + +Read a private key from a BIO using a pass phrase callback: + + key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key"); + if (key == NULL) + /* Error */ + +Skeleton pass phrase callback: + + int pass_cb(char *buf, int size, int rwflag, void *u) + { + + /* We'd probably do something else if 'rwflag' is 1 */ + printf("Enter pass phrase for \"%s\"\n", (char *)u); + + /* get pass phrase, length 'len' into 'tmp' */ + char *tmp = "hello"; + if (tmp == NULL) /* An error occurred */ + return -1; + + size_t len = strlen(tmp); + + if (len > size) + len = size; + memcpy(buf, tmp, len); + return len; + } + =head1 HISTORY The old Netscape certificate sequences were no longer documented diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod index 5759c7f..5c58268 100644 --- a/doc/man3/SSL_CONF_cmd.pod +++ b/doc/man3/SSL_CONF_cmd.pod @@ -598,6 +598,23 @@ checking or translation of the command value. For example if the return value is B an application could translate a relative pathname to an absolute pathname. +=head1 RETURN VALUES + +SSL_CONF_cmd() returns 1 if the value of B is recognised and B is +B used and 2 if both B and B are used. In other words it +returns the number of arguments processed. This is useful when processing +command lines. + +A return value of -2 means B is not recognised. + +A return value of -3 means B is recognised and the command requires a +value but B is NULL. + +A return code of 0 indicates that both B and B are valid but an +error occurred attempting to perform the operation: for example due to an +error in the syntax of B in this case the error queue may provide +additional information. + =head1 EXAMPLES Set supported signature algorithms: @@ -644,23 +661,6 @@ Set supported curves to P-256, P-384: SSL_CONF_cmd(ctx, "Curves", "P-256:P-384"); -=head1 RETURN VALUES - -SSL_CONF_cmd() returns 1 if the value of B is recognised and B is -B used and 2 if both B and B are used. In other words it -returns the number of arguments processed. This is useful when processing -command lines. - -A return value of -2 means B is not recognised. - -A return value of -3 means B is recognised and the command requires a -value but B is NULL. - -A return code of 0 indicates that both B and B are valid but an -error occurred attempting to perform the operation: for example due to an -error in the syntax of B in this case the error queue may provide -additional information. - =head1 SEE ALSO L, diff --git a/doc/man3/SSL_CTX_load_verify_locations.pod b/doc/man3/SSL_CTX_load_verify_locations.pod index 03dec15..b955c60 100644 --- a/doc/man3/SSL_CTX_load_verify_locations.pod +++ b/doc/man3/SSL_CTX_load_verify_locations.pod @@ -100,23 +100,6 @@ with different expiration dates. If a "certificate expired" verification error occurs, no other certificate will be searched. Make sure to not have expired certificates mixed with valid ones. -=head1 EXAMPLES - -Generate a CA certificate file with descriptive text from the CA certificates -ca1.pem ca2.pem ca3.pem: - - #!/bin/sh - rm CAfile.pem - for i in ca1.pem ca2.pem ca3.pem ; do - openssl x509 -in $i -text >> CAfile.pem - done - -Prepare the directory /some/where/certs containing several CA certificates -for use as B: - - cd /some/where/certs - c_rehash . - =head1 RETURN VALUES For SSL_CTX_load_verify_locations the following return values can occur: @@ -139,6 +122,23 @@ SSL_CTX_set_default_verify_paths(), SSL_CTX_set_default_verify_dir() and SSL_CTX_set_default_verify_file() all return 1 on success or 0 on failure. A missing default location is still treated as a success. +=head1 EXAMPLES + +Generate a CA certificate file with descriptive text from the CA certificates +ca1.pem ca2.pem ca3.pem: + + #!/bin/sh + rm CAfile.pem + for i in ca1.pem ca2.pem ca3.pem ; do + openssl x509 -in $i -text >> CAfile.pem + done + +Prepare the directory /some/where/certs containing several CA certificates +for use as B: + + cd /some/where/certs + c_rehash . + =head1 SEE ALSO L, diff --git a/doc/man3/SSL_CTX_set1_sigalgs.pod b/doc/man3/SSL_CTX_set1_sigalgs.pod index 642f71a..eb31006 100644 --- a/doc/man3/SSL_CTX_set1_sigalgs.pod +++ b/doc/man3/SSL_CTX_set1_sigalgs.pod @@ -83,6 +83,10 @@ be used with the B<_list> forms of the API. The use of MD5 as a digest is strongly discouraged due to security weaknesses. +=head1 RETURN VALUES + +All these functions return 1 for success and 0 for failure. + =head1 EXAMPLES Set supported signature algorithms to SHA256 with ECDSA and SHA256 with RSA @@ -97,10 +101,6 @@ using a string: SSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256:RSA+SHA256"); -=head1 RETURN VALUES - -All these functions return 1 for success and 0 for failure. - =head1 SEE ALSO L, L, diff --git a/doc/man3/SSL_CTX_set_generate_session_id.pod b/doc/man3/SSL_CTX_set_generate_session_id.pod index 37ecd02..8bf8e15 100644 --- a/doc/man3/SSL_CTX_set_generate_session_id.pod +++ b/doc/man3/SSL_CTX_set_generate_session_id.pod @@ -82,6 +82,14 @@ and the same race condition applies. The callback must return 0 if it cannot generate a session id for whatever reason and return 1 on success. +=head1 RETURN VALUES + +SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id() +always return 1. + +SSL_has_matching_session_id() returns 1 if another session with the +same id is already in the cache. + =head1 EXAMPLES The callback function listed will generate a session id with the @@ -114,14 +122,6 @@ server id given, and will fill the rest with pseudo random bytes: } -=head1 RETURN VALUES - -SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id() -always return 1. - -SSL_has_matching_session_id() returns 1 if another session with the -same id is already in the cache. - =head1 SEE ALSO L, L diff --git a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod index 9013abc..88e70c5 100644 --- a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod +++ b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod @@ -121,6 +121,10 @@ For example if a cipher suite uses 256 bit ciphers but only a 128 bit ticket key the overall security is only 128 bits because breaking the ticket key will enable an attacker to obtain the session keys. +=head1 RETURN VALUES + +returns 0 to indicate the callback function was set. + =head1 EXAMPLES Reference Implementation: @@ -175,10 +179,6 @@ Reference Implementation: } } -=head1 RETURN VALUES - -returns 0 to indicate the callback function was set. - =head1 SEE ALSO L, L, diff --git a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod index f69c37c..bc1dafa 100644 --- a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod +++ b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod @@ -81,6 +81,14 @@ are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use the callback but ignore B and B and simply supply at least 2048-bit parameters in the callback. +=head1 RETURN VALUES + +SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return +diagnostic output. + +SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 +on failure. Check the error queue to find out the reason of failure. + =head1 EXAMPLES Setup DH parameters with a key length of 2048 bits. (Error handling @@ -109,14 +117,6 @@ Code for setting up parameters during server initialization: /* Error. */ ... -=head1 RETURN VALUES - -SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return -diagnostic output. - -SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 -on failure. Check the error queue to find out the reason of failure. - =head1 SEE ALSO L, L, diff --git a/doc/man3/SSL_load_client_CA_file.pod b/doc/man3/SSL_load_client_CA_file.pod index e1922d5..23449dd 100644 --- a/doc/man3/SSL_load_client_CA_file.pod +++ b/doc/man3/SSL_load_client_CA_file.pod @@ -23,21 +23,6 @@ the specific usage as support function for L, it is not limited to CA certificates. -=head1 EXAMPLES - -Load names of CAs from file and use it as a client CA list: - - SSL_CTX *ctx; - STACK_OF(X509_NAME) *cert_names; - - ... - cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem"); - if (cert_names != NULL) - SSL_CTX_set_client_CA_list(ctx, cert_names); - else - /* error */ - ... - =head1 RETURN VALUES The following return values can occur: @@ -54,6 +39,21 @@ Pointer to the subject names of the successfully read certificates. =back +=head1 EXAMPLES + +Load names of CAs from file and use it as a client CA list: + + SSL_CTX *ctx; + STACK_OF(X509_NAME) *cert_names; + + ... + cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem"); + if (cert_names != NULL) + SSL_CTX_set_client_CA_list(ctx, cert_names); + else + /* error */ + ... + =head1 SEE ALSO L, diff --git a/doc/man3/X509_NAME_add_entry_by_txt.pod b/doc/man3/X509_NAME_add_entry_by_txt.pod index a7b1235..7f52966 100644 --- a/doc/man3/X509_NAME_add_entry_by_txt.pod +++ b/doc/man3/X509_NAME_add_entry_by_txt.pod @@ -74,6 +74,15 @@ structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used B is almost always set to zero. +=head1 RETURN VALUES + +X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), +X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for +success of 0 if an error occurred. + +X509_NAME_delete_entry() returns either the deleted B +structure of B if an error occurred. + =head1 EXAMPLES Create an B structure: @@ -95,15 +104,6 @@ Create an B structure: "Joe Bloggs", -1, -1, 0)) /* Error */ -=head1 RETURN VALUES - -X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(), -X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for -success of 0 if an error occurred. - -X509_NAME_delete_entry() returns either the deleted B -structure of B if an error occurred. - =head1 BUGS B can still be set to B to use a diff --git a/doc/man3/X509_NAME_get_index_by_NID.pod b/doc/man3/X509_NAME_get_index_by_NID.pod index 1284373..f287849 100644 --- a/doc/man3/X509_NAME_get_index_by_NID.pod +++ b/doc/man3/X509_NAME_get_index_by_NID.pod @@ -69,6 +69,18 @@ Applications which could pass invalid NIDs to X509_NAME_get_index_by_NID() should check for the return value of -2. Alternatively the NID validity can be determined first by checking OBJ_nid2obj(nid) is not NULL. +=head1 RETURN VALUES + +X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() +return the index of the next matching entry or -1 if not found. +X509_NAME_get_index_by_NID() can also return -2 if the supplied +NID is invalid. + +X509_NAME_entry_count() returns the total number of entries. + +X509_NAME_get_entry() returns an B pointer to the +requested entry or B if the index is invalid. + =head1 EXAMPLES Process all entries: @@ -94,18 +106,6 @@ Process all commonName entries: /* Do something with e */ } -=head1 RETURN VALUES - -X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() -return the index of the next matching entry or -1 if not found. -X509_NAME_get_index_by_NID() can also return -2 if the supplied -NID is invalid. - -X509_NAME_entry_count() returns the total number of entries. - -X509_NAME_get_entry() returns an B pointer to the -requested entry or B if the index is invalid. - =head1 SEE ALSO L, L diff --git a/doc/man3/d2i_X509.pod b/doc/man3/d2i_X509.pod index c11da95..23dc73c 100644 --- a/doc/man3/d2i_X509.pod +++ b/doc/man3/d2i_X509.pod @@ -496,6 +496,19 @@ Represents the B structure defined in PKCS#1 and PKCS#7. =back +=head1 RETURN VALUES + +d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid B structure +or B if an error occurs. If the "reuse" capability has been used with +a valid structure being passed in via B, then the object is not freed in +the event of error but may be in a potentially invalid or inconsistent state. + +i2d_TYPE() returns the number of bytes successfully encoded or a negative +value if an error occurs. + +i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error +occurs. + =head1 EXAMPLES Allocate and encode the DER encoding of an X509 structure: @@ -586,19 +599,6 @@ structure has been modified after deserialization or previous serialization. This is because some objects cache the encoding for efficiency reasons. -=head1 RETURN VALUES - -d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid B structure -or B if an error occurs. If the "reuse" capability has been used with -a valid structure being passed in via B, then the object is not freed in -the event of error but may be in a potentially invalid or inconsistent state. - -i2d_TYPE() returns the number of bytes successfully encoded or a negative -value if an error occurs. - -i2d_TYPE_bio() and i2d_TYPE_fp() return 1 for success and 0 if an error -occurs. - =head1 COPYRIGHT Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved. diff --git a/util/find-doc-nits b/util/find-doc-nits index a8cea9c..5d5c2d0 100755 --- a/util/find-doc-nits +++ b/util/find-doc-nits @@ -142,6 +142,18 @@ sub name_synopsis() } } +# Check if EXAMPLES is located after RETURN VALUES section. +sub check_example_location() +{ + my $filename = shift; + my $contents = shift; + + return unless $contents =~ /=head1 RETURN VALUES/ + and $contents =~ /=head1 EXAMPLES/; + print "$filename: RETURN VAULES should be placed before EXAMPLES section\n" + if $contents =~ /=head1 EXAMPLES.*=head1 RETURN VALUES/ms; +} + sub check() { my $filename = shift; @@ -155,6 +167,8 @@ sub check() close POD; } + &check_example_location($filename, $contents) if $filename =~ m|man3/|; + my $id = "${filename}:1:"; &name_synopsis($id, $filename, $contents) From builds at travis-ci.org Fri Mar 1 06:35:07 2019 From: builds at travis-ci.org (Travis CI) Date: Fri, 01 Mar 2019 06:35:07 +0000 Subject: Still Failing: openssl/openssl#23595 (master - cc838ee) In-Reply-To: Message-ID: <5c78d29ac1546_43f9b8d32dc4c10195e@88699d84-827d-4e2f-892c-772f489ccfde.mail> Build Update for openssl/openssl ------------------------------------- Build: #23595 Status: Still Failing Duration: 17 mins and 51 secs Commit: cc838ee (master) Author: Paul Yang Message: Add section order check in util/find-doc-nits This patch checks if the EXAMPLES section in a pod file is placed before the RETURN VALUES section. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8338) View the changeset: https://github.com/openssl/openssl/compare/69f6b3ceaba4...cc838ee2d66f View the full build log and details: https://travis-ci.org/openssl/openssl/builds/500185584?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Fri Mar 1 07:42:25 2019 From: levitte at openssl.org (Richard Levitte) Date: Fri, 01 Mar 2019 07:42:25 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551426145.051705.10237.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via de4fb434c7f5fe7359dd9f57185bb98845d8e6f1 (commit) from 0342e42d864b7a670b4403389df057c4da6d7975 (commit) - Log ----------------------------------------------------------------- commit de4fb434c7f5fe7359dd9f57185bb98845d8e6f1 Author: Shigeki Ohtsu Date: Wed Mar 7 23:52:52 2018 +0900 deps: add s390 asm rules for OpenSSL-1.1.1 Generate asm files with Makefile rules. From: - https://github.com/nodejs/node/commit/0d9a86c7cb3566b22becc656691282402f5026c0 Reviewed-by: Bernd Edlinger Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8351) ----------------------------------------------------------------------- Summary of changes: crypto/chacha/build.info | 2 ++ crypto/poly1305/build.info | 1 + crypto/rc4/build.info | 2 ++ 3 files changed, 5 insertions(+) diff --git a/crypto/chacha/build.info b/crypto/chacha/build.info index 02f8e51..e75ca72 100644 --- a/crypto/chacha/build.info +++ b/crypto/chacha/build.info @@ -9,6 +9,8 @@ GENERATE[chacha-armv4.S]=asm/chacha-armv4.pl $(PERLASM_SCHEME) INCLUDE[chacha-armv4.o]=.. GENERATE[chacha-armv8.S]=asm/chacha-armv8.pl $(PERLASM_SCHEME) INCLUDE[chacha-armv8.o]=.. +GENERATE[chacha-s390x.S]=asm/chacha-s390x.pl $(PERLASM_SCHEME) +INCLUDE[chacha-s390x.o]=.. BEGINRAW[Makefile(unix)] ##### CHACHA assembler implementations diff --git a/crypto/poly1305/build.info b/crypto/poly1305/build.info index 631b32b..4e4dcca 100644 --- a/crypto/poly1305/build.info +++ b/crypto/poly1305/build.info @@ -17,6 +17,7 @@ GENERATE[poly1305-armv8.S]=asm/poly1305-armv8.pl $(PERLASM_SCHEME) INCLUDE[poly1305-armv8.o]=.. GENERATE[poly1305-mips.S]=asm/poly1305-mips.pl $(PERLASM_SCHEME) INCLUDE[poly1305-mips.o]=.. +GENERATE[poly1305-s390x.S]=asm/poly1305-s390x.pl $(PERLASM_SCHEME) BEGINRAW[Makefile(unix)] {- $builddir -}/poly1305-%.S: {- $sourcedir -}/asm/poly1305-%.pl diff --git a/crypto/rc4/build.info b/crypto/rc4/build.info index 46ee66b..913942b 100644 --- a/crypto/rc4/build.info +++ b/crypto/rc4/build.info @@ -11,6 +11,8 @@ GENERATE[rc4-md5-x86_64.s]=asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) GENERATE[rc4-parisc.s]=asm/rc4-parisc.pl $(PERLASM_SCHEME) +GENERATE[rc4-s390x.s]=asm/rc4-s390x.pl $(PERLASM_SCHEME) + BEGINRAW[Makefile] # GNU make "catch all" {- $builddir -}/rc4-%.s: {- $sourcedir -}/asm/rc4-%.pl From builds at travis-ci.org Fri Mar 1 08:05:06 2019 From: builds at travis-ci.org (Travis CI) Date: Fri, 01 Mar 2019 08:05:06 +0000 Subject: Still Failing: openssl/openssl#23597 (OpenSSL_1_1_1-stable - de4fb43) In-Reply-To: Message-ID: <5c78e7b26cda3_43f83d00289f49996d@07a02a92-08f0-4b32-91e2-594c562a5aec.mail> Build Update for openssl/openssl ------------------------------------- Build: #23597 Status: Still Failing Duration: 21 mins and 53 secs Commit: de4fb43 (OpenSSL_1_1_1-stable) Author: Shigeki Ohtsu Message: deps: add s390 asm rules for OpenSSL-1.1.1 Generate asm files with Makefile rules. From: - https://github.com/nodejs/node/commit/0d9a86c7cb3566b22becc656691282402f5026c0 Reviewed-by: Bernd Edlinger Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8351) View the changeset: https://github.com/openssl/openssl/compare/0342e42d864b...de4fb434c7f5 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/500211916?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Mar 1 13:30:20 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 01 Mar 2019 13:30:20 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm2 Message-ID: <1551447020.113808.28531.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: 69f6b3ceab apps/ca.c: only output DER with SPKAC input and when -out is chosen cee719c2d8 The use of the likes of UINT32_MAX requires internal/numbers.h Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_pkeyutl.t (Wstat: 512 Tests: 2 Failed: 2) Failed tests: 1-2 Non-zero exit status: 2 Files=160, Tests=1461, 248 wallclock secs ( 2.70 usr 0.34 sys + 221.66 cusr 12.02 csys = 236.72 CPU) Result: FAIL Makefile:197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sm2' Makefile:195: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Mar 1 13:37:22 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 01 Mar 2019 13:37:22 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm3 Message-ID: <1551447442.589399.25744.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: 69f6b3ceab apps/ca.c: only output DER with SPKAC input and when -out is chosen cee719c2d8 The use of the likes of UINT32_MAX requires internal/numbers.h Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_pkeyutl.t (Wstat: 512 Tests: 2 Failed: 2) Failed tests: 1-2 Non-zero exit status: 2 Files=160, Tests=1461, 241 wallclock secs ( 2.82 usr 0.32 sys + 218.87 cusr 11.65 csys = 233.66 CPU) Result: FAIL Makefile:197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sm3' Makefile:195: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Mar 1 13:57:08 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 13:57:08 +0000 Subject: Build failed: openssl master.23017 Message-ID: <20190301135708.1.77D61D3863834A29@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Fri Mar 1 14:17:30 2019 From: matt at openssl.org (Matt Caswell) Date: Fri, 01 Mar 2019 14:17:30 +0000 Subject: [openssl] master update Message-ID: <1551449850.220742.27707.nullmailer@dev.openssl.org> The branch master has been updated via ed86f884ba10c93a0beb53492c5db463e31a6884 (commit) from cc838ee2d66f7295bf7a7e6695aab1080d6791e9 (commit) - Log ----------------------------------------------------------------- commit ed86f884ba10c93a0beb53492c5db463e31a6884 Author: Matt Caswell Date: Thu Feb 28 13:47:26 2019 +0000 Fix no-ec, no-sm2 and no-sm3 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8372) ----------------------------------------------------------------------- Summary of changes: apps/pkeyutl.c | 11 +++++++---- test/recipes/20-test_pkeyutl.t | 9 +++++++-- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index b3452d3..c084525 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -526,14 +526,16 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, } ctx = EVP_PKEY_CTX_new_id(kdfnid, impl); } else { - EC_KEY *eckey = NULL; - const EC_GROUP *group = NULL; - int nid; - if (pkey == NULL) goto end; + +#ifndef OPENSSL_NO_EC /* SM2 needs a special treatment */ if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) { + EC_KEY *eckey = NULL; + const EC_GROUP *group = NULL; + int nid; + if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || (nid = EC_GROUP_get_curve_name(group)) == 0) @@ -541,6 +543,7 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, if (nid == NID_sm2) EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); } +#endif *pkeysize = EVP_PKEY_size(pkey); ctx = EVP_PKEY_CTX_new(pkey, impl); if (ppkey != NULL) diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t index a051138..1457530 100644 --- a/test/recipes/20-test_pkeyutl.t +++ b/test/recipes/20-test_pkeyutl.t @@ -37,7 +37,12 @@ sub verify '-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))); } -ok(sign, "Sign a piece of data using SM2"); -ok(verify, "Verify an SM2 signature against a piece of data"); +SKIP: { + skip "Skipping tests that require EC, SM2 or SM3", 2 + if disabled("ec") || disabled("sm2") || disabled("sm3"); + + ok(sign, "Sign a piece of data using SM2"); + ok(verify, "Verify an SM2 signature against a piece of data"); +} unlink 'signature.sm2'; From no-reply at appveyor.com Fri Mar 1 14:28:50 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 14:28:50 +0000 Subject: Build completed: openssl master.23018 Message-ID: <20190301142850.1.E9068C2EBC879441@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Fri Mar 1 14:35:56 2019 From: builds at travis-ci.org (Travis CI) Date: Fri, 01 Mar 2019 14:35:56 +0000 Subject: Still Failing: openssl/openssl#23619 (master - ed86f88) In-Reply-To: Message-ID: <5c79434c9c7cb_43fe121283ba0183419@9755add4-5417-4b59-978f-eecbf6de118f.mail> Build Update for openssl/openssl ------------------------------------- Build: #23619 Status: Still Failing Duration: 17 mins and 42 secs Commit: ed86f88 (master) Author: Matt Caswell Message: Fix no-ec, no-sm2 and no-sm3 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8372) View the changeset: https://github.com/openssl/openssl/compare/cc838ee2d66f...ed86f884ba10 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/500363910?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 1 15:37:37 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 15:37:37 +0000 Subject: Build failed: openssl master.23021 Message-ID: <20190301153737.1.212391EBD26FEC3C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 1 16:19:47 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 16:19:47 +0000 Subject: Build completed: openssl master.23022 Message-ID: <20190301161947.1.848DB34E5996F7E6@appveyor.com> An HTML attachment was scrubbed... URL: From bernd.edlinger at hotmail.de Fri Mar 1 17:29:29 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Fri, 01 Mar 2019 17:29:29 +0000 Subject: [openssl] master update Message-ID: <1551461369.434869.3140.nullmailer@dev.openssl.org> The branch master has been updated via 38023b87f037f4b832c236dfce2a76272be08763 (commit) from ed86f884ba10c93a0beb53492c5db463e31a6884 (commit) - Log ----------------------------------------------------------------- commit 38023b87f037f4b832c236dfce2a76272be08763 Author: Bernd Edlinger Date: Fri Feb 15 00:03:50 2019 +0100 Fix seeding from random device w/o getrandom syscall Use select to wait for /dev/random in readable state, but do not actually read anything from /dev/random, use /dev/urandom first. Use linux define __NR_getrandom instead of the glibc define SYS_getrandom, in case the kernel headers are more current than the glibc headers. Fixes #8215 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8251) ----------------------------------------------------------------------- Summary of changes: crypto/rand/rand_unix.c | 29 ++++++++++++++++++++++++++--- e_os.h | 9 +++------ 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 35777ff..39c4e7e 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -19,7 +19,7 @@ #include #include "internal/dso.h" #if defined(__linux) -# include +# include #endif #if defined(__FreeBSD__) # include @@ -324,8 +324,8 @@ static ssize_t syscall_random(void *buf, size_t buflen) # endif /* Linux supports this since version 3.17 */ -# if defined(__linux) && defined(SYS_getrandom) - return syscall(SYS_getrandom, buf, buflen, 0); +# if defined(__linux) && defined(__NR_getrandom) + return syscall(__NR_getrandom, buf, buflen, 0); # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) return sysctl_random(buf, buflen); # else @@ -510,6 +510,29 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); { size_t i; +#ifdef DEVRANDOM_WAIT + static int wait_done = 0; + + /* + * On some implementations reading from /dev/urandom is possible + * before it is initialized. Therefore we wait for /dev/random + * to be readable to make sure /dev/urandom is initialized. + */ + if (!wait_done && bytes_needed > 0) { + int f = open(DEVRANDOM_WAIT, O_RDONLY); + + if (f >= 0) { + fd_set fds; + + FD_ZERO(&fds); + FD_SET(f, &fds); + while (select(f+1, &fds, NULL, NULL, NULL) < 0 + && errno == EINTR); + close(f); + } + wait_done = 1; + } +#endif for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths); i++) { ssize_t bytes = 0; diff --git a/e_os.h b/e_os.h index 9c0888e..472354e 100644 --- a/e_os.h +++ b/e_os.h @@ -27,11 +27,8 @@ * set this to a comma-separated list of 'random' device files to try out. By * default, we will try to read at least one of these files */ -# if defined(__s390__) -# define DEVRANDOM "/dev/prandom","/dev/urandom","/dev/hwrng","/dev/random" -# else -# define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" -# endif +# define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom" +# define DEVRANDOM_WAIT "/dev/random" # endif # if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD) /* @@ -39,7 +36,7 @@ * sockets will be tried in the order listed in case accessing the device * files listed in DEVRANDOM did not return enough randomness. */ -# define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy" +# define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy" # endif # if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI) From bernd.edlinger at hotmail.de Fri Mar 1 17:30:27 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Fri, 01 Mar 2019 17:30:27 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551461427.836132.4590.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via c352bd07ed2ff872876534c950a6968d75ef121e (commit) from de4fb434c7f5fe7359dd9f57185bb98845d8e6f1 (commit) - Log ----------------------------------------------------------------- commit c352bd07ed2ff872876534c950a6968d75ef121e Author: Bernd Edlinger Date: Fri Feb 15 00:03:50 2019 +0100 Fix seeding from random device w/o getrandom syscall Use select to wait for /dev/random in readable state, but do not actually read anything from /dev/random, use /dev/urandom first. Use linux define __NR_getrandom instead of the glibc define SYS_getrandom, in case the kernel headers are more current than the glibc headers. Fixes #8215 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8251) (cherry picked from commit 38023b87f037f4b832c236dfce2a76272be08763) ----------------------------------------------------------------------- Summary of changes: crypto/rand/rand_unix.c | 29 ++++++++++++++++++++++++++--- e_os.h | 9 +++------ 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 9cbc9ad..4710dbb 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -19,7 +19,7 @@ #include #include "internal/dso.h" #if defined(__linux) -# include +# include #endif #if defined(__FreeBSD__) # include @@ -324,8 +324,8 @@ static ssize_t syscall_random(void *buf, size_t buflen) # endif /* Linux supports this since version 3.17 */ -# if defined(__linux) && defined(SYS_getrandom) - return syscall(SYS_getrandom, buf, buflen, 0); +# if defined(__linux) && defined(__NR_getrandom) + return syscall(__NR_getrandom, buf, buflen, 0); # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) return sysctl_random(buf, buflen); # else @@ -510,6 +510,29 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); { size_t i; +#ifdef DEVRANDOM_WAIT + static int wait_done = 0; + + /* + * On some implementations reading from /dev/urandom is possible + * before it is initialized. Therefore we wait for /dev/random + * to be readable to make sure /dev/urandom is initialized. + */ + if (!wait_done && bytes_needed > 0) { + int f = open(DEVRANDOM_WAIT, O_RDONLY); + + if (f >= 0) { + fd_set fds; + + FD_ZERO(&fds); + FD_SET(f, &fds); + while (select(f+1, &fds, NULL, NULL, NULL) < 0 + && errno == EINTR); + close(f); + } + wait_done = 1; + } +#endif for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths); i++) { ssize_t bytes = 0; diff --git a/e_os.h b/e_os.h index 8e6efa9..556688f 100644 --- a/e_os.h +++ b/e_os.h @@ -27,11 +27,8 @@ * set this to a comma-separated list of 'random' device files to try out. By * default, we will try to read at least one of these files */ -# if defined(__s390__) -# define DEVRANDOM "/dev/prandom","/dev/urandom","/dev/hwrng","/dev/random" -# else -# define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" -# endif +# define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom" +# define DEVRANDOM_WAIT "/dev/random" # endif # if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD) /* @@ -39,7 +36,7 @@ * sockets will be tried in the order listed in case accessing the device * files listed in DEVRANDOM did not return enough randomness. */ -# define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy" +# define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy" # endif # if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI) From builds at travis-ci.org Fri Mar 1 17:49:38 2019 From: builds at travis-ci.org (Travis CI) Date: Fri, 01 Mar 2019 17:49:38 +0000 Subject: Still Failing: openssl/openssl#23628 (master - 38023b8) In-Reply-To: Message-ID: <5c7970b2e4a3_43fb5672b77382339d5@80360f51-fc42-4b0b-bf52-38fcbea93519.mail> Build Update for openssl/openssl ------------------------------------- Build: #23628 Status: Still Failing Duration: 19 mins and 21 secs Commit: 38023b8 (master) Author: Bernd Edlinger Message: Fix seeding from random device w/o getrandom syscall Use select to wait for /dev/random in readable state, but do not actually read anything from /dev/random, use /dev/urandom first. Use linux define __NR_getrandom instead of the glibc define SYS_getrandom, in case the kernel headers are more current than the glibc headers. Fixes #8215 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8251) View the changeset: https://github.com/openssl/openssl/compare/ed86f884ba10...38023b87f037 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/500457014?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Fri Mar 1 18:01:20 2019 From: builds at travis-ci.org (Travis CI) Date: Fri, 01 Mar 2019 18:01:20 +0000 Subject: Still Failing: openssl/openssl#23629 (OpenSSL_1_1_1-stable - c352bd0) In-Reply-To: Message-ID: <5c7973705a7b5_43f9b8f71e0482461b0@88699d84-827d-4e2f-892c-772f489ccfde.mail> Build Update for openssl/openssl ------------------------------------- Build: #23629 Status: Still Failing Duration: 25 mins and 9 secs Commit: c352bd0 (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Fix seeding from random device w/o getrandom syscall Use select to wait for /dev/random in readable state, but do not actually read anything from /dev/random, use /dev/urandom first. Use linux define __NR_getrandom instead of the glibc define SYS_getrandom, in case the kernel headers are more current than the glibc headers. Fixes #8215 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8251) (cherry picked from commit 38023b87f037f4b832c236dfce2a76272be08763) View the changeset: https://github.com/openssl/openssl/compare/de4fb434c7f5...c352bd07ed2f View the full build log and details: https://travis-ci.org/openssl/openssl/builds/500457396?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 1 23:40:44 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 01 Mar 2019 23:40:44 +0000 Subject: Build failed: openssl master.23036 Message-ID: <20190301234044.1.5C7E2521AF4E98DA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 00:31:00 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 00:31:00 +0000 Subject: Build failed: openssl master.23037 Message-ID: <20190302003100.1.15A8F0F8BC11B6D4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 01:48:15 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 01:48:15 +0000 Subject: Build completed: openssl master.23038 Message-ID: <20190302014815.1.92933BCFC89A9CEC@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 09:29:01 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 09:29:01 +0000 Subject: Build failed: openssl master.23042 Message-ID: <20190302092901.1.C25661ED71209E4B@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 10:42:20 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 10:42:20 +0000 Subject: Build completed: openssl master.23043 Message-ID: <20190302104220.1.C9BA835EA428BB11@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 12:18:03 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 12:18:03 +0000 Subject: Build failed: openssl master.23045 Message-ID: <20190302121803.1.C070B7329F5686C0@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 13:08:07 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 13:08:07 +0000 Subject: Build failed: openssl master.23046 Message-ID: <20190302130807.1.D7FD86042CD3BBB7@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 13:35:50 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 13:35:50 +0000 Subject: Build completed: openssl master.23047 Message-ID: <20190302133550.1.2DBE23413627A78A@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 2 20:58:02 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 02 Mar 2019 20:58:02 +0000 Subject: Build failed: openssl master.23054 Message-ID: <20190302205802.1.E1FE90821AAC5B9F@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Mar 3 07:29:29 2019 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 03 Mar 2019 07:29:29 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5c7b82583e25_2cde2b0b31c28f50293a2@appnode-2.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I0I7QdGH4QP3W9vPYjzeCBxOdRyDzN1U0CxuktV-2Bs80bxLf2XS5U7-2Fb6ZjBgGQjuYIlX1XzzmkX76-2FTc4HSIM-2Femmj0o2rEJisCj9byG9PzqtuVlUEJXhZkCOmtE-2Bp5rzw3HCB41H2g-2FbPfw70zXOiJNllfYkZOEqFYI0oYICsWFb8BA72BOh5eTqjBLak12l0-3D Build ID: 246459 Analysis Summary: New defects found: 1 Defects eliminated: 3 If you have difficulty understanding any defects, email us at scan-admin at coverity.com, or post your question to StackOverflow at https://u2389337.ct.sendgrid.net/wf/click?upn=OgIsEqWzmIl4S-2FzEUMxLXL-2BukuZt9UUdRZhgmgzAKchwAzH1nH3073xDEXNRgHN6zzUI-2FRfbrE6mNOeeukHUQw-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I0I7QdGH4QP3W9vPYjzeCBxOdRyDzN1U0CxuktV-2Bs80b8T9qOjxVYMV0-2BzMt2ZDrc-2BW7qMOnQxwgx9MrsIdl-2FIDIX4C8yqhs-2Bj1KMMLKKhIZYJsgts6Yh6wDsegNpz7xmH0-2FqH939I2qyL0bMyaBSPuNB8uL8jThzOaGu6QfIC-2B-2FM-2B8wR9LNA2E740DydxhVV0-3D From scan-admin at coverity.com Sun Mar 3 07:47:00 2019 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 03 Mar 2019 07:47:00 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5c7b8673e9aef_367e2b0b31c28f5029311@appnode-2.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I27rHn-2B9k-2FldrQNJlMoVdCNytiEzlDDZjAVgBRzt2NL4S3mxmkh6hU2fYFMobcZr-2Bnm7M-2B0tv22aCg3QSourj8kFIJ-2FRwpWn4pJoN0Hm2RG9i3WRIREUsWEwHsxm8jkJ75DqyvEjkYL-2F53Lzc4JkIHdYnSTK0mgw1hr-2B1TGY2l4hNcVNtmrgjGgG8Av-2FPztE64-3D Build ID: 246460 Analysis Summary: New defects found: 0 Defects eliminated: 0 From no-reply at appveyor.com Sun Mar 3 11:57:52 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 03 Mar 2019 11:57:52 +0000 Subject: Build failed: openssl master.23064 Message-ID: <20190303115752.1.9D54C7A17A2DEEB8@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Mar 3 12:25:13 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 03 Mar 2019 12:25:13 +0000 Subject: Build completed: openssl master.23065 Message-ID: <20190303122513.1.A4E1541BA8FF452A@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Mar 3 20:02:14 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 03 Mar 2019 20:02:14 +0000 Subject: Build failed: openssl master.23073 Message-ID: <20190303200214.1.8994A7E5C2AD2158@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Mar 3 21:39:04 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 03 Mar 2019 21:39:04 +0000 Subject: Build completed: openssl master.23074 Message-ID: <20190303213904.1.986834059706FC5A@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Mar 4 01:29:42 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 04 Mar 2019 01:29:42 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ec Message-ID: <1551662982.518910.5461.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec Commit log since last time: 38023b87f0 Fix seeding from random device w/o getrandom syscall ed86f884ba Fix no-ec, no-sm2 and no-sm3 cc838ee2d6 Add section order check in util/find-doc-nits 4564e77ae9 Place return values after examples in doc From no-reply at appveyor.com Mon Mar 4 01:40:50 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 01:40:50 +0000 Subject: Build failed: openssl master.23078 Message-ID: <20190304014050.1.CAED3D62267B07C6@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 02:21:36 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 02:21:36 +0000 Subject: Build completed: openssl master.23079 Message-ID: <20190304022136.1.03FFDB0282A46668@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Mon Mar 4 09:32:23 2019 From: pauli at openssl.org (Dr. Paul Dale) Date: Mon, 04 Mar 2019 09:32:23 +0000 Subject: [openssl] master update Message-ID: <1551691943.366572.11272.nullmailer@dev.openssl.org> The branch master has been updated via 68ad17e87467e93eab87fc2fce0da53d6a7653cc (commit) from 38023b87f037f4b832c236dfce2a76272be08763 (commit) - Log ----------------------------------------------------------------- commit 68ad17e87467e93eab87fc2fce0da53d6a7653cc Author: Pauli Date: Mon Mar 4 13:37:39 2019 +1000 Check for negative return for signature size.Addresses Coverity 1442933 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8392) ----------------------------------------------------------------------- Summary of changes: test/ecdsatest.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/ecdsatest.c b/test/ecdsatest.c index 03327a2..761832f 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -205,6 +205,7 @@ static int test_builtin(int n) EVP_MD_CTX *mctx = NULL; size_t sig_len; int nid, ret = 0; + int temp; nid = curves[n].nid; @@ -231,9 +232,10 @@ static int test_builtin(int n) || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey_neg, eckey_neg))) goto err; - sig_len = ECDSA_size(eckey); + temp = ECDSA_size(eckey); - if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)) + if (!TEST_int_ge(temp, 0) + || !TEST_ptr(sig = OPENSSL_malloc(sig_len = (size_t)temp)) /* create a signature */ || !TEST_true(EVP_DigestSignInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_true(EVP_DigestSign(mctx, sig, &sig_len, tbs, sizeof(tbs))) From builds at travis-ci.org Mon Mar 4 09:51:32 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 04 Mar 2019 09:51:32 +0000 Subject: Still Failing: openssl/openssl#23686 (master - 68ad17e) In-Reply-To: Message-ID: <5c7cf523c9885_43f9fd2e9a9882247ee@66748141-3703-4e2c-80e8-7d99b043df78.mail> Build Update for openssl/openssl ------------------------------------- Build: #23686 Status: Still Failing Duration: 18 mins and 15 secs Commit: 68ad17e (master) Author: Pauli Message: Check for negative return for signature size.Addresses Coverity 1442933 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8392) View the changeset: https://github.com/openssl/openssl/compare/38023b87f037...68ad17e87467 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501398690?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Mon Mar 4 10:15:06 2019 From: matt at openssl.org (Matt Caswell) Date: Mon, 04 Mar 2019 10:15:06 +0000 Subject: [openssl] master update Message-ID: <1551694506.429328.21443.nullmailer@dev.openssl.org> The branch master has been updated via e3b35d2b29e9446af83fcaa534e67e7b04a60d7a (commit) from 68ad17e87467e93eab87fc2fce0da53d6a7653cc (commit) - Log ----------------------------------------------------------------- commit e3b35d2b29e9446af83fcaa534e67e7b04a60d7a Author: Vitezslav Cizek Date: Thu Feb 28 13:47:18 2019 +0100 openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) ----------------------------------------------------------------------- Summary of changes: crypto/o_str.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/crypto/o_str.c b/crypto/o_str.c index 02578db..3b271e7 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) #if defined(_MSC_VER) && _MSC_VER>=1400 return !strerror_s(buf, buflen, errnum); #elif defined(_GNU_SOURCE) - return strerror_r(errnum, buf, buflen) != NULL; + char *err; + + /* + * GNU strerror_r may not actually set buf. + * It can return a pointer to some (immutable) static string in which case + * buf is left unused. + */ + err = strerror_r(errnum, buf, buflen); + if (err == NULL) + return 0; + /* + * If err is statically allocated, err != buf and we need to copy the data. + * If err points somewhere inside buf, OPENSSL_strlcpy can handle this, + * since src and dest are not annotated with __restrict and the function + * reads src byte for byte and writes to dest. + * If err == buf we do not have to copy anything. + */ + if (err != buf) + OPENSSL_strlcpy(buf, err, buflen); + return 1; #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) /* @@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) return !strerror_r(errnum, buf, buflen); #else char *err; + /* Fall back to non-thread safe strerror()...its all we can do */ if (buflen < 2) return 0; @@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) /* Can this ever happen? */ if (err == NULL) return 0; - strncpy(buf, err, buflen - 1); - buf[buflen - 1] = '\0'; + OPENSSL_strlcpy(buf, err, buflen); return 1; #endif } From matt at openssl.org Mon Mar 4 10:15:19 2019 From: matt at openssl.org (Matt Caswell) Date: Mon, 04 Mar 2019 10:15:19 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551694519.417471.22689.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 99f0c7a8a6999e2f78fc065e4da78643ae14c14c (commit) from c352bd07ed2ff872876534c950a6968d75ef121e (commit) - Log ----------------------------------------------------------------- commit 99f0c7a8a6999e2f78fc065e4da78643ae14c14c Author: Vitezslav Cizek Date: Thu Feb 28 13:47:18 2019 +0100 openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) (cherry picked from commit e3b35d2b29e9446af83fcaa534e67e7b04a60d7a) ----------------------------------------------------------------------- Summary of changes: crypto/o_str.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/crypto/o_str.c b/crypto/o_str.c index a835769..437e45a 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) #if defined(_MSC_VER) && _MSC_VER>=1400 return !strerror_s(buf, buflen, errnum); #elif defined(_GNU_SOURCE) - return strerror_r(errnum, buf, buflen) != NULL; + char *err; + + /* + * GNU strerror_r may not actually set buf. + * It can return a pointer to some (immutable) static string in which case + * buf is left unused. + */ + err = strerror_r(errnum, buf, buflen); + if (err == NULL) + return 0; + /* + * If err is statically allocated, err != buf and we need to copy the data. + * If err points somewhere inside buf, OPENSSL_strlcpy can handle this, + * since src and dest are not annotated with __restrict and the function + * reads src byte for byte and writes to dest. + * If err == buf we do not have to copy anything. + */ + if (err != buf) + OPENSSL_strlcpy(buf, err, buflen); + return 1; #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) /* @@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) return !strerror_r(errnum, buf, buflen); #else char *err; + /* Fall back to non-thread safe strerror()...its all we can do */ if (buflen < 2) return 0; @@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) /* Can this ever happen? */ if (err == NULL) return 0; - strncpy(buf, err, buflen - 1); - buf[buflen - 1] = '\0'; + OPENSSL_strlcpy(buf, err, buflen); return 1; #endif } From builds at travis-ci.org Mon Mar 4 10:34:59 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 04 Mar 2019 10:34:59 +0000 Subject: Still Failing: openssl/openssl#23687 (master - e3b35d2) In-Reply-To: Message-ID: <5c7cff52be69e_43f95b93169f413692c@5b8a3474-d0cf-486a-9dd3-798175f43688.mail> Build Update for openssl/openssl ------------------------------------- Build: #23687 Status: Still Failing Duration: 19 mins and 7 secs Commit: e3b35d2 (master) Author: Vitezslav Cizek Message: openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) View the changeset: https://github.com/openssl/openssl/compare/68ad17e87467...e3b35d2b29e9 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501415584?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Mon Mar 4 10:45:28 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 04 Mar 2019 10:45:28 +0000 Subject: Still Failing: openssl/openssl#23688 (OpenSSL_1_1_1-stable - 99f0c7a) In-Reply-To: Message-ID: <5c7d01c816b6_43ff7ccba0618575cb@00974763-41a9-4d79-8c0e-1894d304cf99.mail> Build Update for openssl/openssl ------------------------------------- Build: #23688 Status: Still Failing Duration: 29 mins and 29 secs Commit: 99f0c7a (OpenSSL_1_1_1-stable) Author: Vitezslav Cizek Message: openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) (cherry picked from commit e3b35d2b29e9446af83fcaa534e67e7b04a60d7a) View the changeset: https://github.com/openssl/openssl/compare/c352bd07ed2f...99f0c7a8a699 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501415647?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Mar 4 13:38:07 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 04 Mar 2019 13:38:07 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm2 Message-ID: <1551706687.983941.19295.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: 38023b87f0 Fix seeding from random device w/o getrandom syscall ed86f884ba Fix no-ec, no-sm2 and no-sm3 cc838ee2d6 Add section order check in util/find-doc-nits 4564e77ae9 Place return values after examples in doc From openssl at openssl.org Mon Mar 4 13:45:21 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 04 Mar 2019 13:45:21 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm3 Message-ID: <1551707121.200300.16388.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: 38023b87f0 Fix seeding from random device w/o getrandom syscall ed86f884ba Fix no-ec, no-sm2 and no-sm3 cc838ee2d6 Add section order check in util/find-doc-nits 4564e77ae9 Place return values after examples in doc From no-reply at appveyor.com Mon Mar 4 16:55:28 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 16:55:28 +0000 Subject: Build failed: openssl master.23094 Message-ID: <20190304165528.1.C91AF2BFB691EF69@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Mon Mar 4 18:36:00 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 04 Mar 2019 18:36:00 +0000 Subject: [web] master update Message-ID: <1551724560.426008.22197.nullmailer@dev.openssl.org> The branch master has been updated via b221da5e00d3e9304664f605c132a18674a343e5 (commit) from f6f50f59aea1b6ec6d9cf6849a1866dd1db8cb20 (commit) - Log ----------------------------------------------------------------- commit b221da5e00d3e9304664f605c132a18674a343e5 Author: Richard Levitte Date: Fri Mar 1 10:11:51 2019 +0100 Don't try to hide section numbers / links in manpages In previous times, we produced manpages in apps/, crypto/ and ssl/, and having to deal with links containing '/man{n}/' was only tedious, so we simply removed the section numbers from the L<> POD codes. Now that we've switched to regular manpage layout, removing the section numbers is not necessary any more, and also leads to incorrect links when the L<> code refers to pages in a different man section. Issue was reported on [openssl-users](https://marc.info/?l=openssl-users&m=155138532927266&w=2). Thank you Paul Smith Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/web/pull/124) ----------------------------------------------------------------------- Summary of changes: bin/mk-manpages | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/bin/mk-manpages b/bin/mk-manpages index bc9c793..efc95b1 100755 --- a/bin/mk-manpages +++ b/bin/mk-manpages @@ -41,7 +41,6 @@ sub main { # # release => "..." # # subdir => "..." # The original subdir - # sect => "..." # Output section subdir # sectnum => n # Default section number # my %data = ( @@ -52,7 +51,7 @@ sub main { ); # These are for display my $podfile = File::Spec->catfile( $subdir, $ent ); - my $incfile = File::Spec->catfile( $data{sect}, + my $incfile = File::Spec->catfile( "man$data{sectnum}", "$origbase.inc" ); # These are files we're actually manipulating my $inpod = File::Spec->catfile( $srcdir, $podfile ); @@ -68,7 +67,7 @@ sub main { foreach my $htmlname ( map { (my $x = $_) =~ s|/|-|g; $x } @{$data{names}}) { - my $htmlfile = File::Spec->catdir( $data{sect}, + my $htmlfile = File::Spec->catdir( "man$data{sectnum}", "$htmlname.html" ); my $outhtml = File::Spec->catfile( $wwwdir, $htmlfile ); $out = $class->genhtml( $release, $title, $origbase, @@ -90,7 +89,7 @@ sub genhtml { - + @@ -111,8 +110,8 @@ sub genhtml { : Docs : Manpages : $release - : $data{sect} - : $htmlbase + : man$data{sectnum} + : $htmlbase
Sitemap @@ -145,18 +144,12 @@ sub geninc { my $infile = do { local $/; <$fh>; }; close( $fh ); - # L ==> L - $infile =~ s/L<[^|>]*\|([^>]+)>/L<$1>/g; - - # L --> L - $infile =~ s/L<([^>]+)\(\d\)>/L<$1>/g; - my $out; my $pod = Pod::Simple::XHTML->new; $pod->html_h_level(3); - $pod->perldoc_url_prefix("/docs/man$release/$data{sect}/"); + $pod->perldoc_url_prefix("/docs/man$release/man$data{sectnum}/"); $pod->perldoc_url_postfix(".html"); - $pod->man_url_prefix("/docs/man$release/$data{sect}/"); + $pod->man_url_prefix("/docs/man$release/man"); $pod->man_url_postfix(".html"); $pod->html_header(''); $pod->html_footer(''); @@ -183,7 +176,6 @@ sub getdata { s/\n/ /gm; if (/^=for comment openssl_manual_section:\s*(\d+)/) { $data{sectnum} = "$1"; - $data{sect} = "man$1"; } elsif (/^=head1\s/) { $foundname = 0; From no-reply at appveyor.com Mon Mar 4 18:54:54 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 18:54:54 +0000 Subject: Build failed: openssl master.23095 Message-ID: <20190304185454.1.DB209ED68EEC9CC4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 19:35:19 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 19:35:19 +0000 Subject: Build failed: openssl master.23096 Message-ID: <20190304193519.1.CA0D9674DFB4CF53@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 20:28:57 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 20:28:57 +0000 Subject: Build completed: openssl master.23097 Message-ID: <20190304202857.1.CD7281D606C574EA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 22:40:24 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 22:40:24 +0000 Subject: Build failed: openssl master.23103 Message-ID: <20190304224024.1.05D5B6002BD65FEA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 23:08:30 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 23:08:30 +0000 Subject: Build failed: openssl master.23107 Message-ID: <20190304230830.1.1AA8A031217F8D5A@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 23:30:56 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 23:30:56 +0000 Subject: Build failed: openssl master.23108 Message-ID: <20190304233056.1.E91FD0519A04FCF1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 4 23:39:25 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 04 Mar 2019 23:39:25 +0000 Subject: Build completed: openssl master.23109 Message-ID: <20190304233925.1.D25912B8F1D8F404@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Mar 5 07:47:21 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 05 Mar 2019 07:47:21 +0000 Subject: [openssl] master update Message-ID: <1551772041.169109.2715.nullmailer@dev.openssl.org> The branch master has been updated via 469ce8ff48ef06b2e508d0c06a42ec86379b0032 (commit) from e3b35d2b29e9446af83fcaa534e67e7b04a60d7a (commit) - Log ----------------------------------------------------------------- commit 469ce8ff48ef06b2e508d0c06a42ec86379b0032 Author: Richard Levitte Date: Fri Mar 1 13:18:11 2019 +0100 Deprecate the "hw" configuration options, make "padlockeng" disablable The "hw" and "hw-.*" style options are historical artifacts, sprung from the time when ENGINE was first designed, with hardware crypto accelerators and HSMs in mind. Today, these options have largely lost their value, replaced by options such as "no-{foo}eng" and "no-engine". This completes the transition by making "hw" and "hw-.*" deprecated, but automatically translated into more modern variants of the same. In the process, we get rid of the last regular expression in Configure's @disablables, a feature that was ill supported anyway. Also, padlock now gets treated just as every other engine. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8380) ----------------------------------------------------------------------- Summary of changes: Configure | 21 +++++++++-- INSTALL | 8 ++-- crypto/init.c | 4 +- engines/build.info | 30 ++++++++------- engines/e_padlock.c | 103 +++++++++++++++++++++++++--------------------------- 5 files changed, 90 insertions(+), 76 deletions(-) diff --git a/Configure b/Configure index 0e0e115..0c9037b 100755 --- a/Configure +++ b/Configure @@ -374,7 +374,6 @@ my @disablables = ( "fuzz-afl", "gost", "heartbeats", - "hw(-.+)?", "idea", "makedepend", "md2", @@ -386,6 +385,7 @@ my @disablables = ( "pinshared", "ocb", "ocsp", + "padlockeng", "pic", "poly1305", "posix-io", @@ -434,6 +434,8 @@ foreach my $proto ((@tls, @dtls)) my %deprecated_disablables = ( "ssl2" => undef, "buf-freelists" => undef, + "hw" => "hw", # causes cascade, but no macro + "hw-padlock" => "padlockeng", "ripemd" => "rmd160", "ui" => "ui-console", ); @@ -495,7 +497,9 @@ my @disable_cascades = ( # Without position independent code, there can be no shared libraries or DSOs "pic" => [ "shared" ], "shared" => [ "dynamic-engine" ], - "engine" => [ "afalgeng", "devcryptoeng" ], + + "engine" => [ grep /eng$/, @disablables ], + "hw" => [ "padlockeng" ], # no-autoalginit is only useful when building non-shared "autoalginit" => [ "shared", "apps" ], @@ -674,8 +678,9 @@ while (@argvcopy) if (/^(no|disable|enable)-(.+)$/) { my $word = $2; - if (!exists $deprecated_disablables{$word} - && !grep { $word =~ /^${_}$/ } @disablables) + if ($word !~ m|hw(?:-.+)| # special treatment for hw regexp opt + && !exists $deprecated_disablables{$word} + && !grep { $word eq $_ } @disablables) { $unsupported_options{$_} = 1; next; @@ -729,6 +734,10 @@ while (@argvcopy) $disabled{$deprecated_disablables{$1}} = "option"; } } + elsif ($1 =~ m|hw(?:-.+)|) # deprecate hw options in regexp form + { + $deprecated_options{$_} = 1; + } else { $disabled{$1} = "option"; @@ -1193,6 +1202,10 @@ $config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile"; my %skipdir = (); my %disabled_info = (); # For configdata.pm foreach my $what (sort keys %disabled) { + # There are deprecated disablables that translate to themselves. + # They cause disabling cascades, but should otherwise not regiter. + next if $deprecated_disablables{$what}; + $config{options} .= " no-$what"; if (!grep { $what eq $_ } ( 'dso', 'threads', 'shared', 'pic', diff --git a/INSTALL b/INSTALL index 1195643..be0ce9d 100644 --- a/INSTALL +++ b/INSTALL @@ -396,9 +396,6 @@ available if the GOST algorithms are also available through loading an externally supplied engine. - no-hw-padlock - Don't build the padlock engine. - no-makedepend Don't generate dependencies. @@ -413,6 +410,11 @@ no-ocsp Don't build support for OCSP. + no-padlockeng + no-hw-padlock + Don't build the padlock engine. + ('no-hw-padlock' is deprecated and should not be used) + no-pic Don't build with support for Position Independent Code. diff --git a/crypto/init.c b/crypto/init.c index ddea63a..ef9c043 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -389,7 +389,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) return 1; } # endif -# if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) +# if !defined(OPENSSL_NO_PADLOCKENG) static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) { @@ -761,7 +761,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto)) return 0; # endif -# if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) +# if !defined(OPENSSL_NO_PADLOCKENG) if ((opts & OPENSSL_INIT_ENGINE_PADLOCK) && !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock)) return 0; diff --git a/engines/build.info b/engines/build.info index cf00a97..e5001c4 100644 --- a/engines/build.info +++ b/engines/build.info @@ -1,9 +1,10 @@ IF[{- !$disabled{"engine"} -}] - IF[{- $disabled{"dynamic-engine"} -}] LIBS=../libcrypto - SOURCE[../libcrypto]=\ - e_padlock.c {- $target{padlock_asm_src} -} + IF[{- !$disabled{padlockeng} -}] + SOURCE[../libcrypto]=\ + e_padlock.c {- $target{padlock_asm_src} -} + ENDIF IF[{- !$disabled{capieng} -}] SOURCE[../libcrypto]=e_capi.c ENDIF @@ -14,13 +15,18 @@ IF[{- !$disabled{"engine"} -}] SOURCE[../libcrypto]=e_devcrypto.c ENDIF ELSE - MODULES{engine}=padlock - SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -} - DEPEND[padlock]=../libcrypto - INCLUDE[padlock]=../include - IF[{- defined $target{shared_defflag} -}] - SHARED_SOURCE[padlock]=padlock.ld - GENERATE[padlock.ld]=../util/engines.num + IF[{- !$disabled{padlockeng} -}] + MODULES{engine}=padlock + SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -} + DEPEND[padlock]=../libcrypto + INCLUDE[padlock]=../include + GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl \ + $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR) + GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) + IF[{- defined $target{shared_defflag} -}] + SHARED_SOURCE[padlock]=padlock.ld + GENERATE[padlock.ld]=../util/engines.num + ENDIF ENDIF IF[{- !$disabled{capieng} -}] MODULES{engine}=capi @@ -69,8 +75,4 @@ IF[{- !$disabled{"engine"} -}] GENERATE[ossltest.ld]=../util/engines.num ENDIF ENDIF - - GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl \ - $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR) - GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) ENDIF diff --git a/engines/e_padlock.c b/engines/e_padlock.c index 10b5a05..78e9c79 100644 --- a/engines/e_padlock.c +++ b/engines/e_padlock.c @@ -19,40 +19,39 @@ #include #include -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_PADLOCK +#ifndef OPENSSL_NO_PADLOCKENG /* * VIA PadLock AES is available *ONLY* on some x86 CPUs. Not only that it * doesn't exist elsewhere, but it even can't be compiled on other platforms! */ -# undef COMPILE_HW_PADLOCK -# if defined(PADLOCK_ASM) -# define COMPILE_HW_PADLOCK -# ifdef OPENSSL_NO_DYNAMIC_ENGINE +# undef COMPILE_PADLOCKENG +# if defined(PADLOCK_ASM) +# define COMPILE_PADLOCKENG +# ifdef OPENSSL_NO_DYNAMIC_ENGINE static ENGINE *ENGINE_padlock(void); -# endif # endif +# endif -# ifdef OPENSSL_NO_DYNAMIC_ENGINE +# ifdef OPENSSL_NO_DYNAMIC_ENGINE void engine_load_padlock_int(void); void engine_load_padlock_int(void) { /* On non-x86 CPUs it just returns. */ -# ifdef COMPILE_HW_PADLOCK +# ifdef COMPILE_PADLOCKENG ENGINE *toadd = ENGINE_padlock(); if (!toadd) return; ENGINE_add(toadd); ENGINE_free(toadd); ERR_clear_error(); -# endif +# endif } -# endif +# endif -# ifdef COMPILE_HW_PADLOCK +# ifdef COMPILE_PADLOCKENG /* Function for ENGINE detection and control */ static int padlock_available(void); @@ -106,7 +105,7 @@ static int padlock_bind_helper(ENGINE *e) return 1; } -# ifdef OPENSSL_NO_DYNAMIC_ENGINE +# ifdef OPENSSL_NO_DYNAMIC_ENGINE /* Constructor */ static ENGINE *ENGINE_padlock(void) { @@ -123,7 +122,7 @@ static ENGINE *ENGINE_padlock(void) return eng; } -# endif +# endif /* Check availability of the engine */ static int padlock_init(ENGINE *e) @@ -135,7 +134,7 @@ static int padlock_init(ENGINE *e) * This stuff is needed if this ENGINE is being compiled into a * self-contained shared-library. */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE +# ifndef OPENSSL_NO_DYNAMIC_ENGINE static int padlock_bind_fn(ENGINE *e, const char *id) { if (id && (strcmp(id, padlock_id) != 0)) { @@ -151,14 +150,14 @@ static int padlock_bind_fn(ENGINE *e, const char *id) IMPLEMENT_DYNAMIC_CHECK_FN() IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn) -# endif /* !OPENSSL_NO_DYNAMIC_ENGINE */ +# endif /* !OPENSSL_NO_DYNAMIC_ENGINE */ /* ===== Here comes the "real" engine ===== */ /* Some AES-related constants */ -# define AES_BLOCK_SIZE 16 -# define AES_KEY_SIZE_128 16 -# define AES_KEY_SIZE_192 24 -# define AES_KEY_SIZE_256 32 +# define AES_BLOCK_SIZE 16 +# define AES_KEY_SIZE_128 16 +# define AES_KEY_SIZE_192 24 +# define AES_KEY_SIZE_256 32 /* * Here we store the status information relevant to the current context. */ @@ -224,29 +223,29 @@ static int padlock_available(void) /* ===== AES encryption/decryption ===== */ -# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) -# define NID_aes_128_cfb NID_aes_128_cfb128 -# endif +# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) +# define NID_aes_128_cfb NID_aes_128_cfb128 +# endif -# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) -# define NID_aes_128_ofb NID_aes_128_ofb128 -# endif +# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) +# define NID_aes_128_ofb NID_aes_128_ofb128 +# endif -# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) -# define NID_aes_192_cfb NID_aes_192_cfb128 -# endif +# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) +# define NID_aes_192_cfb NID_aes_192_cfb128 +# endif -# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) -# define NID_aes_192_ofb NID_aes_192_ofb128 -# endif +# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) +# define NID_aes_192_ofb NID_aes_192_ofb128 +# endif -# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) -# define NID_aes_256_cfb NID_aes_256_cfb128 -# endif +# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) +# define NID_aes_256_cfb NID_aes_256_cfb128 +# endif -# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) -# define NID_aes_256_ofb NID_aes_256_ofb128 -# endif +# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) +# define NID_aes_256_ofb NID_aes_256_ofb128 +# endif /* List of supported ciphers. */ static const int padlock_cipher_nids[] = { @@ -276,9 +275,9 @@ static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) / static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); -# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ +# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) -# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ +# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ NEAREST_ALIGNED(EVP_CIPHER_CTX_get_cipher_data(ctx))) static int @@ -453,17 +452,17 @@ padlock_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, return 1; } -# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE -# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE -# define EVP_CIPHER_block_size_OFB 1 -# define EVP_CIPHER_block_size_CFB 1 -# define EVP_CIPHER_block_size_CTR 1 +# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE +# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE +# define EVP_CIPHER_block_size_OFB 1 +# define EVP_CIPHER_block_size_CFB 1 +# define EVP_CIPHER_block_size_CTR 1 /* * Declaring so many ciphers by hand would be a pain. Instead introduce a bit * of preprocessor magic :-) */ -# define DECLARE_AES_EVP(ksize,lmode,umode) \ +# define DECLARE_AES_EVP(ksize,lmode,umode) \ static EVP_CIPHER *_hidden_aes_##ksize##_##lmode = NULL; \ static const EVP_CIPHER *padlock_aes_##ksize##_##lmode(void) \ { \ @@ -626,12 +625,12 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, AES_set_decrypt_key(key, key_len, &cdata->ks); else AES_set_encrypt_key(key, key_len, &cdata->ks); -# ifndef AES_ASM +# ifndef AES_ASM /* * OpenSSL C functions use byte-swapped extended key. */ padlock_key_bswap(&cdata->ks); -# endif +# endif cdata->cword.b.keygen = 1; break; @@ -714,12 +713,10 @@ static RAND_METHOD padlock_rand = { padlock_rand_status, /* rand status */ }; -# endif /* COMPILE_HW_PADLOCK */ -# endif /* !OPENSSL_NO_HW_PADLOCK */ -#endif /* !OPENSSL_NO_HW */ +# endif /* COMPILE_PADLOCKENG */ +#endif /* !OPENSSL_NO_PADLOCKENG */ -#if defined(OPENSSL_NO_HW) || defined(OPENSSL_NO_HW_PADLOCK) \ - || !defined(COMPILE_HW_PADLOCK) +#if defined(OPENSSL_NO_PADLOCKENG) || !defined(COMPILE_PADLOCKENG) # ifndef OPENSSL_NO_DYNAMIC_ENGINE OPENSSL_EXPORT int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); From levitte at openssl.org Tue Mar 5 07:54:24 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 05 Mar 2019 07:54:24 +0000 Subject: [openssl] master update Message-ID: <1551772464.152695.7820.nullmailer@dev.openssl.org> The branch master has been updated via ce506d27ab5e7d17dfe3fe649768a0d19b6c86ee (commit) via 9b542d72d2e7d4893a11b2e87628d9ac8637b954 (commit) from 469ce8ff48ef06b2e508d0c06a42ec86379b0032 (commit) - Log ----------------------------------------------------------------- commit ce506d27ab5e7d17dfe3fe649768a0d19b6c86ee Author: Richard Levitte Date: Sun Mar 3 10:27:10 2019 +0100 testutil: ensure good treatment of argv on non-Unix platforms From a Unix point of view, some other platform families have certain quirks. Windows command prompt doesn't expand globs into actual file names, so we must do this. VMS has some oddity with argv pointer size that can cause crashes if you're not careful (by copying it to a less surprising pointer size array). The fixups already exist and are used in the apps/ code. However, the testutil code started using the opt routines from apps/ without including the non-Unix fixups. This change fixes that. For VMS' sake, libtestutil gets an app_malloc() shim, to avoid sucking in all of apps/apps.c. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8381) commit 9b542d72d2e7d4893a11b2e87628d9ac8637b954 Author: Richard Levitte Date: Sun Mar 3 10:20:37 2019 +0100 VMS: move copy_argc to its own module and make it an aux source copy_argv was never initialization code. Make it self-cleaning too. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8381) ----------------------------------------------------------------------- Summary of changes: Configurations/10-main.conf | 2 +- apps/include/apps.h | 13 +------ apps/include/platform.h | 32 +++++++++++++++++ apps/openssl.c | 4 +-- apps/vms_decc_argv.c | 67 ++++++++++++++++++++++++++++++++++++ apps/vms_decc_init.c | 38 -------------------- test/build.info | 5 ++- test/testutil/{init.c => apps_mem.c} | 12 ++++--- test/testutil/driver.c | 12 +++++++ 9 files changed, 126 insertions(+), 59 deletions(-) create mode 100644 apps/include/platform.h create mode 100644 apps/vms_decc_argv.c copy test/testutil/{init.c => apps_mem.c} (53%) diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf index 8b758a0..0e3afd3 100644 --- a/Configurations/10-main.conf +++ b/Configurations/10-main.conf @@ -1725,7 +1725,7 @@ my %targets = ( disable => add('pinshared'), - apps_aux_src => "vms_term_sock.c", + apps_aux_src => "vms_term_sock.c vms_decc_argv.c", apps_init_src => "vms_decc_init.c", }, diff --git a/apps/include/apps.h b/apps/include/apps.h index da8eae2..59e3e92 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -32,6 +32,7 @@ # include "apps_ui.h" # include "opt.h" # include "fmt.h" +# include "platform.h" # if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE) # define openssl_fdset(a,b) FD_SET((unsigned int)a, b) @@ -97,18 +98,6 @@ typedef struct args_st { char **argv; } ARGS; -/* - * VMS C only for now, implemented in vms_decc_init.c - * If other C compilers forget to terminate argv with NULL, this function - * can be re-used. - */ -char **copy_argv(int *argc, char *argv[]); -/* - * Win32-specific argv initialization that splits OS-supplied UNICODE - * command line string to array of UTF8-encoded strings. - */ -void win32_utf8argv(int *argc, char **argv[]); - /* We need both wrap and the "real" function because libcrypto uses both. */ int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data); diff --git a/apps/include/platform.h b/apps/include/platform.h new file mode 100644 index 0000000..49276b6 --- /dev/null +++ b/apps/include/platform.h @@ -0,0 +1,32 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_PLATFORM_H +# define HEADER_PLATFORM_H + +# include + +# if defined(OPENSSL_SYS_VMS) && defined(__DECC) +/* + * VMS C only for now, implemented in vms_decc_init.c + * If other C compilers forget to terminate argv with NULL, this function + * can be re-used. + */ +char **copy_argv(int *argc, char *argv[]); +# endif + +# ifdef _WIN32 +/* + * Win32-specific argv initialization that splits OS-supplied UNICODE + * command line string to array of UTF8-encoded strings. + */ +void win32_utf8argv(int *argc, char **argv[]); +# endif + +#endif diff --git a/apps/openssl.c b/apps/openssl.c index 3747b1a..6b63b36 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -121,7 +121,6 @@ int main(int argc, char *argv[]) { FUNCTION f, *fp; LHASH_OF(FUNCTION) *prog = NULL; - char **copied_argv = NULL; char *p, *pname; char buf[1024]; const char *prompt; @@ -138,7 +137,7 @@ int main(int argc, char *argv[]) bio_err = dup_bio_err(FORMAT_TEXT); #if defined(OPENSSL_SYS_VMS) && defined(__DECC) - copied_argv = argv = copy_argv(&argc, argv); + argv = copy_argv(&argc, argv); #elif defined(_WIN32) /* * Replace argv[] with UTF-8 encoded strings. @@ -252,7 +251,6 @@ int main(int argc, char *argv[]) } ret = 1; end: - OPENSSL_free(copied_argv); OPENSSL_free(default_config_file); lh_FUNCTION_free(prog); OPENSSL_free(arg.argv); diff --git a/apps/vms_decc_argv.c b/apps/vms_decc_argv.c new file mode 100644 index 0000000..932b51a --- /dev/null +++ b/apps/vms_decc_argv.c @@ -0,0 +1,67 @@ +/* + * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "platform.h" /* for copy_argv() */ +#include "apps.h" /* for app_malloc() */ + +char **newargv = NULL; + +static void cleanup_argv(void) +{ + OPENSSL_free(newargv); + newargv = NULL; +} + +char **copy_argv(int *argc, char *argv[]) +{ + /*- + * The note below is for historical purpose. On VMS now we always + * copy argv "safely." + * + * 2011-03-22 SMS. + * If we have 32-bit pointers everywhere, then we're safe, and + * we bypass this mess, as on non-VMS systems. + * Problem 1: Compaq/HP C before V7.3 always used 32-bit + * pointers for argv[]. + * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers + * everywhere else, we always allocate and use a 64-bit + * duplicate of argv[]. + * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed + * to NULL-terminate a 64-bit argv[]. (As this was written, the + * compiler ECO was available only on IA64.) + * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a + * 64-bit argv[argc] for NULL, and, if necessary, use a + * (properly) NULL-terminated (64-bit) duplicate of argv[]. + * The same code is used in either case to duplicate argv[]. + * Some of these decisions could be handled in preprocessing, + * but the code tends to get even uglier, and the penalty for + * deciding at compile- or run-time is tiny. + */ + + int i, count = *argc; + char **p = newargv; + + cleanup_argv(); + + newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy"); + if (newargv == NULL) + return NULL; + + /* Register automatic cleanup on first use */ + if (p == NULL) + OPENSSL_atexit(cleanup_argv); + + for (i = 0; i < count; i++) + newargv[i] = argv[i]; + newargv[i] = NULL; + *argc = i; + return newargv; +} diff --git a/apps/vms_decc_init.c b/apps/vms_decc_init.c index c26442e..21481e2 100644 --- a/apps/vms_decc_init.c +++ b/apps/vms_decc_init.c @@ -25,8 +25,6 @@ # include # include -# include "apps.h" - /* Global storage. */ /* Flag to sense if decc_init() was called. */ @@ -63,42 +61,6 @@ decc_feat_t decc_feat_array[] = { }; -char **copy_argv(int *argc, char *argv[]) -{ - /*- - * The note below is for historical purpose. On VMS now we always - * copy argv "safely." - * - * 2011-03-22 SMS. - * If we have 32-bit pointers everywhere, then we're safe, and - * we bypass this mess, as on non-VMS systems. - * Problem 1: Compaq/HP C before V7.3 always used 32-bit - * pointers for argv[]. - * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers - * everywhere else, we always allocate and use a 64-bit - * duplicate of argv[]. - * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed - * to NULL-terminate a 64-bit argv[]. (As this was written, the - * compiler ECO was available only on IA64.) - * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a - * 64-bit argv[argc] for NULL, and, if necessary, use a - * (properly) NULL-terminated (64-bit) duplicate of argv[]. - * The same code is used in either case to duplicate argv[]. - * Some of these decisions could be handled in preprocessing, - * but the code tends to get even uglier, and the penalty for - * deciding at compile- or run-time is tiny. - */ - - int i, count = *argc; - char **newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy"); - - for (i = 0; i < count; i++) - newargv[i] = argv[i]; - newargv[i] = NULL; - *argc = i; - return newargv; -} - /* LIB$INITIALIZE initialization function. */ static void decc_init(void) diff --git a/test/build.info b/test/build.info index 1a47463..372f9be 100644 --- a/test/build.info +++ b/test/build.info @@ -6,6 +6,8 @@ SUBDIRS=ossl_shim my ($base, $files) = @_; return join(" ", map { "$base/$_" } split(/\s+/, $files)); } + our $apps_aux_src = + join(' ', map { "../apps/$_" } split(/\s+/, $target{apps_aux_src})); "" -} IF[{- !$disabled{tests} -}] @@ -14,7 +16,8 @@ IF[{- !$disabled{tests} -}] testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \ testutil/format_output.c testutil/tap_bio.c \ testutil/test_cleanup.c testutil/main.c testutil/init.c \ - testutil/options.c testutil/test_options.c ../apps/opt.c + testutil/options.c testutil/test_options.c \ + testutil/apps_mem.c ../apps/opt.c {- $apps_aux_src; -} INCLUDE[libtestutil.a]=../include ../apps/include .. DEPEND[libtestutil.a]=../libcrypto diff --git a/test/testutil/init.c b/test/testutil/apps_mem.c similarity index 53% copy from test/testutil/init.c copy to test/testutil/apps_mem.c index 4415902..fa60bc6 100644 --- a/test/testutil/init.c +++ b/test/testutil/apps_mem.c @@ -1,5 +1,5 @@ /* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,9 +7,13 @@ * https://www.openssl.org/source/license.html */ -#include "../testutil.h" +#include "apps.h" -int global_init(void) +/* shim that avoids sucking in too much from apps/apps.c */ + +void* app_malloc(int sz, const char *what) { - return 1; + void *vp = OPENSSL_malloc(sz); + + return vp; } diff --git a/test/testutil/driver.c b/test/testutil/driver.c index df62625..10d74e2 100644 --- a/test/testutil/driver.c +++ b/test/testutil/driver.c @@ -17,6 +17,8 @@ #include "internal/nelem.h" #include +#include "platform.h" /* From libapps */ + #ifdef _WIN32 # define strdup _strdup #endif @@ -132,6 +134,16 @@ int setup_test_framework(int argc, char *argv[]) CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); } #endif + +#if defined(OPENSSL_SYS_VMS) && defined(__DECC) + argv = copy_argv(&argc, argv); +#elif defined(_WIN32) + /* + * Replace argv[] with UTF-8 encoded strings. + */ + win32_utf8argv(&argc, &argv); +#endif + if (!opt_init(argc, argv, test_get_options())) return 0; return 1; From levitte at openssl.org Tue Mar 5 07:57:05 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 05 Mar 2019 07:57:05 +0000 Subject: [openssl] master update Message-ID: <1551772625.931548.10544.nullmailer@dev.openssl.org> The branch master has been updated via ff825807bc9bda996058df070f8ec23f7167e1a6 (commit) from ce506d27ab5e7d17dfe3fe649768a0d19b6c86ee (commit) - Log ----------------------------------------------------------------- commit ff825807bc9bda996058df070f8ec23f7167e1a6 Author: Richard Levitte Date: Fri Mar 1 14:15:13 2019 +0100 VMS: fix util/[un]local.com.in to handle attributes Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8382) ----------------------------------------------------------------------- Summary of changes: util/local_shlib.com.in | 6 +++++- util/unlocal_shlib.com.in | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/util/local_shlib.com.in b/util/local_shlib.com.in index b3484e1..2e2eaa6 100644 --- a/util/local_shlib.com.in +++ b/util/local_shlib.com.in @@ -1,7 +1,11 @@ ${- + use File::Spec::Functions qw(rel2abs); + + my $bldtop = rel2abs($config{builddir}); our %names = ( map { platform->sharedname($_) => $bldtop.platform->sharedlib($_) } - @{$unified_info{install}->{libraries}} ); + grep { !$unified_info{attributes}->{$_}->{noinst} } + @{$unified_info{libraries}} ); "" -} $ ! Create a local environment with the shared library logical names $ ! properly set. Undo this with unlocal_shlib.com diff --git a/util/unlocal_shlib.com.in b/util/unlocal_shlib.com.in index f9ae76b..feade87 100644 --- a/util/unlocal_shlib.com.in +++ b/util/unlocal_shlib.com.in @@ -1,7 +1,11 @@ ${- + use File::Spec::Functions qw(rel2abs); + + my $bldtop = rel2abs($config{builddir}); our %names = ( map { platform->sharedname($_) => $bldtop.platform->sharedlib($_) } - @{$unified_info{install}->{libraries}} ); + grep { !$unified_info{attributes}->{$_}->{noinst} } + @{$unified_info{libraries}} ); "" -} $ ! Remove the local environment created by local_shlib.com $ From builds at travis-ci.org Tue Mar 5 08:06:04 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 08:06:04 +0000 Subject: Still Failing: openssl/openssl#23715 (master - 469ce8f) In-Reply-To: Message-ID: <5c7e2dec65028_43f9f4affc2f094489@4de85baf-504b-4302-8f17-524fae8b85f7.mail> Build Update for openssl/openssl ------------------------------------- Build: #23715 Status: Still Failing Duration: 17 mins and 51 secs Commit: 469ce8f (master) Author: Richard Levitte Message: Deprecate the "hw" configuration options, make "padlockeng" disablable The "hw" and "hw-.*" style options are historical artifacts, sprung from the time when ENGINE was first designed, with hardware crypto accelerators and HSMs in mind. Today, these options have largely lost their value, replaced by options such as "no-{foo}eng" and "no-engine". This completes the transition by making "hw" and "hw-.*" deprecated, but automatically translated into more modern variants of the same. In the process, we get rid of the last regular expression in Configure's @disablables, a feature that was ill supported anyway. Also, padlock now gets treated just as every other engine. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8380) View the changeset: https://github.com/openssl/openssl/compare/e3b35d2b29e9...469ce8ff48ef View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501901894?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Mar 5 08:26:20 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 05 Mar 2019 08:26:20 +0000 Subject: [openssl] master update Message-ID: <1551774380.973713.32514.nullmailer@dev.openssl.org> The branch master has been updated via 284d19c2ced0264bd46de61718aa4a60efa8d175 (commit) via 26a053d195d5cc8a5cd648da3f05d3ff0e47f776 (commit) via ac4033d658e4dc210ed4552b88069b57532ba3d7 (commit) from ff825807bc9bda996058df070f8ec23f7167e1a6 (commit) - Log ----------------------------------------------------------------- commit 284d19c2ced0264bd46de61718aa4a60efa8d175 Author: Richard Levitte Date: Fri Mar 1 11:54:07 2019 +0100 Add advice on setting CXX at the same time as CC Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8370) commit 26a053d195d5cc8a5cd648da3f05d3ff0e47f776 Author: Richard Levitte Date: Thu Feb 28 13:35:32 2019 +0100 Travis: use enable-buildtest-c++ Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8370) commit ac4033d658e4dc210ed4552b88069b57532ba3d7 Author: Richard Levitte Date: Thu Feb 28 13:28:43 2019 +0100 Configure: make C++ build tests optional and configurable Disabled by default Fixes #8360 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8370) ----------------------------------------------------------------------- Summary of changes: .travis.yml | 2 +- CHANGES | 8 ++++++++ Configure | 6 ++++-- INSTALL | 18 ++++++++++++++++++ test/build.info | 2 +- test/certs/root-ed25519.privkey.pem | 3 +++ test/certs/root-ed25519.pubkey.pem | 3 +++ 7 files changed, 38 insertions(+), 4 deletions(-) create mode 100644 test/certs/root-ed25519.privkey.pem create mode 100644 test/certs/root-ed25519.pubkey.pem diff --git a/.travis.yml b/.travis.yml index 3184308..c79040d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,7 +28,7 @@ compiler: env: - CONFIG_OPTS="" DESTDIR="_install" - CONFIG_OPTS="no-asm -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2" - - CONFIG_OPTS="no-asm no-makedepend --strict-warnings -D_DEFAULT_SOURCE" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes" CPPFLAGS="-ansi" + - CONFIG_OPTS="no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes" CPPFLAGS="-ansi" matrix: include: diff --git a/CHANGES b/CHANGES index 5fcf667..ff61ff4 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,14 @@ Changes between 1.1.1 and 3.0.0 [xx XXX xxxx] + *) Added build tests for C++. These are generated files that only do one + thing, to include one public OpenSSL head file each. This tests that + the public header files can be usefully included in a C++ application. + + This test isn't enabled by default. It can be enabled with the option + 'enable-buildtest-c++'. + [Richard Levitte] + *) Added property based algorithm implementation selection framework to the core. [Paul Dale] diff --git a/Configure b/Configure index 0c9037b..707e8b9 100755 --- a/Configure +++ b/Configure @@ -341,6 +341,7 @@ my @disablables = ( "autoload-config", "bf", "blake2", + "buildtest-c++", "camellia", "capieng", "cast", @@ -444,6 +445,7 @@ my %deprecated_disablables = ( our %disabled = ( # "what" => "comment" "asan" => "default", + "buildtest-c++" => "default", "crypto-mdebug" => "default", "crypto-mdebug-backtrace" => "default", "devcryptoeng" => "default", @@ -1208,8 +1210,8 @@ foreach my $what (sort keys %disabled) { $config{options} .= " no-$what"; - if (!grep { $what eq $_ } ( 'dso', 'threads', 'shared', 'pic', - 'dynamic-engine', 'makedepend', + if (!grep { $what eq $_ } ( 'buildtest-c++', 'dso', 'threads', 'shared', + 'pic', 'dynamic-engine', 'makedepend', 'zlib-dynamic', 'zlib', 'sse2' )) { (my $WHAT = uc $what) =~ s|-|_|g; my $skipdir = $what; diff --git a/INSTALL b/INSTALL index be0ce9d..d8c5dc5 100644 --- a/INSTALL +++ b/INSTALL @@ -296,6 +296,19 @@ Typically OpenSSL will automatically load a system config file which configures default ssl options. + enable-buildtest-c++ + While testing, generate C++ buildtest files that + simply check that the public OpenSSL header files + are usable standalone with C++. + + Enabling this option demands extra care. For any + compiler flag given directly as configuration + option, you must ensure that it's valid for both + the C and the C++ compiler. If not, the C++ build + test will most likely break. As an alternative, + you can use the language specific variables, CFLAGS + and CXXFLAGS. + no-capieng Don't build the CAPI engine. This option will be forced if on a platform that does not support CAPI. @@ -676,6 +689,11 @@ CC=gcc CROSS_COMPILE=x86_64-w64-mingw32- \ ./config -DCOOKIE + If CC is set, it is advisable to also set CXX to ensure + both C and C++ compilers are in the same "family". This + becomes relevant with 'enable-external-tests' and + 'enable-buildtest-c++'. + reconf reconfigure Reconfigure from earlier data. This fetches the previous diff --git a/test/build.info b/test/build.info index 372f9be..5bf6fd0 100644 --- a/test/build.info +++ b/test/build.info @@ -602,7 +602,7 @@ ENDIF INCLUDE[buildtest_c_$name]=../include DEPEND[buildtest_c_$name]=../libssl ../libcrypto _____ - $OUT .= <<"_____" if $config{CXX}; + $OUT .= <<"_____" if $config{CXX} && !$disabled{"buildtest-c++"}; PROGRAMS{noinst}=buildtest_cc_$name SOURCE[buildtest_cc_$name]=buildtest_$name.cc diff --git a/test/certs/root-ed25519.privkey.pem b/test/certs/root-ed25519.privkey.pem new file mode 100644 index 0000000..e447080 --- /dev/null +++ b/test/certs/root-ed25519.privkey.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC +-----END PRIVATE KEY----- diff --git a/test/certs/root-ed25519.pubkey.pem b/test/certs/root-ed25519.pubkey.pem new file mode 100644 index 0000000..41b0218 --- /dev/null +++ b/test/certs/root-ed25519.pubkey.pem @@ -0,0 +1,3 @@ +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE= +-----END PUBLIC KEY----- From builds at travis-ci.org Tue Mar 5 08:33:17 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 08:33:17 +0000 Subject: Still Failing: openssl/openssl#23718 (master - ff82580) In-Reply-To: Message-ID: <5c7e344cc7c28_43fc3fd423dc012626b@5e79a769-92b8-4757-a615-1da5c2bbb652.mail> Build Update for openssl/openssl ------------------------------------- Build: #23718 Status: Still Failing Duration: 23 mins and 12 secs Commit: ff82580 (master) Author: Richard Levitte Message: VMS: fix util/[un]local.com.in to handle attributes Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8382) View the changeset: https://github.com/openssl/openssl/compare/ce506d27ab5e...ff825807bc9b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501905111?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Tue Mar 5 08:52:49 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 08:52:49 +0000 Subject: Still Failing: openssl/openssl#23721 (master - 284d19c) In-Reply-To: Message-ID: <5c7e38e14a3c6_43f9a21092054280758@575026d3-446b-4542-b936-9481ae36b63f.mail> Build Update for openssl/openssl ------------------------------------- Build: #23721 Status: Still Failing Duration: 22 mins and 24 secs Commit: 284d19c (master) Author: Richard Levitte Message: Add advice on setting CXX at the same time as CC Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8370) View the changeset: https://github.com/openssl/openssl/compare/ff825807bc9b...284d19c2ced0 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501914048?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Tue Mar 5 08:25:15 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 08:25:15 +0000 Subject: Still Failing: openssl/openssl#23717 (master - ce506d2) In-Reply-To: Message-ID: <5c7e326b1ec93_43fb91ef0b4c0154156@2e453755-0f65-423f-ba98-146461a91422.mail> Build Update for openssl/openssl ------------------------------------- Build: #23717 Status: Still Failing Duration: 22 mins and 21 secs Commit: ce506d2 (master) Author: Richard Levitte Message: testutil: ensure good treatment of argv on non-Unix platforms >From a Unix point of view, some other platform families have certain quirks. Windows command prompt doesn't expand globs into actual file names, so we must do this. VMS has some oddity with argv pointer size that can cause crashes if you're not careful (by copying it to a less surprising pointer size array). The fixups already exist and are used in the apps/ code. However, the testutil code started using the opt routines from apps/ without including the non-Unix fixups. This change fixes that. For VMS' sake, libtestutil gets an app_malloc() shim, to avoid sucking in all of apps/apps.c. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8381) View the changeset: https://github.com/openssl/openssl/compare/469ce8ff48ef...ce506d27ab5e View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501904423?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Mar 5 09:18:08 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 05 Mar 2019 09:18:08 +0000 Subject: Build failed: openssl master.23122 Message-ID: <20190305091808.1.EA9BBE1300E0399E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Mar 5 09:27:51 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 05 Mar 2019 09:27:51 +0000 Subject: Build failed: openssl master.23125 Message-ID: <20190305092751.1.F05C9760C75B3EE4@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Tue Mar 5 14:32:18 2019 From: matt at openssl.org (Matt Caswell) Date: Tue, 05 Mar 2019 14:32:18 +0000 Subject: [openssl] master update Message-ID: <1551796338.949168.24997.nullmailer@dev.openssl.org> The branch master has been updated via c96ce52ce293785b54a42d119c457aef739cc2ce (commit) from 284d19c2ced0264bd46de61718aa4a60efa8d175 (commit) - Log ----------------------------------------------------------------- commit c96ce52ce293785b54a42d119c457aef739cc2ce Author: Matt Caswell Date: Fri Mar 1 15:40:20 2019 +0000 Don't write the tick_identity to the session Sessions must be immutable once they can be shared with multiple threads. We were breaking that rule by writing the ticket index into it during the handshake. This can lead to incorrect behaviour, including failed connections in multi-threaded environments. Reported by David Benjamin. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8383) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_locl.h | 11 +++++++---- ssl/statem/extensions.c | 2 -- ssl/statem/extensions_clnt.c | 36 +++++++++++++++++++++++------------- ssl/statem/extensions_srvr.c | 4 ++-- ssl/statem/statem_clnt.c | 5 +---- 5 files changed, 33 insertions(+), 25 deletions(-) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index ae6417b..a51cc6c 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -578,7 +578,6 @@ struct ssl_session_st { /* Session lifetime hint in seconds */ unsigned long tick_lifetime_hint; uint32_t tick_age_add; - int tick_identity; /* Max number of bytes that can be sent as early data */ uint32_t max_early_data; /* The ALPN protocol selected for this session */ @@ -1364,6 +1363,13 @@ struct ssl_st { * as this extension is optional on server side. */ uint8_t max_fragment_len_mode; + + /* + * On the client side the number of ticket identities we sent in the + * ClientHello. On the server side the identity of the ticket we + * selected. + */ + int tick_identity; } ext; /* @@ -2064,9 +2070,6 @@ typedef enum downgrade_en { #define TLSEXT_KEX_MODE_FLAG_KE 1 #define TLSEXT_KEX_MODE_FLAG_KE_DHE 2 -/* An invalid index into the TLSv1.3 PSK identities */ -#define TLSEXT_PSK_BAD_IDENTITY -1 - #define SSL_USE_PSS(s) (s->s3->tmp.peer_sigalg != NULL && \ s->s3->tmp.peer_sigalg->sig == EVP_PKEY_RSA_PSS) diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 60d4da0..dcf2bfe 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -989,7 +989,6 @@ static int final_server_name(SSL *s, unsigned int context, int sent) ss->ext.ticklen = 0; ss->ext.tick_lifetime_hint = 0; ss->ext.tick_age_add = 0; - ss->ext.tick_identity = 0; if (!ssl_generate_session_id(s, ss)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_FINAL_SERVER_NAME, ERR_R_INTERNAL_ERROR); @@ -1645,7 +1644,6 @@ static int final_early_data(SSL *s, unsigned int context, int sent) if (s->max_early_data == 0 || !s->hit - || s->session->ext.tick_identity != 0 || s->early_data_state != SSL_EARLY_DATA_ACCEPTING || !s->ext.early_data_ok || s->hello_retry_request != SSL_HRR_NONE diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index f01e9ee..9d7a4f8 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -996,7 +996,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, const EVP_MD *handmd = NULL, *mdres = NULL, *mdpsk = NULL; int dores = 0; - s->session->ext.tick_identity = TLSEXT_PSK_BAD_IDENTITY; + s->ext.tick_identity = 0; /* * Note: At this stage of the code we only support adding a single @@ -1086,6 +1086,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, agems += s->session->ext.tick_age_add; reshashsize = EVP_MD_size(mdres); + s->ext.tick_identity++; dores = 1; } @@ -1145,6 +1146,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, ERR_R_INTERNAL_ERROR); return EXT_RETURN_FAIL; } + s->ext.tick_identity++; } if (!WPACKET_close(pkt) @@ -1183,11 +1185,6 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, return EXT_RETURN_FAIL; } - if (dores) - s->session->ext.tick_identity = 0; - if (s->psksession != NULL) - s->psksession->ext.tick_identity = (dores ? 1 : 0); - return EXT_RETURN_SENT; #else return EXT_RETURN_NOT_SENT; @@ -1932,8 +1929,7 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context, } if (!s->ext.early_data_ok - || !s->hit - || s->session->ext.tick_identity != 0) { + || !s->hit) { /* * If we get here then we didn't send early data, or we didn't resume * using the first identity, or the SNI/ALPN is not consistent so the @@ -1961,17 +1957,28 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - if (s->session->ext.tick_identity == (int)identity) { + if (identity >= (unsigned int)s->ext.tick_identity) { + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_PSK, + SSL_R_BAD_PSK_IDENTITY); + return 0; + } + + /* + * Session resumption tickets are always sent before PSK tickets. If the + * ticket index is 0 then it must be for a session resumption ticket if we + * sent two tickets, or if we didn't send a PSK ticket. + */ + if (identity == 0 && (s->psksession == NULL || s->ext.tick_identity == 2)) { s->hit = 1; SSL_SESSION_free(s->psksession); s->psksession = NULL; return 1; } - if (s->psksession == NULL - || s->psksession->ext.tick_identity != (int)identity) { - SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_PSK, - SSL_R_BAD_PSK_IDENTITY); + if (s->psksession == NULL) { + /* Should never happen */ + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_PSK, + ERR_R_INTERNAL_ERROR); return 0; } @@ -1990,6 +1997,9 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->session = s->psksession; s->psksession = NULL; s->hit = 1; + /* Early data is only allowed if we used the first ticket */ + if (identity != 0) + s->ext.early_data_ok = 0; #endif return 1; diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 73ceadc..7b1c5c9 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1277,7 +1277,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, goto err; } - sess->ext.tick_identity = id; + s->ext.tick_identity = id; SSL_SESSION_free(s->session); s->session = sess; @@ -1951,7 +1951,7 @@ EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context, if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_psk) || !WPACKET_start_sub_packet_u16(pkt) - || !WPACKET_put_bytes_u16(pkt, s->session->ext.tick_identity) + || !WPACKET_put_bytes_u16(pkt, s->ext.tick_identity) || !WPACKET_close(pkt)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_PSK, ERR_R_INTERNAL_ERROR); diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 1f55113..2a9b737 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1613,10 +1613,7 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) * so the PAC-based session secret is always preserved. It'll be * overwritten if the server refuses resumption. */ - if (s->session->session_id_length > 0 - || (SSL_IS_TLS13(s) - && s->session->ext.tick_identity - != TLSEXT_PSK_BAD_IDENTITY)) { + if (s->session->session_id_length > 0) { tsan_counter(&s->session_ctx->stats.sess_miss); if (!ssl_get_new_session(s, 0)) { /* SSLfatal() already called */ From matt at openssl.org Tue Mar 5 14:32:33 2019 From: matt at openssl.org (Matt Caswell) Date: Tue, 05 Mar 2019 14:32:33 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551796353.728989.25971.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via c9a826d28f8211e86b3b866809e1b30a2de48740 (commit) from 99f0c7a8a6999e2f78fc065e4da78643ae14c14c (commit) - Log ----------------------------------------------------------------- commit c9a826d28f8211e86b3b866809e1b30a2de48740 Author: Matt Caswell Date: Fri Mar 1 15:40:20 2019 +0000 Don't write the tick_identity to the session Sessions must be immutable once they can be shared with multiple threads. We were breaking that rule by writing the ticket index into it during the handshake. This can lead to incorrect behaviour, including failed connections in multi-threaded environments. Reported by David Benjamin. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8383) (cherry picked from commit c96ce52ce293785b54a42d119c457aef739cc2ce) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_locl.h | 11 +++++++---- ssl/statem/extensions.c | 2 -- ssl/statem/extensions_clnt.c | 36 +++++++++++++++++++++++------------- ssl/statem/extensions_srvr.c | 4 ++-- ssl/statem/statem_clnt.c | 5 +---- 5 files changed, 33 insertions(+), 25 deletions(-) diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index f326399..33db146 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -574,7 +574,6 @@ struct ssl_session_st { /* Session lifetime hint in seconds */ unsigned long tick_lifetime_hint; uint32_t tick_age_add; - int tick_identity; /* Max number of bytes that can be sent as early data */ uint32_t max_early_data; /* The ALPN protocol selected for this session */ @@ -1356,6 +1355,13 @@ struct ssl_st { * as this extension is optional on server side. */ uint8_t max_fragment_len_mode; + + /* + * On the client side the number of ticket identities we sent in the + * ClientHello. On the server side the identity of the ticket we + * selected. + */ + int tick_identity; } ext; /* @@ -2052,9 +2058,6 @@ typedef enum downgrade_en { #define TLSEXT_KEX_MODE_FLAG_KE 1 #define TLSEXT_KEX_MODE_FLAG_KE_DHE 2 -/* An invalid index into the TLSv1.3 PSK identities */ -#define TLSEXT_PSK_BAD_IDENTITY -1 - #define SSL_USE_PSS(s) (s->s3->tmp.peer_sigalg != NULL && \ s->s3->tmp.peer_sigalg->sig == EVP_PKEY_RSA_PSS) diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index c3d3441..b27608c 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -989,7 +989,6 @@ static int final_server_name(SSL *s, unsigned int context, int sent) ss->ext.ticklen = 0; ss->ext.tick_lifetime_hint = 0; ss->ext.tick_age_add = 0; - ss->ext.tick_identity = 0; if (!ssl_generate_session_id(s, ss)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_FINAL_SERVER_NAME, ERR_R_INTERNAL_ERROR); @@ -1646,7 +1645,6 @@ static int final_early_data(SSL *s, unsigned int context, int sent) if (s->max_early_data == 0 || !s->hit - || s->session->ext.tick_identity != 0 || s->early_data_state != SSL_EARLY_DATA_ACCEPTING || !s->ext.early_data_ok || s->hello_retry_request != SSL_HRR_NONE diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index ab4dbf6..012e687 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -993,7 +993,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, const EVP_MD *handmd = NULL, *mdres = NULL, *mdpsk = NULL; int dores = 0; - s->session->ext.tick_identity = TLSEXT_PSK_BAD_IDENTITY; + s->ext.tick_identity = 0; /* * Note: At this stage of the code we only support adding a single @@ -1083,6 +1083,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, agems += s->session->ext.tick_age_add; reshashsize = EVP_MD_size(mdres); + s->ext.tick_identity++; dores = 1; } @@ -1142,6 +1143,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, ERR_R_INTERNAL_ERROR); return EXT_RETURN_FAIL; } + s->ext.tick_identity++; } if (!WPACKET_close(pkt) @@ -1180,11 +1182,6 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, return EXT_RETURN_FAIL; } - if (dores) - s->session->ext.tick_identity = 0; - if (s->psksession != NULL) - s->psksession->ext.tick_identity = (dores ? 1 : 0); - return EXT_RETURN_SENT; #else return EXT_RETURN_NOT_SENT; @@ -1927,8 +1924,7 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context, } if (!s->ext.early_data_ok - || !s->hit - || s->session->ext.tick_identity != 0) { + || !s->hit) { /* * If we get here then we didn't send early data, or we didn't resume * using the first identity, or the SNI/ALPN is not consistent so the @@ -1956,17 +1952,28 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - if (s->session->ext.tick_identity == (int)identity) { + if (identity >= (unsigned int)s->ext.tick_identity) { + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_PSK, + SSL_R_BAD_PSK_IDENTITY); + return 0; + } + + /* + * Session resumption tickets are always sent before PSK tickets. If the + * ticket index is 0 then it must be for a session resumption ticket if we + * sent two tickets, or if we didn't send a PSK ticket. + */ + if (identity == 0 && (s->psksession == NULL || s->ext.tick_identity == 2)) { s->hit = 1; SSL_SESSION_free(s->psksession); s->psksession = NULL; return 1; } - if (s->psksession == NULL - || s->psksession->ext.tick_identity != (int)identity) { - SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_PSK, - SSL_R_BAD_PSK_IDENTITY); + if (s->psksession == NULL) { + /* Should never happen */ + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_PSK, + ERR_R_INTERNAL_ERROR); return 0; } @@ -1985,6 +1992,9 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->session = s->psksession; s->psksession = NULL; s->hit = 1; + /* Early data is only allowed if we used the first ticket */ + if (identity != 0) + s->ext.early_data_ok = 0; #endif return 1; diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 0f2b223..c5ced14 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1274,7 +1274,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, goto err; } - sess->ext.tick_identity = id; + s->ext.tick_identity = id; SSL_SESSION_free(s->session); s->session = sess; @@ -1948,7 +1948,7 @@ EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context, if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_psk) || !WPACKET_start_sub_packet_u16(pkt) - || !WPACKET_put_bytes_u16(pkt, s->session->ext.tick_identity) + || !WPACKET_put_bytes_u16(pkt, s->ext.tick_identity) || !WPACKET_close(pkt)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_PSK, ERR_R_INTERNAL_ERROR); diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index e56d24d..87800cd 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1613,10 +1613,7 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) * so the PAC-based session secret is always preserved. It'll be * overwritten if the server refuses resumption. */ - if (s->session->session_id_length > 0 - || (SSL_IS_TLS13(s) - && s->session->ext.tick_identity - != TLSEXT_PSK_BAD_IDENTITY)) { + if (s->session->session_id_length > 0) { tsan_counter(&s->session_ctx->stats.sess_miss); if (!ssl_get_new_session(s, 0)) { /* SSLfatal() already called */ From builds at travis-ci.org Tue Mar 5 14:53:25 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 14:53:25 +0000 Subject: Still Failing: openssl/openssl#23737 (master - c96ce52) In-Reply-To: Message-ID: <5c7e8d64c6760_43f9f4affcb24219443@4de85baf-504b-4302-8f17-524fae8b85f7.mail> Build Update for openssl/openssl ------------------------------------- Build: #23737 Status: Still Failing Duration: 20 mins and 15 secs Commit: c96ce52 (master) Author: Matt Caswell Message: Don't write the tick_identity to the session Sessions must be immutable once they can be shared with multiple threads. We were breaking that rule by writing the ticket index into it during the handshake. This can lead to incorrect behaviour, including failed connections in multi-threaded environments. Reported by David Benjamin. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8383) View the changeset: https://github.com/openssl/openssl/compare/284d19c2ced0...c96ce52ce293 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/502059471?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Tue Mar 5 15:01:31 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 15:01:31 +0000 Subject: Still Failing: openssl/openssl#23738 (OpenSSL_1_1_1-stable - c9a826d) In-Reply-To: Message-ID: <5c7e8f4b5bfb4_43f9a2109955c354193@575026d3-446b-4542-b936-9481ae36b63f.mail> Build Update for openssl/openssl ------------------------------------- Build: #23738 Status: Still Failing Duration: 28 mins and 18 secs Commit: c9a826d (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Don't write the tick_identity to the session Sessions must be immutable once they can be shared with multiple threads. We were breaking that rule by writing the ticket index into it during the handshake. This can lead to incorrect behaviour, including failed connections in multi-threaded environments. Reported by David Benjamin. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8383) (cherry picked from commit c96ce52ce293785b54a42d119c457aef739cc2ce) View the changeset: https://github.com/openssl/openssl/compare/99f0c7a8a699...c9a826d28f82 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/502059511?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Mar 5 15:58:01 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 05 Mar 2019 15:58:01 +0000 Subject: Build failed: openssl master.23138 Message-ID: <20190305155801.1.F5205DD92ABE3A5B@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Mar 5 17:01:49 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 05 Mar 2019 17:01:49 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.23139 Message-ID: <20190305170149.1.8640E3DE33057B52@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Mar 5 19:53:20 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 05 Mar 2019 19:53:20 +0000 Subject: [openssl] master update Message-ID: <1551815600.873168.31336.nullmailer@dev.openssl.org> The branch master has been updated via 7120f1e7c74c8220f43fd28ac7303c0cab29dabe (commit) from c96ce52ce293785b54a42d119c457aef739cc2ce (commit) - Log ----------------------------------------------------------------- commit 7120f1e7c74c8220f43fd28ac7303c0cab29dabe Author: Richard Levitte Date: Tue Mar 5 18:38:16 2019 +0100 padlock: generate assembler source for static libraries too The GENERATE lines for generating the padlock assembler source were wrongly placed in such a way that they only applied to the shared library build. [extended tests] Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/8412) ----------------------------------------------------------------------- Summary of changes: engines/build.info | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/engines/build.info b/engines/build.info index e5001c4..16907da 100644 --- a/engines/build.info +++ b/engines/build.info @@ -20,9 +20,6 @@ IF[{- !$disabled{"engine"} -}] SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -} DEPEND[padlock]=../libcrypto INCLUDE[padlock]=../include - GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl \ - $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR) - GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) IF[{- defined $target{shared_defflag} -}] SHARED_SOURCE[padlock]=padlock.ld GENERATE[padlock.ld]=../util/engines.num @@ -75,4 +72,7 @@ IF[{- !$disabled{"engine"} -}] GENERATE[ossltest.ld]=../util/engines.num ENDIF ENDIF + GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl \ + $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR) + GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) ENDIF From builds at travis-ci.org Tue Mar 5 20:14:17 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 05 Mar 2019 20:14:17 +0000 Subject: Fixed: openssl/openssl#23754 (master - 7120f1e) In-Reply-To: Message-ID: <5c7ed897d242b_43f9f4a7192c83228d0@4de85baf-504b-4302-8f17-524fae8b85f7.mail> Build Update for openssl/openssl ------------------------------------- Build: #23754 Status: Fixed Duration: 20 mins and 10 secs Commit: 7120f1e (master) Author: Richard Levitte Message: padlock: generate assembler source for static libraries too The GENERATE lines for generating the padlock assembler source were wrongly placed in such a way that they only applied to the shared library build. [extended tests] Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/8412) View the changeset: https://github.com/openssl/openssl/compare/c96ce52ce293...7120f1e7c74c View the full build log and details: https://travis-ci.org/openssl/openssl/builds/502214250?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 6 06:08:58 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 06:08:58 +0000 Subject: Build failed: openssl master.23178 Message-ID: <20190306060858.1.929294E202705B0E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 6 06:34:44 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 06:34:44 +0000 Subject: Build completed: openssl master.23179 Message-ID: <20190306063444.1.816AF62D07C9F779@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Wed Mar 6 07:27:04 2019 From: pauli at openssl.org (Dr. Paul Dale) Date: Wed, 06 Mar 2019 07:27:04 +0000 Subject: [openssl] master update Message-ID: <1551857224.891633.30594.nullmailer@dev.openssl.org> The branch master has been updated via 8ab53b193a8e95bb2998744bc184146eb1ddcc23 (commit) from 7120f1e7c74c8220f43fd28ac7303c0cab29dabe (commit) - Log ----------------------------------------------------------------- commit 8ab53b193a8e95bb2998744bc184146eb1ddcc23 Author: Pauli Date: Wed Mar 6 13:50:54 2019 +1000 Make the sparse array code use ossl_uintmax_t as its index rather than size_t. This should never reduce the range covered and might increase it on some platforms. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8415) ----------------------------------------------------------------------- Summary of changes: crypto/include/internal/sparse_array.h | 23 +++++++++++++---------- crypto/property/property.c | 7 ++++--- crypto/sparse_array.c | 28 +++++++++++++++------------- doc/internal/man3/DEFINE_SPARSE_ARRAY_OF.pod | 15 +++++++++------ test/sparse_array_test.c | 16 ++++++++-------- 5 files changed, 49 insertions(+), 40 deletions(-) diff --git a/crypto/include/internal/sparse_array.h b/crypto/include/internal/sparse_array.h index 648e41a..ec3fb2f 100644 --- a/crypto/include/internal/sparse_array.h +++ b/crypto/include/internal/sparse_array.h @@ -39,25 +39,27 @@ extern "C" { return OPENSSL_SA_num((OPENSSL_SA *)sa); \ } \ static ossl_unused ossl_inline void ossl_sa_##type##_doall(const SPARSE_ARRAY_OF(type) *sa, \ - void (*leaf)(size_t, type *)) \ + void (*leaf)(ossl_uintmax_t, \ + type *)) \ { \ - OPENSSL_SA_doall((OPENSSL_SA *)sa, (void (*)(size_t, void *))leaf); \ + OPENSSL_SA_doall((OPENSSL_SA *)sa, (void (*)(ossl_uintmax_t, void *))leaf); \ } \ static ossl_unused ossl_inline \ void ossl_sa_##type##_doall_arg(const SPARSE_ARRAY_OF(type) *sa, \ - void (*leaf)(size_t, type *, void *), \ + void (*leaf)(ossl_uintmax_t, type *, void *), \ void *arg) \ { \ - OPENSSL_SA_doall_arg((OPENSSL_SA *)sa, (void (*)(size_t, void *, void *))leaf, \ + OPENSSL_SA_doall_arg((OPENSSL_SA *)sa, (void (*)(ossl_uintmax_t, void *, \ + void *))leaf, \ arg); \ } \ static ossl_unused ossl_inline type *ossl_sa_##type##_get(const SPARSE_ARRAY_OF(type) *sa, \ - size_t n) \ + ossl_uintmax_t n) \ { \ return (type *)OPENSSL_SA_get((OPENSSL_SA *)sa, n); \ } \ static ossl_unused ossl_inline int ossl_sa_##type##_set(SPARSE_ARRAY_OF(type) *sa, \ - size_t n, type *val) \ + ossl_uintmax_t n, type *val) \ { \ return OPENSSL_SA_set((OPENSSL_SA *)sa, n, (void *)val); \ } \ @@ -68,11 +70,12 @@ OPENSSL_SA *OPENSSL_SA_new(void); void OPENSSL_SA_free(OPENSSL_SA *sa); void OPENSSL_SA_free_leaves(OPENSSL_SA *sa); size_t OPENSSL_SA_num(const OPENSSL_SA *sa); -void OPENSSL_SA_doall(const OPENSSL_SA *sa, void (*leaf)(size_t, void *)); +void OPENSSL_SA_doall(const OPENSSL_SA *sa, + void (*leaf)(ossl_uintmax_t, void *)); void OPENSSL_SA_doall_arg(const OPENSSL_SA *sa, - void (*leaf)(size_t, void *, void *), void *); -void *OPENSSL_SA_get(const OPENSSL_SA *sa, size_t n); -int OPENSSL_SA_set(OPENSSL_SA *sa, size_t n, void *val); + void (*leaf)(ossl_uintmax_t, void *, void *), void *); +void *OPENSSL_SA_get(const OPENSSL_SA *sa, ossl_uintmax_t n); +int OPENSSL_SA_set(OPENSSL_SA *sa, ossl_uintmax_t n, void *val); # ifdef __cplusplus } diff --git a/crypto/property/property.c b/crypto/property/property.c index e4fdc68..1a3d0c4 100644 --- a/crypto/property/property.c +++ b/crypto/property/property.c @@ -131,7 +131,7 @@ static void impl_cache_free(QUERY *elem) OPENSSL_free(elem); } -static void alg_cleanup(size_t idx, ALGORITHM *a) +static void alg_cleanup(ossl_uintmax_t idx, ALGORITHM *a) { if (a != NULL) { sk_IMPLEMENTATION_pop_free(a->impls, &impl_free); @@ -356,7 +356,7 @@ int ossl_method_store_set_global_properties(OSSL_METHOD_STORE *store, return ret; } -static void impl_cache_flush_alg(size_t idx, ALGORITHM *alg) +static void impl_cache_flush_alg(ossl_uintmax_t idx, ALGORITHM *alg) { lh_QUERY_doall(alg->cache, &impl_cache_free); lh_QUERY_flush(alg->cache); @@ -413,7 +413,8 @@ static void impl_cache_flush_cache(QUERY *c, IMPL_CACHE_FLUSH *state) state->nelem++; } -static void impl_cache_flush_one_alg(size_t idx, ALGORITHM *alg, void *v) +static void impl_cache_flush_one_alg(ossl_uintmax_t idx, ALGORITHM *alg, + void *v) { IMPL_CACHE_FLUSH *state = (IMPL_CACHE_FLUSH *)v; diff --git a/crypto/sparse_array.c b/crypto/sparse_array.c index 5bcdbc5..f534c04 100644 --- a/crypto/sparse_array.c +++ b/crypto/sparse_array.c @@ -29,7 +29,7 @@ * at a cost in time. * * The library builder is also permitted to define other sizes in the closed - * interval [2, sizeof(size_t) * 8]. + * interval [2, sizeof(ossl_uintmax_t) * 8]. */ #ifndef OPENSSL_SA_BLOCK_BITS # ifdef OPENSSL_SMALL_FOOTPRINT @@ -49,13 +49,13 @@ */ #define SA_BLOCK_MAX (1 << OPENSSL_SA_BLOCK_BITS) #define SA_BLOCK_MASK (SA_BLOCK_MAX - 1) -#define SA_BLOCK_MAX_LEVELS (((int)sizeof(size_t) * 8 \ +#define SA_BLOCK_MAX_LEVELS (((int)sizeof(ossl_uintmax_t) * 8 \ + OPENSSL_SA_BLOCK_BITS - 1) \ / OPENSSL_SA_BLOCK_BITS) struct sparse_array_st { int levels; - size_t top; + ossl_uintmax_t top; size_t nelem; void **nodes; }; @@ -68,11 +68,11 @@ OPENSSL_SA *OPENSSL_SA_new(void) } static void sa_doall(const OPENSSL_SA *sa, void (*node)(void **), - void (*leaf)(size_t, void *, void *), void *arg) + void (*leaf)(ossl_uintmax_t, void *, void *), void *arg) { int i[SA_BLOCK_MAX_LEVELS]; void *nodes[SA_BLOCK_MAX_LEVELS]; - size_t idx = 0; + ossl_uintmax_t idx = 0; int l = 0; i[0] = 0; @@ -107,7 +107,7 @@ static void sa_free_node(void **p) OPENSSL_free(p); } -static void sa_free_leaf(size_t n, void *p, void *arg) +static void sa_free_leaf(ossl_uintmax_t n, void *p, void *arg) { OPENSSL_free(p); } @@ -126,15 +126,16 @@ void OPENSSL_SA_free_leaves(OPENSSL_SA *sa) /* Wrap this in a structure to avoid compiler warnings */ struct trampoline_st { - void (*func)(size_t, void *); + void (*func)(ossl_uintmax_t, void *); }; -static void trampoline(size_t n, void *l, void *arg) +static void trampoline(ossl_uintmax_t n, void *l, void *arg) { ((const struct trampoline_st *)arg)->func(n, l); } -void OPENSSL_SA_doall(const OPENSSL_SA *sa, void (*leaf)(size_t, void *)) +void OPENSSL_SA_doall(const OPENSSL_SA *sa, void (*leaf)(ossl_uintmax_t, + void *)) { struct trampoline_st tramp; @@ -144,7 +145,8 @@ void OPENSSL_SA_doall(const OPENSSL_SA *sa, void (*leaf)(size_t, void *)) } void OPENSSL_SA_doall_arg(const OPENSSL_SA *sa, - void (*leaf)(size_t, void *, void *), void *arg) + void (*leaf)(ossl_uintmax_t, void *, void *), + void *arg) { if (sa != NULL) sa_doall(sa, NULL, leaf, arg); @@ -155,7 +157,7 @@ size_t OPENSSL_SA_num(const OPENSSL_SA *sa) return sa == NULL ? 0 : sa->nelem; } -void *OPENSSL_SA_get(const OPENSSL_SA *sa, size_t n) +void *OPENSSL_SA_get(const OPENSSL_SA *sa, ossl_uintmax_t n) { int level; void **p, *r = NULL; @@ -178,10 +180,10 @@ static ossl_inline void **alloc_node(void) return OPENSSL_zalloc(SA_BLOCK_MAX * sizeof(void *)); } -int OPENSSL_SA_set(OPENSSL_SA *sa, size_t posn, void *val) +int OPENSSL_SA_set(OPENSSL_SA *sa, ossl_uintmax_t posn, void *val) { int i, level = 1; - size_t n = posn; + ossl_uintmax_t n = posn; void **p; if (sa == NULL) diff --git a/doc/internal/man3/DEFINE_SPARSE_ARRAY_OF.pod b/doc/internal/man3/DEFINE_SPARSE_ARRAY_OF.pod index c36472a..db2ad36 100644 --- a/doc/internal/man3/DEFINE_SPARSE_ARRAY_OF.pod +++ b/doc/internal/man3/DEFINE_SPARSE_ARRAY_OF.pod @@ -21,12 +21,15 @@ ossl_sa_TYPE_doall_arg, ossl_sa_TYPE_get, ossl_sa_TYPE_set SPARSE_ARRAY_OF(TYPE) *ossl_sa_TYPE_new(void); void ossl_sa_TYPE_free(const SPARSE_ARRAY_OF(TYPE) *sa); void ossl_sa_TYPE_free_leaves(const SPARSE_ARRAY_OF(TYPE) *sa); - int ossl_sa_TYPE_num(const SPARSE_ARRAY_OF(TYPE) *sa); - void ossl_sa_TYPE_doall(const OPENSSL_SA *sa, void (*leaf)(size_t, void *)); + size_t ossl_sa_TYPE_num(const SPARSE_ARRAY_OF(TYPE) *sa); + void ossl_sa_TYPE_doall(const OPENSSL_SA *sa, void (*leaf)(ossl_uintmax_t, + void *)); void ossl_sa_TYPE_doall_arg(const OPENSSL_SA *sa, - void (*leaf)(size_t, void *, void *), void *arg); - TYPE *ossl_sa_TYPE_get(const SPARSE_ARRAY_OF(TYPE) *sa, size_t idx); - int ossl_sa_TYPE_set(SPARSE_ARRAY_OF(TYPE) *sa, size_t idx, TYPE *value); + void (*leaf)(ossl_uintmax_t, void *, void *), + void *arg); + TYPE *ossl_sa_TYPE_get(const SPARSE_ARRAY_OF(TYPE) *sa, ossl_uintmax_t idx); + int ossl_sa_TYPE_set(SPARSE_ARRAY_OF(TYPE) *sa, ossl_uintmax_t idx, + TYPE *value); =head1 DESCRIPTION @@ -36,7 +39,7 @@ B. This will mean that a pointer to type B is stored in each element of a sparse array, the type is referenced by SPARSE_ARRAY_OF(TYPE) and each function name begins with I. For example: - TYPE *ossl_sa_TYPE_get(SPARSE_ARRAY_OF(TYPE) *sa, size_t idx); + TYPE *ossl_sa_TYPE_get(SPARSE_ARRAY_OF(TYPE) *sa, ossl_uintmax_t idx); ossl_sa_TYPE_num() returns the number of elements in B or 0 if B is B. diff --git a/test/sparse_array_test.c b/test/sparse_array_test.c index 02ce0d1..3457a77 100644 --- a/test/sparse_array_test.c +++ b/test/sparse_array_test.c @@ -30,11 +30,11 @@ DEFINE_SPARSE_ARRAY_OF(char); static int test_sparse_array(void) { static const struct { - size_t n; + ossl_uintmax_t n; char *v; } cases[] = { { 22, "a" }, { 0, "z" }, { 1, "b" }, { 290, "c" }, - { INT_MAX, "m" }, { 6666666, "d" }, { (size_t)-1, "H" }, + { INT_MAX, "m" }, { 6666666, "d" }, { (ossl_uintmax_t)-1, "H" }, { 99, "e" } }; SPARSE_ARRAY_OF(char) *sa; @@ -69,7 +69,7 @@ static int test_sparse_array_num(void) { static const struct { size_t num; - size_t n; + ossl_uintmax_t n; char *v; } cases[] = { { 1, 22, "a" }, { 2, 1021, "b" }, { 3, 3, "c" }, { 2, 22, NULL }, @@ -96,7 +96,7 @@ err: } struct index_cases_st { - size_t n; + ossl_uintmax_t n; char *v; int del; }; @@ -109,7 +109,7 @@ struct doall_st { int all; }; -static void leaf_check_all(size_t n, char *value, void *arg) +static void leaf_check_all(ossl_uintmax_t n, char *value, void *arg) { struct doall_st *doall_data = (struct doall_st *)arg; const struct index_cases_st *cases = doall_data->cases; @@ -125,7 +125,7 @@ static void leaf_check_all(size_t n, char *value, void *arg) TEST_error("Index %zu with value %s not found", n, value); } -static void leaf_delete(size_t n, char *value, void *arg) +static void leaf_delete(ossl_uintmax_t n, char *value, void *arg) { struct doall_st *doall_data = (struct doall_st *)arg; const struct index_cases_st *cases = doall_data->cases; @@ -145,8 +145,8 @@ static int test_sparse_array_doall(void) { static const struct index_cases_st cases[] = { { 22, "A", 1 }, { 1021, "b", 0 }, { 3, "c", 0 }, { INT_MAX, "d", 1 }, - { (size_t)-1, "H", 0 }, { (size_t)-2, "i", 1 }, { 666666666, "s", 1 }, - { 1234567890, "t", 0 }, + { (ossl_uintmax_t)-1, "H", 0 }, { (ossl_uintmax_t)-2, "i", 1 }, + { 666666666, "s", 1 }, { 1234567890, "t", 0 }, }; struct doall_st doall_data; size_t i; From no-reply at appveyor.com Wed Mar 6 08:52:04 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 08:52:04 +0000 Subject: Build failed: openssl master.23182 Message-ID: <20190306085204.1.D2EFDB37DBDCF7AB@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 6 09:35:23 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 09:35:23 +0000 Subject: Build failed: openssl master.23184 Message-ID: <20190306093523.1.214DE1ACD1C2C5DE@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Wed Mar 6 10:18:19 2019 From: levitte at openssl.org (Richard Levitte) Date: Wed, 06 Mar 2019 10:18:19 +0000 Subject: [openssl] master update Message-ID: <1551867499.041728.7178.nullmailer@dev.openssl.org> The branch master has been updated via 18e1e302452e6dea4500b6f981cee7e151294dea (commit) via c699712fa329ce1ce1b4756a50a78ab2f47909e1 (commit) via 0b836c2168fee1689ab1ea3bb785e38b9f85ef0f (commit) via 3b9e1a3902068baa55ecd16b264891cbcc7549ab (commit) via 6e810f2dcab6d27a7158a23888c81882a3501b7f (commit) via 5f8a5f46e4e83735bb5ad384d8d7df771d2aa4b3 (commit) via b9ce85f631cf376cd781fd3dfdc80e927d88ee77 (commit) via a902e43d7d34dd3d2cb0a3fe0fe7ae23d9021b40 (commit) via 3a9b3d2d93017014032d1bbed3e4193bb423eaae (commit) via f518e3e802d8dcad283be6cb4913dd7cfc6f11fd (commit) via f272be676b5462db641897057a4feaa9e8f35c1d (commit) via f4db05df0e0bc665b98e7cda33d4572071884d03 (commit) via 5c64173586386a7c73e6431166c96eb43ae0baa2 (commit) via 77359d22c97d1636eccf1fa583dc295228835144 (commit) via 49b26f54f4c182d6a860c91d01994bdf2bba20de (commit) via 16a9d3746ef7e03207cc3cd290356613556959a5 (commit) via 682b444f8a78b8902a3521cd6486bdecb766e5e5 (commit) via 2390c573aa598b715eb592c9b4da50a71453347a (commit) from 8ab53b193a8e95bb2998744bc184146eb1ddcc23 (commit) - Log ----------------------------------------------------------------- commit 18e1e302452e6dea4500b6f981cee7e151294dea Author: Richard Levitte Date: Sun Feb 10 15:16:20 2019 +0100 apps/openssl.c: avoid memory leaks The trace API doesn't know that the BIOs we give it, let alone those we attach to callbacks as 'void *data', need to be cleaned up. This must be done in the application. To ensure this cleanup is done as late as possible, use atexit(). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit c699712fa329ce1ce1b4756a50a78ab2f47909e1 Author: Richard Levitte Date: Fri Dec 14 17:18:00 2018 +0100 Add a log about the tracing functionality Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 0b836c2168fee1689ab1ea3bb785e38b9f85ef0f Author: Richard Levitte Date: Fri Dec 14 17:17:22 2018 +0100 Document the tracing functionality Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 3b9e1a3902068baa55ecd16b264891cbcc7549ab Author: Richard Levitte Date: Sat Feb 9 12:37:49 2019 +0100 Make it possible to trace the trace functionality itself Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 6e810f2dcab6d27a7158a23888c81882a3501b7f Author: Richard Levitte Date: Thu Dec 13 12:35:48 2018 +0100 Adapt BN_CTX_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 5f8a5f46e4e83735bb5ad384d8d7df771d2aa4b3 Author: Richard Levitte Date: Thu Dec 13 12:04:26 2018 +0100 Adapt OPENSSL_DEBUG_DECRYPT to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit b9ce85f631cf376cd781fd3dfdc80e927d88ee77 Author: Richard Levitte Date: Thu Dec 13 08:19:08 2018 +0100 Adapt OPENSSL_POLICY_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit a902e43d7d34dd3d2cb0a3fe0fe7ae23d9021b40 Author: Richard Levitte Date: Thu Dec 13 08:07:25 2018 +0100 Adapt OPENSSL_DEBUG_KEYGEN to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 3a9b3d2d93017014032d1bbed3e4193bb423eaae Author: Richard Levitte Date: Thu Dec 13 01:53:13 2018 +0100 Adapt OPENSSL_DEBUG_PKCS5V2 to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit f518e3e802d8dcad283be6cb4913dd7cfc6f11fd Author: Richard Levitte Date: Thu Dec 13 01:42:46 2018 +0100 Adapt ENGINE_REF_COUNT_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit f272be676b5462db641897057a4feaa9e8f35c1d Author: Richard Levitte Date: Thu Dec 13 01:42:07 2018 +0100 Adapt ENGINE_TABLE_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit f4db05df0e0bc665b98e7cda33d4572071884d03 Author: Richard Levitte Date: Thu Dec 13 01:37:10 2018 +0100 Adapt ENGINE_CONF_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 5c64173586386a7c73e6431166c96eb43ae0baa2 Author: Richard Levitte Date: Thu Dec 13 00:32:57 2018 +0100 Adapt OPENSSL_INIT_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 77359d22c97d1636eccf1fa583dc295228835144 Author: Richard Levitte Date: Wed Dec 12 23:57:48 2018 +0100 Adapt CIPHER_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 49b26f54f4c182d6a860c91d01994bdf2bba20de Author: Richard Levitte Date: Wed Dec 12 00:04:44 2018 +0100 Adapt SSL_DEBUG to the new generic trace API Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 16a9d3746ef7e03207cc3cd290356613556959a5 Author: Richard Levitte Date: Wed Dec 12 21:31:36 2018 +0100 Make it possible to disable the TRACE API This disabled the tracing functionality by making functions do nothing, and making convenience macros produce dead code. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 682b444f8a78b8902a3521cd6486bdecb766e5e5 Author: Richard Levitte Date: Fri Dec 14 15:48:53 2018 +0100 apps/openssl.c: Adapt to enable tracing output Use the environment variables OPENSSL_TRACE to determine what's going to be enabled. The value of this variables is a comma separated list of trace and debugging names, which correspond to the trace category macros defined in include/openssl/trace.h. For example, setting OPENSSL_DEBUG=TRACE,SSL will enable debugging output for the types OSSL_TRACE_CATEGORY_TRACE and OSSL_TRACE_CATEGORY_SSL. This also slightly changes the handling of the prefix method in apps/apps.c. This is for the better, as the prefix method pointer was unneccessarily stored in two places. Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) commit 2390c573aa598b715eb592c9b4da50a71453347a Author: Richard Levitte Date: Tue Dec 11 23:58:29 2018 +0100 Add generic trace API The idea is that the application shall be able to register output channels or callbacks to print tracing output as it sees fit. OpenSSL internals, on the other hand, want to print thoses texts using normal printing routines, such as BIO_printf() or BIO_dump() through well defined BIOs. When the application registers callbacks, the tracing functionality sets up an internal BIO that simply forwards received text to the appropriate application provided callback. Co-authored-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8198) ----------------------------------------------------------------------- Summary of changes: CHANGES | 9 + Configure | 1 + NEWS | 2 + apps/apps.c | 14 +- apps/openssl.c | 115 ++++++- apps/s_client.c | 6 +- crypto/bn/bn_ctx.c | 72 ++--- crypto/build.info | 1 + crypto/engine/eng_cnf.c | 19 +- crypto/engine/eng_int.h | 51 ++-- crypto/engine/eng_table.c | 57 ++-- crypto/evp/p5_crpt2.c | 41 +-- crypto/include/internal/cryptlib_int.h | 2 + crypto/init.c | 198 +++++-------- crypto/pkcs12/p12_decr.c | 23 +- crypto/pkcs12/p12_key.c | 48 +-- crypto/trace.c | 495 +++++++++++++++++++++++++++++++ crypto/x509v3/pcy_tree.c | 67 ++--- doc/man1/openssl.pod | 68 +++++ doc/man3/OSSL_trace_enabled.pod | 183 ++++++++++++ doc/man3/OSSL_trace_get_category_num.pod | 44 +++ doc/man3/OSSL_trace_set_channel.pod | 288 ++++++++++++++++++ include/openssl/trace.h | 291 ++++++++++++++++++ ssl/record/ssl3_record.c | 61 ++-- ssl/s3_lib.c | 36 +-- ssl/ssl_ciph.c | 45 +-- ssl/ssl_init.c | 33 +-- ssl/ssl_lib.c | 7 +- ssl/statem/statem_clnt.c | 7 +- ssl/statem/statem_lib.c | 14 +- ssl/statem/statem_srvr.c | 17 +- ssl/t1_enc.c | 114 +++---- util/libcrypto.num | 9 + util/private.num | 1 + 34 files changed, 1869 insertions(+), 570 deletions(-) create mode 100644 crypto/trace.c create mode 100644 doc/man3/OSSL_trace_enabled.pod create mode 100644 doc/man3/OSSL_trace_get_category_num.pod create mode 100644 doc/man3/OSSL_trace_set_channel.pod create mode 100644 include/openssl/trace.h diff --git a/CHANGES b/CHANGES index ff61ff4..d977c76 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,15 @@ Changes between 1.1.1 and 3.0.0 [xx XXX xxxx] + *) Added support for enabling instrumentation through trace output. + This is left to application control, by allowing it to register BIOs as + channels for a number of tracing and debugging categories. + + The 'openssl' application has been expanded to enable any of the types + available via environment variables defined by the user, and serves as + one possible example on how to use this functionality. + [Richard Levitte & Matthias St. Pierre] + *) Added build tests for C++. These are generated files that only do one thing, to include one public OpenSSL head file each. This tests that the public header files can be usefully included in a C++ application. diff --git a/Configure b/Configure index 707e8b9..b2410a2 100755 --- a/Configure +++ b/Configure @@ -417,6 +417,7 @@ my @disablables = ( "tests", "threads", "tls", + "trace", "ts", "ubsan", "ui-console", diff --git a/NEWS b/NEWS index 7ac249e..c743dbc 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,8 @@ Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development] + o Add support for enabling instrumentation through trace and debug + output. o Changed our version number scheme and set the next major release to 3.0.0 o Added EVP_MAC, an EVP layer MAC API, and a generic EVP_PKEY to EVP_MAC diff --git a/apps/apps.c b/apps/apps.c index 44a90a3..d095dee 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2243,8 +2243,6 @@ BIO *dup_bio_in(int format) BIO_NOCLOSE | (FMT_istext(format) ? BIO_FP_TEXT : 0)); } -static BIO_METHOD *prefix_method = NULL; - BIO *dup_bio_out(int format) { BIO *b = BIO_new_fp(stdout, @@ -2256,10 +2254,9 @@ BIO *dup_bio_out(int format) b = BIO_push(BIO_new(BIO_f_linebuffer()), b); #endif - if (FMT_istext(format) && (prefix = getenv("HARNESS_OSSL_PREFIX")) != NULL) { - if (prefix_method == NULL) - prefix_method = apps_bf_prefix(); - b = BIO_push(BIO_new(prefix_method), b); + if (FMT_istext(format) + && (prefix = getenv("HARNESS_OSSL_PREFIX")) != NULL) { + b = BIO_push(BIO_new(apps_bf_prefix()), b); BIO_ctrl(b, PREFIX_CTRL_SET_PREFIX, 0, prefix); } @@ -2277,8 +2274,13 @@ BIO *dup_bio_err(int format) return b; } +/* + * Because the prefix method is created dynamically, we must also be able + * to destroy it. + */ void destroy_prefix_method(void) { + BIO_METHOD *prefix_method = apps_bf_prefix(); BIO_meth_free(prefix_method); prefix_method = NULL; } diff --git a/apps/openssl.c b/apps/openssl.c index 6b63b36..854f943 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include @@ -93,7 +94,6 @@ static int apps_startup(void) static void apps_shutdown(void) { destroy_ui_method(); - destroy_prefix_method(); } static char *make_config_name(void) @@ -117,6 +117,110 @@ static char *make_config_name(void) return p; } +typedef struct tracedata_st { + BIO *bio; + unsigned int ingroup:1; +} tracedata; + +static size_t internal_trace_cb(const char *buf, size_t cnt, + int category, int cmd, void *vdata) +{ + int ret; + tracedata *trace_data = vdata; + int set_prefix = 0; + + switch (cmd) { + case OSSL_TRACE_CTRL_BEGIN: + trace_data->ingroup = 1; + set_prefix = 1; + break; + case OSSL_TRACE_CTRL_DURING: + if (!trace_data->ingroup) + set_prefix = 1; + break; + case OSSL_TRACE_CTRL_END: + trace_data->ingroup = 0; + break; + } + + if (set_prefix) { + union { + CRYPTO_THREAD_ID tid; + unsigned long ltid; + } tid; + char buffer[256]; + + tid.ltid = 0; + tid.tid = CRYPTO_THREAD_get_current_id(); + + BIO_snprintf(buffer, sizeof(buffer), "TRACE[%lx]:%s: ", tid.ltid, + OSSL_trace_get_category_name(category)); + BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX, + strlen(buffer), buffer); + } + ret = BIO_write(trace_data->bio, buf, cnt); + + return ret < 0 ? 0 : ret; +} + +DEFINE_STACK_OF(tracedata) +static STACK_OF(tracedata) *trace_data_stack; + +static void tracedata_free(tracedata *data) +{ + BIO_free_all(data->bio); + OPENSSL_free(data); +} + +static STACK_OF(tracedata) *trace_data_stack; + +static void cleanup_trace(void) +{ + sk_tracedata_pop_free(trace_data_stack, tracedata_free); +} + +static void setup_trace(const char *str) +{ + char *val; + + trace_data_stack = sk_tracedata_new_null(); + val = OPENSSL_strdup(str); + + if (val != NULL) { + char *valp = val; + char *item; + + for (valp = val; (item = strtok(valp, ",")) != NULL; valp = NULL) { + int category = OSSL_trace_get_category_num(item); + + if (category >= 0) { + BIO *channel = BIO_push(BIO_new(apps_bf_prefix()), + dup_bio_err(FORMAT_TEXT)); + tracedata *trace_data = OPENSSL_zalloc(sizeof(*trace_data)); + + if (trace_data == NULL + || (trace_data->bio = channel) == NULL + || OSSL_trace_set_callback(category, internal_trace_cb, + trace_data) == 0 + || sk_tracedata_push(trace_data_stack, trace_data) == 0) { + OSSL_trace_set_callback(category, NULL, NULL); + BIO_free_all(channel); + fprintf(stderr, + "warning: unable to setup trace callback for category '%s'.\n", + item); + } + } else { + fprintf(stderr, + "warning: unknown trace category: '%s'.\n", + item); + } + } + } + + OPENSSL_free(val); + atexit(cleanup_trace); +} + int main(int argc, char *argv[]) { FUNCTION f, *fp; @@ -145,6 +249,15 @@ int main(int argc, char *argv[]) win32_utf8argv(&argc, &argv); #endif + /* + * We use the prefix method to get the trace output we want. Since some + * trace outputs happen with OPENSSL_cleanup(), which is run automatically + * after exit(), we need to destroy the prefix method as late as possible. + */ + atexit(destroy_prefix_method); + + setup_trace(getenv("OPENSSL_TRACE")); + p = getenv("OPENSSL_DEBUG_MEMORY"); if (p != NULL && strcmp(p, "on") == 0) CRYPTO_set_mem_debug(1); diff --git a/apps/s_client.c b/apps/s_client.c index 687e755..7a41d83 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -38,6 +38,7 @@ typedef unsigned int u_int; #include #include #include +#include #include #ifndef OPENSSL_NO_SRP # include @@ -1521,6 +1522,7 @@ int s_client_main(int argc, char **argv) break; } } + if (count4or6 >= 2) { BIO_printf(bio_err, "%s: Can't use both -4 and -6\n", prog); goto opthelp; @@ -3321,8 +3323,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) BIO_printf(bio_err, "Using Kernel TLS for sending\n"); #endif -#ifdef SSL_DEBUG - { + if (OSSL_TRACE_ENABLED(TLS)) { /* Print out local port of connection: useful for debugging */ int sock; union BIO_sock_info_u info; @@ -3335,7 +3336,6 @@ static void print_stuff(BIO *bio, SSL *s, int full) } BIO_ADDR_free(info.addr); } -#endif #if !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.status != -1) { diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index d6e7605..9e908bf 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include #include "internal/cryptlib.h" #include "bn_lcl.h" @@ -87,48 +88,38 @@ struct bignum_ctx { int flags; }; -/* Enable this to find BN_CTX bugs */ -#ifdef BN_CTX_DEBUG -static const char *ctxdbg_cur = NULL; -static void ctxdbg(BN_CTX *ctx) +/* Debugging functionality */ +static void ctxdbg(BIO *channel, const char *text, BN_CTX *ctx) { unsigned int bnidx = 0, fpidx = 0; BN_POOL_ITEM *item = ctx->pool.head; BN_STACK *stack = &ctx->stack; - fprintf(stderr, "(%16p): ", ctx); + + BIO_printf(channel, "%s\n", text); + BIO_printf(channel, " (%16p): ", (void*)ctx); while (bnidx < ctx->used) { - fprintf(stderr, "%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax); + BIO_printf(channel, "%03x ", + item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax); if (!(bnidx % BN_CTX_POOL_SIZE)) item = item->next; } - fprintf(stderr, "\n"); + BIO_printf(channel, "\n"); bnidx = 0; - fprintf(stderr, " : "); + BIO_printf(channel, " %16s : ", ""); while (fpidx < stack->depth) { while (bnidx++ < stack->indexes[fpidx]) - fprintf(stderr, " "); - fprintf(stderr, "^^^ "); + BIO_printf(channel, " "); + BIO_printf(channel, "^^^ "); bnidx++; fpidx++; } - fprintf(stderr, "\n"); + BIO_printf(channel, "\n"); } -# define CTXDBG_ENTRY(str, ctx) do { \ - ctxdbg_cur = (str); \ - fprintf(stderr,"Starting %s\n", ctxdbg_cur); \ - ctxdbg(ctx); \ - } while(0) -# define CTXDBG_EXIT(ctx) do { \ - fprintf(stderr,"Ending %s\n", ctxdbg_cur); \ - ctxdbg(ctx); \ - } while(0) -# define CTXDBG_RET(ctx,ret) -#else -# define CTXDBG_ENTRY(str, ctx) -# define CTXDBG_EXIT(ctx) -# define CTXDBG_RET(ctx,ret) -#endif +#define CTXDBG(str, ctx) \ + OSSL_TRACE_BEGIN(BN_CTX) { \ + ctxdbg(trc_out, str, ctx); \ + } OSSL_TRACE_END(BN_CTX) BN_CTX *BN_CTX_new(void) @@ -158,21 +149,20 @@ void BN_CTX_free(BN_CTX *ctx) { if (ctx == NULL) return; -#ifdef BN_CTX_DEBUG - { + OSSL_TRACE_BEGIN(BN_CTX) { BN_POOL_ITEM *pool = ctx->pool.head; - fprintf(stderr, "BN_CTX_free, stack-size=%d, pool-bignums=%d\n", - ctx->stack.size, ctx->pool.size); - fprintf(stderr, "dmaxs: "); + BIO_printf(trc_out, + "BN_CTX_free(): stack-size=%d, pool-bignums=%d\n", + ctx->stack.size, ctx->pool.size); + BIO_printf(trc_out, " dmaxs: "); while (pool) { unsigned loop = 0; while (loop < BN_CTX_POOL_SIZE) - fprintf(stderr, "%02x ", pool->vals[loop++].dmax); + BIO_printf(trc_out, "%02x ", pool->vals[loop++].dmax); pool = pool->next; } - fprintf(stderr, "\n"); - } -#endif + BIO_printf(trc_out, "\n"); + } OSSL_TRACE_END(BN_CTX); BN_STACK_finish(&ctx->stack); BN_POOL_finish(&ctx->pool); OPENSSL_free(ctx); @@ -180,7 +170,7 @@ void BN_CTX_free(BN_CTX *ctx) void BN_CTX_start(BN_CTX *ctx) { - CTXDBG_ENTRY("BN_CTX_start", ctx); + CTXDBG("ENTER BN_CTX_start()", ctx); /* If we're already overflowing ... */ if (ctx->err_stack || ctx->too_many) ctx->err_stack++; @@ -189,12 +179,12 @@ void BN_CTX_start(BN_CTX *ctx) BNerr(BN_F_BN_CTX_START, BN_R_TOO_MANY_TEMPORARY_VARIABLES); ctx->err_stack++; } - CTXDBG_EXIT(ctx); + CTXDBG("LEAVE BN_CTX_start()", ctx); } void BN_CTX_end(BN_CTX *ctx) { - CTXDBG_ENTRY("BN_CTX_end", ctx); + CTXDBG("ENTER BN_CTX_end()", ctx); if (ctx->err_stack) ctx->err_stack--; else { @@ -206,14 +196,14 @@ void BN_CTX_end(BN_CTX *ctx) /* Unjam "too_many" in case "get" had failed */ ctx->too_many = 0; } - CTXDBG_EXIT(ctx); + CTXDBG("LEAVE BN_CTX_end()", ctx); } BIGNUM *BN_CTX_get(BN_CTX *ctx) { BIGNUM *ret; - CTXDBG_ENTRY("BN_CTX_get", ctx); + CTXDBG("ENTER BN_CTX_get()", ctx); if (ctx->err_stack || ctx->too_many) return NULL; if ((ret = BN_POOL_get(&ctx->pool, ctx->flags)) == NULL) { @@ -230,7 +220,7 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) /* clear BN_FLG_CONSTTIME if leaked from previous frames */ ret->flags &= (~BN_FLG_CONSTTIME); ctx->used++; - CTXDBG_RET(ctx, ret); + CTXDBG("LEAVE BN_CTX_get()", ctx); return ret; } diff --git a/crypto/build.info b/crypto/build.info index 94ed06e..e3e9cee 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -13,6 +13,7 @@ SOURCE[../libcrypto]=\ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \ threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c context.c sparse_array.c \ + trace.c \ {- $target{cpuid_asm_src} -} {- $target{uplink_aux_src} -} DEPEND[cversion.o]=buildinf.h diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c index bece327..c87a8a1 100644 --- a/crypto/engine/eng_cnf.c +++ b/crypto/engine/eng_cnf.c @@ -9,8 +9,7 @@ #include "eng_int.h" #include - -/* #define ENGINE_CONF_DEBUG */ +#include /* ENGINE config module */ @@ -50,9 +49,7 @@ static int int_engine_configure(const char *name, const char *value, const CONF int soft = 0; name = skip_dot(name); -#ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "Configuring engine %s\n", name); -#endif + OSSL_TRACE1(ENGINE_CONF, "Configuring engine %s\n", name); /* Value is a section containing ENGINE commands */ ecmds = NCONF_get_section(cnf, value); @@ -66,10 +63,8 @@ static int int_engine_configure(const char *name, const char *value, const CONF ecmd = sk_CONF_VALUE_value(ecmds, i); ctrlname = skip_dot(ecmd->name); ctrlvalue = ecmd->value; -#ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname, - ctrlvalue); -#endif + OSSL_TRACE2(ENGINE_CONF, "ENGINE conf: doing ctrl(%s,%s)\n", + ctrlname, ctrlvalue); /* First handle some special pseudo ctrls */ @@ -153,10 +148,8 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) STACK_OF(CONF_VALUE) *elist; CONF_VALUE *cval; int i; -#ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "Called engine module: name %s, value %s\n", - CONF_imodule_get_name(md), CONF_imodule_get_value(md)); -#endif + OSSL_TRACE2(ENGINE_CONF, "Called engine module: name %s, value %s\n", + CONF_imodule_get_name(md), CONF_imodule_get_value(md)); /* Value is a section containing ENGINEs to configure */ elist = NCONF_get_section(cnf, CONF_imodule_get_value(md)); diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h index 2a32411..d456175 100644 --- a/crypto/engine/eng_int.h +++ b/crypto/engine/eng_int.h @@ -11,6 +11,7 @@ #ifndef HEADER_ENGINE_INT_H # define HEADER_ENGINE_INT_H +# include # include "internal/cryptlib.h" # include "internal/engine.h" # include "internal/thread_once.h" @@ -19,27 +20,20 @@ extern CRYPTO_RWLOCK *global_engine_lock; /* - * If we compile with this symbol defined, then both reference counts in the - * ENGINE structure will be monitored with a line of output on stderr for - * each change. This prints the engine's pointer address (truncated to - * unsigned int), "struct" or "funct" to indicate the reference type, the - * before and after reference count, and the file:line-number pair. The - * "engine_ref_debug" statements must come *after* the change. + * This prints the engine's pointer address (truncated to unsigned int), + * "struct" or "funct" to indicate the reference type, the before and after + * reference count, and the file:line-number pair. The "engine_ref_debug" + * statements must come *after* the change. */ -# ifdef ENGINE_REF_COUNT_DEBUG - -# define engine_ref_debug(e, isfunct, diff) \ - fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \ - (unsigned int)(e), (isfunct ? "funct" : "struct"), \ - ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \ - ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \ - (OPENSSL_FILE), (OPENSSL_LINE)) - -# else - -# define engine_ref_debug(e, isfunct, diff) - -# endif +# define engine_ref_debug(e, isfunct, diff) \ + OSSL_TRACE6(ENGINE_REF_COUNT, \ + "engine: %p %s from %d to %d (%s:%d)\n", \ + (void *)(e), (isfunct ? "funct" : "struct"), \ + ((isfunct) \ + ? ((e)->funct_ref - (diff)) \ + : ((e)->struct_ref - (diff))), \ + ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \ + (OPENSSL_FILE), (OPENSSL_LINE)) /* * Any code that will need cleanup operations should use these functions to @@ -59,14 +53,6 @@ void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb); DEFINE_STACK_OF(ENGINE) /* - * If this symbol is defined then engine_table_select(), the function that is - * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults - * and functional references (etc), will display debugging summaries to - * stderr. - */ -/* #define ENGINE_TABLE_DEBUG */ - -/* * This represents an implementation table. Dependent code should instantiate * it as a (ENGINE_TABLE *) pointer value set initially to NULL. */ @@ -76,13 +62,10 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, int setdefault); void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e); void engine_table_cleanup(ENGINE_TABLE **table); -# ifndef ENGINE_TABLE_DEBUG -ENGINE *engine_table_select(ENGINE_TABLE **table, int nid); -# else -ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, +ENGINE *engine_table_select_int(ENGINE_TABLE **table, int nid, const char *f, int l); -# define engine_table_select(t,n) engine_table_select_tmp(t,n,OPENSSL_FILE,OPENSSL_LINE) -# endif +# define engine_table_select(t,n) \ + engine_table_select_int(t,n,OPENSSL_FILE,OPENSSL_LINE) typedef void (engine_table_doall_cb) (int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg); void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c index b0e3ebb..c3afa58 100644 --- a/crypto/engine/eng_table.c +++ b/crypto/engine/eng_table.c @@ -10,6 +10,7 @@ #include "internal/cryptlib.h" #include #include +#include #include "eng_int.h" /* The type of the items in the table */ @@ -189,29 +190,24 @@ void engine_table_cleanup(ENGINE_TABLE **table) } /* return a functional reference for a given 'nid' */ -#ifndef ENGINE_TABLE_DEBUG -ENGINE *engine_table_select(ENGINE_TABLE **table, int nid) -#else -ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, +ENGINE *engine_table_select_int(ENGINE_TABLE **table, int nid, const char *f, int l) -#endif { ENGINE *ret = NULL; ENGINE_PILE tmplate, *fnd = NULL; int initres, loop = 0; if (!(*table)) { -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing " - "registered!\n", f, l, nid); -#endif + OSSL_TRACE3(ENGINE_TABLE, + "%s:%d, nid=%d, nothing registered!\n", + f, l, nid); return NULL; } ERR_set_mark(); CRYPTO_THREAD_write_lock(global_engine_lock); /* * Check again inside the lock otherwise we could race against cleanup - * operations. But don't worry about a fprintf(stderr). + * operations. But don't worry about a debug printout */ if (!int_table_check(table, 0)) goto end; @@ -220,10 +216,9 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, if (!fnd) goto end; if (fnd->funct && engine_unlocked_init(fnd->funct)) { -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " - "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id); -#endif + OSSL_TRACE4(ENGINE_TABLE, + "%s:%d, nid=%d, using ENGINE '%s' cached\n", + f, l, nid, fnd->funct->id); ret = fnd->funct; goto end; } @@ -234,10 +229,10 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, trynext: ret = sk_ENGINE_value(fnd->sk, loop++); if (!ret) { -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no " - "registered implementations would initialise\n", f, l, nid); -#endif + OSSL_TRACE3(ENGINE_TABLE, + "%s:%d, nid=%d, " + "no registered implementations would initialise\n", + f, l, nid); goto end; } /* Try to initialise the ENGINE? */ @@ -252,15 +247,13 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, if (fnd->funct) engine_unlocked_finish(fnd->funct, 0); fnd->funct = ret; -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " - "setting default to '%s'\n", f, l, nid, ret->id); -#endif + OSSL_TRACE4(ENGINE_TABLE, + "%s:%d, nid=%d, setting default to '%s'\n", + f, l, nid, ret->id); } -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " - "newly initialised '%s'\n", f, l, nid, ret->id); -#endif + OSSL_TRACE4(ENGINE_TABLE, + "%s:%d, nid=%d, using newly initialised '%s'\n", + f, l, nid, ret->id); goto end; } goto trynext; @@ -271,14 +264,14 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, */ if (fnd) fnd->uptodate = 1; -#ifdef ENGINE_TABLE_DEBUG if (ret) - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " - "ENGINE '%s'\n", f, l, nid, ret->id); + OSSL_TRACE4(ENGINE_TABLE, + "%s:%d, nid=%d, caching ENGINE '%s'\n", + f, l, nid, ret->id); else - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " - "'no matching ENGINE'\n", f, l, nid); -#endif + OSSL_TRACE3(ENGINE_TABLE, + "%s:%d, nid=%d, caching 'no matching ENGINE'\n", + f, l, nid); CRYPTO_THREAD_unlock(global_engine_lock); /* * Whatever happened, any failed init()s are not failures in this diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 4210e51..ac5b974 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -14,16 +14,10 @@ #include #include #include +#include #include "internal/evp_int.h" #include "evp_locl.h" -/* set this to print out info about the keygen algorithm */ -/* #define OPENSSL_DEBUG_PKCS5V2 */ - -#ifdef OPENSSL_DEBUG_PKCS5V2 -static void h__dump(const unsigned char *p, int len); -#endif - int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) @@ -55,15 +49,21 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, EVP_KDF_CTX_free(kctx); -# ifdef OPENSSL_DEBUG_PKCS5V2 - fprintf(stderr, "Password:\n"); - h__dump(pass, passlen); - fprintf(stderr, "Salt:\n"); - h__dump(salt, saltlen); - fprintf(stderr, "Iteration count %d\n", iter); - fprintf(stderr, "Key:\n"); - h__dump(out, keylen); -# endif + OSSL_TRACE_BEGIN(PKCS5V2) { + BIO_printf(trc_out, "Password:\n"); + BIO_hex_string(trc_out, + 0, passlen, pass, passlen); + BIO_printf(trc_out, "\n"); + BIO_printf(trc_out, "Salt:\n"); + BIO_hex_string(trc_out, + 0, saltlen, salt, saltlen); + BIO_printf(trc_out, "\n"); + BIO_printf(trc_out, "Iteration count %d\n", iter); + BIO_printf(trc_out, "Key:\n"); + BIO_hex_string(trc_out, + 0, keylen, out, keylen); + BIO_printf(trc_out, "\n"); + } OSSL_TRACE_END(PKCS5V2); return rv; } @@ -200,12 +200,3 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, PBKDF2PARAM_free(kdf); return rv; } - -# ifdef OPENSSL_DEBUG_PKCS5V2 -static void h__dump(const unsigned char *p, int len) -{ - for (; len--; p++) - fprintf(stderr, "%02X ", *p); - fprintf(stderr, "\n"); -} -# endif diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h index 618dadb..422ef01 100644 --- a/crypto/include/internal/cryptlib_int.h +++ b/crypto/include/internal/cryptlib_int.h @@ -32,4 +32,6 @@ int ossl_init_thread_start(uint64_t opts); # define OPENSSL_INIT_THREAD_ERR_STATE 0x02 # define OPENSSL_INIT_THREAD_RAND 0x04 +int ossl_trace_init(void); +void ossl_trace_cleanup(void); void ossl_malloc_setup_failures(void); diff --git a/crypto/init.c b/crypto/init.c index ef9c043..12c9d62 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -27,6 +27,7 @@ #include "internal/dso_conf.h" #include "internal/dso.h" #include "internal/store.h" +#include static int stopped = 0; @@ -90,9 +91,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_base) { CRYPTO_THREAD_LOCAL key; -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_base: Setting up stop handlers\n"); -#endif + if (ossl_trace_init() == 0) + return 0; + + OSSL_TRACE(INIT, "ossl_init_base: setting up stop handlers\n"); #ifndef OPENSSL_NO_CRYPTO_MDEBUG ossl_malloc_setup_failures(); #endif @@ -107,9 +109,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_base) return 1; err: -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_base not ok!\n"); -#endif + OSSL_TRACE(INIT, "ossl_init_base failed!\n"); CRYPTO_THREAD_lock_free(init_lock); init_lock = NULL; @@ -158,9 +158,8 @@ DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_register_atexit, static CRYPTO_ONCE load_crypto_nodelete = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_nodelete()\n"); -#endif + OSSL_TRACE(INIT, "ossl_init_load_crypto_nodelete()\n"); + #if !defined(OPENSSL_NO_DSO) \ && !defined(OPENSSL_USE_NODELETE) \ && !defined(OPENSSL_NO_PINSHARED) @@ -174,10 +173,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) | GET_MODULE_HANDLE_EX_FLAG_PIN, (void *)&base_inited, &handle); -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", - (ret == TRUE ? "No!" : "Yes.")); -# endif + OSSL_TRACE1(INIT, + "ossl_init_load_crypto_nodelete: " + "obtained DSO reference? %s\n", + (ret == TRUE ? "No!" : "Yes.")); return (ret == TRUE) ? 1 : 0; } # else @@ -193,15 +192,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete) return 0; dso = DSO_dsobyaddr(&base_inited, DSO_FLAG_NO_UNLOAD_ON_FREE); -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: obtained DSO reference? %s\n", - (dso == NULL ? "No!" : "Yes.")); /* * In case of No!, it is uncertain our exit()-handlers can still be * called. After dlclose() the whole library might have been unloaded * already. */ -# endif + OSSL_TRACE1(INIT, "obtained DSO reference? %s\n", + (dso == NULL ? "No!" : "Yes.")); DSO_free(dso); err_unshelve_state(err); } @@ -221,10 +218,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings) * pulling in all the error strings during static linking */ #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_load_crypto_strings: " - "err_load_crypto_strings_int()\n"); -# endif + OSSL_TRACE(INIT, "err_load_crypto_strings_int()\n"); ret = err_load_crypto_strings_int(); load_crypto_strings_inited = 1; #endif @@ -246,10 +240,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers) * pulling in all the ciphers during static linking */ #ifndef OPENSSL_NO_AUTOALGINIT -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_ciphers: " - "openssl_add_all_ciphers_int()\n"); -# endif + OSSL_TRACE(INIT, "openssl_add_all_ciphers_int()\n"); openssl_add_all_ciphers_int(); #endif return 1; @@ -270,10 +261,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests) * pulling in all the ciphers during static linking */ #ifndef OPENSSL_NO_AUTOALGINIT -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_digests: " - "openssl_add_all_digests()\n"); -# endif + OSSL_TRACE(INIT, "openssl_add_all_digests()\n"); openssl_add_all_digests_int(); #endif return 1; @@ -294,10 +282,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_macs) * pulling in all the macs during static linking */ #ifndef OPENSSL_NO_AUTOALGINIT -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_add_all_macs: " - "openssl_add_all_macs_int()\n"); -# endif + OSSL_TRACE(INIT, "openssl_add_all_macs_int()\n"); openssl_add_all_macs_int(); #endif return 1; @@ -320,10 +305,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_config) } DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, - "OPENSSL_INIT: ossl_init_config: openssl_no_config_int()\n"); -#endif + OSSL_TRACE(INIT, "openssl_no_config_int()\n"); openssl_no_config_int(); config_inited = 1; return 1; @@ -333,9 +315,7 @@ static CRYPTO_ONCE async = CRYPTO_ONCE_STATIC_INIT; static int async_inited = 0; DEFINE_RUN_ONCE_STATIC(ossl_init_async) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_async: async_init()\n"); -#endif + OSSL_TRACE(INIT, "async_init()\n"); if (!async_init()) return 0; async_inited = 1; @@ -346,22 +326,15 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_async) static CRYPTO_ONCE engine_openssl = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_openssl) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_openssl: " - "engine_load_openssl_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_openssl_int()\n"); engine_load_openssl_int(); return 1; } - # ifndef OPENSSL_NO_RDRAND static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_rdrand: " - "engine_load_rdrand_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_rdrand_int()\n"); engine_load_rdrand_int(); return 1; } @@ -369,10 +342,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_rdrand) static CRYPTO_ONCE engine_dynamic = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_dynamic: " - "engine_load_dynamic_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_dynamic_int()\n"); engine_load_dynamic_int(); return 1; } @@ -381,10 +351,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_dynamic) static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: " - "engine_load_devcrypto_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_devcrypto_int()\n"); engine_load_devcrypto_int(); return 1; } @@ -393,10 +360,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto) static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_padlock: " - "engine_load_padlock_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_padlock_int()\n"); engine_load_padlock_int(); return 1; } @@ -405,10 +369,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock) static CRYPTO_ONCE engine_capi = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_capi: " - "engine_load_capi_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_capi_int()\n"); engine_load_capi_int(); return 1; } @@ -417,10 +378,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: " - "engine_load_afalg_int()\n"); -# endif + OSSL_TRACE(INIT, "engine_load_afalg_int()\n"); engine_load_afalg_int(); return 1; } @@ -447,26 +405,17 @@ static void ossl_init_thread_stop(struct thread_local_inits_st *locals) return; if (locals->async) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " - "async_delete_thread_state()\n"); -#endif + OSSL_TRACE(INIT, "async_delete_thread_state()\n"); async_delete_thread_state(); } if (locals->err_state) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " - "err_delete_thread_state()\n"); -#endif + OSSL_TRACE(INIT, "err_delete_thread_state()\n"); err_delete_thread_state(); } if (locals->rand) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_stop: " - "drbg_delete_thread_state()\n"); -#endif + OSSL_TRACE(INIT, "drbg_delete_thread_state()\n"); drbg_delete_thread_state(); } @@ -492,26 +441,23 @@ int ossl_init_thread_start(uint64_t opts) return 0; if (opts & OPENSSL_INIT_THREAD_ASYNC) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " - "marking thread for async\n"); -#endif + OSSL_TRACE(INIT, + "ossl_init_thread_start: " + "marking thread for async\n"); locals->async = 1; } if (opts & OPENSSL_INIT_THREAD_ERR_STATE) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " - "marking thread for err_state\n"); -#endif + OSSL_TRACE(INIT, + "ossl_init_thread_start: " + "marking thread for err_state\n"); locals->err_state = 1; } if (opts & OPENSSL_INIT_THREAD_RAND) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_thread_start: " - "marking thread for rand\n"); -#endif + OSSL_TRACE(INIT, + "ossl_init_thread_start: " + "marking thread for rand\n"); locals->rand = 1; } @@ -557,27 +503,18 @@ void OPENSSL_cleanup(void) #ifndef OPENSSL_NO_COMP if (zlib_inited) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "comp_zlib_cleanup_int()\n"); -#endif + OSSL_TRACE(INIT, "OPENSSL_cleanup: comp_zlib_cleanup_int()\n"); comp_zlib_cleanup_int(); } #endif if (async_inited) { -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "async_deinit()\n"); -# endif + OSSL_TRACE(INIT, "OPENSSL_cleanup: async_deinit()\n"); async_deinit(); } if (load_crypto_strings_inited) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "err_free_strings_int()\n"); -#endif + OSSL_TRACE(INIT, "OPENSSL_cleanup: err_free_strings_int()\n"); err_free_strings_int(); } @@ -585,28 +522,6 @@ void OPENSSL_cleanup(void) destructor_key.sane = -1; CRYPTO_THREAD_cleanup_local(&key); -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "rand_cleanup_int()\n"); - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "conf_modules_free_int()\n"); -#ifndef OPENSSL_NO_ENGINE - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "engine_cleanup_int()\n"); -#endif - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "crypto_cleanup_all_ex_data_int()\n"); - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "bio_sock_cleanup_int()\n"); - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "bio_cleanup()\n"); - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "evp_cleanup_int()\n"); - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "obj_cleanup_int()\n"); - fprintf(stderr, "OPENSSL_INIT: OPENSSL_cleanup: " - "err_cleanup()\n"); -#endif /* * Note that cleanup order is important: * - rand_cleanup_int could call an ENGINE's RAND cleanup function so @@ -618,21 +533,42 @@ void OPENSSL_cleanup(void) * - ENGINEs and additional EVP algorithms might use added OIDs names so * obj_cleanup_int() must be called last */ + OSSL_TRACE(INIT, "OPENSSL_cleanup: rand_cleanup_int()\n"); rand_cleanup_int(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: rand_drbg_cleanup_int()\n"); rand_drbg_cleanup_int(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: conf_modules_free_int()\n"); conf_modules_free_int(); #ifndef OPENSSL_NO_ENGINE + OSSL_TRACE(INIT, "OPENSSL_cleanup: engine_cleanup_int()\n"); engine_cleanup_int(); #endif + OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_store_cleanup_int()\n"); ossl_store_cleanup_int(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: crypto_cleanup_all_ex_data_int()\n"); crypto_cleanup_all_ex_data_int(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: bio_cleanup()\n"); bio_cleanup(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: evp_cleanup_int()\n"); evp_cleanup_int(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: obj_cleanup_int()\n"); obj_cleanup_int(); + + OSSL_TRACE(INIT, "OPENSSL_cleanup: err_int()\n"); err_cleanup(); + OSSL_TRACE(INIT, "OPENSSL_cleanup: CRYPTO_secure_malloc_done()\n"); CRYPTO_secure_malloc_done(); + OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_trace_cleanup()\n"); + ossl_trace_cleanup(); + base_inited = 0; } @@ -835,12 +771,10 @@ int OPENSSL_atexit(void (*handler)(void)) ERR_set_mark(); dso = DSO_dsobyaddr(handlersym.sym, DSO_FLAG_NO_UNLOAD_ON_FREE); -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, - "OPENSSL_INIT: OPENSSL_atexit: obtained DSO reference? %s\n", - (dso == NULL ? "No!" : "Yes.")); /* See same code above in ossl_init_base() for an explanation. */ -# endif + OSSL_TRACE1(INIT, + "atexit: obtained DSO reference? %s\n", + (dso == NULL ? "No!" : "Yes.")); DSO_free(dso); ERR_pop_to_mark(); } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 67a9305..b9d13d9 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -10,11 +10,7 @@ #include #include "internal/cryptlib.h" #include - -/* Define this to dump decrypted output to files called DERnnn */ -/* - * #define OPENSSL_DEBUG_DECRYPT - */ +#include /* * Encrypt/Decrypt a buffer based on password and algor, result in a @@ -95,18 +91,11 @@ void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, return NULL; } p = out; -#ifdef OPENSSL_DEBUG_DECRYPT - { - FILE *op; - - char fname[30]; - static int fnm = 1; - sprintf(fname, "DER%d", fnm++); - op = fopen(fname, "wb"); - fwrite(p, 1, outlen, op); - fclose(op); - } -#endif + OSSL_TRACE_BEGIN(PKCS12_DECRYPT) { + BIO_printf(trc_out, "\n"); + BIO_dump(trc_out, out, outlen); + BIO_printf(trc_out, "\n"); + } OSSL_TRACE_END(PKCS12_DECRYPT); ret = ASN1_item_d2i(NULL, &p, outlen, it); if (zbuf) OPENSSL_cleanse(out, outlen); diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 9e9fb17..3580754 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -11,16 +11,7 @@ #include "internal/cryptlib.h" #include #include - -/* Uncomment out this line to get debugging info about key generation */ -/* - * #define OPENSSL_DEBUG_KEYGEN - */ -#ifdef OPENSSL_DEBUG_KEYGEN -# include -extern BIO *bio_err; -void h__dump(unsigned char *p, int len); -#endif +#include /* PKCS12 compatible key/IV generation */ #ifndef min @@ -82,23 +73,22 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int i, j, u, v; int ret = 0; EVP_MD_CTX *ctx = NULL; -#ifdef OPENSSL_DEBUG_KEYGEN unsigned char *tmpout = out; int tmpn = n; -#endif ctx = EVP_MD_CTX_new(); if (ctx == NULL) goto err; -#ifdef OPENSSL_DEBUG_KEYGEN - fprintf(stderr, "KEYGEN DEBUG\n"); - fprintf(stderr, "ID %d, ITER %d\n", id, iter); - fprintf(stderr, "Password (length %d):\n", passlen); - h__dump(pass, passlen); - fprintf(stderr, "Salt (length %d):\n", saltlen); - h__dump(salt, saltlen); -#endif + OSSL_TRACE_BEGIN(PKCS12_KEYGEN) { + BIO_printf(trc_out, "PKCS12_key_gen_uni(): ID %d, ITER %d\n", id, iter); + BIO_printf(trc_out, "Password (length %d):\n", passlen); + BIO_hex_string(trc_out, 0, passlen, pass, passlen); + BIO_printf(trc_out, "\n"); + BIO_printf(trc_out, "Salt (length %d):\n", saltlen); + BIO_hex_string(trc_out, 0, saltlen, salt, saltlen); + BIO_printf(trc_out, "\n"); + } OSSL_TRACE_END(PKCS12_KEYGEN); v = EVP_MD_block_size(md_type); u = EVP_MD_size(md_type); if (u < 0 || v <= 0) @@ -136,10 +126,11 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, } memcpy(out, Ai, min(n, u)); if (u >= n) { -#ifdef OPENSSL_DEBUG_KEYGEN - fprintf(stderr, "Output KEY (length %d)\n", tmpn); - h__dump(tmpout, tmpn); -#endif + OSSL_TRACE_BEGIN(PKCS12_KEYGEN) { + BIO_printf(trc_out, "Output KEY (length %d)\n", tmpn); + BIO_hex_string(trc_out, 0, tmpn, tmpout, tmpn); + BIO_printf(trc_out, "\n"); + } OSSL_TRACE_END(PKCS12_KEYGEN); ret = 1; goto end; } @@ -172,12 +163,3 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, EVP_MD_CTX_free(ctx); return ret; } - -#ifdef OPENSSL_DEBUG_KEYGEN -void h__dump(unsigned char *p, int len) -{ - for (; len--; p++) - fprintf(stderr, "%02X", *p); - fprintf(stderr, "\n"); -} -#endif diff --git a/crypto/trace.c b/crypto/trace.c new file mode 100644 index 0000000..8ead944 --- /dev/null +++ b/crypto/trace.c @@ -0,0 +1,495 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +#include +#include +#include +#include "internal/bio.h" +#include "internal/nelem.h" +#include "internal/cryptlib_int.h" + +#include "e_os.h" /* strcasecmp for Windows */ + +#ifndef OPENSSL_NO_TRACE + +static CRYPTO_RWLOCK *trace_lock = NULL; + +static const BIO *current_channel = NULL; + +/*- + * INTERNAL TRACE CHANNEL IMPLEMENTATION + * + * For our own flexibility, all trace categories are associated with a + * BIO sink object, also called the trace channel. Instead of a BIO object, + * the application can also provide a callback function, in which case an + * internal trace channel is attached, which simply calls the registered + * callback function. + */ +static int trace_write(BIO *b, const char *buf, + size_t num, size_t *written); +static int trace_puts(BIO *b, const char *str); +static long trace_ctrl(BIO *channel, int cmd, long argl, void *argp); +static int trace_free(BIO *b); + +static const BIO_METHOD trace_method = { + BIO_TYPE_SOURCE_SINK, + "trace", + trace_write, + NULL, /* old write */ + NULL, /* read_ex */ + NULL, /* read */ + trace_puts, + NULL, /* gets */ + trace_ctrl, /* ctrl */ + NULL, /* create */ + trace_free, /* free */ + NULL, /* callback_ctrl */ +}; + +struct trace_data_st { + OSSL_trace_cb callback; + int category; + void *data; +}; + +static int trace_write(BIO *channel, + const char *buf, size_t num, size_t *written) +{ + struct trace_data_st *ctx = BIO_get_data(channel); + size_t cnt = ctx->callback(buf, num, ctx->category, OSSL_TRACE_CTRL_DURING, + ctx->data); + + *written = cnt; + return cnt != 0; +} + +static int trace_puts(BIO *channel, const char *str) +{ + size_t written; + + if (trace_write(channel, str, strlen(str), &written)) + return (int)written; + + return EOF; +} + +static long trace_ctrl(BIO *channel, int cmd, long argl, void *argp) +{ + struct trace_data_st *ctx = BIO_get_data(channel); + + switch (cmd) { + case OSSL_TRACE_CTRL_BEGIN: + case OSSL_TRACE_CTRL_END: + /* We know that the callback is likely to return 0 here */ + ctx->callback("", 0, ctx->category, cmd, ctx->data); + return 1; + default: + break; + } + return -2; /* Unsupported */ +} + +static int trace_free(BIO *channel) +{ + if (channel == NULL) + return 0; + OPENSSL_free(BIO_get_data(channel)); + return 1; +} +#endif + +/*- + * TRACE + */ + +/* Helper struct and macro to get name string to number mapping */ +struct trace_category_st { + const char * const name; + const int num; +}; +#define TRACE_CATEGORY_(name) { #name, OSSL_TRACE_CATEGORY_##name } + +static const struct trace_category_st trace_categories[] = { + TRACE_CATEGORY_(ANY), + TRACE_CATEGORY_(TRACE), + TRACE_CATEGORY_(INIT), + TRACE_CATEGORY_(TLS), + TRACE_CATEGORY_(TLS_CIPHER), + TRACE_CATEGORY_(ENGINE_CONF), + TRACE_CATEGORY_(ENGINE_TABLE), + TRACE_CATEGORY_(ENGINE_REF_COUNT), + TRACE_CATEGORY_(PKCS5V2), + TRACE_CATEGORY_(PKCS12_KEYGEN), + TRACE_CATEGORY_(PKCS12_DECRYPT), + TRACE_CATEGORY_(X509V3_POLICY), + TRACE_CATEGORY_(BN_CTX), +}; + +const char *OSSL_trace_get_category_name(int num) +{ + size_t i; + + for (i = 0; i < OSSL_NELEM(trace_categories); i++) + if (trace_categories[i].num == num) + return trace_categories[i].name; + return NULL; /* not found */ +} + +int OSSL_trace_get_category_num(const char *name) +{ + size_t i; + + for (i = 0; i < OSSL_NELEM(trace_categories); i++) + if (strcasecmp(name, trace_categories[i].name) == 0) + return trace_categories[i].num; + return -1; /* not found */ +} + +#ifndef OPENSSL_NO_TRACE + +/* We use one trace channel for each trace category */ +static struct { + enum { t_channel, t_callback } type; + BIO *bio; + char *prefix; + char *suffix; +} trace_channels[OSSL_TRACE_CATEGORY_NUM] = { + { 0, NULL, NULL, NULL }, +}; + +#endif + +#ifndef OPENSSL_NO_TRACE +static int trace_attach_cb(int category, int type, const void *data) +{ + switch (type) { + case 0: /* Channel */ + OSSL_TRACE2(TRACE, "Attach channel %p to category '%s'\n", + data, trace_categories[category].name); + break; + case 1: /* Prefix */ + OSSL_TRACE2(TRACE, "Attach prefix \"%s\" to category '%s'\n", + (const char *)data, trace_categories[category].name); + break; + case 2: /* Suffix */ + OSSL_TRACE2(TRACE, "Attach suffix \"%s\" to category '%s'\n", + (const char *)data, trace_categories[category].name); + break; + default: /* No clue */ + break; + } + return 1; +} + +static int trace_detach_cb(int category, int type, const void *data) +{ + switch (type) { + case 0: /* Channel */ + OSSL_TRACE2(TRACE, "Detach channel %p from category '%s'\n", + data, trace_categories[category].name); + break; + case 1: /* Prefix */ + OSSL_TRACE2(TRACE, "Detach prefix \"%s\" from category '%s'\n", + (const char *)data, trace_categories[category].name); + break; + case 2: /* Suffix */ + OSSL_TRACE2(TRACE, "Detach suffix \"%s\" from category '%s'\n", + (const char *)data, trace_categories[category].name); + break; + default: /* No clue */ + break; + } + return 1; +} + +static int set_trace_data(int category, BIO **channel, + const char **prefix, const char **suffix, + int (*attach_cb)(int, int, const void *), + int (*detach_cb)(int, int, const void *)) +{ + BIO *curr_channel = trace_channels[category].bio; + char *curr_prefix = trace_channels[category].prefix; + char *curr_suffix = trace_channels[category].suffix; + + /* Make sure to run the detach callback first on all data */ + if (prefix != NULL && curr_prefix != NULL) { + detach_cb(category, 1, curr_prefix); + } + + if (suffix != NULL && curr_suffix != NULL) { + detach_cb(category, 2, curr_suffix); + } + + if (channel != NULL && curr_channel != NULL) { + detach_cb(category, 0, curr_channel); + } + + /* After detach callbacks are done, clear data where appropriate */ + if (prefix != NULL && curr_prefix != NULL) { + OPENSSL_free(curr_prefix); + trace_channels[category].prefix = NULL; + } + + if (suffix != NULL && curr_suffix != NULL) { + OPENSSL_free(curr_suffix); + trace_channels[category].suffix = NULL; + } + + if (channel != NULL && curr_channel != NULL) { + BIO_free(curr_channel); + trace_channels[category].bio = NULL; + } + + /* Before running callbacks are done, set new data where appropriate */ + if (channel != NULL && *channel != NULL) { + trace_channels[category].bio = *channel; + } + + if (prefix != NULL && *prefix != NULL) { + if ((curr_prefix = OPENSSL_strdup(*prefix)) == NULL) + return 0; + trace_channels[category].prefix = curr_prefix; + } + + if (suffix != NULL && *suffix != NULL) { + if ((curr_suffix = OPENSSL_strdup(*suffix)) == NULL) + return 0; + trace_channels[category].suffix = curr_suffix; + } + + /* Finally, run the attach callback on the new data */ + if (channel != NULL && *channel != NULL) { + attach_cb(category, 0, *channel); + } + + if (prefix != NULL && *prefix != NULL) { + attach_cb(category, 1, *prefix); + } + + if (suffix != NULL && *suffix != NULL) { + attach_cb(category, 2, *suffix); + } + + return 1; +} +#endif + +int ossl_trace_init(void) +{ +#ifndef OPENSSL_NO_TRACE + trace_lock = CRYPTO_THREAD_lock_new(); + if (trace_lock != NULL) + return 1; +#endif + + return 0; +} + +void ossl_trace_cleanup(void) +{ +#ifndef OPENSSL_NO_TRACE + int category; + BIO *channel = NULL; + const char *prefix = NULL; + const char *suffix = NULL; + + for (category = 0; category < OSSL_TRACE_CATEGORY_NUM; category++) { + /* We force the TRACE category to be treated last */ + if (category == OSSL_TRACE_CATEGORY_TRACE) + continue; + set_trace_data(category, &channel, &prefix, &suffix, + trace_attach_cb, trace_detach_cb); + } + set_trace_data(OSSL_TRACE_CATEGORY_TRACE, &channel, &prefix, &suffix, + trace_attach_cb, trace_detach_cb); + CRYPTO_THREAD_lock_free(trace_lock); +#endif +} + +int OSSL_trace_set_channel(int category, BIO *channel) +{ +#ifndef OPENSSL_NO_TRACE + if (category < 0 || category >= OSSL_TRACE_CATEGORY_NUM + || !set_trace_data(category, &channel, NULL, NULL, + trace_attach_cb, trace_detach_cb)) + goto err; + + trace_channels[category].type = t_channel; + return 1; + + err: +#endif + + return 0; +} + +#ifndef OPENSSL_NO_TRACE +static int trace_attach_w_callback_cb(int category, int type, const void *data) +{ + switch (type) { + case 0: /* Channel */ + OSSL_TRACE2(TRACE, + "Attach channel %p to category '%s' (with callback)\n", + data, trace_categories[category].name); + break; + case 1: /* Prefix */ + OSSL_TRACE2(TRACE, "Attach prefix \"%s\" to category '%s'\n", + (const char *)data, trace_categories[category].name); + break; + case 2: /* Suffix */ + OSSL_TRACE2(TRACE, "Attach suffix \"%s\" to category '%s'\n", + (const char *)data, trace_categories[category].name); + break; + default: /* No clue */ + break; + } + return 1; +} +#endif + +int OSSL_trace_set_callback(int category, OSSL_trace_cb callback, void *data) +{ +#ifndef OPENSSL_NO_TRACE + BIO *channel = NULL; + struct trace_data_st *trace_data = NULL; + + if (category < 0 || category >= OSSL_TRACE_CATEGORY_NUM) + goto err; + + if (callback != NULL) { + if ((channel = BIO_new(&trace_method)) == NULL + || (trace_data = + OPENSSL_zalloc(sizeof(struct trace_data_st))) == NULL) + goto err; + + trace_data->callback = callback; + trace_data->category = category; + trace_data->data = data; + + BIO_set_data(channel, trace_data); + } + + if (!set_trace_data(category, &channel, NULL, NULL, + trace_attach_w_callback_cb, trace_detach_cb)) + goto err; + + trace_channels[category].type = t_callback; + return 1; + + err: + BIO_free(channel); + OPENSSL_free(trace_data); +#endif + + return 0; +} + +int OSSL_trace_set_prefix(int category, const char *prefix) +{ +#ifndef OPENSSL_NO_TRACE + if (category >= 0 || category < OSSL_TRACE_CATEGORY_NUM) + return set_trace_data(category, NULL, &prefix, NULL, + trace_attach_cb, trace_detach_cb); +#endif + + return 0; +} + +int OSSL_trace_set_suffix(int category, const char *suffix) +{ +#ifndef OPENSSL_NO_TRACE + if (category >= 0 || category < OSSL_TRACE_CATEGORY_NUM) + return set_trace_data(category, NULL, NULL, &suffix, + trace_attach_cb, trace_detach_cb); +#endif + + return 0; +} + +#ifndef OPENSSL_NO_TRACE +static int ossl_trace_get_category(int category) +{ + if (category < 0 || category >= OSSL_TRACE_CATEGORY_NUM) + return -1; + if (trace_channels[category].bio != NULL) + return category; + return OSSL_TRACE_CATEGORY_ANY; +} +#endif + +int OSSL_trace_enabled(int category) +{ + int ret = 0; +#ifndef OPENSSL_NO_TRACE + category = ossl_trace_get_category(category); + ret = trace_channels[category].bio != NULL; +#endif + return ret; +} + +BIO *OSSL_trace_begin(int category) +{ + BIO *channel = NULL; +#ifndef OPENSSL_NO_TRACE + char *prefix = NULL; + + category = ossl_trace_get_category(category); + channel = trace_channels[category].bio; + prefix = trace_channels[category].prefix; + + if (channel != NULL) { + CRYPTO_THREAD_write_lock(trace_lock); + current_channel = channel; + switch (trace_channels[category].type) { + case t_channel: + if (prefix != NULL) { + (void)BIO_puts(channel, prefix); + (void)BIO_puts(channel, "\n"); + } + break; + case t_callback: + (void)BIO_ctrl(channel, OSSL_TRACE_CTRL_BEGIN, + prefix == NULL ? 0 : strlen(prefix), prefix); + break; + } + } +#endif + return channel; +} + +void OSSL_trace_end(int category, BIO * channel) +{ +#ifndef OPENSSL_NO_TRACE + char *suffix = NULL; + + category = ossl_trace_get_category(category); + suffix = trace_channels[category].suffix; + if (channel != NULL + && ossl_assert(channel == current_channel)) { + (void)BIO_flush(channel); + switch (trace_channels[category].type) { + case t_channel: + if (suffix != NULL) { + (void)BIO_puts(channel, suffix); + (void)BIO_puts(channel, "\n"); + } + break; + case t_callback: + (void)BIO_ctrl(channel, OSSL_TRACE_CTRL_END, + suffix == NULL ? 0 : strlen(suffix), suffix); + break; + } + current_channel = NULL; + CRYPTO_THREAD_unlock(trace_lock); + } +#endif +} diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c index 860e4bf..0c5887c 100644 --- a/crypto/x509v3/pcy_tree.c +++ b/crypto/x509v3/pcy_tree.c @@ -8,76 +8,71 @@ */ #include "internal/cryptlib.h" +#include #include #include #include "pcy_int.h" -/* - * Enable this to print out the complete policy tree at various point during - * evaluation. - */ - -/* - * #define OPENSSL_POLICY_DEBUG - */ - -#ifdef OPENSSL_POLICY_DEBUG - -static void expected_print(BIO *err, X509_POLICY_LEVEL *lev, - X509_POLICY_NODE *node, int indent) +static void expected_print(BIO *channel, + X509_POLICY_LEVEL *lev, X509_POLICY_NODE *node, + int indent) { if ((lev->flags & X509_V_FLAG_INHIBIT_MAP) || !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK)) - BIO_puts(err, " Not Mapped\n"); + BIO_puts(channel, " Not Mapped\n"); else { int i; + STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set; ASN1_OBJECT *oid; - BIO_puts(err, " Expected: "); + BIO_puts(channel, " Expected: "); for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++) { oid = sk_ASN1_OBJECT_value(pset, i); if (i) - BIO_puts(err, ", "); - i2a_ASN1_OBJECT(err, oid); + BIO_puts(channel, ", "); + i2a_ASN1_OBJECT(channel, oid); } - BIO_puts(err, "\n"); + BIO_puts(channel, "\n"); } } -static void tree_print(char *str, X509_POLICY_TREE *tree, +static void tree_print(BIO *channel, + char *str, X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr) { - BIO *err = BIO_new_fp(stderr, BIO_NOCLOSE); X509_POLICY_LEVEL *plev; - if (err == NULL) - return; if (!curr) curr = tree->levels + tree->nlevel; else curr++; - BIO_printf(err, "Level print after %s\n", str); - BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels); + BIO_printf(channel, "Level print after %s\n", str); + BIO_printf(channel, "Printing Up to Level %ld\n", + curr - tree->levels); for (plev = tree->levels; plev != curr; plev++) { int i; - BIO_printf(err, "Level %ld, flags = %x\n", + BIO_printf(channel, "Level %ld, flags = %x\n", (long)(plev - tree->levels), plev->flags); for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++) { - X509_POLICY_NODE *node = sk_X509_POLICY_NODE_value(plev->nodes, i); + X509_POLICY_NODE *node = + sk_X509_POLICY_NODE_value(plev->nodes, i); - X509_POLICY_NODE_print(err, node, 2); - expected_print(err, plev, node, 2); - BIO_printf(err, " Flags: %x\n", node->data->flags); + X509_POLICY_NODE_print(channel, node, 2); + expected_print(channel, plev, node, 2); + BIO_printf(channel, " Flags: %x\n", node->data->flags); } if (plev->anyPolicy) - X509_POLICY_NODE_print(err, plev->anyPolicy, 2); + X509_POLICY_NODE_print(channel, plev->anyPolicy, 2); } - BIO_free(err); } -#endif + +#define TREE_PRINT(str, tree, curr) \ + OSSL_TRACE_BEGIN(X509V3_POLICY) { \ + tree_print(trc_out, "before tree_prune()", tree, curr); \ + } OSSL_TRACE_END(X509V3_POLICY) /*- * Return value: <= 0 on error, or positive bit mask: @@ -588,9 +583,7 @@ static int tree_evaluate(X509_POLICY_TREE *tree) if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) && !tree_link_any(curr, cache, tree)) return X509_PCY_TREE_INTERNAL; -#ifdef OPENSSL_POLICY_DEBUG - tree_print("before tree_prune()", tree, curr); -#endif + TREE_PRINT("before tree_prune()", tree, curr); ret = tree_prune(tree, curr); if (ret != X509_PCY_TREE_VALID) return ret; @@ -665,9 +658,7 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, } ret = tree_evaluate(tree); -#ifdef OPENSSL_POLICY_DEBUG - tree_print("tree_evaluate()", tree, NULL); -#endif + TREE_PRINT("tree_evaluate()", tree, NULL); if (ret <= 0) goto error; diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod index a2002d4..ca4f78c 100644 --- a/doc/man1/openssl.pod +++ b/doc/man1/openssl.pod @@ -531,6 +531,74 @@ Read the password from standard input. =back +=head1 ENVIRONMENT + +=over 4 + +=item BI + +Enable tracing output of OpenSSL library, by name. +This output will only make sense if you know OpenSSL internals well. +Also, it might not give you any output at all, depending on how +OpenSSL was built. + +The value is a comma separated list of names, with the following +available: + +=over 4 + +=item B + +The tracing functionality. + +=item B + +General SSL/TLS. + +=item B + +SSL/TLS cipher. + +=item B + +ENGINE configuration. + +=item B + +The function that is used by RSA, DSA (etc) code to select registered +ENGINEs, cache defaults and functional references (etc), will generate +debugging summaries. + +=item B + +Reference counts in the ENGINE structure will be monitored with a line +of generated for each change. + +=item B + +PKCS#5 v2 keygen. + +=item B + +PKCS#12 key generation. + +=item B + +PKCS#12 decryption. + +=item B + +Generates the complete policy tree at various point during X.509 v3 +policy evaluation. + +=item B + +BIGNUM context. + +=back + +=back + =head1 SEE ALSO L, L, L, L, L, diff --git a/doc/man3/OSSL_trace_enabled.pod b/doc/man3/OSSL_trace_enabled.pod new file mode 100644 index 0000000..ecb88ab --- /dev/null +++ b/doc/man3/OSSL_trace_enabled.pod @@ -0,0 +1,183 @@ +=pod + +=head1 NAME + +OSSL_trace_enabled, OSSL_trace_begin, OSSL_trace_end +- OpenSSL Tracing API + +=head1 SYNOPSIS + + #include + + int OSSL_trace_enabled(int category); + + BIO *OSSL_trace_begin(int category); + void OSSL_trace_end(int category, BIO *channel); + +=head1 DESCRIPTION + +The functions described here are mainly interesting for those who provide +OpenSSL functionality, either in OpenSSL itself or in engine modules +or similar. + +If operational (see L below), these functions are used to +generate free text tracing output. + +The tracing output is divided into types which are enabled +individually by the application. +The tracing types are described in detail in +L. +The fallback type C should I be used +with the functions described here. + +=head2 Functions + +OSSL_trace_enabled() can be used to check if tracing for the given +C is enabled. + +OSSL_trace_begin() is used to starts a tracing section, and get the +channel for the given C in form of a BIO. +This BIO can only be used for output. + +OSSL_trace_end() is used to end a tracing section. + +Using OSSL_trace_begin() and OSSL_trace_end() to wrap tracing sections +is I. +The result of trying to produce tracing output outside of such +sections is undefined. + +=head2 Convenience Macros + +There are a number of convenience macros defined, to make tracing +easy and consistent. + +C and C reserve +the B C and are used as follows to wrap a trace section: + + OSSL_TRACE_BEGIN(TLS) { + + BIO_fprintf(trc_out, ... ); + + } OSSL_TRACE_END(TLS); + +This will normally expands to: + + do { + BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); + if (trc_out != NULL) { + ... + BIO_fprintf(trc_out, ...); + } + OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); + } while (0); + +C must be used before returning from or +jumping out of a trace section: + + OSSL_TRACE_BEGIN(TLS) { + + if (condition) { + OSSL_TRACE_CANCEL(TLS); + goto err; + } + BIO_fprintf(trc_out, ... ); + + } OSSL_TRACE_END(TLS); + +This will normally expand to: + + do { + BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); + if (trc_out != NULL) { + if (condition) { + OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); + goto err; + } + BIO_fprintf(trc_out, ... ); + } + OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); + } while (0); + +=head1 NOTES + +It is advisable to always check that a trace type is enabled with +OSSL_trace_enabled() before generating any output, for example: + + if (OSSL_trace_enabled(OSSL_TRACE_CATEGORY_TLS)) { + BIO *trace = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); + BIO_printf(trace, "FOO %d\n", somevalue); + BIO_dump(trace, somememory, somememory_l); + OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trace); + } + +=head2 Tracing disabled + +The OpenSSL library may be built with tracing disabled, which makes +everything documented here inoperational. + +When the library is built with tracing disabled: + +=over 4 + +=item * + +The macro C is defined in C. + +=item * + +all functions are still present, bu OSSL_trace_enabled() will always +report the categories as disabled, and all other functions will do +nothing. + +=item * + +the convenience macros are defined to produce dead code. +For example, take this example from L above: + + OSSL_TRACE_BEGIN(TLS) { + + if (condition) { + OSSL_TRACE_CANCEL(TLS); + goto err; + } + BIO_fprintf(trc_out, ... ); + + } OSSL_TRACE_END(TLS); + +When the tracing API isn't operational, that will expand to: + + do { + BIO *trc_out = NULL; + if (0) { + if (condition) { + ((void)0); + goto err; + } + BIO_fprintf(trc_out, ... ); + } + } while (0); + +=back + +=head1 RETURN VALUES + +OSSL_trace_enabled() returns 1 if tracing for the given B is +operational and enabled, otherwise 0. + +OSSL_trace_begin() returns a C if the given B is enabled, +otherwise C. + +=head1 HISTORY + +The OpenSSL Tracing API was added ino OpenSSL 3.0.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_trace_get_category_num.pod b/doc/man3/OSSL_trace_get_category_num.pod new file mode 100644 index 0000000..886d0f1 --- /dev/null +++ b/doc/man3/OSSL_trace_get_category_num.pod @@ -0,0 +1,44 @@ +=pod + +=head1 NAME + +OSSL_trace_get_category_num, OSSL_trace_get_category_name +- OpenSSL tracing information functions + +=head1 SYNOPSIS + + #include + + int OSSL_trace_get_category_num(const char *name); + const char *OSSL_trace_get_category_name(int num); + +=head1 DESCRIPTION + +OSSL_trace_get_category_num() gives the category number corresponding +to the given C. + +OSSL_trace_get_category_name() gives the category name corresponding +to the given C. + +=head1 RETURN VALUES + +OSSL_trace_get_category_num() returns the category number if the given +C is a recognised category name, otherwise -1. + +OSSL_trace_get_category_name() returns the category name if the given +C is a recognised category number, otherwise NULL. + +=head1 HISTORY + +The OpenSSL Tracing API was added ino OpenSSL 3.0.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_trace_set_channel.pod b/doc/man3/OSSL_trace_set_channel.pod new file mode 100644 index 0000000..6981dbc --- /dev/null +++ b/doc/man3/OSSL_trace_set_channel.pod @@ -0,0 +1,288 @@ +=pod + +=head1 NAME + +OSSL_trace_set_channel, OSSL_trace_set_prefix, OSSL_trace_set_suffix, +OSSL_trace_set_callback, OSSL_trace_cb - Enabling trace output + +=head1 SYNOPSIS + + #include + + typedef size_t (*OSSL_trace_cb)(const char *buf, size_t cnt, + int category, int cmd, void *data); + + void OSSL_trace_set_channel(int category, BIO *bio); + void OSSL_trace_set_prefix(int category, const char *prefix); + void OSSL_trace_set_suffix(int category, const char *suffix); + void OSSL_trace_set_callback(int category, OSSL_trace_cb cb, void *data); + +=head1 DESCRIPTION + +If available (see L below), the application can request +internal trace output. +This output comes in form of free text for humans to read. + +The trace output is divided into categories which can be +enabled individually. +They are enabled by giving them a channel in form of a BIO, or a +tracer callback, which is responsible for performing the actual +output. + +=head2 Functions + +OSSL_trace_set_channel() is used to enable the given trace C +by giving it the B C. + +OSSL_trace_set_prefix() and OSSL_trace_set_suffix() can be used to add +an extra line for each channel, to be output before and after group of +tracing output. +What constitues an output group is decided by the code that produces +the output. +The lines given here are considered immutable; for more dynamic +tracing prefixes, consider setting a callback with +OSSL_trace_set_callback() instead. + +OSSL_trace_set_callback() is used to enable the given trace +C by giving it the tracer callback C with the associated +data C, which will simply be passed through to C whenever +it's called. +This should be used when it's desirable to do form the trace output to +something suitable for application needs where a prefix and suffix +line aren't enough. + +OSSL_trace_set_channel() and OSSL_trace_set_callback() are mutually +exclusive, calling one of them will clear whatever was set by the +previous call. + +Calling OSSL_trace_set_channel() with C for C or +OSSL_trace_set_callback() with C for C disables tracing for +the given C + +=head2 Trace callback + +The tracer callback must return a C, which must be zero on +error and otherwise return the number of bytes that were output. +It receives a text buffer C with C bytes of text, as well as +the C, a control number C, and the C that was +passed to OSSL_trace_set_callback(). + +The possible control numbers are: + +=over 4 + +=item C + +The callback is called from OSSL_trace_begin(), which gives the +callback the possibility to output a dynamic starting line, or set a +prefix that should be output at the beginning of each line, or +something other. + +=item C + +The callback is called from any regular BIO output routine. + +=item C + +The callback is called from OSSL_trace_end(), which gives the callback +the possibility to output a dynamic ending line, or reset the line +prefix that was set with OSSL_TRACE_CTRL_BEGIN, or something other. + +=back + +=head2 Trace categories + +The trace categories are simple numbers available through macros. + +=over 4 + +=item C + +Traces the OpenSSL trace API itself. + +More precisely, this will generate trace output any time a new +trace hook is set. + +=item C + +Traces OpenSSL library initialization and cleanup. + +This needs special care, as OpenSSL will do automatic cleanup after +exit from C, and any tracing output done during this cleanup +will be lost if the tracing channel or callback were cleaned away +prematurely. +A suggestion is to make such cleanup part of a function that's +registered very early with L. + +=item C + +Traces the TLS/SSL protocoll. + +=item C + +Traces the ciphers used by the TLS/SSL protocoll. + +=item C + +Traces the ENGINE configuration. + +=item C + +Traces the ENGINE algorithm table selection. + +More precisely, engine_table_select(), the function that is used by +RSA, DSA (etc) code to select registered ENGINEs, cache defaults and +functional references (etc), will generate trace summaries. + +=item C + +Tracds the ENGINE reference counting. + +More precisely, both reference counts in the ENGINE structure will be +monitored with a line of trace output generated for each change. + +=item C + +Traces PKCS#5 v2 key generation. + +=item C + +Traces PKCS#12 key generation. + +=item C + +Traces PKCS#12 decryption. + +=item C + +Traces X509v3 policy processing. + +More precisely, this generates the complete policy tree at various +point during evaluation. + +=item C + +Traces BIGNUM context operations. + +=back + +There is also C, which works as a fallback +and can be used to get I trace output. + +=head1 RETURN VALUES + +OSSL_trace_set_channel(), OSSL_trace_set_prefix(), +OSSL_trace_set_suffix(), and OSSL_trace_set_callback() return 1 on +success, or 0 on failure. + +=head1 EXAMPLES + +In all examples below, we assume that the trace producing code is +this: + + int foo = 42; + const char bar[] = { 0, 1, 2, 3, 4, 5, 6, 7, + 8, 9, 10, 11, 12, 13, 14, 15 }; + + OSSL_TRACE_BEGIN(TLS) { + BIO_puts(trc_out, "foo: "); + BIO_printf(trc_out, "%d\n", foo); + BIO_dump(trc_out, bar, sizeof(bar)); + } OSSL_TRACE_END(TLS); + +=head1 Simple example + +An example with just a channel and constant prefix / suffix. + + int main(int argc, char *argv[]) + { + BIO *err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); + OSSL_trace_set_channel(OSSL_TRACE_CATEGORY_SSL, err); + OSSL_trace_set_prefix(OSSL_TRACE_CATEGORY_SSL, "BEGIN TRACE[TLS]"); + OSSL_trace_set_suffix(OSSL_TRACE_CATEGORY_SSL, "END TRACE[TLS]"); + + /* ... work ... */ + } + +When the trace producing code above is performed, this will be output +on standard error: + + BEGIN TRACE[TLS] + foo: 42 + 0000 - 00 01 02 03 04 05 06 07-08 09 0a 0b 0c 0d 0e 0f ................ + END TRACE[TLS] + +=head2 Advanced example + +This example uses the callback, and depends on pthreads functionality. + + static size_t cb(const char *buf, size_t cnt, + int category, int cmd, void *vdata) + { + BIO *bio = vdata; + const char *label = NULL; + + switch (cmd) { + case OSSL_TRACE_CTRL_BEGIN: + label = "BEGIN"; + break; + case OSSL_TRACE_CTRL_END: + label = "END"; + break; + } + + if (label != NULL) { + union { + pthread_t tid; + unsigned long ltid; + } tid; + + tid.tid = pthread_self(); + BIO_printf(bio, "%s TRACE[%s]:%lx\n", + label, OSSL_trace_get_category_name(category), tid.ltid); + } + return (size_t)BIO_puts(bio, buf); + } + + int main(int argc, char *argv[]) + { + BIO *err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); + OSSL_trace_set_callback(OSSL_TRACE_CATEGORY_SSL, cb, err); + + /* ... work ... */ + } + +The output is almost the same as for the simple example above. + + BEGIN TRACE[TLS]:7f9eb0193b80 + foo: 42 + 0000 - 00 01 02 03 04 05 06 07-08 09 0a 0b 0c 0d 0e 0f ................ + END TRACE[TLS]:7f9eb0193b80 + +=head1 NOTES + +=head2 Tracing disabled + +The OpenSSL library may be built with tracing disabled, which makes +everything documented here inoperational. + +When the library is built with tracing disabled, the macro +C is defined in C and all +functions described here are inoperational, i.e. will do nothing. + +=head1 HISTORY + +OSSL_trace_set_channel(), OSSL_trace_set_prefix(), +OSSL_trace_set_suffix(), and OSSL_trace_set_callback() were all added +in OpenSSL 3.0.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/include/openssl/trace.h b/include/openssl/trace.h new file mode 100644 index 0000000..da0ba0b --- /dev/null +++ b/include/openssl/trace.h @@ -0,0 +1,291 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_TRACE_H +# define OSSL_TRACE_H + +# include + +# include + +# ifdef __cplusplus +extern "C" { +# endif + +/* + * TRACE CATEGORIES + */ + +/* + * The trace messages of the OpenSSL libraries are organized into different + * categories. For every trace category, the application can register a separate + * tracer callback. When a callback is registered, a so called trace channel is + * created for this category. This channel consists essentially of an internal + * BIO which sends all trace output it receives to the registered application + * callback. + * + * The ANY category is used as a fallback category. + */ +# define OSSL_TRACE_CATEGORY_ANY 0 /* The fallback */ +# define OSSL_TRACE_CATEGORY_TRACE 1 +# define OSSL_TRACE_CATEGORY_INIT 2 +# define OSSL_TRACE_CATEGORY_TLS 3 +# define OSSL_TRACE_CATEGORY_TLS_CIPHER 4 +# define OSSL_TRACE_CATEGORY_ENGINE_CONF 5 +# define OSSL_TRACE_CATEGORY_ENGINE_TABLE 6 +# define OSSL_TRACE_CATEGORY_ENGINE_REF_COUNT 7 +# define OSSL_TRACE_CATEGORY_PKCS5V2 8 +# define OSSL_TRACE_CATEGORY_PKCS12_KEYGEN 9 +# define OSSL_TRACE_CATEGORY_PKCS12_DECRYPT 10 +# define OSSL_TRACE_CATEGORY_X509V3_POLICY 11 +# define OSSL_TRACE_CATEGORY_BN_CTX 12 +# define OSSL_TRACE_CATEGORY_NUM 13 + +/* Returns the trace category number for the given |name| */ +int OSSL_trace_get_category_num(const char *name); + +/* Returns the trace category name for the given |num| */ +const char *OSSL_trace_get_category_name(int num); + +/* + * TRACE CONSUMERS + */ + +/* + * Enables tracing for the given |category| by providing a BIO sink + * as |channel|. If a null pointer is passed as |channel|, an existing + * trace channel is removed and tracing for the category is disabled. + * + * Returns 1 on success and 0 on failure + */ +int OSSL_trace_set_channel(int category, BIO* channel); + +/* + * Attach a prefix and a suffix to the given |category|, to be printed at the + * beginning and at the end of each trace output group, i.e. when + * OSSL_trace_begin() and OSSL_trace_end() are called. + * If a null pointer is passed as argument, the existing prefix or suffix is + * removed. + * + * They return 1 on success and 0 on failure + */ +int OSSL_trace_set_prefix(int category, const char *prefix); +int OSSL_trace_set_suffix(int category, const char *suffix); + +/* + * OSSL_trace_cb is the type tracing callback provided by the application. + * It MUST return the number of bytes written, or 0 on error (in other words, + * it can never write zero bytes). + * + * The |buffer| will always contain text, which may consist of several lines. + * The |data| argument points to whatever data was provided by the application + * when registering the tracer function. + * + * The |category| number is given, as well as a |cmd| number, described below. + */ +typedef size_t (*OSSL_trace_cb)(const char *buffer, size_t count, + int category, int cmd, void *data); +/* + * Possible |cmd| numbers. + */ +# define OSSL_TRACE_CTRL_BEGIN 0 +# define OSSL_TRACE_CTRL_DURING 1 +# define OSSL_TRACE_CTRL_END 2 + +/* + * Enables tracing for the given |category| by creating an internal + * trace channel which sends the output to the given |callback|. + * If a null pointer is passed as callback, an existing trace channel + * is removed and tracing for the category is disabled. + * + * NOTE: OSSL_trace_set_channel() and OSSL_trace_set_callback() are mutually + * exclusive. + * + * Returns 1 on success and 0 on failure + */ +int OSSL_trace_set_callback(int category, OSSL_trace_cb callback, void *data); + +/* + * TRACE PRODUCERS + */ + +/* + * Returns 1 if tracing for the specified category is enabled, otherwise 0 + */ +int OSSL_trace_enabled(int category); + +/* + * Wrap a group of tracing output calls. OSSL_trace_begin() locks tracing and + * returns the trace channel associated with the given category, or NULL if no + * channel is associated with the category. OSSL_trace_end() unlocks tracing. + * + * Usage: + * + * BIO *out; + * if ((out = OSSL_trace_begin(category)) != NULL) { + * ... + * BIO_fprintf(out, ...); + * ... + * OSSL_trace_end(category, out); + * } + * + * See also the convenience macros OSSL_TRACE_BEGIN and OSSL_TRACE_END below. + */ +BIO *OSSL_trace_begin(int category); +void OSSL_trace_end(int category, BIO *channel); + +/* + * OSSL_TRACE* Convenience Macros + */ + +/* + * When the tracing feature is disabled, these macros are defined to + * produce dead code, which a good compiler should eliminate. + */ + +/* + * OSSL_TRACE_BEGIN, OSSL_TRACE_END - Define a Trace Group + * + * These two macros can be used to create a block which is executed only + * if the corresponding trace category is enabled. Inside this block, a + * local variable named |trc_out| is defined, which points to the channel + * associated with the given trace category. + * + * Usage: (using 'TLS' as an example category) + * + * OSSL_TRACE_BEGIN(TLS) { + * + * BIO_fprintf(trc_out, ... ); + * + * } OSSL_TRACE_END(TLS); + * + * + * This expands to the following code + * + * do { + * BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); + * if (trc_out != NULL) { + * ... + * BIO_fprintf(trc_out, ...); + * } + * OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); + * } while (0); + * + * The use of the inner '{...}' group and the trailing ';' is enforced + * by the definition of the macros in order to make the code look as much + * like C code as possible. + * + * Before returning from inside the trace block, it is necessary to + * call OSSL_TRACE_CANCEL(category). + */ + +# ifndef OPENSSL_NO_TRACE + +# define OSSL_TRACE_BEGIN(category) \ + do { \ + BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_##category); \ + \ + if (trc_out != NULL) + +# define OSSL_TRACE_END(category) \ + OSSL_trace_end(OSSL_TRACE_CATEGORY_##category, trc_out); \ + } while (0) + +# define OSSL_TRACE_CANCEL(category) \ + OSSL_trace_end(OSSL_TRACE_CATEGORY_##category, trc_out) \ + +# else + +# define OSSL_TRACE_BEGIN(category) \ + do { \ + BIO *trc_out = NULL; \ + if (0) + +# define OSSL_TRACE_END(category) \ + } while(0) + +# define OSSL_TRACE_CANCEL(category) \ + ((void)0) + +# endif + +/* + * OSSL_TRACE_ENABLED() - Check whether tracing is enabled for |category| + * + * Usage: + * + * if (OSSL_TRACE_ENABLED(TLS)) { + * ... + * } + */ +# ifndef OPENSSL_NO_TRACE + +# define OSSL_TRACE_ENABLED(category) \ + OSSL_trace_enabled(OSSL_TRACE_CATEGORY_##category) + +# else + +# define OSSL_TRACE_ENABLED(category) (0) + +# endif + +/* + * OSSL_TRACE*() - OneShot Trace Macros + * + * These macros are intended to produce a simple printf-style trace output. + * Unfortunately, C90 macros don't support variable arguments, so the + * "vararg" OSSL_TRACEV() macro has a rather weird usage pattern: + * + * OSSL_TRACEV(category, (trc_out, "format string", ...args...)); + * + * Where 'channel' is the literal symbol of this name, not a variable. + * For that reason, it is currently not intended to be used directly, + * but only as helper macro for the other oneshot trace macros + * OSSL_TRACE(), OSSL_TRACE1(), OSSL_TRACE2(), ... + * + * Usage: + * + * OSSL_TRACE(INIT, "Hello world!\n"); + * OSSL_TRACE1(TLS, "The answer is %d\n", 42); + * OSSL_TRACE2(TLS, "The ultimate question to answer %d is '%s'\n", + * 42, "What do you get when you multiply six by nine?"); + */ + +# define OSSL_TRACEV(category, args) \ + OSSL_TRACE_BEGIN(category) \ + BIO_printf args; \ + OSSL_TRACE_END(category) + +# define OSSL_TRACE(category, text) \ + OSSL_TRACEV(category, (trc_out, "%s", text)) + +# define OSSL_TRACE1(category, format, arg1) \ + OSSL_TRACEV(category, (trc_out, format, arg1)) +# define OSSL_TRACE2(category, format, arg1, arg2) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2)) +# define OSSL_TRACE3(category, format, arg1, arg2, arg3) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3)) +# define OSSL_TRACE4(category, format, arg1, arg2, arg3, arg4) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4)) +# define OSSL_TRACE5(category, format, arg1, arg2, arg3, arg4, arg5) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5)) +# define OSSL_TRACE6(category, format, arg1, arg2, arg3, arg4, arg5, arg6) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6)) +# define OSSL_TRACE7(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7)) +# define OSSL_TRACE8(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8)) +# define OSSL_TRACE9(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \ + OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9)) + +# ifdef __cplusplus +} +# endif + +#endif diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 3f5f796..e1231d2 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -9,6 +9,7 @@ #include "../ssl_locl.h" #include "internal/constant_time_locl.h" +#include #include #include "record_locl.h" #include "internal/cryptlib.h" @@ -563,15 +564,10 @@ int ssl3_get_record(SSL *s) SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); return -1; } -#ifdef SSL_DEBUG - printf("dec %lu\n", (unsigned long)rr[0].length); - { - size_t z; - for (z = 0; z < rr[0].length; z++) - printf("%02X%c", rr[0].data[z], ((z + 1) % 16) ? ' ' : '\n'); - } - printf("\n"); -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "dec %lu\n", (unsigned long)rr[0].length); + BIO_dump_indent(trc_out, rr[0].data, rr[0].length, 4); + } OSSL_TRACE_END(TLS); /* r->length is now the compressed data plus mac */ if ((sess != NULL) && @@ -1361,22 +1357,12 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) EVP_MD_CTX_free(hmac); -#ifdef SSL_DEBUG - fprintf(stderr, "seq="); - { - int z; - for (z = 0; z < 8; z++) - fprintf(stderr, "%02X ", seq[z]); - fprintf(stderr, "\n"); - } - fprintf(stderr, "rec="); - { - size_t z; - for (z = 0; z < rec->length; z++) - fprintf(stderr, "%02X ", rec->data[z]); - fprintf(stderr, "\n"); - } -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "seq:\n"); + BIO_dump_indent(trc_out, seq, 8, 4); + BIO_printf(trc_out, "rec:\n"); + BIO_dump_indent(trc_out, rec->data, rec->length, 4); + } OSSL_TRACE_END(TLS); if (!SSL_IS_DTLS(ssl)) { for (i = 7; i >= 0; i--) { @@ -1385,14 +1371,10 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) break; } } -#ifdef SSL_DEBUG - { - unsigned int z; - for (z = 0; z < md_size; z++) - fprintf(stderr, "%02X ", md[z]); - fprintf(stderr, "\n"); - } -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "md:\n"); + BIO_dump_indent(trc_out, md, md_size, 4); + } OSSL_TRACE_END(TLS); return 1; } @@ -1683,15 +1665,10 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) RECORD_LAYER_reset_packet_length(&s->rlayer); return 0; } -#ifdef SSL_DEBUG - printf("dec %ld\n", rr->length); - { - size_t z; - for (z = 0; z < rr->length; z++) - printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n'); - } - printf("\n"); -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "dec %ld\n", rr->length); + BIO_dump_indent(trc_out, rr->data, rr->length, 4); + } OSSL_TRACE_END(TLS); /* r->length is now the compressed data plus mac */ if ((sess != NULL) && !SSL_READ_ETM(s) && diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index a5b3dbb..a3639fd 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "internal/cryptlib.h" #define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers) @@ -4153,20 +4154,20 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, * pay with the price of sk_SSL_CIPHER_dup(). */ -#ifdef CIPHER_DEBUG - fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), - (void *)srvr); - for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { - c = sk_SSL_CIPHER_value(srvr, i); - fprintf(stderr, "%p:%s\n", (void *)c, c->name); - } - fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), - (void *)clnt); - for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { - c = sk_SSL_CIPHER_value(clnt, i); - fprintf(stderr, "%p:%s\n", (void *)c, c->name); - } -#endif + OSSL_TRACE_BEGIN(TLS_CIPHER) { + BIO_printf(trc_out, "Server has %d from %p:\n", + sk_SSL_CIPHER_num(srvr), (void *)srvr); + for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { + c = sk_SSL_CIPHER_value(srvr, i); + BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name); + } + BIO_printf(trc_out, "Client sent %d from %p:\n", + sk_SSL_CIPHER_num(clnt), (void *)clnt); + for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { + c = sk_SSL_CIPHER_value(clnt, i); + BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name); + } + } OSSL_TRACE_END(TLS_CIPHER); /* SUITE-B takes precedence over server preference and ChaCha priortiy */ if (tls1_suiteb(s)) { @@ -4280,10 +4281,9 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, #endif /* OPENSSL_NO_PSK */ ok = (alg_k & mask_k) && (alg_a & mask_a); -#ifdef CIPHER_DEBUG - fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, - alg_a, mask_k, mask_a, (void *)c, c->name); -#endif + OSSL_TRACE7(TLS_CIPHER, + "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", + ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name); #ifndef OPENSSL_NO_EC /* diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 461a9de..5aa04db 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "internal/nelem.h" #include "ssl_locl.h" #include "internal/thread_once.h" @@ -781,12 +782,12 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, const SSL_CIPHER *cp; int reverse = 0; -#ifdef CIPHER_DEBUG - fprintf(stderr, - "Applying rule %d with %08x/%08x/%08x/%08x/%08x %08x (%d)\n", - rule, alg_mkey, alg_auth, alg_enc, alg_mac, min_tls, - algo_strength, strength_bits); -#endif + OSSL_TRACE_BEGIN(TLS_CIPHER){ + BIO_printf(trc_out, + "Applying rule %d with %08x/%08x/%08x/%08x/%08x %08x (%d)\n", + rule, alg_mkey, alg_auth, alg_enc, alg_mac, min_tls, + algo_strength, strength_bits); + } if (rule == CIPHER_DEL || rule == CIPHER_BUMP) reverse = 1; /* needed to maintain sorting between currently @@ -825,13 +826,14 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, if (strength_bits != cp->strength_bits) continue; } else { -#ifdef CIPHER_DEBUG - fprintf(stderr, - "\nName: %s:\nAlgo = %08x/%08x/%08x/%08x/%08x Algo_strength = %08x\n", - cp->name, cp->algorithm_mkey, cp->algorithm_auth, - cp->algorithm_enc, cp->algorithm_mac, cp->min_tls, - cp->algo_strength); -#endif + if (trc_out != NULL) { + BIO_printf(trc_out, + "\nName: %s:" + "\nAlgo = %08x/%08x/%08x/%08x/%08x Algo_strength = %08x\n", + cp->name, cp->algorithm_mkey, cp->algorithm_auth, + cp->algorithm_enc, cp->algorithm_mac, cp->min_tls, + cp->algo_strength); + } if (cipher_id != 0 && (cipher_id != cp->id)) continue; if (alg_mkey && !(alg_mkey & cp->algorithm_mkey)) @@ -852,9 +854,8 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, continue; } -#ifdef CIPHER_DEBUG - fprintf(stderr, "Action = %d\n", rule); -#endif + if (trc_out != NULL) + BIO_printf(trc_out, "Action = %d\n", rule); /* add the cipher if it has not been added yet. */ if (rule == CIPHER_ADD) { @@ -904,6 +905,8 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, *head_p = head; *tail_p = tail; + + OSSL_TRACE_END(TLS_CIPHER); } static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, @@ -1605,6 +1608,9 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, } } + OSSL_TRACE_BEGIN(TLS_CIPHER) { + BIO_printf(trc_out, "cipher selection:\n"); + } /* * The cipher selection for the list is done. The ciphers are added * to the resulting precedence to the STACK_OF(SSL_CIPHER). @@ -1614,14 +1620,15 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { OPENSSL_free(co_list); sk_SSL_CIPHER_free(cipherstack); + OSSL_TRACE_CANCEL(TLS_CIPHER); return NULL; } -#ifdef CIPHER_DEBUG - fprintf(stderr, "<%s>\n", curr->cipher->name); -#endif + if (trc_out != NULL) + BIO_printf(trc_out, "<%s>\n", curr->cipher->name); } } OPENSSL_free(co_list); /* Not needed any longer */ + OSSL_TRACE_END(TLS_CIPHER); if (!update_cipher_list_by_id(cipher_list_by_id, cipherstack)) { sk_SSL_CIPHER_free(cipherstack); diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c index e766ee1..0451d19 100644 --- a/ssl/ssl_init.c +++ b/ssl/ssl_init.c @@ -12,6 +12,7 @@ #include "internal/err.h" #include #include +#include #include "ssl_locl.h" #include "internal/thread_once.h" @@ -23,10 +24,7 @@ static CRYPTO_ONCE ssl_base = CRYPTO_ONCE_STATIC_INIT; static int ssl_base_inited = 0; DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " - "Adding SSL ciphers and digests\n"); -#endif + OSSL_TRACE(INIT, "ossl_init_ssl_base: adding SSL ciphers and digests\n"); #ifndef OPENSSL_NO_DES EVP_add_cipher(EVP_des_cbc()); EVP_add_cipher(EVP_des_ede3_cbc()); @@ -88,10 +86,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); #ifndef OPENSSL_NO_COMP -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " - "SSL_COMP_get_compression_methods()\n"); -# endif + OSSL_TRACE(INIT, "ossl_init_ssl_base: " + "SSL_COMP_get_compression_methods()\n"); /* * This will initialise the built-in compression algorithms. The value * returned is a STACK_OF(SSL_COMP), but that can be discarded safely @@ -102,10 +98,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) if (!ssl_load_ciphers()) return 0; -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " - "SSL_add_ssl_module()\n"); -#endif + OSSL_TRACE(INIT,"ossl_init_ssl_base: SSL_add_ssl_module()\n"); /* * We ignore an error return here. Not much we can do - but not that bad * either. We can still safely continue. @@ -124,10 +117,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings) * pulling in all the error strings during static linking */ #if !defined(OPENSSL_NO_ERR) && !defined(OPENSSL_NO_AUTOERRINIT) -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ossl_init_load_ssl_strings: " - "ERR_load_SSL_strings()\n"); -# endif + OSSL_TRACE(INIT, "ossl_init_load_ssl_strings: ERR_load_SSL_strings()\n"); ERR_load_SSL_strings(); ssl_strings_inited = 1; #endif @@ -150,19 +140,14 @@ static void ssl_library_stop(void) if (ssl_base_inited) { #ifndef OPENSSL_NO_COMP -# ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ssl_library_stop: " - "ssl_comp_free_compression_methods_int()\n"); -# endif + OSSL_TRACE(INIT, "ssl_library_stop: " + "ssl_comp_free_compression_methods_int()\n"); ssl_comp_free_compression_methods_int(); #endif } if (ssl_strings_inited) { -#ifdef OPENSSL_INIT_DEBUG - fprintf(stderr, "OPENSSL_INIT: ssl_library_stop: " - "err_free_strings_int()\n"); -#endif + OSSL_TRACE(INIT, "ssl_library_stop: err_free_strings_int()\n"); /* * If both crypto and ssl error strings are inited we will end up * calling err_free_strings_int() twice - but that's ok. The second diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 322a438..f63e16b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "internal/cryptlib.h" #include "internal/refcount.h" #include "internal/ktls.h" @@ -3329,10 +3330,8 @@ void ssl_set_masks(SSL *s) mask_k = 0; mask_a = 0; -#ifdef CIPHER_DEBUG - fprintf(stderr, "dht=%d re=%d rs=%d ds=%d\n", - dh_tmp, rsa_enc, rsa_sign, dsa_sign); -#endif + OSSL_TRACE4(TLS_CIPHER, "dh_tmp=%d rsa_enc=%d rsa_sign=%d dsa_sign=%d\n", + dh_tmp, rsa_enc, rsa_sign, dsa_sign); #ifndef OPENSSL_NO_GOST if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) { diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 2a9b737..356dc89 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -22,6 +22,7 @@ #include #include #include +#include #include static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL *s, PACKET *pkt); @@ -2347,11 +2348,9 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) ERR_R_INTERNAL_ERROR); goto err; } -#ifdef SSL_DEBUG if (SSL_USE_SIGALGS(s)) - fprintf(stderr, "USING TLSv1.2 HASH %s\n", - md == NULL ? "n/a" : EVP_MD_name(md)); -#endif + OSSL_TRACE1(TLS, "USING TLSv1.2 HASH %s\n", + md == NULL ? "n/a" : EVP_MD_name(md)); if (!PACKET_get_length_prefixed_2(pkt, &signature) || PACKET_remaining(pkt) != 0) { diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index a18c5cc..10cf635 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -18,6 +18,7 @@ #include #include #include +#include /* * Map error codes to TLS/SSL alart types. @@ -394,11 +395,9 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) goto err; } -#ifdef SSL_DEBUG if (SSL_USE_SIGALGS(s)) - fprintf(stderr, "USING TLSv1.2 HASH %s\n", - md == NULL ? "n/a" : EVP_MD_name(md)); -#endif + OSSL_TRACE1(TLS, "USING TLSv1.2 HASH %s\n", + md == NULL ? "n/a" : EVP_MD_name(md)); /* Check for broken implementations of GOST ciphersuites */ /* @@ -439,10 +438,9 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) goto err; } -#ifdef SSL_DEBUG - fprintf(stderr, "Using client verify alg %s\n", - md == NULL ? "n/a" : EVP_MD_name(md)); -#endif + OSSL_TRACE1(TLS, "Using client verify alg %s\n", + md == NULL ? "n/a" : EVP_MD_name(md)); + if (EVP_DigestVerifyInit(mctx, &pctx, md, NULL, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index bf1819d..e482e2d 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -23,6 +23,7 @@ #include #include #include +#include #define TICKET_NONCE_SIZE 8 @@ -1835,15 +1836,15 @@ static int tls_early_post_process_client_hello(SSL *s) j = 0; id = s->session->cipher->id; -#ifdef CIPHER_DEBUG - fprintf(stderr, "client sent %d ciphers\n", sk_SSL_CIPHER_num(ciphers)); -#endif + OSSL_TRACE_BEGIN(TLS_CIPHER) { + BIO_printf(trc_out, "client sent %d ciphers\n", + sk_SSL_CIPHER_num(ciphers)); + } for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { c = sk_SSL_CIPHER_value(ciphers, i); -#ifdef CIPHER_DEBUG - fprintf(stderr, "client [%2d of %2d]:%s\n", - i, sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c)); -#endif + if (trc_out != NULL) + BIO_printf(trc_out, "client [%2d of %2d]:%s\n", i, + sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c)); if (c->id == id) { j = 1; break; @@ -1857,8 +1858,10 @@ static int tls_early_post_process_client_hello(SSL *s) SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_REQUIRED_CIPHER_MISSING); + OSSL_TRACE_CANCEL(TLS_CIPHER); goto err; } + OSSL_TRACE_END(TLS_CIPHER); } for (loop = 0; loop < clienthello->compressions_len; loop++) { diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 9b58bd8..fe4ba93 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -18,6 +18,7 @@ #include #include #include +#include /* seed1 through seed5 are concatenated */ static int tls1_PRF(SSL *s, @@ -276,14 +277,11 @@ int tls1_change_cipher_state(SSL *s, int which) } EVP_PKEY_free(mac_key); } -#ifdef SSL_DEBUG - printf("which = %04X\nmac key=", which); - { - size_t z; - for (z = 0; z < i; z++) - printf("%02X%c", ms[z], ((z + 1) % 16) ? ' ' : '\n'); - } -#endif + + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "which = %04X, mac key:\n", which); + BIO_dump_indent(trc_out, ms, i, 4); + } OSSL_TRACE_END(TLS); if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) { if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE)) @@ -388,21 +386,12 @@ int tls1_change_cipher_state(SSL *s, int which) #endif /* OPENSSL_NO_KTLS */ s->statem.enc_write_state = ENC_WRITE_STATE_VALID; -#ifdef SSL_DEBUG - printf("which = %04X\nkey=", which); - { - int z; - for (z = 0; z < EVP_CIPHER_key_length(c); z++) - printf("%02X%c", key[z], ((z + 1) % 16) ? ' ' : '\n'); - } - printf("\niv="); - { - size_t z; - for (z = 0; z < k; z++) - printf("%02X%c", iv[z], ((z + 1) % 16) ? ' ' : '\n'); - } - printf("\n"); -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "which = %04X, key:\n", which); + BIO_dump_indent(trc_out, key, EVP_CIPHER_key_length(c), 4); + BIO_printf(trc_out, "iv:\n"); + BIO_dump_indent(trc_out, iv, k, 4); + } OSSL_TRACE_END(TLS); return 1; err: @@ -447,41 +436,26 @@ int tls1_setup_key_block(SSL *s) s->s3->tmp.key_block_length = num; s->s3->tmp.key_block = p; -#ifdef SSL_DEBUG - printf("client random\n"); - { - int z; - for (z = 0; z < SSL3_RANDOM_SIZE; z++) - printf("%02X%c", s->s3->client_random[z], - ((z + 1) % 16) ? ' ' : '\n'); - } - printf("server random\n"); - { - int z; - for (z = 0; z < SSL3_RANDOM_SIZE; z++) - printf("%02X%c", s->s3->server_random[z], - ((z + 1) % 16) ? ' ' : '\n'); - } - printf("master key\n"); - { - size_t z; - for (z = 0; z < s->session->master_key_length; z++) - printf("%02X%c", s->session->master_key[z], - ((z + 1) % 16) ? ' ' : '\n'); - } -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "client random\n"); + BIO_dump_indent(trc_out, s->s3->client_random, SSL3_RANDOM_SIZE, 4); + BIO_printf(trc_out, "server random\n"); + BIO_dump_indent(trc_out, s->s3->server_random, SSL3_RANDOM_SIZE, 4); + BIO_printf(trc_out, "master key\n"); + BIO_dump_indent(trc_out, + s->session->master_key, + s->session->master_key_length, 4); + } OSSL_TRACE_END(TLS); + if (!tls1_generate_key_block(s, p, num)) { /* SSLfatal() already called */ goto err; } -#ifdef SSL_DEBUG - printf("\nkey block\n"); - { - size_t z; - for (z = 0; z < num; z++) - printf("%02X%c", p[z], ((z + 1) % 16) ? ' ' : '\n'); - } -#endif + + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "key block\n"); + BIO_dump_indent(trc_out, p, num, 4); + } OSSL_TRACE_END(TLS); if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) && s->method->version <= TLS1_VERSION) { @@ -549,10 +523,10 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, /* SSLfatal() already called */ return 0; } -#ifdef SSL_DEBUG - fprintf(stderr, "Handshake hashes:\n"); - BIO_dump_fp(stderr, (char *)hash, hashlen); -#endif + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "Handshake hashes:\n"); + BIO_dump(trc_out, (char *)hash, hashlen); + } OSSL_TRACE_END(TLS); if (!tls1_PRF(s, TLS_MD_EXTENDED_MASTER_SECRET_CONST, TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE, @@ -578,17 +552,19 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, return 0; } } -#ifdef SSL_DEBUG - fprintf(stderr, "Premaster Secret:\n"); - BIO_dump_fp(stderr, (char *)p, len); - fprintf(stderr, "Client Random:\n"); - BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE); - fprintf(stderr, "Server Random:\n"); - BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE); - fprintf(stderr, "Master Secret:\n"); - BIO_dump_fp(stderr, (char *)s->session->master_key, - SSL3_MASTER_SECRET_SIZE); -#endif + + OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "Premaster Secret:\n"); + BIO_dump_indent(trc_out, p, len, 4); + BIO_printf(trc_out, "Client Random:\n"); + BIO_dump_indent(trc_out, s->s3->client_random, SSL3_RANDOM_SIZE, 4); + BIO_printf(trc_out, "Server Random:\n"); + BIO_dump_indent(trc_out, s->s3->server_random, SSL3_RANDOM_SIZE, 4); + BIO_printf(trc_out, "Master Secret:\n"); + BIO_dump_indent(trc_out, + s->session->master_key, + SSL3_MASTER_SECRET_SIZE, 4); + } OSSL_TRACE_END(TLS); *secret_size = SSL3_MASTER_SECRET_SIZE; return 1; diff --git a/util/libcrypto.num b/util/libcrypto.num index 9957cf8..cb0cb22 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4646,3 +4646,12 @@ OPENSSL_CTX_free 4601 3_0_0 EXIST::FUNCTION: OPENSSL_LH_flush 4602 3_0_0 EXIST::FUNCTION: BN_native2bn 4603 3_0_0 EXIST::FUNCTION: BN_bn2nativepad 4604 3_0_0 EXIST::FUNCTION: +OSSL_trace_get_category_num 4605 3_0_0 EXIST::FUNCTION: +OSSL_trace_get_category_name 4606 3_0_0 EXIST::FUNCTION: +OSSL_trace_set_channel 4607 3_0_0 EXIST::FUNCTION: +OSSL_trace_set_prefix 4608 3_0_0 EXIST::FUNCTION: +OSSL_trace_set_suffix 4609 3_0_0 EXIST::FUNCTION: +OSSL_trace_set_callback 4610 3_0_0 EXIST::FUNCTION: +OSSL_trace_enabled 4611 3_0_0 EXIST::FUNCTION: +OSSL_trace_begin 4612 3_0_0 EXIST::FUNCTION: +OSSL_trace_end 4613 3_0_0 EXIST::FUNCTION: diff --git a/util/private.num b/util/private.num index d8aba4d..ad1865f 100644 --- a/util/private.num +++ b/util/private.num @@ -47,6 +47,7 @@ OSSL_STORE_error_fn datatype OSSL_STORE_load_fn datatype OSSL_STORE_open_fn datatype OSSL_STORE_post_process_info_fn datatype +OSSL_trace_cb datatype PROFESSION_INFO datatype PROFESSION_INFOS datatype RAND_DRBG_cleanup_entropy_fn datatype From no-reply at appveyor.com Wed Mar 6 14:11:27 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 14:11:27 +0000 Subject: Build failed: openssl master.23201 Message-ID: <20190306141127.1.46F43402F17E221C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 6 14:36:36 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 14:36:36 +0000 Subject: Build failed: openssl master.23203 Message-ID: <20190306143636.1.99BBFFB9D838ADB9@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Wed Mar 6 15:07:40 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 06 Mar 2019 15:07:40 +0000 Subject: [openssl] master update Message-ID: <1551884860.061631.4540.nullmailer@dev.openssl.org> The branch master has been updated via 27d5631236325c3fd8a3bd06af282ac496aac64b (commit) via a4f0b50eafb256bb802f2724fc7f7580fb0fbabc (commit) via 2a3d0ee9d59156c48973592331404471aca886d6 (commit) from 18e1e302452e6dea4500b6f981cee7e151294dea (commit) - Log ----------------------------------------------------------------- commit 27d5631236325c3fd8a3bd06af282ac496aac64b Author: Matt Caswell Date: Tue Mar 5 15:41:27 2019 +0000 Update ChaCha20-Poly1305 documentation Correctly describe the maximum IV length. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) commit a4f0b50eafb256bb802f2724fc7f7580fb0fbabc Author: Matt Caswell Date: Tue Mar 5 14:51:07 2019 +0000 Test an overlong ChaCha20-Poly1305 nonce Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) commit 2a3d0ee9d59156c48973592331404471aca886d6 Author: Matt Caswell Date: Tue Mar 5 14:39:15 2019 +0000 Prevent over long nonces in ChaCha20-Poly1305 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. CVE-2019-1543 Fixes #8345 Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) ----------------------------------------------------------------------- Summary of changes: crypto/evp/e_chacha20_poly1305.c | 4 +++- doc/man3/EVP_EncryptInit.pod | 4 +++- test/recipes/30-test_evp_data/evpciph.txt | 9 +++++++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c index e8a323f..3790200 100644 --- a/crypto/evp/e_chacha20_poly1305.c +++ b/crypto/evp/e_chacha20_poly1305.c @@ -30,6 +30,8 @@ typedef struct { #define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data) +#define CHACHA20_POLY1305_MAX_IVLEN 12 + static int chacha_init_key(EVP_CIPHER_CTX *ctx, const unsigned char user_key[CHACHA_KEY_SIZE], const unsigned char iv[CHACHA_CTR_SIZE], int enc) @@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return 1; case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0 || arg > CHACHA_CTR_SIZE) + if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN) return 0; actx->nonce_len = arg; return 1; diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index dc9366b..9cb863b 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -479,7 +479,9 @@ The following Is are supported for the ChaCha20-Poly1305 AEAD algorithm. Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum -nonce length is 16 (B, i.e. 128-bits). +nonce length is 12 bytes (i.e. 96-bits). If a nonce of less than 12 bytes is set +then the nonce is automatically padded with leading 0 bytes to make it 12 bytes +in length. =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag) diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt index 84669b8..8bf5ac1 100644 --- a/test/recipes/30-test_evp_data/evpciph.txt +++ b/test/recipes/30-test_evp_data/evpciph.txt @@ -2507,3 +2507,12 @@ AAD = f33388860000000000004e91 Tag = e0723bce23528ce6ccb10ff9627038bf Plaintext = 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c299da65ba25e6a85842bf0440fd98a9a2266b061c4b3a13327c090f9a0789f58aad805275e4378a525f19232bfbfb749ede38480f405cf43ec2f1f8619ebcbc80a89e92a859c7911e674977ab17d4a7126a6b8a477358ff14a344d276ef6e504e10268ac3619fcf90c2d6c03fc2e3d1f290d9bf26c1fa1495dd8f97eec6229a55c2354e4524143551a5cc370a1c622c9390530cff21c3e1ed50c5e3daf97518ccce34156bdbd7eafab8bd417aef25c6c927301731bd319d247a1d5c3186ed10bfd9a7a24bac30e3e4503ed9204154d338b79ea276e7058e7f20f4d4fd1ac93d63f611af7b6d006c2a72add0eedc497b19cb30a198816664f0da00155f2e2d6ac61045b296d614301e0ad4983308028850dd4feffe3a8163970306e4047f5a165cb4befbc129729cd2e286e837e9b606486d402acc3dec5bf8b92387f6e486f2140 + +Cipher = chacha20-poly1305 +Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 +IV = ff000000000102030405060708 +AAD = f33388860000000000004e91 +Tag = e0723bce23528ce6ccb10ff9627038bf +Plaintext = 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d +Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c299da65ba25e6a85842bf0440fd98a9a2266b061c4b3a13327c090f9a0789f58aad805275e4378a525f19232bfbfb749ede38480f405cf43ec2f1f8619ebcbc80a89e92a859c7911e674977ab17d4a7126a6b8a477358ff14a344d276ef6e504e10268ac3619fcf90c2d6c03fc2e3d1f290d9bf26c1fa1495dd8f97eec6229a55c2354e4524143551a5cc370a1c622c9390530cff21c3e1ed50c5e3daf97518ccce34156bdbd7eafab8bd417aef25c6c927301731bd319d247a1d5c3186ed10bfd9a7a24bac30e3e4503ed9204154d338b79ea276e7058e7f20f4d4fd1ac93d63f611af7b6d006c2a72add0eedc497b19cb30a198816664f0da00155f2e2d6ac61045b296d614301e0ad4983308028850dd4feffe3a8163970306e4047f5a165cb4befbc129729cd2e286e837e9b606486d402acc3dec5bf8b92387f6e486f2140 +Result = INVALID_IV_LENGTH From matt at openssl.org Wed Mar 6 15:07:52 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 06 Mar 2019 15:07:52 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551884872.351557.5583.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via f7a6d1122befe9cd1d3de70cb2c19595a701b9aa (commit) via 9b10d1bf77b734f15c4ed5d1b619cd598b7c13fc (commit) via f426625b6ae9a7831010750490a5f0ad689c5ba3 (commit) from c9a826d28f8211e86b3b866809e1b30a2de48740 (commit) - Log ----------------------------------------------------------------- commit f7a6d1122befe9cd1d3de70cb2c19595a701b9aa Author: Matt Caswell Date: Tue Mar 5 15:41:27 2019 +0000 Update ChaCha20-Poly1305 documentation Correctly describe the maximum IV length. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit 27d5631236325c3fd8a3bd06af282ac496aac64b) commit 9b10d1bf77b734f15c4ed5d1b619cd598b7c13fc Author: Matt Caswell Date: Tue Mar 5 14:51:07 2019 +0000 Test an overlong ChaCha20-Poly1305 nonce Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit a4f0b50eafb256bb802f2724fc7f7580fb0fbabc) commit f426625b6ae9a7831010750490a5f0ad689c5ba3 Author: Matt Caswell Date: Tue Mar 5 14:39:15 2019 +0000 Prevent over long nonces in ChaCha20-Poly1305 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. CVE-2019-1543 Fixes #8345 Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6) ----------------------------------------------------------------------- Summary of changes: crypto/evp/e_chacha20_poly1305.c | 4 +++- doc/man3/EVP_EncryptInit.pod | 4 +++- test/recipes/30-test_evp_data/evpciph.txt | 9 +++++++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c index c1917bb..d3e2c62 100644 --- a/crypto/evp/e_chacha20_poly1305.c +++ b/crypto/evp/e_chacha20_poly1305.c @@ -30,6 +30,8 @@ typedef struct { #define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data) +#define CHACHA20_POLY1305_MAX_IVLEN 12 + static int chacha_init_key(EVP_CIPHER_CTX *ctx, const unsigned char user_key[CHACHA_KEY_SIZE], const unsigned char iv[CHACHA_CTR_SIZE], int enc) @@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return 1; case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0 || arg > CHACHA_CTR_SIZE) + if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN) return 0; actx->nonce_len = arg; return 1; diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index b43a3e5..faf7bb4 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -436,7 +436,9 @@ The following Is are supported for the ChaCha20-Poly1305 AEAD algorithm. Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum -nonce length is 16 (B, i.e. 128-bits). +nonce length is 12 bytes (i.e. 96-bits). If a nonce of less than 12 bytes is set +then the nonce is automatically padded with leading 0 bytes to make it 12 bytes +in length. =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag) diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt index d117455..ff90acd 100644 --- a/test/recipes/30-test_evp_data/evpciph.txt +++ b/test/recipes/30-test_evp_data/evpciph.txt @@ -2506,3 +2506,12 @@ AAD = f33388860000000000004e91 Tag = e0723bce23528ce6ccb10ff9627038bf Plaintext = 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c299da65ba25e6a85842bf0440fd98a9a2266b061c4b3a13327c090f9a0789f58aad805275e4378a525f19232bfbfb749ede38480f405cf43ec2f1f8619ebcbc80a89e92a859c7911e674977ab17d4a7126a6b8a477358ff14a344d276ef6e504e10268ac3619fcf90c2d6c03fc2e3d1f290d9bf26c1fa1495dd8f97eec6229a55c2354e4524143551a5cc370a1c622c9390530cff21c3e1ed50c5e3daf97518ccce34156bdbd7eafab8bd417aef25c6c927301731bd319d247a1d5c3186ed10bfd9a7a24bac30e3e4503ed9204154d338b79ea276e7058e7f20f4d4fd1ac93d63f611af7b6d006c2a72add0eedc497b19cb30a198816664f0da00155f2e2d6ac61045b296d614301e0ad4983308028850dd4feffe3a8163970306e4047f5a165cb4befbc129729cd2e286e837e9b606486d402acc3dec5bf8b92387f6e486f2140 + +Cipher = chacha20-poly1305 +Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 +IV = ff000000000102030405060708 +AAD = f33388860000000000004e91 +Tag = e0723bce23528ce6ccb10ff9627038bf +Plaintext = 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d +Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c299da65ba25e6a85842bf0440fd98a9a2266b061c4b3a13327c090f9a0789f58aad805275e4378a525f19232bfbfb749ede38480f405cf43ec2f1f8619ebcbc80a89e92a859c7911e674977ab17d4a7126a6b8a477358ff14a344d276ef6e504e10268ac3619fcf90c2d6c03fc2e3d1f290d9bf26c1fa1495dd8f97eec6229a55c2354e4524143551a5cc370a1c622c9390530cff21c3e1ed50c5e3daf97518ccce34156bdbd7eafab8bd417aef25c6c927301731bd319d247a1d5c3186ed10bfd9a7a24bac30e3e4503ed9204154d338b79ea276e7058e7f20f4d4fd1ac93d63f611af7b6d006c2a72add0eedc497b19cb30a198816664f0da00155f2e2d6ac61045b296d614301e0ad4983308028850dd4feffe3a8163970306e4047f5a165cb4befbc129729cd2e286e837e9b606486d402acc3dec5bf8b92387f6e486f2140 +Result = INVALID_IV_LENGTH From matt at openssl.org Wed Mar 6 15:08:08 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 06 Mar 2019 15:08:08 +0000 Subject: [openssl] OpenSSL_1_1_0-stable update Message-ID: <1551884888.628784.7029.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_0-stable has been updated via 09af525c2e8a11a0701d3d80e4d795e03be93606 (commit) via ee22257b1418438ebaf54df98af4e24f494d1809 (commit) from c62896c2c0cbd47ab01693d403e37fe5fe15aab8 (commit) - Log ----------------------------------------------------------------- commit 09af525c2e8a11a0701d3d80e4d795e03be93606 Author: Matt Caswell Date: Tue Mar 5 14:51:07 2019 +0000 Test an overlong ChaCha20-Poly1305 nonce Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit a4f0b50eafb256bb802f2724fc7f7580fb0fbabc) commit ee22257b1418438ebaf54df98af4e24f494d1809 Author: Matt Caswell Date: Tue Mar 5 14:39:15 2019 +0000 Prevent over long nonces in ChaCha20-Poly1305 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. CVE-2019-1543 Fixes #8345 Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6) ----------------------------------------------------------------------- Summary of changes: crypto/evp/e_chacha20_poly1305.c | 4 +++- test/recipes/30-test_evp_data/evpciph.txt | 8 ++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c index 7fd4f8d..4adc64c 100644 --- a/crypto/evp/e_chacha20_poly1305.c +++ b/crypto/evp/e_chacha20_poly1305.c @@ -30,6 +30,8 @@ typedef struct { #define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data) +#define CHACHA20_POLY1305_MAX_IVLEN 12 + static int chacha_init_key(EVP_CIPHER_CTX *ctx, const unsigned char user_key[CHACHA_KEY_SIZE], const unsigned char iv[CHACHA_CTR_SIZE], int enc) @@ -357,7 +359,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return 1; case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0 || arg > CHACHA_CTR_SIZE) + if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN) return 0; actx->nonce_len = arg; return 1; diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt index 6236a9f..4cf011f 100644 --- a/test/recipes/30-test_evp_data/evpciph.txt +++ b/test/recipes/30-test_evp_data/evpciph.txt @@ -2269,3 +2269,11 @@ Tag = e0723bce23528ce6ccb10ff9627038bf Plaintext = 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c299da65ba25e6a85842bf0440fd98a9a2266b061c4b3a13327c090f9a0789f58aad805275e4378a525f19232bfbfb749ede38480f405cf43ec2f1f8619ebcbc80a89e92a859c7911e674977ab17d4a7126a6b8a477358ff14a344d276ef6e504e10268ac3619fcf90c2d6c03fc2e3d1f290d9bf26c1fa1495dd8f97eec6229a55c2354e4524143551a5cc370a1c622c9390530cff21c3e1ed50c5e3daf97518ccce34156bdbd7eafab8bd417aef25c6c927301731bd319d247a1d5c3186ed10bfd9a7a24bac30e3e4503ed9204154d338b79ea276e7058e7f20f4d4fd1ac93d63f611af7b6d006c2a72add0eedc497b19cb30a198816664f0da00155f2e2d6ac61045b296d614301e0ad4983308028850dd4feffe3a8163970306e4047f5a165cb4befbc129729cd2e286e837e9b606486d402acc3dec5bf8b92387f6e486f2140 +Cipher = chacha20-poly1305 +Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 +IV = ff000000000102030405060708 +AAD = f33388860000000000004e91 +Tag = e0723bce23528ce6ccb10ff9627038bf +Plaintext = 496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d +Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c299da65ba25e6a85842bf0440fd98a9a2266b061c4b3a13327c090f9a0789f58aad805275e4378a525f19232bfbfb749ede38480f405cf43ec2f1f8619ebcbc80a89e92a859c7911e674977ab17d4a7126a6b8a477358ff14a344d276ef6e504e10268ac3619fcf90c2d6c03fc2e3d1f290d9bf26c1fa1495dd8f97eec6229a55c2354e4524143551a5cc370a1c622c9390530cff21c3e1ed50c5e3daf97518ccce34156bdbd7eafab8bd417aef25c6c927301731bd319d247a1d5c3186ed10bfd9a7a24bac30e3e4503ed9204154d338b79ea276e7058e7f20f4d4fd1ac93d63f611af7b6d006c2a72add0eedc497b19cb30a198816664f0da00155f2e2d6ac61045b296d614301e0ad4983308028850dd4feffe3a8163970306e4047f5a165cb4befbc129729cd2e286e837e9b606486d402acc3dec5bf8b92387f6e486f2140 +Result = INVALID_IV_LENGTH From no-reply at appveyor.com Wed Mar 6 15:09:42 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 15:09:42 +0000 Subject: Build completed: openssl master.23204 Message-ID: <20190306150942.1.1CFA44157D3AA7E1@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Wed Mar 6 15:19:09 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 06 Mar 2019 15:19:09 +0000 Subject: [web] master update Message-ID: <1551885549.735899.21558.nullmailer@dev.openssl.org> The branch master has been updated via 497e8bf4a455aa2adc495777e49ad32e133a7d34 (commit) from b221da5e00d3e9304664f605c132a18674a343e5 (commit) - Log ----------------------------------------------------------------- commit 497e8bf4a455aa2adc495777e49ad32e133a7d34 Author: Matt Caswell Date: Wed Mar 6 15:12:07 2019 +0000 Website updates for CVE-2019-1543 Reviewed-by: Mark J. Cox (Merged from https://github.com/openssl/web/pull/125) ----------------------------------------------------------------------- Summary of changes: news/newsflash.txt | 1 + news/secadv/20190306.txt | 61 ++++++++++++++++++++++++++++++++++++++++++++++++ news/vulnerabilities.xml | 58 ++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 119 insertions(+), 1 deletion(-) create mode 100644 news/secadv/20190306.txt diff --git a/news/newsflash.txt b/news/newsflash.txt index b458dc4..1346f6e 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,7 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +06-Mar-2019: Security Advisory: one low severity fix in ChaCha20-Poly1305 26-Feb-2019: OpenSSL 1.1.1b is now available, including bug fixes 26-Feb-2019: OpenSSL 1.0.2r is now available, including bug and security fixes 11-Feb-2019: 3.0.0 Design (draft) is now available diff --git a/news/secadv/20190306.txt b/news/secadv/20190306.txt new file mode 100644 index 0000000..50b2744 --- /dev/null +++ b/news/secadv/20190306.txt @@ -0,0 +1,61 @@ +OpenSSL Security Advisory [6 March 2019] +======================================== + +ChaCha20-Poly1305 with long nonces (CVE-2019-1543) +================================================== + +Severity: Low + +ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every +encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 +bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce +with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a +nonce to be set of up to 16 bytes. In this case only the last 12 bytes are +significant and any additional leading bytes are ignored. + +It is a requirement of using this cipher that nonce values are unique. Messages +encrypted using a reused nonce value are susceptible to serious confidentiality +and integrity attacks. If an application changes the default nonce length to be +longer than 12 bytes and then makes a change to the leading bytes of the nonce +expecting the new value to be a new unique nonce then such an application could +inadvertently encrypt messages with a reused nonce. + +Additionally the ignored bytes in a long nonce are not covered by the integrity +guarantee of this cipher. Any application that relies on the integrity of these +ignored leading bytes of a long nonce may be further affected. + +Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because +no such use sets such a long nonce value. However user applications that use +this cipher directly and set a non-default nonce length to be longer than 12 +bytes may be vulnerable. + +OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited +scope of affected deployments this has been assessed as low severity and +therefore we are not creating new releases at this time. The 1.1.1 mitigation +for this issue can be found in commit f426625b6a. The 1.1.0 mitigation for this +issue can be found in commit ee22257b14. + +This issue does not impact OpenSSL 1.0.2. + +This issue was discovered by Joran Dirk Greef of Ronomon. The fix was developed +by Matt Caswell from the OpenSSL development team. It was reported to OpenSSL on +26th February 2019. + +Note +==== + +OpenSSL 1.0.2 and 1.1.0 are currently only receiving security updates. Support +for 1.0.2 will end on 31st December 2019. Support for 1.1.0 will end on 11th +September 2019. Users of these versions should upgrade to OpenSSL 1.1.1. + +References +========== + +URL for this Security Advisory: +https://www.openssl.org/news/secadv/20190306.txt + +Note: the online version of the advisory may be updated with additional details +over time. + +For details of OpenSSL severity classifications please see: +https://www.openssl.org/policies/secpolicy.html diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml index 5286f54..00518fb 100644 --- a/news/vulnerabilities.xml +++ b/news/vulnerabilities.xml @@ -7,7 +7,63 @@ - + + + + + + + + + + + + + + + + + + + + + + + + + Nonce Reuse + ChaCha20-Poly1305 with long nonces + + ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every + encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 + bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce + with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a + nonce to be set of up to 16 bytes. In this case only the last 12 bytes are + significant and any additional leading bytes are ignored. + + It is a requirement of using this cipher that nonce values are unique. Messages + encrypted using a reused nonce value are susceptible to serious confidentiality + and integrity attacks. If an application changes the default nonce length to be + longer than 12 bytes and then makes a change to the leading bytes of the nonce + expecting the new value to be a new unique nonce then such an application could + inadvertently encrypt messages with a reused nonce. + + Additionally the ignored bytes in a long nonce are not covered by the integrity + guarantee of this cipher. Any application that relies on the integrity of these + ignored leading bytes of a long nonce may be further affected. + + Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because + no such use sets such a long nonce value. However user applications that use + this cipher directly and set a non-default nonce length to be longer than 12 + bytes may be vulnerable. + + OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited + scope of affected deployments this has been assessed as low severity and + therefore we are not creating new releases at this time. + + + + From builds at travis-ci.org Wed Mar 6 15:37:55 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 06 Mar 2019 15:37:55 +0000 Subject: Still Failing: openssl/openssl#23808 (OpenSSL_1_1_1-stable - f7a6d11) In-Reply-To: Message-ID: <5c7fe95346e6e_43fb1075b59a8193646@19855ea2-e9b0-47de-ad8c-2678d5cbc60a.mail> Build Update for openssl/openssl ------------------------------------- Build: #23808 Status: Still Failing Duration: 29 mins and 24 secs Commit: f7a6d11 (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Update ChaCha20-Poly1305 documentation Correctly describe the maximum IV length. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit 27d5631236325c3fd8a3bd06af282ac496aac64b) View the changeset: https://github.com/openssl/openssl/compare/c9a826d28f82...f7a6d1122bef View the full build log and details: https://travis-ci.org/openssl/openssl/builds/502609884?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Wed Mar 6 16:18:15 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 06 Mar 2019 16:18:15 +0000 Subject: [openssl] master update Message-ID: <1551889095.686181.18295.nullmailer@dev.openssl.org> The branch master has been updated via 9fdcc21fdc9d148f78d9cd5be34030f38cc45812 (commit) from 27d5631236325c3fd8a3bd06af282ac496aac64b (commit) - Log ----------------------------------------------------------------- commit 9fdcc21fdc9d148f78d9cd5be34030f38cc45812 Author: David von Oheimb Date: Tue Jan 15 21:51:25 2019 +0100 constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8029) ----------------------------------------------------------------------- Summary of changes: crypto/asn1/a_dup.c | 4 +- crypto/asn1/a_i2d_fp.c | 8 +-- crypto/asn1/asn1_locl.h | 10 +++- crypto/asn1/asn_mime.c | 2 + crypto/asn1/bio_ndef.c | 1 + crypto/asn1/i2d_pr.c | 2 +- crypto/asn1/i2d_pu.c | 2 +- crypto/asn1/n_pkey.c | 12 ++-- crypto/asn1/tasn_dec.c | 6 +- crypto/asn1/tasn_enc.c | 90 ++++++++++++++++-------------- crypto/asn1/tasn_fre.c | 2 +- crypto/asn1/tasn_prn.c | 52 ++++++++--------- crypto/asn1/tasn_typ.c | 4 +- crypto/asn1/tasn_utl.c | 82 ++++++++++++++++++--------- crypto/asn1/x_bignum.c | 8 +-- crypto/asn1/x_int64.c | 16 +++--- crypto/asn1/x_long.c | 8 +-- crypto/cms/cms_dd.c | 4 +- crypto/cms/cms_enc.c | 2 +- crypto/cms/cms_env.c | 8 +-- crypto/cms/cms_io.c | 1 + crypto/cms/cms_kari.c | 2 +- crypto/cms/cms_lcl.h | 14 ++--- crypto/cms/cms_lib.c | 1 + crypto/cms/cms_pwri.c | 2 +- crypto/dh/dh_ameth.c | 2 +- crypto/dh/dh_asn1.c | 4 +- crypto/dh/dh_pmeth.c | 2 +- crypto/dsa/dsa_asn1.c | 10 ++-- crypto/dsa/dsa_pmeth.c | 2 +- crypto/ec/ec_asn1.c | 22 ++++---- crypto/ec/ec_pmeth.c | 2 +- crypto/ess/ess_asn1.c | 10 ++-- crypto/evp/encode.c | 2 +- crypto/evp/evp_pkey.c | 2 +- crypto/evp/mac_lib.c | 2 +- crypto/evp/p_lib.c | 8 +-- crypto/evp/pkey_mac.c | 2 +- crypto/evp/pmeth_lib.c | 8 +-- crypto/include/internal/evp_int.h | 2 +- crypto/ocsp/v3_ocsp.c | 6 +- crypto/pem/pem_pk8.c | 24 ++++---- crypto/pkcs12/p12_utl.c | 4 +- crypto/pkcs7/pk7_lib.c | 1 + crypto/rsa/rsa_asn1.c | 8 +-- crypto/rsa/rsa_pmeth.c | 2 +- crypto/sm2/sm2_pmeth.c | 2 +- crypto/ts/ts_asn1.c | 44 +++++++-------- crypto/x509/x_all.c | 68 +++++++++++------------ crypto/x509/x_name.c | 27 +++++---- crypto/x509/x_pubkey.c | 36 +++++++----- crypto/x509/x_x509.c | 5 +- crypto/x509v3/v3_genn.c | 2 +- doc/man3/ASN1_STRING_length.pod | 2 +- doc/man3/EVP_PKEY_CTX_ctrl.pod | 3 +- doc/man3/EVP_PKEY_CTX_new.pod | 2 +- doc/man3/EVP_PKEY_set1_RSA.pod | 8 +-- doc/man3/PEM_read_bio_PrivateKey.pod | 7 +-- doc/man3/SSL_SESSION_free.pod | 2 +- doc/man3/SSL_new.pod | 3 +- doc/man3/X509_PUBKEY_new.pod | 6 +- doc/man3/X509_dup.pod | 4 +- doc/man3/d2i_PKCS8PrivateKey_bio.pod | 8 +-- doc/man3/d2i_PrivateKey.pod | 4 +- doc/man3/d2i_X509.pod | 3 + include/openssl/asn1.h | 105 ++++++++++++++++------------------- include/openssl/asn1t.h | 75 +++++++++++++------------ include/openssl/cms.h | 2 +- include/openssl/dh.h | 12 ++-- include/openssl/dsa.h | 17 +++--- include/openssl/ec.h | 15 +++-- include/openssl/ess.h | 47 +++++----------- include/openssl/evp.h | 54 +++++++++--------- include/openssl/objects.h | 2 +- include/openssl/ocsp.h | 2 +- include/openssl/pem.h | 16 +++--- include/openssl/pkcs12.h | 4 +- include/openssl/pkcs7.h | 6 +- include/openssl/rsa.h | 8 +-- include/openssl/ssl.h | 4 +- include/openssl/ts.h | 78 ++++++++++---------------- include/openssl/x509.h | 98 +++++++++++++++----------------- include/openssl/x509v3.h | 4 +- ssl/ssl_asn1.c | 10 ++-- ssl/ssl_locl.h | 2 +- ssl/ssl_sess.c | 4 +- test/x509aux.c | 2 +- util/perl/OpenSSL/ParseC.pm | 60 +++++++++++++------- 88 files changed, 680 insertions(+), 651 deletions(-) diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index 4d22168..b5df08e 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -13,7 +13,7 @@ #ifndef NO_OLD_ASN1 -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) +void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x) { unsigned char *b, *p; const unsigned char *p2; @@ -46,7 +46,7 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) * decode. */ -void *ASN1_item_dup(const ASN1_ITEM *it, void *x) +void *ASN1_item_dup(const ASN1_ITEM *it, const void *x) { unsigned char *b = NULL; const unsigned char *p; diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c index 2527c25..e718bf4 100644 --- a/crypto/asn1/a_i2d_fp.c +++ b/crypto/asn1/a_i2d_fp.c @@ -15,7 +15,7 @@ #ifndef NO_OLD_ASN1 # ifndef OPENSSL_NO_STDIO -int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) +int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, const void *x) { BIO *b; int ret; @@ -31,7 +31,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) } # endif -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) +int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x) { char *b; unsigned char *p; @@ -68,7 +68,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) #endif #ifndef OPENSSL_NO_STDIO -int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) +int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, const void *x) { BIO *b; int ret; @@ -84,7 +84,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) } #endif -int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) +int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x) { unsigned char *b = NULL; int i, j = 0, n, ret = 1; diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h index e3221d6..5720c90 100644 --- a/crypto/asn1/asn1_locl.h +++ b/crypto/asn1/asn1_locl.h @@ -9,6 +9,9 @@ /* Internal ASN1 structures and functions: not for application use */ +typedef const ASN1_VALUE const_ASN1_VALUE; +SKM_DEFINE_STACK_OF(const_ASN1_VALUE, const ASN1_VALUE, ASN1_VALUE) + int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d); int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d); int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d); @@ -46,19 +49,22 @@ DEFINE_STACK_OF(MIME_HEADER) void asn1_string_embed_free(ASN1_STRING *a, int embed); int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); +int asn1_get_choice_selector_const(const ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); +const ASN1_VALUE **asn1_get_const_field_ptr(const ASN1_VALUE **pval, + const ASN1_TEMPLATE *tt); -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, +const ASN1_TEMPLATE *asn1_do_adb(const ASN1_VALUE *val, const ASN1_TEMPLATE *tt, int nullerr); int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, +int asn1_enc_restore(int *len, unsigned char **out, const ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it); diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index d99f0ef..5c34938 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -64,6 +64,7 @@ static void mime_hdr_free(MIME_HEADER *hdr); /* Output an ASN1 structure in BER format streaming if necessary */ +/* unfortunately cannot constify this due to CMS_stream() and PKCS7_stream() */ int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const ASN1_ITEM *it) { @@ -311,6 +312,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, /* Handle output of ASN1 data */ +/* cannot constify val because of CMS_dataFinal() */ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, const ASN1_ITEM *it) { diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c index 015c54d..d3be967 100644 --- a/crypto/asn1/bio_ndef.c +++ b/crypto/asn1/bio_ndef.c @@ -49,6 +49,7 @@ static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg); static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg); +/* unfortunately cannot constify this due to CMS_stream() and PKCS7_stream() */ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) { NDEF_SUPPORT *ndef_aux = NULL; diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index e8b1dd2..7133d3d 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -14,7 +14,7 @@ #include "internal/asn1_int.h" #include "internal/evp_int.h" -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) +int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) { if (a->ameth && a->ameth->old_priv_encode) { return a->ameth->old_priv_encode(a, pp); diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c index ff15282..8195dda 100644 --- a/crypto/asn1/i2d_pu.c +++ b/crypto/asn1/i2d_pu.c @@ -16,7 +16,7 @@ #include #include -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) +int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp) { switch (EVP_PKEY_id(a)) { #ifndef OPENSSL_NO_RSA diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 3c83e4b..12592d0 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -43,9 +43,9 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG) } static_ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY) -DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY) -IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) +DECLARE_ASN1_FUNCTIONS(NETSCAPE_ENCRYPTED_PKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(NETSCAPE_ENCRYPTED_PKEY, NETSCAPE_ENCRYPTED_PKEY) +IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_ENCRYPTED_PKEY) ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_EMBED(NETSCAPE_PKEY, version, INT32), @@ -53,9 +53,9 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) } static_ASN1_SEQUENCE_END(NETSCAPE_PKEY) -DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY) -IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) +DECLARE_ASN1_FUNCTIONS(NETSCAPE_PKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(NETSCAPE_PKEY, NETSCAPE_PKEY) +IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_PKEY) # endif /* OPENSSL_NO_RC4 */ diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 03d02b7..87c01f0 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -316,7 +316,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in, if (tt->flags & ASN1_TFLG_ADB_MASK) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; - seqtt = asn1_do_adb(pval, tt, 0); + seqtt = asn1_do_adb(*pval, tt, 0); if (seqtt == NULL) continue; pseqval = asn1_get_field_ptr(pval, seqtt); @@ -328,7 +328,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in, for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; - seqtt = asn1_do_adb(pval, tt, 1); + seqtt = asn1_do_adb(*pval, tt, 1); if (seqtt == NULL) goto err; pseqval = asn1_get_field_ptr(pval, seqtt); @@ -394,7 +394,7 @@ static int asn1_item_embed_d2i(ASN1_VALUE **pval, const unsigned char **in, */ for (; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; - seqtt = asn1_do_adb(pval, tt, 1); + seqtt = asn1_do_adb(*pval, tt, 1); if (seqtt == NULL) goto err; if (seqtt->flags & ASN1_TFLG_OPTIONAL) { diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index 411b53e..8ab9c37 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -16,16 +16,17 @@ #include "internal/asn1_int.h" #include "asn1_locl.h" -static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, +static int asn1_i2d_ex_primitive(const ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, +static int asn1_set_seq_out(STACK_OF(const_ASN1_VALUE) *sk, + unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass); -static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, +static int asn1_template_ex_i2d(const ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt, int tag, int aclass); -static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, +static int asn1_item_flags_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it, int flags); -static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, +static int asn1_ex_i2c(const ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it); /* @@ -33,13 +34,13 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, * indefinite length constructed encoding, where appropriate */ -int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, +int ASN1_item_ndef_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) { return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF); } -int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) +int ASN1_item_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) { return asn1_item_flags_i2d(val, out, it, 0); } @@ -51,7 +52,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) * allocated and populated with the encoding. */ -static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, +static int asn1_item_flags_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it, int flags) { if (out && !*out) { @@ -79,20 +80,22 @@ static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, * performs the normal item handling: it can be used in external types. */ -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, +int ASN1_item_ex_i2d(const ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) { const ASN1_TEMPLATE *tt = NULL; int i, seqcontlen, seqlen, ndef = 1; const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb = 0; + ASN1_aux_const_cb *asn1_cb = NULL; if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0; - if (aux && aux->asn1_cb) - asn1_cb = aux->asn1_cb; + if (aux != NULL) { + asn1_cb = ((aux->flags & ASN1_AFLG_CONST_CB) != 0) ? aux->asn1_const_cb + : (ASN1_aux_const_cb *)aux->asn1_cb; /* backward compatibility */ + } switch (it->itype) { @@ -108,12 +111,12 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, case ASN1_ITYPE_CHOICE: if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; - i = asn1_get_choice_selector(pval, it); + i = asn1_get_choice_selector_const(pval, it); if ((i >= 0) && (i < it->tcount)) { - ASN1_VALUE **pchval; + const ASN1_VALUE **pchval; const ASN1_TEMPLATE *chtt; chtt = it->templates + i; - pchval = asn1_get_field_ptr(pval, chtt); + pchval = asn1_get_const_field_ptr(pval, chtt); return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass); } /* Fixme: error condition if selector out of range */ @@ -154,12 +157,12 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, /* First work out sequence content length */ for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; - ASN1_VALUE **pseqval; + const ASN1_VALUE **pseqval; int tmplen; - seqtt = asn1_do_adb(pval, tt, 1); + seqtt = asn1_do_adb(*pval, tt, 1); if (!seqtt) return 0; - pseqval = asn1_get_field_ptr(pval, seqtt); + pseqval = asn1_get_const_field_ptr(pval, seqtt); tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass); if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen)) return -1; @@ -173,11 +176,11 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, ASN1_put_object(out, ndef, seqcontlen, tag, aclass); for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; - ASN1_VALUE **pseqval; - seqtt = asn1_do_adb(pval, tt, 1); + const ASN1_VALUE **pseqval; + seqtt = asn1_do_adb(*pval, tt, 1); if (!seqtt) return 0; - pseqval = asn1_get_field_ptr(pval, seqtt); + pseqval = asn1_get_const_field_ptr(pval, seqtt); /* FIXME: check for errors in enhanced version */ asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass); } @@ -194,11 +197,11 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, return 0; } -static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, +static int asn1_template_ex_i2d(const ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt, int tag, int iclass) { int i, ret, flags, ttag, tclass, ndef; - ASN1_VALUE *tval; + const ASN1_VALUE *tval; flags = tt->flags; /* @@ -250,10 +253,10 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, if (flags & ASN1_TFLG_SK_MASK) { /* SET OF, SEQUENCE OF */ - STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; + STACK_OF(const_ASN1_VALUE) *sk = (STACK_OF(const_ASN1_VALUE) *)*pval; int isset, sktag, skaclass; int skcontlen, sklen; - ASN1_VALUE *skitem; + const ASN1_VALUE *skitem; if (!*pval) return 0; @@ -283,9 +286,9 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, /* Determine total length of items */ skcontlen = 0; - for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + for (i = 0; i < sk_const_ASN1_VALUE_num(sk); i++) { int tmplen; - skitem = sk_ASN1_VALUE_value(sk, i); + skitem = sk_const_ASN1_VALUE_value(sk, i); tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass); if (tmplen == -1 || (skcontlen > INT_MAX - tmplen)) @@ -351,7 +354,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, typedef struct { unsigned char *data; int length; - ASN1_VALUE *field; + const ASN1_VALUE *field; } DER_ENC; static int der_cmp(const void *a, const void *b) @@ -367,20 +370,21 @@ static int der_cmp(const void *a, const void *b) /* Output the content octets of SET OF or SEQUENCE OF */ -static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, +static int asn1_set_seq_out(STACK_OF(const_ASN1_VALUE) *sk, + unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass) { int i; - ASN1_VALUE *skitem; + const ASN1_VALUE *skitem; unsigned char *tmpdat = NULL, *p = NULL; DER_ENC *derlst = NULL, *tder; if (do_sort) { /* Don't need to sort less than 2 items */ - if (sk_ASN1_VALUE_num(sk) < 2) + if (sk_const_ASN1_VALUE_num(sk) < 2) do_sort = 0; else { - derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) + derlst = OPENSSL_malloc(sk_const_ASN1_VALUE_num(sk) * sizeof(*derlst)); if (derlst == NULL) return 0; @@ -393,8 +397,8 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, } /* If not sorting just output each item */ if (!do_sort) { - for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { - skitem = sk_ASN1_VALUE_value(sk, i); + for (i = 0; i < sk_const_ASN1_VALUE_num(sk); i++) { + skitem = sk_const_ASN1_VALUE_value(sk, i); ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); } return 1; @@ -402,33 +406,33 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, p = tmpdat; /* Doing sort: build up a list of each member's DER encoding */ - for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { - skitem = sk_ASN1_VALUE_value(sk, i); + for (i = 0, tder = derlst; i < sk_const_ASN1_VALUE_num(sk); i++, tder++) { + skitem = sk_const_ASN1_VALUE_value(sk, i); tder->data = p; tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); tder->field = skitem; } /* Now sort them */ - qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); + qsort(derlst, sk_const_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); /* Output sorted DER encoding */ p = *out; - for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { + for (i = 0, tder = derlst; i < sk_const_ASN1_VALUE_num(sk); i++, tder++) { memcpy(p, tder->data, tder->length); p += tder->length; } *out = p; /* If do_sort is 2 then reorder the STACK */ if (do_sort == 2) { - for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) - (void)sk_ASN1_VALUE_set(sk, i, tder->field); + for (i = 0, tder = derlst; i < sk_const_ASN1_VALUE_num(sk); i++, tder++) + (void)sk_const_ASN1_VALUE_set(sk, i, tder->field); } OPENSSL_free(derlst); OPENSSL_free(tmpdat); return 1; } -static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, +static int asn1_i2d_ex_primitive(const ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) { int len; @@ -488,7 +492,7 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, /* Produce content octets from a structure */ -static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, +static int asn1_ex_i2c(const ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it) { ASN1_BOOLEAN *tbool = NULL; @@ -521,7 +525,7 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, typ = (ASN1_TYPE *)*pval; utype = typ->type; *putype = utype; - pval = &typ->value.asn1_value; + pval = (const ASN1_VALUE **)&typ->value.asn1_value; /* actually is const */ } else utype = *putype; diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c index 71596d7..bffa6f1 100644 --- a/crypto/asn1/tasn_fre.c +++ b/crypto/asn1/tasn_fre.c @@ -103,7 +103,7 @@ void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed) ASN1_VALUE **pseqval; tt--; - seqtt = asn1_do_adb(pval, tt, 0); + seqtt = asn1_do_adb(*pval, tt, 0); if (!seqtt) continue; pseqval = asn1_get_field_ptr(pval, seqtt); diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c index 7353906..0f56fb0 100644 --- a/crypto/asn1/tasn_prn.c +++ b/crypto/asn1/tasn_prn.c @@ -101,15 +101,15 @@ void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags) /* Main print routines */ -static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, +static int asn1_item_print_ctx(BIO *out, const ASN1_VALUE **fld, int indent, const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr, const ASN1_PCTX *pctx); -static int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, +static int asn1_template_print_ctx(BIO *out, const ASN1_VALUE **fld, int indent, const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx); -static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, +static int asn1_primitive_print(BIO *out, const ASN1_VALUE **fld, const ASN1_ITEM *it, int indent, const char *fname, const char *sname, const ASN1_PCTX *pctx); @@ -118,7 +118,7 @@ static int asn1_print_fsname(BIO *out, int indent, const char *fname, const char *sname, const ASN1_PCTX *pctx); -int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, +int ASN1_item_print(BIO *out, const ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it, const ASN1_PCTX *pctx) { const char *sname; @@ -131,25 +131,25 @@ int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, 0, pctx); } -static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, +static int asn1_item_print_ctx(BIO *out, const ASN1_VALUE **fld, int indent, const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr, const ASN1_PCTX *pctx) { const ASN1_TEMPLATE *tt; const ASN1_EXTERN_FUNCS *ef; - ASN1_VALUE **tmpfld; + const ASN1_VALUE **tmpfld; const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb; + ASN1_aux_const_cb *asn1_cb = NULL; ASN1_PRINT_ARG parg; int i; - if (aux && aux->asn1_cb) { + if (aux != NULL) { parg.out = out; parg.indent = indent; parg.pctx = pctx; - asn1_cb = aux->asn1_cb; - } else - asn1_cb = 0; + asn1_cb = ((aux->flags & ASN1_AFLG_CONST_CB) != 0) ? aux->asn1_const_cb + : (ASN1_aux_const_cb *)aux->asn1_cb; /* backward compatibility */ + } if (((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) && *fld == NULL) { @@ -195,7 +195,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, case ASN1_ITYPE_CHOICE: /* CHOICE type, get selector */ - i = asn1_get_choice_selector(fld, it); + i = asn1_get_choice_selector_const(fld, it); /* This should never happen... */ if ((i < 0) || (i >= it->tcount)) { if (BIO_printf(out, "ERROR: selector [%d] invalid\n", i) <= 0) @@ -203,7 +203,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, return 1; } tt = it->templates + i; - tmpfld = asn1_get_field_ptr(fld, tt); + tmpfld = asn1_get_const_field_ptr(fld, tt); if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx)) return 0; break; @@ -233,10 +233,10 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, /* Print each field entry */ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { const ASN1_TEMPLATE *seqtt; - seqtt = asn1_do_adb(fld, tt, 1); + seqtt = asn1_do_adb(*fld, tt, 1); if (!seqtt) return 0; - tmpfld = asn1_get_field_ptr(fld, seqtt); + tmpfld = asn1_get_const_field_ptr(fld, seqtt); if (!asn1_template_print_ctx(out, tmpfld, indent + 2, seqtt, pctx)) return 0; @@ -261,12 +261,12 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, return 1; } -static int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, +static int asn1_template_print_ctx(BIO *out, const ASN1_VALUE **fld, int indent, const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx) { int i, flags; const char *sname, *fname; - ASN1_VALUE *tfld; + const ASN1_VALUE *tfld; flags = tt->flags; if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME) sname = ASN1_ITEM_ptr(tt->item)->sname; @@ -282,14 +282,14 @@ static int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, * a pointer to a field. */ if (flags & ASN1_TFLG_EMBED) { - tfld = (ASN1_VALUE *)fld; + tfld = (const ASN1_VALUE *)fld; fld = &tfld; } if (flags & ASN1_TFLG_SK_MASK) { char *tname; - ASN1_VALUE *skitem; - STACK_OF(ASN1_VALUE) *stack; + const ASN1_VALUE *skitem; + STACK_OF(const_ASN1_VALUE) *stack; /* SET OF, SEQUENCE OF */ if (fname) { @@ -304,12 +304,12 @@ static int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, } else if (BIO_printf(out, "%*s%s:\n", indent, "", fname) <= 0) return 0; } - stack = (STACK_OF(ASN1_VALUE) *)*fld; - for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) { + stack = (STACK_OF(const_ASN1_VALUE) *)*fld; + for (i = 0; i < sk_const_ASN1_VALUE_num(stack); i++) { if ((i > 0) && (BIO_puts(out, "\n") <= 0)) return 0; - skitem = sk_ASN1_VALUE_value(stack, i); + skitem = sk_const_ASN1_VALUE_value(stack, i); if (!asn1_item_print_ctx(out, &skitem, indent + 2, ASN1_ITEM_ptr(tt->item), NULL, NULL, 1, pctx)) @@ -430,7 +430,7 @@ static int asn1_print_obstring(BIO *out, const ASN1_STRING *str, int indent) return 1; } -static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, +static int asn1_primitive_print(BIO *out, const ASN1_VALUE **fld, const ASN1_ITEM *it, int indent, const char *fname, const char *sname, const ASN1_PCTX *pctx) @@ -456,9 +456,9 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, str = (ASN1_STRING *)*fld; } if (utype == V_ASN1_ANY) { - ASN1_TYPE *atype = (ASN1_TYPE *)*fld; + const ASN1_TYPE *atype = (const ASN1_TYPE *)*fld; utype = atype->type; - fld = &atype->value.asn1_value; + fld = (const ASN1_VALUE **)&atype->value.asn1_value; /* actually is const */ str = (ASN1_STRING *)*fld; if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE) pname = NULL; diff --git a/crypto/asn1/tasn_typ.c b/crypto/asn1/tasn_typ.c index 37a9883..8095e32 100644 --- a/crypto/asn1/tasn_typ.c +++ b/crypto/asn1/tasn_typ.c @@ -80,5 +80,5 @@ ASN1_ITEM_TEMPLATE(ASN1_SET_ANY) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, ASN1_SET_ANY, ASN1_ANY) ASN1_ITEM_TEMPLATE_END(ASN1_SET_ANY) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY) diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c index 1694bdc..53dad7a 100644 --- a/crypto/asn1/tasn_utl.c +++ b/crypto/asn1/tasn_utl.c @@ -29,6 +29,14 @@ int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) { int *sel = offset2ptr(*pval, it->utype); + + return *sel; +} + +int asn1_get_choice_selector_const(const ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + int *sel = offset2ptr(*pval, it->utype); + return *sel; } @@ -40,6 +48,7 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) { int *sel, ret; + sel = offset2ptr(*pval, it->utype); ret = *sel; *sel = value; @@ -66,7 +75,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE)) return 0; aux = it->funcs; - if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) + if (aux == NULL || (aux->flags & ASN1_AFLG_REFCOUNT) == 0) return 0; lck = offset2ptr(*pval, aux->ref_offset); lock = offset2ptr(*pval, aux->ref_lock); @@ -104,19 +113,33 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) { const ASN1_AUX *aux; - if (!pval || !*pval) + + if (pval == NULL || *pval == NULL) return NULL; aux = it->funcs; - if (!aux || !(aux->flags & ASN1_AFLG_ENCODING)) + if (aux == NULL || (aux->flags & ASN1_AFLG_ENCODING) == 0) + return NULL; + return offset2ptr(*pval, aux->enc_offset); +} + +static const ASN1_ENCODING *asn1_get_const_enc_ptr(const ASN1_VALUE **pval, + const ASN1_ITEM *it) +{ + const ASN1_AUX *aux; + + if (pval == NULL || *pval == NULL) + return NULL; + aux = it->funcs; + if (aux == NULL || (aux->flags & ASN1_AFLG_ENCODING) == 0) return NULL; return offset2ptr(*pval, aux->enc_offset); } void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) { - ASN1_ENCODING *enc; - enc = asn1_get_enc_ptr(pval, it); - if (enc) { + ASN1_ENCODING *enc = asn1_get_enc_ptr(pval, it); + + if (enc != NULL) { enc->enc = NULL; enc->len = 0; enc->modified = 1; @@ -125,9 +148,9 @@ void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) { - ASN1_ENCODING *enc; - enc = asn1_get_enc_ptr(pval, it); - if (enc) { + ASN1_ENCODING *enc = asn1_get_enc_ptr(pval, it); + + if (enc != NULL) { OPENSSL_free(enc->enc); enc->enc = NULL; enc->len = 0; @@ -138,9 +161,9 @@ void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it) { - ASN1_ENCODING *enc; - enc = asn1_get_enc_ptr(pval, it); - if (!enc) + ASN1_ENCODING *enc = asn1_get_enc_ptr(pval, it); + + if (enc == NULL) return 1; OPENSSL_free(enc->enc); @@ -155,18 +178,18 @@ int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, return 1; } -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, +int asn1_enc_restore(int *len, unsigned char **out, const ASN1_VALUE **pval, const ASN1_ITEM *it) { - ASN1_ENCODING *enc; - enc = asn1_get_enc_ptr(pval, it); - if (!enc || enc->modified) + const ASN1_ENCODING *enc = asn1_get_const_enc_ptr(pval, it); + + if (enc == NULL || enc->modified) return 0; if (out) { memcpy(*out, enc->enc, enc->len); *out += enc->len; } - if (len) + if (len != NULL) *len = enc->len; return 1; } @@ -174,8 +197,8 @@ int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, /* Given an ASN1_TEMPLATE get a pointer to a field */ ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) { - ASN1_VALUE **pvaltmp; - pvaltmp = offset2ptr(*pval, tt->offset); + ASN1_VALUE **pvaltmp = offset2ptr(*pval, tt->offset); + /* * NOTE for BOOLEAN types the field is just a plain int so we can't * return int **, so settle for (int *). @@ -183,31 +206,40 @@ ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) return pvaltmp; } +/* Given an ASN1_TEMPLATE get a const pointer to a field */ +const ASN1_VALUE **asn1_get_const_field_ptr(const ASN1_VALUE **pval, + const ASN1_TEMPLATE *tt) +{ + return offset2ptr(*pval, tt->offset); +} + /* * Handle ANY DEFINED BY template, find the selector, look up the relevant * ASN1_TEMPLATE in the table and return it. */ -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, +const ASN1_TEMPLATE *asn1_do_adb(const ASN1_VALUE *val, + const ASN1_TEMPLATE *tt, int nullerr) { const ASN1_ADB *adb; const ASN1_ADB_TABLE *atbl; long selector; - ASN1_VALUE **sfld; + const ASN1_VALUE **sfld; int i; - if (!(tt->flags & ASN1_TFLG_ADB_MASK)) + + if ((tt->flags & ASN1_TFLG_ADB_MASK) == 0) return tt; /* Else ANY DEFINED BY ... get the table */ adb = ASN1_ADB_ptr(tt->item); /* Get the selector field */ - sfld = offset2ptr(*pval, adb->offset); + sfld = offset2ptr(val, adb->offset); /* Check if NULL */ if (*sfld == NULL) { - if (!adb->null_tt) + if (adb->null_tt == NULL) goto err; return adb->null_tt; } @@ -216,7 +248,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, * Convert type to a long: NB: don't check for NID_undef here because it * might be a legitimate value in the table */ - if (tt->flags & ASN1_TFLG_ADB_OID) + if ((tt->flags & ASN1_TFLG_ADB_OID) != 0) selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); else selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c index 11a2eb5..d7abca6 100644 --- a/crypto/asn1/x_bignum.c +++ b/crypto/asn1/x_bignum.c @@ -25,13 +25,13 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static int bn_secure_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, +static int bn_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); -static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, +static int bn_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); static ASN1_PRIMITIVE_FUNCS bignum_pf = { @@ -91,7 +91,7 @@ static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it) *pval = NULL; } -static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, +static int bn_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it) { BIGNUM *bn; @@ -135,7 +135,7 @@ static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, return bn_c2i(pval, cont, len, utype, free_cont, it); } -static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, +static int bn_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx) { if (!BN_print(out, *(BIGNUM **)pval)) diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c index 657e00d..1b55f4f 100644 --- a/crypto/asn1/x_int64.c +++ b/crypto/asn1/x_int64.c @@ -46,8 +46,8 @@ static void uint64_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) **(uint64_t **)pval = 0; } -static int uint64_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, - const ASN1_ITEM *it) +static int uint64_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, + const ASN1_ITEM *it) { uint64_t utmp; int neg = 0; @@ -71,7 +71,7 @@ static int uint64_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, } static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, - int utype, char *free_cont, const ASN1_ITEM *it) + int utype, char *free_cont, const ASN1_ITEM *it) { uint64_t utmp = 0; char *cp; @@ -111,7 +111,7 @@ static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, return 1; } -static int uint64_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, +static int uint64_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx) { if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED) @@ -141,8 +141,8 @@ static void uint32_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) **(uint32_t **)pval = 0; } -static int uint32_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, - const ASN1_ITEM *it) +static int uint32_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, + const ASN1_ITEM *it) { uint32_t utmp; int neg = 0; @@ -173,7 +173,7 @@ static int uint32_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, #define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1) static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, - int utype, char *free_cont, const ASN1_ITEM *it) + int utype, char *free_cont, const ASN1_ITEM *it) { uint64_t utmp = 0; uint32_t utmp2 = 0; @@ -220,7 +220,7 @@ static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, return 1; } -static int uint32_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, +static int uint32_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx) { if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED) diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c index f5da0e0..89d5e83 100644 --- a/crypto/asn1/x_long.c +++ b/crypto/asn1/x_long.c @@ -25,11 +25,11 @@ NON_EMPTY_TRANSLATION_UNIT static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, +static int long_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); -static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, +static int long_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); static ASN1_PRIMITIVE_FUNCS long_pf = { @@ -86,7 +86,7 @@ static int num_bits_ulong(unsigned long value) return (int)ret; } -static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, +static int long_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it) { long ltmp; @@ -190,7 +190,7 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, return 1; } -static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, +static int long_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx) { long l; diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c index 0227180..8bdbdfd 100644 --- a/crypto/cms/cms_dd.c +++ b/crypto/cms/cms_dd.c @@ -45,14 +45,14 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md) return NULL; } -BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms) +BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms) { CMS_DigestedData *dd; dd = cms->d.digestedData; return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm); } -int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify) +int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify) { EVP_MD_CTX *mctx = EVP_MD_CTX_new(); unsigned char md[EVP_MAX_MD_SIZE]; diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c index 13d8578..d3a087b 100644 --- a/crypto/cms/cms_enc.c +++ b/crypto/cms/cms_enc.c @@ -204,7 +204,7 @@ int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, return cms_EncryptedContent_init(ec, ciph, key, keylen); } -BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms) +BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms) { CMS_EncryptedData *enc = cms->d.encryptedData; if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs) diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 187b721..acfbf8c 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -289,7 +289,7 @@ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey) /* Encrypt content key in key transport recipient info */ -static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, +static int cms_RecipientInfo_ktri_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri) { CMS_KeyTransRecipientInfo *ktri; @@ -610,7 +610,7 @@ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, /* Encrypt content key in KEK recipient info */ -static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, +static int cms_RecipientInfo_kekri_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri) { CMS_EncryptedContentInfo *ec; @@ -755,7 +755,7 @@ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) } } -int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) +int CMS_RecipientInfo_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri) { switch (ri->type) { case CMS_RECIPINFO_TRANS: @@ -840,7 +840,7 @@ static void cms_env_set_version(CMS_EnvelopedData *env) env->version = 0; } -BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms) +BIO *cms_EnvelopedData_init_bio(const CMS_ContentInfo *cms) { CMS_EncryptedContentInfo *ec; STACK_OF(CMS_RecipientInfo) *rinfos; diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c index ad41884..f3b5874 100644 --- a/crypto/cms/cms_io.c +++ b/crypto/cms/cms_io.c @@ -14,6 +14,7 @@ #include #include "cms_lcl.h" +/* unfortunately cannot constify BIO_new_NDEF() due to this and PKCS7_stream() */ int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms) { ASN1_OCTET_STRING **pos; diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c index 9f1f5d5..866749a 100644 --- a/crypto/cms/cms_kari.c +++ b/crypto/cms/cms_kari.c @@ -363,7 +363,7 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, /* Encrypt content key in key agreement recipient info */ -int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, +int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri) { CMS_KeyAgreeRecipientInfo *kari; diff --git a/crypto/cms/cms_lcl.h b/crypto/cms/cms_lcl.h index be4f93e..64b673a 100644 --- a/crypto/cms/cms_lcl.h +++ b/crypto/cms/cms_lcl.h @@ -368,8 +368,8 @@ BIO *cms_content_bio(CMS_ContentInfo *cms); CMS_ContentInfo *cms_Data_create(void); CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md); -BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms); -int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify); +BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms); +int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify); BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms); int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain); @@ -382,7 +382,7 @@ int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid, int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert); CMS_ContentInfo *cms_CompressedData_create(int comp_nid); -BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms); +BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms); BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm); int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, @@ -394,7 +394,7 @@ int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec); -BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms); +BIO *cms_EncryptedData_init_bio(const CMS_ContentInfo *cms); int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen); @@ -403,18 +403,18 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms); int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src); ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si); -BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms); +BIO *cms_EnvelopedData_init_bio(const CMS_ContentInfo *cms); CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms); int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd); int cms_pkey_get_ri_type(EVP_PKEY *pk); /* KARI routines */ int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, EVP_PKEY *pk, unsigned int flags); -int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, +int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri); /* PWRI routines */ -int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, +int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri, int en_de); DECLARE_ASN1_ITEM(CMS_CertificateChoices) diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index c092341..29eacce 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -104,6 +104,7 @@ BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont) } +/* unfortunately cannot constify SMIME_write_ASN1() due to this function */ int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio) { ASN1_OCTET_STRING **pos = CMS_get0_content(cms); diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index 980252d..f0502a4 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -273,7 +273,7 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen, /* Encrypt/Decrypt content key in PWRI recipient info */ -int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, +int cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri, int en_de) { CMS_EncryptedContentInfo *ec; diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index e9eace14..1424c41 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -418,7 +418,7 @@ static int int_dh_param_copy(DH *to, const DH *from, int is_x942) return 1; } -DH *DHparams_dup(DH *dh) +DH *DHparams_dup(const DH *dh) { DH *ret; ret = DH_new(); diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 89acc7d..aabdfa8 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -37,7 +37,7 @@ ASN1_SEQUENCE_cb(DHparams, dh_cb) = { ASN1_OPT_EMBED(DH, length, ZINT32), } ASN1_SEQUENCE_END_cb(DH, DHparams) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DH, DHparams, DHparams) /* * Internal only structures for handling X9.42 DH: this gets translated to or @@ -74,7 +74,7 @@ int_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a, const unsigned char **pp, long length); int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp); -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(int_dhx942_dh, DHxparams, int_dhx) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx) /* Application public function: read in X9.42 DH parameters into DH structure */ diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 309a176..3497915 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -77,7 +77,7 @@ static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx) } -static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +static int pkey_dh_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) { DH_PKEY_CTX *dctx, *sctx; if (!pkey_dh_init(dst)) diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 6be9a1e..acf80c6 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -19,7 +19,7 @@ ASN1_SEQUENCE(DSA_SIG) = { ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } static_ASN1_SEQUENCE_END(DSA_SIG) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA_SIG, DSA_SIG, DSA_SIG) DSA_SIG *DSA_SIG_new(void) { @@ -83,7 +83,7 @@ ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { ASN1_SIMPLE(DSA, priv_key, CBIGNUM) } static_ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey) ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, p, BIGNUM), @@ -91,7 +91,7 @@ ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, g, BIGNUM), } static_ASN1_SEQUENCE_END_cb(DSA, DSAparams) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams) ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = { ASN1_SIMPLE(DSA, pub_key, BIGNUM), @@ -100,9 +100,9 @@ ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = { ASN1_SIMPLE(DSA, g, BIGNUM) } static_ASN1_SEQUENCE_END_cb(DSA, DSAPublicKey) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey) -DSA *DSAparams_dup(DSA *dsa) +DSA *DSAparams_dup(const DSA *dsa) { return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa); } diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index 0786fc2..cfba91c 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -47,7 +47,7 @@ static int pkey_dsa_init(EVP_PKEY_CTX *ctx) return 1; } -static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +static int pkey_dsa_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) { DSA_PKEY_CTX *dctx, *sctx; diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index ff50671..35ff948 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -217,9 +217,9 @@ ASN1_CHOICE(ECPKPARAMETERS) = { ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL) } ASN1_CHOICE_END(ECPKPARAMETERS) -DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS) -IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS) +DECLARE_ASN1_FUNCTIONS(ECPKPARAMETERS) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(ECPKPARAMETERS, ECPKPARAMETERS) +IMPLEMENT_ASN1_FUNCTIONS(ECPKPARAMETERS) ASN1_SEQUENCE(EC_PRIVATEKEY) = { ASN1_EMBED(EC_PRIVATEKEY, version, INT32), @@ -228,9 +228,9 @@ ASN1_SEQUENCE(EC_PRIVATEKEY) = { ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) } static_ASN1_SEQUENCE_END(EC_PRIVATEKEY) -DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY) -IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) +DECLARE_ASN1_FUNCTIONS(EC_PRIVATEKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(EC_PRIVATEKEY, EC_PRIVATEKEY) +IMPLEMENT_ASN1_FUNCTIONS(EC_PRIVATEKEY) /* some declarations of internal function */ @@ -968,7 +968,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) return NULL; } -int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) +int i2d_ECPrivateKey(const EC_KEY *a, unsigned char **out) { int ret = 0, ok = 0; unsigned char *priv= NULL, *pub= NULL; @@ -1040,7 +1040,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) return (ok ? ret : 0); } -int i2d_ECParameters(EC_KEY *a, unsigned char **out) +int i2d_ECParameters(const EC_KEY *a, unsigned char **out) { if (a == NULL) { ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); @@ -1142,9 +1142,9 @@ ASN1_SEQUENCE(ECDSA_SIG) = { ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM) } static_ASN1_SEQUENCE_END(ECDSA_SIG) -DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG) +DECLARE_ASN1_FUNCTIONS(ECDSA_SIG) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(ECDSA_SIG, ECDSA_SIG) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG) ECDSA_SIG *ECDSA_SIG_new(void) { diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 5595edc..68211ed 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -53,7 +53,7 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx) return 1; } -static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +static int pkey_ec_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) { EC_PKEY_CTX *dctx, *sctx; if (!pkey_ec_init(dst)) diff --git a/crypto/ess/ess_asn1.c b/crypto/ess/ess_asn1.c index d107469..0ea08e8 100644 --- a/crypto/ess/ess_asn1.c +++ b/crypto/ess/ess_asn1.c @@ -20,7 +20,7 @@ ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = { ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER) } static_ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL) -IMPLEMENT_ASN1_FUNCTIONS_const(ESS_ISSUER_SERIAL) +IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL) ASN1_SEQUENCE(ESS_CERT_ID) = { @@ -28,7 +28,7 @@ ASN1_SEQUENCE(ESS_CERT_ID) = { ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL) } static_ASN1_SEQUENCE_END(ESS_CERT_ID) -IMPLEMENT_ASN1_FUNCTIONS_const(ESS_CERT_ID) +IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID) ASN1_SEQUENCE(ESS_SIGNING_CERT) = { @@ -36,7 +36,7 @@ ASN1_SEQUENCE(ESS_SIGNING_CERT) = { ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT, policy_info, POLICYINFO) } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT) -IMPLEMENT_ASN1_FUNCTIONS_const(ESS_SIGNING_CERT) +IMPLEMENT_ASN1_FUNCTIONS(ESS_SIGNING_CERT) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT) ASN1_SEQUENCE(ESS_CERT_ID_V2) = { @@ -45,7 +45,7 @@ ASN1_SEQUENCE(ESS_CERT_ID_V2) = { ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL) } static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2) -IMPLEMENT_ASN1_FUNCTIONS_const(ESS_CERT_ID_V2) +IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2) ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = { @@ -53,5 +53,5 @@ ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = { ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT_V2, policy_info, POLICYINFO) } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT_V2) -IMPLEMENT_ASN1_FUNCTIONS_const(ESS_SIGNING_CERT_V2) +IMPLEMENT_ASN1_FUNCTIONS(ESS_SIGNING_CERT_V2) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2) diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index 3519e3b..ab80267 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -134,7 +134,7 @@ void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx) OPENSSL_free(ctx); } -int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx) +int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, const EVP_ENCODE_CTX *sctx) { memcpy(dctx, sctx, sizeof(EVP_ENCODE_CTX)); diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 752925f..bffe2b3 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -58,7 +58,7 @@ EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) /* Turn a private key into a PKCS8 structure */ -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) +PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey) { PKCS8_PRIV_KEY_INFO *p8 = PKCS8_PRIV_KEY_INFO_new(); if (p8 == NULL) { diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index 0c04643..2f46277 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -48,7 +48,7 @@ void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx) OPENSSL_free(ctx); } -int EVP_MAC_CTX_copy(EVP_MAC_CTX *dst, EVP_MAC_CTX *src) +int EVP_MAC_CTX_copy(EVP_MAC_CTX *dst, const EVP_MAC_CTX *src) { EVP_MAC_IMPL *macdata; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 5f599ab..9a882e9 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -460,7 +460,7 @@ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) return ret; } -RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) +RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY); @@ -487,7 +487,7 @@ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) return ret; } -DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey) +DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DSA) { EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY); @@ -515,7 +515,7 @@ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) return ret; } -EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) +EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); @@ -543,7 +543,7 @@ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) return ret; } -DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey) +DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) { EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY); diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c index 3f6aa1c..858ca28 100644 --- a/crypto/evp/pkey_mac.c +++ b/crypto/evp/pkey_mac.c @@ -71,7 +71,7 @@ static int pkey_mac_init(EVP_PKEY_CTX *ctx) static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx); -static int pkey_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) { MAC_PKEY_CTX *sctx, *dctx; diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 51700bf..28fa047 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -250,7 +250,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) return int_ctx_new(NULL, e, id); } -EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) +EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx) { EVP_PKEY_CTX *rctx; if (!pctx->pmeth || !pctx->pmeth->copy) @@ -472,7 +472,7 @@ void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data) ctx->data = data; } -void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx) +void *EVP_PKEY_CTX_get_data(const EVP_PKEY_CTX *ctx) { return ctx->data; } @@ -505,7 +505,7 @@ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy) (EVP_PKEY_CTX *dst, - EVP_PKEY_CTX *src)) + const EVP_PKEY_CTX *src)) { pmeth->copy = copy; } @@ -675,7 +675,7 @@ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth, int (**pcopy) (EVP_PKEY_CTX *dst, - EVP_PKEY_CTX *src)) + const EVP_PKEY_CTX *src)) { *pcopy = pmeth->copy; } diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index dc75fe9..e55c1d9 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -44,7 +44,7 @@ struct evp_pkey_method_st { int pkey_id; int flags; int (*init) (EVP_PKEY_CTX *ctx); - int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); + int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src); void (*cleanup) (EVP_PKEY_CTX *ctx); int (*paramgen_init) (EVP_PKEY_CTX *ctx); int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); diff --git a/crypto/ocsp/v3_ocsp.c b/crypto/ocsp/v3_ocsp.c index c43bfc3..c58fa07 100644 --- a/crypto/ocsp/v3_ocsp.c +++ b/crypto/ocsp/v3_ocsp.c @@ -28,7 +28,7 @@ static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent); static void *ocsp_nonce_new(void); -static int i2d_ocsp_nonce(void *a, unsigned char **pp); +static int i2d_ocsp_nonce(const void *a, unsigned char **pp); static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); static void ocsp_nonce_free(void *a); static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, @@ -170,9 +170,9 @@ static void *ocsp_nonce_new(void) return ASN1_OCTET_STRING_new(); } -static int i2d_ocsp_nonce(void *a, unsigned char **pp) +static int i2d_ocsp_nonce(const void *a, unsigned char **pp) { - ASN1_OCTET_STRING *os = a; + const ASN1_OCTET_STRING *os = a; if (pp) { memcpy(*pp, os->data, os->length); *pp += os->length; diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c index 8372211..d8bb9bb 100644 --- a/crypto/pem/pem_pk8.c +++ b/crypto/pem/pem_pk8.c @@ -16,12 +16,12 @@ #include #include -static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, +static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); #ifndef OPENSSL_NO_STDIO -static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder, +static int do_pk8pkey_fp(FILE *bp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); #endif @@ -32,35 +32,35 @@ static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder, * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0. */ -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, +int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u); } -int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, +int PEM_write_bio_PKCS8PrivateKey(BIO *bp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u); } -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, +int i2d_PKCS8PrivateKey_bio(BIO *bp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u); } -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, +int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u); } -static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, +static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) { @@ -147,34 +147,34 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, #ifndef OPENSSL_NO_STDIO -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, +int i2d_PKCS8PrivateKey_fp(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u); } -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, +int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u); } -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, +int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u); } -int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, +int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) { return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u); } -static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, +static int do_pk8pkey_fp(FILE *fp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u) { diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 2c315c2..9e792d4 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -219,13 +219,13 @@ char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen) return asctmp; } -int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12) +int i2d_PKCS12_bio(BIO *bp, const PKCS12 *p12) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12); } #ifndef OPENSSL_NO_STDIO -int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) +int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12); } diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 6379e63..181fb5a 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -544,6 +544,7 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) return 1; } +/* unfortunately cannot constify BIO_new_NDEF() due to this and CMS_stream() */ int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) { ASN1_OCTET_STRING *os = NULL; diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c index 853d769..ad9d8b3 100644 --- a/crypto/rsa/rsa_asn1.c +++ b/crypto/rsa/rsa_asn1.c @@ -106,16 +106,16 @@ ASN1_SEQUENCE_cb(RSA_OAEP_PARAMS, rsa_oaep_cb) = { IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPrivateKey, RSAPrivateKey) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPublicKey, RSAPublicKey) -RSA *RSAPublicKey_dup(RSA *rsa) +RSA *RSAPublicKey_dup(const RSA *rsa) { return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa); } -RSA *RSAPrivateKey_dup(RSA *rsa) +RSA *RSAPrivateKey_dup(const RSA *rsa) { return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa); } diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 3bb500c..2295fa5 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -70,7 +70,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx) return 1; } -static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +static int pkey_rsa_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) { RSA_PKEY_CTX *dctx, *sctx; diff --git a/crypto/sm2/sm2_pmeth.c b/crypto/sm2/sm2_pmeth.c index 5ca430f..fecdc28 100644 --- a/crypto/sm2/sm2_pmeth.c +++ b/crypto/sm2/sm2_pmeth.c @@ -54,7 +54,7 @@ static void pkey_sm2_cleanup(EVP_PKEY_CTX *ctx) } } -static int pkey_sm2_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) +static int pkey_sm2_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) { SM2_PKEY_CTX *dctx, *sctx; diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c index 5a58841..52ac2aa 100644 --- a/crypto/ts/ts_asn1.c +++ b/crypto/ts/ts_asn1.c @@ -17,7 +17,7 @@ ASN1_SEQUENCE(TS_MSG_IMPRINT) = { ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING) } static_ASN1_SEQUENCE_END(TS_MSG_IMPRINT) -IMPLEMENT_ASN1_FUNCTIONS_const(TS_MSG_IMPRINT) +IMPLEMENT_ASN1_FUNCTIONS(TS_MSG_IMPRINT) IMPLEMENT_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT) TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a) { @@ -25,9 +25,9 @@ TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a) d2i_TS_MSG_IMPRINT, bp, a); } -int i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a) +int i2d_TS_MSG_IMPRINT_bio(BIO *bp, const TS_MSG_IMPRINT *a) { - return ASN1_i2d_bio_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, bp, a); + return ASN1_i2d_bio_of(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, bp, a); } #ifndef OPENSSL_NO_STDIO TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a) @@ -36,9 +36,9 @@ TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a) d2i_TS_MSG_IMPRINT, fp, a); } -int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a) +int i2d_TS_MSG_IMPRINT_fp(FILE *fp, const TS_MSG_IMPRINT *a) { - return ASN1_i2d_fp_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, fp, a); + return ASN1_i2d_fp_of(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, fp, a); } #endif @@ -51,16 +51,16 @@ ASN1_SEQUENCE(TS_REQ) = { ASN1_IMP_SEQUENCE_OF_OPT(TS_REQ, extensions, X509_EXTENSION, 0) } static_ASN1_SEQUENCE_END(TS_REQ) -IMPLEMENT_ASN1_FUNCTIONS_const(TS_REQ) +IMPLEMENT_ASN1_FUNCTIONS(TS_REQ) IMPLEMENT_ASN1_DUP_FUNCTION(TS_REQ) TS_REQ *d2i_TS_REQ_bio(BIO *bp, TS_REQ **a) { return ASN1_d2i_bio_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, bp, a); } -int i2d_TS_REQ_bio(BIO *bp, TS_REQ *a) +int i2d_TS_REQ_bio(BIO *bp, const TS_REQ *a) { - return ASN1_i2d_bio_of_const(TS_REQ, i2d_TS_REQ, bp, a); + return ASN1_i2d_bio_of(TS_REQ, i2d_TS_REQ, bp, a); } #ifndef OPENSSL_NO_STDIO TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a) @@ -68,9 +68,9 @@ TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a) return ASN1_d2i_fp_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, fp, a); } -int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a) +int i2d_TS_REQ_fp(FILE *fp, const TS_REQ *a) { - return ASN1_i2d_fp_of_const(TS_REQ, i2d_TS_REQ, fp, a); + return ASN1_i2d_fp_of(TS_REQ, i2d_TS_REQ, fp, a); } #endif @@ -80,7 +80,7 @@ ASN1_SEQUENCE(TS_ACCURACY) = { ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1) } static_ASN1_SEQUENCE_END(TS_ACCURACY) -IMPLEMENT_ASN1_FUNCTIONS_const(TS_ACCURACY) +IMPLEMENT_ASN1_FUNCTIONS(TS_ACCURACY) IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY) ASN1_SEQUENCE(TS_TST_INFO) = { @@ -96,7 +96,7 @@ ASN1_SEQUENCE(TS_TST_INFO) = { ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1) } static_ASN1_SEQUENCE_END(TS_TST_INFO) -IMPLEMENT_ASN1_FUNCTIONS_const(TS_TST_INFO) +IMPLEMENT_ASN1_FUNCTIONS(TS_TST_INFO) IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO) TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) { @@ -104,9 +104,9 @@ TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) a); } -int i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a) +int i2d_TS_TST_INFO_bio(BIO *bp, const TS_TST_INFO *a) { - return ASN1_i2d_bio_of_const(TS_TST_INFO, i2d_TS_TST_INFO, bp, a); + return ASN1_i2d_bio_of(TS_TST_INFO, i2d_TS_TST_INFO, bp, a); } #ifndef OPENSSL_NO_STDIO TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a) @@ -115,9 +115,9 @@ TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a) a); } -int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a) +int i2d_TS_TST_INFO_fp(FILE *fp, const TS_TST_INFO *a) { - return ASN1_i2d_fp_of_const(TS_TST_INFO, i2d_TS_TST_INFO, fp, a); + return ASN1_i2d_fp_of(TS_TST_INFO, i2d_TS_TST_INFO, fp, a); } #endif @@ -127,7 +127,7 @@ ASN1_SEQUENCE(TS_STATUS_INFO) = { ASN1_OPT(TS_STATUS_INFO, failure_info, ASN1_BIT_STRING) } static_ASN1_SEQUENCE_END(TS_STATUS_INFO) -IMPLEMENT_ASN1_FUNCTIONS_const(TS_STATUS_INFO) +IMPLEMENT_ASN1_FUNCTIONS(TS_STATUS_INFO) IMPLEMENT_ASN1_DUP_FUNCTION(TS_STATUS_INFO) static int ts_resp_set_tst_info(TS_RESP *a) @@ -176,7 +176,7 @@ ASN1_SEQUENCE_cb(TS_RESP, ts_resp_cb) = { ASN1_OPT(TS_RESP, token, PKCS7), } static_ASN1_SEQUENCE_END_cb(TS_RESP, TS_RESP) -IMPLEMENT_ASN1_FUNCTIONS_const(TS_RESP) +IMPLEMENT_ASN1_FUNCTIONS(TS_RESP) IMPLEMENT_ASN1_DUP_FUNCTION(TS_RESP) @@ -185,9 +185,9 @@ TS_RESP *d2i_TS_RESP_bio(BIO *bp, TS_RESP **a) return ASN1_d2i_bio_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, bp, a); } -int i2d_TS_RESP_bio(BIO *bp, TS_RESP *a) +int i2d_TS_RESP_bio(BIO *bp, const TS_RESP *a) { - return ASN1_i2d_bio_of_const(TS_RESP, i2d_TS_RESP, bp, a); + return ASN1_i2d_bio_of(TS_RESP, i2d_TS_RESP, bp, a); } #ifndef OPENSSL_NO_STDIO TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a) @@ -195,9 +195,9 @@ TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a) return ASN1_d2i_fp_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, fp, a); } -int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a) +int i2d_TS_RESP_fp(FILE *fp, const TS_RESP *a) { - return ASN1_i2d_fp_of_const(TS_RESP, i2d_TS_RESP, fp, a); + return ASN1_i2d_fp_of(TS_RESP, i2d_TS_RESP, fp, a); } #endif diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 5fb3a59..dca138c 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -112,7 +112,7 @@ X509 *d2i_X509_fp(FILE *fp, X509 **x509) return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509); } -int i2d_X509_fp(FILE *fp, X509 *x509) +int i2d_X509_fp(FILE *fp, const X509 *x509) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509); } @@ -123,7 +123,7 @@ X509 *d2i_X509_bio(BIO *bp, X509 **x509) return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509); } -int i2d_X509_bio(BIO *bp, X509 *x509) +int i2d_X509_bio(BIO *bp, const X509 *x509) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509); } @@ -134,7 +134,7 @@ X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); } -int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) +int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl); } @@ -145,7 +145,7 @@ X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); } -int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) +int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl); } @@ -156,7 +156,7 @@ PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); } -int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) +int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7); } @@ -167,7 +167,7 @@ PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); } -int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) +int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7); } @@ -178,7 +178,7 @@ X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); } -int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) +int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req); } @@ -189,7 +189,7 @@ X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); } -int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) +int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req); } @@ -202,7 +202,7 @@ RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); } -int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) +int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa); } @@ -219,12 +219,12 @@ RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) (void **)rsa); } -int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) +int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa) { return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa); } -int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) +int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa) { return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa); } @@ -235,7 +235,7 @@ RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); } -int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) +int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa); } @@ -250,12 +250,12 @@ RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa); } -int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) +int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa); } -int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) +int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa) { return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa); } @@ -268,9 +268,9 @@ DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa); } -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) +int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa) { - return ASN1_i2d_fp_of_const(DSA, i2d_DSAPrivateKey, fp, dsa); + return ASN1_i2d_fp_of(DSA, i2d_DSAPrivateKey, fp, dsa); } DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) @@ -278,7 +278,7 @@ DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa); } -int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) +int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa) { return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa); } @@ -289,9 +289,9 @@ DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa); } -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) +int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa) { - return ASN1_i2d_bio_of_const(DSA, i2d_DSAPrivateKey, bp, dsa); + return ASN1_i2d_bio_of(DSA, i2d_DSAPrivateKey, bp, dsa); } DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) @@ -299,7 +299,7 @@ DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa); } -int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) +int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa) { return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa); } @@ -313,7 +313,7 @@ EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey); } -int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey) +int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey) { return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey); } @@ -323,7 +323,7 @@ EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey); } -int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) +int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey) { return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey); } @@ -333,7 +333,7 @@ EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey); } -int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa) +int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *ecdsa) { return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa); } @@ -343,7 +343,7 @@ EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey); } -int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) +int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey) { return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey); } @@ -415,7 +415,7 @@ X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8); } -int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) +int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8) { return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8); } @@ -426,7 +426,7 @@ X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8); } -int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) +int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8) { return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8); } @@ -439,13 +439,13 @@ PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf); } -int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) +int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf) { return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp, p8inf); } -int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) +int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key) { PKCS8_PRIV_KEY_INFO *p8inf; int ret; @@ -457,7 +457,7 @@ int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) return ret; } -int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) +int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey) { return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey); } @@ -467,7 +467,7 @@ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a); } -int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) +int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey) { return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey); } @@ -486,13 +486,13 @@ PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf); } -int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) +int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf) { return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp, p8inf); } -int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) +int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key) { PKCS8_PRIV_KEY_INFO *p8inf; int ret; @@ -504,7 +504,7 @@ int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) return ret; } -int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) +int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey) { return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey); } @@ -514,7 +514,7 @@ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a); } -int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) +int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey) { return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey); } diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index 53bbf72..8fd6566 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -28,7 +28,7 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, +static int x509_name_ex_i2d(const ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it); static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); @@ -36,10 +36,10 @@ static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); static int x509_name_encode(X509_NAME *a); static int x509_name_canon(X509_NAME *a); static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in); -static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname, +static int i2d_name_canon(const STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname, unsigned char **in); -static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, +static int x509_name_ex_print(BIO *out, const ASN1_VALUE **pval, int indent, const char *fname, const ASN1_PCTX *pctx); @@ -156,6 +156,7 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, int i, j, ret; STACK_OF(X509_NAME_ENTRY) *entries; X509_NAME_ENTRY *entry; + if (len > X509_NAME_MAX) len = X509_NAME_MAX; q = p; @@ -207,11 +208,12 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, return 0; } -static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, +static int x509_name_ex_i2d(const ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) { int ret; X509_NAME *a = (X509_NAME *)*val; + if (a->modified) { ret = x509_name_encode(a); if (ret < 0) @@ -232,7 +234,7 @@ static int x509_name_encode(X509_NAME *a) { union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; - ASN1_VALUE *a; + const ASN1_VALUE *a; } intname = { NULL }; @@ -241,6 +243,7 @@ static int x509_name_encode(X509_NAME *a) STACK_OF(X509_NAME_ENTRY) *entries = NULL; X509_NAME_ENTRY *entry; int i, set = -1; + intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null(); if (!intname.s) goto memerr; @@ -277,7 +280,7 @@ static int x509_name_encode(X509_NAME *a) return -1; } -static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, +static int x509_name_ex_print(BIO *out, const ASN1_VALUE **pval, int indent, const char *fname, const ASN1_PCTX *pctx) { @@ -460,11 +463,11 @@ static int asn1_string_canon(ASN1_STRING *out, const ASN1_STRING *in) } -static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, +static int i2d_name_canon(const STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, unsigned char **in) { int i, len, ltmp; - ASN1_VALUE *v; + const ASN1_VALUE *v; STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname; len = 0; @@ -479,14 +482,16 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname, return len; } -int X509_NAME_set(X509_NAME **xn, X509_NAME *name) +int X509_NAME_set(X509_NAME **xn, const X509_NAME *name) { + X509_NAME *name_copy; + if (*xn == name) return *xn != NULL; - if ((name = X509_NAME_dup(name)) == NULL) + if ((name_copy = X509_NAME_dup(name)) == NULL) return 0; X509_NAME_free(*xn); - *xn = name; + *xn = name_copy; return 1; } diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index be42684..eb5ea27 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -57,6 +57,7 @@ ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) +/* TODO should better be called X509_PUBKEY_set1 */ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { X509_PUBKEY *pk = NULL; @@ -67,7 +68,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) if ((pk = X509_PUBKEY_new()) == NULL) goto error; - if (pkey->ameth) { + if (pkey != NULL && pkey->ameth) { if (pkey->ameth->pub_encode) { if (!pkey->ameth->pub_encode(pk, pkey)) { X509err(X509_F_X509_PUBKEY_SET, @@ -86,8 +87,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) X509_PUBKEY_free(*x); *x = pk; pk->pkey = pkey; - EVP_PKEY_up_ref(pkey); - return 1; + return EVP_PKEY_up_ref(pkey); error: X509_PUBKEY_free(pk); @@ -200,15 +200,22 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) return pktmp; } -int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) +int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp) { X509_PUBKEY *xpk = NULL; - int ret; - if (!a) + int ret = -1; + + if (a == NULL) return 0; - if (!X509_PUBKEY_set(&xpk, a)) + if ((xpk = X509_PUBKEY_new()) == NULL) return -1; + if (a->ameth != NULL && a->ameth->pub_encode != NULL + && !a->ameth->pub_encode(xpk, a)) + goto error; + xpk->pkey = (EVP_PKEY *)a; ret = i2d_X509_PUBKEY(xpk, pp); + xpk->pkey = NULL; + error: X509_PUBKEY_free(xpk); return ret; } @@ -238,7 +245,7 @@ RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) return key; } -int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) +int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) { EVP_PKEY *pktmp; int ret; @@ -249,8 +256,9 @@ int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); return -1; } - EVP_PKEY_set1_RSA(pktmp, a); + (void)EVP_PKEY_assign_RSA(pktmp, (RSA *)a); ret = i2d_PUBKEY(pktmp, pp); + pktmp->pkey.ptr = NULL; EVP_PKEY_free(pktmp); return ret; } @@ -278,7 +286,7 @@ DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) return key; } -int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) +int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp) { EVP_PKEY *pktmp; int ret; @@ -289,8 +297,9 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); return -1; } - EVP_PKEY_set1_DSA(pktmp, a); + (void)EVP_PKEY_assign_DSA(pktmp, (DSA *)a); ret = i2d_PUBKEY(pktmp, pp); + pktmp->pkey.ptr = NULL; EVP_PKEY_free(pktmp); return ret; } @@ -318,7 +327,7 @@ EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) return key; } -int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) +int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp) { EVP_PKEY *pktmp; int ret; @@ -328,8 +337,9 @@ int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); return -1; } - EVP_PKEY_set1_EC_KEY(pktmp, a); + (void)EVP_PKEY_assign_EC_KEY(pktmp, (EC_KEY *)a); ret = i2d_PUBKEY(pktmp, pp); + pktmp->pkey.ptr = NULL; EVP_PKEY_free(pktmp); return ret; } diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index bf0270e..54d015b 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -107,7 +107,6 @@ ASN1_SEQUENCE_ref(X509, x509_cb) = { } ASN1_SEQUENCE_END_ref(X509, X509) IMPLEMENT_ASN1_FUNCTIONS(X509) - IMPLEMENT_ASN1_DUP_FUNCTION(X509) int X509_set_ex_data(X509 *r, int idx, void *arg) @@ -163,7 +162,7 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) * error path, but that depends on similar hygiene in lower-level functions. * Here we avoid compounding the problem. */ -static int i2d_x509_aux_internal(X509 *a, unsigned char **pp) +static int i2d_x509_aux_internal(const X509 *a, unsigned char **pp) { int length, tmplen; unsigned char *start = pp != NULL ? *pp : NULL; @@ -197,7 +196,7 @@ static int i2d_x509_aux_internal(X509 *a, unsigned char **pp) * the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the * allocated buffer. */ -int i2d_X509_AUX(X509 *a, unsigned char **pp) +int i2d_X509_AUX(const X509 *a, unsigned char **pp) { int length; unsigned char *tmp; diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c index b52735f..1815d59 100644 --- a/crypto/x509v3/v3_genn.c +++ b/crypto/x509v3/v3_genn.c @@ -50,7 +50,7 @@ ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) -GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) +GENERAL_NAME *GENERAL_NAME_dup(const GENERAL_NAME *a) { return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME, (d2i_of_void *)d2i_GENERAL_NAME, diff --git a/doc/man3/ASN1_STRING_length.pod b/doc/man3/ASN1_STRING_length.pod index e726083..86eb835 100644 --- a/doc/man3/ASN1_STRING_length.pod +++ b/doc/man3/ASN1_STRING_length.pod @@ -14,7 +14,7 @@ ASN1_STRING_to_UTF8 - ASN1_STRING utility functions const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x); unsigned char * ASN1_STRING_data(ASN1_STRING *x); - ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a); + ASN1_STRING * ASN1_STRING_dup(const ASN1_STRING *a); int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod index 5b35156..1bab6d1 100644 --- a/doc/man3/EVP_PKEY_CTX_ctrl.pod +++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod @@ -74,7 +74,8 @@ EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd); - int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len); + int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key, + int len); #include diff --git a/doc/man3/EVP_PKEY_CTX_new.pod b/doc/man3/EVP_PKEY_CTX_new.pod index a556289..37f08e7 100644 --- a/doc/man3/EVP_PKEY_CTX_new.pod +++ b/doc/man3/EVP_PKEY_CTX_new.pod @@ -10,7 +10,7 @@ EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - pub EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); - EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); + EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); =head1 DESCRIPTION diff --git a/doc/man3/EVP_PKEY_set1_RSA.pod b/doc/man3/EVP_PKEY_set1_RSA.pod index 868e337..6363162 100644 --- a/doc/man3/EVP_PKEY_set1_RSA.pod +++ b/doc/man3/EVP_PKEY_set1_RSA.pod @@ -28,10 +28,10 @@ EVP_PKEY_set1_engine - EVP_PKEY assignment functions const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len); const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len); const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len); - RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); - DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); - DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey); - EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey); + RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey); + DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey); + DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey); + EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey); int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key); int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key); diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index 54dc27e..a5a63c4 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -36,7 +36,7 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines pem_password_cb *cb, void *u); EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); - int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, + int PEM_write_bio_PrivateKey(BIO *bp, const EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u); int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, @@ -46,17 +46,16 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); - int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, + int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); - int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, + int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); diff --git a/doc/man3/SSL_SESSION_free.pod b/doc/man3/SSL_SESSION_free.pod index 10fc8e9..74c6ec2 100644 --- a/doc/man3/SSL_SESSION_free.pod +++ b/doc/man3/SSL_SESSION_free.pod @@ -12,7 +12,7 @@ SSL_SESSION_free - create, free and manage SSL_SESSION structures #include SSL_SESSION *SSL_SESSION_new(void); - SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src); + SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src); int SSL_SESSION_up_ref(SSL_SESSION *ses); void SSL_SESSION_free(SSL_SESSION *session); diff --git a/doc/man3/SSL_new.pod b/doc/man3/SSL_new.pod index 9fef643..9ca9941 100644 --- a/doc/man3/SSL_new.pod +++ b/doc/man3/SSL_new.pod @@ -26,7 +26,8 @@ structure are freed. SSL_up_ref() increments the reference count for an existing B structure. -SSL_dup() duplicates an existing B structure into a new allocated one. All +SSL_dup() duplicates an existing B structure into a new allocated one +or just increments the reference count if the connection is active. All settings are inherited from the original B structure. Dynamic data (i.e. existing connection details) are not copied, the new B is set into an initial accept (server) or connect (client) state. diff --git a/doc/man3/X509_PUBKEY_new.pod b/doc/man3/X509_PUBKEY_new.pod index 88e08ed..2d65be6 100644 --- a/doc/man3/X509_PUBKEY_new.pod +++ b/doc/man3/X509_PUBKEY_new.pod @@ -19,13 +19,13 @@ X509_PUBKEY_get0_param - SubjectPublicKeyInfo public key functions EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key); EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length); - int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp); + int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp); EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); - int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); - int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); + int i2d_PUBKEY_fp(const FILE *fp, EVP_PKEY *pkey); + int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey); int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype, void *pval, diff --git a/doc/man3/X509_dup.pod b/doc/man3/X509_dup.pod index fd5c054..8ad7648 100644 --- a/doc/man3/X509_dup.pod +++ b/doc/man3/X509_dup.pod @@ -259,7 +259,7 @@ X509_dup, extern const ASN1_ITEM TYPE_it; TYPE *TYPE_new(void); - TYPE *TYPE_dup(TYPE *a); + TYPE *TYPE_dup(const TYPE *a); void TYPE_free(TYPE *a); int TYPE_print_ctx(BIO *out, TYPE *a, int indent, const ASN1_PCTX *pctx); @@ -285,7 +285,7 @@ to generate the function bodies. TYPE_new() allocates an empty object of the indicated type. The object returned must be released by calling TYPE_free(). -TYPE_dup() copies an existing object. +TYPE_dup() copies an existing object, leaving it untouched. TYPE_free() releases the object and all pointers and sub-objects within it. diff --git a/doc/man3/d2i_PKCS8PrivateKey_bio.pod b/doc/man3/d2i_PKCS8PrivateKey_bio.pod index 68da982..5b5371b 100644 --- a/doc/man3/d2i_PKCS8PrivateKey_bio.pod +++ b/doc/man3/d2i_PKCS8PrivateKey_bio.pod @@ -13,19 +13,19 @@ i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u); EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); - int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, + int i2d_PKCS8PrivateKey_bio(BIO *bp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); - int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, + int i2d_PKCS8PrivateKey_fp(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); - int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, + int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); - int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, + int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); diff --git a/doc/man3/d2i_PrivateKey.pod b/doc/man3/d2i_PrivateKey.pod index eab98b3..0bce594 100644 --- a/doc/man3/d2i_PrivateKey.pod +++ b/doc/man3/d2i_PrivateKey.pod @@ -17,8 +17,8 @@ d2i_PrivateKey_bio, d2i_PrivateKey_fp long length); EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); - int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); - int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); + int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp); + int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp); EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) diff --git a/doc/man3/d2i_X509.pod b/doc/man3/d2i_X509.pod index 23dc73c..cad7877 100644 --- a/doc/man3/d2i_X509.pod +++ b/doc/man3/d2i_X509.pod @@ -368,8 +368,11 @@ i2d_X509_VAL, TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a); TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a); + int i2d_TYPE(const TYPE *a, unsigned char **ppout); int i2d_TYPE(TYPE *a, unsigned char **ppout); + int i2d_TYPE_fp(FILE *fp, const TYPE *a); int i2d_TYPE_fp(FILE *fp, TYPE *a); + int i2d_TYPE_bio(BIO *bp, const TYPE *a); int i2d_TYPE_bio(BIO *bp, TYPE *a); =head1 DESCRIPTION diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h index 5a635ad..3790c6b 100644 --- a/include/openssl/asn1.h +++ b/include/openssl/asn1.h @@ -221,43 +221,41 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; # define DECLARE_ASN1_FUNCTIONS_name(type, name) \ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) - -# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) + DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name) # define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(type *a, unsigned char **out); \ + DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \ DECLARE_ASN1_ITEM(itname) -# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ +# define DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) + +# define DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \ type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(const type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(name) + int i2d_##name(const type *a, unsigned char **out); # define DECLARE_ASN1_NDEF_FUNCTION(name) \ - int i2d_##name##_NDEF(name *a, unsigned char **out); - -# define DECLARE_ASN1_FUNCTIONS_const(name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) + int i2d_##name##_NDEF(const name *a, unsigned char **out); # define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ type *name##_new(void); \ void name##_free(type *a); +# define DECLARE_ASN1_DUP_FUNCTION(type) \ + DECLARE_ASN1_DUP_FUNCTION_name(type, type) + +# define DECLARE_ASN1_DUP_FUNCTION_name(type, name) \ + type *name##_dup(const type *a); + # define DECLARE_ASN1_PRINT_FUNCTION(stname) \ DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) # define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ + int fname##_print_ctx(BIO *out, const stname *x, int indent, \ const ASN1_PCTX *pctx); # define D2I_OF(type) type *(*)(type **,const unsigned char **,long) -# define I2D_OF(type) int (*)(type *,unsigned char **) -# define I2D_OF_const(type) int (*)(const type *,unsigned char **) +# define I2D_OF(type) int (*)(const type *,unsigned char **) # define CHECKED_D2I_OF(type, d2i) \ ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) @@ -271,7 +269,7 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; ((void**) (1 ? p : (type**)0)) # define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) -# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) +# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(const type *,unsigned char **) # define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) TYPEDEF_D2I2D_OF(void); @@ -476,8 +474,8 @@ DEFINE_STACK_OF(ASN1_TYPE) typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(ASN1_SEQUENCE_ANY, ASN1_SET_ANY) /* This is used to contain a list of bit names */ typedef struct BIT_STRING_BITNAME_st { @@ -515,7 +513,8 @@ typedef struct BIT_STRING_BITNAME_st { B_ASN1_BMPSTRING|\ B_ASN1_UTF8STRING -DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) +DECLARE_ASN1_ALLOC_FUNCTIONS_name(ASN1_TYPE, ASN1_TYPE) +DECLARE_ASN1_ENCODE_FUNCTIONS(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) int ASN1_TYPE_get(const ASN1_TYPE *a); void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); @@ -525,21 +524,14 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t); void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t); -ASN1_OBJECT *ASN1_OBJECT_new(void); -void ASN1_OBJECT_free(ASN1_OBJECT *a); -int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp); -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); - -DECLARE_ASN1_ITEM(ASN1_OBJECT) - +DECLARE_ASN1_FUNCTIONS(ASN1_OBJECT) DEFINE_STACK_OF(ASN1_OBJECT) ASN1_STRING *ASN1_STRING_new(void); void ASN1_STRING_free(ASN1_STRING *a); void ASN1_STRING_clear_free(ASN1_STRING *a); int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); -ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); +DECLARE_ASN1_DUP_FUNCTION(ASN1_STRING) ASN1_STRING *ASN1_STRING_type_new(int type); int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); /* @@ -570,7 +562,7 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value, DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length); -ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x); +DECLARE_ASN1_DUP_FUNCTION(ASN1_INTEGER) int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) @@ -594,7 +586,7 @@ int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, const ASN1_TIME *to); DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) -ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); +DECLARE_ASN1_DUP_FUNCTION(ASN1_OCTET_STRING) int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b); int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, @@ -685,19 +677,14 @@ int ASN1_put_eoc(unsigned char **pp); int ASN1_object_size(int constructed, int length, int tag); /* Used to implement other functions */ -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); +void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x); # define ASN1_dup_of(type,i2d,d2i,x) \ ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ CHECKED_D2I_OF(type, d2i), \ - CHECKED_PTR_OF(type, x))) - -# define ASN1_dup_of_const(type,i2d,d2i,x) \ - ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \ - CHECKED_D2I_OF(type, d2i), \ CHECKED_PTR_OF(const type, x))) -void *ASN1_item_dup(const ASN1_ITEM *it, void *x); +void *ASN1_item_dup(const ASN1_ITEM *it, const void *x); /* ASN1 alloc/free macros for when a type is only used internally */ @@ -715,19 +702,14 @@ void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x); CHECKED_PPTR_OF(type, x))) void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); -int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x); +int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, const void *x); # define ASN1_i2d_fp_of(type,i2d,out,x) \ (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ out, \ - CHECKED_PTR_OF(type, x))) - -# define ASN1_i2d_fp_of_const(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ - out, \ CHECKED_PTR_OF(const type, x))) -int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); +int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, const void *x); int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags); # endif @@ -742,19 +724,14 @@ void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x); CHECKED_PPTR_OF(type, x))) void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x); +int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x); # define ASN1_i2d_bio_of(type,i2d,out,x) \ (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ out, \ - CHECKED_PTR_OF(type, x))) - -# define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ - out, \ CHECKED_PTR_OF(const type, x))) -int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); +int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x); int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); @@ -807,8 +784,8 @@ ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); -int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); -int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, +int ASN1_item_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); +int ASN1_item_ndef_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); void ASN1_add_oid_module(void); @@ -839,7 +816,7 @@ int ASN1_str2mask(const char *str, unsigned long *pmask); /* Don't show structure name even at top level */ # define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 -int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, +int ASN1_item_print(BIO *out, const ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it, const ASN1_PCTX *pctx); ASN1_PCTX *ASN1_PCTX_new(void); void ASN1_PCTX_free(ASN1_PCTX *p); @@ -864,12 +841,14 @@ void *ASN1_SCTX_get_app_data(ASN1_SCTX *p); const BIO_METHOD *BIO_f_asn1(void); +/* cannot constify val because of CMS_stream() */ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const ASN1_ITEM *it); int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const char *hdr, const ASN1_ITEM *it); +/* cannot constify val because of CMS_dataFinal() */ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it); @@ -880,6 +859,18 @@ int SMIME_text(BIO *in, BIO *out); const ASN1_ITEM *ASN1_ITEM_lookup(const char *name); const ASN1_ITEM *ASN1_ITEM_get(size_t i); +/* Legacy compatibility */ +# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) +# define DECLARE_ASN1_FUNCTIONS_const(type) DECLARE_ASN1_FUNCTIONS(type) +# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS(type, name) +# define I2D_OF_const(type) I2D_OF(type) +# define ASN1_dup_of_const(type,i2d,d2i,x) ASN1_dup_of(type,i2d,d2i,x) +# define ASN1_i2d_fp_of_const(type,i2d,out,x) ASN1_i2d_fp_of(type,i2d,out,x) +# define ASN1_i2d_bio_of_const(type,i2d,out,x) ASN1_i2d_bio_of(type,i2d,out,x) + # ifdef __cplusplus } # endif diff --git a/include/openssl/asn1t.h b/include/openssl/asn1t.h index 06d85e4..1a836c9 100644 --- a/include/openssl/asn1t.h +++ b/include/openssl/asn1t.h @@ -152,19 +152,29 @@ extern "C" { ASN1_SEQUENCE_cb(tname, cb) # define ASN1_SEQUENCE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0, NULL}; \ + ASN1_SEQUENCE(tname) + +# define ASN1_SEQUENCE_const_cb(tname, const_cb) \ + static const ASN1_AUX tname##_aux = \ + {NULL, ASN1_AFLG_CONST_CB, 0, 0, NULL, 0, const_cb}; \ + ASN1_SEQUENCE(tname) + +# define ASN1_SEQUENCE_cb_const_cb(tname, cb, const_cb) \ + static const ASN1_AUX tname##_aux = \ + {NULL, ASN1_AFLG_CONST_CB, 0, 0, cb, 0, const_cb}; \ ASN1_SEQUENCE(tname) # define ASN1_BROKEN_SEQUENCE(tname) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, NULL, 0, NULL}; \ ASN1_SEQUENCE(tname) # define ASN1_SEQUENCE_ref(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0, NULL}; \ ASN1_SEQUENCE(tname) # define ASN1_SEQUENCE_enc(tname, enc, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc), NULL}; \ ASN1_SEQUENCE(tname) # define ASN1_NDEF_SEQUENCE_END(tname) \ @@ -261,7 +271,7 @@ extern "C" { static const ASN1_TEMPLATE tname##_ch_tt[] # define ASN1_CHOICE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0, NULL}; \ ASN1_CHOICE(tname) # define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) @@ -661,21 +671,21 @@ typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, +typedef int ASN1_ex_i2d(const ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); -typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, +typedef int ASN1_ex_print_func(BIO *out, const ASN1_VALUE **pval, int indent, const char *fname, const ASN1_PCTX *pctx); -typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, +typedef int ASN1_primitive_i2c(const ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); -typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, +typedef int ASN1_primitive_print(BIO *out, const ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); @@ -711,10 +721,16 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st { * error has occurred and the main operation should be abandoned. If major * changes in the default behaviour are required then an external type is * more appropriate. + * For the operations ASN1_OP_I2D_PRE, ASN1_OP_I2D_POST, ASN1_OP_PRINT_PRE, and + * ASN1_OP_PRINT_POST, meanwhile a variant of the callback with const parameter + * 'in' is provided to make clear statically that its input is not modified. If + * and only if this variant is in use the flag ASN1_AFLG_CONST_CB must be set. */ typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it, void *exarg); +typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in, + const ASN1_ITEM *it, void *exarg); typedef struct ASN1_AUX_st { void *app_data; @@ -723,6 +739,7 @@ typedef struct ASN1_AUX_st { int ref_lock; /* Lock type to use */ ASN1_aux_cb *asn1_cb; int enc_offset; /* Offset of ASN1_ENCODING structure */ + ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */ } ASN1_AUX; /* For print related callbacks exarg points to this structure */ @@ -750,6 +767,8 @@ typedef struct ASN1_STREAM_ARG_st { # define ASN1_AFLG_ENCODING 2 /* The Sequence length is invalid */ # define ASN1_AFLG_BROKEN 4 +/* Use the new asn1_const_cb */ +# define ASN1_AFLG_CONST_CB 8 /* operation values for asn1_cb */ @@ -836,13 +855,13 @@ typedef struct ASN1_STREAM_ARG_st { { \ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ } \ - int i2d_##fname(stname *a, unsigned char **out) \ + int i2d_##fname(const stname *a, unsigned char **out) \ { \ return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ } # define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ - int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ + int i2d_##stname##_NDEF(const stname *a, unsigned char **out) \ { \ return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ } @@ -854,28 +873,14 @@ typedef struct ASN1_STREAM_ARG_st { return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, \ ASN1_ITEM_rptr(stname)); \ } \ - static int i2d_##stname(stname *a, unsigned char **out) \ + static int i2d_##stname(const stname *a, unsigned char **out) \ { \ return ASN1_item_i2d((ASN1_VALUE *)a, out, \ ASN1_ITEM_rptr(stname)); \ } -/* - * This includes evil casts to remove const: they will go away when full ASN1 - * constification is done. - */ -# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(const stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - # define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \ - stname * stname##_dup(stname *x) \ + stname * stname##_dup(const stname *x) \ { \ return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ } @@ -884,20 +889,13 @@ typedef struct ASN1_STREAM_ARG_st { IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) # define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ + int fname##_print_ctx(BIO *out, const stname *x, int indent, \ const ASN1_PCTX *pctx) \ { \ return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \ ASN1_ITEM_rptr(itname), pctx); \ } -# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ - IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) - -# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - /* external definitions for primitive types */ DECLARE_ASN1_ITEM(ASN1_BOOLEAN) @@ -936,9 +934,14 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, +int ASN1_item_ex_i2d(const ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); +/* Legacy compatibility */ +# define IMPLEMENT_ASN1_FUNCTIONS_const(name) IMPLEMENT_ASN1_FUNCTIONS(name) +# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) + #ifdef __cplusplus } #endif diff --git a/include/openssl/cms.h b/include/openssl/cms.h index 4838954..e8653d7 100644 --- a/include/openssl/cms.h +++ b/include/openssl/cms.h @@ -199,7 +199,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, const EVP_CIPHER *kekciph); int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); -int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); +int CMS_RecipientInfo_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri); int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags); diff --git a/include/openssl/dh.h b/include/openssl/dh.h index bfe82b3..18858eb 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -98,7 +98,7 @@ DECLARE_ASN1_ITEM(DHparams) # define d2i_DHparams_bio(bp,x) \ ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x) # define i2d_DHparams_bio(bp,x) \ - ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x) + ASN1_i2d_bio_of(DH,i2d_DHparams,bp,x) # define d2i_DHxparams_fp(fp,x) \ (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ @@ -110,9 +110,9 @@ DECLARE_ASN1_ITEM(DHparams) # define d2i_DHxparams_bio(bp,x) \ ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x) # define i2d_DHxparams_bio(bp,x) \ - ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x) + ASN1_i2d_bio_of(DH, i2d_DHxparams, bp, x) -DH *DHparams_dup(DH *); +DECLARE_ASN1_DUP_FUNCTION_name(DH, DHparams) const DH_METHOD *DH_OpenSSL(void); @@ -151,10 +151,8 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes); int DH_generate_key(DH *dh); int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh); -DH *d2i_DHparams(DH **a, const unsigned char **pp, long length); -int i2d_DHparams(const DH *a, unsigned char **pp); -DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length); -int i2d_DHxparams(const DH *a, unsigned char **pp); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHparams) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHxparams) # ifndef OPENSSL_NO_STDIO int DHparams_print_fp(FILE *fp, const DH *x); # endif diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index ea01aaf..38ae977 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -17,6 +17,7 @@ extern "C" { # endif # include +# include # include # include # include @@ -69,13 +70,12 @@ typedef struct DSA_SIG_st DSA_SIG; # define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ (unsigned char *)(x)) # define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x) -# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) +# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of(DSA,i2d_DSAparams,bp,x) -DSA *DSAparams_dup(DSA *x); +DECLARE_ASN1_DUP_FUNCTION_name(DSA, DSAparams) DSA_SIG *DSA_SIG_new(void); void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); -DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA_SIG, DSA_SIG) void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); @@ -109,9 +109,9 @@ int DSA_verify(int type, const unsigned char *dgst, int dgst_len, int DSA_set_ex_data(DSA *d, int idx, void *arg); void *DSA_get_ex_data(DSA *d, int idx); -DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); -DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); -DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAPublicKey) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAPrivateKey) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAparams) /* Deprecated version */ DEPRECATEDIN_0_9_8(DSA *DSA_generate_parameters(int bits, @@ -130,9 +130,6 @@ int DSA_generate_parameters_ex(DSA *dsa, int bits, BN_GENCB *cb); int DSA_generate_key(DSA *a); -int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); -int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); -int i2d_DSAparams(const DSA *a, unsigned char **pp); int DSAparams_print(BIO *bp, const DSA *x); int DSA_print(BIO *bp, const DSA *x, int off); diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 7c15368..8d4d1b1 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -123,7 +123,7 @@ void EC_GROUP_clear_free(EC_GROUP *group); */ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src); -/** Creates a new EC_GROUP object and copies the copies the content +/** Creates a new EC_GROUP object and copies the content * form src to the newly created EC_KEY object * \param src source EC_GROUP object * \return newly created EC_GROUP object or NULL in case of an error. @@ -800,7 +800,7 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); # define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) -# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) +# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of(EC_GROUP,i2d_ECPKParameters,bp,x) # define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \ (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x)) # define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ @@ -1028,7 +1028,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len); * of bytes needed). * \return 1 on success and 0 if an error occurred. */ -int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out); +int i2d_ECPrivateKey(const EC_KEY *key, unsigned char **out); /********************************************************************/ /* de- and encoding functions for EC parameters */ @@ -1049,7 +1049,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len); * of bytes needed). * \return 1 on success and 0 if an error occurred. */ -int i2d_ECParameters(EC_KEY *key, unsigned char **out); +int i2d_ECParameters(const EC_KEY *key, unsigned char **out); /********************************************************************/ /* de- and encoding functions for EC public key */ @@ -1140,22 +1140,21 @@ ECDSA_SIG *ECDSA_SIG_new(void); */ void ECDSA_SIG_free(ECDSA_SIG *sig); -/** DER encode content of ECDSA_SIG object (note: this function modifies *pp +/** i2d_ECDSA_SIG encodes content of ECDSA_SIG (note: this function modifies *pp * (*pp += length of the DER encoded signature)). * \param sig pointer to the ECDSA_SIG object * \param pp pointer to a unsigned char pointer for the output or NULL * \return the length of the DER encoded ECDSA_SIG object or 0 */ -int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(ECDSA_SIG, ECDSA_SIG) -/** Decodes a DER encoded ECDSA signature (note: this function changes *pp +/** d2i_ECDSA_SIG decodes an ECDSA signature (note: this function modifies *pp * (*pp += len)). * \param sig pointer to ECDSA_SIG pointer (may be NULL) * \param pp memory buffer with the DER encoded signature * \param len length of the buffer * \return pointer to the decoded ECDSA_SIG structure (or NULL) */ -ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); /** Accessor for r and s fields of ECDSA_SIG * \param sig pointer to ECDSA_SIG structure diff --git a/include/openssl/ess.h b/include/openssl/ess.h index 3912071..fb5e45c 100644 --- a/include/openssl/ess.h +++ b/include/openssl/ess.h @@ -30,45 +30,28 @@ typedef struct ESS_cert_id_v2_st ESS_CERT_ID_V2; DEFINE_STACK_OF(ESS_CERT_ID_V2) -ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void); -void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a); -int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp); -ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, - const unsigned char **pp, - long length); -ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_ISSUER_SERIAL) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_ISSUER_SERIAL, ESS_ISSUER_SERIAL) +DECLARE_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL) -ESS_CERT_ID *ESS_CERT_ID_new(void); -void ESS_CERT_ID_free(ESS_CERT_ID *a); -int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp); -ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp, - long length); -ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID, ESS_CERT_ID) +DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID) -ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void); -void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a); -int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp); -ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, - const unsigned char **pp, long length); -ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT, ESS_SIGNING_CERT) +DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT) ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, STACK_OF(X509) *certs, int issuer_needed); -ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new(void); -void ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a); -int i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **pp); -ESS_CERT_ID_V2 *d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, - const unsigned char **pp, long length); -ESS_CERT_ID_V2 *ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID_V2) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID_V2, ESS_CERT_ID_V2) +DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2) -ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new(void); -void ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a); -int i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, unsigned char **pp); -ESS_SIGNING_CERT_V2 *d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, - const unsigned char **pp, - long length); -ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT_V2) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT_V2, ESS_SIGNING_CERT_V2) +DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2) ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg, X509 *signcert, STACK_OF(X509) *certs, diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 23f07ea..72060e7 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -410,31 +410,30 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, # ifndef OPENSSL_NO_RSA # define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (char *)(rsa)) + (rsa)) # endif # ifndef OPENSSL_NO_DSA # define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ - (char *)(dsa)) + (dsa)) # endif # ifndef OPENSSL_NO_DH -# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ - (char *)(dh)) +# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,(dh)) # endif # ifndef OPENSSL_NO_EC # define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ - (char *)(eckey)) + (eckey)) # endif # ifndef OPENSSL_NO_SIPHASH -# define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),EVP_PKEY_SIPHASH,\ - (char *)(shkey)) +# define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),\ + EVP_PKEY_SIPHASH,(shkey)) # endif # ifndef OPENSSL_NO_POLY1305 -# define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),EVP_PKEY_POLY1305,\ - (char *)(polykey)) +# define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),\ + EVP_PKEY_POLY1305,(polykey)) # endif /* Add some extra combinations */ @@ -513,16 +512,13 @@ void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data); # ifdef CONST_STRICT void BIO_set_md(BIO *, const EVP_MD *md); # else -# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)(md)) +# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(void *)(md)) # endif -# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)(mdp)) -# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0, \ - (char *)(mdcp)) -# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0, \ - (char *)(mdcp)) +# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(mdp)) +# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(mdcp)) +# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(mdcp)) # define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) -# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0, \ - (char *)(c_pp)) +# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(c_pp)) /*__owur*/ int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, @@ -660,7 +656,7 @@ __owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void); void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx); -int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, EVP_ENCODE_CTX *sctx); +int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, const EVP_ENCODE_CTX *sctx); int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx); void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, @@ -1006,7 +1002,7 @@ void EVP_MD_do_all_sorted(void (*fn) EVP_MAC_CTX *EVP_MAC_CTX_new(const EVP_MAC *mac); EVP_MAC_CTX *EVP_MAC_CTX_new_id(int nid); void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); -int EVP_MAC_CTX_copy(EVP_MAC_CTX *dest, EVP_MAC_CTX *src); +int EVP_MAC_CTX_copy(EVP_MAC_CTX *dest, const EVP_MAC_CTX *src); const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx); size_t EVP_MAC_size(EVP_MAC_CTX *ctx); int EVP_MAC_init(EVP_MAC_CTX *ctx); @@ -1073,25 +1069,25 @@ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len); # ifndef OPENSSL_NO_RSA struct rsa_st; int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key); -struct rsa_st *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); +struct rsa_st *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey); struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); # endif # ifndef OPENSSL_NO_DSA struct dsa_st; int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key); -struct dsa_st *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); +struct dsa_st *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey); struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey); # endif # ifndef OPENSSL_NO_DH struct dh_st; int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key); -struct dh_st *EVP_PKEY_get0_DH(EVP_PKEY *pkey); +struct dh_st *EVP_PKEY_get0_DH(const EVP_PKEY *pkey); struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); # endif # ifndef OPENSSL_NO_EC struct ec_key_st; int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key); -struct ec_key_st *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey); +struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey); struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); # endif @@ -1101,13 +1097,13 @@ void EVP_PKEY_free(EVP_PKEY *pkey); EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length); -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); +int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp); EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length); EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); +int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp); int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); @@ -1398,7 +1394,7 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx); EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); -EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); +EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, @@ -1433,7 +1429,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher); void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); -void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); +void *EVP_PKEY_CTX_get_data(const EVP_PKEY_CTX *ctx); EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx); EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx); @@ -1486,7 +1482,7 @@ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy) (EVP_PKEY_CTX *dst, - EVP_PKEY_CTX *src)); + const EVP_PKEY_CTX *src)); void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup) (EVP_PKEY_CTX *ctx)); @@ -1591,7 +1587,7 @@ void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth, int (**pcopy) (EVP_PKEY_CTX *dst, - EVP_PKEY_CTX *src)); + const EVP_PKEY_CTX *src)); void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth, void (**pcleanup) (EVP_PKEY_CTX *ctx)); diff --git a/include/openssl/objects.h b/include/openssl/objects.h index 2df7af7..d077ad4 100644 --- a/include/openssl/objects.h +++ b/include/openssl/objects.h @@ -56,7 +56,7 @@ void OBJ_NAME_do_all_sorted(int type, void (*fn) (const OBJ_NAME *, void *arg), void *arg); -ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o); +DECLARE_ASN1_DUP_FUNCTION_name(ASN1_OBJECT, OBJ) ASN1_OBJECT *OBJ_nid2obj(int n); const char *OBJ_nid2ln(int n); const char *OBJ_nid2sn(int n); diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index 22afb62..3aba16c 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -146,7 +146,7 @@ typedef struct ocsp_service_locator_st OCSP_SERVICELOC; (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\ (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs)) -OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id); +DECLARE_ASN1_DUP_FUNCTION(OCSP_CERTID) OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req); OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req, diff --git a/include/openssl/pem.h b/include/openssl/pem.h index a7331ac..8f6e6a2 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -323,35 +323,35 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, unsigned char *kstr, int klen, pem_password_cb *cb, void *u); -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, +int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); -int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, +int PEM_write_bio_PKCS8PrivateKey(BIO *, const EVP_PKEY *, const EVP_CIPHER *, char *, int, pem_password_cb *, void *); -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, +int i2d_PKCS8PrivateKey_bio(BIO *bp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, +int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u); # ifndef OPENSSL_NO_STDIO -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, +int i2d_PKCS8PrivateKey_fp(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, +int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, +int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); -int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, +int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cd, void *u); # endif diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h index 01f9393..83caaee 100644 --- a/include/openssl/pkcs12.h +++ b/include/openssl/pkcs12.h @@ -207,9 +207,9 @@ int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, int safe_nid, int iter, const char *pass); PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); -int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); +int i2d_PKCS12_bio(BIO *bp, const PKCS12 *p12); # ifndef OPENSSL_NO_STDIO -int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); +int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12); # endif PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); # ifndef OPENSSL_NO_STDIO diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h index 8a67dcb..5dec27f 100644 --- a/include/openssl/pkcs7.h +++ b/include/openssl/pkcs7.h @@ -208,11 +208,11 @@ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, unsigned int *len); # ifndef OPENSSL_NO_STDIO PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); -int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); +int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7); # endif -PKCS7 *PKCS7_dup(PKCS7 *p7); +DECLARE_ASN1_DUP_FUNCTION(PKCS7) PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); -int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); +int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7); int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index be0fbbd..6b681f4 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -276,8 +276,8 @@ const RSA_METHOD *RSA_PKCS1_OpenSSL(void); int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2); -DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPublicKey) +DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPrivateKey) typedef struct rsa_pss_params_st { X509_ALGOR *hashAlgorithm; @@ -393,8 +393,8 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, int RSA_set_ex_data(RSA *r, int idx, void *arg); void *RSA_get_ex_data(const RSA *r, int idx); -RSA *RSAPublicKey_dup(RSA *rsa); -RSA *RSAPrivateKey_dup(RSA *rsa); +DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPublicKey) +DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey) /* * If this flag is set the RSA method is FIPS compliant and can be used in diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 9d6e1c5..1091b1c 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1660,7 +1660,7 @@ __owur int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, __owur int SSL_SESSION_is_resumable(const SSL_SESSION *s); __owur SSL_SESSION *SSL_SESSION_new(void); -__owur SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src); +__owur SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src); const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len); const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s, @@ -1673,7 +1673,7 @@ int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses); int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x); int SSL_SESSION_up_ref(SSL_SESSION *ses); void SSL_SESSION_free(SSL_SESSION *ses); -__owur int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); +__owur int i2d_SSL_SESSION(const SSL_SESSION *in, unsigned char **pp); __owur int SSL_set_session(SSL *to, SSL_SESSION *session); int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *session); int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *session); diff --git a/include/openssl/ts.h b/include/openssl/ts.h index ef78d8c..3165a78 100644 --- a/include/openssl/ts.h +++ b/include/openssl/ts.h @@ -59,76 +59,58 @@ typedef struct TS_status_info_st TS_STATUS_INFO; typedef struct TS_resp_st TS_RESP; -TS_REQ *TS_REQ_new(void); -void TS_REQ_free(TS_REQ *a); -int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp); -TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length); - -TS_REQ *TS_REQ_dup(TS_REQ *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(TS_REQ) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_REQ, TS_REQ) +DECLARE_ASN1_DUP_FUNCTION(TS_REQ) #ifndef OPENSSL_NO_STDIO TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a); -int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a); +int i2d_TS_REQ_fp(FILE *fp, const TS_REQ *a); #endif TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a); -int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a); - -TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void); -void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a); -int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp); -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, - const unsigned char **pp, long length); +int i2d_TS_REQ_bio(BIO *fp, const TS_REQ *a); -TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(TS_MSG_IMPRINT) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_MSG_IMPRINT, TS_MSG_IMPRINT) +DECLARE_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT) #ifndef OPENSSL_NO_STDIO TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a); -int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a); +int i2d_TS_MSG_IMPRINT_fp(FILE *fp, const TS_MSG_IMPRINT *a); #endif TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bio, TS_MSG_IMPRINT **a); -int i2d_TS_MSG_IMPRINT_bio(BIO *bio, TS_MSG_IMPRINT *a); +int i2d_TS_MSG_IMPRINT_bio(BIO *bio, const TS_MSG_IMPRINT *a); -TS_RESP *TS_RESP_new(void); -void TS_RESP_free(TS_RESP *a); -int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp); -TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length); -TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token); -TS_RESP *TS_RESP_dup(TS_RESP *a); +DECLARE_ASN1_ALLOC_FUNCTIONS(TS_RESP) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_RESP, TS_RESP) +DECLARE_ASN1_DUP_FUNCTION(TS_RESP) #ifndef OPENSSL_NO_STDIO TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a); -int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a); +int i2d_TS_RESP_fp(FILE *fp, const TS_RESP *a); #endif TS_RESP *d2i_TS_RESP_bio(BIO *bio, TS_RESP **a); -int i2d_TS_RESP_bio(BIO *bio, TS_RESP *a); - -TS_STATUS_INFO *TS_STATUS_INFO_new(void); -void TS_STATUS_INFO_free(TS_STATUS_INFO *a); -int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp); -TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, - const unsigned char **pp, long length); -TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a); - -TS_TST_INFO *TS_TST_INFO_new(void); -void TS_TST_INFO_free(TS_TST_INFO *a); -int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp); -TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp, - long length); -TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a); +int i2d_TS_RESP_bio(BIO *bio, const TS_RESP *a); + +DECLARE_ASN1_ALLOC_FUNCTIONS(TS_STATUS_INFO) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_STATUS_INFO, TS_STATUS_INFO) +DECLARE_ASN1_DUP_FUNCTION(TS_STATUS_INFO) + +DECLARE_ASN1_ALLOC_FUNCTIONS(TS_TST_INFO) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_TST_INFO, TS_TST_INFO) +DECLARE_ASN1_DUP_FUNCTION(TS_TST_INFO) +TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token); #ifndef OPENSSL_NO_STDIO TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a); -int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a); +int i2d_TS_TST_INFO_fp(FILE *fp, const TS_TST_INFO *a); #endif TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bio, TS_TST_INFO **a); -int i2d_TS_TST_INFO_bio(BIO *bio, TS_TST_INFO *a); - -TS_ACCURACY *TS_ACCURACY_new(void); -void TS_ACCURACY_free(TS_ACCURACY *a); -int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp); -TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp, - long length); -TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a); +int i2d_TS_TST_INFO_bio(BIO *bio, const TS_TST_INFO *a); + +DECLARE_ASN1_ALLOC_FUNCTIONS(TS_ACCURACY) +DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_ACCURACY, TS_ACCURACY) +DECLARE_ASN1_DUP_FUNCTION(TS_ACCURACY) int TS_REQ_set_version(TS_REQ *a, long version); long TS_REQ_get_version(const TS_REQ *a); diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 7e388d9..bf127c0 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -391,87 +391,87 @@ int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, # ifndef OPENSSL_NO_STDIO X509 *d2i_X509_fp(FILE *fp, X509 **x509); -int i2d_X509_fp(FILE *fp, X509 *x509); +int i2d_X509_fp(FILE *fp, const X509 *x509); X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl); -int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl); +int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl); X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); -int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req); +int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req); # ifndef OPENSSL_NO_RSA RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); -int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa); +int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa); RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); -int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa); +int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa); RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); -int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa); +int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa); # endif # ifndef OPENSSL_NO_DSA DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); -int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); +int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa); DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); +int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa); # endif # ifndef OPENSSL_NO_EC EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); -int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); +int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey); EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); -int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); +int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey); # endif X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); -int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8); +int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8); PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); -int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); +int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf); +int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key); +int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey); EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); -int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); +int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey); EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); # endif X509 *d2i_X509_bio(BIO *bp, X509 **x509); -int i2d_X509_bio(BIO *bp, X509 *x509); +int i2d_X509_bio(BIO *bp, const X509 *x509); X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl); -int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl); +int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl); X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); -int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req); +int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req); # ifndef OPENSSL_NO_RSA RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); -int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa); +int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa); RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); -int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa); +int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa); RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); -int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa); +int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa); # endif # ifndef OPENSSL_NO_DSA DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); -int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); +int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa); DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); +int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa); # endif # ifndef OPENSSL_NO_EC EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); -int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); +int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey); EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); -int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); +int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey); # endif X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); -int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8); +int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8); PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); -int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); +int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf); +int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key); +int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey); EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); -int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); +int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey); EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); -X509 *X509_dup(X509 *x509); -X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); -X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); -X509_CRL *X509_CRL_dup(X509_CRL *crl); -X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev); -X509_REQ *X509_REQ_dup(X509_REQ *req); -X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); +DECLARE_ASN1_DUP_FUNCTION(X509) +DECLARE_ASN1_DUP_FUNCTION(X509_ATTRIBUTE) +DECLARE_ASN1_DUP_FUNCTION(X509_EXTENSION) +DECLARE_ASN1_DUP_FUNCTION(X509_CRL) +DECLARE_ASN1_DUP_FUNCTION(X509_REVOKED) +DECLARE_ASN1_DUP_FUNCTION(X509_REQ) +DECLARE_ASN1_DUP_FUNCTION(X509_ALGOR) int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, @@ -479,8 +479,8 @@ void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); -X509_NAME *X509_NAME_dup(X509_NAME *xn); -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); +DECLARE_ASN1_DUP_FUNCTION(X509_NAME) +DECLARE_ASN1_DUP_FUNCTION(X509_NAME_ENTRY) int X509_cmp_time(const ASN1_TIME *s, time_t *t); int X509_cmp_current_time(const ASN1_TIME *s); @@ -510,19 +510,15 @@ EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key); EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key); int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); long X509_get_pathlen(X509 *x); -int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp); -EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY) # ifndef OPENSSL_NO_RSA -int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); -RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(RSA, RSA_PUBKEY) # endif # ifndef OPENSSL_NO_DSA -int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp); -DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSA_PUBKEY) # endif # ifndef OPENSSL_NO_EC -int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); -EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(EC_KEY, EC_PUBKEY) # endif DECLARE_ASN1_FUNCTIONS(X509_SIG) @@ -544,10 +540,9 @@ DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) DECLARE_ASN1_FUNCTIONS(X509_NAME) -int X509_NAME_set(X509_NAME **xn, X509_NAME *name); +int X509_NAME_set(X509_NAME **xn, const X509_NAME *name); DECLARE_ASN1_FUNCTIONS(X509_CINF) - DECLARE_ASN1_FUNCTIONS(X509) DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) @@ -555,8 +550,7 @@ DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef) int X509_set_ex_data(X509 *r, int idx, void *arg); void *X509_get_ex_data(X509 *r, int idx); -int i2d_X509_AUX(X509 *a, unsigned char **pp); -X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length); +DECLARE_ASN1_ENCODE_FUNCTIONS_only(X509,X509_AUX) int i2d_re_X509_tbs(X509 *x, unsigned char **pp); @@ -1009,7 +1003,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); +PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey); int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, int ptype, void *pval, diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index 1706a82..9c7a325 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h @@ -28,7 +28,7 @@ struct v3_ext_ctx; typedef void *(*X509V3_EXT_NEW)(void); typedef void (*X509V3_EXT_FREE) (void *); typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long); -typedef int (*X509V3_EXT_I2D) (void *, unsigned char **); +typedef int (*X509V3_EXT_I2D) (const void *, unsigned char **); typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); @@ -467,7 +467,7 @@ DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) -GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a); +DECLARE_ASN1_DUP_FUNCTION(GENERAL_NAME) int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b); ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 4b70e38..e54d530 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -83,9 +83,9 @@ IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1) /* Initialise OCTET STRING from buffer and length */ static void ssl_session_oinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os, - unsigned char *data, size_t len) + const unsigned char *data, size_t len) { - os->data = data; + os->data = (unsigned char *)data; /* justified cast: data is not modified */ os->length = (int)len; os->flags = 0; *dest = os; @@ -93,15 +93,15 @@ static void ssl_session_oinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os, /* Initialise OCTET STRING from string */ static void ssl_session_sinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os, - char *data) + const char *data) { if (data != NULL) - ssl_session_oinit(dest, os, (unsigned char *)data, strlen(data)); + ssl_session_oinit(dest, os, (const unsigned char *)data, strlen(data)); else *dest = NULL; } -int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) +int i2d_SSL_SESSION(const SSL_SESSION *in, unsigned char **pp) { SSL_SESSION_ASN1 as; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index a51cc6c..1d3397d 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2271,7 +2271,7 @@ __owur int ssl_get_new_session(SSL *s, int session); __owur SSL_SESSION *lookup_sess_in_cache(SSL *s, const unsigned char *sess_id, size_t sess_id_len); __owur int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello); -__owur SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket); +__owur SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket); __owur int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b); DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id); __owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap, diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 58f38d5..d04b4fa 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -94,7 +94,7 @@ SSL_SESSION *SSL_SESSION_new(void) return ss; } -SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src) +SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) { return ssl_session_dup(src, 1); } @@ -103,7 +103,7 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src) * Create a new SSL_SESSION and duplicate the contents of |src| into it. If * ticket == 0 then no ticket information is duplicated, otherwise it is. */ -SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) +SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) { SSL_SESSION *dest; diff --git a/test/x509aux.c b/test/x509aux.c index ec2618d..1489428 100644 --- a/test/x509aux.c +++ b/test/x509aux.c @@ -27,7 +27,7 @@ static int test_certs(int num) unsigned char *data = 0; long len; typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long); - typedef int (*i2d_X509_t)(X509 *, unsigned char **); + typedef int (*i2d_X509_t)(const X509 *, unsigned char **); int err = 0; BIO *fp = BIO_new_file(test_get_argument(num), "r"); X509 *reuse = NULL; diff --git a/util/perl/OpenSSL/ParseC.pm b/util/perl/OpenSSL/ParseC.pm index 4c505f2..7a13930 100644 --- a/util/perl/OpenSSL/ParseC.pm +++ b/util/perl/OpenSSL/ParseC.pm @@ -257,7 +257,7 @@ my @opensslchandlers = ( ##### # Global variable stuff - { regexp => qr/OPENSSL_DECLARE_GLOBAL<<<\((.*),(.*)\)>>>;/, + { regexp => qr/OPENSSL_DECLARE_GLOBAL<<<\((.*),\s*(.*)\)>>>;/, massager => sub { return (<<"EOF"); #ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION OPENSSL_EXPORT $1 _shadow_$2; @@ -331,7 +331,7 @@ EOF # return ("$before$stack_of$after"); # } # }, - { regexp => qr/SKM_DEFINE_STACK_OF<<<\((.*),(.*),(.*)\)>>>/, + { regexp => qr/SKM_DEFINE_STACK_OF<<<\((.*),\s*(.*),\s*(.*)\)>>>/, massager => sub { return (<<"EOF"); STACK_OF($1); @@ -370,13 +370,13 @@ static ossl_inline sk_$1_compfunc sk_$1_set_cmp_func(STACK_OF($1) *sk, EOF } }, - { regexp => qr/DEFINE_SPECIAL_STACK_OF<<<\((.*),(.*)\)>>>/, + { regexp => qr/DEFINE_SPECIAL_STACK_OF<<<\((.*),\s*(.*)\)>>>/, massager => sub { return ("SKM_DEFINE_STACK_OF($1,$2,$2)"); }, }, { regexp => qr/DEFINE_STACK_OF<<<\((.*)\)>>>/, massager => sub { return ("SKM_DEFINE_STACK_OF($1,$1,$1)"); }, }, - { regexp => qr/DEFINE_SPECIAL_STACK_OF_CONST<<<\((.*),(.*)\)>>>/, + { regexp => qr/DEFINE_SPECIAL_STACK_OF_CONST<<<\((.*),\s*(.*)\)>>>/, massager => sub { return ("SKM_DEFINE_STACK_OF($1,const $2,$2)"); }, }, { regexp => qr/DEFINE_STACK_OF_CONST<<<\((.*)\)>>>/, @@ -388,7 +388,7 @@ EOF { regexp => qr/DECLARE_STACK_OF<<<\((.*)\)>>>/, massager => sub { return ("STACK_OF($1);"); } }, - { regexp => qr/DECLARE_SPECIAL_STACK_OF<<<\((.*?),(.*?)\)>>>/, + { regexp => qr/DECLARE_SPECIAL_STACK_OF<<<\((.*?),\s*(.*?)\)>>>/, massager => sub { return ("STACK_OF($1);"); } }, @@ -421,7 +421,15 @@ const ASN1_ITEM *$1_it(void); EOF }, }, - { regexp => qr/DECLARE_ASN1_ENCODE_FUNCTIONS<<<\((.*),(.*),(.*)\)>>>/, + { regexp => qr/DECLARE_ASN1_ENCODE_FUNCTIONS_only<<<\((.*),\s*(.*)\)>>>/, + massager => sub { + return (<<"EOF"); +int d2i_$2(void); +int i2d_$2(void); +EOF + }, + }, + { regexp => qr/DECLARE_ASN1_ENCODE_FUNCTIONS<<<\((.*),\s*(.*),\s*(.*)\)>>>/, massager => sub { return (<<"EOF"); int d2i_$3(void); @@ -430,7 +438,7 @@ DECLARE_ASN1_ITEM($2) EOF }, }, - { regexp => qr/DECLARE_ASN1_ENCODE_FUNCTIONS_const<<<\((.*),(.*)\)>>>/, + { regexp => qr/DECLARE_ASN1_ENCODE_FUNCTIONS_name<<<\((.*),\s*(.*)\)>>>/, massager => sub { return (<<"EOF"); int d2i_$2(void); @@ -439,6 +447,14 @@ DECLARE_ASN1_ITEM($2) EOF }, }, + { regexp => qr/DECLARE_ASN1_ALLOC_FUNCTIONS_name<<<\((.*),\s*(.*)\)>>>/, + massager => sub { + return (<<"EOF"); +int $2_free(void); +int $2_new(void); +EOF + }, + }, { regexp => qr/DECLARE_ASN1_ALLOC_FUNCTIONS<<<\((.*)\)>>>/, massager => sub { return (<<"EOF"); @@ -447,7 +463,7 @@ int $1_new(void); EOF }, }, - { regexp => qr/DECLARE_ASN1_FUNCTIONS_name<<<\((.*),(.*)\)>>>/, + { regexp => qr/DECLARE_ASN1_FUNCTIONS_name<<<\((.*),\s*(.*)\)>>>/, massager => sub { return (<<"EOF"); int d2i_$2(void); @@ -458,17 +474,7 @@ DECLARE_ASN1_ITEM($2) EOF }, }, - { regexp => qr/DECLARE_ASN1_FUNCTIONS_fname<<<\((.*),(.*),(.*)\)>>>/, - massager => sub { return (<<"EOF"); -int d2i_$3(void); -int i2d_$3(void); -int $3_free(void); -int $3_new(void); -DECLARE_ASN1_ITEM($2) -EOF - } - }, - { regexp => qr/DECLARE_ASN1_FUNCTIONS(?:_const)?<<<\((.*)\)>>>/, + { regexp => qr/DECLARE_ASN1_FUNCTIONS<<<\((.*)\)>>>/, massager => sub { return (<<"EOF"); int d2i_$1(void); int i2d_$1(void); @@ -492,7 +498,7 @@ int $1_print_ctx(void); EOF } }, - { regexp => qr/DECLARE_ASN1_PRINT_FUNCTION_name<<<\((.*),(.*)\)>>>/, + { regexp => qr/DECLARE_ASN1_PRINT_FUNCTION_name<<<\((.*),\s*(.*)\)>>>/, massager => sub { return (<<"EOF"); int $2_print_ctx(void); @@ -502,6 +508,20 @@ EOF { regexp => qr/DECLARE_ASN1_SET_OF<<<\((.*)\)>>>/, massager => sub { return (); } }, + { regexp => qr/DECLARE_ASN1_DUP_FUNCTION<<<\((.*)\)>>>/, + massager => sub { + return (<<"EOF"); +int $1_dup(void); +EOF + } + }, + { regexp => qr/DECLARE_ASN1_DUP_FUNCTION_name<<<\((.*),\s*(.*)\)>>>/, + massager => sub { + return (<<"EOF"); +int $2_dup(void); +EOF + } + }, { regexp => qr/DECLARE_PKCS12_SET_OF<<<\((.*)\)>>>/, massager => sub { return (); } }, From builds at travis-ci.org Wed Mar 6 16:45:12 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 06 Mar 2019 16:45:12 +0000 Subject: Errored: openssl/openssl#23811 (master - 9fdcc21) In-Reply-To: Message-ID: <5c7ff918508e5_43fdcafc0a924250370@0f98dd09-897b-4005-b75f-ab4ad6d2a82c.mail> Build Update for openssl/openssl ------------------------------------- Build: #23811 Status: Errored Duration: 26 mins and 11 secs Commit: 9fdcc21 (master) Author: David von Oheimb Message: constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8029) View the changeset: https://github.com/openssl/openssl/compare/27d563123632...9fdcc21fdc9d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/502644451?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pauli at openssl.org Wed Mar 6 21:30:30 2019 From: pauli at openssl.org (Dr. Paul Dale) Date: Wed, 06 Mar 2019 21:30:30 +0000 Subject: [openssl] master update Message-ID: <1551907830.636433.17415.nullmailer@dev.openssl.org> The branch master has been updated via bcf082d130a413a728a382bd6e6bfdbf2cedba45 (commit) from 9fdcc21fdc9d148f78d9cd5be34030f38cc45812 (commit) - Log ----------------------------------------------------------------- commit bcf082d130a413a728a382bd6e6bfdbf2cedba45 Author: Shane Lontis Date: Thu Feb 21 08:27:25 2019 +1000 FIPS AES_GCM IV gen changes Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8393) ----------------------------------------------------------------------- Summary of changes: crypto/evp/e_aes.c | 47 +++++++- test/aesgcmtest.c | 123 +++++++++++++++++++++ test/build.info | 6 +- .../{03-test_property.t => 30-test_aesgcm.t} | 4 +- 4 files changed, 175 insertions(+), 5 deletions(-) create mode 100644 test/aesgcmtest.c copy test/recipes/{03-test_property.t => 30-test_aesgcm.t} (75%) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 3d2068c..5b473bc 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -44,6 +44,7 @@ typedef struct { int ivlen; /* IV length */ int taglen; int iv_gen; /* It is OK to generate IVs */ + int iv_gen_rand; /* No IV was specified, so generate a rand IV */ int tls_aad_len; /* TLS AAD length */ uint64_t tls_enc_records; /* Number of TLS records encrypted */ ctr128_f ctr; @@ -1396,7 +1397,7 @@ static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, (OPENSSL_s390xcap_P.kma[0] & \ S390X_CAPBIT(S390X_AES_256))) -/* iv + padding length for iv lenghts != 12 */ +/* iv + padding length for iv lengths != 12 */ # define S390X_gcm_ivpadlen(i) ((((i) + 15) >> 4 << 4) + 16) /*- @@ -2890,7 +2891,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) return 1; case EVP_CTRL_GET_IV: - if (gctx->iv_gen != 1) + if (gctx->iv_gen != 1 && gctx->iv_gen_rand != 1) return 0; if (gctx->ivlen != arg) return 0; @@ -3202,10 +3203,35 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return rv; } +#ifdef FIPS_MODE +/* + * See SP800-38D (GCM) Section 8 "Uniqueness requirement on IVS and keys" + * + * See also 8.2.2 RBG-based construction. + * Random construction consists of a free field (which can be NULL) and a + * random field which will use a DRBG that can return at least 96 bits of + * entropy strength. (The DRBG must be seeded by the FIPS module). + */ +static int aes_gcm_iv_generate(EVP_AES_GCM_CTX *gctx, int offset) +{ + int sz = gctx->ivlen - offset; + + /* Must be at least 96 bits */ + if (sz <= 0 || gctx->ivlen < 12) + return 0; + + /* Use DRBG to generate random iv */ + if (RAND_bytes(gctx->iv + offset, sz) <= 0) + return 0; + return 1; +} +#endif /* FIPS_MODE */ + static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx); + /* If not set up, return error */ if (!gctx->key_set) return -1; @@ -3213,8 +3239,25 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (gctx->tls_aad_len >= 0) return aes_gcm_tls_cipher(ctx, out, in, len); +#ifdef FIPS_MODE + /* + * FIPS requires generation of AES-GCM IV's inside the FIPS module. + * The IV can still be set externally (the security policy will state that + * this is not FIPS compliant). There are some applications + * where setting the IV externally is the only option available. + */ + if (!gctx->iv_set) { + if (!ctx->encrypt || !aes_gcm_iv_generate(gctx, 0)) + return -1; + CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); + gctx->iv_set = 1; + gctx->iv_gen_rand = 1; + } +#else if (!gctx->iv_set) return -1; +#endif /* FIPS_MODE */ + if (in) { if (out == NULL) { if (CRYPTO_gcm128_aad(&gctx->gcm, in, len)) diff --git a/test/aesgcmtest.c b/test/aesgcmtest.c new file mode 100644 index 0000000..c616438 --- /dev/null +++ b/test/aesgcmtest.c @@ -0,0 +1,123 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "testutil.h" + +static const unsigned char gcm_key[] = { + 0xee, 0xbc, 0x1f, 0x57, 0x48, 0x7f, 0x51, 0x92, 0x1c, 0x04, 0x65, 0x66, + 0x5f, 0x8a, 0xe6, 0xd1, 0x65, 0x8b, 0xb2, 0x6d, 0xe6, 0xf8, 0xa0, 0x69, + 0xa3, 0x52, 0x02, 0x93, 0xa5, 0x72, 0x07, 0x8f +}; +static const unsigned char gcm_iv[] = { + 0x99, 0xaa, 0x3e, 0x68, 0xed, 0x81, 0x73, 0xa0, 0xee, 0xd0, 0x66, 0x84 +}; +static const unsigned char gcm_pt[] = { + 0xf5, 0x6e, 0x87, 0x05, 0x5b, 0xc3, 0x2d, 0x0e, 0xeb, 0x31, 0xb2, 0xea, + 0xcc, 0x2b, 0xf2, 0xa5 +}; +static const unsigned char gcm_aad[] = { + 0x4d, 0x23, 0xc3, 0xce, 0xc3, 0x34, 0xb4, 0x9b, 0xdb, 0x37, 0x0c, 0x43, + 0x7f, 0xec, 0x78, 0xde +}; +static const unsigned char gcm_ct[] = { + 0xf7, 0x26, 0x44, 0x13, 0xa8, 0x4c, 0x0e, 0x7c, 0xd5, 0x36, 0x86, 0x7e, + 0xb9, 0xf2, 0x17, 0x36 +}; +static const unsigned char gcm_tag[] = { + 0x67, 0xba, 0x05, 0x10, 0x26, 0x2a, 0xe4, 0x87, 0xd7, 0x37, 0xee, 0x62, + 0x98, 0xf7, 0x7e, 0x0c +}; + +static int do_encrypt(unsigned char *iv_gen, unsigned char *ct, int *ct_len, + unsigned char *tag, int *tag_len) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx = NULL; + int outlen; + unsigned char outbuf[64]; + + *tag_len = 16; + ret = TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + && TEST_true(EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, + NULL) > 0) + && TEST_true(EVP_EncryptInit_ex(ctx, NULL, NULL, gcm_key, + iv_gen != NULL ? NULL : gcm_iv) > 0) + && TEST_true(EVP_EncryptUpdate(ctx, NULL, &outlen, gcm_aad, + sizeof(gcm_aad)) > 0) + && TEST_true(EVP_EncryptUpdate(ctx, ct, ct_len, gcm_pt, + sizeof(gcm_pt)) > 0) + && TEST_true(EVP_EncryptFinal_ex(ctx, outbuf, &outlen) > 0) + && TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, + tag) > 0) + && TEST_true(iv_gen == NULL + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_IV, 12, iv_gen) > 0); + EVP_CIPHER_CTX_free(ctx); + return ret; +} + +static int do_decrypt(const unsigned char *iv, const unsigned char *ct, + int ct_len, const unsigned char *tag, int tag_len) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx = NULL; + int outlen, ptlen; + unsigned char pt[32]; + unsigned char outbuf[32]; + + ret = TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + && TEST_true(EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, + NULL, NULL) > 0) + && TEST_true(EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, iv) > 0) + && TEST_true(EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, + sizeof(gcm_aad)) > 0) + && TEST_true(EVP_DecryptUpdate(ctx, pt, &ptlen, ct, + ct_len) > 0) + && TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, + tag_len, (void *)tag) > 0) + && TEST_true(EVP_DecryptFinal_ex(ctx, outbuf, &outlen) > 0) + && TEST_mem_eq(gcm_pt, sizeof(gcm_pt), pt, ptlen); + + EVP_CIPHER_CTX_free(ctx); + return ret; +} + +static int kat_test(void) +{ + unsigned char tag[32]; + unsigned char ct[32]; + int ctlen = 0, taglen = 0; + + return do_encrypt(NULL, ct, &ctlen, tag, &taglen) + && TEST_mem_eq(gcm_ct, sizeof(gcm_ct), ct, ctlen) + && TEST_mem_eq(gcm_tag, sizeof(gcm_tag), tag, taglen) + && do_decrypt(gcm_iv, ct, ctlen, tag, taglen); +} + +#ifdef FIPS_MODE +static int ivgen_test(void) +{ + unsigned char iv_gen[16]; + unsigned char tag[32]; + unsigned char ct[32]; + int ctlen = 0, taglen = 0; + + return do_encrypt(iv_gen, ct, &ctlen, tag, &taglen) + && do_decrypt(iv_gen, ct, ctlen, tag, taglen); +} +#endif /* FIPS_MODE */ + +int setup_tests(void) +{ + ADD_TEST(kat_test); +#ifdef FIPS_MODE + ADD_TEST(ivgen_test); +#endif /* FIPS_MODE */ + return 1; +} diff --git a/test/build.info b/test/build.info index 5bf6fd0..4dd400f 100644 --- a/test/build.info +++ b/test/build.info @@ -50,7 +50,7 @@ IF[{- !$disabled{tests} -}] time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \ servername_test ocspapitest rsa_mp_test fatalerrtest tls13ccstest \ sysdefaulttest errtest gosttest \ - context_internal_test + context_internal_test aesgcmtest SOURCE[versions]=versions.c INCLUDE[versions]=../include ../apps/include @@ -570,6 +570,10 @@ IF[{- !$disabled{tests} -}] INCLUDE[gosttest]=../include ../apps/include .. DEPEND[gosttest]=../libcrypto ../libssl libtestutil.a + SOURCE[aesgcmtest]=aesgcmtest.c + INCLUDE[aesgcmtest]=../include ../apps/include .. + DEPEND[aesgcmtest]=../libcrypto libtestutil.a + PROGRAMS{noinst}=context_internal_test SOURCE[context_internal_test]=context_internal_test.c INCLUDE[context_internal_test]=.. ../include ../apps/include diff --git a/test/recipes/03-test_property.t b/test/recipes/30-test_aesgcm.t similarity index 75% copy from test/recipes/03-test_property.t copy to test/recipes/30-test_aesgcm.t index 2654215..f4862bf 100644 --- a/test/recipes/03-test_property.t +++ b/test/recipes/30-test_aesgcm.t @@ -1,12 +1,12 @@ #! /usr/bin/env perl # Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. -# Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html + use OpenSSL::Test::Simple; -simple_test("test_property", "property_test"); +simple_test("test_aesgcm", "aesgcmtest", "aesgcm"); From builds at travis-ci.org Wed Mar 6 21:51:43 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 06 Mar 2019 21:51:43 +0000 Subject: Errored: openssl/openssl#23817 (master - bcf082d) In-Reply-To: Message-ID: <5c8040ee55b6a_43fdb7230f63c539242@071dde37-892d-460d-84d0-676bf3b21247.mail> Build Update for openssl/openssl ------------------------------------- Build: #23817 Status: Errored Duration: 20 mins and 25 secs Commit: bcf082d (master) Author: Shane Lontis Message: FIPS AES_GCM IV gen changes Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8393) View the changeset: https://github.com/openssl/openssl/compare/9fdcc21fdc9d...bcf082d130a4 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/502788609?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 6 22:36:10 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 22:36:10 +0000 Subject: Build failed: openssl master.23217 Message-ID: <20190306223610.1.34784C74B1F5A4DA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 6 23:39:07 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 06 Mar 2019 23:39:07 +0000 Subject: Build completed: openssl master.23218 Message-ID: <20190306233907.1.16D3033833624A6E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 7 00:37:04 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 07 Mar 2019 00:37:04 +0000 Subject: Build failed: openssl master.23223 Message-ID: <20190307003704.1.FADB604C99ADAC5C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 7 00:43:50 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 07 Mar 2019 00:43:50 +0000 Subject: Build failed: openssl master.23224 Message-ID: <20190307004350.1.939C760114E6B6EE@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 7 01:10:29 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 07 Mar 2019 01:10:29 +0000 Subject: Build completed: openssl master.23225 Message-ID: <20190307011029.1.09E98444247FCB2A@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 7 07:20:49 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 07 Mar 2019 07:20:49 +0000 Subject: Build failed: openssl master.23227 Message-ID: <20190307072049.1.DE6C2AF7F81FB306@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 7 08:21:49 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 07 Mar 2019 08:21:49 +0000 Subject: Build failed: openssl master.23230 Message-ID: <20190307082149.1.813032E81D53C67E@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Mar 7 11:21:02 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 07 Mar 2019 11:21:02 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings enable-zlib Message-ID: <1551957662.139181.23687.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-zlib Commit log since last time: bcf082d130 FIPS AES_GCM IV gen changes 9fdcc21fdc constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION 27d5631236 Update ChaCha20-Poly1305 documentation a4f0b50eaf Test an overlong ChaCha20-Poly1305 nonce 2a3d0ee9d5 Prevent over long nonces in ChaCha20-Poly1305 18e1e30245 apps/openssl.c: avoid memory leaks c699712fa3 Add a log about the tracing functionality 0b836c2168 Document the tracing functionality 3b9e1a3902 Make it possible to trace the trace functionality itself 6e810f2dca Adapt BN_CTX_DEBUG to the new generic trace API 5f8a5f46e4 Adapt OPENSSL_DEBUG_DECRYPT to the new generic trace API b9ce85f631 Adapt OPENSSL_POLICY_DEBUG to the new generic trace API a902e43d7d Adapt OPENSSL_DEBUG_KEYGEN to the new generic trace API 3a9b3d2d93 Adapt OPENSSL_DEBUG_PKCS5V2 to the new generic trace API f518e3e802 Adapt ENGINE_REF_COUNT_DEBUG to the new generic trace API f272be676b Adapt ENGINE_TABLE_DEBUG to the new generic trace API f4db05df0e Adapt ENGINE_CONF_DEBUG to the new generic trace API 5c64173586 Adapt OPENSSL_INIT_DEBUG to the new generic trace API 77359d22c9 Adapt CIPHER_DEBUG to the new generic trace API 49b26f54f4 Adapt SSL_DEBUG to the new generic trace API 16a9d3746e Make it possible to disable the TRACE API 682b444f8a apps/openssl.c: Adapt to enable tracing output 2390c573aa Add generic trace API 8ab53b193a Make the sparse array code use ossl_uintmax_t as its index rather than size_t. Build log ended with (last 100 lines): clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-b_print.d.tmp -MT crypto/bio/libcrypto-lib-b_print.o -c -o crypto/bio/libcrypto-lib-b_print.o ../openssl/crypto/bio/b_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-b_sock.d.tmp -MT crypto/bio/libcrypto-lib-b_sock.o -c -o crypto/bio/libcrypto-lib-b_sock.o ../openssl/crypto/bio/b_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-b_sock2.d.tmp -MT crypto/bio/libcrypto-lib-b_sock2.o -c -o crypto/bio/libcrypto-lib-b_sock2.o ../openssl/crypto/bio/b_sock2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_buff.d.tmp -MT crypto/bio/libcrypto-lib-bf_buff.o -c -o crypto/bio/libcrypto-lib-bf_buff.o ../openssl/crypto/bio/bf_buff.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_lbuf.d.tmp -MT crypto/bio/libcrypto-lib-bf_lbuf.o -c -o crypto/bio/libcrypto-lib-bf_lbuf.o ../openssl/crypto/bio/bf_lbuf.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_nbio.d.tmp -MT crypto/bio/libcrypto-lib-bf_nbio.o -c -o crypto/bio/libcrypto-lib-bf_nbio.o ../openssl/crypto/bio/bf_nbio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_null.d.tmp -MT crypto/bio/libcrypto-lib-bf_null.o -c -o crypto/bio/libcrypto-lib-bf_null.o ../openssl/crypto/bio/bf_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_cb.d.tmp -MT crypto/bio/libcrypto-lib-bio_cb.o -c -o crypto/bio/libcrypto-lib-bio_cb.o ../openssl/crypto/bio/bio_cb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_err.d.tmp -MT crypto/bio/libcrypto-lib-bio_err.o -c -o crypto/bio/libcrypto-lib-bio_err.o ../openssl/crypto/bio/bio_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_lib.d.tmp -MT crypto/bio/libcrypto-lib-bio_lib.o -c -o crypto/bio/libcrypto-lib-bio_lib.o ../openssl/crypto/bio/bio_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_meth.d.tmp -MT crypto/bio/libcrypto-lib-bio_meth.o -c -o crypto/bio/libcrypto-lib-bio_meth.o ../openssl/crypto/bio/bio_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_acpt.d.tmp -MT crypto/bio/libcrypto-lib-bss_acpt.o -c -o crypto/bio/libcrypto-lib-bss_acpt.o ../openssl/crypto/bio/bss_acpt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_bio.d.tmp -MT crypto/bio/libcrypto-lib-bss_bio.o -c -o crypto/bio/libcrypto-lib-bss_bio.o ../openssl/crypto/bio/bss_bio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_conn.d.tmp -MT crypto/bio/libcrypto-lib-bss_conn.o -c -o crypto/bio/libcrypto-lib-bss_conn.o ../openssl/crypto/bio/bss_conn.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_dgram.d.tmp -MT crypto/bio/libcrypto-lib-bss_dgram.o -c -o crypto/bio/libcrypto-lib-bss_dgram.o ../openssl/crypto/bio/bss_dgram.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_fd.d.tmp -MT crypto/bio/libcrypto-lib-bss_fd.o -c -o crypto/bio/libcrypto-lib-bss_fd.o ../openssl/crypto/bio/bss_fd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_file.d.tmp -MT crypto/bio/libcrypto-lib-bss_file.o -c -o crypto/bio/libcrypto-lib-bss_file.o ../openssl/crypto/bio/bss_file.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_log.d.tmp -MT crypto/bio/libcrypto-lib-bss_log.o -c -o crypto/bio/libcrypto-lib-bss_log.o ../openssl/crypto/bio/bss_log.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_mem.d.tmp -MT crypto/bio/libcrypto-lib-bss_mem.o -c -o crypto/bio/libcrypto-lib-bss_mem.o ../openssl/crypto/bio/bss_mem.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_null.d.tmp -MT crypto/bio/libcrypto-lib-bss_null.o -c -o crypto/bio/libcrypto-lib-bss_null.o ../openssl/crypto/bio/bss_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_sock.d.tmp -MT crypto/bio/libcrypto-lib-bss_sock.o -c -o crypto/bio/libcrypto-lib-bss_sock.o ../openssl/crypto/bio/bss_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b.o -c -o crypto/blake2/libcrypto-lib-blake2b.o ../openssl/crypto/blake2/blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2b_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b_mac.o -c -o crypto/blake2/libcrypto-lib-blake2b_mac.o ../openssl/crypto/blake2/blake2b_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s.o -c -o crypto/blake2/libcrypto-lib-blake2s.o ../openssl/crypto/blake2/blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2s_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s_mac.o -c -o crypto/blake2/libcrypto-lib-blake2s_mac.o ../openssl/crypto/blake2/blake2s_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-m_blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2b.o -c -o crypto/blake2/libcrypto-lib-m_blake2b.o ../openssl/crypto/blake2/m_blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-m_blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2s.o -c -o crypto/blake2/libcrypto-lib-m_blake2s.o ../openssl/crypto/blake2/m_blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/asm/libcrypto-lib-x86_64-gcc.d.tmp -MT crypto/bn/asm/libcrypto-lib-x86_64-gcc.o -c -o crypto/bn/asm/libcrypto-lib-x86_64-gcc.o ../openssl/crypto/bn/asm/x86_64-gcc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_add.d.tmp -MT crypto/bn/libcrypto-lib-bn_add.o -c -o crypto/bn/libcrypto-lib-bn_add.o ../openssl/crypto/bn/bn_add.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_blind.d.tmp -MT crypto/bn/libcrypto-lib-bn_blind.o -c -o crypto/bn/libcrypto-lib-bn_blind.o ../openssl/crypto/bn/bn_blind.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_const.d.tmp -MT crypto/bn/libcrypto-lib-bn_const.o -c -o crypto/bn/libcrypto-lib-bn_const.o ../openssl/crypto/bn/bn_const.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_ctx.d.tmp -MT crypto/bn/libcrypto-lib-bn_ctx.o -c -o crypto/bn/libcrypto-lib-bn_ctx.o ../openssl/crypto/bn/bn_ctx.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_depr.d.tmp -MT crypto/bn/libcrypto-lib-bn_depr.o -c -o crypto/bn/libcrypto-lib-bn_depr.o ../openssl/crypto/bn/bn_depr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_dh.d.tmp -MT crypto/bn/libcrypto-lib-bn_dh.o -c -o crypto/bn/libcrypto-lib-bn_dh.o ../openssl/crypto/bn/bn_dh.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_div.d.tmp -MT crypto/bn/libcrypto-lib-bn_div.o -c -o crypto/bn/libcrypto-lib-bn_div.o ../openssl/crypto/bn/bn_div.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_err.d.tmp -MT crypto/bn/libcrypto-lib-bn_err.o -c -o crypto/bn/libcrypto-lib-bn_err.o ../openssl/crypto/bn/bn_err.c clang -Icrypto -I../openssl/crypto -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_exp.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp.o -c -o crypto/bn/libcrypto-lib-bn_exp.o ../openssl/crypto/bn/bn_exp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_exp2.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp2.o -c -o crypto/bn/libcrypto-lib-bn_exp2.o ../openssl/crypto/bn/bn_exp2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_gcd.d.tmp -MT crypto/bn/libcrypto-lib-bn_gcd.o -c -o crypto/bn/libcrypto-lib-bn_gcd.o ../openssl/crypto/bn/bn_gcd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_gf2m.d.tmp -MT crypto/bn/libcrypto-lib-bn_gf2m.o -c -o crypto/bn/libcrypto-lib-bn_gf2m.o ../openssl/crypto/bn/bn_gf2m.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_intern.d.tmp -MT crypto/bn/libcrypto-lib-bn_intern.o -c -o crypto/bn/libcrypto-lib-bn_intern.o ../openssl/crypto/bn/bn_intern.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_kron.d.tmp -MT crypto/bn/libcrypto-lib-bn_kron.o -c -o crypto/bn/libcrypto-lib-bn_kron.o ../openssl/crypto/bn/bn_kron.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_lib.d.tmp -MT crypto/bn/libcrypto-lib-bn_lib.o -c -o crypto/bn/libcrypto-lib-bn_lib.o ../openssl/crypto/bn/bn_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mod.d.tmp -MT crypto/bn/libcrypto-lib-bn_mod.o -c -o crypto/bn/libcrypto-lib-bn_mod.o ../openssl/crypto/bn/bn_mod.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mont.d.tmp -MT crypto/bn/libcrypto-lib-bn_mont.o -c -o crypto/bn/libcrypto-lib-bn_mont.o ../openssl/crypto/bn/bn_mont.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mpi.d.tmp -MT crypto/bn/libcrypto-lib-bn_mpi.o -c -o crypto/bn/libcrypto-lib-bn_mpi.o ../openssl/crypto/bn/bn_mpi.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mul.d.tmp -MT crypto/bn/libcrypto-lib-bn_mul.o -c -o crypto/bn/libcrypto-lib-bn_mul.o ../openssl/crypto/bn/bn_mul.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_nist.d.tmp -MT crypto/bn/libcrypto-lib-bn_nist.o -c -o crypto/bn/libcrypto-lib-bn_nist.o ../openssl/crypto/bn/bn_nist.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_prime.d.tmp -MT crypto/bn/libcrypto-lib-bn_prime.o -c -o crypto/bn/libcrypto-lib-bn_prime.o ../openssl/crypto/bn/bn_prime.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_print.d.tmp -MT crypto/bn/libcrypto-lib-bn_print.o -c -o crypto/bn/libcrypto-lib-bn_print.o ../openssl/crypto/bn/bn_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_rand.d.tmp -MT crypto/bn/libcrypto-lib-bn_rand.o -c -o crypto/bn/libcrypto-lib-bn_rand.o ../openssl/crypto/bn/bn_rand.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_recp.d.tmp -MT crypto/bn/libcrypto-lib-bn_recp.o -c -o crypto/bn/libcrypto-lib-bn_recp.o ../openssl/crypto/bn/bn_recp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_shift.d.tmp -MT crypto/bn/libcrypto-lib-bn_shift.o -c -o crypto/bn/libcrypto-lib-bn_shift.o ../openssl/crypto/bn/bn_shift.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_sqr.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqr.o -c -o crypto/bn/libcrypto-lib-bn_sqr.o ../openssl/crypto/bn/bn_sqr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_sqrt.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqrt.o -c -o crypto/bn/libcrypto-lib-bn_sqrt.o ../openssl/crypto/bn/bn_sqrt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_srp.d.tmp -MT crypto/bn/libcrypto-lib-bn_srp.o -c -o crypto/bn/libcrypto-lib-bn_srp.o ../openssl/crypto/bn/bn_srp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_word.d.tmp -MT crypto/bn/libcrypto-lib-bn_word.o -c -o crypto/bn/libcrypto-lib-bn_word.o ../openssl/crypto/bn/bn_word.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_x931p.d.tmp -MT crypto/bn/libcrypto-lib-bn_x931p.o -c -o crypto/bn/libcrypto-lib-bn_x931p.o ../openssl/crypto/bn/bn_x931p.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-avx2.pl elf crypto/bn/rsaz-avx2.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-x86_64.pl elf crypto/bn/rsaz-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-rsaz_exp.d.tmp -MT crypto/bn/libcrypto-lib-rsaz_exp.o -c -o crypto/bn/libcrypto-lib-rsaz_exp.o ../openssl/crypto/bn/rsaz_exp.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-gf2m.pl elf crypto/bn/x86_64-gf2m.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont.pl elf crypto/bn/x86_64-mont.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont5.pl elf crypto/bn/x86_64-mont5.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/buffer/libcrypto-lib-buf_err.d.tmp -MT crypto/buffer/libcrypto-lib-buf_err.o -c -o crypto/buffer/libcrypto-lib-buf_err.o ../openssl/crypto/buffer/buf_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/buffer/libcrypto-lib-buffer.d.tmp -MT crypto/buffer/libcrypto-lib-buffer.o -c -o crypto/buffer/libcrypto-lib-buffer.o ../openssl/crypto/buffer/buffer.c CC="clang" /usr/bin/perl ../openssl/crypto/camellia/asm/cmll-x86_64.pl elf crypto/camellia/cmll-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_cfb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_cfb.o -c -o crypto/camellia/libcrypto-lib-cmll_cfb.o ../openssl/crypto/camellia/cmll_cfb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_ctr.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ctr.o -c -o crypto/camellia/libcrypto-lib-cmll_ctr.o ../openssl/crypto/camellia/cmll_ctr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_ecb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ecb.o -c -o crypto/camellia/libcrypto-lib-cmll_ecb.o ../openssl/crypto/camellia/cmll_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_misc.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_misc.o -c -o crypto/camellia/libcrypto-lib-cmll_misc.o ../openssl/crypto/camellia/cmll_misc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_ofb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ofb.o -c -o crypto/camellia/libcrypto-lib-cmll_ofb.o ../openssl/crypto/camellia/cmll_ofb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_cfb64.d.tmp -MT crypto/cast/libcrypto-lib-c_cfb64.o -c -o crypto/cast/libcrypto-lib-c_cfb64.o ../openssl/crypto/cast/c_cfb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_ecb.d.tmp -MT crypto/cast/libcrypto-lib-c_ecb.o -c -o crypto/cast/libcrypto-lib-c_ecb.o ../openssl/crypto/cast/c_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_enc.d.tmp -MT crypto/cast/libcrypto-lib-c_enc.o -c -o crypto/cast/libcrypto-lib-c_enc.o ../openssl/crypto/cast/c_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_ofb64.d.tmp -MT crypto/cast/libcrypto-lib-c_ofb64.o -c -o crypto/cast/libcrypto-lib-c_ofb64.o ../openssl/crypto/cast/c_ofb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_skey.d.tmp -MT crypto/cast/libcrypto-lib-c_skey.o -c -o crypto/cast/libcrypto-lib-c_skey.o ../openssl/crypto/cast/c_skey.c CC="clang" /usr/bin/perl ../openssl/crypto/chacha/asm/chacha-x86_64.pl elf crypto/chacha/chacha-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cmac/libcrypto-lib-cm_ameth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_ameth.o -c -o crypto/cmac/libcrypto-lib-cm_ameth.o ../openssl/crypto/cmac/cm_ameth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cmac/libcrypto-lib-cm_meth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_meth.o -c -o crypto/cmac/libcrypto-lib-cm_meth.o ../openssl/crypto/cmac/cm_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cmac/libcrypto-lib-cmac.d.tmp -MT crypto/cmac/libcrypto-lib-cmac.o -c -o crypto/cmac/libcrypto-lib-cmac.o ../openssl/crypto/cmac/cmac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_asn1.d.tmp -MT crypto/cms/libcrypto-lib-cms_asn1.o -c -o crypto/cms/libcrypto-lib-cms_asn1.o ../openssl/crypto/cms/cms_asn1.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_att.d.tmp -MT crypto/cms/libcrypto-lib-cms_att.o -c -o crypto/cms/libcrypto-lib-cms_att.o ../openssl/crypto/cms/cms_att.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_cd.d.tmp -MT crypto/cms/libcrypto-lib-cms_cd.o -c -o crypto/cms/libcrypto-lib-cms_cd.o ../openssl/crypto/cms/cms_cd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_dd.d.tmp -MT crypto/cms/libcrypto-lib-cms_dd.o -c -o crypto/cms/libcrypto-lib-cms_dd.o ../openssl/crypto/cms/cms_dd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_enc.d.tmp -MT crypto/cms/libcrypto-lib-cms_enc.o -c -o crypto/cms/libcrypto-lib-cms_enc.o ../openssl/crypto/cms/cms_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_env.d.tmp -MT crypto/cms/libcrypto-lib-cms_env.o -c -o crypto/cms/libcrypto-lib-cms_env.o ../openssl/crypto/cms/cms_env.c ../openssl/crypto/cms/cms_cd.c:63:6: error: conflicting types for 'cms_CompressedData_init_bio' BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms) ^ ../openssl/crypto/cms/cms_lcl.h:385:6: note: previous declaration is here BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms); ^ 1 error generated. Makefile:7562: recipe for target 'crypto/cms/libcrypto-lib-cms_cd.o' failed make[1]: *** [crypto/cms/libcrypto-lib-cms_cd.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/enable-zlib' Makefile:164: recipe for target 'all' failed make: *** [all] Error 2 From openssl at openssl.org Thu Mar 7 11:21:17 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 07 Mar 2019 11:21:17 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings enable-zlib-dynamic Message-ID: <1551957677.153081.25122.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-zlib-dynamic Commit log since last time: bcf082d130 FIPS AES_GCM IV gen changes 9fdcc21fdc constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION 27d5631236 Update ChaCha20-Poly1305 documentation a4f0b50eaf Test an overlong ChaCha20-Poly1305 nonce 2a3d0ee9d5 Prevent over long nonces in ChaCha20-Poly1305 18e1e30245 apps/openssl.c: avoid memory leaks c699712fa3 Add a log about the tracing functionality 0b836c2168 Document the tracing functionality 3b9e1a3902 Make it possible to trace the trace functionality itself 6e810f2dca Adapt BN_CTX_DEBUG to the new generic trace API 5f8a5f46e4 Adapt OPENSSL_DEBUG_DECRYPT to the new generic trace API b9ce85f631 Adapt OPENSSL_POLICY_DEBUG to the new generic trace API a902e43d7d Adapt OPENSSL_DEBUG_KEYGEN to the new generic trace API 3a9b3d2d93 Adapt OPENSSL_DEBUG_PKCS5V2 to the new generic trace API f518e3e802 Adapt ENGINE_REF_COUNT_DEBUG to the new generic trace API f272be676b Adapt ENGINE_TABLE_DEBUG to the new generic trace API f4db05df0e Adapt ENGINE_CONF_DEBUG to the new generic trace API 5c64173586 Adapt OPENSSL_INIT_DEBUG to the new generic trace API 77359d22c9 Adapt CIPHER_DEBUG to the new generic trace API 49b26f54f4 Adapt SSL_DEBUG to the new generic trace API 16a9d3746e Make it possible to disable the TRACE API 682b444f8a apps/openssl.c: Adapt to enable tracing output 2390c573aa Add generic trace API 8ab53b193a Make the sparse array code use ossl_uintmax_t as its index rather than size_t. Build log ended with (last 100 lines): clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-b_print.d.tmp -MT crypto/bio/libcrypto-lib-b_print.o -c -o crypto/bio/libcrypto-lib-b_print.o ../openssl/crypto/bio/b_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-b_sock.d.tmp -MT crypto/bio/libcrypto-lib-b_sock.o -c -o crypto/bio/libcrypto-lib-b_sock.o ../openssl/crypto/bio/b_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-b_sock2.d.tmp -MT crypto/bio/libcrypto-lib-b_sock2.o -c -o crypto/bio/libcrypto-lib-b_sock2.o ../openssl/crypto/bio/b_sock2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_buff.d.tmp -MT crypto/bio/libcrypto-lib-bf_buff.o -c -o crypto/bio/libcrypto-lib-bf_buff.o ../openssl/crypto/bio/bf_buff.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_lbuf.d.tmp -MT crypto/bio/libcrypto-lib-bf_lbuf.o -c -o crypto/bio/libcrypto-lib-bf_lbuf.o ../openssl/crypto/bio/bf_lbuf.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_nbio.d.tmp -MT crypto/bio/libcrypto-lib-bf_nbio.o -c -o crypto/bio/libcrypto-lib-bf_nbio.o ../openssl/crypto/bio/bf_nbio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_null.d.tmp -MT crypto/bio/libcrypto-lib-bf_null.o -c -o crypto/bio/libcrypto-lib-bf_null.o ../openssl/crypto/bio/bf_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_cb.d.tmp -MT crypto/bio/libcrypto-lib-bio_cb.o -c -o crypto/bio/libcrypto-lib-bio_cb.o ../openssl/crypto/bio/bio_cb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_err.d.tmp -MT crypto/bio/libcrypto-lib-bio_err.o -c -o crypto/bio/libcrypto-lib-bio_err.o ../openssl/crypto/bio/bio_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_lib.d.tmp -MT crypto/bio/libcrypto-lib-bio_lib.o -c -o crypto/bio/libcrypto-lib-bio_lib.o ../openssl/crypto/bio/bio_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_meth.d.tmp -MT crypto/bio/libcrypto-lib-bio_meth.o -c -o crypto/bio/libcrypto-lib-bio_meth.o ../openssl/crypto/bio/bio_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_acpt.d.tmp -MT crypto/bio/libcrypto-lib-bss_acpt.o -c -o crypto/bio/libcrypto-lib-bss_acpt.o ../openssl/crypto/bio/bss_acpt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_bio.d.tmp -MT crypto/bio/libcrypto-lib-bss_bio.o -c -o crypto/bio/libcrypto-lib-bss_bio.o ../openssl/crypto/bio/bss_bio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_conn.d.tmp -MT crypto/bio/libcrypto-lib-bss_conn.o -c -o crypto/bio/libcrypto-lib-bss_conn.o ../openssl/crypto/bio/bss_conn.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_dgram.d.tmp -MT crypto/bio/libcrypto-lib-bss_dgram.o -c -o crypto/bio/libcrypto-lib-bss_dgram.o ../openssl/crypto/bio/bss_dgram.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_fd.d.tmp -MT crypto/bio/libcrypto-lib-bss_fd.o -c -o crypto/bio/libcrypto-lib-bss_fd.o ../openssl/crypto/bio/bss_fd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_file.d.tmp -MT crypto/bio/libcrypto-lib-bss_file.o -c -o crypto/bio/libcrypto-lib-bss_file.o ../openssl/crypto/bio/bss_file.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_log.d.tmp -MT crypto/bio/libcrypto-lib-bss_log.o -c -o crypto/bio/libcrypto-lib-bss_log.o ../openssl/crypto/bio/bss_log.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_mem.d.tmp -MT crypto/bio/libcrypto-lib-bss_mem.o -c -o crypto/bio/libcrypto-lib-bss_mem.o ../openssl/crypto/bio/bss_mem.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_null.d.tmp -MT crypto/bio/libcrypto-lib-bss_null.o -c -o crypto/bio/libcrypto-lib-bss_null.o ../openssl/crypto/bio/bss_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_sock.d.tmp -MT crypto/bio/libcrypto-lib-bss_sock.o -c -o crypto/bio/libcrypto-lib-bss_sock.o ../openssl/crypto/bio/bss_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b.o -c -o crypto/blake2/libcrypto-lib-blake2b.o ../openssl/crypto/blake2/blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2b_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b_mac.o -c -o crypto/blake2/libcrypto-lib-blake2b_mac.o ../openssl/crypto/blake2/blake2b_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s.o -c -o crypto/blake2/libcrypto-lib-blake2s.o ../openssl/crypto/blake2/blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2s_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s_mac.o -c -o crypto/blake2/libcrypto-lib-blake2s_mac.o ../openssl/crypto/blake2/blake2s_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-m_blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2b.o -c -o crypto/blake2/libcrypto-lib-m_blake2b.o ../openssl/crypto/blake2/m_blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-m_blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2s.o -c -o crypto/blake2/libcrypto-lib-m_blake2s.o ../openssl/crypto/blake2/m_blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/asm/libcrypto-lib-x86_64-gcc.d.tmp -MT crypto/bn/asm/libcrypto-lib-x86_64-gcc.o -c -o crypto/bn/asm/libcrypto-lib-x86_64-gcc.o ../openssl/crypto/bn/asm/x86_64-gcc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_add.d.tmp -MT crypto/bn/libcrypto-lib-bn_add.o -c -o crypto/bn/libcrypto-lib-bn_add.o ../openssl/crypto/bn/bn_add.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_blind.d.tmp -MT crypto/bn/libcrypto-lib-bn_blind.o -c -o crypto/bn/libcrypto-lib-bn_blind.o ../openssl/crypto/bn/bn_blind.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_const.d.tmp -MT crypto/bn/libcrypto-lib-bn_const.o -c -o crypto/bn/libcrypto-lib-bn_const.o ../openssl/crypto/bn/bn_const.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_ctx.d.tmp -MT crypto/bn/libcrypto-lib-bn_ctx.o -c -o crypto/bn/libcrypto-lib-bn_ctx.o ../openssl/crypto/bn/bn_ctx.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_depr.d.tmp -MT crypto/bn/libcrypto-lib-bn_depr.o -c -o crypto/bn/libcrypto-lib-bn_depr.o ../openssl/crypto/bn/bn_depr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_dh.d.tmp -MT crypto/bn/libcrypto-lib-bn_dh.o -c -o crypto/bn/libcrypto-lib-bn_dh.o ../openssl/crypto/bn/bn_dh.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_div.d.tmp -MT crypto/bn/libcrypto-lib-bn_div.o -c -o crypto/bn/libcrypto-lib-bn_div.o ../openssl/crypto/bn/bn_div.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_err.d.tmp -MT crypto/bn/libcrypto-lib-bn_err.o -c -o crypto/bn/libcrypto-lib-bn_err.o ../openssl/crypto/bn/bn_err.c clang -Icrypto -I../openssl/crypto -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_exp.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp.o -c -o crypto/bn/libcrypto-lib-bn_exp.o ../openssl/crypto/bn/bn_exp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_exp2.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp2.o -c -o crypto/bn/libcrypto-lib-bn_exp2.o ../openssl/crypto/bn/bn_exp2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_gcd.d.tmp -MT crypto/bn/libcrypto-lib-bn_gcd.o -c -o crypto/bn/libcrypto-lib-bn_gcd.o ../openssl/crypto/bn/bn_gcd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_gf2m.d.tmp -MT crypto/bn/libcrypto-lib-bn_gf2m.o -c -o crypto/bn/libcrypto-lib-bn_gf2m.o ../openssl/crypto/bn/bn_gf2m.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_intern.d.tmp -MT crypto/bn/libcrypto-lib-bn_intern.o -c -o crypto/bn/libcrypto-lib-bn_intern.o ../openssl/crypto/bn/bn_intern.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_kron.d.tmp -MT crypto/bn/libcrypto-lib-bn_kron.o -c -o crypto/bn/libcrypto-lib-bn_kron.o ../openssl/crypto/bn/bn_kron.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_lib.d.tmp -MT crypto/bn/libcrypto-lib-bn_lib.o -c -o crypto/bn/libcrypto-lib-bn_lib.o ../openssl/crypto/bn/bn_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mod.d.tmp -MT crypto/bn/libcrypto-lib-bn_mod.o -c -o crypto/bn/libcrypto-lib-bn_mod.o ../openssl/crypto/bn/bn_mod.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mont.d.tmp -MT crypto/bn/libcrypto-lib-bn_mont.o -c -o crypto/bn/libcrypto-lib-bn_mont.o ../openssl/crypto/bn/bn_mont.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mpi.d.tmp -MT crypto/bn/libcrypto-lib-bn_mpi.o -c -o crypto/bn/libcrypto-lib-bn_mpi.o ../openssl/crypto/bn/bn_mpi.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mul.d.tmp -MT crypto/bn/libcrypto-lib-bn_mul.o -c -o crypto/bn/libcrypto-lib-bn_mul.o ../openssl/crypto/bn/bn_mul.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_nist.d.tmp -MT crypto/bn/libcrypto-lib-bn_nist.o -c -o crypto/bn/libcrypto-lib-bn_nist.o ../openssl/crypto/bn/bn_nist.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_prime.d.tmp -MT crypto/bn/libcrypto-lib-bn_prime.o -c -o crypto/bn/libcrypto-lib-bn_prime.o ../openssl/crypto/bn/bn_prime.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_print.d.tmp -MT crypto/bn/libcrypto-lib-bn_print.o -c -o crypto/bn/libcrypto-lib-bn_print.o ../openssl/crypto/bn/bn_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_rand.d.tmp -MT crypto/bn/libcrypto-lib-bn_rand.o -c -o crypto/bn/libcrypto-lib-bn_rand.o ../openssl/crypto/bn/bn_rand.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_recp.d.tmp -MT crypto/bn/libcrypto-lib-bn_recp.o -c -o crypto/bn/libcrypto-lib-bn_recp.o ../openssl/crypto/bn/bn_recp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_shift.d.tmp -MT crypto/bn/libcrypto-lib-bn_shift.o -c -o crypto/bn/libcrypto-lib-bn_shift.o ../openssl/crypto/bn/bn_shift.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_sqr.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqr.o -c -o crypto/bn/libcrypto-lib-bn_sqr.o ../openssl/crypto/bn/bn_sqr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_sqrt.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqrt.o -c -o crypto/bn/libcrypto-lib-bn_sqrt.o ../openssl/crypto/bn/bn_sqrt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_srp.d.tmp -MT crypto/bn/libcrypto-lib-bn_srp.o -c -o crypto/bn/libcrypto-lib-bn_srp.o ../openssl/crypto/bn/bn_srp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_word.d.tmp -MT crypto/bn/libcrypto-lib-bn_word.o -c -o crypto/bn/libcrypto-lib-bn_word.o ../openssl/crypto/bn/bn_word.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_x931p.d.tmp -MT crypto/bn/libcrypto-lib-bn_x931p.o -c -o crypto/bn/libcrypto-lib-bn_x931p.o ../openssl/crypto/bn/bn_x931p.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-avx2.pl elf crypto/bn/rsaz-avx2.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-x86_64.pl elf crypto/bn/rsaz-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-rsaz_exp.d.tmp -MT crypto/bn/libcrypto-lib-rsaz_exp.o -c -o crypto/bn/libcrypto-lib-rsaz_exp.o ../openssl/crypto/bn/rsaz_exp.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-gf2m.pl elf crypto/bn/x86_64-gf2m.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont.pl elf crypto/bn/x86_64-mont.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont5.pl elf crypto/bn/x86_64-mont5.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/buffer/libcrypto-lib-buf_err.d.tmp -MT crypto/buffer/libcrypto-lib-buf_err.o -c -o crypto/buffer/libcrypto-lib-buf_err.o ../openssl/crypto/buffer/buf_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/buffer/libcrypto-lib-buffer.d.tmp -MT crypto/buffer/libcrypto-lib-buffer.o -c -o crypto/buffer/libcrypto-lib-buffer.o ../openssl/crypto/buffer/buffer.c CC="clang" /usr/bin/perl ../openssl/crypto/camellia/asm/cmll-x86_64.pl elf crypto/camellia/cmll-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_cfb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_cfb.o -c -o crypto/camellia/libcrypto-lib-cmll_cfb.o ../openssl/crypto/camellia/cmll_cfb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_ctr.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ctr.o -c -o crypto/camellia/libcrypto-lib-cmll_ctr.o ../openssl/crypto/camellia/cmll_ctr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_ecb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ecb.o -c -o crypto/camellia/libcrypto-lib-cmll_ecb.o ../openssl/crypto/camellia/cmll_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_misc.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_misc.o -c -o crypto/camellia/libcrypto-lib-cmll_misc.o ../openssl/crypto/camellia/cmll_misc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_ofb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ofb.o -c -o crypto/camellia/libcrypto-lib-cmll_ofb.o ../openssl/crypto/camellia/cmll_ofb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_cfb64.d.tmp -MT crypto/cast/libcrypto-lib-c_cfb64.o -c -o crypto/cast/libcrypto-lib-c_cfb64.o ../openssl/crypto/cast/c_cfb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_ecb.d.tmp -MT crypto/cast/libcrypto-lib-c_ecb.o -c -o crypto/cast/libcrypto-lib-c_ecb.o ../openssl/crypto/cast/c_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_enc.d.tmp -MT crypto/cast/libcrypto-lib-c_enc.o -c -o crypto/cast/libcrypto-lib-c_enc.o ../openssl/crypto/cast/c_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_ofb64.d.tmp -MT crypto/cast/libcrypto-lib-c_ofb64.o -c -o crypto/cast/libcrypto-lib-c_ofb64.o ../openssl/crypto/cast/c_ofb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_skey.d.tmp -MT crypto/cast/libcrypto-lib-c_skey.o -c -o crypto/cast/libcrypto-lib-c_skey.o ../openssl/crypto/cast/c_skey.c CC="clang" /usr/bin/perl ../openssl/crypto/chacha/asm/chacha-x86_64.pl elf crypto/chacha/chacha-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cmac/libcrypto-lib-cm_ameth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_ameth.o -c -o crypto/cmac/libcrypto-lib-cm_ameth.o ../openssl/crypto/cmac/cm_ameth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cmac/libcrypto-lib-cm_meth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_meth.o -c -o crypto/cmac/libcrypto-lib-cm_meth.o ../openssl/crypto/cmac/cm_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cmac/libcrypto-lib-cmac.d.tmp -MT crypto/cmac/libcrypto-lib-cmac.o -c -o crypto/cmac/libcrypto-lib-cmac.o ../openssl/crypto/cmac/cmac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_asn1.d.tmp -MT crypto/cms/libcrypto-lib-cms_asn1.o -c -o crypto/cms/libcrypto-lib-cms_asn1.o ../openssl/crypto/cms/cms_asn1.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_att.d.tmp -MT crypto/cms/libcrypto-lib-cms_att.o -c -o crypto/cms/libcrypto-lib-cms_att.o ../openssl/crypto/cms/cms_att.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_cd.d.tmp -MT crypto/cms/libcrypto-lib-cms_cd.o -c -o crypto/cms/libcrypto-lib-cms_cd.o ../openssl/crypto/cms/cms_cd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_dd.d.tmp -MT crypto/cms/libcrypto-lib-cms_dd.o -c -o crypto/cms/libcrypto-lib-cms_dd.o ../openssl/crypto/cms/cms_dd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_enc.d.tmp -MT crypto/cms/libcrypto-lib-cms_enc.o -c -o crypto/cms/libcrypto-lib-cms_enc.o ../openssl/crypto/cms/cms_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_env.d.tmp -MT crypto/cms/libcrypto-lib-cms_env.o -c -o crypto/cms/libcrypto-lib-cms_env.o ../openssl/crypto/cms/cms_env.c ../openssl/crypto/cms/cms_cd.c:63:6: error: conflicting types for 'cms_CompressedData_init_bio' BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms) ^ ../openssl/crypto/cms/cms_lcl.h:385:6: note: previous declaration is here BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms); ^ 1 error generated. Makefile:7562: recipe for target 'crypto/cms/libcrypto-lib-cms_cd.o' failed make[1]: *** [crypto/cms/libcrypto-lib-cms_cd.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/enable-zlib-dynamic' Makefile:164: recipe for target 'all' failed make: *** [all] Error 2 From matt at openssl.org Thu Mar 7 14:56:12 2019 From: matt at openssl.org (Matt Caswell) Date: Thu, 07 Mar 2019 14:56:12 +0000 Subject: [openssl] master update Message-ID: <1551970572.057084.4117.nullmailer@dev.openssl.org> The branch master has been updated via 6855b496b205c067ecb276221c31c6212f4fdbae (commit) via 13fbce17fc9f02e2401fc3868f3f8e02d6647e5f (commit) from bcf082d130a413a728a382bd6e6bfdbf2cedba45 (commit) - Log ----------------------------------------------------------------- commit 6855b496b205c067ecb276221c31c6212f4fdbae Author: Matt Caswell Date: Wed Mar 6 11:51:28 2019 +0000 Add a test for underflow in ecp_nistp521.c The previous commit fixed an underflow that may occur in ecp_nistp521.c. This commit adds a test for that condition. It is heavily based on an original test harness by Billy Brumley. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) commit 13fbce17fc9f02e2401fc3868f3f8e02d6647e5f Author: Matt Caswell Date: Tue Mar 5 13:26:45 2019 +0000 Avoid an underflow in ecp_nistp521.c The function felem_diff_128_64 in ecp_nistp521.c substracts the number |in| from |out| mod p. In order to avoid underflow it first adds 32p mod p (which is equivalent to 0 mod p) to |out|. The comments and variable naming suggest that the original author intended to add 64p mod p. In fact it has been shown that with certain unusual co-ordinates it is possible to cause an underflow in this function when only adding 32p mod p while performing a point double operation. By changing this to 64p mod p the underflow is avoided. It turns out to be quite difficult to construct points that satisfy the underflow criteria although this has been done and the underflow demonstrated. However none of these points are actually on the curve. Finding points that satisfy the underflow criteria and are also *on* the curve is considered significantly more difficult. For this reason we do not believe that this issue is currently practically exploitable and therefore no CVE has been assigned. This only impacts builds using the enable-ec_nistp_64_gcc_128 Configure option. With thanks to Bo-Yin Yang, Billy Brumley and Dr Liu for their significant help in investigating this issue. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) ----------------------------------------------------------------------- Summary of changes: crypto/ec/ecp_nistp521.c | 11 +++++--- test/ectest.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index a32f302..fe6f3b3 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -357,10 +357,15 @@ static void felem_diff64(felem out, const felem in) static void felem_diff_128_64(largefelem out, const felem in) { /* - * In order to prevent underflow, we add 0 mod p before subtracting. + * In order to prevent underflow, we add 64p mod p (which is equivalent + * to 0 mod p) before subtracting. p is 2^521 - 1, i.e. in binary a 521 + * digit number with all bits set to 1. See "The representation of field + * elements" comment above for a description of how limbs are used to + * represent a number. 64p is represented with 8 limbs containing a number + * with 58 bits set and one limb with a number with 57 bits set. */ - static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5); - static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4); + static const limb two63m6 = (((limb) 1) << 63) - (((limb) 1) << 6); + static const limb two63m5 = (((limb) 1) << 63) - (((limb) 1) << 5); out[0] += two63m6 - in[0]; out[1] += two63m5 - in[1]; diff --git a/test/ectest.c b/test/ectest.c index 0f42597..d2ad377 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1440,6 +1440,74 @@ err: BN_CTX_free(ctx); return r; } + +/* + * Tests a point known to cause an incorrect underflow in an old version of + * ecp_nist521.c + */ +static int underflow_test(void) +{ + BN_CTX *ctx = NULL; + EC_GROUP *grp = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x1 = NULL, *y1 = NULL, *z1 = NULL, *x2 = NULL, *y2 = NULL; + BIGNUM *k = NULL; + int testresult = 0; + const char *x1str = + "1534f0077fffffe87e9adcfe000000000000000000003e05a21d2400002e031b1f4" + "b80000c6fafa4f3c1288798d624a247b5e2ffffffffffffffefe099241900004"; + const char *p521m1 = + "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe"; + + ctx = BN_CTX_new(); + if (!TEST_ptr(ctx)) + return 0; + + BN_CTX_start(ctx); + x1 = BN_CTX_get(ctx); + y1 = BN_CTX_get(ctx); + z1 = BN_CTX_get(ctx); + x2 = BN_CTX_get(ctx); + y2 = BN_CTX_get(ctx); + k = BN_CTX_get(ctx); + if (!TEST_ptr(k)) + goto err; + + grp = EC_GROUP_new_by_curve_name(NID_secp521r1); + P = EC_POINT_new(grp); + Q = EC_POINT_new(grp); + R = EC_POINT_new(grp); + if (!TEST_ptr(grp) || !TEST_ptr(P) || !TEST_ptr(Q) || !TEST_ptr(R)) + goto err; + + if (!TEST_int_gt(BN_hex2bn(&x1, x1str), 0) + || !TEST_int_gt(BN_hex2bn(&y1, p521m1), 0) + || !TEST_int_gt(BN_hex2bn(&z1, p521m1), 0) + || !TEST_int_gt(BN_hex2bn(&k, "02"), 0) + || !TEST_true(EC_POINT_set_Jprojective_coordinates_GFp(grp, P, x1, + y1, z1, ctx)) + || !TEST_true(EC_POINT_mul(grp, Q, NULL, P, k, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(grp, Q, x1, y1, ctx)) + || !TEST_true(EC_POINT_dbl(grp, R, P, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(grp, R, x2, y2, ctx))) + goto err; + + if (!TEST_int_eq(BN_cmp(x1, x2), 0) + || !TEST_int_eq(BN_cmp(y1, y2), 0)) + goto err; + + testresult = 1; + + err: + BN_CTX_end(ctx); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_GROUP_free(grp); + BN_CTX_free(ctx); + + return testresult; +} # endif static const unsigned char p521_named[] = { @@ -1547,6 +1615,7 @@ int setup_tests(void) # endif # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 ADD_ALL_TESTS(nistp_single_test, OSSL_NELEM(nistp_tests_params)); + ADD_TEST(underflow_test); # endif ADD_ALL_TESTS(internal_curve_test, crv_len); ADD_ALL_TESTS(internal_curve_test_method, crv_len); From matt at openssl.org Thu Mar 7 14:56:26 2019 From: matt at openssl.org (Matt Caswell) Date: Thu, 07 Mar 2019 14:56:26 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551970586.831261.5047.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via acd9b16b01ad4bda015102d9ce1fa34efa15359d (commit) via d49b8889108c66b43923232a1457e4920270845f (commit) from f7a6d1122befe9cd1d3de70cb2c19595a701b9aa (commit) - Log ----------------------------------------------------------------- commit acd9b16b01ad4bda015102d9ce1fa34efa15359d Author: Matt Caswell Date: Wed Mar 6 11:51:28 2019 +0000 Add a test for underflow in ecp_nistp521.c The previous commit fixed an underflow that may occur in ecp_nistp521.c. This commit adds a test for that condition. It is heavily based on an original test harness by Billy Brumley. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) (cherry picked from commit 6855b496b205c067ecb276221c31c6212f4fdbae) commit d49b8889108c66b43923232a1457e4920270845f Author: Matt Caswell Date: Tue Mar 5 13:26:45 2019 +0000 Avoid an underflow in ecp_nistp521.c The function felem_diff_128_64 in ecp_nistp521.c substracts the number |in| from |out| mod p. In order to avoid underflow it first adds 32p mod p (which is equivalent to 0 mod p) to |out|. The comments and variable naming suggest that the original author intended to add 64p mod p. In fact it has been shown that with certain unusual co-ordinates it is possible to cause an underflow in this function when only adding 32p mod p while performing a point double operation. By changing this to 64p mod p the underflow is avoided. It turns out to be quite difficult to construct points that satisfy the underflow criteria although this has been done and the underflow demonstrated. However none of these points are actually on the curve. Finding points that satisfy the underflow criteria and are also *on* the curve is considered significantly more difficult. For this reason we do not believe that this issue is currently practically exploitable and therefore no CVE has been assigned. This only impacts builds using the enable-ec_nistp_64_gcc_128 Configure option. With thanks to Bo-Yin Yang, Billy Brumley and Dr Liu for their significant help in investigating this issue. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) (cherry picked from commit 13fbce17fc9f02e2401fc3868f3f8e02d6647e5f) ----------------------------------------------------------------------- Summary of changes: crypto/ec/ecp_nistp521.c | 11 +++++--- test/ectest.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 2f47772..e31b85c 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -357,10 +357,15 @@ static void felem_diff64(felem out, const felem in) static void felem_diff_128_64(largefelem out, const felem in) { /* - * In order to prevent underflow, we add 0 mod p before subtracting. + * In order to prevent underflow, we add 64p mod p (which is equivalent + * to 0 mod p) before subtracting. p is 2^521 - 1, i.e. in binary a 521 + * digit number with all bits set to 1. See "The representation of field + * elements" comment above for a description of how limbs are used to + * represent a number. 64p is represented with 8 limbs containing a number + * with 58 bits set and one limb with a number with 57 bits set. */ - static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5); - static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4); + static const limb two63m6 = (((limb) 1) << 63) - (((limb) 1) << 6); + static const limb two63m5 = (((limb) 1) << 63) - (((limb) 1) << 5); out[0] += two63m6 - in[0]; out[1] += two63m5 - in[1]; diff --git a/test/ectest.c b/test/ectest.c index 2703cb4..afe8615 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1403,6 +1403,74 @@ err: BN_CTX_free(ctx); return r; } + +/* + * Tests a point known to cause an incorrect underflow in an old version of + * ecp_nist521.c + */ +static int underflow_test(void) +{ + BN_CTX *ctx = NULL; + EC_GROUP *grp = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x1 = NULL, *y1 = NULL, *z1 = NULL, *x2 = NULL, *y2 = NULL; + BIGNUM *k = NULL; + int testresult = 0; + const char *x1str = + "1534f0077fffffe87e9adcfe000000000000000000003e05a21d2400002e031b1f4" + "b80000c6fafa4f3c1288798d624a247b5e2ffffffffffffffefe099241900004"; + const char *p521m1 = + "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe"; + + ctx = BN_CTX_new(); + if (!TEST_ptr(ctx)) + return 0; + + BN_CTX_start(ctx); + x1 = BN_CTX_get(ctx); + y1 = BN_CTX_get(ctx); + z1 = BN_CTX_get(ctx); + x2 = BN_CTX_get(ctx); + y2 = BN_CTX_get(ctx); + k = BN_CTX_get(ctx); + if (!TEST_ptr(k)) + goto err; + + grp = EC_GROUP_new_by_curve_name(NID_secp521r1); + P = EC_POINT_new(grp); + Q = EC_POINT_new(grp); + R = EC_POINT_new(grp); + if (!TEST_ptr(grp) || !TEST_ptr(P) || !TEST_ptr(Q) || !TEST_ptr(R)) + goto err; + + if (!TEST_int_gt(BN_hex2bn(&x1, x1str), 0) + || !TEST_int_gt(BN_hex2bn(&y1, p521m1), 0) + || !TEST_int_gt(BN_hex2bn(&z1, p521m1), 0) + || !TEST_int_gt(BN_hex2bn(&k, "02"), 0) + || !TEST_true(EC_POINT_set_Jprojective_coordinates_GFp(grp, P, x1, + y1, z1, ctx)) + || !TEST_true(EC_POINT_mul(grp, Q, NULL, P, k, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(grp, Q, x1, y1, ctx)) + || !TEST_true(EC_POINT_dbl(grp, R, P, ctx)) + || !TEST_true(EC_POINT_get_affine_coordinates(grp, R, x2, y2, ctx))) + goto err; + + if (!TEST_int_eq(BN_cmp(x1, x2), 0) + || !TEST_int_eq(BN_cmp(y1, y2), 0)) + goto err; + + testresult = 1; + + err: + BN_CTX_end(ctx); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_GROUP_free(grp); + BN_CTX_free(ctx); + + return testresult; +} # endif static const unsigned char p521_named[] = { @@ -1510,6 +1578,7 @@ int setup_tests(void) # endif # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 ADD_ALL_TESTS(nistp_single_test, OSSL_NELEM(nistp_tests_params)); + ADD_TEST(underflow_test); # endif ADD_ALL_TESTS(internal_curve_test, crv_len); ADD_ALL_TESTS(internal_curve_test_method, crv_len); From matt at openssl.org Thu Mar 7 14:56:48 2019 From: matt at openssl.org (Matt Caswell) Date: Thu, 07 Mar 2019 14:56:48 +0000 Subject: [openssl] OpenSSL_1_1_0-stable update Message-ID: <1551970608.648250.6143.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_0-stable has been updated via a8e129a0923b17751655f2e98d5d4c2ae144e3fe (commit) from 09af525c2e8a11a0701d3d80e4d795e03be93606 (commit) - Log ----------------------------------------------------------------- commit a8e129a0923b17751655f2e98d5d4c2ae144e3fe Author: Matt Caswell Date: Tue Mar 5 13:26:45 2019 +0000 Avoid an underflow in ecp_nistp521.c The function felem_diff_128_64 in ecp_nistp521.c substracts the number |in| from |out| mod p. In order to avoid underflow it first adds 32p mod p (which is equivalent to 0 mod p) to |out|. The comments and variable naming suggest that the original author intended to add 64p mod p. In fact it has been shown that with certain unusual co-ordinates it is possible to cause an underflow in this function when only adding 32p mod p while performing a point double operation. By changing this to 64p mod p the underflow is avoided. It turns out to be quite difficult to construct points that satisfy the underflow criteria although this has been done and the underflow demonstrated. However none of these points are actually on the curve. Finding points that satisfy the underflow criteria and are also *on* the curve is considered significantly more difficult. For this reason we do not believe that this issue is currently practically exploitable and therefore no CVE has been assigned. This only impacts builds using the enable-ec_nistp_64_gcc_128 Configure option. With thanks to Bo-Yin Yang, Billy Brumley and Dr Liu for their significant help in investigating this issue. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) (cherry picked from commit 13fbce17fc9f02e2401fc3868f3f8e02d6647e5f) ----------------------------------------------------------------------- Summary of changes: crypto/ec/ecp_nistp521.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index ddfef91..6059c2e 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -357,10 +357,15 @@ static void felem_diff64(felem out, const felem in) static void felem_diff_128_64(largefelem out, const felem in) { /* - * In order to prevent underflow, we add 0 mod p before subtracting. + * In order to prevent underflow, we add 64p mod p (which is equivalent + * to 0 mod p) before subtracting. p is 2^521 - 1, i.e. in binary a 521 + * digit number with all bits set to 1. See "The representation of field + * elements" comment above for a description of how limbs are used to + * represent a number. 64p is represented with 8 limbs containing a number + * with 58 bits set and one limb with a number with 57 bits set. */ - static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5); - static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4); + static const limb two63m6 = (((limb) 1) << 63) - (((limb) 1) << 6); + static const limb two63m5 = (((limb) 1) << 63) - (((limb) 1) << 5); out[0] += two63m6 - in[0]; out[1] += two63m5 - in[1]; From matt at openssl.org Thu Mar 7 14:57:06 2019 From: matt at openssl.org (Matt Caswell) Date: Thu, 07 Mar 2019 14:57:06 +0000 Subject: [openssl] OpenSSL_1_0_2-stable update Message-ID: <1551970626.573597.7163.nullmailer@dev.openssl.org> The branch OpenSSL_1_0_2-stable has been updated via d5e37fc871be6910db931790b70323c78b332dff (commit) from 56ff0f643482b19f7b2d7ed532dfb94ed3a4e294 (commit) - Log ----------------------------------------------------------------- commit d5e37fc871be6910db931790b70323c78b332dff Author: Matt Caswell Date: Tue Mar 5 13:26:45 2019 +0000 Avoid an underflow in ecp_nistp521.c The function felem_diff_128_64 in ecp_nistp521.c substracts the number |in| from |out| mod p. In order to avoid underflow it first adds 32p mod p (which is equivalent to 0 mod p) to |out|. The comments and variable naming suggest that the original author intended to add 64p mod p. In fact it has been shown that with certain unusual co-ordinates it is possible to cause an underflow in this function when only adding 32p mod p while performing a point double operation. By changing this to 64p mod p the underflow is avoided. It turns out to be quite difficult to construct points that satisfy the underflow criteria although this has been done and the underflow demonstrated. However none of these points are actually on the curve. Finding points that satisfy the underflow criteria and are also *on* the curve is considered significantly more difficult. For this reason we do not believe that this issue is currently practically exploitable and therefore no CVE has been assigned. This only impacts builds using the enable-ec_nistp_64_gcc_128 Configure option. With thanks to Bo-Yin Yang, Billy Brumley and Dr Liu for their significant help in investigating this issue. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) (cherry picked from commit 13fbce17fc9f02e2401fc3868f3f8e02d6647e5f) ----------------------------------------------------------------------- Summary of changes: crypto/ec/ecp_nistp521.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 90989c5..1a42068 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -356,10 +356,15 @@ static void felem_diff64(felem out, const felem in) static void felem_diff_128_64(largefelem out, const felem in) { /* - * In order to prevent underflow, we add 0 mod p before subtracting. + * In order to prevent underflow, we add 64p mod p (which is equivalent + * to 0 mod p) before subtracting. p is 2^521 - 1, i.e. in binary a 521 + * digit number with all bits set to 1. See "The representation of field + * elements" comment above for a description of how limbs are used to + * represent a number. 64p is represented with 8 limbs containing a number + * with 58 bits set and one limb with a number with 57 bits set. */ - static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5); - static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4); + static const limb two63m6 = (((limb) 1) << 63) - (((limb) 1) << 6); + static const limb two63m5 = (((limb) 1) << 63) - (((limb) 1) << 5); out[0] += two63m6 - in[0]; out[1] += two63m5 - in[1]; From builds at travis-ci.org Thu Mar 7 15:24:57 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 15:24:57 +0000 Subject: Passed: openssl/openssl#23844 (master - 6855b49) In-Reply-To: Message-ID: <5c8137c987843_43fc8b32178dc2361d5@9fd9c1cf-acf2-4fde-a66b-5ae3021d6479.mail> Build Update for openssl/openssl ------------------------------------- Build: #23844 Status: Passed Duration: 28 mins and 3 secs Commit: 6855b49 (master) Author: Matt Caswell Message: Add a test for underflow in ecp_nistp521.c The previous commit fixed an underflow that may occur in ecp_nistp521.c. This commit adds a test for that condition. It is heavily based on an original test harness by Billy Brumley. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) View the changeset: https://github.com/openssl/openssl/compare/bcf082d130a4...6855b496b205 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503141707?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 7 15:31:28 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 15:31:28 +0000 Subject: Still Failing: openssl/openssl#23845 (OpenSSL_1_1_1-stable - acd9b16) In-Reply-To: Message-ID: <5c813950757af_43fc25a62395812700@b3359f5b-3027-481c-a7e1-7ae14a2376e3.mail> Build Update for openssl/openssl ------------------------------------- Build: #23845 Status: Still Failing Duration: 24 mins and 59 secs Commit: acd9b16 (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Add a test for underflow in ecp_nistp521.c The previous commit fixed an underflow that may occur in ecp_nistp521.c. This commit adds a test for that condition. It is heavily based on an original test harness by Billy Brumley. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8405) (cherry picked from commit 6855b496b205c067ecb276221c31c6212f4fdbae) View the changeset: https://github.com/openssl/openssl/compare/f7a6d1122bef...acd9b16b01ad View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503141817?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bernd.edlinger at hotmail.de Thu Mar 7 21:38:30 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 21:38:30 +0000 Subject: [openssl] master update Message-ID: <1551994710.921099.26329.nullmailer@dev.openssl.org> The branch master has been updated via 596521f48826892ddd62322726f6f2a2a52db652 (commit) from 6855b496b205c067ecb276221c31c6212f4fdbae (commit) - Log ----------------------------------------------------------------- commit 596521f48826892ddd62322726f6f2a2a52db652 Author: Bernd Edlinger Date: Thu Mar 7 08:19:28 2019 +0100 Limit DEVRANDOM_WAIT to linux Fixes #8416 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8428) ----------------------------------------------------------------------- Summary of changes: e_os.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/e_os.h b/e_os.h index 472354e..26de710 100644 --- a/e_os.h +++ b/e_os.h @@ -28,7 +28,9 @@ * default, we will try to read at least one of these files */ # define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom" -# define DEVRANDOM_WAIT "/dev/random" +# ifdef __linux +# define DEVRANDOM_WAIT "/dev/random" +# endif # endif # if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD) /* From bernd.edlinger at hotmail.de Thu Mar 7 21:39:42 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 21:39:42 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551994782.125148.28048.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 35eecd173ea2baefdfa53e00e60cd0ba170250fe (commit) from acd9b16b01ad4bda015102d9ce1fa34efa15359d (commit) - Log ----------------------------------------------------------------- commit 35eecd173ea2baefdfa53e00e60cd0ba170250fe Author: Bernd Edlinger Date: Thu Mar 7 08:19:28 2019 +0100 Limit DEVRANDOM_WAIT to linux Fixes #8416 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8428) (cherry picked from commit 596521f48826892ddd62322726f6f2a2a52db652) ----------------------------------------------------------------------- Summary of changes: e_os.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/e_os.h b/e_os.h index 556688f..7d94b82 100644 --- a/e_os.h +++ b/e_os.h @@ -28,7 +28,9 @@ * default, we will try to read at least one of these files */ # define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom" -# define DEVRANDOM_WAIT "/dev/random" +# ifdef __linux +# define DEVRANDOM_WAIT "/dev/random" +# endif # endif # if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD) /* From bernd.edlinger at hotmail.de Thu Mar 7 21:50:01 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 21:50:01 +0000 Subject: [openssl] master update Message-ID: <1551995401.854168.3626.nullmailer@dev.openssl.org> The branch master has been updated via f0e4a860d0b350e10a1ee3898445cac85af8ea16 (commit) via 049e64cbb08df1fbf256bb79e950e8d0959de091 (commit) via ac6fff700a9799c25902165e2594fd46826f3ee3 (commit) via b89fdeb2f7d4471cbfd8a579945754327a4e06a8 (commit) via d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6 (commit) from 596521f48826892ddd62322726f6f2a2a52db652 (commit) - Log ----------------------------------------------------------------- commit f0e4a860d0b350e10a1ee3898445cac85af8ea16 Author: Bernd Edlinger Date: Sun Mar 3 14:25:52 2019 +0100 Update documentation of RSA_padding_check_PKCS1_OAEP_mgf1 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) commit 049e64cbb08df1fbf256bb79e950e8d0959de091 Author: Bernd Edlinger Date: Sun Mar 3 10:36:57 2019 +0100 Do the error handling in pkey_rsa_decrypt in constant time Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) commit ac6fff700a9799c25902165e2594fd46826f3ee3 Author: Bernd Edlinger Date: Sun Mar 3 00:04:11 2019 +0100 Add a simple test for RSA_SSLV23_PADDING Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) commit b89fdeb2f7d4471cbfd8a579945754327a4e06a8 Author: Bernd Edlinger Date: Fri Mar 1 09:27:32 2019 +0100 Update documentation regarding required output buffer memory size of RSA_private_decrypt/RSA_public_encrypt. Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) commit d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6 Author: Bernd Edlinger Date: Thu Feb 28 10:08:18 2019 +0100 Fix memory overrun in rsa padding check functions Fixes #8364 and #8357 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_oaep.c | 26 +++++++------- crypto/rsa/rsa_pk1.c | 24 ++++++------- crypto/rsa/rsa_pmeth.c | 11 +++--- crypto/rsa/rsa_ssl.c | 35 +++++++++--------- doc/man3/RSA_padding_add_PKCS1_type_1.pod | 60 +++++++++++++++++++++---------- doc/man3/RSA_public_encrypt.pod | 38 +++++++++++++------- test/rsa_test.c | 33 ++++++++++++++++- 7 files changed, 149 insertions(+), 78 deletions(-) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 552b89a..8fca4fa 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -143,7 +143,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * |num| is the length of the modulus; |flen| is the length of the * encoded message. Therefore, for any |from| that was obtained by * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, - * num < 2 * mdlen + 2 must hold for the modulus irrespective of + * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective of * the ciphertext, see PKCS #1 v2.2, section 7.1.2. * This does not leak any side-channel information. */ @@ -179,17 +179,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; /* * The first byte must be zero, however we must not leak if this is * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). */ - good = constant_time_is_zero(from[0]); + good = constant_time_is_zero(em[0]); - maskedseed = from + 1; - maskeddb = from + 1 + mdlen; + maskedseed = em + 1; + maskeddb = em + 1 + mdlen; if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) goto cleanup; @@ -230,7 +229,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, mlen = dblen - msg_index; /* - * For good measure, do this check in constant tine as well. + * For good measure, do this check in constant time as well. */ good &= constant_time_ge(tlen, mlen); @@ -244,15 +243,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(dblen, tlen), dblen, tlen); + tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen), + dblen - mdlen - 1, tlen); msg_index = constant_time_select_int(good, msg_index, dblen - tlen); mlen = dblen - msg_index; - for (from = db + msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, dblen); - from -= dblen & equals; /* if (i == dblen) rewind */ - mask &= mask ^ equals; /* if (i == dblen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, db[msg_index++], to[i]); } /* diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index cb7518e..58ac992 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -192,15 +192,14 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); /* scan over padding data */ found_zero_byte = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); @@ -208,7 +207,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -236,15 +235,16 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_clear_free(em, num); diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 2295fa5..8931d7e 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "internal/constant_time_locl.h" + #include #include "internal/cryptlib.h" #include @@ -340,10 +342,9 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa, rctx->pad_mode); } - if (ret < 0) - return ret; - *outlen = ret; - return 1; + *outlen = constant_time_select_s(constant_time_msb_s(ret), *outlen, ret); + ret = constant_time_select_int(constant_time_msb(ret), ret, 1); + return ret; } static int check_padding_md(const EVP_MD *md, int padding) diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 563c8ba..3659d83 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -55,7 +55,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, /* * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding - * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also + * if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also * preserves error code reporting for backward compatibility. */ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, @@ -67,7 +67,10 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned int good, found_zero_byte, mask, threes_in_row; int zero_index = 0, msg_index, mlen = -1, err; - if (flen < 10) { + if (tlen <= 0 || flen <= 0) + return -1; + + if (flen > num || num < 11) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); return -1; } @@ -89,10 +92,9 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); err = constant_time_select_int(good, 0, RSA_R_BLOCK_TYPE_IS_NOT_02); mask = ~good; @@ -100,18 +102,18 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, found_zero_byte = 0; threes_in_row = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); found_zero_byte |= equals0; threes_in_row += 1 & ~found_zero_byte; - threes_in_row &= found_zero_byte | constant_time_eq(from[i], 3); + threes_in_row &= found_zero_byte | constant_time_eq(em[i], 3); } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -120,7 +122,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, RSA_R_NULL_BEFORE_BLOCK_MISSING); mask = ~good; - good &= constant_time_lt(threes_in_row, 8); + good &= constant_time_ge(threes_in_row, 8); err = constant_time_select_int(mask | good, err, RSA_R_SSLV3_ROLLBACK_ATTACK); mask = ~good; @@ -148,15 +150,16 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_clear_free(em, num); diff --git a/doc/man3/RSA_padding_add_PKCS1_type_1.pod b/doc/man3/RSA_padding_add_PKCS1_type_1.pod index 49340f1..685063b 100644 --- a/doc/man3/RSA_padding_add_PKCS1_type_1.pod +++ b/doc/man3/RSA_padding_add_PKCS1_type_1.pod @@ -5,6 +5,7 @@ RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, +RSA_padding_add_PKCS1_OAEP_mgf1, RSA_padding_check_PKCS1_OAEP_mgf1, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding @@ -14,35 +15,46 @@ padding #include int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *f, int fl, unsigned char *p, int pl); + const unsigned char *f, int fl, + const unsigned char *p, int pl); int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len, - unsigned char *p, int pl); + const unsigned char *f, int fl, int rsa_len, + const unsigned char *p, int pl); + + int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, + const unsigned char *f, int fl, + const unsigned char *p, int pl, + const EVP_MD *md, const EVP_MD *mgf1md); + + int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, + const unsigned char *f, int fl, int rsa_len, + const unsigned char *p, int pl, + const EVP_MD *md, const EVP_MD *mgf1md); int RSA_padding_add_SSLv23(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_SSLv23(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_none(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_none(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); =head1 DESCRIPTION @@ -98,6 +110,10 @@ at B. For RSA_padding_xxx_OAEP(), B

points to the encoding parameter of length B. B

may be B if B is 0. +For RSA_padding_xxx_OAEP_mgf1(), B points to the md hash, +if B is B that means md=sha1, and B points to +the mgf1 hash, if B is B that means mgf1md=md. + =head1 RETURN VALUES The RSA_padding_add_xxx() functions return 1 on success, 0 on error. @@ -107,15 +123,21 @@ L. =head1 WARNING -The RSA_padding_check_PKCS1_type_2() padding check leaks timing +The result of RSA_padding_check_PKCS1_type_2() is a very sensitive information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 -v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can -be recommended to pass zero-padded B, so that B equals to -B, and if fixed by protocol, B being set to the -expected length. In such case leakage would be minimal, it would -take attacker's ability to observe memory access pattern with byte -granilarity as it occurs, post-factum timing analysis won't do. +v1.5 padding design. Prefer PKCS1_OAEP padding. If that is not +possible, the result of RSA_padding_check_PKCS1_type_2() should be +checked in constant time if it matches the expected length of the +plaintext and additionally some application specific consistency +checks on the plaintext need to be performed in constant time. +If the plaintext is rejected it must be kept secret which of the +checks caused the application to reject the message. +Do not remove the zero-padding from the decrypted raw RSA data +which was computed by RSA_private_decrypt() with B, +as this would create a small timing side channel which could be +used to mount a Bleichenbacher attack against any padding mode +including PKCS1_OAEP. =head1 SEE ALSO @@ -125,7 +147,7 @@ L, L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/RSA_public_encrypt.pod b/doc/man3/RSA_public_encrypt.pod index 4e3c119..9c75944 100644 --- a/doc/man3/RSA_public_encrypt.pod +++ b/doc/man3/RSA_public_encrypt.pod @@ -8,10 +8,10 @@ RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography #include - int RSA_public_encrypt(int flen, unsigned char *from, + int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); - int RSA_private_decrypt(int flen, unsigned char *from, + int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); =head1 DESCRIPTION @@ -27,6 +27,8 @@ B denotes one of the following modes: =item RSA_PKCS1_PADDING PKCS #1 v1.5 padding. This currently is the most widely used mode. +However, it is highly recommended to use RSA_PKCS1_OAEP_PADDING in +new applications. SEE WARNING BELOW. =item RSA_PKCS1_OAEP_PADDING @@ -46,23 +48,35 @@ Encrypting user data directly with RSA is insecure. =back -B must be less than RSA_size(B) - 11 for the PKCS #1 v1.5 -based padding modes, less than RSA_size(B) - 41 for +B must not be more than RSA_size(B) - 11 for the PKCS #1 v1.5 +based padding modes, not more than RSA_size(B) - 42 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(B) for RSA_NO_PADDING. -The random number generator must be seeded prior to calling -RSA_public_encrypt(). +When a padding mode other than RSA_NO_PADDING is in use, then +RSA_public_encrypt() will include some random bytes into the ciphertext +and therefore the ciphertext will be different each time, even if the +plaintext and the public key are exactly identical. +The returned ciphertext in B will always be zero padded to exactly +RSA_size(B) bytes. +B and B may overlap. RSA_private_decrypt() decrypts the B bytes at B using the -private key B and stores the plaintext in B. B must point -to a memory section large enough to hold the decrypted data (which is -smaller than RSA_size(B)). B is the padding mode that -was used to encrypt the data. +private key B and stores the plaintext in B. B should +be equal to RSA_size(B) but may be smaller, when leading zero +bytes are in the ciphertext. Those are not important and may be removed, +but RSA_public_encrypt() does not do that. B must point +to a memory section large enough to hold the maximal possible decrypted +data (which is equal to RSA_size(B) for RSA_NO_PADDING, +RSA_size(B) - 11 for the PKCS #1 v1.5 based padding modes and +RSA_size(B) - 42 for RSA_PKCS1_OAEP_PADDING). +B is the padding mode that was used to encrypt the data. +B and B may overlap. =head1 RETURN VALUES RSA_public_encrypt() returns the size of the encrypted data (i.e., RSA_size(B)). RSA_private_decrypt() returns the size of the -recovered plaintext. +recovered plaintext. A return value of 0 is not an error and +means only that the plaintext was empty. On error, -1 is returned; the error codes can be obtained by L. @@ -85,7 +99,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/test/rsa_test.c b/test/rsa_test.c index cd9ca7f..b351ceb 100644 --- a/test/rsa_test.c +++ b/test/rsa_test.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -268,6 +268,36 @@ err: return ret; } +static int test_rsa_sslv23(int idx) +{ + int ret = 0; + RSA *key; + unsigned char ptext[256]; + unsigned char ctext[256]; + static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; + unsigned char ctext_ex[256]; + int plen; + int clen = 0; + int num; + + plen = sizeof(ptext_ex) - 1; + clen = rsa_setkey(&key, ctext_ex, idx); + + num = RSA_public_encrypt(plen, ptext_ex, ctext, key, + RSA_SSLV23_PADDING); + if (!TEST_int_eq(num, clen)) + goto err; + + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_SSLV23_PADDING); + if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) + goto err; + + ret = 1; +err: + RSA_free(key); + return ret; +} + static int test_rsa_oaep(int idx) { int ret = 0; @@ -391,6 +421,7 @@ err: int setup_tests(void) { ADD_ALL_TESTS(test_rsa_pkcs1, 3); + ADD_ALL_TESTS(test_rsa_sslv23, 3); ADD_ALL_TESTS(test_rsa_oaep, 3); ADD_ALL_TESTS(test_rsa_security_bit, OSSL_NELEM(rsa_security_bits_cases)); return 1; From bernd.edlinger at hotmail.de Thu Mar 7 21:53:15 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 21:53:15 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551995595.652907.1316.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via f61c68043d3bd2ad9718d356e7988ee2fdfc3621 (commit) from 35eecd173ea2baefdfa53e00e60cd0ba170250fe (commit) - Log ----------------------------------------------------------------- commit f61c68043d3bd2ad9718d356e7988ee2fdfc3621 Author: Bernd Edlinger Date: Thu Feb 28 10:08:18 2019 +0100 Fix memory overrun in rsa padding check functions Fixes #8364 and #8357 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_oaep.c | 26 +++++++++++++------------- crypto/rsa/rsa_pk1.c | 24 ++++++++++++------------ crypto/rsa/rsa_ssl.c | 35 +++++++++++++++++++---------------- 3 files changed, 44 insertions(+), 41 deletions(-) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 689e6dc..8deefc3 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -143,7 +143,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * |num| is the length of the modulus; |flen| is the length of the * encoded message. Therefore, for any |from| that was obtained by * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, - * num < 2 * mdlen + 2 must hold for the modulus irrespective of + * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective of * the ciphertext, see PKCS #1 v2.2, section 7.1.2. * This does not leak any side-channel information. */ @@ -179,17 +179,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; /* * The first byte must be zero, however we must not leak if this is * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). */ - good = constant_time_is_zero(from[0]); + good = constant_time_is_zero(em[0]); - maskedseed = from + 1; - maskeddb = from + 1 + mdlen; + maskedseed = em + 1; + maskeddb = em + 1 + mdlen; if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) goto cleanup; @@ -230,7 +229,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, mlen = dblen - msg_index; /* - * For good measure, do this check in constant tine as well. + * For good measure, do this check in constant time as well. */ good &= constant_time_ge(tlen, mlen); @@ -244,15 +243,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(dblen, tlen), dblen, tlen); + tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen), + dblen - mdlen - 1, tlen); msg_index = constant_time_select_int(good, msg_index, dblen - tlen); mlen = dblen - msg_index; - for (from = db + msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, dblen); - from -= dblen & equals; /* if (i == dblen) rewind */ - mask &= mask ^ equals; /* if (i == dblen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, db[msg_index++], to[i]); } /* diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 0626907..cc7c4ea 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -192,15 +192,14 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); /* scan over padding data */ found_zero_byte = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); @@ -208,7 +207,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -236,15 +235,16 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_clear_free(em, num); diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index c565459..bbb8a52 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -55,7 +55,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, /* * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding - * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also + * if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also * preserves error code reporting for backward compatibility. */ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, @@ -67,7 +67,10 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned int good, found_zero_byte, mask, threes_in_row; int zero_index = 0, msg_index, mlen = -1, err; - if (flen < 10) { + if (tlen <= 0 || flen <= 0) + return -1; + + if (flen > num || num < 11) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); return -1; } @@ -89,10 +92,9 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); err = constant_time_select_int(good, 0, RSA_R_BLOCK_TYPE_IS_NOT_02); mask = ~good; @@ -100,18 +102,18 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, found_zero_byte = 0; threes_in_row = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); found_zero_byte |= equals0; threes_in_row += 1 & ~found_zero_byte; - threes_in_row &= found_zero_byte | constant_time_eq(from[i], 3); + threes_in_row &= found_zero_byte | constant_time_eq(em[i], 3); } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -120,7 +122,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, RSA_R_NULL_BEFORE_BLOCK_MISSING); mask = ~good; - good &= constant_time_lt(threes_in_row, 8); + good &= constant_time_ge(threes_in_row, 8); err = constant_time_select_int(mask | good, err, RSA_R_SSLV3_ROLLBACK_ATTACK); mask = ~good; @@ -148,15 +150,16 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_clear_free(em, num); From bernd.edlinger at hotmail.de Thu Mar 7 21:55:01 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 21:55:01 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551995701.803649.25177.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 50788b8b3618888f3974962cf19fd1e61d780c7d (commit) from f61c68043d3bd2ad9718d356e7988ee2fdfc3621 (commit) - Log ----------------------------------------------------------------- commit 50788b8b3618888f3974962cf19fd1e61d780c7d Author: Bernd Edlinger Date: Fri Mar 1 09:27:32 2019 +0100 Update documentation regarding required output buffer memory size of RSA_private_decrypt/RSA_public_encrypt. Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit b89fdeb2f7d4471cbfd8a579945754327a4e06a8) ----------------------------------------------------------------------- Summary of changes: doc/man3/RSA_public_encrypt.pod | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/doc/man3/RSA_public_encrypt.pod b/doc/man3/RSA_public_encrypt.pod index 91c176e..d91c688 100644 --- a/doc/man3/RSA_public_encrypt.pod +++ b/doc/man3/RSA_public_encrypt.pod @@ -8,10 +8,10 @@ RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography #include - int RSA_public_encrypt(int flen, unsigned char *from, + int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); - int RSA_private_decrypt(int flen, unsigned char *from, + int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); =head1 DESCRIPTION @@ -27,6 +27,8 @@ B denotes one of the following modes: =item RSA_PKCS1_PADDING PKCS #1 v1.5 padding. This currently is the most widely used mode. +However, it is highly recommended to use RSA_PKCS1_OAEP_PADDING in +new applications. SEE WARNING BELOW. =item RSA_PKCS1_OAEP_PADDING @@ -46,23 +48,35 @@ Encrypting user data directly with RSA is insecure. =back -B must be less than RSA_size(B) - 11 for the PKCS #1 v1.5 -based padding modes, less than RSA_size(B) - 41 for +B must not be more than RSA_size(B) - 11 for the PKCS #1 v1.5 +based padding modes, not more than RSA_size(B) - 42 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(B) for RSA_NO_PADDING. -The random number generator must be seeded prior to calling -RSA_public_encrypt(). +When a padding mode other than RSA_NO_PADDING is in use, then +RSA_public_encrypt() will include some random bytes into the ciphertext +and therefore the ciphertext will be different each time, even if the +plaintext and the public key are exactly identical. +The returned ciphertext in B will always be zero padded to exactly +RSA_size(B) bytes. +B and B may overlap. RSA_private_decrypt() decrypts the B bytes at B using the -private key B and stores the plaintext in B. B must point -to a memory section large enough to hold the decrypted data (which is -smaller than RSA_size(B)). B is the padding mode that -was used to encrypt the data. +private key B and stores the plaintext in B. B should +be equal to RSA_size(B) but may be smaller, when leading zero +bytes are in the ciphertext. Those are not important and may be removed, +but RSA_public_encrypt() does not do that. B must point +to a memory section large enough to hold the maximal possible decrypted +data (which is equal to RSA_size(B) for RSA_NO_PADDING, +RSA_size(B) - 11 for the PKCS #1 v1.5 based padding modes and +RSA_size(B) - 42 for RSA_PKCS1_OAEP_PADDING). +B is the padding mode that was used to encrypt the data. +B and B may overlap. =head1 RETURN VALUES RSA_public_encrypt() returns the size of the encrypted data (i.e., RSA_size(B)). RSA_private_decrypt() returns the size of the -recovered plaintext. +recovered plaintext. A return value of 0 is not an error and +means only that the plaintext was empty. On error, -1 is returned; the error codes can be obtained by L. @@ -85,7 +99,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy From bernd.edlinger at hotmail.de Thu Mar 7 21:59:14 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 21:59:14 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551995954.606853.6226.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 25e410ee3cbc93b5838f666423c428cdd1206820 (commit) from 50788b8b3618888f3974962cf19fd1e61d780c7d (commit) - Log ----------------------------------------------------------------- commit 25e410ee3cbc93b5838f666423c428cdd1206820 Author: Bernd Edlinger Date: Sun Mar 3 00:04:11 2019 +0100 Add a simple test for RSA_SSLV23_PADDING Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit ac6fff700a9799c25902165e2594fd46826f3ee3) ----------------------------------------------------------------------- Summary of changes: test/rsa_test.c | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/test/rsa_test.c b/test/rsa_test.c index 2ad4de4..3820785 100644 --- a/test/rsa_test.c +++ b/test/rsa_test.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -268,6 +268,36 @@ err: return ret; } +static int test_rsa_sslv23(int idx) +{ + int ret = 0; + RSA *key; + unsigned char ptext[256]; + unsigned char ctext[256]; + static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; + unsigned char ctext_ex[256]; + int plen; + int clen = 0; + int num; + + plen = sizeof(ptext_ex) - 1; + clen = rsa_setkey(&key, ctext_ex, idx); + + num = RSA_public_encrypt(plen, ptext_ex, ctext, key, + RSA_SSLV23_PADDING); + if (!TEST_int_eq(num, clen)) + goto err; + + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_SSLV23_PADDING); + if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) + goto err; + + ret = 1; +err: + RSA_free(key); + return ret; +} + static int test_rsa_oaep(int idx) { int ret = 0; @@ -332,6 +362,7 @@ err: int setup_tests(void) { ADD_ALL_TESTS(test_rsa_pkcs1, 3); + ADD_ALL_TESTS(test_rsa_sslv23, 3); ADD_ALL_TESTS(test_rsa_oaep, 3); return 1; } From bernd.edlinger at hotmail.de Thu Mar 7 22:00:04 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 22:00:04 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551996004.915113.19840.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 930e031052220776d41bcc20a72d0f276127fb74 (commit) from 25e410ee3cbc93b5838f666423c428cdd1206820 (commit) - Log ----------------------------------------------------------------- commit 930e031052220776d41bcc20a72d0f276127fb74 Author: Bernd Edlinger Date: Sun Mar 3 10:36:57 2019 +0100 Do the error handling in pkey_rsa_decrypt in constant time Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit 049e64cbb08df1fbf256bb79e950e8d0959de091) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_pmeth.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index c10669f..5c0efc8 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "internal/constant_time_locl.h" + #include #include "internal/cryptlib.h" #include @@ -340,10 +342,9 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa, rctx->pad_mode); } - if (ret < 0) - return ret; - *outlen = ret; - return 1; + *outlen = constant_time_select_s(constant_time_msb_s(ret), *outlen, ret); + ret = constant_time_select_int(constant_time_msb(ret), ret, 1); + return ret; } static int check_padding_md(const EVP_MD *md, int padding) From bernd.edlinger at hotmail.de Thu Mar 7 22:00:55 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 22:00:55 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1551996055.095919.21261.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via f1006f188c90e81898b69fb84e67e674bcdae030 (commit) from 930e031052220776d41bcc20a72d0f276127fb74 (commit) - Log ----------------------------------------------------------------- commit f1006f188c90e81898b69fb84e67e674bcdae030 Author: Bernd Edlinger Date: Sun Mar 3 14:25:52 2019 +0100 Update documentation of RSA_padding_check_PKCS1_OAEP_mgf1 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit f0e4a860d0b350e10a1ee3898445cac85af8ea16) ----------------------------------------------------------------------- Summary of changes: doc/man3/RSA_padding_add_PKCS1_type_1.pod | 60 +++++++++++++++++++++---------- 1 file changed, 41 insertions(+), 19 deletions(-) diff --git a/doc/man3/RSA_padding_add_PKCS1_type_1.pod b/doc/man3/RSA_padding_add_PKCS1_type_1.pod index 9ea2634..2092600 100644 --- a/doc/man3/RSA_padding_add_PKCS1_type_1.pod +++ b/doc/man3/RSA_padding_add_PKCS1_type_1.pod @@ -5,6 +5,7 @@ RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, +RSA_padding_add_PKCS1_OAEP_mgf1, RSA_padding_check_PKCS1_OAEP_mgf1, RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption padding @@ -14,35 +15,46 @@ padding #include int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *f, int fl, unsigned char *p, int pl); + const unsigned char *f, int fl, + const unsigned char *p, int pl); int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len, - unsigned char *p, int pl); + const unsigned char *f, int fl, int rsa_len, + const unsigned char *p, int pl); + + int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, + const unsigned char *f, int fl, + const unsigned char *p, int pl, + const EVP_MD *md, const EVP_MD *mgf1md); + + int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, + const unsigned char *f, int fl, int rsa_len, + const unsigned char *p, int pl, + const EVP_MD *md, const EVP_MD *mgf1md); int RSA_padding_add_SSLv23(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_SSLv23(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); int RSA_padding_add_none(unsigned char *to, int tlen, - unsigned char *f, int fl); + const unsigned char *f, int fl); int RSA_padding_check_none(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); + const unsigned char *f, int fl, int rsa_len); =head1 DESCRIPTION @@ -98,6 +110,10 @@ at B. For RSA_padding_xxx_OAEP(), B

points to the encoding parameter of length B. B

may be B if B is 0. +For RSA_padding_xxx_OAEP_mgf1(), B points to the md hash, +if B is B that means md=sha1, and B points to +the mgf1 hash, if B is B that means mgf1md=md. + =head1 RETURN VALUES The RSA_padding_add_xxx() functions return 1 on success, 0 on error. @@ -107,15 +123,21 @@ L. =head1 WARNING -The RSA_padding_check_PKCS1_type_2() padding check leaks timing +The result of RSA_padding_check_PKCS1_type_2() is a very sensitive information which can potentially be used to mount a Bleichenbacher padding oracle attack. This is an inherent weakness in the PKCS #1 -v1.5 padding design. Prefer PKCS1_OAEP padding. Otherwise it can -be recommended to pass zero-padded B, so that B equals to -B, and if fixed by protocol, B being set to the -expected length. In such case leakage would be minimal, it would -take attacker's ability to observe memory access pattern with byte -granilarity as it occurs, post-factum timing analysis won't do. +v1.5 padding design. Prefer PKCS1_OAEP padding. If that is not +possible, the result of RSA_padding_check_PKCS1_type_2() should be +checked in constant time if it matches the expected length of the +plaintext and additionally some application specific consistency +checks on the plaintext need to be performed in constant time. +If the plaintext is rejected it must be kept secret which of the +checks caused the application to reject the message. +Do not remove the zero-padding from the decrypted raw RSA data +which was computed by RSA_private_decrypt() with B, +as this would create a small timing side channel which could be +used to mount a Bleichenbacher attack against any padding mode +including PKCS1_OAEP. =head1 SEE ALSO @@ -125,7 +147,7 @@ L, L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy From bernd.edlinger at hotmail.de Thu Mar 7 22:05:29 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 22:05:29 +0000 Subject: [openssl] OpenSSL_1_1_0-stable update Message-ID: <1551996329.765378.12572.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_0-stable has been updated via 7ebbb293e1d68c014e50dc49944aba0b72f35074 (commit) from a8e129a0923b17751655f2e98d5d4c2ae144e3fe (commit) - Log ----------------------------------------------------------------- commit 7ebbb293e1d68c014e50dc49944aba0b72f35074 Author: Bernd Edlinger Date: Thu Feb 28 10:08:18 2019 +0100 Fix memory overrun in rsa padding check functions Fixes #8364 and #8357 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_oaep.c | 26 +++++++++++++------------- crypto/rsa/rsa_pk1.c | 24 ++++++++++++------------ crypto/rsa/rsa_ssl.c | 35 +++++++++++++++++++---------------- 3 files changed, 44 insertions(+), 41 deletions(-) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 4958212..8c2bab4 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -149,7 +149,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * |num| is the length of the modulus; |flen| is the length of the * encoded message. Therefore, for any |from| that was obtained by * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, - * num < 2 * mdlen + 2 must hold for the modulus irrespective of + * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective of * the ciphertext, see PKCS #1 v2.2, section 7.1.2. * This does not leak any side-channel information. */ @@ -185,17 +185,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; /* * The first byte must be zero, however we must not leak if this is * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). */ - good = constant_time_is_zero(from[0]); + good = constant_time_is_zero(em[0]); - maskedseed = from + 1; - maskeddb = from + 1 + mdlen; + maskedseed = em + 1; + maskeddb = em + 1 + mdlen; if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) goto cleanup; @@ -236,7 +235,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, mlen = dblen - msg_index; /* - * For good measure, do this check in constant tine as well. + * For good measure, do this check in constant time as well. */ good &= constant_time_ge(tlen, mlen); @@ -250,15 +249,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(dblen, tlen), dblen, tlen); + tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen), + dblen - mdlen - 1, tlen); msg_index = constant_time_select_int(good, msg_index, dblen - tlen); mlen = dblen - msg_index; - for (from = db + msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, dblen); - from -= dblen & equals; /* if (i == dblen) rewind */ - mask &= mask ^ equals; /* if (i == dblen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, db[msg_index++], to[i]); } /* diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 3f2dc6b..f63c65b 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -192,15 +192,14 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); /* scan over padding data */ found_zero_byte = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); @@ -208,7 +207,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -236,15 +235,16 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_clear_free(em, num); diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 8d25e0d..85c56a9 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -55,7 +55,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, /* * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding - * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also + * if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also * preserves error code reporting for backward compatibility. */ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, @@ -67,7 +67,10 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned int good, found_zero_byte, mask, threes_in_row; int zero_index = 0, msg_index, mlen = -1, err; - if (flen < 10) { + if (tlen <= 0 || flen <= 0) + return -1; + + if (flen > num || num < 11) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); return (-1); } @@ -89,10 +92,9 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); err = constant_time_select_int(good, 0, RSA_R_BLOCK_TYPE_IS_NOT_02); mask = ~good; @@ -100,18 +102,18 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, found_zero_byte = 0; threes_in_row = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); found_zero_byte |= equals0; threes_in_row += 1 & ~found_zero_byte; - threes_in_row &= found_zero_byte | constant_time_eq(from[i], 3); + threes_in_row &= found_zero_byte | constant_time_eq(em[i], 3); } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -120,7 +122,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, RSA_R_NULL_BEFORE_BLOCK_MISSING); mask = ~good; - good &= constant_time_lt(threes_in_row, 8); + good &= constant_time_ge(threes_in_row, 8); err = constant_time_select_int(mask | good, err, RSA_R_SSLV3_ROLLBACK_ATTACK); mask = ~good; @@ -148,15 +150,16 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_clear_free(em, num); From builds at travis-ci.org Thu Mar 7 22:24:06 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 22:24:06 +0000 Subject: Still Failing: openssl/openssl#23856 (OpenSSL_1_1_1-stable - 35eecd1) In-Reply-To: Message-ID: <5c819a068be19_43fc25a215064279216@b3359f5b-3027-481c-a7e1-7ae14a2376e3.mail> Build Update for openssl/openssl ------------------------------------- Build: #23856 Status: Still Failing Duration: 25 mins and 10 secs Commit: 35eecd1 (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Limit DEVRANDOM_WAIT to linux Fixes #8416 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8428) (cherry picked from commit 596521f48826892ddd62322726f6f2a2a52db652) View the changeset: https://github.com/openssl/openssl/compare/acd9b16b01ad...35eecd173ea2 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503314634?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bernd.edlinger at hotmail.de Thu Mar 7 22:58:06 2019 From: bernd.edlinger at hotmail.de (bernd.edlinger at hotmail.de) Date: Thu, 07 Mar 2019 22:58:06 +0000 Subject: [openssl] OpenSSL_1_0_2-stable update Message-ID: <1551999486.394550.16974.nullmailer@dev.openssl.org> The branch OpenSSL_1_0_2-stable has been updated via 6555a8941bd6be5790d3b45c41de23234a8e527f (commit) from d5e37fc871be6910db931790b70323c78b332dff (commit) - Log ----------------------------------------------------------------- commit 6555a8941bd6be5790d3b45c41de23234a8e527f Author: Bernd Edlinger Date: Thu Feb 28 10:08:18 2019 +0100 Fix memory overrun in rsa padding check functions Backported from d7f5e5ae6d5 Fixes #8364 and #8357 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8438) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_oaep.c | 24 ++++++++++++------------ crypto/rsa/rsa_pk1.c | 22 +++++++++++----------- crypto/rsa/rsa_ssl.c | 33 ++++++++++++++++++--------------- 3 files changed, 41 insertions(+), 38 deletions(-) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 033ea5a..acba7f1 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -144,7 +144,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * |num| is the length of the modulus; |flen| is the length of the * encoded message. Therefore, for any |from| that was obtained by * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, - * num < 2 * mdlen + 2 must hold for the modulus irrespective of + * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective of * the ciphertext, see PKCS #1 v2.2, section 7.1.2. * This does not leak any side-channel information. */ @@ -180,17 +180,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; /* * The first byte must be zero, however we must not leak if this is * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). */ - good = constant_time_is_zero(from[0]); + good = constant_time_is_zero(em[0]); - maskedseed = from + 1; - maskeddb = from + 1 + mdlen; + maskedseed = em + 1; + maskeddb = em + 1 + mdlen; if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) goto cleanup; @@ -231,7 +230,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, mlen = dblen - msg_index; /* - * For good measure, do this check in constant tine as well. + * For good measure, do this check in constant time as well. */ good &= constant_time_ge(tlen, mlen); @@ -245,15 +244,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(dblen, tlen), dblen, tlen); + tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen), + dblen - mdlen - 1, tlen); msg_index = constant_time_select_int(good, msg_index, dblen - tlen); mlen = dblen - msg_index; - for (from = db + msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, dblen); - from -= dblen & equals; /* if (i == dblen) rewind */ - mask &= mask ^ equals; /* if (i == dblen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, db[msg_index++], to[i]); } /* diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 074bc0a..2c43a54 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -241,15 +241,14 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); /* scan over padding data */ found_zero_byte = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); @@ -257,7 +256,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -285,15 +284,16 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_cleanse(em, num); diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index e9a5fe2..61751fe 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -104,7 +104,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, /* * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding - * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also + * if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also * preserves error code reporting for backward compatibility. */ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, @@ -116,7 +116,10 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned int good, found_zero_byte, mask, threes_in_row; int zero_index = 0, msg_index, mlen = -1, err; - if (flen < 10) { + if (tlen <= 0 || flen <= 0) + return -1; + + if (flen > num || num < 11) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); return (-1); } @@ -138,10 +141,9 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); err = constant_time_select_int(good, 0, RSA_R_BLOCK_TYPE_IS_NOT_02); mask = ~good; @@ -149,18 +151,18 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, found_zero_byte = 0; threes_in_row = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); found_zero_byte |= equals0; threes_in_row += 1 & ~found_zero_byte; - threes_in_row &= found_zero_byte | constant_time_eq(from[i], 3); + threes_in_row &= found_zero_byte | constant_time_eq(em[i], 3); } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -169,7 +171,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, RSA_R_NULL_BEFORE_BLOCK_MISSING); mask = ~good; - good &= constant_time_lt(threes_in_row, 8); + good &= constant_time_ge(threes_in_row, 8); err = constant_time_select_int(mask | good, err, RSA_R_SSLV3_ROLLBACK_ATTACK); mask = ~good; @@ -197,15 +199,16 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); msg_index = constant_time_select_int(good, msg_index, num - tlen); mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); + for (mask = good, i = 0; i < tlen; i++) { + unsigned int equals = constant_time_eq(msg_index, num); - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + msg_index -= tlen & equals; /* rewind at EOF */ + mask &= ~equals; /* mask = 0 at EOF */ + to[i] = constant_time_select_8(mask, em[msg_index++], to[i]); } OPENSSL_cleanse(em, num); From builds at travis-ci.org Thu Mar 7 22:46:10 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 22:46:10 +0000 Subject: Still Failing: openssl/openssl#23858 (OpenSSL_1_1_1-stable - f61c680) In-Reply-To: Message-ID: <5c819f30733d3_43fd2fb792148241799@99c9c8f5-efd7-4980-a364-f83b064371bb.mail> Build Update for openssl/openssl ------------------------------------- Build: #23858 Status: Still Failing Duration: 23 mins and 50 secs Commit: f61c680 (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Fix memory overrun in rsa padding check functions Fixes #8364 and #8357 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6) View the changeset: https://github.com/openssl/openssl/compare/35eecd173ea2...f61c68043d3b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503320633?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 7 22:56:56 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 22:56:56 +0000 Subject: Still Failing: openssl/openssl#23859 (OpenSSL_1_1_1-stable - 50788b8) In-Reply-To: Message-ID: <5c81a1b8e7a7_43fe33dd9613c340579@67322323-8f3f-4df1-8713-26417f0c5300.mail> Build Update for openssl/openssl ------------------------------------- Build: #23859 Status: Still Failing Duration: 22 mins and 51 secs Commit: 50788b8 (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Update documentation regarding required output buffer memory size of RSA_private_decrypt/RSA_public_encrypt. Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit b89fdeb2f7d4471cbfd8a579945754327a4e06a8) View the changeset: https://github.com/openssl/openssl/compare/f61c68043d3b...50788b8b3618 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503321596?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 7 23:14:32 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 23:14:32 +0000 Subject: Still Failing: openssl/openssl#23861 (OpenSSL_1_1_1-stable - 25e410e) In-Reply-To: Message-ID: <5c81a5d7b23c1_43ffc5055bbf8255453@f48b9545-6469-4840-b12a-c0f87a7148b9.mail> Build Update for openssl/openssl ------------------------------------- Build: #23861 Status: Still Failing Duration: 21 mins and 22 secs Commit: 25e410e (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Add a simple test for RSA_SSLV23_PADDING Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit ac6fff700a9799c25902165e2594fd46826f3ee3) View the changeset: https://github.com/openssl/openssl/compare/50788b8b3618...25e410ee3cbc View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503323751?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 7 23:23:15 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 23:23:15 +0000 Subject: Still Failing: openssl/openssl#23862 (OpenSSL_1_1_1-stable - 930e031) In-Reply-To: Message-ID: <5c81a7e3a90de_43fa53a8edb1c3746bc@1369c005-9da8-44ce-9c62-df38e76969f7.mail> Build Update for openssl/openssl ------------------------------------- Build: #23862 Status: Still Failing Duration: 22 mins and 32 secs Commit: 930e031 (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Do the error handling in pkey_rsa_decrypt in constant time Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit 049e64cbb08df1fbf256bb79e950e8d0959de091) View the changeset: https://github.com/openssl/openssl/compare/25e410ee3cbc...930e03105222 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503324278?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 7 23:33:22 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 07 Mar 2019 23:33:22 +0000 Subject: Still Failing: openssl/openssl#23863 (OpenSSL_1_1_1-stable - f1006f1) In-Reply-To: Message-ID: <5c81aa42c587_43fa537c5a8c0376290@1369c005-9da8-44ce-9c62-df38e76969f7.mail> Build Update for openssl/openssl ------------------------------------- Build: #23863 Status: Still Failing Duration: 22 mins and 28 secs Commit: f1006f1 (OpenSSL_1_1_1-stable) Author: Bernd Edlinger Message: Update documentation of RSA_padding_check_PKCS1_OAEP_mgf1 Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/8365) (cherry picked from commit f0e4a860d0b350e10a1ee3898445cac85af8ea16) View the changeset: https://github.com/openssl/openssl/compare/930e03105222...f1006f188c90 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/503324750?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 8 09:28:23 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 08 Mar 2019 09:28:23 +0000 Subject: Build failed: openssl master.23280 Message-ID: <20190308092823.1.92AF1EA5635837EC@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 8 10:55:44 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 08 Mar 2019 10:55:44 +0000 Subject: Build failed: openssl master.23287 Message-ID: <20190308105544.1.BB097B0D444B3ADA@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Mar 8 11:17:17 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 08 Mar 2019 11:17:17 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-zlib Message-ID: <1552043837.095889.9643.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-zlib Commit log since last time: f0e4a860d0 Update documentation of RSA_padding_check_PKCS1_OAEP_mgf1 049e64cbb0 Do the error handling in pkey_rsa_decrypt in constant time ac6fff700a Add a simple test for RSA_SSLV23_PADDING b89fdeb2f7 Update documentation regarding required output buffer memory size of RSA_private_decrypt/RSA_public_encrypt. d7f5e5ae6d Fix memory overrun in rsa padding check functions 596521f488 Limit DEVRANDOM_WAIT to linux 6855b496b2 Add a test for underflow in ecp_nistp521.c 13fbce17fc Avoid an underflow in ecp_nistp521.c Build log ended with (last 100 lines): clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-b_print.d.tmp -MT crypto/bio/libcrypto-lib-b_print.o -c -o crypto/bio/libcrypto-lib-b_print.o ../openssl/crypto/bio/b_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-b_sock.d.tmp -MT crypto/bio/libcrypto-lib-b_sock.o -c -o crypto/bio/libcrypto-lib-b_sock.o ../openssl/crypto/bio/b_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-b_sock2.d.tmp -MT crypto/bio/libcrypto-lib-b_sock2.o -c -o crypto/bio/libcrypto-lib-b_sock2.o ../openssl/crypto/bio/b_sock2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_buff.d.tmp -MT crypto/bio/libcrypto-lib-bf_buff.o -c -o crypto/bio/libcrypto-lib-bf_buff.o ../openssl/crypto/bio/bf_buff.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_lbuf.d.tmp -MT crypto/bio/libcrypto-lib-bf_lbuf.o -c -o crypto/bio/libcrypto-lib-bf_lbuf.o ../openssl/crypto/bio/bf_lbuf.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_nbio.d.tmp -MT crypto/bio/libcrypto-lib-bf_nbio.o -c -o crypto/bio/libcrypto-lib-bf_nbio.o ../openssl/crypto/bio/bf_nbio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bf_null.d.tmp -MT crypto/bio/libcrypto-lib-bf_null.o -c -o crypto/bio/libcrypto-lib-bf_null.o ../openssl/crypto/bio/bf_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_cb.d.tmp -MT crypto/bio/libcrypto-lib-bio_cb.o -c -o crypto/bio/libcrypto-lib-bio_cb.o ../openssl/crypto/bio/bio_cb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_err.d.tmp -MT crypto/bio/libcrypto-lib-bio_err.o -c -o crypto/bio/libcrypto-lib-bio_err.o ../openssl/crypto/bio/bio_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_lib.d.tmp -MT crypto/bio/libcrypto-lib-bio_lib.o -c -o crypto/bio/libcrypto-lib-bio_lib.o ../openssl/crypto/bio/bio_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bio_meth.d.tmp -MT crypto/bio/libcrypto-lib-bio_meth.o -c -o crypto/bio/libcrypto-lib-bio_meth.o ../openssl/crypto/bio/bio_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_acpt.d.tmp -MT crypto/bio/libcrypto-lib-bss_acpt.o -c -o crypto/bio/libcrypto-lib-bss_acpt.o ../openssl/crypto/bio/bss_acpt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_bio.d.tmp -MT crypto/bio/libcrypto-lib-bss_bio.o -c -o crypto/bio/libcrypto-lib-bss_bio.o ../openssl/crypto/bio/bss_bio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_conn.d.tmp -MT crypto/bio/libcrypto-lib-bss_conn.o -c -o crypto/bio/libcrypto-lib-bss_conn.o ../openssl/crypto/bio/bss_conn.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_dgram.d.tmp -MT crypto/bio/libcrypto-lib-bss_dgram.o -c -o crypto/bio/libcrypto-lib-bss_dgram.o ../openssl/crypto/bio/bss_dgram.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_fd.d.tmp -MT crypto/bio/libcrypto-lib-bss_fd.o -c -o crypto/bio/libcrypto-lib-bss_fd.o ../openssl/crypto/bio/bss_fd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_file.d.tmp -MT crypto/bio/libcrypto-lib-bss_file.o -c -o crypto/bio/libcrypto-lib-bss_file.o ../openssl/crypto/bio/bss_file.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_log.d.tmp -MT crypto/bio/libcrypto-lib-bss_log.o -c -o crypto/bio/libcrypto-lib-bss_log.o ../openssl/crypto/bio/bss_log.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_mem.d.tmp -MT crypto/bio/libcrypto-lib-bss_mem.o -c -o crypto/bio/libcrypto-lib-bss_mem.o ../openssl/crypto/bio/bss_mem.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_null.d.tmp -MT crypto/bio/libcrypto-lib-bss_null.o -c -o crypto/bio/libcrypto-lib-bss_null.o ../openssl/crypto/bio/bss_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bio/libcrypto-lib-bss_sock.d.tmp -MT crypto/bio/libcrypto-lib-bss_sock.o -c -o crypto/bio/libcrypto-lib-bss_sock.o ../openssl/crypto/bio/bss_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b.o -c -o crypto/blake2/libcrypto-lib-blake2b.o ../openssl/crypto/blake2/blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2b_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b_mac.o -c -o crypto/blake2/libcrypto-lib-blake2b_mac.o ../openssl/crypto/blake2/blake2b_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s.o -c -o crypto/blake2/libcrypto-lib-blake2s.o ../openssl/crypto/blake2/blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-blake2s_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s_mac.o -c -o crypto/blake2/libcrypto-lib-blake2s_mac.o ../openssl/crypto/blake2/blake2s_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-m_blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2b.o -c -o crypto/blake2/libcrypto-lib-m_blake2b.o ../openssl/crypto/blake2/m_blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/blake2/libcrypto-lib-m_blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2s.o -c -o crypto/blake2/libcrypto-lib-m_blake2s.o ../openssl/crypto/blake2/m_blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/asm/libcrypto-lib-x86_64-gcc.d.tmp -MT crypto/bn/asm/libcrypto-lib-x86_64-gcc.o -c -o crypto/bn/asm/libcrypto-lib-x86_64-gcc.o ../openssl/crypto/bn/asm/x86_64-gcc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_add.d.tmp -MT crypto/bn/libcrypto-lib-bn_add.o -c -o crypto/bn/libcrypto-lib-bn_add.o ../openssl/crypto/bn/bn_add.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_blind.d.tmp -MT crypto/bn/libcrypto-lib-bn_blind.o -c -o crypto/bn/libcrypto-lib-bn_blind.o ../openssl/crypto/bn/bn_blind.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_const.d.tmp -MT crypto/bn/libcrypto-lib-bn_const.o -c -o crypto/bn/libcrypto-lib-bn_const.o ../openssl/crypto/bn/bn_const.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_ctx.d.tmp -MT crypto/bn/libcrypto-lib-bn_ctx.o -c -o crypto/bn/libcrypto-lib-bn_ctx.o ../openssl/crypto/bn/bn_ctx.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_depr.d.tmp -MT crypto/bn/libcrypto-lib-bn_depr.o -c -o crypto/bn/libcrypto-lib-bn_depr.o ../openssl/crypto/bn/bn_depr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_dh.d.tmp -MT crypto/bn/libcrypto-lib-bn_dh.o -c -o crypto/bn/libcrypto-lib-bn_dh.o ../openssl/crypto/bn/bn_dh.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_div.d.tmp -MT crypto/bn/libcrypto-lib-bn_div.o -c -o crypto/bn/libcrypto-lib-bn_div.o ../openssl/crypto/bn/bn_div.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_err.d.tmp -MT crypto/bn/libcrypto-lib-bn_err.o -c -o crypto/bn/libcrypto-lib-bn_err.o ../openssl/crypto/bn/bn_err.c clang -Icrypto -I../openssl/crypto -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_exp.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp.o -c -o crypto/bn/libcrypto-lib-bn_exp.o ../openssl/crypto/bn/bn_exp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_exp2.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp2.o -c -o crypto/bn/libcrypto-lib-bn_exp2.o ../openssl/crypto/bn/bn_exp2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_gcd.d.tmp -MT crypto/bn/libcrypto-lib-bn_gcd.o -c -o crypto/bn/libcrypto-lib-bn_gcd.o ../openssl/crypto/bn/bn_gcd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_gf2m.d.tmp -MT crypto/bn/libcrypto-lib-bn_gf2m.o -c -o crypto/bn/libcrypto-lib-bn_gf2m.o ../openssl/crypto/bn/bn_gf2m.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_intern.d.tmp -MT crypto/bn/libcrypto-lib-bn_intern.o -c -o crypto/bn/libcrypto-lib-bn_intern.o ../openssl/crypto/bn/bn_intern.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_kron.d.tmp -MT crypto/bn/libcrypto-lib-bn_kron.o -c -o crypto/bn/libcrypto-lib-bn_kron.o ../openssl/crypto/bn/bn_kron.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_lib.d.tmp -MT crypto/bn/libcrypto-lib-bn_lib.o -c -o crypto/bn/libcrypto-lib-bn_lib.o ../openssl/crypto/bn/bn_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mod.d.tmp -MT crypto/bn/libcrypto-lib-bn_mod.o -c -o crypto/bn/libcrypto-lib-bn_mod.o ../openssl/crypto/bn/bn_mod.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mont.d.tmp -MT crypto/bn/libcrypto-lib-bn_mont.o -c -o crypto/bn/libcrypto-lib-bn_mont.o ../openssl/crypto/bn/bn_mont.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mpi.d.tmp -MT crypto/bn/libcrypto-lib-bn_mpi.o -c -o crypto/bn/libcrypto-lib-bn_mpi.o ../openssl/crypto/bn/bn_mpi.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_mul.d.tmp -MT crypto/bn/libcrypto-lib-bn_mul.o -c -o crypto/bn/libcrypto-lib-bn_mul.o ../openssl/crypto/bn/bn_mul.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_nist.d.tmp -MT crypto/bn/libcrypto-lib-bn_nist.o -c -o crypto/bn/libcrypto-lib-bn_nist.o ../openssl/crypto/bn/bn_nist.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_prime.d.tmp -MT crypto/bn/libcrypto-lib-bn_prime.o -c -o crypto/bn/libcrypto-lib-bn_prime.o ../openssl/crypto/bn/bn_prime.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_print.d.tmp -MT crypto/bn/libcrypto-lib-bn_print.o -c -o crypto/bn/libcrypto-lib-bn_print.o ../openssl/crypto/bn/bn_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_rand.d.tmp -MT crypto/bn/libcrypto-lib-bn_rand.o -c -o crypto/bn/libcrypto-lib-bn_rand.o ../openssl/crypto/bn/bn_rand.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_recp.d.tmp -MT crypto/bn/libcrypto-lib-bn_recp.o -c -o crypto/bn/libcrypto-lib-bn_recp.o ../openssl/crypto/bn/bn_recp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_shift.d.tmp -MT crypto/bn/libcrypto-lib-bn_shift.o -c -o crypto/bn/libcrypto-lib-bn_shift.o ../openssl/crypto/bn/bn_shift.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_sqr.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqr.o -c -o crypto/bn/libcrypto-lib-bn_sqr.o ../openssl/crypto/bn/bn_sqr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_sqrt.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqrt.o -c -o crypto/bn/libcrypto-lib-bn_sqrt.o ../openssl/crypto/bn/bn_sqrt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_srp.d.tmp -MT crypto/bn/libcrypto-lib-bn_srp.o -c -o crypto/bn/libcrypto-lib-bn_srp.o ../openssl/crypto/bn/bn_srp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_word.d.tmp -MT crypto/bn/libcrypto-lib-bn_word.o -c -o crypto/bn/libcrypto-lib-bn_word.o ../openssl/crypto/bn/bn_word.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-bn_x931p.d.tmp -MT crypto/bn/libcrypto-lib-bn_x931p.o -c -o crypto/bn/libcrypto-lib-bn_x931p.o ../openssl/crypto/bn/bn_x931p.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-avx2.pl elf crypto/bn/rsaz-avx2.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-x86_64.pl elf crypto/bn/rsaz-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/bn/libcrypto-lib-rsaz_exp.d.tmp -MT crypto/bn/libcrypto-lib-rsaz_exp.o -c -o crypto/bn/libcrypto-lib-rsaz_exp.o ../openssl/crypto/bn/rsaz_exp.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-gf2m.pl elf crypto/bn/x86_64-gf2m.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont.pl elf crypto/bn/x86_64-mont.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont5.pl elf crypto/bn/x86_64-mont5.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/buffer/libcrypto-lib-buf_err.d.tmp -MT crypto/buffer/libcrypto-lib-buf_err.o -c -o crypto/buffer/libcrypto-lib-buf_err.o ../openssl/crypto/buffer/buf_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/buffer/libcrypto-lib-buffer.d.tmp -MT crypto/buffer/libcrypto-lib-buffer.o -c -o crypto/buffer/libcrypto-lib-buffer.o ../openssl/crypto/buffer/buffer.c CC="clang" /usr/bin/perl ../openssl/crypto/camellia/asm/cmll-x86_64.pl elf crypto/camellia/cmll-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_cfb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_cfb.o -c -o crypto/camellia/libcrypto-lib-cmll_cfb.o ../openssl/crypto/camellia/cmll_cfb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_ctr.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ctr.o -c -o crypto/camellia/libcrypto-lib-cmll_ctr.o ../openssl/crypto/camellia/cmll_ctr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_ecb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ecb.o -c -o crypto/camellia/libcrypto-lib-cmll_ecb.o ../openssl/crypto/camellia/cmll_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_misc.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_misc.o -c -o crypto/camellia/libcrypto-lib-cmll_misc.o ../openssl/crypto/camellia/cmll_misc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/camellia/libcrypto-lib-cmll_ofb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ofb.o -c -o crypto/camellia/libcrypto-lib-cmll_ofb.o ../openssl/crypto/camellia/cmll_ofb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_cfb64.d.tmp -MT crypto/cast/libcrypto-lib-c_cfb64.o -c -o crypto/cast/libcrypto-lib-c_cfb64.o ../openssl/crypto/cast/c_cfb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_ecb.d.tmp -MT crypto/cast/libcrypto-lib-c_ecb.o -c -o crypto/cast/libcrypto-lib-c_ecb.o ../openssl/crypto/cast/c_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_enc.d.tmp -MT crypto/cast/libcrypto-lib-c_enc.o -c -o crypto/cast/libcrypto-lib-c_enc.o ../openssl/crypto/cast/c_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_ofb64.d.tmp -MT crypto/cast/libcrypto-lib-c_ofb64.o -c -o crypto/cast/libcrypto-lib-c_ofb64.o ../openssl/crypto/cast/c_ofb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cast/libcrypto-lib-c_skey.d.tmp -MT crypto/cast/libcrypto-lib-c_skey.o -c -o crypto/cast/libcrypto-lib-c_skey.o ../openssl/crypto/cast/c_skey.c CC="clang" /usr/bin/perl ../openssl/crypto/chacha/asm/chacha-x86_64.pl elf crypto/chacha/chacha-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cmac/libcrypto-lib-cm_ameth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_ameth.o -c -o crypto/cmac/libcrypto-lib-cm_ameth.o ../openssl/crypto/cmac/cm_ameth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cmac/libcrypto-lib-cm_meth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_meth.o -c -o crypto/cmac/libcrypto-lib-cm_meth.o ../openssl/crypto/cmac/cm_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cmac/libcrypto-lib-cmac.d.tmp -MT crypto/cmac/libcrypto-lib-cmac.o -c -o crypto/cmac/libcrypto-lib-cmac.o ../openssl/crypto/cmac/cmac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_asn1.d.tmp -MT crypto/cms/libcrypto-lib-cms_asn1.o -c -o crypto/cms/libcrypto-lib-cms_asn1.o ../openssl/crypto/cms/cms_asn1.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_att.d.tmp -MT crypto/cms/libcrypto-lib-cms_att.o -c -o crypto/cms/libcrypto-lib-cms_att.o ../openssl/crypto/cms/cms_att.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_cd.d.tmp -MT crypto/cms/libcrypto-lib-cms_cd.o -c -o crypto/cms/libcrypto-lib-cms_cd.o ../openssl/crypto/cms/cms_cd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_dd.d.tmp -MT crypto/cms/libcrypto-lib-cms_dd.o -c -o crypto/cms/libcrypto-lib-cms_dd.o ../openssl/crypto/cms/cms_dd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_enc.d.tmp -MT crypto/cms/libcrypto-lib-cms_enc.o -c -o crypto/cms/libcrypto-lib-cms_enc.o ../openssl/crypto/cms/cms_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -MMD -MF crypto/cms/libcrypto-lib-cms_env.d.tmp -MT crypto/cms/libcrypto-lib-cms_env.o -c -o crypto/cms/libcrypto-lib-cms_env.o ../openssl/crypto/cms/cms_env.c ../openssl/crypto/cms/cms_cd.c:63:6: error: conflicting types for 'cms_CompressedData_init_bio' BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms) ^ ../openssl/crypto/cms/cms_lcl.h:385:6: note: previous declaration is here BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms); ^ 1 error generated. Makefile:7562: recipe for target 'crypto/cms/libcrypto-lib-cms_cd.o' failed make[1]: *** [crypto/cms/libcrypto-lib-cms_cd.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/enable-zlib' Makefile:164: recipe for target 'all' failed make: *** [all] Error 2 From openssl at openssl.org Fri Mar 8 11:17:31 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 08 Mar 2019 11:17:31 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-zlib-dynamic Message-ID: <1552043851.335488.11062.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-zlib-dynamic Commit log since last time: f0e4a860d0 Update documentation of RSA_padding_check_PKCS1_OAEP_mgf1 049e64cbb0 Do the error handling in pkey_rsa_decrypt in constant time ac6fff700a Add a simple test for RSA_SSLV23_PADDING b89fdeb2f7 Update documentation regarding required output buffer memory size of RSA_private_decrypt/RSA_public_encrypt. d7f5e5ae6d Fix memory overrun in rsa padding check functions 596521f488 Limit DEVRANDOM_WAIT to linux 6855b496b2 Add a test for underflow in ecp_nistp521.c 13fbce17fc Avoid an underflow in ecp_nistp521.c Build log ended with (last 100 lines): clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-b_print.d.tmp -MT crypto/bio/libcrypto-lib-b_print.o -c -o crypto/bio/libcrypto-lib-b_print.o ../openssl/crypto/bio/b_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-b_sock.d.tmp -MT crypto/bio/libcrypto-lib-b_sock.o -c -o crypto/bio/libcrypto-lib-b_sock.o ../openssl/crypto/bio/b_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-b_sock2.d.tmp -MT crypto/bio/libcrypto-lib-b_sock2.o -c -o crypto/bio/libcrypto-lib-b_sock2.o ../openssl/crypto/bio/b_sock2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_buff.d.tmp -MT crypto/bio/libcrypto-lib-bf_buff.o -c -o crypto/bio/libcrypto-lib-bf_buff.o ../openssl/crypto/bio/bf_buff.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_lbuf.d.tmp -MT crypto/bio/libcrypto-lib-bf_lbuf.o -c -o crypto/bio/libcrypto-lib-bf_lbuf.o ../openssl/crypto/bio/bf_lbuf.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_nbio.d.tmp -MT crypto/bio/libcrypto-lib-bf_nbio.o -c -o crypto/bio/libcrypto-lib-bf_nbio.o ../openssl/crypto/bio/bf_nbio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bf_null.d.tmp -MT crypto/bio/libcrypto-lib-bf_null.o -c -o crypto/bio/libcrypto-lib-bf_null.o ../openssl/crypto/bio/bf_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_cb.d.tmp -MT crypto/bio/libcrypto-lib-bio_cb.o -c -o crypto/bio/libcrypto-lib-bio_cb.o ../openssl/crypto/bio/bio_cb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_err.d.tmp -MT crypto/bio/libcrypto-lib-bio_err.o -c -o crypto/bio/libcrypto-lib-bio_err.o ../openssl/crypto/bio/bio_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_lib.d.tmp -MT crypto/bio/libcrypto-lib-bio_lib.o -c -o crypto/bio/libcrypto-lib-bio_lib.o ../openssl/crypto/bio/bio_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bio_meth.d.tmp -MT crypto/bio/libcrypto-lib-bio_meth.o -c -o crypto/bio/libcrypto-lib-bio_meth.o ../openssl/crypto/bio/bio_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_acpt.d.tmp -MT crypto/bio/libcrypto-lib-bss_acpt.o -c -o crypto/bio/libcrypto-lib-bss_acpt.o ../openssl/crypto/bio/bss_acpt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_bio.d.tmp -MT crypto/bio/libcrypto-lib-bss_bio.o -c -o crypto/bio/libcrypto-lib-bss_bio.o ../openssl/crypto/bio/bss_bio.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_conn.d.tmp -MT crypto/bio/libcrypto-lib-bss_conn.o -c -o crypto/bio/libcrypto-lib-bss_conn.o ../openssl/crypto/bio/bss_conn.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_dgram.d.tmp -MT crypto/bio/libcrypto-lib-bss_dgram.o -c -o crypto/bio/libcrypto-lib-bss_dgram.o ../openssl/crypto/bio/bss_dgram.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_fd.d.tmp -MT crypto/bio/libcrypto-lib-bss_fd.o -c -o crypto/bio/libcrypto-lib-bss_fd.o ../openssl/crypto/bio/bss_fd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_file.d.tmp -MT crypto/bio/libcrypto-lib-bss_file.o -c -o crypto/bio/libcrypto-lib-bss_file.o ../openssl/crypto/bio/bss_file.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_log.d.tmp -MT crypto/bio/libcrypto-lib-bss_log.o -c -o crypto/bio/libcrypto-lib-bss_log.o ../openssl/crypto/bio/bss_log.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_mem.d.tmp -MT crypto/bio/libcrypto-lib-bss_mem.o -c -o crypto/bio/libcrypto-lib-bss_mem.o ../openssl/crypto/bio/bss_mem.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_null.d.tmp -MT crypto/bio/libcrypto-lib-bss_null.o -c -o crypto/bio/libcrypto-lib-bss_null.o ../openssl/crypto/bio/bss_null.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bio/libcrypto-lib-bss_sock.d.tmp -MT crypto/bio/libcrypto-lib-bss_sock.o -c -o crypto/bio/libcrypto-lib-bss_sock.o ../openssl/crypto/bio/bss_sock.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b.o -c -o crypto/blake2/libcrypto-lib-blake2b.o ../openssl/crypto/blake2/blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2b_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2b_mac.o -c -o crypto/blake2/libcrypto-lib-blake2b_mac.o ../openssl/crypto/blake2/blake2b_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s.o -c -o crypto/blake2/libcrypto-lib-blake2s.o ../openssl/crypto/blake2/blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-blake2s_mac.d.tmp -MT crypto/blake2/libcrypto-lib-blake2s_mac.o -c -o crypto/blake2/libcrypto-lib-blake2s_mac.o ../openssl/crypto/blake2/blake2s_mac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-m_blake2b.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2b.o -c -o crypto/blake2/libcrypto-lib-m_blake2b.o ../openssl/crypto/blake2/m_blake2b.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/blake2/libcrypto-lib-m_blake2s.d.tmp -MT crypto/blake2/libcrypto-lib-m_blake2s.o -c -o crypto/blake2/libcrypto-lib-m_blake2s.o ../openssl/crypto/blake2/m_blake2s.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/asm/libcrypto-lib-x86_64-gcc.d.tmp -MT crypto/bn/asm/libcrypto-lib-x86_64-gcc.o -c -o crypto/bn/asm/libcrypto-lib-x86_64-gcc.o ../openssl/crypto/bn/asm/x86_64-gcc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_add.d.tmp -MT crypto/bn/libcrypto-lib-bn_add.o -c -o crypto/bn/libcrypto-lib-bn_add.o ../openssl/crypto/bn/bn_add.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_blind.d.tmp -MT crypto/bn/libcrypto-lib-bn_blind.o -c -o crypto/bn/libcrypto-lib-bn_blind.o ../openssl/crypto/bn/bn_blind.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_const.d.tmp -MT crypto/bn/libcrypto-lib-bn_const.o -c -o crypto/bn/libcrypto-lib-bn_const.o ../openssl/crypto/bn/bn_const.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_ctx.d.tmp -MT crypto/bn/libcrypto-lib-bn_ctx.o -c -o crypto/bn/libcrypto-lib-bn_ctx.o ../openssl/crypto/bn/bn_ctx.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_depr.d.tmp -MT crypto/bn/libcrypto-lib-bn_depr.o -c -o crypto/bn/libcrypto-lib-bn_depr.o ../openssl/crypto/bn/bn_depr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_dh.d.tmp -MT crypto/bn/libcrypto-lib-bn_dh.o -c -o crypto/bn/libcrypto-lib-bn_dh.o ../openssl/crypto/bn/bn_dh.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_div.d.tmp -MT crypto/bn/libcrypto-lib-bn_div.o -c -o crypto/bn/libcrypto-lib-bn_div.o ../openssl/crypto/bn/bn_div.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_err.d.tmp -MT crypto/bn/libcrypto-lib-bn_err.o -c -o crypto/bn/libcrypto-lib-bn_err.o ../openssl/crypto/bn/bn_err.c clang -Icrypto -I../openssl/crypto -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_exp.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp.o -c -o crypto/bn/libcrypto-lib-bn_exp.o ../openssl/crypto/bn/bn_exp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_exp2.d.tmp -MT crypto/bn/libcrypto-lib-bn_exp2.o -c -o crypto/bn/libcrypto-lib-bn_exp2.o ../openssl/crypto/bn/bn_exp2.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_gcd.d.tmp -MT crypto/bn/libcrypto-lib-bn_gcd.o -c -o crypto/bn/libcrypto-lib-bn_gcd.o ../openssl/crypto/bn/bn_gcd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_gf2m.d.tmp -MT crypto/bn/libcrypto-lib-bn_gf2m.o -c -o crypto/bn/libcrypto-lib-bn_gf2m.o ../openssl/crypto/bn/bn_gf2m.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_intern.d.tmp -MT crypto/bn/libcrypto-lib-bn_intern.o -c -o crypto/bn/libcrypto-lib-bn_intern.o ../openssl/crypto/bn/bn_intern.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_kron.d.tmp -MT crypto/bn/libcrypto-lib-bn_kron.o -c -o crypto/bn/libcrypto-lib-bn_kron.o ../openssl/crypto/bn/bn_kron.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_lib.d.tmp -MT crypto/bn/libcrypto-lib-bn_lib.o -c -o crypto/bn/libcrypto-lib-bn_lib.o ../openssl/crypto/bn/bn_lib.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mod.d.tmp -MT crypto/bn/libcrypto-lib-bn_mod.o -c -o crypto/bn/libcrypto-lib-bn_mod.o ../openssl/crypto/bn/bn_mod.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mont.d.tmp -MT crypto/bn/libcrypto-lib-bn_mont.o -c -o crypto/bn/libcrypto-lib-bn_mont.o ../openssl/crypto/bn/bn_mont.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mpi.d.tmp -MT crypto/bn/libcrypto-lib-bn_mpi.o -c -o crypto/bn/libcrypto-lib-bn_mpi.o ../openssl/crypto/bn/bn_mpi.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_mul.d.tmp -MT crypto/bn/libcrypto-lib-bn_mul.o -c -o crypto/bn/libcrypto-lib-bn_mul.o ../openssl/crypto/bn/bn_mul.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_nist.d.tmp -MT crypto/bn/libcrypto-lib-bn_nist.o -c -o crypto/bn/libcrypto-lib-bn_nist.o ../openssl/crypto/bn/bn_nist.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_prime.d.tmp -MT crypto/bn/libcrypto-lib-bn_prime.o -c -o crypto/bn/libcrypto-lib-bn_prime.o ../openssl/crypto/bn/bn_prime.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_print.d.tmp -MT crypto/bn/libcrypto-lib-bn_print.o -c -o crypto/bn/libcrypto-lib-bn_print.o ../openssl/crypto/bn/bn_print.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_rand.d.tmp -MT crypto/bn/libcrypto-lib-bn_rand.o -c -o crypto/bn/libcrypto-lib-bn_rand.o ../openssl/crypto/bn/bn_rand.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_recp.d.tmp -MT crypto/bn/libcrypto-lib-bn_recp.o -c -o crypto/bn/libcrypto-lib-bn_recp.o ../openssl/crypto/bn/bn_recp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_shift.d.tmp -MT crypto/bn/libcrypto-lib-bn_shift.o -c -o crypto/bn/libcrypto-lib-bn_shift.o ../openssl/crypto/bn/bn_shift.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_sqr.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqr.o -c -o crypto/bn/libcrypto-lib-bn_sqr.o ../openssl/crypto/bn/bn_sqr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_sqrt.d.tmp -MT crypto/bn/libcrypto-lib-bn_sqrt.o -c -o crypto/bn/libcrypto-lib-bn_sqrt.o ../openssl/crypto/bn/bn_sqrt.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_srp.d.tmp -MT crypto/bn/libcrypto-lib-bn_srp.o -c -o crypto/bn/libcrypto-lib-bn_srp.o ../openssl/crypto/bn/bn_srp.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_word.d.tmp -MT crypto/bn/libcrypto-lib-bn_word.o -c -o crypto/bn/libcrypto-lib-bn_word.o ../openssl/crypto/bn/bn_word.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-bn_x931p.d.tmp -MT crypto/bn/libcrypto-lib-bn_x931p.o -c -o crypto/bn/libcrypto-lib-bn_x931p.o ../openssl/crypto/bn/bn_x931p.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-avx2.pl elf crypto/bn/rsaz-avx2.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/rsaz-x86_64.pl elf crypto/bn/rsaz-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/bn/libcrypto-lib-rsaz_exp.d.tmp -MT crypto/bn/libcrypto-lib-rsaz_exp.o -c -o crypto/bn/libcrypto-lib-rsaz_exp.o ../openssl/crypto/bn/rsaz_exp.c CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-gf2m.pl elf crypto/bn/x86_64-gf2m.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont.pl elf crypto/bn/x86_64-mont.s CC="clang" /usr/bin/perl ../openssl/crypto/bn/asm/x86_64-mont5.pl elf crypto/bn/x86_64-mont5.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/buffer/libcrypto-lib-buf_err.d.tmp -MT crypto/buffer/libcrypto-lib-buf_err.o -c -o crypto/buffer/libcrypto-lib-buf_err.o ../openssl/crypto/buffer/buf_err.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/buffer/libcrypto-lib-buffer.d.tmp -MT crypto/buffer/libcrypto-lib-buffer.o -c -o crypto/buffer/libcrypto-lib-buffer.o ../openssl/crypto/buffer/buffer.c CC="clang" /usr/bin/perl ../openssl/crypto/camellia/asm/cmll-x86_64.pl elf crypto/camellia/cmll-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_cfb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_cfb.o -c -o crypto/camellia/libcrypto-lib-cmll_cfb.o ../openssl/crypto/camellia/cmll_cfb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_ctr.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ctr.o -c -o crypto/camellia/libcrypto-lib-cmll_ctr.o ../openssl/crypto/camellia/cmll_ctr.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_ecb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ecb.o -c -o crypto/camellia/libcrypto-lib-cmll_ecb.o ../openssl/crypto/camellia/cmll_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_misc.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_misc.o -c -o crypto/camellia/libcrypto-lib-cmll_misc.o ../openssl/crypto/camellia/cmll_misc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/camellia/libcrypto-lib-cmll_ofb.d.tmp -MT crypto/camellia/libcrypto-lib-cmll_ofb.o -c -o crypto/camellia/libcrypto-lib-cmll_ofb.o ../openssl/crypto/camellia/cmll_ofb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_cfb64.d.tmp -MT crypto/cast/libcrypto-lib-c_cfb64.o -c -o crypto/cast/libcrypto-lib-c_cfb64.o ../openssl/crypto/cast/c_cfb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_ecb.d.tmp -MT crypto/cast/libcrypto-lib-c_ecb.o -c -o crypto/cast/libcrypto-lib-c_ecb.o ../openssl/crypto/cast/c_ecb.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_enc.d.tmp -MT crypto/cast/libcrypto-lib-c_enc.o -c -o crypto/cast/libcrypto-lib-c_enc.o ../openssl/crypto/cast/c_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_ofb64.d.tmp -MT crypto/cast/libcrypto-lib-c_ofb64.o -c -o crypto/cast/libcrypto-lib-c_ofb64.o ../openssl/crypto/cast/c_ofb64.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cast/libcrypto-lib-c_skey.d.tmp -MT crypto/cast/libcrypto-lib-c_skey.o -c -o crypto/cast/libcrypto-lib-c_skey.o ../openssl/crypto/cast/c_skey.c CC="clang" /usr/bin/perl ../openssl/crypto/chacha/asm/chacha-x86_64.pl elf crypto/chacha/chacha-x86_64.s clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cmac/libcrypto-lib-cm_ameth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_ameth.o -c -o crypto/cmac/libcrypto-lib-cm_ameth.o ../openssl/crypto/cmac/cm_ameth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cmac/libcrypto-lib-cm_meth.d.tmp -MT crypto/cmac/libcrypto-lib-cm_meth.o -c -o crypto/cmac/libcrypto-lib-cm_meth.o ../openssl/crypto/cmac/cm_meth.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cmac/libcrypto-lib-cmac.d.tmp -MT crypto/cmac/libcrypto-lib-cmac.o -c -o crypto/cmac/libcrypto-lib-cmac.o ../openssl/crypto/cmac/cmac.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_asn1.d.tmp -MT crypto/cms/libcrypto-lib-cms_asn1.o -c -o crypto/cms/libcrypto-lib-cms_asn1.o ../openssl/crypto/cms/cms_asn1.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_att.d.tmp -MT crypto/cms/libcrypto-lib-cms_att.o -c -o crypto/cms/libcrypto-lib-cms_att.o ../openssl/crypto/cms/cms_att.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_cd.d.tmp -MT crypto/cms/libcrypto-lib-cms_cd.o -c -o crypto/cms/libcrypto-lib-cms_cd.o ../openssl/crypto/cms/cms_cd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_dd.d.tmp -MT crypto/cms/libcrypto-lib-cms_dd.o -c -o crypto/cms/libcrypto-lib-cms_dd.o ../openssl/crypto/cms/cms_dd.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_enc.d.tmp -MT crypto/cms/libcrypto-lib-cms_enc.o -c -o crypto/cms/libcrypto-lib-cms_enc.o ../openssl/crypto/cms/cms_enc.c clang -I. -Icrypto/include -Iinclude -I../openssl -I../openssl/crypto/include -I../openssl/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wno-unknown-warning-option -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DZLIB -DZLIB_SHARED -MMD -MF crypto/cms/libcrypto-lib-cms_env.d.tmp -MT crypto/cms/libcrypto-lib-cms_env.o -c -o crypto/cms/libcrypto-lib-cms_env.o ../openssl/crypto/cms/cms_env.c ../openssl/crypto/cms/cms_cd.c:63:6: error: conflicting types for 'cms_CompressedData_init_bio' BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms) ^ ../openssl/crypto/cms/cms_lcl.h:385:6: note: previous declaration is here BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms); ^ 1 error generated. Makefile:7562: recipe for target 'crypto/cms/libcrypto-lib-cms_cd.o' failed make[1]: *** [crypto/cms/libcrypto-lib-cms_cd.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/enable-zlib-dynamic' Makefile:164: recipe for target 'all' failed make: *** [all] Error 2 From no-reply at appveyor.com Fri Mar 8 12:21:08 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 08 Mar 2019 12:21:08 +0000 Subject: Build failed: openssl master.23291 Message-ID: <20190308122108.1.EC0D7C6238E44346@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 8 14:20:15 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 08 Mar 2019 14:20:15 +0000 Subject: Build completed: openssl master.23292 Message-ID: <20190308142015.1.CDA6A7196FF3AE32@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Fri Mar 8 16:11:22 2019 From: matt at openssl.org (Matt Caswell) Date: Fri, 08 Mar 2019 16:11:22 +0000 Subject: [openssl] master update Message-ID: <1552061482.703503.18008.nullmailer@dev.openssl.org> The branch master has been updated via 0fc4d00a00e5d25ce202e69414432a07c9e74502 (commit) from f0e4a860d0b350e10a1ee3898445cac85af8ea16 (commit) - Log ----------------------------------------------------------------- commit 0fc4d00a00e5d25ce202e69414432a07c9e74502 Author: Matt Caswell Date: Thu Mar 7 14:14:30 2019 +0000 Change arg to cms_CompressedData_init_bio to be const The argument to this function is declared const in the header file. However the implementation did not have this. This issue is only visible when using enable-zlib. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8433) ----------------------------------------------------------------------- Summary of changes: crypto/cms/cms_cd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c index 9386273..5a11928 100644 --- a/crypto/cms/cms_cd.c +++ b/crypto/cms/cms_cd.c @@ -60,7 +60,7 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid) return NULL; } -BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms) +BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms) { CMS_CompressedData *cd; const ASN1_OBJECT *compoid; From no-reply at appveyor.com Fri Mar 8 20:44:05 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 08 Mar 2019 20:44:05 +0000 Subject: Build failed: openssl master.23304 Message-ID: <20190308204405.1.6FA16E048221E94D@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 8 23:16:19 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 08 Mar 2019 23:16:19 +0000 Subject: Build failed: openssl master.23305 Message-ID: <20190308231619.1.45A3669CEE467470@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Fri Mar 8 23:33:33 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Fri, 08 Mar 2019 23:33:33 +0000 Subject: [openssl] master update Message-ID: <1552088013.845543.30651.nullmailer@dev.openssl.org> The branch master has been updated via ebb7823e14596ad07fdc7d2ed0a267815f545927 (commit) from 0fc4d00a00e5d25ce202e69414432a07c9e74502 (commit) - Log ----------------------------------------------------------------- commit ebb7823e14596ad07fdc7d2ed0a267815f545927 Author: Tomas Mraz Date: Thu Mar 7 15:28:30 2019 +0100 Print all loaded engines with openssl list -engines Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8434) ----------------------------------------------------------------------- Summary of changes: apps/openssl.c | 26 ++++++++++++++++++++++++-- doc/man1/list.pod | 5 +++++ 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/apps/openssl.c b/apps/openssl.c index 854f943..1acae24 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -54,6 +54,7 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]); static void list_pkey(void); static void list_pkey_meth(void); static void list_type(FUNC_TYPE ft, int one); +static void list_engines(void); static void list_disabled(void); char *default_config_file = NULL; @@ -523,8 +524,8 @@ typedef enum HELPLIST_CHOICE { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ONE, OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_MAC_ALGORITHMS, OPT_OPTIONS, OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS, - OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED, OPT_MISSING_HELP, - OPT_OBJECTS + OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_ENGINES, OPT_DISABLED, + OPT_MISSING_HELP, OPT_OBJECTS } HELPLIST_CHOICE; const OPTIONS list_options[] = { @@ -544,6 +545,8 @@ const OPTIONS list_options[] = { "List of public key algorithms"}, {"public-key-methods", OPT_PK_METHOD, '-', "List of public key methods"}, + {"engines", OPT_ENGINES, '-', + "List of loaded engines"}, {"disabled", OPT_DISABLED, '-', "List of disabled features"}, {"missing-help", OPT_MISSING_HELP, '-', @@ -599,6 +602,9 @@ opthelp: case OPT_PK_METHOD: list_pkey_meth(); break; + case OPT_ENGINES: + list_engines(); + break; case OPT_DISABLED: list_disabled(); break; @@ -837,6 +843,22 @@ static int SortFnByName(const void *_f1, const void *_f2) return strcmp(f1->name, f2->name); } +static void list_engines(void) +{ +#ifndef OPENSSL_NO_ENGINES + ENGINE *e; + + BIO_puts(bio_out, "Engines:\n"); + e = ENGINE_get_first(); + while (e) { + BIO_printf(bio_out, "%s\n", ENGINE_get_id(e)); + e = ENGINE_get_next(e); + } +#else + BIO_puts(bio_out, "Engine support is disabled.\n"); +#endif +} + static void list_disabled(void) { BIO_puts(bio_out, "Disabled algorithms:\n"); diff --git a/doc/man1/list.pod b/doc/man1/list.pod index b1a147b..901a266 100644 --- a/doc/man1/list.pod +++ b/doc/man1/list.pod @@ -18,6 +18,7 @@ B [B<-cipher-algorithms>] [B<-public-key-algorithms>] [B<-public-key-methods>] +[B<-engines>] [B<-disabled>] =head1 DESCRIPTION @@ -80,6 +81,10 @@ a block of multiple lines, all but the first are indented. Display a list of public key method OIDs: this also includes public key methods without an associated ASN.1 method, for example, KDF algorithms. +=item B<-engines> + +Display a list of loaded engines. + =item B<-disabled> Display a list of disabled features, those that were compiled out From no-reply at appveyor.com Sat Mar 9 00:37:13 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 00:37:13 +0000 Subject: Build completed: openssl master.23306 Message-ID: <20190309003713.1.5EB8761B1B4066C3@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 9 10:47:54 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 10:47:54 +0000 Subject: Build failed: openssl master.23312 Message-ID: <20190309104754.1.8A752F203B114782@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 9 11:29:33 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 11:29:33 +0000 Subject: Build failed: openssl master.23318 Message-ID: <20190309112933.1.FFD5FB619CB637A7@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 9 12:03:53 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 12:03:53 +0000 Subject: Build failed: openssl master.23319 Message-ID: <20190309120353.1.A24DC2C78BBC17BF@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 9 12:22:36 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 12:22:36 +0000 Subject: Build failed: openssl master.23320 Message-ID: <20190309122236.1.57E74893EF480713@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 9 12:40:17 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 12:40:17 +0000 Subject: Build failed: openssl master.23321 Message-ID: <20190309124017.1.5DDBEDA7F6A69634@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Mar 9 12:58:47 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 09 Mar 2019 12:58:47 +0000 Subject: Build failed: openssl master.23323 Message-ID: <20190309125847.1.2ADCAD5922BFDD07@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Mar 10 07:27:43 2019 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 10 Mar 2019 07:27:43 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5c84bc69384ae_71212b0b31c28f5029351@appnode-2.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I0UGeQHqL75aLq-2BYPu9UTxvx4pwEgi1koIHZv5BF89vV1oDdJKacEYAW-2FA8eJnxsBpfBjraUjdG2HQsvODH-2B7mAm2PxoF2scFkV7EBt46rjNNrQ4SVQaNDpcUewQmKG4j9ra0lQaRn16N0yngnqUyMEg-2FcK-2B5nIXzVq3xadAYu0luFt5uYAsAGj2B5HXfi7oTU-3D Build ID: 247094 Analysis Summary: New defects found: 8 Defects eliminated: 1 If you have difficulty understanding any defects, email us at scan-admin at coverity.com, or post your question to StackOverflow at https://u2389337.ct.sendgrid.net/wf/click?upn=OgIsEqWzmIl4S-2FzEUMxLXL-2BukuZt9UUdRZhgmgzAKchwAzH1nH3073xDEXNRgHN6zzUI-2FRfbrE6mNOeeukHUQw-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I0UGeQHqL75aLq-2BYPu9UTxvx4pwEgi1koIHZv5BF89vVyuL9Xaw1-2FW1RrSmWuBApHko81o-2FeoQ-2F2cXb8N9pOCCjEhjbe5U7WV4OdjzpBWCtA7NfVIMcY6UwquPdg5A2vuFp8TPPnQc4ftvYtUioLLZiAA7DSpeO-2BCaagqsztWiTYlxJQdMsaiA42bP3QYxBgFA-3D From scan-admin at coverity.com Sun Mar 10 07:47:00 2019 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 10 Mar 2019 07:47:00 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5c84c0f365796_7bd72b0b31c28f50293a@appnode-2.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2hfCIPD-2BN63pbxYtTbiPJ9X2-2B30kv-2FllwpGFnrpqolAOdMHggsE1TCWPtvFuGB8YDWQ6VpcpgmrUyQf4n83qTUK2QRSaVm3nJtOn3ZnfcS2hli2p90v2M9CaVJnTYTRj1ej4UPfmEf3RI7UxWk0QiAjM1f-2BEV0yyYWQHTzMEN0gsLWEEjkIuR4q1XoCReCrck-3D Build ID: 247096 Analysis Summary: New defects found: 0 Defects eliminated: 0 From matthias.st.pierre at ncp-e.com Sun Mar 10 08:51:14 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sun, 10 Mar 2019 08:51:14 +0000 Subject: [openssl] master update Message-ID: <1552207874.632119.17549.nullmailer@dev.openssl.org> The branch master has been updated via dc7e354275fccc3f13d30a0024f18b5ead560532 (commit) from ebb7823e14596ad07fdc7d2ed0a267815f545927 (commit) - Log ----------------------------------------------------------------- commit dc7e354275fccc3f13d30a0024f18b5ead560532 Author: Darren Tucker Date: Sun Mar 10 11:26:34 2019 +1100 Fix typo in ifndef OPENSSL_NO_ENGINES. All other instances are OPENSSL_NO_ENGINE without the trailing "S". Fixes build when configured with no-engine. CLA: trivial Reviewed-by: Tim Hudson Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8449) ----------------------------------------------------------------------- Summary of changes: apps/openssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/openssl.c b/apps/openssl.c index 1acae24..72a0bb0 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -845,7 +845,7 @@ static int SortFnByName(const void *_f1, const void *_f2) static void list_engines(void) { -#ifndef OPENSSL_NO_ENGINES +#ifndef OPENSSL_NO_ENGINE ENGINE *e; BIO_puts(bio_out, "Engines:\n"); From no-reply at appveyor.com Sun Mar 10 15:46:49 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 10 Mar 2019 15:46:49 +0000 Subject: Build failed: openssl master.23335 Message-ID: <20190310154649.1.DAB1C121602BA4A1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Mar 10 16:16:50 2019 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 10 Mar 2019 16:16:50 +0000 Subject: Build completed: openssl master.23336 Message-ID: <20190310161650.1.C360FD899B72E558@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Sun Mar 10 20:00:54 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sun, 10 Mar 2019 20:00:54 +0000 Subject: [openssl] master update Message-ID: <1552248054.190115.26157.nullmailer@dev.openssl.org> The branch master has been updated via 3dcbb6c4a395d56dfa561145d89017ff958bb18e (commit) from dc7e354275fccc3f13d30a0024f18b5ead560532 (commit) - Log ----------------------------------------------------------------- commit 3dcbb6c4a395d56dfa561145d89017ff958bb18e Author: A. Schulze Date: Sat Mar 9 19:05:31 2019 +0100 Fix two spelling errors CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8447) ----------------------------------------------------------------------- Summary of changes: doc/man1/s_client.pod | 2 +- doc/man3/SSL_CTX_set_read_ahead.pod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod index c4a9843..e1a71d1 100644 --- a/doc/man1/s_client.pod +++ b/doc/man1/s_client.pod @@ -218,7 +218,7 @@ Even though SNI should normally be a DNS name and not an IP address, if B<-servername> is provided then that name will be sent, regardless of whether it is a DNS name or not. -This option cannot be used in conjuction with B<-noservername>. +This option cannot be used in conjunction with B<-noservername>. =item B<-noservername> diff --git a/doc/man3/SSL_CTX_set_read_ahead.pod b/doc/man3/SSL_CTX_set_read_ahead.pod index a71d72e..97343b9 100644 --- a/doc/man3/SSL_CTX_set_read_ahead.pod +++ b/doc/man3/SSL_CTX_set_read_ahead.pod @@ -46,7 +46,7 @@ records, and SSL_has_pending() can't tell the difference between processed and unprocessed data, it's recommended that if read ahead is turned on that B is not turned off using SSL_CTX_clear_mode(). That will prevent getting B when there is still a complete -record availale that hasn't been processed. +record available that hasn't been processed. If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading From matthias.st.pierre at ncp-e.com Sun Mar 10 20:02:12 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sun, 10 Mar 2019 20:02:12 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1552248132.630908.18429.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via d38ef8c89e11ed5b033a911a7d40b833992c6e09 (commit) from f1006f188c90e81898b69fb84e67e674bcdae030 (commit) - Log ----------------------------------------------------------------- commit d38ef8c89e11ed5b033a911a7d40b833992c6e09 Author: A. Schulze Date: Sat Mar 9 19:05:31 2019 +0100 Fix two spelling errors CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8447) (cherry picked from commit 3dcbb6c4a395d56dfa561145d89017ff958bb18e) ----------------------------------------------------------------------- Summary of changes: doc/man1/s_client.pod | 2 +- doc/man3/SSL_CTX_set_read_ahead.pod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod index 81d516a..7e42932 100644 --- a/doc/man1/s_client.pod +++ b/doc/man1/s_client.pod @@ -201,7 +201,7 @@ Even though SNI should normally be a DNS name and not an IP address, if B<-servername> is provided then that name will be sent, regardless of whether it is a DNS name or not. -This option cannot be used in conjuction with B<-noservername>. +This option cannot be used in conjunction with B<-noservername>. =item B<-noservername> diff --git a/doc/man3/SSL_CTX_set_read_ahead.pod b/doc/man3/SSL_CTX_set_read_ahead.pod index 137e251..c9869e9 100644 --- a/doc/man3/SSL_CTX_set_read_ahead.pod +++ b/doc/man3/SSL_CTX_set_read_ahead.pod @@ -46,7 +46,7 @@ records, and SSL_has_pending() can't tell the difference between processed and unprocessed data, it's recommended that if read ahead is turned on that B is not turned off using SSL_CTX_clear_mode(). That will prevent getting B when there is still a complete -record availale that hasn't been processed. +record available that hasn't been processed. If the application wants to continue to use the underlying transport (e.g. TCP connection) after the SSL connection is finished using SSL_shutdown() reading From builds at travis-ci.org Sun Mar 10 20:30:36 2019 From: builds at travis-ci.org (Travis CI) Date: Sun, 10 Mar 2019 20:30:36 +0000 Subject: Still Failing: openssl/openssl#23937 (OpenSSL_1_1_1-stable - d38ef8c) In-Reply-To: Message-ID: <5c8573eca432d_43fc2ac2894441042a0@346750aa-822f-4c5f-a631-9c98d8085eb4.mail> Build Update for openssl/openssl ------------------------------------- Build: #23937 Status: Still Failing Duration: 23 mins and 5 secs Commit: d38ef8c (OpenSSL_1_1_1-stable) Author: A. Schulze Message: Fix two spelling errors CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8447) (cherry picked from commit 3dcbb6c4a395d56dfa561145d89017ff958bb18e) View the changeset: https://github.com/openssl/openssl/compare/f1006f188c90...d38ef8c89e11 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/504400439?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Mar 11 11:31:30 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 11 Mar 2019 11:31:30 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-zlib Message-ID: <1552303890.837508.4684.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-zlib Commit log since last time: 3dcbb6c4a3 Fix two spelling errors dc7e354275 Fix typo in ifndef OPENSSL_NO_ENGINES. ebb7823e14 Print all loaded engines with openssl list -engines 0fc4d00a00 Change arg to cms_CompressedData_init_bio to be const From levitte at openssl.org Mon Mar 11 11:34:18 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 11 Mar 2019 11:34:18 +0000 Subject: [openssl] master update Message-ID: <1552304058.237066.25806.nullmailer@dev.openssl.org> The branch master has been updated via 1b1ff9b94d5cfa7879ef6a1a4101fe4db9cb9a9c (commit) from 3dcbb6c4a395d56dfa561145d89017ff958bb18e (commit) - Log ----------------------------------------------------------------- commit 1b1ff9b94d5cfa7879ef6a1a4101fe4db9cb9a9c Author: Andy Polyakov Date: Fri Mar 8 14:40:56 2019 +0100 sha/asm/keccak1600-ppc64.pl: up 10% performance improvement. Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8444) ----------------------------------------------------------------------- Summary of changes: crypto/sha/asm/keccak1600-ppc64.pl | 40 +++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/crypto/sha/asm/keccak1600-ppc64.pl b/crypto/sha/asm/keccak1600-ppc64.pl index 5c23841..876632b 100755 --- a/crypto/sha/asm/keccak1600-ppc64.pl +++ b/crypto/sha/asm/keccak1600-ppc64.pl @@ -27,10 +27,10 @@ # # r=1088(*) # -# PPC970/G5 14.6/+120% -# POWER7 10.3/+100% -# POWER8 11.5/+85% -# POWER9 9.4/+45% +# PPC970/G5 14.0/+130% +# POWER7 9.7/+110% +# POWER8 10.6/+100% +# POWER9 8.2/+66% # # (*) Corresponds to SHA3-256. Percentage after slash is improvement # over gcc-4.x-generated KECCAK_1X_ALT code. Newer compilers do @@ -384,19 +384,19 @@ KeccakF1600: .type dword_le_load,\@function .align 5 dword_le_load: - lbzu r0,1(r3) - lbzu r4,1(r3) - lbzu r5,1(r3) + lbz r0,1(r3) + lbz r4,2(r3) + lbz r5,3(r3) insrdi r0,r4,8,48 - lbzu r4,1(r3) + lbz r4,4(r3) insrdi r0,r5,8,40 - lbzu r5,1(r3) + lbz r5,5(r3) insrdi r0,r4,8,32 - lbzu r4,1(r3) + lbz r4,6(r3) insrdi r0,r5,8,24 - lbzu r5,1(r3) + lbz r5,7(r3) insrdi r0,r4,8,16 - lbzu r4,1(r3) + lbzu r4,8(r3) insrdi r0,r5,8,8 insrdi r0,r4,8,0 blr @@ -657,21 +657,21 @@ SHA3_squeeze: ${UCMP}i $len,8 blt .Lsqueeze_tail - stbu r0,1($out) + stb r0,1($out) srdi r0,r0,8 - stbu r0,1($out) + stb r0,2($out) srdi r0,r0,8 - stbu r0,1($out) + stb r0,3($out) srdi r0,r0,8 - stbu r0,1($out) + stb r0,4($out) srdi r0,r0,8 - stbu r0,1($out) + stb r0,5($out) srdi r0,r0,8 - stbu r0,1($out) + stb r0,6($out) srdi r0,r0,8 - stbu r0,1($out) + stb r0,7($out) srdi r0,r0,8 - stbu r0,1($out) + stbu r0,8($out) subic. $len,$len,8 beq .Lsqueeze_done From openssl at openssl.org Mon Mar 11 11:38:49 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 11 Mar 2019 11:38:49 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings enable-zlib-dynamic Message-ID: <1552304329.453294.1585.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-zlib-dynamic Commit log since last time: 3dcbb6c4a3 Fix two spelling errors dc7e354275 Fix typo in ifndef OPENSSL_NO_ENGINES. ebb7823e14 Print all loaded engines with openssl list -engines 0fc4d00a00 Change arg to cms_CompressedData_init_bio to be const From matt at openssl.org Mon Mar 11 12:49:19 2019 From: matt at openssl.org (Matt Caswell) Date: Mon, 11 Mar 2019 12:49:19 +0000 Subject: [openssl] master update Message-ID: <1552308559.280620.4008.nullmailer@dev.openssl.org> The branch master has been updated via 4d768e966ff9a9777b2b4a79f85a737ab2ded666 (commit) from 1b1ff9b94d5cfa7879ef6a1a4101fe4db9cb9a9c (commit) - Log ----------------------------------------------------------------- commit 4d768e966ff9a9777b2b4a79f85a737ab2ded666 Author: Shane Lontis Date: Tue Nov 20 10:45:44 2018 +1000 openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) Reviewed-by: Paul Yang Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7661) ----------------------------------------------------------------------- Summary of changes: apps/build.info | 8 +- apps/mac.c | 200 +++++++++++++++++++++++++++++++++++++++++++++ doc/man1/mac.pod | 163 ++++++++++++++++++++++++++++++++++++ doc/man1/openssl.pod | 18 ++-- test/recipes/20-test_mac.t | 176 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 555 insertions(+), 10 deletions(-) create mode 100644 apps/mac.c create mode 100644 doc/man1/mac.pod create mode 100644 test/recipes/20-test_mac.t diff --git a/apps/build.info b/apps/build.info index 9b77c46..ad14038 100644 --- a/apps/build.info +++ b/apps/build.info @@ -2,10 +2,10 @@ qw(openssl.c asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c dhparam.c dsa.c dsaparam.c ec.c ecparam.c enc.c engine.c errstr.c gendsa.c - genpkey.c genrsa.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c pkcs8.c - pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c rsautl.c - s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c - srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c); + genpkey.c genrsa.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c + pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c + rsautl.c s_client.c s_server.c s_time.c sess_id.c smime.c speed.c + spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c); our @apps_lib_src = ( qw(apps.c apps_ui.c opt.c fmt.c s_cb.c s_socket.c app_rand.c bf_prefix.c), diff --git a/apps/mac.c b/apps/mac.c new file mode 100644 index 0000000..a02779b --- /dev/null +++ b/apps/mac.c @@ -0,0 +1,200 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#include "apps.h" +#include "progs.h" +#include +#include +#include + +#undef BUFSIZE +#define BUFSIZE 1024*8 + +typedef enum OPTION_choice { + OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, + OPT_MACOPT, OPT_BIN, OPT_IN, OPT_OUT +} OPTION_CHOICE; + +const OPTIONS mac_options[] = { + {OPT_HELP_STR, 1, '-', "Usage: %s [options] mac_name\n"}, + {OPT_HELP_STR, 1, '-', "mac_name\t\t MAC algorithm (See list " + "-mac-algorithms)"}, + {"help", OPT_HELP, '-', "Display this summary"}, + {"macopt", OPT_MACOPT, 's', "MAC algorithm control parameters in n:v form. " + "See 'Supported Controls' in the EVP_MAC_ docs"}, + {"in", OPT_IN, '<', "Input file to MAC (default is stdin)"}, + {"out", OPT_OUT, '>', "Output to filename rather than stdout"}, + {"binary", OPT_BIN, '-', "Output in binary format (Default is hexadecimal " + "output)"}, + {NULL} +}; + +static int mac_ctrl_string(EVP_MAC_CTX *ctx, const char *value) +{ + int rv; + char *stmp, *vtmp = NULL; + + stmp = OPENSSL_strdup(value); + if (stmp == NULL) + return -1; + vtmp = strchr(stmp, ':'); + if (vtmp != NULL) { + *vtmp = 0; + vtmp++; + } + rv = EVP_MAC_ctrl_str(ctx, stmp, vtmp); + OPENSSL_free(stmp); + return rv; +} + +int mac_main(int argc, char **argv) +{ + int ret = 1; + char *prog; + const EVP_MAC *mac = NULL; + OPTION_CHOICE o; + EVP_MAC_CTX *ctx = NULL; + STACK_OF(OPENSSL_STRING) *opts = NULL; + unsigned char *buf = NULL; + size_t len; + int i; + BIO *in = NULL, *out = NULL; + const char *outfile = NULL; + const char *infile = NULL; + int out_bin = 0; + int inform = FORMAT_BINARY; + + prog = opt_init(argc, argv, mac_options); + buf = app_malloc(BUFSIZE, "I/O buffer"); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +opthelp: + BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); + goto err; + case OPT_HELP: + opt_help(mac_options); + ret = 0; + goto err; + case OPT_BIN: + out_bin = 1; + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile = opt_arg(); + break; + case OPT_MACOPT: + if (opts == NULL) + opts = sk_OPENSSL_STRING_new_null(); + if (opts == NULL || !sk_OPENSSL_STRING_push(opts, opt_arg())) + goto opthelp; + break; + } + } + argc = opt_num_rest(); + argv = opt_rest(); + + if (argc != 1) { + BIO_printf(bio_err, "Invalid number of extra arguments\n"); + goto opthelp; + } + + mac = EVP_get_macbyname(argv[0]); + if (mac == NULL) { + BIO_printf(bio_err, "Invalid MAC name %s\n", argv[0]); + goto opthelp; + } + + ctx = EVP_MAC_CTX_new(mac); + if (ctx == NULL) + goto err; + + if (opts != NULL) { + for (i = 0; i < sk_OPENSSL_STRING_num(opts); i++) { + char *opt = sk_OPENSSL_STRING_value(opts, i); + if (mac_ctrl_string(ctx, opt) <= 0) { + BIO_printf(bio_err, "MAC parameter error '%s'\n", opt); + ERR_print_errors(bio_err); + goto err; + } + } + } + + /* Use text mode for stdin */ + if (infile == NULL || strcmp(infile, "-") == 0) + inform = FORMAT_TEXT; + in = bio_open_default(infile, 'r', inform); + if (in == NULL) + goto err; + + out = bio_open_default(outfile, 'w', out_bin ? FORMAT_BINARY : FORMAT_TEXT); + if (out == NULL) + goto err; + + if (!EVP_MAC_init(ctx)) { + BIO_printf(bio_err, "EVP_MAC_Init failed\n"); + goto err; + } + + + for (;;) { + i = BIO_read(in, (char *)buf, BUFSIZE); + if (i < 0) { + BIO_printf(bio_err, "Read Error in '%s'\n", infile); + goto err; + } + if (i == 0) + break; + if (!EVP_MAC_update(ctx, buf, i)) { + BIO_printf(bio_err, "EVP_MAC_update failed\n"); + goto err; + } + } + + if (!EVP_MAC_final(ctx, NULL, &len)) { + BIO_printf(bio_err, "EVP_MAC_final failed\n"); + goto err; + } + if (len > BUFSIZE) { + BIO_printf(bio_err, "output len is too large\n"); + goto err; + } + + if (!EVP_MAC_final(ctx, buf, &len)) { + BIO_printf(bio_err, "EVP_MAC_final failed\n"); + goto err; + } + + if (out_bin) { + BIO_write(out, buf, len); + } else { + if (outfile == NULL) + BIO_printf(out,"\n"); + for (i = 0; i < (int)len; ++i) + BIO_printf(out, "%02X", buf[i]); + if (outfile == NULL) + BIO_printf(out,"\n"); + } + + ret = 0; +err: + if (ret != 0) + ERR_print_errors(bio_err); + OPENSSL_clear_free(buf, BUFSIZE); + sk_OPENSSL_STRING_free(opts); + BIO_free(in); + BIO_free(out); + EVP_MAC_CTX_free(ctx); + return ret; +} diff --git a/doc/man1/mac.pod b/doc/man1/mac.pod new file mode 100644 index 0000000..5d1e796 --- /dev/null +++ b/doc/man1/mac.pod @@ -0,0 +1,163 @@ +=pod + +=head1 NAME + +openssl-mac, +mac - perform Message Authentication Code operations + +=head1 SYNOPSIS + +B +[B<-help>] +[B<-macopt>] +[B<-in filename>] +[B<-out filename>] +[B<-binary>] +B + +B I [B<...>] B + +=head1 DESCRIPTION + +The message authentication code functions output the MAC of a supplied input +file. + +=head1 OPTIONS + +=over 4 + +=item B<-help> + +Print a usage message. + +=item B<-in filename> + +Input filename to calculate a MAC for, or standard input by default. +Standard input is used if the filename is '-'. +Files are expected to be in binary format, standard input uses hexadecimal text +format. + +=item B<-out filename> + +Filename to output to, or standard output by default. + +=item B<-binary> + +Output the MAC in binary form. Uses hexadecimal text format if not specified. + +=item B<-macopt nm:v> + +Passes options to the MAC algorithm. +A comprehensive list of controls can be found in the EVP_MAC implementation +documentation. +Common control strings used by EVP_MAC_ctrl_str() are: + +=over 4 + +=item B + +Specifies the MAC key as an alphanumeric string (use if the key contains +printable characters only). +The string length must conform to any restrictions of the MAC algorithm. +A key must be specified for every MAC algorithm. + +=item B + +Specifies the MAC key in hexadecimal form (two hex digits per byte). +The key length must conform to any restrictions of the MAC algorithm. +A key must be specified for every MAC algorithm. + +=item B + +Used by HMAC as an alphanumeric string (use if the key contains printable +characters only). +The string length must conform to any restrictions of the MAC algorithm. +To see the list of supported digests, use the command I. + +=item B + +Used by CMAC and GMAC to specifiy the cipher algorithm. +For CMAC it must be one of AES-128-CBC, AES-192-CBC, AES-256-CBC or +DES-EDE3-CBC. +For GMAC it should be a GCM mode cipher e.g. AES-128-GCM. + +=item B + +Used by GMAC to specify an IV as an alphanumeric string (use if the IV contains +printable characters only). + +=item B + +Used by GMAC to specify an IV in hexadecimal form (two hex digits per byte). + +=item B + +Used by KMAC128 or KMAC256 to specify an output length. +The default sizes are 32 or 64 bytes respectively. + +=item B + +Used by KMAC128 or KMAC256 to specify a customization string. +The default is the empty string "". + +=back + +=item B + +Specifies the name of a supported MAC algorithm which will be used. +To see the list of supported MAC's use the command I. + +=back + + +=head1 EXAMPLES + +To create a hex-encoded HMAC-SHA1 MAC of a file and write to stdout: \ + openssl mac -macopt digest:SHA1 \ + -macopt hexkey:000102030405060708090A0B0C0D0E0F10111213 \ + -in msg.bin HMAC + +To create a SipHash MAC from a file with a binary file output: \ + openssl mac -macopt hexkey:000102030405060708090A0B0C0D0E0F \ + -in msg.bin -out out.bin -binary SipHash + +To create a hex-encoded CMAC-AES-128-CBC MAC from a file:\ + openssl mac -macopt cipher:AES-128-CBC \ + -macopt hexkey:77A77FAF290C1FA30C683DF16BA7A77B \ + -in msg.bin CMAC + +To create a hex-encoded KMAC128 MAC from a file with a Customisation String +'Tag' and output length of 16: \ + openssl mac -macopt custom:Tag -macopt hexkey:40414243444546 \ + -macopt outlen:16 -in msg.bin KMAC128 + +To create a hex-encoded GMAC-AES-128-GCM with a IV from a file: \ + openssl mac -macopt cipher:AES-128-GCM -macopt hexiv:E0E00F19FED7BA0136A797F3 \ + -macopt hexkey:77A77FAF290C1FA30C683DF16BA7A77B -in msg.bin GMAC + +=head1 NOTES + +The MAC mechanisms that are available will depend on the options +used when building OpenSSL. +The B command can be used to list them. + +=head1 SEE ALSO + +L, +L, +L, +L, +L, +L, +L + +=head1 COPYRIGHT + +Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod index ca4f78c..5f6f8d3 100644 --- a/doc/man1/openssl.pod +++ b/doc/man1/openssl.pod @@ -11,7 +11,7 @@ I [ I ] [ I ] -B B [ B | B | B | B | B | B] +B B [ B | B | B | B | B | B | B] B BI [ I ] @@ -28,7 +28,7 @@ It can be used for o Creation and management of private keys, public keys and parameters o Public key cryptographic operations o Creation of X.509 certificates, CSRs and CRLs - o Calculation of Message Digests + o Calculation of Message Digests and Message Authentication Codes o Encryption and Decryption with Ciphers o SSL/TLS Client and Server Tests o Handling of S/MIME signed or encrypted mail @@ -57,8 +57,9 @@ and B output a list (one entry per line) of the names of all standard commands, message digest commands, or cipher commands, respectively, that are available in the present B utility. -The list parameters B and -B list all cipher and message digest names, one entry per line. Aliases are listed as: +The list parameters B, B, +and B list all cipher, message digest, and message +authentication code names, one entry per line. Aliases are listed as: from => to @@ -106,7 +107,8 @@ CRL to PKCS#7 Conversion. =item B -Message Digest Calculation. +Message Digest calculation. MAC calculations are superseded by +L. =item B @@ -165,6 +167,10 @@ Generation of Private Key or Parameters. Generation of RSA Private Key. Superseded by L. +=item B + +Message Authentication Code Calculation. + =item B Create or examine a Netscape certificate sequence. @@ -606,7 +612,7 @@ L, L, L, L, L, L, L, L, L, L, L, L, L, -L, L, L, +L, L, L, L, L, L, L, L, L, L, L, L, diff --git a/test/recipes/20-test_mac.t b/test/recipes/20-test_mac.t new file mode 100644 index 0000000..963c3d7 --- /dev/null +++ b/test/recipes/20-test_mac.t @@ -0,0 +1,176 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test; +use OpenSSL::Test::Utils; +use Storable qw(dclone); + +setup("test_mac"); + +my @mac_tests = ( + { cmd => [qw{openssl mac -macopt hexkey:000102030405060708090A0B0C0D0E0F}], + type => 'SipHash', + input => '00', + expected => 'da87c1d86b99af44347659119b22fc45', + desc => 'SipHash No input' }, + { cmd => [qw{openssl mac -macopt digest:SHA1 -macopt hexkey:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F}], + type => 'HMAC', + input => unpack("H*", "Sample message for keylen=blocklen"), + expected => '5FD596EE78D5553C8FF4E72D266DFD192366DA29', + desc => 'HMAC SHA1' }, + { cmd => [qw{openssl mac -macopt cipher:AES-256-CBC -macopt hexkey:0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1}], + type => 'CMAC', + input => '498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F', + expected => 'F62C46329B41085625669BAF51DEA66A', + desc => 'CMAC AES-256-CBC' }, + { cmd => [qw{openssl mac -macopt hexkey:02000000000000000000000000000000ffffffffffffffffffffffffffffffff}], + type => 'Poly1305', + input => '02000000000000000000000000000000', + expected => '03000000000000000000000000000000', + desc => 'Poly1305 (wrap 2^128)' }, + { cmd => [qw{openssl mac -macopt cipher:AES-256-GCM -macopt hexkey:4C973DBC7364621674F8B5B89E5C15511FCED9216490FB1C1A2CAA0FFE0407E5 -macopt hexiv:7AE8E2CA4EC500012E58495C}], + type => 'GMAC', + input => '68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007', + expected => '00BDA1B7E87608BCBF470F12157F4C07', + desc => 'GMAC' }, + { cmd => [qw{openssl mac -macopt hexkey:404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F -macopt xof:0}], + type => 'KMAC128', + input => '00010203', + expected => 'E5780B0D3EA6F7D3A429C5706AA43A00FADBD7D49628839E3187243F456EE14E', + desc => 'KMAC128' }, + { cmd => [qw{openssl mac -macopt hexkey:404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F -macopt }, 'custom:My Tagged Application'], + type => 'KMAC256', + input => '00010203', + expected => '20C570C31346F703C9AC36C61C03CB64C3970D0CFC787E9B79599D273A68D2F7F69D4CC3DE9D104A351689F27CF6F5951F0103F33F4F24871024D9C27773A8DD', + desc => 'KMAC256' }, + { cmd => [qw{openssl mac -macopt hexkey:404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F -macopt xof:1 -macopt}, 'custom:My Tagged Application'], + type => 'KMAC256', + input => '000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7', + expected => 'D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C62E8AB8578D2D499BD1BB276768781190020A306A97DE281DCC30305D', + desc => 'KMAC256 with xof len of 64' }, +); + +my @mac_fail_tests = ( + { cmd => [qw{openssl mac}], + type => 'SipHash', + input => '00', + err => '', + desc => 'SipHash Fail no key' }, + { cmd => [qw{openssl mac}], + type => 'KMAC128', + input => '00', + err => 'EVP_MAC_Init', + desc => 'KMAC128 Fail no key' }, +); + +plan tests => (scalar @mac_tests * 2) + scalar @mac_fail_tests; + +foreach (@mac_tests) { + ok(compareline($_->{cmd}, $_->{type}, $_->{input}, $_->{expected}, $_->{err}), $_->{desc}); +} +foreach (@mac_tests) { + ok(comparefile($_->{cmd}, $_->{type}, $_->{input}, $_->{expected}), $_->{desc}); +} + +foreach (@mac_fail_tests) { + ok(compareline($_->{cmd}, $_->{type}, $_->{input}, $_->{expected}, $_->{err}), $_->{desc}); +} + +# Create a temp input file and save the input data into it, and +# then compare the stdout output matches the expected value. +sub compareline { + my $tmpfile = 'tmp.bin'; + my ($cmdarray_orig, $type, $input, $expect, $err) = @_; + my $cmdarray = dclone $cmdarray_orig; + if (defined($expect)) { + $expect = uc $expect; + } + # Open a temporary input file and write $input to it + open(my $in, '>', $tmpfile) or die "Could not open file"; + binmode($in); + my $bin = pack("H*", $input); + print $in $bin; + close $in; + + # The last cmd parameter is the temporary input file we just created. + my @other = ('-in', $tmpfile, $type); + push @$cmdarray, @other; + + my @lines = run(app($cmdarray), capture => 1); + unlink $tmpfile; + + if (defined($expect)) { + if ($lines[1] =~ m|^\Q${expect}\E\R$|) { + return 1; + } else { + print "Got: $lines[1]"; + print "Exp: $expect\n"; + return 0; + } + } + if (defined($err)) { + if (defined($lines[0])) { + $lines[0] =~ s/\s+$//; + if ($lines[0] eq $err) { + return 1; + } else { + print "Got: $lines[0]"; + print "Exp: $err\n"; + return 0; + } + } else { + # expected an error + return 1; + } + } + return 0; +} + +# Create a temp input file and save the input data into it, and +# use the '-bin -out ' commandline options to save results out to a file. +# Read this file back in and check its output matches the expected value. +sub comparefile { + my $tmpfile = 'tmp.bin'; + my $outfile = 'out.bin'; + my ($cmdarray, $type, $input, $expect) = @_; + $expect = uc $expect; + + # Open a temporary input file and write $input to it + open(my $in, '>', $tmpfile) or die "Could not open file"; + binmode($in); + my $bin = pack("H*", $input); + print $in $bin; + close $in; + + my @other = ("-binary", "-in", $tmpfile, "-out", $outfile, $type); + push @$cmdarray, @other; + + run(app($cmdarray)); + unlink $tmpfile; + open(my $out, '<', $outfile) or die "Could not open file"; + binmode($out); + my $buffer; + my $BUFSIZE = 1024; + read($out, $buffer, $BUFSIZE) or die "unable to read"; + + my $line = uc unpack("H*", $buffer); + close($out); + unlink $outfile; + + if ($line eq $expect) { + return 1; + } else { + print "Got: $line\n"; + print "Exp: $expect\n"; + return 0; + } +} From builds at travis-ci.org Mon Mar 11 13:08:49 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 11 Mar 2019 13:08:49 +0000 Subject: Errored: openssl/openssl#23949 (master - 4d768e9) In-Reply-To: Message-ID: <5c865de124baf_43fc30a9cce641227ab@538678d3-f6d9-474a-b9f6-c03ab8ef0699.mail> Build Update for openssl/openssl ------------------------------------- Build: #23949 Status: Errored Duration: 18 mins and 41 secs Commit: 4d768e9 (master) Author: Shane Lontis Message: openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) Reviewed-by: Paul Yang Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7661) View the changeset: https://github.com/openssl/openssl/compare/1b1ff9b94d5c...4d768e966ff9 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/504670592?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Mon Mar 11 13:42:53 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 11 Mar 2019 13:42:53 +0000 Subject: [openssl] master update Message-ID: <1552311773.514210.15027.nullmailer@dev.openssl.org> The branch master has been updated via 2a6a56073ce2ccac3e8c83b5434c6472ab6354e4 (commit) via b53c4fe3f92e3d2c5bd9fca1a171cd24f66ef14d (commit) from 4d768e966ff9a9777b2b4a79f85a737ab2ded666 (commit) - Log ----------------------------------------------------------------- commit 2a6a56073ce2ccac3e8c83b5434c6472ab6354e4 Author: Rich Salz Date: Tue Mar 5 08:22:17 2019 -0500 Add regenerated header files Reviewed-by: Nicola Tuveri Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8397) commit b53c4fe3f92e3d2c5bd9fca1a171cd24f66ef14d Author: Rich Salz Date: Mon Mar 4 15:53:58 2019 -0500 util/mkerr.pl: Add an inclusion of symhacks.h in all error files This does no harm, and ensures that the inclusion isn't mistakenly removed in the generated *err.h where it's actually needed. Reviewed-by: Nicola Tuveri Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8397) ----------------------------------------------------------------------- Summary of changes: include/internal/dsoerr.h | 6 +++++- include/internal/propertyerr.h | 4 ++++ include/openssl/asn1err.h | 6 +++++- include/openssl/asyncerr.h | 6 +++++- include/openssl/bioerr.h | 6 +++++- include/openssl/bnerr.h | 6 +++++- include/openssl/buffererr.h | 6 +++++- include/openssl/cmserr.h | 6 +++++- include/openssl/comperr.h | 6 +++++- include/openssl/conferr.h | 6 +++++- include/openssl/cryptoerr.h | 9 +++++---- include/openssl/cterr.h | 6 +++++- include/openssl/dherr.h | 6 +++++- include/openssl/dsaerr.h | 6 +++++- include/openssl/ecerr.h | 4 ++++ include/openssl/engineerr.h | 6 +++++- include/openssl/esserr.h | 6 ++++-- include/openssl/evperr.h | 4 ++++ include/openssl/kdferr.h | 4 ++++ include/openssl/objectserr.h | 6 +++++- include/openssl/ocsperr.h | 6 +++++- include/openssl/pemerr.h | 6 +++++- include/openssl/pkcs12err.h | 6 +++++- include/openssl/pkcs7err.h | 6 +++++- include/openssl/randerr.h | 6 +++++- include/openssl/rsaerr.h | 6 +++++- include/openssl/sslerr.h | 4 ++++ include/openssl/storeerr.h | 6 +++++- include/openssl/tserr.h | 4 ++++ include/openssl/uierr.h | 6 +++++- include/openssl/x509err.h | 6 +++++- include/openssl/x509v3err.h | 6 +++++- util/mkerr.pl | 8 +++++--- 33 files changed, 158 insertions(+), 33 deletions(-) diff --git a/include/internal/dsoerr.h b/include/internal/dsoerr.h index 5c839f8..3645aa5 100644 --- a/include/internal/dsoerr.h +++ b/include/internal/dsoerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_DSOERR_H # define HEADER_DSOERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_DSO diff --git a/include/internal/propertyerr.h b/include/internal/propertyerr.h index 908c910..d400297 100644 --- a/include/internal/propertyerr.h +++ b/include/internal/propertyerr.h @@ -11,6 +11,10 @@ #ifndef HEADER_PROPERR_H # define HEADER_PROPERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h index e438790..97e9d05 100644 --- a/include/openssl/asn1err.h +++ b/include/openssl/asn1err.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_ASN1ERR_H # define HEADER_ASN1ERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/asyncerr.h b/include/openssl/asyncerr.h index 25ceffa..84f381d 100644 --- a/include/openssl/asyncerr.h +++ b/include/openssl/asyncerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_ASYNCERR_H # define HEADER_ASYNCERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/bioerr.h b/include/openssl/bioerr.h index f15e35a..e5c0deb 100644 --- a/include/openssl/bioerr.h +++ b/include/openssl/bioerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_BIOERR_H # define HEADER_BIOERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/bnerr.h b/include/openssl/bnerr.h index 187b082..bcf4f8f 100644 --- a/include/openssl/bnerr.h +++ b/include/openssl/bnerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_BNERR_H # define HEADER_BNERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/buffererr.h b/include/openssl/buffererr.h index d4fe6df..7f2af2a 100644 --- a/include/openssl/buffererr.h +++ b/include/openssl/buffererr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_BUFERR_H # define HEADER_BUFERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h index e7337f5..1919a88 100644 --- a/include/openssl/cmserr.h +++ b/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_CMSERR_H # define HEADER_CMSERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_CMS diff --git a/include/openssl/comperr.h b/include/openssl/comperr.h index 3353e41..ab87f7d 100644 --- a/include/openssl/comperr.h +++ b/include/openssl/comperr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_COMPERR_H # define HEADER_COMPERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_COMP diff --git a/include/openssl/conferr.h b/include/openssl/conferr.h index bea0224..0a24b7e 100644 --- a/include/openssl/conferr.h +++ b/include/openssl/conferr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_CONFERR_H # define HEADER_CONFERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h index 2f3df74..f07d07e 100644 --- a/include/openssl/cryptoerr.h +++ b/include/openssl/cryptoerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,12 +11,13 @@ #ifndef HEADER_CRYPTOERR_H # define HEADER_CRYPTOERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif - -# include - int ERR_load_CRYPTO_strings(void); /* diff --git a/include/openssl/cterr.h b/include/openssl/cterr.h index 6f223e0..16ef932 100644 --- a/include/openssl/cterr.h +++ b/include/openssl/cterr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_CTERR_H # define HEADER_CTERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_CT diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h index 892a599..2203554 100644 --- a/include/openssl/dherr.h +++ b/include/openssl/dherr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_DHERR_H # define HEADER_DHERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_DH diff --git a/include/openssl/dsaerr.h b/include/openssl/dsaerr.h index b8182c8..c58b9eb 100644 --- a/include/openssl/dsaerr.h +++ b/include/openssl/dsaerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_DSAERR_H # define HEADER_DSAERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_DSA diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h index 8074481..0ba02cb 100644 --- a/include/openssl/ecerr.h +++ b/include/openssl/ecerr.h @@ -11,6 +11,10 @@ #ifndef HEADER_ECERR_H # define HEADER_ECERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_EC diff --git a/include/openssl/engineerr.h b/include/openssl/engineerr.h index ed2404e..ace3d3d 100644 --- a/include/openssl/engineerr.h +++ b/include/openssl/engineerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_ENGINEERR_H # define HEADER_ENGINEERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_ENGINE diff --git a/include/openssl/esserr.h b/include/openssl/esserr.h index e8fdb1d..eb1c9ae 100644 --- a/include/openssl/esserr.h +++ b/include/openssl/esserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,7 +11,9 @@ #ifndef HEADER_ESSERR_H # define HEADER_ESSERR_H -# include +# ifndef HEADER_SYMHACKS_H +# include +# endif # ifdef __cplusplus extern "C" diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h index 7da602d..445d173 100644 --- a/include/openssl/evperr.h +++ b/include/openssl/evperr.h @@ -11,6 +11,10 @@ #ifndef HEADER_EVPERR_H # define HEADER_EVPERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h index 6ef4da2..9a1d980 100644 --- a/include/openssl/kdferr.h +++ b/include/openssl/kdferr.h @@ -11,6 +11,10 @@ #ifndef HEADER_KDFERR_H # define HEADER_KDFERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/objectserr.h b/include/openssl/objectserr.h index 6e70e96..2fe8cc4 100644 --- a/include/openssl/objectserr.h +++ b/include/openssl/objectserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_OBJERR_H # define HEADER_OBJERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/ocsperr.h b/include/openssl/ocsperr.h index 25df8c1..18e92ce 100644 --- a/include/openssl/ocsperr.h +++ b/include/openssl/ocsperr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_OCSPERR_H # define HEADER_OCSPERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_OCSP diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h index 54548f3..1213d75 100644 --- a/include/openssl/pemerr.h +++ b/include/openssl/pemerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_PEMERR_H # define HEADER_PEMERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/pkcs12err.h b/include/openssl/pkcs12err.h index d99ca64..d4a31f2 100644 --- a/include/openssl/pkcs12err.h +++ b/include/openssl/pkcs12err.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_PKCS12ERR_H # define HEADER_PKCS12ERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/pkcs7err.h b/include/openssl/pkcs7err.h index 909be11..89fb492 100644 --- a/include/openssl/pkcs7err.h +++ b/include/openssl/pkcs7err.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_PKCS7ERR_H # define HEADER_PKCS7ERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/randerr.h b/include/openssl/randerr.h index bdfbd00..26c20ae 100644 --- a/include/openssl/randerr.h +++ b/include/openssl/randerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_RANDERR_H # define HEADER_RANDERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h index 186cabb..7253b12 100644 --- a/include/openssl/rsaerr.h +++ b/include/openssl/rsaerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_RSAERR_H # define HEADER_RSAERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h index 6305751..4603ef4 100644 --- a/include/openssl/sslerr.h +++ b/include/openssl/sslerr.h @@ -11,6 +11,10 @@ #ifndef HEADER_SSLERR_H # define HEADER_SSLERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/storeerr.h b/include/openssl/storeerr.h index 3e042cc..0571fa5 100644 --- a/include/openssl/storeerr.h +++ b/include/openssl/storeerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_OSSL_STOREERR_H # define HEADER_OSSL_STOREERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/tserr.h b/include/openssl/tserr.h index 0a2dd15..e492981 100644 --- a/include/openssl/tserr.h +++ b/include/openssl/tserr.h @@ -11,6 +11,10 @@ #ifndef HEADER_TSERR_H # define HEADER_TSERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # include # ifndef OPENSSL_NO_TS diff --git a/include/openssl/uierr.h b/include/openssl/uierr.h index 5746135..98244b3 100644 --- a/include/openssl/uierr.h +++ b/include/openssl/uierr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_UIERR_H # define HEADER_UIERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/x509err.h b/include/openssl/x509err.h index 33b78e4..64361dc 100644 --- a/include/openssl/x509err.h +++ b/include/openssl/x509err.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_X509ERR_H # define HEADER_X509ERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/include/openssl/x509v3err.h b/include/openssl/x509v3err.h index 6464842..1d91d09 100644 --- a/include/openssl/x509v3err.h +++ b/include/openssl/x509v3err.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,6 +11,10 @@ #ifndef HEADER_X509V3ERR_H # define HEADER_X509V3ERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + # ifdef __cplusplus extern "C" # endif diff --git a/util/mkerr.pl b/util/mkerr.pl index cf100d1..7139ee3 100755 --- a/util/mkerr.pl +++ b/util/mkerr.pl @@ -417,9 +417,7 @@ print STDERR "\n" if $debug; &phase("Writing files"); my $newstate = 0; foreach my $lib ( keys %errorfile ) { - if ( ! $fnew{$lib} && ! $rnew{$lib} ) { - next unless $rebuild; - } + next if ! $fnew{$lib} && ! $rnew{$lib} && ! $rebuild; next if scalar keys %modules > 0 && !$modules{$lib}; next if $nowrite; print STDERR "$lib: $fnew{$lib} new functions\n" if $fnew{$lib}; @@ -455,6 +453,10 @@ foreach my $lib ( keys %errorfile ) { #ifndef HEADER_${lib}ERR_H # define HEADER_${lib}ERR_H +# ifndef HEADER_SYMHACKS_H +# include +# endif + EOF if ( $internal ) { # Declare the load function because the generate C file From levitte at openssl.org Mon Mar 11 13:46:16 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 11 Mar 2019 13:46:16 +0000 Subject: [openssl] master update Message-ID: <1552311976.335898.19443.nullmailer@dev.openssl.org> The branch master has been updated via 98f29466dc1ed7f80b9b8750309a41b5a1150d25 (commit) from 2a6a56073ce2ccac3e8c83b5434c6472ab6354e4 (commit) - Log ----------------------------------------------------------------- commit 98f29466dc1ed7f80b9b8750309a41b5a1150d25 Author: Shane Lontis Date: Wed Mar 6 12:57:09 2019 +1000 fix truncation of integers on 32bit AIX Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8417) ----------------------------------------------------------------------- Summary of changes: crypto/blake2/blake2b.c | 8 +- crypto/ec/curve448/curve448.c | 4 +- crypto/ec/curve448/curve448_tables.c | 1838 ++++++++++++++++++++++++++-------- crypto/ec/curve448/f_generic.c | 6 +- crypto/ec/curve448/scalar.c | 18 +- crypto/sha/keccak1600.c | 48 +- test/asn1_encode_test.c | 4 +- test/bioprinttest.c | 8 +- test/ct_test.c | 4 +- 9 files changed, 1473 insertions(+), 465 deletions(-) diff --git a/crypto/blake2/blake2b.c b/crypto/blake2/blake2b.c index 73ba0b6..813f9dd 100644 --- a/crypto/blake2/blake2b.c +++ b/crypto/blake2/blake2b.c @@ -23,10 +23,10 @@ static const uint64_t blake2b_IV[8] = { - 0x6a09e667f3bcc908U, 0xbb67ae8584caa73bU, - 0x3c6ef372fe94f82bU, 0xa54ff53a5f1d36f1U, - 0x510e527fade682d1U, 0x9b05688c2b3e6c1fU, - 0x1f83d9abfb41bd6bU, 0x5be0cd19137e2179U + 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, + 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, + 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, + 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL }; static const uint8_t blake2b_sigma[12][16] = diff --git a/crypto/ec/curve448/curve448.c b/crypto/ec/curve448/curve448.c index b06aa58..6236ad6 100644 --- a/crypto/ec/curve448/curve448.c +++ b/crypto/ec/curve448/curve448.c @@ -27,8 +27,8 @@ static const curve448_scalar_t precomputed_scalarmul_adjustment = { { { - SC_LIMB(0xc873d6d54a7bb0cf), SC_LIMB(0xe933d8d723a70aad), - SC_LIMB(0xbb124b65129c96fd), SC_LIMB(0x00000008335dc163) + SC_LIMB(0xc873d6d54a7bb0cfULL), SC_LIMB(0xe933d8d723a70aadULL), + SC_LIMB(0xbb124b65129c96fdULL), SC_LIMB(0x00000008335dc163ULL) } } }; diff --git a/crypto/ec/curve448/curve448_tables.c b/crypto/ec/curve448/curve448_tables.c index 4e6bc85..ec8ffcc 100644 --- a/crypto/ec/curve448/curve448_tables.c +++ b/crypto/ec/curve448/curve448_tables.c @@ -16,325 +16,1045 @@ static const curve448_precomputed_s curve448_precomputed_base_table = { { {{ - {FIELD_LITERAL(0x00cc3b062366f4cc,0x003d6e34e314aa3c,0x00d51c0a7521774d,0x0094e060eec6ab8b,0x00d21291b4d80082,0x00befed12b55ef1e,0x00c3dd2df5c94518,0x00e0a7b112b8d4e6)}, - {FIELD_LITERAL(0x0019eb5608d8723a,0x00d1bab52fb3aedb,0x00270a7311ebc90c,0x0037c12b91be7f13,0x005be16cd8b5c704,0x003e181acda888e1,0x00bc1f00fc3fc6d0,0x00d3839bfa319e20)}, - {FIELD_LITERAL(0x003caeb88611909f,0x00ea8b378c4df3d4,0x00b3295b95a5a19a,0x00a65f97514bdfb5,0x00b39efba743cab1,0x0016ba98b862fd2d,0x0001508812ee71d7,0x000a75740eea114a)}, - }}, {{ - {FIELD_LITERAL(0x00ebcf0eb649f823,0x00166d332e98ea03,0x0059ddf64f5cd5f6,0x0047763123d9471b,0x00a64065c53ef62f,0x00978e44c480153d,0x000b5b2a0265f194,0x0046a24b9f32965a)}, - {FIELD_LITERAL(0x00b9eef787034df0,0x0020bc24de3390cd,0x000022160bae99bb,0x00ae66e886e97946,0x0048d4bbe02cbb8b,0x0072ba97b34e38d4,0x00eae7ec8f03e85a,0x005ba92ecf808b2c)}, - {FIELD_LITERAL(0x00c9cfbbe74258fd,0x00843a979ea9eaa7,0x000cbb4371cfbe90,0x0059bac8f7f0a628,0x004b3dff882ff530,0x0011869df4d90733,0x00595aa71f4abfc2,0x0070e2d38990c2e6)}, - }}, {{ - {FIELD_LITERAL(0x00de2010c0a01733,0x00c739a612e24297,0x00a7212643141d7c,0x00f88444f6b67c11,0x00484b7b16ec28f2,0x009c1b8856af9c68,0x00ff4669591fe9d6,0x0054974be08a32c8)}, - {FIELD_LITERAL(0x0010de3fd682ceed,0x008c07642d83ca4e,0x0013bb064e00a1cc,0x009411ae27870e11,0x00ea8e5b4d531223,0x0032fe7d2aaece2e,0x00d989e243e7bb41,0x000fe79a508e9b8b)}, - {FIELD_LITERAL(0x005e0426b9bfc5b1,0x0041a5b1d29ee4fa,0x0015b0def7774391,0x00bc164f1f51af01,0x00d543b0942797b9,0x003c129b6398099c,0x002b114c6e5adf18,0x00b4e630e4018a7b)}, - }}, {{ - {FIELD_LITERAL(0x00d490afc95f8420,0x00b096bf50c1d9b9,0x00799fd707679866,0x007c74d9334afbea,0x00efaa8be80ff4ed,0x0075c4943bb81694,0x00c21c2fca161f36,0x00e77035d492bfee)}, - {FIELD_LITERAL(0x006658a190dd6661,0x00e0e9bab38609a6,0x0028895c802237ed,0x006a0229c494f587,0x002dcde96c9916b7,0x00d158822de16218,0x00173b917a06856f,0x00ca78a79ae07326)}, - {FIELD_LITERAL(0x00e35bfc79caced4,0x0087238a3e1fe3bb,0x00bcbf0ff4ceff5b,0x00a19c1c94099b91,0x0071e102b49db976,0x0059e3d004eada1e,0x008da78afa58a47e,0x00579c8ebf269187)}, - }}, {{ - {FIELD_LITERAL(0x00a16c2905eee75f,0x009d4bcaea2c7e1d,0x00d3bd79bfad19df,0x0050da745193342c,0x006abdb8f6b29ab1,0x00a24fe0a4fef7ef,0x0063730da1057dfb,0x00a08c312c8eb108)}, - {FIELD_LITERAL(0x00b583be005375be,0x00a40c8f8a4e3df4,0x003fac4a8f5bdbf7,0x00d4481d872cd718,0x004dc8749cdbaefe,0x00cce740d5e5c975,0x000b1c1f4241fd21,0x00a76de1b4e1cd07)}, - {FIELD_LITERAL(0x007a076500d30b62,0x000a6e117b7f090f,0x00c8712ae7eebd9a,0x000fbd6c1d5f6ff7,0x003a7977246ebf11,0x00166ed969c6600e,0x00aa42e469c98bec,0x00dc58f307cf0666)}, - }}, {{ - {FIELD_LITERAL(0x004b491f65a9a28b,0x006a10309e8a55b7,0x00b67210185187ef,0x00cf6497b12d9b8f,0x0085778c56e2b1ba,0x0015b4c07a814d85,0x00686479e62da561,0x008de5d88f114916)}, - {FIELD_LITERAL(0x00e37c88d6bba7b1,0x003e4577e1b8d433,0x0050d8ea5f510ec0,0x0042fc9f2da9ef59,0x003bd074c1141420,0x00561b8b7b68774e,0x00232e5e5d1013a3,0x006b7f2cb3d7e73f)}, - {FIELD_LITERAL(0x004bdd0f0b41e6a0,0x001773057c405d24,0x006029f99915bd97,0x006a5ba70a17fe2f,0x0046111977df7e08,0x004d8124c89fb6b7,0x00580983b2bb2724,0x00207bf330d6f3fe)}, - }}, {{ - {FIELD_LITERAL(0x007efdc93972a48b,0x002f5e50e78d5fee,0x0080dc11d61c7fe5,0x0065aa598707245b,0x009abba2300641be,0x000c68787656543a,0x00ffe0fef2dc0a17,0x00007ffbd6cb4f3a)}, - {FIELD_LITERAL(0x0036012f2b836efc,0x00458c126d6b5fbc,0x00a34436d719ad1e,0x0097be6167117dea,0x0009c219c879cff3,0x0065564493e60755,0x00993ac94a8cdec0,0x002d4885a4d0dbaf)}, - {FIELD_LITERAL(0x00598b60b4c068ba,0x00c547a0be7f1afd,0x009582164acf12af,0x00af4acac4fbbe40,0x005f6ca7c539121a,0x003b6e752ebf9d66,0x00f08a30d5cac5d4,0x00e399bb5f97c5a9)}, - }}, {{ - {FIELD_LITERAL(0x007445a0409c0a66,0x00a65c369f3829c0,0x0031d248a4f74826,0x006817f34defbe8e,0x00649741d95ebf2e,0x00d46466ab16b397,0x00fdc35703bee414,0x00343b43334525f8)}, - {FIELD_LITERAL(0x001796bea93f6401,0x00090c5a42e85269,0x00672412ba1252ed,0x001201d47b6de7de,0x006877bccfe66497,0x00b554fd97a4c161,0x009753f42dbac3cf,0x00e983e3e378270a)}, - {FIELD_LITERAL(0x00ac3eff18849872,0x00f0eea3bff05690,0x00a6d72c21dd505d,0x001b832642424169,0x00a6813017b540e5,0x00a744bd71b385cd,0x0022a7d089130a7b,0x004edeec9a133486)}, - }}, {{ - {FIELD_LITERAL(0x00b2d6729196e8a9,0x0088a9bb2031cef4,0x00579e7787dc1567,0x0030f49feb059190,0x00a0b1d69c7f7d8f,0x0040bdcc6d9d806f,0x00d76c4037edd095,0x00bbf24376415dd7)}, - {FIELD_LITERAL(0x00240465ff5a7197,0x00bb97e76caf27d0,0x004b4edbf8116d39,0x001d8586f708cbaa,0x000f8ee8ff8e4a50,0x00dde5a1945dd622,0x00e6fc1c0957e07c,0x0041c9cdabfd88a0)}, - {FIELD_LITERAL(0x005344b0bf5b548c,0x002957d0b705cc99,0x00f586a70390553d,0x0075b3229f583cc3,0x00a1aa78227490e4,0x001bf09cf7957717,0x00cf6bf344325f52,0x0065bd1c23ca3ecf)}, - }}, {{ - {FIELD_LITERAL(0x009bff3b3239363c,0x00e17368796ef7c0,0x00528b0fe0971f3a,0x0008014fc8d4a095,0x00d09f2e8a521ec4,0x006713ab5dde5987,0x0003015758e0dbb1,0x00215999f1ba212d)}, - {FIELD_LITERAL(0x002c88e93527da0e,0x0077c78f3456aad5,0x0071087a0a389d1c,0x00934dac1fb96dbd,0x008470e801162697,0x005bc2196cd4ad49,0x00e535601d5087c3,0x00769888700f497f)}, - {FIELD_LITERAL(0x00da7a4b557298ad,0x0019d2589ea5df76,0x00ef3e38be0c6497,0x00a9644e1312609a,0x004592f61b2558da,0x0082c1df510d7e46,0x0042809a535c0023,0x00215bcb5afd7757)}, - }}, {{ - {FIELD_LITERAL(0x002b9df55a1a4213,0x00dcfc3b464a26be,0x00c4f9e07a8144d5,0x00c8e0617a92b602,0x008e3c93accafae0,0x00bf1bcb95b2ca60,0x004ce2426a613bf3,0x00266cac58e40921)}, - {FIELD_LITERAL(0x008456d5db76e8f0,0x0032ca9cab2ce163,0x0059f2b8bf91abcf,0x0063c2a021712788,0x00f86155af22f72d,0x00db98b2a6c005a0,0x00ac6e416a693ac4,0x007a93572af53226)}, - {FIELD_LITERAL(0x0087767520f0de22,0x0091f64012279fb5,0x001050f1f0644999,0x004f097a2477ad3c,0x006b37913a9947bd,0x001a3d78645af241,0x0057832bbb3008a7,0x002c1d902b80dc20)}, - }}, {{ - {FIELD_LITERAL(0x001a6002bf178877,0x009bce168aa5af50,0x005fc318ff04a7f5,0x0052818f55c36461,0x008768f5d4b24afb,0x0037ffbae7b69c85,0x0018195a4b61edc0,0x001e12ea088434b2)}, - {FIELD_LITERAL(0x0047d3f804e7ab07,0x00a809ab5f905260,0x00b3ffc7cdaf306d,0x00746e8ec2d6e509,0x00d0dade8887a645,0x00acceeebde0dd37,0x009bc2579054686b,0x0023804f97f1c2bf)}, - {FIELD_LITERAL(0x0043e2e2e50b80d7,0x00143aafe4427e0f,0x005594aaecab855b,0x008b12ccaaecbc01,0x002deeb091082bc3,0x009cca4be2ae7514,0x00142b96e696d047,0x00ad2a2b1c05256a)}, - }}, {{ - {FIELD_LITERAL(0x003914f2f144b78b,0x007a95dd8bee6f68,0x00c7f4384d61c8e6,0x004e51eb60f1bdb2,0x00f64be7aa4621d8,0x006797bfec2f0ac0,0x007d17aab3c75900,0x001893e73cac8bc5)}, - {FIELD_LITERAL(0x00140360b768665b,0x00b68aca4967f977,0x0001089b66195ae4,0x00fe71122185e725,0x000bca2618d49637,0x00a54f0557d7e98a,0x00cdcd2f91d6f417,0x00ab8c13741fd793)}, - {FIELD_LITERAL(0x00725ee6b1e549e0,0x007124a0769777fa,0x000b68fdad07ae42,0x0085b909cd4952df,0x0092d2e3c81606f4,0x009f22f6cac099a0,0x00f59da57f2799a8,0x00f06c090122f777)}, - }}, {{ - {FIELD_LITERAL(0x00ce0bed0a3532bc,0x001a5048a22df16b,0x00e31db4cbad8bf1,0x00e89292120cf00e,0x007d1dd1a9b00034,0x00e2a9041ff8f680,0x006a4c837ae596e7,0x00713af1068070b3)}, - {FIELD_LITERAL(0x00c4fe64ce66d04b,0x00b095d52e09b3d7,0x00758bbecb1a3a8e,0x00f35cce8d0650c0,0x002b878aa5984473,0x0062e0a3b7544ddc,0x00b25b290ed116fe,0x007b0f6abe0bebf2)}, - {FIELD_LITERAL(0x0081d4e3addae0a8,0x003410c836c7ffcc,0x00c8129ad89e4314,0x000e3d5a23922dcd,0x00d91e46f29c31f3,0x006c728cde8c5947,0x002bc655ba2566c0,0x002ca94721533108)}, - }}, {{ - {FIELD_LITERAL(0x0051e4b3f764d8a9,0x0019792d46e904a0,0x00853bc13dbc8227,0x000840208179f12d,0x0068243474879235,0x0013856fbfe374d0,0x00bda12fe8676424,0x00bbb43635926eb2)}, - {FIELD_LITERAL(0x0012cdc880a93982,0x003c495b21cd1b58,0x00b7e5c93f22a26e,0x0044aa82dfb99458,0x009ba092cdffe9c0,0x00a14b3ab2083b73,0x000271c2f70e1c4b,0x00eea9cac0f66eb8)}, - {FIELD_LITERAL(0x001a1847c4ac5480,0x00b1b412935bb03a,0x00f74285983bf2b2,0x00624138b5b5d0f1,0x008820c0b03d38bf,0x00b94e50a18c1572,0x0060f6934841798f,0x00c52f5d66d6ebe2)}, - }}, {{ - {FIELD_LITERAL(0x00da23d59f9bcea6,0x00e0f27007a06a4b,0x00128b5b43a6758c,0x000cf50190fa8b56,0x00fc877aba2b2d72,0x00623bef52edf53f,0x00e6af6b819669e2,0x00e314dc34fcaa4f)}, - {FIELD_LITERAL(0x0066e5eddd164d1e,0x00418a7c6fe28238,0x0002e2f37e962c25,0x00f01f56b5975306,0x0048842fa503875c,0x0057b0e968078143,0x00ff683024f3d134,0x0082ae28fcad12e4)}, - {FIELD_LITERAL(0x0011ddfd21260e42,0x00d05b0319a76892,0x00183ea4368e9b8f,0x00b0815662affc96,0x00b466a5e7ce7c88,0x00db93b07506e6ee,0x0033885f82f62401,0x0086f9090ec9b419)}, - }}, {{ - {FIELD_LITERAL(0x00d95d1c5fcb435a,0x0016d1ed6b5086f9,0x00792aa0b7e54d71,0x0067b65715f1925d,0x00a219755ec6176b,0x00bc3f026b12c28f,0x00700c897ffeb93e,0x0089b83f6ec50b46)}, - {FIELD_LITERAL(0x003c97e6384da36e,0x00423d53eac81a09,0x00b70d68f3cdce35,0x00ee7959b354b92c,0x00f4e9718819c8ca,0x009349f12acbffe9,0x005aee7b62cb7da6,0x00d97764154ffc86)}, - {FIELD_LITERAL(0x00526324babb46dc,0x002ee99b38d7bf9e,0x007ea51794706ef4,0x00abeb04da6e3c39,0x006b457c1d281060,0x00fe243e9a66c793,0x00378de0fb6c6ee4,0x003e4194b9c3cb93)}, - }}, {{ - {FIELD_LITERAL(0x00fed3cd80ca2292,0x0015b043a73ca613,0x000a9fd7bf9be227,0x003b5e03de2db983,0x005af72d46904ef7,0x00c0f1b5c49faa99,0x00dc86fc3bd305e1,0x00c92f08c1cb1797)}, - {FIELD_LITERAL(0x0079680ce111ed3b,0x001a1ed82806122c,0x000c2e7466d15df3,0x002c407f6f7150fd,0x00c5e7c96b1b0ce3,0x009aa44626863ff9,0x00887b8b5b80be42,0x00b6023cec964825)}, - {FIELD_LITERAL(0x00e4a8e1048970c8,0x0062887b7830a302,0x00bcf1c8cd81402b,0x0056dbb81a68f5be,0x0014eced83f12452,0x00139e1a510150df,0x00bb81140a82d1a3,0x000febcc1aaf1aa7)}, - }}, {{ - {FIELD_LITERAL(0x00a7527958238159,0x0013ec9537a84cd6,0x001d7fee7d562525,0x00b9eefa6191d5e5,0x00dbc97db70bcb8a,0x00481affc7a4d395,0x006f73d3e70c31bb,0x00183f324ed96a61)}, - {FIELD_LITERAL(0x0039dd7ce7fc6860,0x00d64f6425653da1,0x003e037c7f57d0af,0x0063477a06e2bcf2,0x001727dbb7ac67e6,0x0049589f5efafe2e,0x00fc0fef2e813d54,0x008baa5d087fb50d)}, - {FIELD_LITERAL(0x0024fb59d9b457c7,0x00a7d4e060223e4c,0x00c118d1b555fd80,0x0082e216c732f22a,0x00cd2a2993089504,0x003638e836a3e13d,0x000d855ee89b4729,0x008ec5b7d4810c91)}, - }}, {{ - {FIELD_LITERAL(0x001bf51f7d65cdfd,0x00d14cdafa16a97d,0x002c38e60fcd10e7,0x00a27446e393efbd,0x000b5d8946a71fdd,0x0063df2cde128f2f,0x006c8679569b1888,0x0059ffc4925d732d)}, - {FIELD_LITERAL(0x00ece96f95f2b66f,0x00ece7952813a27b,0x0026fc36592e489e,0x007157d1a2de0f66,0x00759dc111d86ddf,0x0012881e5780bb0f,0x00c8ccc83ad29496,0x0012b9bd1929eb71)}, - {FIELD_LITERAL(0x000fa15a20da5df0,0x00349ddb1a46cd31,0x002c512ad1d8e726,0x00047611f669318d,0x009e68fba591e17e,0x004320dffa803906,0x00a640874951a3d3,0x00b6353478baa24f)}, - }}, {{ - {FIELD_LITERAL(0x009696510000d333,0x00ec2f788bc04826,0x000e4d02b1f67ba5,0x00659aa8dace08b6,0x00d7a38a3a3ae533,0x008856defa8c746b,0x004d7a4402d3da1a,0x00ea82e06229260f)}, - {FIELD_LITERAL(0x006a15bb20f75c0c,0x0079a144027a5d0c,0x00d19116ce0b4d70,0x0059b83bcb0b268e,0x005f58f63f16c127,0x0079958318ee2c37,0x00defbb063d07f82,0x00f1f0b931d2d446)}, - {FIELD_LITERAL(0x00cb5e4c3c35d422,0x008df885ca43577f,0x00fa50b16ca3e471,0x005a0e58e17488c8,0x00b2ceccd6d34d19,0x00f01d5d235e36e9,0x00db2e7e4be6ca44,0x00260ab77f35fccd)}, - }}, {{ - {FIELD_LITERAL(0x006f6fd9baac61d5,0x002a7710a020a895,0x009de0db7fc03d4d,0x00cdedcb1875f40b,0x00050caf9b6b1e22,0x005e3a6654456ab0,0x00775fdf8c4423d4,0x0028701ea5738b5d)}, - {FIELD_LITERAL(0x009ffd90abfeae96,0x00cba3c2b624a516,0x005ef08bcee46c91,0x00e6fde30afb6185,0x00f0b4db4f818ce4,0x006c54f45d2127f5,0x00040125035854c7,0x00372658a3287e13)}, - {FIELD_LITERAL(0x00d7070fb1beb2ab,0x0078fc845a93896b,0x006894a4b2f224a6,0x005bdd8192b9dbde,0x00b38839874b3a9e,0x00f93618b04b7a57,0x003e3ec75fd2c67e,0x00bf5e6bfc29494a)}, - }}, {{ - {FIELD_LITERAL(0x00f19224ebba2aa5,0x0074f89d358e694d,0x00eea486597135ad,0x0081579a4555c7e1,0x0010b9b872930a9d,0x00f002e87a30ecc0,0x009b9d66b6de56e2,0x00a3c4f45e8004eb)}, - {FIELD_LITERAL(0x0045e8dda9400888,0x002ff12e5fc05db7,0x00a7098d54afe69c,0x00cdbe846a500585,0x00879c1593ca1882,0x003f7a7fea76c8b0,0x002cd73dd0c8e0a1,0x00645d6ce96f51fe)}, - {FIELD_LITERAL(0x002b7e83e123d6d6,0x00398346f7419c80,0x0042922e55940163,0x005e7fc5601886a3,0x00e88f2cee1d3103,0x00e7fab135f2e377,0x00b059984dbf0ded,0x0009ce080faa5bb8)}, - }}, {{ - {FIELD_LITERAL(0x0085e78af7758979,0x00275a4ee1631a3a,0x00d26bc0ed78b683,0x004f8355ea21064f,0x00d618e1a32696e5,0x008d8d7b150e5680,0x00a74cd854b278d2,0x001dd62702203ea0)}, - {FIELD_LITERAL(0x00f89335c2a59286,0x00a0f5c905d55141,0x00b41fb836ee9382,0x00e235d51730ca43,0x00a5cb37b5c0a69a,0x009b966ffe136c45,0x00cb2ea10bf80ed1,0x00fb2b370b40dc35)}, - {FIELD_LITERAL(0x00d687d16d4ee8ba,0x0071520bdd069dff,0x00de85c60d32355d,0x0087d2e3565102f4,0x00cde391b8dfc9aa,0x00e18d69efdfefe5,0x004a9d0591954e91,0x00fa36dd8b50eee5)}, - }}, {{ - {FIELD_LITERAL(0x002e788749a865f7,0x006e4dc3116861ea,0x009f1428c37276e6,0x00e7d2e0fc1e1226,0x003aeebc6b6c45f6,0x0071a8073bf500c9,0x004b22ad986b530c,0x00f439e63c0d79d4)}, - {FIELD_LITERAL(0x006bc3d53011f470,0x00032d6e692b83e8,0x00059722f497cd0b,0x0009b4e6f0c497cc,0x0058a804b7cce6c0,0x002b71d3302bbd5d,0x00e2f82a36765fce,0x008dded99524c703)}, - {FIELD_LITERAL(0x004d058953747d64,0x00701940fe79aa6f,0x00a620ac71c760bf,0x009532b611158b75,0x00547ed7f466f300,0x003cb5ab53a8401a,0x00c7763168ce3120,0x007e48e33e4b9ab2)}, - }}, {{ - {FIELD_LITERAL(0x001b2fc57bf3c738,0x006a3f918993fb80,0x0026f7a14fdec288,0x0075a2cdccef08db,0x00d3ecbc9eecdbf1,0x0048c40f06e5bf7f,0x00d63e423009896b,0x000598bc99c056a8)}, - {FIELD_LITERAL(0x002f194eaafa46dc,0x008e38f57fe87613,0x00dc8e5ae25f4ab2,0x000a17809575e6bd,0x00d3ec7923ba366a,0x003a7e72e0ad75e3,0x0010024b88436e0a,0x00ed3c5444b64051)}, - {FIELD_LITERAL(0x00831fc1340af342,0x00c9645669466d35,0x007692b4cc5a080f,0x009fd4a47ac9259f,0x001eeddf7d45928b,0x003c0446fc45f28b,0x002c0713aa3e2507,0x0095706935f0f41e)}, - }}, {{ - {FIELD_LITERAL(0x00766ae4190ec6d8,0x0065768cabc71380,0x00b902598416cdc2,0x00380021ad38df52,0x008f0b89d6551134,0x004254d4cc62c5a5,0x000d79f4484b9b94,0x00b516732ae3c50e)}, - {FIELD_LITERAL(0x001fb73475c45509,0x00d2b2e5ea43345a,0x00cb3c3842077bd1,0x0029f90ad820946e,0x007c11b2380778aa,0x009e54ece62c1704,0x004bc60c41ca01c3,0x004525679a5a0b03)}, - {FIELD_LITERAL(0x00c64fbddbed87b3,0x0040601d11731faa,0x009c22475b6f9d67,0x0024b79dae875f15,0x00616fed3f02c3b0,0x0000cf39f6af2d3b,0x00c46bac0aa9a688,0x00ab23e2800da204)}, - }}, {{ - {FIELD_LITERAL(0x000b3a37617632b0,0x00597199fe1cfb6c,0x0042a7ccdfeafdd6,0x004cc9f15ebcea17,0x00f436e596a6b4a4,0x00168861142df0d8,0x000753edfec26af5,0x000c495d7e388116)}, - {FIELD_LITERAL(0x0017085f4a346148,0x00c7cf7a37f62272,0x001776e129bc5c30,0x009955134c9eef2a,0x001ba5bdf1df07be,0x00ec39497103a55c,0x006578354fda6cfb,0x005f02719d4f15ee)}, - {FIELD_LITERAL(0x0052b9d9b5d9655d,0x00d4ec7ba1b461c3,0x00f95df4974f280b,0x003d8e5ca11aeb51,0x00d4981eb5a70b26,0x000af9a4f6659f29,0x004598c846faeb43,0x0049d9a183a47670)}, - }}, {{ - {FIELD_LITERAL(0x000a72d23dcb3f1f,0x00a3737f84011727,0x00f870c0fbbf4a47,0x00a7aadd04b5c9ca,0x000c7715c67bd072,0x00015a136afcd74e,0x0080d5caea499634,0x0026b448ec7514b7)}, - {FIELD_LITERAL(0x00b60167d9e7d065,0x00e60ba0d07381e8,0x003a4f17b725c2d4,0x006c19fe176b64fa,0x003b57b31af86ccb,0x0021047c286180fd,0x00bdc8fb00c6dbb6,0x00fe4a9f4bab4f3f)}, - {FIELD_LITERAL(0x0088ffc3a16111f7,0x009155e4245d0bc8,0x00851d68220572d5,0x00557ace1e514d29,0x0031d7c339d91022,0x00101d0ae2eaceea,0x00246ab3f837b66a,0x00d5216d381ff530)}, - }}, {{ - {FIELD_LITERAL(0x0057e7ea35f36dae,0x00f47d7ad15de22e,0x00d757ea4b105115,0x008311457d579d7e,0x00b49b75b1edd4eb,0x0081c7ff742fd63a,0x00ddda3187433df6,0x00475727d55f9c66)}, - {FIELD_LITERAL(0x00a6295218dc136a,0x00563b3af0e9c012,0x00d3753b0145db1b,0x004550389c043dc1,0x00ea94ae27401bdf,0x002b0b949f2b7956,0x00c63f780ad8e23c,0x00e591c47d6bab15)}, - {FIELD_LITERAL(0x00416c582b058eb6,0x004107da5b2cc695,0x00b3cd2556aeec64,0x00c0b418267e57a1,0x001799293579bd2e,0x0046ed44590e4d07,0x001d7459b3630a1e,0x00c6afba8b6696aa)}, - }}, {{ - {FIELD_LITERAL(0x008d6009b26da3f8,0x00898e88ca06b1ca,0x00edb22b2ed7fe62,0x00fbc93516aabe80,0x008b4b470c42ce0d,0x00e0032ba7d0dcbb,0x00d76da3a956ecc8,0x007f20fe74e3852a)}, - {FIELD_LITERAL(0x002419222c607674,0x00a7f23af89188b3,0x00ad127284e73d1c,0x008bba582fae1c51,0x00fc6aa7ca9ecab1,0x003df5319eb6c2ba,0x002a05af8a8b199a,0x004bf8354558407c)}, - {FIELD_LITERAL(0x00ce7d4a30f0fcbf,0x00d02c272629f03d,0x0048c001f7400bc2,0x002c21368011958d,0x0098a550391e96b5,0x002d80b66390f379,0x001fa878760cc785,0x001adfce54b613d5)}, - }}, {{ - {FIELD_LITERAL(0x001ed4dc71fa2523,0x005d0bff19bf9b5c,0x00c3801cee065a64,0x001ed0b504323fbf,0x0003ab9fdcbbc593,0x00df82070178b8d2,0x00a2bcaa9c251f85,0x00c628a3674bd02e)}, - {FIELD_LITERAL(0x006b7a0674f9f8de,0x00a742414e5c7cff,0x0041cbf3c6e13221,0x00e3a64fd207af24,0x0087c05f15fbe8d1,0x004c50936d9e8a33,0x001306ec21042b6d,0x00a4f4137d1141c2)}, - {FIELD_LITERAL(0x0009e6fb921568b0,0x00b3c60120219118,0x002a6c3460dd503a,0x009db1ef11654b54,0x0063e4bf0be79601,0x00670d34bb2592b9,0x00dcee2f6c4130ce,0x00b2682e88e77f54)}, - }}, {{ - {FIELD_LITERAL(0x000d5b4b3da135ab,0x00838f3e5064d81d,0x00d44eb50f6d94ed,0x0008931ab502ac6d,0x00debe01ca3d3586,0x0025c206775f0641,0x005ad4b6ae912763,0x007e2c318ad8f247)}, - {FIELD_LITERAL(0x00ddbe0750dd1add,0x004b3c7b885844b8,0x00363e7ecf12f1ae,0x0062e953e6438f9d,0x0023cc73b076afe9,0x00b09fa083b4da32,0x00c7c3d2456c541d,0x005b591ec6b694d4)}, - {FIELD_LITERAL(0x0028656e19d62fcf,0x0052a4af03df148d,0x00122765ddd14e42,0x00f2252904f67157,0x004741965b636f3a,0x006441d296132cb9,0x005e2106f956a5b7,0x00247029592d335c)}, - }}, {{ - {FIELD_LITERAL(0x003fe038eb92f894,0x000e6da1b72e8e32,0x003a1411bfcbe0fa,0x00b55d473164a9e4,0x00b9a775ac2df48d,0x0002ddf350659e21,0x00a279a69eb19cb3,0x00f844eab25cba44)}, - {FIELD_LITERAL(0x00c41d1f9c1f1ac1,0x007b2df4e9f19146,0x00b469355fd5ba7a,0x00b5e1965afc852a,0x00388d5f1e2d8217,0x0022079e4c09ae93,0x0014268acd4ef518,0x00c1dd8d9640464c)}, - {FIELD_LITERAL(0x0038526adeed0c55,0x00dd68c607e3fe85,0x00f746ddd48a5d57,0x0042f2952b963b7c,0x001cbbd6876d5ec2,0x005e341470bca5c2,0x00871d41e085f413,0x00e53ab098f45732)}, - }}, {{ - {FIELD_LITERAL(0x004d51124797c831,0x008f5ae3750347ad,0x0070ced94c1a0c8e,0x00f6db2043898e64,0x000d00c9a5750cd0,0x000741ec59bad712,0x003c9d11aab37b7f,0x00a67ba169807714)}, - {FIELD_LITERAL(0x00adb2c1566e8b8f,0x0096c68a35771a9a,0x00869933356f334a,0x00ba9c93459f5962,0x009ec73fb6e8ca4b,0x003c3802c27202e1,0x0031f5b733e0c008,0x00f9058c19611fa9)}, - {FIELD_LITERAL(0x00238f01814a3421,0x00c325a44b6cce28,0x002136f97aeb0e73,0x000cac8268a4afe2,0x0022fd218da471b3,0x009dcd8dfff8def9,0x00cb9f8181d999bb,0x00143ae56edea349)}, - }}, {{ - {FIELD_LITERAL(0x0000623bf87622c5,0x00a1966fdd069496,0x00c315b7b812f9fc,0x00bdf5efcd128b97,0x001d464f532e3e16,0x003cd94f081bfd7e,0x00ed9dae12ce4009,0x002756f5736eee70)}, - {FIELD_LITERAL(0x00a5187e6ee7341b,0x00e6d52e82d83b6e,0x00df3c41323094a7,0x00b3324f444e9de9,0x00689eb21a35bfe5,0x00f16363becd548d,0x00e187cc98e7f60f,0x00127d9062f0ccab)}, - {FIELD_LITERAL(0x004ad71b31c29e40,0x00a5fcace12fae29,0x004425b5597280ed,0x00e7ef5d716c3346,0x0010b53ada410ac8,0x0092310226060c9b,0x0091c26128729c7e,0x0088b42900f8ec3b)}, - }}, {{ - {FIELD_LITERAL(0x00f1e26e9762d4a8,0x00d9d74082183414,0x00ffec9bd57a0282,0x000919e128fd497a,0x00ab7ae7d00fe5f8,0x0054dc442851ff68,0x00c9ebeb3b861687,0x00507f7cab8b698f)}, - {FIELD_LITERAL(0x00c13c5aae3ae341,0x009c6c9ed98373e7,0x00098f26864577a8,0x0015b886e9488b45,0x0037692c42aadba5,0x00b83170b8e7791c,0x001670952ece1b44,0x00fd932a39276da2)}, - {FIELD_LITERAL(0x0081a3259bef3398,0x005480fff416107b,0x00ce4f607d21be98,0x003ffc084b41df9b,0x0043d0bb100502d1,0x00ec35f575ba3261,0x00ca18f677300ef3,0x00e8bb0a827d8548)}, - }}, {{ - {FIELD_LITERAL(0x00df76b3328ada72,0x002e20621604a7c2,0x00f910638a105b09,0x00ef4724d96ef2cd,0x00377d83d6b8a2f7,0x00b4f48805ade324,0x001cd5da8b152018,0x0045af671a20ca7f)}, - {FIELD_LITERAL(0x009ae3b93a56c404,0x004a410b7a456699,0x00023a619355e6b2,0x009cdc7297387257,0x0055b94d4ae70d04,0x002cbd607f65b005,0x003208b489697166,0x00ea2aa058867370)}, - {FIELD_LITERAL(0x00f29d2598ee3f32,0x00b4ac5385d82adc,0x007633eaf04df19b,0x00aa2d3d77ceab01,0x004a2302fcbb778a,0x00927f225d5afa34,0x004a8e9d5047f237,0x008224ae9dbce530)}, - }}, {{ - {FIELD_LITERAL(0x001cf640859b02f8,0x00758d1d5d5ce427,0x00763c784ef4604c,0x005fa81aee205270,0x00ac537bfdfc44cb,0x004b919bd342d670,0x00238508d9bf4b7a,0x00154888795644f3)}, - {FIELD_LITERAL(0x00c845923c084294,0x00072419a201bc25,0x0045f408b5f8e669,0x00e9d6a186b74dfe,0x00e19108c68fa075,0x0017b91d874177b7,0x002f0ca2c7912c5a,0x009400aa385a90a2)}, - {FIELD_LITERAL(0x0071110b01482184,0x00cfed0044f2bef8,0x0034f2901cf4662e,0x003b4ae2a67f9834,0x00cca9b96fe94810,0x00522507ae77abd0,0x00bac7422721e73e,0x0066622b0f3a62b0)}, - }}, {{ - {FIELD_LITERAL(0x00f8ac5cf4705b6a,0x00867d82dcb457e3,0x007e13ab2ccc2ce9,0x009ee9a018d3930e,0x008370f8ecb42df8,0x002d9f019add263e,0x003302385b92d196,0x00a15654536e2c0c)}, - {FIELD_LITERAL(0x0026ef1614e160af,0x00c023f9edfc9c76,0x00cff090da5f57ba,0x0076db7a66643ae9,0x0019462f8c646999,0x008fec00b3854b22,0x00d55041692a0a1c,0x0065db894215ca00)}, - {FIELD_LITERAL(0x00a925036e0a451c,0x002a0390c36b6cc1,0x00f27020d90894f4,0x008d90d52cbd3d7f,0x00e1d0137392f3b8,0x00f017c158b51a8f,0x00cac313d3ed7dbc,0x00b99a81e3eb42d3)}, - }}, {{ - {FIELD_LITERAL(0x00b54850275fe626,0x0053a3fd1ec71140,0x00e3d2d7dbe096fa,0x00e4ac7b595cce4c,0x0077bad449c0a494,0x00b7c98814afd5b3,0x0057226f58486cf9,0x00b1557154f0cc57)}, - {FIELD_LITERAL(0x008cc9cd236315c0,0x0031d9c5b39fda54,0x00a5713ef37e1171,0x00293d5ae2886325,0x00c4aba3e05015e1,0x0003f35ef78e4fc6,0x0039d6bd3ac1527b,0x0019d7c3afb77106)}, - {FIELD_LITERAL(0x007b162931a985af,0x00ad40a2e0daa713,0x006df27c4009f118,0x00503e9f4e2e8bec,0x00751a77c82c182d,0x000298937769245b,0x00ffb1e8fabf9ee5,0x0008334706e09abe)}, - }}, {{ - {FIELD_LITERAL(0x00dbca4e98a7dcd9,0x00ee29cfc78bde99,0x00e4a3b6995f52e9,0x0045d70189ae8096,0x00fd2a8a3b9b0d1b,0x00af1793b107d8e1,0x00dbf92cbe4afa20,0x00da60f798e3681d)}, - {FIELD_LITERAL(0x004246bfcecc627a,0x004ba431246c03a4,0x00bd1d101872d497,0x003b73d3f185ee16,0x001feb2e2678c0e3,0x00ff13c5a89dec76,0x00ed06042e771d8f,0x00a4fd2a897a83dd)}, - {FIELD_LITERAL(0x009a4a3be50d6597,0x00de3165fc5a1096,0x004f3f56e345b0c7,0x00f7bf721d5ab8bc,0x004313e47b098c50,0x00e4c7d5c0e1adbb,0x002e3e3db365051e,0x00a480c2cd6a96fb)}, - }}, {{ - {FIELD_LITERAL(0x00417fa30a7119ed,0x00af257758419751,0x00d358a487b463d4,0x0089703cc720b00d,0x00ce56314ff7f271,0x0064db171ade62c1,0x00640b36d4a22fed,0x00424eb88696d23f)}, - {FIELD_LITERAL(0x004ede34af2813f3,0x00d4a8e11c9e8216,0x004796d5041de8a5,0x00c4c6b4d21cc987,0x00e8a433ee07fa1e,0x0055720b5abcc5a1,0x008873ea9c74b080,0x005b3fec1ab65d48)}, - {FIELD_LITERAL(0x0047e5277db70ec5,0x000a096c66db7d6b,0x00b4164cc1730159,0x004a9f783fe720fe,0x00a8177b94449dbc,0x0095a24ff49a599f,0x0069c1c578250cbc,0x00452019213debf4)}, - }}, {{ - {FIELD_LITERAL(0x0021ce99e09ebda3,0x00fcbd9f91875ad0,0x009bbf6b7b7a0b5f,0x00388886a69b1940,0x00926a56d0f81f12,0x00e12903c3358d46,0x005dfce4e8e1ce9d,0x0044cfa94e2f7e23)}, - {FIELD_LITERAL(0x001bd59c09e982ea,0x00f72daeb937b289,0x0018b76dca908e0e,0x00edb498512384ad,0x00ce0243b6cc9538,0x00f96ff690cb4e70,0x007c77bf9f673c8d,0x005bf704c088a528)}, - {FIELD_LITERAL(0x0093d4628dcb33be,0x0095263d51d42582,0x0049b3222458fe06,0x00e7fce73b653a7f,0x003ca2ebce60b369,0x00c5de239a32bea4,0x0063b8b3d71fb6bf,0x0039aeeb78a1a839)}, - }}, {{ - {FIELD_LITERAL(0x007dc52da400336c,0x001fded1e15b9457,0x00902e00f5568e3a,0x00219bef40456d2d,0x005684161fb3dbc9,0x004a4e9be49a76ea,0x006e685ae88b78ff,0x0021c42f13042d3c)}, - {FIELD_LITERAL(0x00fb22bb5fd3ce50,0x0017b48aada7ae54,0x00fd5c44ad19a536,0x000ccc4e4e55e45c,0x00fd637d45b4c3f5,0x0038914e023c37cf,0x00ac1881d6a8d898,0x00611ed8d3d943a8)}, - {FIELD_LITERAL(0x0056e2259d113d2b,0x00594819b284ec16,0x00c7bf794bb36696,0x00721ee75097cdc6,0x00f71be9047a2892,0x00df6ba142564edf,0x0069580b7a184e8d,0x00f056e38fca0fee)}, - }}, {{ - {FIELD_LITERAL(0x009df98566a18c6d,0x00cf3a200968f219,0x0044ba60da6d9086,0x00dbc9c0e344da03,0x000f9401c4466855,0x00d46a57c5b0a8d1,0x00875a635d7ac7c6,0x00ef4a933b7e0ae6)}, - {FIELD_LITERAL(0x005e8694077a1535,0x008bef75f71c8f1d,0x000a7c1316423511,0x00906e1d70604320,0x003fc46c1a2ffbd6,0x00d1d5022e68f360,0x002515fba37bbf46,0x00ca16234e023b44)}, - {FIELD_LITERAL(0x00787c99561f4690,0x00a857a8c1561f27,0x00a10df9223c09fe,0x00b98a9562e3b154,0x004330b8744c3ed2,0x00e06812807ec5c4,0x00e4cf6a7db9f1e3,0x00d95b089f132a34)}, - }}, {{ - {FIELD_LITERAL(0x002922b39ca33eec,0x0090d12a5f3ab194,0x00ab60c02fb5f8ed,0x00188d292abba1cf,0x00e10edec9698f6e,0x0069a4d9934133c8,0x0024aac40e6d3d06,0x001702c2177661b0)}, - {FIELD_LITERAL(0x00139078397030bd,0x000e3c447e859a00,0x0064a5b334c82393,0x00b8aabeb7358093,0x00020778bb9ae73b,0x0032ee94c7892a18,0x008215253cb41bda,0x005e2797593517ae)}, - {FIELD_LITERAL(0x0083765a5f855d4a,0x0051b6d1351b8ee2,0x00116de548b0f7bb,0x0087bd88703affa0,0x0095b2cc34d7fdd2,0x0084cd81b53f0bc8,0x008562fc995350ed,0x00a39abb193651e3)}, - }}, {{ - {FIELD_LITERAL(0x0019e23f0474b114,0x00eb94c2ad3b437e,0x006ddb34683b75ac,0x00391f9209b564c6,0x00083b3bb3bff7aa,0x00eedcd0f6dceefc,0x00b50817f794fe01,0x0036474deaaa75c9)}, - {FIELD_LITERAL(0x0091868594265aa2,0x00797accae98ca6d,0x0008d8c5f0f8a184,0x00d1f4f1c2b2fe6e,0x0036783dfb48a006,0x008c165120503527,0x0025fd780058ce9b,0x0068beb007be7d27)}, - {FIELD_LITERAL(0x00d0ff88aa7c90c2,0x00b2c60dacf53394,0x0094a7284d9666d6,0x00bed9022ce7a19d,0x00c51553f0cd7682,0x00c3fb870b124992,0x008d0bc539956c9b,0x00fc8cf258bb8885)}, - }}, {{ - {FIELD_LITERAL(0x003667bf998406f8,0x0000115c43a12975,0x001e662f3b20e8fd,0x0019ffa534cb24eb,0x00016be0dc8efb45,0x00ff76a8b26243f5,0x00ae20d241a541e3,0x0069bd6af13cd430)}, - {FIELD_LITERAL(0x0045fdc16487cda3,0x00b2d8e844cf2ed7,0x00612c50e88c1607,0x00a08aabc66c1672,0x006031fdcbb24d97,0x001b639525744b93,0x004409d62639ab17,0x00a1853d0347ab1d)}, - {FIELD_LITERAL(0x0075a1a56ebf5c21,0x00a3e72be9ac53ed,0x00efcde1629170c2,0x0004225fe91ef535,0x0088049fc73dfda7,0x004abc74857e1288,0x0024e2434657317c,0x00d98cb3d3e5543c)}, - }}, {{ - {FIELD_LITERAL(0x00b4b53eab6bdb19,0x009b22d8b43711d0,0x00d948b9d961785d,0x00cb167b6f279ead,0x00191de3a678e1c9,0x00d9dd9511095c2e,0x00f284324cd43067,0x00ed74fa535151dd)}, - {FIELD_LITERAL(0x007e32c049b5c477,0x009d2bfdbd9bcfd8,0x00636e93045938c6,0x007fde4af7687298,0x0046a5184fafa5d3,0x0079b1e7f13a359b,0x00875adf1fb927d6,0x00333e21c61bcad2)}, - {FIELD_LITERAL(0x00048014f73d8b8d,0x0075684aa0966388,0x0092be7df06dc47c,0x0097cebcd0f5568a,0x005a7004d9c4c6a9,0x00b0ecbb659924c7,0x00d90332dd492a7c,0x0057fc14df11493d)}, - }}, {{ - {FIELD_LITERAL(0x0008ed8ea0ad95be,0x0041d324b9709645,0x00e25412257a19b4,0x0058df9f3423d8d2,0x00a9ab20def71304,0x009ae0dbf8ac4a81,0x00c9565977e4392a,0x003c9269444baf55)}, - {FIELD_LITERAL(0x007df6cbb926830b,0x00d336058ae37865,0x007af47dac696423,0x0048d3011ec64ac8,0x006b87666e40049f,0x0036a2e0e51303d7,0x00ba319bd79dbc55,0x003e2737ecc94f53)}, - {FIELD_LITERAL(0x00d296ff726272d9,0x00f6d097928fcf57,0x00e0e616a55d7013,0x00deaf454ed9eac7,0x0073a56bedef4d92,0x006ccfdf6fc92e19,0x009d1ee1371a7218,0x00ee3c2ee4462d80)}, - }}, {{ - {FIELD_LITERAL(0x00437bce9bccdf9d,0x00e0c8e2f85dc0a3,0x00c91a7073995a19,0x00856ec9fe294559,0x009e4b33394b156e,0x00e245b0dc497e5c,0x006a54e687eeaeff,0x00f1cd1cd00fdb7c)}, - {FIELD_LITERAL(0x008132ae5c5d8cd1,0x00121d68324a1d9f,0x00d6be9dafcb8c76,0x00684d9070edf745,0x00519fbc96d7448e,0x00388182fdc1f27e,0x000235baed41f158,0x00bf6cf6f1a1796a)}, - {FIELD_LITERAL(0x002adc4b4d148219,0x003084ada0d3a90a,0x0046de8aab0f2e4e,0x00452d342a67b5fd,0x00d4b50f01d4de21,0x00db6d9fc0cefb79,0x008c184c86a462cd,0x00e17c83764d42da)}, - }}, {{ - {FIELD_LITERAL(0x007b2743b9a1e01a,0x007847ffd42688c4,0x006c7844d610a316,0x00f0cb8b250aa4b0,0x00a19060143b3ae6,0x0014eb10b77cfd80,0x000170905729dd06,0x00063b5b9cd72477)}, - {FIELD_LITERAL(0x00ce382dc7993d92,0x00021153e938b4c8,0x00096f7567f48f51,0x0058f81ddfe4b0d5,0x00cc379a56b355c7,0x002c760770d3e819,0x00ee22d1d26e5a40,0x00de6d93d5b082d7)}, - {FIELD_LITERAL(0x000a91a42c52e056,0x00185f6b77fce7ea,0x000803c51962f6b5,0x0022528582ba563d,0x0043f8040e9856d6,0x0085a29ec81fb860,0x005f9a611549f5ff,0x00c1f974ecbd4b06)}, - }}, {{ - {FIELD_LITERAL(0x005b64c6fd65ec97,0x00c1fdd7f877bc7f,0x000d9cc6c89f841c,0x005c97b7f1aff9ad,0x0075e3c61475d47e,0x001ecb1ba8153011,0x00fe7f1c8d71d40d,0x003fa9757a229832)}, - {FIELD_LITERAL(0x00ffc5c89d2b0cba,0x00d363d42e3e6fc3,0x0019a1a0118e2e8a,0x00f7baeff48882e1,0x001bd5af28c6b514,0x0055476ca2253cb2,0x00d8eb1977e2ddf3,0x00b173b1adb228a1)}, - {FIELD_LITERAL(0x00f2cb99dd0ad707,0x00e1e08b6859ddd8,0x000008f2d0650bcc,0x00d7ed392f8615c3,0x00976750a94da27f,0x003e83bb0ecb69ba,0x00df8e8d15c14ac6,0x00f9f7174295d9c2)}, - }}, {{ - {FIELD_LITERAL(0x00f11cc8e0e70bcb,0x00e5dc689974e7dd,0x0014e409f9ee5870,0x00826e6689acbd63,0x008a6f4e3d895d88,0x00b26a8da41fd4ad,0x000fb7723f83efd7,0x009c749db0a5f6c3)}, - {FIELD_LITERAL(0x002389319450f9ba,0x003677f31aa1250a,0x0092c3db642f38cb,0x00f8b64c0dfc9773,0x00cd49fe3505b795,0x0068105a4090a510,0x00df0ba2072a8bb6,0x00eb396143afd8be)}, - {FIELD_LITERAL(0x00a0d4ecfb24cdff,0x00ddaf8008ba6479,0x00f0b3e36d4b0f44,0x003734bd3af1f146,0x00b87e2efc75527e,0x00d230df55ddab50,0x002613257ae56c1d,0x00bc0946d135934d)}, - }}, {{ - {FIELD_LITERAL(0x00468711bd994651,0x0033108fa67561bf,0x0089d760192a54b4,0x00adc433de9f1871,0x000467d05f36e050,0x007847e0f0579f7f,0x00a2314ad320052d,0x00b3a93649f0b243)}, - {FIELD_LITERAL(0x0067f8f0c4fe26c9,0x0079c4a3cc8f67b9,0x0082b1e62f23550d,0x00f2d409caefd7f5,0x0080e67dcdb26e81,0x0087ae993ea1f98a,0x00aa108becf61d03,0x001acf11efb608a3)}, - {FIELD_LITERAL(0x008225febbab50d9,0x00f3b605e4dd2083,0x00a32b28189e23d2,0x00d507e5e5eb4c97,0x005a1a84e302821f,0x0006f54c1c5f08c7,0x00a347c8cb2843f0,0x0009f73e9544bfa5)}, - }}, {{ - {FIELD_LITERAL(0x006c59c9ae744185,0x009fc32f1b4282cd,0x004d6348ca59b1ac,0x00105376881be067,0x00af4096013147dc,0x004abfb5a5cb3124,0x000d2a7f8626c354,0x009c6ed568e07431)}, - {FIELD_LITERAL(0x00e828333c297f8b,0x009ef3cf8c3f7e1f,0x00ab45f8fff31cb9,0x00c8b4178cb0b013,0x00d0c50dd3260a3f,0x0097126ac257f5bc,0x0042376cc90c705a,0x001d96fdb4a1071e)}, - {FIELD_LITERAL(0x00542d44d89ee1a8,0x00306642e0442d98,0x0090853872b87338,0x002362cbf22dc044,0x002c222adff663b8,0x0067c924495fcb79,0x000e621d983c977c,0x00df77a9eccb66fb)}, - }}, {{ - {FIELD_LITERAL(0x002809e4bbf1814a,0x00b9e854f9fafb32,0x00d35e67c10f7a67,0x008f1bcb76e748cf,0x004224d9515687d2,0x005ba0b774e620c4,0x00b5e57db5d54119,0x00e15babe5683282)}, - {FIELD_LITERAL(0x00832d02369b482c,0x00cba52ff0d93450,0x003fa9c908d554db,0x008d1e357b54122f,0x00abd91c2dc950c6,0x007eff1df4c0ec69,0x003f6aeb13fb2d31,0x00002d6179fc5b2c)}, - {FIELD_LITERAL(0x0046c9eda81c9c89,0x00b60cb71c8f62fc,0x0022f5a683baa558,0x00f87319fccdf997,0x009ca09b51ce6a22,0x005b12baf4af7d77,0x008a46524a1e33e2,0x00035a77e988be0d)}, - }}, {{ - {FIELD_LITERAL(0x00a7efe46a7dbe2f,0x002f66fd55014fe7,0x006a428afa1ff026,0x0056caaa9604ab72,0x0033f3bcd7fac8ae,0x00ccb1aa01c86764,0x00158d1edf13bf40,0x009848ee76fcf3b4)}, - {FIELD_LITERAL(0x00a9e7730a819691,0x00d9cc73c4992b70,0x00e299bde067de5a,0x008c314eb705192a,0x00e7226f17e8a3cc,0x0029dfd956e65a47,0x0053a8e839073b12,0x006f942b2ab1597e)}, - {FIELD_LITERAL(0x001c3d780ecd5e39,0x0094f247fbdcc5fe,0x00d5c786fd527764,0x00b6f4da74f0db2a,0x0080f1f8badcd5fc,0x00f36a373ad2e23b,0x00f804f9f4343bf2,0x00d1af40ec623982)}, - }}, {{ - {FIELD_LITERAL(0x0082aeace5f1b144,0x00f68b3108cf4dd3,0x00634af01dde3020,0x000beab5df5c2355,0x00e8b790d1b49b0b,0x00e48d15854e36f4,0x0040ab2d95f3db9f,0x002711c4ed9e899a)}, - {FIELD_LITERAL(0x0039343746531ebe,0x00c8509d835d429d,0x00e79eceff6b0018,0x004abfd31e8efce5,0x007bbfaaa1e20210,0x00e3be89c193e179,0x001c420f4c31d585,0x00f414a315bef5ae)}, - {FIELD_LITERAL(0x007c296a24990df8,0x00d5d07525a75588,0x00dd8e113e94b7e7,0x007bbc58febe0cc8,0x0029f51af9bfcad3,0x007e9311ec7ab6f3,0x009a884de1676343,0x0050d5f2dce84be9)}, - }}, {{ - {FIELD_LITERAL(0x005fa020cca2450a,0x00491c29db6416d8,0x0037cefe3f9f9a85,0x003d405230647066,0x0049e835f0fdbe89,0x00feb78ac1a0815c,0x00828e4b32dc9724,0x00db84f2dc8d6fd4)}, - {FIELD_LITERAL(0x0098cddc8b39549a,0x006da37e3b05d22c,0x00ce633cfd4eb3cb,0x00fda288ef526acd,0x0025338878c5d30a,0x00f34438c4e5a1b4,0x00584efea7c310f1,0x0041a551f1b660ad)}, - {FIELD_LITERAL(0x00d7f7a8fbd6437a,0x0062872413bf3753,0x00ad4bbcb43c584b,0x007fe49be601d7e3,0x0077c659789babf4,0x00eb45fcb06a741b,0x005ce244913f9708,0x0088426401736326)}, - }}, {{ - {FIELD_LITERAL(0x007bf562ca768d7c,0x006c1f3a174e387c,0x00f024b447fee939,0x007e7af75f01143f,0x003adb70b4eed89d,0x00e43544021ad79a,0x0091f7f7042011f6,0x0093c1a1ee3a0ddc)}, - {FIELD_LITERAL(0x00a0b68ec1eb72d2,0x002c03235c0d45a0,0x00553627323fe8c5,0x006186e94b17af94,0x00a9906196e29f14,0x0025b3aee6567733,0x007e0dd840080517,0x0018eb5801a4ba93)}, - {FIELD_LITERAL(0x00d7fe7017bf6a40,0x006e3f0624be0c42,0x00ffbba205358245,0x00f9fc2cf8194239,0x008d93b37bf15b4e,0x006ddf2e38be8e95,0x002b6e79bf5fcff9,0x00ab355da425e2de)}, - }}, {{ - {FIELD_LITERAL(0x00938f97e20be973,0x0099141a36aaf306,0x0057b0ca29e545a1,0x0085db571f9fbc13,0x008b333c554b4693,0x0043ab6ef3e241cb,0x0054fb20aa1e5c70,0x00be0ff852760adf)}, - {FIELD_LITERAL(0x003973d8938971d6,0x002aca26fa80c1f5,0x00108af1faa6b513,0x00daae275d7924e6,0x0053634ced721308,0x00d2355fe0bbd443,0x00357612b2d22095,0x00f9bb9dd4136cf3)}, - {FIELD_LITERAL(0x002bff12cf5e03a5,0x001bdb1fa8a19cf8,0x00c91c6793f84d39,0x00f869f1b2eba9af,0x0059bc547dc3236b,0x00d91611d6d38689,0x00e062daaa2c0214,0x00ed3c047cc2bc82)}, - }}, {{ - {FIELD_LITERAL(0x000050d70c32b31a,0x001939d576d437b3,0x00d709e598bf9fe6,0x00a885b34bd2ee9e,0x00dd4b5c08ab1a50,0x0091bebd50b55639,0x00cf79ff64acdbc6,0x006067a39d826336)}, - {FIELD_LITERAL(0x0062dd0fb31be374,0x00fcc96b84c8e727,0x003f64f1375e6ae3,0x0057d9b6dd1af004,0x00d6a167b1103c7b,0x00dd28f3180fb537,0x004ff27ad7167128,0x008934c33461f2ac)}, - {FIELD_LITERAL(0x0065b472b7900043,0x00ba7efd2ff1064b,0x000b67d6c4c3020f,0x0012d28469f4e46d,0x0031c32939703ec7,0x00b49f0bce133066,0x00f7e10416181d47,0x005c90f51867eecc)}, - }}, {{ - {FIELD_LITERAL(0x0051207abd179101,0x00fc2a5c20d9c5da,0x00fb9d5f2701b6df,0x002dd040fdea82b8,0x00f163b0738442ff,0x00d9736bd68855b8,0x00e0d8e93005e61c,0x00df5a40b3988570)}, - {FIELD_LITERAL(0x0006918f5dfce6dc,0x00d4bf1c793c57fb,0x0069a3f649435364,0x00e89a50e5b0cd6e,0x00b9f6a237e973af,0x006d4ed8b104e41d,0x00498946a3924cd2,0x00c136ec5ac9d4f7)}, - {FIELD_LITERAL(0x0011a9c290ac5336,0x002b9a2d4a6a6533,0x009a8a68c445d937,0x00361b27b07e5e5c,0x003c043b1755b974,0x00b7eb66cf1155ee,0x0077af5909eefff2,0x0098f609877cc806)}, - }}, {{ - {FIELD_LITERAL(0x00ab13af436bf8f4,0x000bcf0a0dac8574,0x00d50c864f705045,0x00c40e611debc842,0x0085010489bd5caa,0x007c5050acec026f,0x00f67d943c8da6d1,0x00de1da0278074c6)}, - {FIELD_LITERAL(0x00b373076597455f,0x00e83f1af53ac0f5,0x0041f63c01dc6840,0x0097dea19b0c6f4b,0x007f9d63b4c1572c,0x00e692d492d0f5f0,0x00cbcb392e83b4ad,0x0069c0f39ed9b1a8)}, - {FIELD_LITERAL(0x00861030012707c9,0x009fbbdc7fd4aafb,0x008f591d6b554822,0x00df08a41ea18ade,0x009d7d83e642abea,0x0098c71bda3b78ff,0x0022c89e7021f005,0x0044d29a3fe1e3c4)}, - }}, {{ - {FIELD_LITERAL(0x00e748cd7b5c52f2,0x00ea9df883f89cc3,0x0018970df156b6c7,0x00c5a46c2a33a847,0x00cbde395e32aa09,0x0072474ebb423140,0x00fb00053086a23d,0x001dafcfe22d4e1f)}, - {FIELD_LITERAL(0x00c903ee6d825540,0x00add6c4cf98473e,0x007636efed4227f1,0x00905124ae55e772,0x00e6b38fab12ed53,0x0045e132b863fe55,0x003974662edb366a,0x00b1787052be8208)}, - {FIELD_LITERAL(0x00a614b00d775c7c,0x00d7c78941cc7754,0x00422dd68b5dabc4,0x00a6110f0167d28b,0x00685a309c252886,0x00b439ffd5143660,0x003656e29ee7396f,0x00c7c9b9ed5ad854)}, - }}, {{ - {FIELD_LITERAL(0x0040f7e7c5b37bf2,0x0064e4dc81181bba,0x00a8767ae2a366b6,0x001496b4f90546f2,0x002a28493f860441,0x0021f59513049a3a,0x00852d369a8b7ee3,0x00dd2e7d8b7d30a9)}, - {FIELD_LITERAL(0x00006e34a35d9fbc,0x00eee4e48b2f019a,0x006b344743003a5f,0x00541d514f04a7e3,0x00e81f9ee7647455,0x005e2b916c438f81,0x00116f8137b7eff0,0x009bd3decc7039d1)}, - {FIELD_LITERAL(0x0005d226f434110d,0x00af8288b8ef21d5,0x004a7a52ef181c8c,0x00be0b781b4b06de,0x00e6e3627ded07e1,0x00e43aa342272b8b,0x00e86ab424577d84,0x00fb292c566e35bb)}, - }}, {{ - {FIELD_LITERAL(0x00334f5303ea1222,0x00dfb3dbeb0a5d3e,0x002940d9592335c1,0x00706a7a63e8938a,0x005a533558bc4caf,0x00558e33192022a9,0x00970d9faf74c133,0x002979fcb63493ca)}, - {FIELD_LITERAL(0x00e38abece3c82ab,0x005a51f18a2c7a86,0x009dafa2e86d592e,0x00495a62eb688678,0x00b79df74c0eb212,0x0023e8cc78b75982,0x005998cb91075e13,0x00735aa9ba61bc76)}, - {FIELD_LITERAL(0x00d9f7a82ddbe628,0x00a1fc782889ae0f,0x0071ffda12d14b66,0x0037cf4eca7fb3d5,0x00c80bc242c58808,0x0075bf8c2d08c863,0x008d41f31afc52a7,0x00197962ecf38741)}, - }}, {{ - {FIELD_LITERAL(0x006e9f475cccf2ee,0x00454b9cd506430c,0x00224a4fb79ee479,0x0062e3347ef0b5e2,0x0034fd2a3512232a,0x00b8b3cb0f457046,0x00eb20165daa38ec,0x00128eebc2d9c0f7)}, - {FIELD_LITERAL(0x00bfc5fa1e4ea21f,0x00c21d7b6bb892e6,0x00cf043f3acf0291,0x00c13f2f849b3c90,0x00d1a97ebef10891,0x0061e130a445e7fe,0x0019513fdedbf22b,0x001d60c813bff841)}, - {FIELD_LITERAL(0x0019561c7fcf0213,0x00e3dca6843ebd77,0x0068ea95b9ca920e,0x009bdfb70f253595,0x00c68f59186aa02a,0x005aee1cca1c3039,0x00ab79a8a937a1ce,0x00b9a0e549959e6f)}, - }}, {{ - {FIELD_LITERAL(0x00c79e0b6d97dfbd,0x00917c71fd2bc6e8,0x00db7529ccfb63d8,0x00be5be957f17866,0x00a9e11fdc2cdac1,0x007b91a8e1f44443,0x00a3065e4057d80f,0x004825f5b8d5f6d4)}, - {FIELD_LITERAL(0x003e4964fa8a8fc8,0x00f6a1cdbcf41689,0x00943cb18fe7fda7,0x00606dafbf34440a,0x005d37a86399c789,0x00e79a2a69417403,0x00fe34f7e68b8866,0x0011f448ed2df10e)}, - {FIELD_LITERAL(0x00f1f57efcc1fcc4,0x00513679117de154,0x002e5b5b7c86d8c3,0x009f6486561f9cfb,0x00169e74b0170cf7,0x00900205af4af696,0x006acfddb77853f3,0x00df184c90f31068)}, - }}, {{ - {FIELD_LITERAL(0x00b37396c3320791,0x00fc7b67175c5783,0x00c36d2cd73ecc38,0x0080ebcc0b328fc5,0x0043a5b22b35d35d,0x00466c9f1713c9da,0x0026ad346dcaa8da,0x007c684e701183a6)}, - {FIELD_LITERAL(0x00fd579ffb691713,0x00b76af4f81c412d,0x00f239de96110f82,0x00e965fb437f0306,0x00ca7e9436900921,0x00e487f1325fa24a,0x00633907de476380,0x00721c62ac5b8ea0)}, - {FIELD_LITERAL(0x00c0d54e542eb4f9,0x004ed657171c8dcf,0x00b743a4f7c2a39b,0x00fd9f93ed6cc567,0x00307fae3113e58b,0x0058aa577c93c319,0x00d254556f35b346,0x00491aada2203f0d)}, - }}, {{ - {FIELD_LITERAL(0x00dff3103786ff34,0x000144553b1f20c3,0x0095613baeb930e4,0x00098058275ea5d4,0x007cd1402b046756,0x0074d74e4d58aee3,0x005f93fc343ff69b,0x00873df17296b3b0)}, - {FIELD_LITERAL(0x00c4a1fb48635413,0x00b5dd54423ad59f,0x009ff5d53fd24a88,0x003c98d267fc06a7,0x002db7cb20013641,0x00bd1d6716e191f2,0x006dbc8b29094241,0x0044bbf233dafa2c)}, - {FIELD_LITERAL(0x0055838d41f531e6,0x00bf6a2dd03c81b2,0x005827a061c4839e,0x0000de2cbb36aac3,0x002efa29d9717478,0x00f9e928cc8a77ba,0x00c134b458def9ef,0x00958a182223fc48)}, - }}, {{ - {FIELD_LITERAL(0x000a9ee23c06881f,0x002c727d3d871945,0x00f47d971512d24a,0x00671e816f9ef31a,0x00883af2cfaad673,0x00601f98583d6c9a,0x00b435f5adc79655,0x00ad87b71c04bff2)}, - {FIELD_LITERAL(0x007860d99db787cf,0x00fda8983018f4a8,0x008c8866bac4743c,0x00ef471f84c82a3f,0x00abea5976d3b8e7,0x00714882896cd015,0x00b49fae584ddac5,0x008e33a1a0b69c81)}, - {FIELD_LITERAL(0x007b6ee2c9e8a9ec,0x002455dbbd89d622,0x006490cf4eaab038,0x00d925f6c3081561,0x00153b3047de7382,0x003b421f8bdceb6f,0x00761a4a5049da78,0x00980348c5202433)}, - }}, {{ - {FIELD_LITERAL(0x007f8a43da97dd5c,0x00058539c800fc7b,0x0040f3cf5a28414a,0x00d68dd0d95283d6,0x004adce9da90146e,0x00befa41c7d4f908,0x007603bc2e3c3060,0x00bdf360ab3545db)}, - {FIELD_LITERAL(0x00eebfd4e2312cc3,0x00474b2564e4fc8c,0x003303ef14b1da9b,0x003c93e0e66beb1d,0x0013619b0566925a,0x008817c24d901bf3,0x00b62bd8898d218b,0x0075a7716f1e88a2)}, - {FIELD_LITERAL(0x0009218da1e6890f,0x0026907f5fd02575,0x004dabed5f19d605,0x003abf181870249d,0x00b52fd048cc92c4,0x00b6dd51e415a5c5,0x00d9eb82bd2b4014,0x002c865a43b46b43)}, - }}, {{ - {FIELD_LITERAL(0x0070047189452f4c,0x00f7ad12e1ce78d5,0x00af1ba51ec44a8b,0x005f39f63e667cd6,0x00058eac4648425e,0x00d7fdab42bea03b,0x0028576a5688de15,0x00af973209e77c10)}, - {FIELD_LITERAL(0x00c338b915d8fef0,0x00a893292045c39a,0x0028ab4f2eba6887,0x0060743cb519fd61,0x0006213964093ac0,0x007c0b7a43f6266d,0x008e3557c4fa5bda,0x002da976de7b8d9d)}, - {FIELD_LITERAL(0x0048729f8a8b6dcd,0x00fe23b85cc4d323,0x00e7384d16e4db0e,0x004a423970678942,0x00ec0b763345d4ba,0x00c477b9f99ed721,0x00c29dad3777b230,0x001c517b466f7df6)}, - }}, {{ - {FIELD_LITERAL(0x006366c380f7b574,0x001c7d1f09ff0438,0x003e20a7301f5b22,0x00d3efb1916d28f6,0x0049f4f81060ce83,0x00c69d91ea43ced1,0x002b6f3e5cd269ed,0x005b0fb22ce9ec65)}, - {FIELD_LITERAL(0x00aa2261022d883f,0x00ebcca4548010ac,0x002528512e28a437,0x0070ca7676b66082,0x0084bda170f7c6d3,0x00581b4747c9b8bb,0x005c96a01061c7e2,0x00fb7c4a362b5273)}, - {FIELD_LITERAL(0x00c30020eb512d02,0x0060f288283a4d26,0x00b7ed13becde260,0x0075ebb74220f6e9,0x00701079fcfe8a1f,0x001c28fcdff58938,0x002e4544b8f4df6b,0x0060c5bc4f1a7d73)}, - }}, {{ - {FIELD_LITERAL(0x00ae307cf069f701,0x005859f222dd618b,0x00212d6c46ec0b0d,0x00a0fe4642afb62d,0x00420d8e4a0a8903,0x00a80ff639bdf7b0,0x0019bee1490b5d8e,0x007439e4b9c27a86)}, - {FIELD_LITERAL(0x00a94700032a093f,0x0076e96c225216e7,0x00a63a4316e45f91,0x007d8bbb4645d3b2,0x00340a6ff22793eb,0x006f935d4572aeb7,0x00b1fb69f00afa28,0x009e8f3423161ed3)}, - {FIELD_LITERAL(0x009ef49c6b5ced17,0x00a555e6269e9f0a,0x007e6f1d79ec73b5,0x009ac78695a32ac4,0x0001d77fbbcd5682,0x008cea1fee0aaeed,0x00f42bea82a53462,0x002e46ab96cafcc9)}, - }}, {{ - {FIELD_LITERAL(0x0051cfcc5885377a,0x00dce566cb1803ca,0x00430c7643f2c7d4,0x00dce1a1337bdcc0,0x0010d5bd7283c128,0x003b1b547f9b46fe,0x000f245e37e770ab,0x007b72511f022b37)}, - {FIELD_LITERAL(0x0060db815bc4786c,0x006fab25beedc434,0x00c610d06084797c,0x000c48f08537bec0,0x0031aba51c5b93da,0x007968fa6e01f347,0x0030070da52840c6,0x00c043c225a4837f)}, - {FIELD_LITERAL(0x001bcfd00649ee93,0x006dceb47e2a0fd5,0x00f2cebda0cf8fd0,0x00b6b9d9d1fbdec3,0x00815262e6490611,0x00ef7f5ce3176760,0x00e49cd0c998d58b,0x005fc6cc269ba57c)}, - }}, {{ - {FIELD_LITERAL(0x008940211aa0d633,0x00addae28136571d,0x00d68fdbba20d673,0x003bc6129bc9e21a,0x000346cf184ebe9a,0x0068774d741ebc7f,0x0019d5e9e6966557,0x0003cbd7f981b651)}, - {FIELD_LITERAL(0x004a2902926f8d3f,0x00ad79b42637ab75,0x0088f60b90f2d4e8,0x0030f54ef0e398c4,0x00021dc9bf99681e,0x007ebf66fde74ee3,0x004ade654386e9a4,0x00e7485066be4c27)}, - {FIELD_LITERAL(0x00445f1263983be0,0x004cf371dda45e6a,0x00744a89d5a310e7,0x001f20ce4f904833,0x00e746edebe66e29,0x000912ab1f6c153d,0x00f61d77d9b2444c,0x0001499cd6647610)}, + {FIELD_LITERAL(0x00cc3b062366f4ccULL, 0x003d6e34e314aa3cULL, + 0x00d51c0a7521774dULL, 0x0094e060eec6ab8bULL, + 0x00d21291b4d80082ULL, 0x00befed12b55ef1eULL, + 0x00c3dd2df5c94518ULL, 0x00e0a7b112b8d4e6ULL)}, + {FIELD_LITERAL(0x0019eb5608d8723aULL, 0x00d1bab52fb3aedbULL, + 0x00270a7311ebc90cULL, 0x0037c12b91be7f13ULL, + 0x005be16cd8b5c704ULL, 0x003e181acda888e1ULL, + 0x00bc1f00fc3fc6d0ULL, 0x00d3839bfa319e20ULL)}, + {FIELD_LITERAL(0x003caeb88611909fULL, 0x00ea8b378c4df3d4ULL, + 0x00b3295b95a5a19aULL, 0x00a65f97514bdfb5ULL, + 0x00b39efba743cab1ULL, 0x0016ba98b862fd2dULL, + 0x0001508812ee71d7ULL, 0x000a75740eea114aULL)}, + }}, {{ + {FIELD_LITERAL(0x00ebcf0eb649f823ULL, 0x00166d332e98ea03ULL, + 0x0059ddf64f5cd5f6ULL, 0x0047763123d9471bULL, + 0x00a64065c53ef62fULL, 0x00978e44c480153dULL, + 0x000b5b2a0265f194ULL, 0x0046a24b9f32965aULL)}, + {FIELD_LITERAL(0x00b9eef787034df0ULL, 0x0020bc24de3390cdULL, + 0x000022160bae99bbULL, 0x00ae66e886e97946ULL, + 0x0048d4bbe02cbb8bULL, 0x0072ba97b34e38d4ULL, + 0x00eae7ec8f03e85aULL, 0x005ba92ecf808b2cULL)}, + {FIELD_LITERAL(0x00c9cfbbe74258fdULL, 0x00843a979ea9eaa7ULL, + 0x000cbb4371cfbe90ULL, 0x0059bac8f7f0a628ULL, + 0x004b3dff882ff530ULL, 0x0011869df4d90733ULL, + 0x00595aa71f4abfc2ULL, 0x0070e2d38990c2e6ULL)}, + }}, {{ + {FIELD_LITERAL(0x00de2010c0a01733ULL, 0x00c739a612e24297ULL, + 0x00a7212643141d7cULL, 0x00f88444f6b67c11ULL, + 0x00484b7b16ec28f2ULL, 0x009c1b8856af9c68ULL, + 0x00ff4669591fe9d6ULL, 0x0054974be08a32c8ULL)}, + {FIELD_LITERAL(0x0010de3fd682ceedULL, 0x008c07642d83ca4eULL, + 0x0013bb064e00a1ccULL, 0x009411ae27870e11ULL, + 0x00ea8e5b4d531223ULL, 0x0032fe7d2aaece2eULL, + 0x00d989e243e7bb41ULL, 0x000fe79a508e9b8bULL)}, + {FIELD_LITERAL(0x005e0426b9bfc5b1ULL, 0x0041a5b1d29ee4faULL, + 0x0015b0def7774391ULL, 0x00bc164f1f51af01ULL, + 0x00d543b0942797b9ULL, 0x003c129b6398099cULL, + 0x002b114c6e5adf18ULL, 0x00b4e630e4018a7bULL)}, + }}, {{ + {FIELD_LITERAL(0x00d490afc95f8420ULL, 0x00b096bf50c1d9b9ULL, + 0x00799fd707679866ULL, 0x007c74d9334afbeaULL, + 0x00efaa8be80ff4edULL, 0x0075c4943bb81694ULL, + 0x00c21c2fca161f36ULL, 0x00e77035d492bfeeULL)}, + {FIELD_LITERAL(0x006658a190dd6661ULL, 0x00e0e9bab38609a6ULL, + 0x0028895c802237edULL, 0x006a0229c494f587ULL, + 0x002dcde96c9916b7ULL, 0x00d158822de16218ULL, + 0x00173b917a06856fULL, 0x00ca78a79ae07326ULL)}, + {FIELD_LITERAL(0x00e35bfc79caced4ULL, 0x0087238a3e1fe3bbULL, + 0x00bcbf0ff4ceff5bULL, 0x00a19c1c94099b91ULL, + 0x0071e102b49db976ULL, 0x0059e3d004eada1eULL, + 0x008da78afa58a47eULL, 0x00579c8ebf269187ULL)}, + }}, {{ + {FIELD_LITERAL(0x00a16c2905eee75fULL, 0x009d4bcaea2c7e1dULL, + 0x00d3bd79bfad19dfULL, 0x0050da745193342cULL, + 0x006abdb8f6b29ab1ULL, 0x00a24fe0a4fef7efULL, + 0x0063730da1057dfbULL, 0x00a08c312c8eb108ULL)}, + {FIELD_LITERAL(0x00b583be005375beULL, 0x00a40c8f8a4e3df4ULL, + 0x003fac4a8f5bdbf7ULL, 0x00d4481d872cd718ULL, + 0x004dc8749cdbaefeULL, 0x00cce740d5e5c975ULL, + 0x000b1c1f4241fd21ULL, 0x00a76de1b4e1cd07ULL)}, + {FIELD_LITERAL(0x007a076500d30b62ULL, 0x000a6e117b7f090fULL, + 0x00c8712ae7eebd9aULL, 0x000fbd6c1d5f6ff7ULL, + 0x003a7977246ebf11ULL, 0x00166ed969c6600eULL, + 0x00aa42e469c98becULL, 0x00dc58f307cf0666ULL)}, + }}, {{ + {FIELD_LITERAL(0x004b491f65a9a28bULL, 0x006a10309e8a55b7ULL, + 0x00b67210185187efULL, 0x00cf6497b12d9b8fULL, + 0x0085778c56e2b1baULL, 0x0015b4c07a814d85ULL, + 0x00686479e62da561ULL, 0x008de5d88f114916ULL)}, + {FIELD_LITERAL(0x00e37c88d6bba7b1ULL, 0x003e4577e1b8d433ULL, + 0x0050d8ea5f510ec0ULL, 0x0042fc9f2da9ef59ULL, + 0x003bd074c1141420ULL, 0x00561b8b7b68774eULL, + 0x00232e5e5d1013a3ULL, 0x006b7f2cb3d7e73fULL)}, + {FIELD_LITERAL(0x004bdd0f0b41e6a0ULL, 0x001773057c405d24ULL, + 0x006029f99915bd97ULL, 0x006a5ba70a17fe2fULL, + 0x0046111977df7e08ULL, 0x004d8124c89fb6b7ULL, + 0x00580983b2bb2724ULL, 0x00207bf330d6f3feULL)}, + }}, {{ + {FIELD_LITERAL(0x007efdc93972a48bULL, 0x002f5e50e78d5feeULL, + 0x0080dc11d61c7fe5ULL, 0x0065aa598707245bULL, + 0x009abba2300641beULL, 0x000c68787656543aULL, + 0x00ffe0fef2dc0a17ULL, 0x00007ffbd6cb4f3aULL)}, + {FIELD_LITERAL(0x0036012f2b836efcULL, 0x00458c126d6b5fbcULL, + 0x00a34436d719ad1eULL, 0x0097be6167117deaULL, + 0x0009c219c879cff3ULL, 0x0065564493e60755ULL, + 0x00993ac94a8cdec0ULL, 0x002d4885a4d0dbafULL)}, + {FIELD_LITERAL(0x00598b60b4c068baULL, 0x00c547a0be7f1afdULL, + 0x009582164acf12afULL, 0x00af4acac4fbbe40ULL, + 0x005f6ca7c539121aULL, 0x003b6e752ebf9d66ULL, + 0x00f08a30d5cac5d4ULL, 0x00e399bb5f97c5a9ULL)}, + }}, {{ + {FIELD_LITERAL(0x007445a0409c0a66ULL, 0x00a65c369f3829c0ULL, + 0x0031d248a4f74826ULL, 0x006817f34defbe8eULL, + 0x00649741d95ebf2eULL, 0x00d46466ab16b397ULL, + 0x00fdc35703bee414ULL, 0x00343b43334525f8ULL)}, + {FIELD_LITERAL(0x001796bea93f6401ULL, 0x00090c5a42e85269ULL, + 0x00672412ba1252edULL, 0x001201d47b6de7deULL, + 0x006877bccfe66497ULL, 0x00b554fd97a4c161ULL, + 0x009753f42dbac3cfULL, 0x00e983e3e378270aULL)}, + {FIELD_LITERAL(0x00ac3eff18849872ULL, 0x00f0eea3bff05690ULL, + 0x00a6d72c21dd505dULL, 0x001b832642424169ULL, + 0x00a6813017b540e5ULL, 0x00a744bd71b385cdULL, + 0x0022a7d089130a7bULL, 0x004edeec9a133486ULL)}, + }}, {{ + {FIELD_LITERAL(0x00b2d6729196e8a9ULL, 0x0088a9bb2031cef4ULL, + 0x00579e7787dc1567ULL, 0x0030f49feb059190ULL, + 0x00a0b1d69c7f7d8fULL, 0x0040bdcc6d9d806fULL, + 0x00d76c4037edd095ULL, 0x00bbf24376415dd7ULL)}, + {FIELD_LITERAL(0x00240465ff5a7197ULL, 0x00bb97e76caf27d0ULL, + 0x004b4edbf8116d39ULL, 0x001d8586f708cbaaULL, + 0x000f8ee8ff8e4a50ULL, 0x00dde5a1945dd622ULL, + 0x00e6fc1c0957e07cULL, 0x0041c9cdabfd88a0ULL)}, + {FIELD_LITERAL(0x005344b0bf5b548cULL, 0x002957d0b705cc99ULL, + 0x00f586a70390553dULL, 0x0075b3229f583cc3ULL, + 0x00a1aa78227490e4ULL, 0x001bf09cf7957717ULL, + 0x00cf6bf344325f52ULL, 0x0065bd1c23ca3ecfULL)}, + }}, {{ + {FIELD_LITERAL(0x009bff3b3239363cULL, 0x00e17368796ef7c0ULL, + 0x00528b0fe0971f3aULL, 0x0008014fc8d4a095ULL, + 0x00d09f2e8a521ec4ULL, 0x006713ab5dde5987ULL, + 0x0003015758e0dbb1ULL, 0x00215999f1ba212dULL)}, + {FIELD_LITERAL(0x002c88e93527da0eULL, 0x0077c78f3456aad5ULL, + 0x0071087a0a389d1cULL, 0x00934dac1fb96dbdULL, + 0x008470e801162697ULL, 0x005bc2196cd4ad49ULL, + 0x00e535601d5087c3ULL, 0x00769888700f497fULL)}, + {FIELD_LITERAL(0x00da7a4b557298adULL, 0x0019d2589ea5df76ULL, + 0x00ef3e38be0c6497ULL, 0x00a9644e1312609aULL, + 0x004592f61b2558daULL, 0x0082c1df510d7e46ULL, + 0x0042809a535c0023ULL, 0x00215bcb5afd7757ULL)}, + }}, {{ + {FIELD_LITERAL(0x002b9df55a1a4213ULL, 0x00dcfc3b464a26beULL, + 0x00c4f9e07a8144d5ULL, 0x00c8e0617a92b602ULL, + 0x008e3c93accafae0ULL, 0x00bf1bcb95b2ca60ULL, + 0x004ce2426a613bf3ULL, 0x00266cac58e40921ULL)}, + {FIELD_LITERAL(0x008456d5db76e8f0ULL, 0x0032ca9cab2ce163ULL, + 0x0059f2b8bf91abcfULL, 0x0063c2a021712788ULL, + 0x00f86155af22f72dULL, 0x00db98b2a6c005a0ULL, + 0x00ac6e416a693ac4ULL, 0x007a93572af53226ULL)}, + {FIELD_LITERAL(0x0087767520f0de22ULL, 0x0091f64012279fb5ULL, + 0x001050f1f0644999ULL, 0x004f097a2477ad3cULL, + 0x006b37913a9947bdULL, 0x001a3d78645af241ULL, + 0x0057832bbb3008a7ULL, 0x002c1d902b80dc20ULL)}, + }}, {{ + {FIELD_LITERAL(0x001a6002bf178877ULL, 0x009bce168aa5af50ULL, + 0x005fc318ff04a7f5ULL, 0x0052818f55c36461ULL, + 0x008768f5d4b24afbULL, 0x0037ffbae7b69c85ULL, + 0x0018195a4b61edc0ULL, 0x001e12ea088434b2ULL)}, + {FIELD_LITERAL(0x0047d3f804e7ab07ULL, 0x00a809ab5f905260ULL, + 0x00b3ffc7cdaf306dULL, 0x00746e8ec2d6e509ULL, + 0x00d0dade8887a645ULL, 0x00acceeebde0dd37ULL, + 0x009bc2579054686bULL, 0x0023804f97f1c2bfULL)}, + {FIELD_LITERAL(0x0043e2e2e50b80d7ULL, 0x00143aafe4427e0fULL, + 0x005594aaecab855bULL, 0x008b12ccaaecbc01ULL, + 0x002deeb091082bc3ULL, 0x009cca4be2ae7514ULL, + 0x00142b96e696d047ULL, 0x00ad2a2b1c05256aULL)}, + }}, {{ + {FIELD_LITERAL(0x003914f2f144b78bULL, 0x007a95dd8bee6f68ULL, + 0x00c7f4384d61c8e6ULL, 0x004e51eb60f1bdb2ULL, + 0x00f64be7aa4621d8ULL, 0x006797bfec2f0ac0ULL, + 0x007d17aab3c75900ULL, 0x001893e73cac8bc5ULL)}, + {FIELD_LITERAL(0x00140360b768665bULL, 0x00b68aca4967f977ULL, + 0x0001089b66195ae4ULL, 0x00fe71122185e725ULL, + 0x000bca2618d49637ULL, 0x00a54f0557d7e98aULL, + 0x00cdcd2f91d6f417ULL, 0x00ab8c13741fd793ULL)}, + {FIELD_LITERAL(0x00725ee6b1e549e0ULL, 0x007124a0769777faULL, + 0x000b68fdad07ae42ULL, 0x0085b909cd4952dfULL, + 0x0092d2e3c81606f4ULL, 0x009f22f6cac099a0ULL, + 0x00f59da57f2799a8ULL, 0x00f06c090122f777ULL)}, + }}, {{ + {FIELD_LITERAL(0x00ce0bed0a3532bcULL, 0x001a5048a22df16bULL, + 0x00e31db4cbad8bf1ULL, 0x00e89292120cf00eULL, + 0x007d1dd1a9b00034ULL, 0x00e2a9041ff8f680ULL, + 0x006a4c837ae596e7ULL, 0x00713af1068070b3ULL)}, + {FIELD_LITERAL(0x00c4fe64ce66d04bULL, 0x00b095d52e09b3d7ULL, + 0x00758bbecb1a3a8eULL, 0x00f35cce8d0650c0ULL, + 0x002b878aa5984473ULL, 0x0062e0a3b7544ddcULL, + 0x00b25b290ed116feULL, 0x007b0f6abe0bebf2ULL)}, + {FIELD_LITERAL(0x0081d4e3addae0a8ULL, 0x003410c836c7ffccULL, + 0x00c8129ad89e4314ULL, 0x000e3d5a23922dcdULL, + 0x00d91e46f29c31f3ULL, 0x006c728cde8c5947ULL, + 0x002bc655ba2566c0ULL, 0x002ca94721533108ULL)}, + }}, {{ + {FIELD_LITERAL(0x0051e4b3f764d8a9ULL, 0x0019792d46e904a0ULL, + 0x00853bc13dbc8227ULL, 0x000840208179f12dULL, + 0x0068243474879235ULL, 0x0013856fbfe374d0ULL, + 0x00bda12fe8676424ULL, 0x00bbb43635926eb2ULL)}, + {FIELD_LITERAL(0x0012cdc880a93982ULL, 0x003c495b21cd1b58ULL, + 0x00b7e5c93f22a26eULL, 0x0044aa82dfb99458ULL, + 0x009ba092cdffe9c0ULL, 0x00a14b3ab2083b73ULL, + 0x000271c2f70e1c4bULL, 0x00eea9cac0f66eb8ULL)}, + {FIELD_LITERAL(0x001a1847c4ac5480ULL, 0x00b1b412935bb03aULL, + 0x00f74285983bf2b2ULL, 0x00624138b5b5d0f1ULL, + 0x008820c0b03d38bfULL, 0x00b94e50a18c1572ULL, + 0x0060f6934841798fULL, 0x00c52f5d66d6ebe2ULL)}, + }}, {{ + {FIELD_LITERAL(0x00da23d59f9bcea6ULL, 0x00e0f27007a06a4bULL, + 0x00128b5b43a6758cULL, 0x000cf50190fa8b56ULL, + 0x00fc877aba2b2d72ULL, 0x00623bef52edf53fULL, + 0x00e6af6b819669e2ULL, 0x00e314dc34fcaa4fULL)}, + {FIELD_LITERAL(0x0066e5eddd164d1eULL, 0x00418a7c6fe28238ULL, + 0x0002e2f37e962c25ULL, 0x00f01f56b5975306ULL, + 0x0048842fa503875cULL, 0x0057b0e968078143ULL, + 0x00ff683024f3d134ULL, 0x0082ae28fcad12e4ULL)}, + {FIELD_LITERAL(0x0011ddfd21260e42ULL, 0x00d05b0319a76892ULL, + 0x00183ea4368e9b8fULL, 0x00b0815662affc96ULL, + 0x00b466a5e7ce7c88ULL, 0x00db93b07506e6eeULL, + 0x0033885f82f62401ULL, 0x0086f9090ec9b419ULL)}, + }}, {{ + {FIELD_LITERAL(0x00d95d1c5fcb435aULL, 0x0016d1ed6b5086f9ULL, + 0x00792aa0b7e54d71ULL, 0x0067b65715f1925dULL, + 0x00a219755ec6176bULL, 0x00bc3f026b12c28fULL, + 0x00700c897ffeb93eULL, 0x0089b83f6ec50b46ULL)}, + {FIELD_LITERAL(0x003c97e6384da36eULL, 0x00423d53eac81a09ULL, + 0x00b70d68f3cdce35ULL, 0x00ee7959b354b92cULL, + 0x00f4e9718819c8caULL, 0x009349f12acbffe9ULL, + 0x005aee7b62cb7da6ULL, 0x00d97764154ffc86ULL)}, + {FIELD_LITERAL(0x00526324babb46dcULL, 0x002ee99b38d7bf9eULL, + 0x007ea51794706ef4ULL, 0x00abeb04da6e3c39ULL, + 0x006b457c1d281060ULL, 0x00fe243e9a66c793ULL, + 0x00378de0fb6c6ee4ULL, 0x003e4194b9c3cb93ULL)}, + }}, {{ + {FIELD_LITERAL(0x00fed3cd80ca2292ULL, 0x0015b043a73ca613ULL, + 0x000a9fd7bf9be227ULL, 0x003b5e03de2db983ULL, + 0x005af72d46904ef7ULL, 0x00c0f1b5c49faa99ULL, + 0x00dc86fc3bd305e1ULL, 0x00c92f08c1cb1797ULL)}, + {FIELD_LITERAL(0x0079680ce111ed3bULL, 0x001a1ed82806122cULL, + 0x000c2e7466d15df3ULL, 0x002c407f6f7150fdULL, + 0x00c5e7c96b1b0ce3ULL, 0x009aa44626863ff9ULL, + 0x00887b8b5b80be42ULL, 0x00b6023cec964825ULL)}, + {FIELD_LITERAL(0x00e4a8e1048970c8ULL, 0x0062887b7830a302ULL, + 0x00bcf1c8cd81402bULL, 0x0056dbb81a68f5beULL, + 0x0014eced83f12452ULL, 0x00139e1a510150dfULL, + 0x00bb81140a82d1a3ULL, 0x000febcc1aaf1aa7ULL)}, + }}, {{ + {FIELD_LITERAL(0x00a7527958238159ULL, 0x0013ec9537a84cd6ULL, + 0x001d7fee7d562525ULL, 0x00b9eefa6191d5e5ULL, + 0x00dbc97db70bcb8aULL, 0x00481affc7a4d395ULL, + 0x006f73d3e70c31bbULL, 0x00183f324ed96a61ULL)}, + {FIELD_LITERAL(0x0039dd7ce7fc6860ULL, 0x00d64f6425653da1ULL, + 0x003e037c7f57d0afULL, 0x0063477a06e2bcf2ULL, + 0x001727dbb7ac67e6ULL, 0x0049589f5efafe2eULL, + 0x00fc0fef2e813d54ULL, 0x008baa5d087fb50dULL)}, + {FIELD_LITERAL(0x0024fb59d9b457c7ULL, 0x00a7d4e060223e4cULL, + 0x00c118d1b555fd80ULL, 0x0082e216c732f22aULL, + 0x00cd2a2993089504ULL, 0x003638e836a3e13dULL, + 0x000d855ee89b4729ULL, 0x008ec5b7d4810c91ULL)}, + }}, {{ + {FIELD_LITERAL(0x001bf51f7d65cdfdULL, 0x00d14cdafa16a97dULL, + 0x002c38e60fcd10e7ULL, 0x00a27446e393efbdULL, + 0x000b5d8946a71fddULL, 0x0063df2cde128f2fULL, + 0x006c8679569b1888ULL, 0x0059ffc4925d732dULL)}, + {FIELD_LITERAL(0x00ece96f95f2b66fULL, 0x00ece7952813a27bULL, + 0x0026fc36592e489eULL, 0x007157d1a2de0f66ULL, + 0x00759dc111d86ddfULL, 0x0012881e5780bb0fULL, + 0x00c8ccc83ad29496ULL, 0x0012b9bd1929eb71ULL)}, + {FIELD_LITERAL(0x000fa15a20da5df0ULL, 0x00349ddb1a46cd31ULL, + 0x002c512ad1d8e726ULL, 0x00047611f669318dULL, + 0x009e68fba591e17eULL, 0x004320dffa803906ULL, + 0x00a640874951a3d3ULL, 0x00b6353478baa24fULL)}, + }}, {{ + {FIELD_LITERAL(0x009696510000d333ULL, 0x00ec2f788bc04826ULL, + 0x000e4d02b1f67ba5ULL, 0x00659aa8dace08b6ULL, + 0x00d7a38a3a3ae533ULL, 0x008856defa8c746bULL, + 0x004d7a4402d3da1aULL, 0x00ea82e06229260fULL)}, + {FIELD_LITERAL(0x006a15bb20f75c0cULL, 0x0079a144027a5d0cULL, + 0x00d19116ce0b4d70ULL, 0x0059b83bcb0b268eULL, + 0x005f58f63f16c127ULL, 0x0079958318ee2c37ULL, + 0x00defbb063d07f82ULL, 0x00f1f0b931d2d446ULL)}, + {FIELD_LITERAL(0x00cb5e4c3c35d422ULL, 0x008df885ca43577fULL, + 0x00fa50b16ca3e471ULL, 0x005a0e58e17488c8ULL, + 0x00b2ceccd6d34d19ULL, 0x00f01d5d235e36e9ULL, + 0x00db2e7e4be6ca44ULL, 0x00260ab77f35fccdULL)}, + }}, {{ + {FIELD_LITERAL(0x006f6fd9baac61d5ULL, 0x002a7710a020a895ULL, + 0x009de0db7fc03d4dULL, 0x00cdedcb1875f40bULL, + 0x00050caf9b6b1e22ULL, 0x005e3a6654456ab0ULL, + 0x00775fdf8c4423d4ULL, 0x0028701ea5738b5dULL)}, + {FIELD_LITERAL(0x009ffd90abfeae96ULL, 0x00cba3c2b624a516ULL, + 0x005ef08bcee46c91ULL, 0x00e6fde30afb6185ULL, + 0x00f0b4db4f818ce4ULL, 0x006c54f45d2127f5ULL, + 0x00040125035854c7ULL, 0x00372658a3287e13ULL)}, + {FIELD_LITERAL(0x00d7070fb1beb2abULL, 0x0078fc845a93896bULL, + 0x006894a4b2f224a6ULL, 0x005bdd8192b9dbdeULL, + 0x00b38839874b3a9eULL, 0x00f93618b04b7a57ULL, + 0x003e3ec75fd2c67eULL, 0x00bf5e6bfc29494aULL)}, + }}, {{ + {FIELD_LITERAL(0x00f19224ebba2aa5ULL, 0x0074f89d358e694dULL, + 0x00eea486597135adULL, 0x0081579a4555c7e1ULL, + 0x0010b9b872930a9dULL, 0x00f002e87a30ecc0ULL, + 0x009b9d66b6de56e2ULL, 0x00a3c4f45e8004ebULL)}, + {FIELD_LITERAL(0x0045e8dda9400888ULL, 0x002ff12e5fc05db7ULL, + 0x00a7098d54afe69cULL, 0x00cdbe846a500585ULL, + 0x00879c1593ca1882ULL, 0x003f7a7fea76c8b0ULL, + 0x002cd73dd0c8e0a1ULL, 0x00645d6ce96f51feULL)}, + {FIELD_LITERAL(0x002b7e83e123d6d6ULL, 0x00398346f7419c80ULL, + 0x0042922e55940163ULL, 0x005e7fc5601886a3ULL, + 0x00e88f2cee1d3103ULL, 0x00e7fab135f2e377ULL, + 0x00b059984dbf0dedULL, 0x0009ce080faa5bb8ULL)}, + }}, {{ + {FIELD_LITERAL(0x0085e78af7758979ULL, 0x00275a4ee1631a3aULL, + 0x00d26bc0ed78b683ULL, 0x004f8355ea21064fULL, + 0x00d618e1a32696e5ULL, 0x008d8d7b150e5680ULL, + 0x00a74cd854b278d2ULL, 0x001dd62702203ea0ULL)}, + {FIELD_LITERAL(0x00f89335c2a59286ULL, 0x00a0f5c905d55141ULL, + 0x00b41fb836ee9382ULL, 0x00e235d51730ca43ULL, + 0x00a5cb37b5c0a69aULL, 0x009b966ffe136c45ULL, + 0x00cb2ea10bf80ed1ULL, 0x00fb2b370b40dc35ULL)}, + {FIELD_LITERAL(0x00d687d16d4ee8baULL, 0x0071520bdd069dffULL, + 0x00de85c60d32355dULL, 0x0087d2e3565102f4ULL, + 0x00cde391b8dfc9aaULL, 0x00e18d69efdfefe5ULL, + 0x004a9d0591954e91ULL, 0x00fa36dd8b50eee5ULL)}, + }}, {{ + {FIELD_LITERAL(0x002e788749a865f7ULL, 0x006e4dc3116861eaULL, + 0x009f1428c37276e6ULL, 0x00e7d2e0fc1e1226ULL, + 0x003aeebc6b6c45f6ULL, 0x0071a8073bf500c9ULL, + 0x004b22ad986b530cULL, 0x00f439e63c0d79d4ULL)}, + {FIELD_LITERAL(0x006bc3d53011f470ULL, 0x00032d6e692b83e8ULL, + 0x00059722f497cd0bULL, 0x0009b4e6f0c497ccULL, + 0x0058a804b7cce6c0ULL, 0x002b71d3302bbd5dULL, + 0x00e2f82a36765fceULL, 0x008dded99524c703ULL)}, + {FIELD_LITERAL(0x004d058953747d64ULL, 0x00701940fe79aa6fULL, + 0x00a620ac71c760bfULL, 0x009532b611158b75ULL, + 0x00547ed7f466f300ULL, 0x003cb5ab53a8401aULL, + 0x00c7763168ce3120ULL, 0x007e48e33e4b9ab2ULL)}, + }}, {{ + {FIELD_LITERAL(0x001b2fc57bf3c738ULL, 0x006a3f918993fb80ULL, + 0x0026f7a14fdec288ULL, 0x0075a2cdccef08dbULL, + 0x00d3ecbc9eecdbf1ULL, 0x0048c40f06e5bf7fULL, + 0x00d63e423009896bULL, 0x000598bc99c056a8ULL)}, + {FIELD_LITERAL(0x002f194eaafa46dcULL, 0x008e38f57fe87613ULL, + 0x00dc8e5ae25f4ab2ULL, 0x000a17809575e6bdULL, + 0x00d3ec7923ba366aULL, 0x003a7e72e0ad75e3ULL, + 0x0010024b88436e0aULL, 0x00ed3c5444b64051ULL)}, + {FIELD_LITERAL(0x00831fc1340af342ULL, 0x00c9645669466d35ULL, + 0x007692b4cc5a080fULL, 0x009fd4a47ac9259fULL, + 0x001eeddf7d45928bULL, 0x003c0446fc45f28bULL, + 0x002c0713aa3e2507ULL, 0x0095706935f0f41eULL)}, + }}, {{ + {FIELD_LITERAL(0x00766ae4190ec6d8ULL, 0x0065768cabc71380ULL, + 0x00b902598416cdc2ULL, 0x00380021ad38df52ULL, + 0x008f0b89d6551134ULL, 0x004254d4cc62c5a5ULL, + 0x000d79f4484b9b94ULL, 0x00b516732ae3c50eULL)}, + {FIELD_LITERAL(0x001fb73475c45509ULL, 0x00d2b2e5ea43345aULL, + 0x00cb3c3842077bd1ULL, 0x0029f90ad820946eULL, + 0x007c11b2380778aaULL, 0x009e54ece62c1704ULL, + 0x004bc60c41ca01c3ULL, 0x004525679a5a0b03ULL)}, + {FIELD_LITERAL(0x00c64fbddbed87b3ULL, 0x0040601d11731faaULL, + 0x009c22475b6f9d67ULL, 0x0024b79dae875f15ULL, + 0x00616fed3f02c3b0ULL, 0x0000cf39f6af2d3bULL, + 0x00c46bac0aa9a688ULL, 0x00ab23e2800da204ULL)}, + }}, {{ + {FIELD_LITERAL(0x000b3a37617632b0ULL, 0x00597199fe1cfb6cULL, + 0x0042a7ccdfeafdd6ULL, 0x004cc9f15ebcea17ULL, + 0x00f436e596a6b4a4ULL, 0x00168861142df0d8ULL, + 0x000753edfec26af5ULL, 0x000c495d7e388116ULL)}, + {FIELD_LITERAL(0x0017085f4a346148ULL, 0x00c7cf7a37f62272ULL, + 0x001776e129bc5c30ULL, 0x009955134c9eef2aULL, + 0x001ba5bdf1df07beULL, 0x00ec39497103a55cULL, + 0x006578354fda6cfbULL, 0x005f02719d4f15eeULL)}, + {FIELD_LITERAL(0x0052b9d9b5d9655dULL, 0x00d4ec7ba1b461c3ULL, + 0x00f95df4974f280bULL, 0x003d8e5ca11aeb51ULL, + 0x00d4981eb5a70b26ULL, 0x000af9a4f6659f29ULL, + 0x004598c846faeb43ULL, 0x0049d9a183a47670ULL)}, + }}, {{ + {FIELD_LITERAL(0x000a72d23dcb3f1fULL, 0x00a3737f84011727ULL, + 0x00f870c0fbbf4a47ULL, 0x00a7aadd04b5c9caULL, + 0x000c7715c67bd072ULL, 0x00015a136afcd74eULL, + 0x0080d5caea499634ULL, 0x0026b448ec7514b7ULL)}, + {FIELD_LITERAL(0x00b60167d9e7d065ULL, 0x00e60ba0d07381e8ULL, + 0x003a4f17b725c2d4ULL, 0x006c19fe176b64faULL, + 0x003b57b31af86ccbULL, 0x0021047c286180fdULL, + 0x00bdc8fb00c6dbb6ULL, 0x00fe4a9f4bab4f3fULL)}, + {FIELD_LITERAL(0x0088ffc3a16111f7ULL, 0x009155e4245d0bc8ULL, + 0x00851d68220572d5ULL, 0x00557ace1e514d29ULL, + 0x0031d7c339d91022ULL, 0x00101d0ae2eaceeaULL, + 0x00246ab3f837b66aULL, 0x00d5216d381ff530ULL)}, + }}, {{ + {FIELD_LITERAL(0x0057e7ea35f36daeULL, 0x00f47d7ad15de22eULL, + 0x00d757ea4b105115ULL, 0x008311457d579d7eULL, + 0x00b49b75b1edd4ebULL, 0x0081c7ff742fd63aULL, + 0x00ddda3187433df6ULL, 0x00475727d55f9c66ULL)}, + {FIELD_LITERAL(0x00a6295218dc136aULL, 0x00563b3af0e9c012ULL, + 0x00d3753b0145db1bULL, 0x004550389c043dc1ULL, + 0x00ea94ae27401bdfULL, 0x002b0b949f2b7956ULL, + 0x00c63f780ad8e23cULL, 0x00e591c47d6bab15ULL)}, + {FIELD_LITERAL(0x00416c582b058eb6ULL, 0x004107da5b2cc695ULL, + 0x00b3cd2556aeec64ULL, 0x00c0b418267e57a1ULL, + 0x001799293579bd2eULL, 0x0046ed44590e4d07ULL, + 0x001d7459b3630a1eULL, 0x00c6afba8b6696aaULL)}, + }}, {{ + {FIELD_LITERAL(0x008d6009b26da3f8ULL, 0x00898e88ca06b1caULL, + 0x00edb22b2ed7fe62ULL, 0x00fbc93516aabe80ULL, + 0x008b4b470c42ce0dULL, 0x00e0032ba7d0dcbbULL, + 0x00d76da3a956ecc8ULL, 0x007f20fe74e3852aULL)}, + {FIELD_LITERAL(0x002419222c607674ULL, 0x00a7f23af89188b3ULL, + 0x00ad127284e73d1cULL, 0x008bba582fae1c51ULL, + 0x00fc6aa7ca9ecab1ULL, 0x003df5319eb6c2baULL, + 0x002a05af8a8b199aULL, 0x004bf8354558407cULL)}, + {FIELD_LITERAL(0x00ce7d4a30f0fcbfULL, 0x00d02c272629f03dULL, + 0x0048c001f7400bc2ULL, 0x002c21368011958dULL, + 0x0098a550391e96b5ULL, 0x002d80b66390f379ULL, + 0x001fa878760cc785ULL, 0x001adfce54b613d5ULL)}, + }}, {{ + {FIELD_LITERAL(0x001ed4dc71fa2523ULL, 0x005d0bff19bf9b5cULL, + 0x00c3801cee065a64ULL, 0x001ed0b504323fbfULL, + 0x0003ab9fdcbbc593ULL, 0x00df82070178b8d2ULL, + 0x00a2bcaa9c251f85ULL, 0x00c628a3674bd02eULL)}, + {FIELD_LITERAL(0x006b7a0674f9f8deULL, 0x00a742414e5c7cffULL, + 0x0041cbf3c6e13221ULL, 0x00e3a64fd207af24ULL, + 0x0087c05f15fbe8d1ULL, 0x004c50936d9e8a33ULL, + 0x001306ec21042b6dULL, 0x00a4f4137d1141c2ULL)}, + {FIELD_LITERAL(0x0009e6fb921568b0ULL, 0x00b3c60120219118ULL, + 0x002a6c3460dd503aULL, 0x009db1ef11654b54ULL, + 0x0063e4bf0be79601ULL, 0x00670d34bb2592b9ULL, + 0x00dcee2f6c4130ceULL, 0x00b2682e88e77f54ULL)}, + }}, {{ + {FIELD_LITERAL(0x000d5b4b3da135abULL, 0x00838f3e5064d81dULL, + 0x00d44eb50f6d94edULL, 0x0008931ab502ac6dULL, + 0x00debe01ca3d3586ULL, 0x0025c206775f0641ULL, + 0x005ad4b6ae912763ULL, 0x007e2c318ad8f247ULL)}, + {FIELD_LITERAL(0x00ddbe0750dd1addULL, 0x004b3c7b885844b8ULL, + 0x00363e7ecf12f1aeULL, 0x0062e953e6438f9dULL, + 0x0023cc73b076afe9ULL, 0x00b09fa083b4da32ULL, + 0x00c7c3d2456c541dULL, 0x005b591ec6b694d4ULL)}, + {FIELD_LITERAL(0x0028656e19d62fcfULL, 0x0052a4af03df148dULL, + 0x00122765ddd14e42ULL, 0x00f2252904f67157ULL, + 0x004741965b636f3aULL, 0x006441d296132cb9ULL, + 0x005e2106f956a5b7ULL, 0x00247029592d335cULL)}, + }}, {{ + {FIELD_LITERAL(0x003fe038eb92f894ULL, 0x000e6da1b72e8e32ULL, + 0x003a1411bfcbe0faULL, 0x00b55d473164a9e4ULL, + 0x00b9a775ac2df48dULL, 0x0002ddf350659e21ULL, + 0x00a279a69eb19cb3ULL, 0x00f844eab25cba44ULL)}, + {FIELD_LITERAL(0x00c41d1f9c1f1ac1ULL, 0x007b2df4e9f19146ULL, + 0x00b469355fd5ba7aULL, 0x00b5e1965afc852aULL, + 0x00388d5f1e2d8217ULL, 0x0022079e4c09ae93ULL, + 0x0014268acd4ef518ULL, 0x00c1dd8d9640464cULL)}, + {FIELD_LITERAL(0x0038526adeed0c55ULL, 0x00dd68c607e3fe85ULL, + 0x00f746ddd48a5d57ULL, 0x0042f2952b963b7cULL, + 0x001cbbd6876d5ec2ULL, 0x005e341470bca5c2ULL, + 0x00871d41e085f413ULL, 0x00e53ab098f45732ULL)}, + }}, {{ + {FIELD_LITERAL(0x004d51124797c831ULL, 0x008f5ae3750347adULL, + 0x0070ced94c1a0c8eULL, 0x00f6db2043898e64ULL, + 0x000d00c9a5750cd0ULL, 0x000741ec59bad712ULL, + 0x003c9d11aab37b7fULL, 0x00a67ba169807714ULL)}, + {FIELD_LITERAL(0x00adb2c1566e8b8fULL, 0x0096c68a35771a9aULL, + 0x00869933356f334aULL, 0x00ba9c93459f5962ULL, + 0x009ec73fb6e8ca4bULL, 0x003c3802c27202e1ULL, + 0x0031f5b733e0c008ULL, 0x00f9058c19611fa9ULL)}, + {FIELD_LITERAL(0x00238f01814a3421ULL, 0x00c325a44b6cce28ULL, + 0x002136f97aeb0e73ULL, 0x000cac8268a4afe2ULL, + 0x0022fd218da471b3ULL, 0x009dcd8dfff8def9ULL, + 0x00cb9f8181d999bbULL, 0x00143ae56edea349ULL)}, + }}, {{ + {FIELD_LITERAL(0x0000623bf87622c5ULL, 0x00a1966fdd069496ULL, + 0x00c315b7b812f9fcULL, 0x00bdf5efcd128b97ULL, + 0x001d464f532e3e16ULL, 0x003cd94f081bfd7eULL, + 0x00ed9dae12ce4009ULL, 0x002756f5736eee70ULL)}, + {FIELD_LITERAL(0x00a5187e6ee7341bULL, 0x00e6d52e82d83b6eULL, + 0x00df3c41323094a7ULL, 0x00b3324f444e9de9ULL, + 0x00689eb21a35bfe5ULL, 0x00f16363becd548dULL, + 0x00e187cc98e7f60fULL, 0x00127d9062f0ccabULL)}, + {FIELD_LITERAL(0x004ad71b31c29e40ULL, 0x00a5fcace12fae29ULL, + 0x004425b5597280edULL, 0x00e7ef5d716c3346ULL, + 0x0010b53ada410ac8ULL, 0x0092310226060c9bULL, + 0x0091c26128729c7eULL, 0x0088b42900f8ec3bULL)}, + }}, {{ + {FIELD_LITERAL(0x00f1e26e9762d4a8ULL, 0x00d9d74082183414ULL, + 0x00ffec9bd57a0282ULL, 0x000919e128fd497aULL, + 0x00ab7ae7d00fe5f8ULL, 0x0054dc442851ff68ULL, + 0x00c9ebeb3b861687ULL, 0x00507f7cab8b698fULL)}, + {FIELD_LITERAL(0x00c13c5aae3ae341ULL, 0x009c6c9ed98373e7ULL, + 0x00098f26864577a8ULL, 0x0015b886e9488b45ULL, + 0x0037692c42aadba5ULL, 0x00b83170b8e7791cULL, + 0x001670952ece1b44ULL, 0x00fd932a39276da2ULL)}, + {FIELD_LITERAL(0x0081a3259bef3398ULL, 0x005480fff416107bULL, + 0x00ce4f607d21be98ULL, 0x003ffc084b41df9bULL, + 0x0043d0bb100502d1ULL, 0x00ec35f575ba3261ULL, + 0x00ca18f677300ef3ULL, 0x00e8bb0a827d8548ULL)}, + }}, {{ + {FIELD_LITERAL(0x00df76b3328ada72ULL, 0x002e20621604a7c2ULL, + 0x00f910638a105b09ULL, 0x00ef4724d96ef2cdULL, + 0x00377d83d6b8a2f7ULL, 0x00b4f48805ade324ULL, + 0x001cd5da8b152018ULL, 0x0045af671a20ca7fULL)}, + {FIELD_LITERAL(0x009ae3b93a56c404ULL, 0x004a410b7a456699ULL, + 0x00023a619355e6b2ULL, 0x009cdc7297387257ULL, + 0x0055b94d4ae70d04ULL, 0x002cbd607f65b005ULL, + 0x003208b489697166ULL, 0x00ea2aa058867370ULL)}, + {FIELD_LITERAL(0x00f29d2598ee3f32ULL, 0x00b4ac5385d82adcULL, + 0x007633eaf04df19bULL, 0x00aa2d3d77ceab01ULL, + 0x004a2302fcbb778aULL, 0x00927f225d5afa34ULL, + 0x004a8e9d5047f237ULL, 0x008224ae9dbce530ULL)}, + }}, {{ + {FIELD_LITERAL(0x001cf640859b02f8ULL, 0x00758d1d5d5ce427ULL, + 0x00763c784ef4604cULL, 0x005fa81aee205270ULL, + 0x00ac537bfdfc44cbULL, 0x004b919bd342d670ULL, + 0x00238508d9bf4b7aULL, 0x00154888795644f3ULL)}, + {FIELD_LITERAL(0x00c845923c084294ULL, 0x00072419a201bc25ULL, + 0x0045f408b5f8e669ULL, 0x00e9d6a186b74dfeULL, + 0x00e19108c68fa075ULL, 0x0017b91d874177b7ULL, + 0x002f0ca2c7912c5aULL, 0x009400aa385a90a2ULL)}, + {FIELD_LITERAL(0x0071110b01482184ULL, 0x00cfed0044f2bef8ULL, + 0x0034f2901cf4662eULL, 0x003b4ae2a67f9834ULL, + 0x00cca9b96fe94810ULL, 0x00522507ae77abd0ULL, + 0x00bac7422721e73eULL, 0x0066622b0f3a62b0ULL)}, + }}, {{ + {FIELD_LITERAL(0x00f8ac5cf4705b6aULL, 0x00867d82dcb457e3ULL, + 0x007e13ab2ccc2ce9ULL, 0x009ee9a018d3930eULL, + 0x008370f8ecb42df8ULL, 0x002d9f019add263eULL, + 0x003302385b92d196ULL, 0x00a15654536e2c0cULL)}, + {FIELD_LITERAL(0x0026ef1614e160afULL, 0x00c023f9edfc9c76ULL, + 0x00cff090da5f57baULL, 0x0076db7a66643ae9ULL, + 0x0019462f8c646999ULL, 0x008fec00b3854b22ULL, + 0x00d55041692a0a1cULL, 0x0065db894215ca00ULL)}, + {FIELD_LITERAL(0x00a925036e0a451cULL, 0x002a0390c36b6cc1ULL, + 0x00f27020d90894f4ULL, 0x008d90d52cbd3d7fULL, + 0x00e1d0137392f3b8ULL, 0x00f017c158b51a8fULL, + 0x00cac313d3ed7dbcULL, 0x00b99a81e3eb42d3ULL)}, + }}, {{ + {FIELD_LITERAL(0x00b54850275fe626ULL, 0x0053a3fd1ec71140ULL, + 0x00e3d2d7dbe096faULL, 0x00e4ac7b595cce4cULL, + 0x0077bad449c0a494ULL, 0x00b7c98814afd5b3ULL, + 0x0057226f58486cf9ULL, 0x00b1557154f0cc57ULL)}, + {FIELD_LITERAL(0x008cc9cd236315c0ULL, 0x0031d9c5b39fda54ULL, + 0x00a5713ef37e1171ULL, 0x00293d5ae2886325ULL, + 0x00c4aba3e05015e1ULL, 0x0003f35ef78e4fc6ULL, + 0x0039d6bd3ac1527bULL, 0x0019d7c3afb77106ULL)}, + {FIELD_LITERAL(0x007b162931a985afULL, 0x00ad40a2e0daa713ULL, + 0x006df27c4009f118ULL, 0x00503e9f4e2e8becULL, + 0x00751a77c82c182dULL, 0x000298937769245bULL, + 0x00ffb1e8fabf9ee5ULL, 0x0008334706e09abeULL)}, + }}, {{ + {FIELD_LITERAL(0x00dbca4e98a7dcd9ULL, 0x00ee29cfc78bde99ULL, + 0x00e4a3b6995f52e9ULL, 0x0045d70189ae8096ULL, + 0x00fd2a8a3b9b0d1bULL, 0x00af1793b107d8e1ULL, + 0x00dbf92cbe4afa20ULL, 0x00da60f798e3681dULL)}, + {FIELD_LITERAL(0x004246bfcecc627aULL, 0x004ba431246c03a4ULL, + 0x00bd1d101872d497ULL, 0x003b73d3f185ee16ULL, + 0x001feb2e2678c0e3ULL, 0x00ff13c5a89dec76ULL, + 0x00ed06042e771d8fULL, 0x00a4fd2a897a83ddULL)}, + {FIELD_LITERAL(0x009a4a3be50d6597ULL, 0x00de3165fc5a1096ULL, + 0x004f3f56e345b0c7ULL, 0x00f7bf721d5ab8bcULL, + 0x004313e47b098c50ULL, 0x00e4c7d5c0e1adbbULL, + 0x002e3e3db365051eULL, 0x00a480c2cd6a96fbULL)}, + }}, {{ + {FIELD_LITERAL(0x00417fa30a7119edULL, 0x00af257758419751ULL, + 0x00d358a487b463d4ULL, 0x0089703cc720b00dULL, + 0x00ce56314ff7f271ULL, 0x0064db171ade62c1ULL, + 0x00640b36d4a22fedULL, 0x00424eb88696d23fULL)}, + {FIELD_LITERAL(0x004ede34af2813f3ULL, 0x00d4a8e11c9e8216ULL, + 0x004796d5041de8a5ULL, 0x00c4c6b4d21cc987ULL, + 0x00e8a433ee07fa1eULL, 0x0055720b5abcc5a1ULL, + 0x008873ea9c74b080ULL, 0x005b3fec1ab65d48ULL)}, + {FIELD_LITERAL(0x0047e5277db70ec5ULL, 0x000a096c66db7d6bULL, + 0x00b4164cc1730159ULL, 0x004a9f783fe720feULL, + 0x00a8177b94449dbcULL, 0x0095a24ff49a599fULL, + 0x0069c1c578250cbcULL, 0x00452019213debf4ULL)}, + }}, {{ + {FIELD_LITERAL(0x0021ce99e09ebda3ULL, 0x00fcbd9f91875ad0ULL, + 0x009bbf6b7b7a0b5fULL, 0x00388886a69b1940ULL, + 0x00926a56d0f81f12ULL, 0x00e12903c3358d46ULL, + 0x005dfce4e8e1ce9dULL, 0x0044cfa94e2f7e23ULL)}, + {FIELD_LITERAL(0x001bd59c09e982eaULL, 0x00f72daeb937b289ULL, + 0x0018b76dca908e0eULL, 0x00edb498512384adULL, + 0x00ce0243b6cc9538ULL, 0x00f96ff690cb4e70ULL, + 0x007c77bf9f673c8dULL, 0x005bf704c088a528ULL)}, + {FIELD_LITERAL(0x0093d4628dcb33beULL, 0x0095263d51d42582ULL, + 0x0049b3222458fe06ULL, 0x00e7fce73b653a7fULL, + 0x003ca2ebce60b369ULL, 0x00c5de239a32bea4ULL, + 0x0063b8b3d71fb6bfULL, 0x0039aeeb78a1a839ULL)}, + }}, {{ + {FIELD_LITERAL(0x007dc52da400336cULL, 0x001fded1e15b9457ULL, + 0x00902e00f5568e3aULL, 0x00219bef40456d2dULL, + 0x005684161fb3dbc9ULL, 0x004a4e9be49a76eaULL, + 0x006e685ae88b78ffULL, 0x0021c42f13042d3cULL)}, + {FIELD_LITERAL(0x00fb22bb5fd3ce50ULL, 0x0017b48aada7ae54ULL, + 0x00fd5c44ad19a536ULL, 0x000ccc4e4e55e45cULL, + 0x00fd637d45b4c3f5ULL, 0x0038914e023c37cfULL, + 0x00ac1881d6a8d898ULL, 0x00611ed8d3d943a8ULL)}, + {FIELD_LITERAL(0x0056e2259d113d2bULL, 0x00594819b284ec16ULL, + 0x00c7bf794bb36696ULL, 0x00721ee75097cdc6ULL, + 0x00f71be9047a2892ULL, 0x00df6ba142564edfULL, + 0x0069580b7a184e8dULL, 0x00f056e38fca0feeULL)}, + }}, {{ + {FIELD_LITERAL(0x009df98566a18c6dULL, 0x00cf3a200968f219ULL, + 0x0044ba60da6d9086ULL, 0x00dbc9c0e344da03ULL, + 0x000f9401c4466855ULL, 0x00d46a57c5b0a8d1ULL, + 0x00875a635d7ac7c6ULL, 0x00ef4a933b7e0ae6ULL)}, + {FIELD_LITERAL(0x005e8694077a1535ULL, 0x008bef75f71c8f1dULL, + 0x000a7c1316423511ULL, 0x00906e1d70604320ULL, + 0x003fc46c1a2ffbd6ULL, 0x00d1d5022e68f360ULL, + 0x002515fba37bbf46ULL, 0x00ca16234e023b44ULL)}, + {FIELD_LITERAL(0x00787c99561f4690ULL, 0x00a857a8c1561f27ULL, + 0x00a10df9223c09feULL, 0x00b98a9562e3b154ULL, + 0x004330b8744c3ed2ULL, 0x00e06812807ec5c4ULL, + 0x00e4cf6a7db9f1e3ULL, 0x00d95b089f132a34ULL)}, + }}, {{ + {FIELD_LITERAL(0x002922b39ca33eecULL, 0x0090d12a5f3ab194ULL, + 0x00ab60c02fb5f8edULL, 0x00188d292abba1cfULL, + 0x00e10edec9698f6eULL, 0x0069a4d9934133c8ULL, + 0x0024aac40e6d3d06ULL, 0x001702c2177661b0ULL)}, + {FIELD_LITERAL(0x00139078397030bdULL, 0x000e3c447e859a00ULL, + 0x0064a5b334c82393ULL, 0x00b8aabeb7358093ULL, + 0x00020778bb9ae73bULL, 0x0032ee94c7892a18ULL, + 0x008215253cb41bdaULL, 0x005e2797593517aeULL)}, + {FIELD_LITERAL(0x0083765a5f855d4aULL, 0x0051b6d1351b8ee2ULL, + 0x00116de548b0f7bbULL, 0x0087bd88703affa0ULL, + 0x0095b2cc34d7fdd2ULL, 0x0084cd81b53f0bc8ULL, + 0x008562fc995350edULL, 0x00a39abb193651e3ULL)}, + }}, {{ + {FIELD_LITERAL(0x0019e23f0474b114ULL, 0x00eb94c2ad3b437eULL, + 0x006ddb34683b75acULL, 0x00391f9209b564c6ULL, + 0x00083b3bb3bff7aaULL, 0x00eedcd0f6dceefcULL, + 0x00b50817f794fe01ULL, 0x0036474deaaa75c9ULL)}, + {FIELD_LITERAL(0x0091868594265aa2ULL, 0x00797accae98ca6dULL, + 0x0008d8c5f0f8a184ULL, 0x00d1f4f1c2b2fe6eULL, + 0x0036783dfb48a006ULL, 0x008c165120503527ULL, + 0x0025fd780058ce9bULL, 0x0068beb007be7d27ULL)}, + {FIELD_LITERAL(0x00d0ff88aa7c90c2ULL, 0x00b2c60dacf53394ULL, + 0x0094a7284d9666d6ULL, 0x00bed9022ce7a19dULL, + 0x00c51553f0cd7682ULL, 0x00c3fb870b124992ULL, + 0x008d0bc539956c9bULL, 0x00fc8cf258bb8885ULL)}, + }}, {{ + {FIELD_LITERAL(0x003667bf998406f8ULL, 0x0000115c43a12975ULL, + 0x001e662f3b20e8fdULL, 0x0019ffa534cb24ebULL, + 0x00016be0dc8efb45ULL, 0x00ff76a8b26243f5ULL, + 0x00ae20d241a541e3ULL, 0x0069bd6af13cd430ULL)}, + {FIELD_LITERAL(0x0045fdc16487cda3ULL, 0x00b2d8e844cf2ed7ULL, + 0x00612c50e88c1607ULL, 0x00a08aabc66c1672ULL, + 0x006031fdcbb24d97ULL, 0x001b639525744b93ULL, + 0x004409d62639ab17ULL, 0x00a1853d0347ab1dULL)}, + {FIELD_LITERAL(0x0075a1a56ebf5c21ULL, 0x00a3e72be9ac53edULL, + 0x00efcde1629170c2ULL, 0x0004225fe91ef535ULL, + 0x0088049fc73dfda7ULL, 0x004abc74857e1288ULL, + 0x0024e2434657317cULL, 0x00d98cb3d3e5543cULL)}, + }}, {{ + {FIELD_LITERAL(0x00b4b53eab6bdb19ULL, 0x009b22d8b43711d0ULL, + 0x00d948b9d961785dULL, 0x00cb167b6f279eadULL, + 0x00191de3a678e1c9ULL, 0x00d9dd9511095c2eULL, + 0x00f284324cd43067ULL, 0x00ed74fa535151ddULL)}, + {FIELD_LITERAL(0x007e32c049b5c477ULL, 0x009d2bfdbd9bcfd8ULL, + 0x00636e93045938c6ULL, 0x007fde4af7687298ULL, + 0x0046a5184fafa5d3ULL, 0x0079b1e7f13a359bULL, + 0x00875adf1fb927d6ULL, 0x00333e21c61bcad2ULL)}, + {FIELD_LITERAL(0x00048014f73d8b8dULL, 0x0075684aa0966388ULL, + 0x0092be7df06dc47cULL, 0x0097cebcd0f5568aULL, + 0x005a7004d9c4c6a9ULL, 0x00b0ecbb659924c7ULL, + 0x00d90332dd492a7cULL, 0x0057fc14df11493dULL)}, + }}, {{ + {FIELD_LITERAL(0x0008ed8ea0ad95beULL, 0x0041d324b9709645ULL, + 0x00e25412257a19b4ULL, 0x0058df9f3423d8d2ULL, + 0x00a9ab20def71304ULL, 0x009ae0dbf8ac4a81ULL, + 0x00c9565977e4392aULL, 0x003c9269444baf55ULL)}, + {FIELD_LITERAL(0x007df6cbb926830bULL, 0x00d336058ae37865ULL, + 0x007af47dac696423ULL, 0x0048d3011ec64ac8ULL, + 0x006b87666e40049fULL, 0x0036a2e0e51303d7ULL, + 0x00ba319bd79dbc55ULL, 0x003e2737ecc94f53ULL)}, + {FIELD_LITERAL(0x00d296ff726272d9ULL, 0x00f6d097928fcf57ULL, + 0x00e0e616a55d7013ULL, 0x00deaf454ed9eac7ULL, + 0x0073a56bedef4d92ULL, 0x006ccfdf6fc92e19ULL, + 0x009d1ee1371a7218ULL, 0x00ee3c2ee4462d80ULL)}, + }}, {{ + {FIELD_LITERAL(0x00437bce9bccdf9dULL, 0x00e0c8e2f85dc0a3ULL, + 0x00c91a7073995a19ULL, 0x00856ec9fe294559ULL, + 0x009e4b33394b156eULL, 0x00e245b0dc497e5cULL, + 0x006a54e687eeaeffULL, 0x00f1cd1cd00fdb7cULL)}, + {FIELD_LITERAL(0x008132ae5c5d8cd1ULL, 0x00121d68324a1d9fULL, + 0x00d6be9dafcb8c76ULL, 0x00684d9070edf745ULL, + 0x00519fbc96d7448eULL, 0x00388182fdc1f27eULL, + 0x000235baed41f158ULL, 0x00bf6cf6f1a1796aULL)}, + {FIELD_LITERAL(0x002adc4b4d148219ULL, 0x003084ada0d3a90aULL, + 0x0046de8aab0f2e4eULL, 0x00452d342a67b5fdULL, + 0x00d4b50f01d4de21ULL, 0x00db6d9fc0cefb79ULL, + 0x008c184c86a462cdULL, 0x00e17c83764d42daULL)}, + }}, {{ + {FIELD_LITERAL(0x007b2743b9a1e01aULL, 0x007847ffd42688c4ULL, + 0x006c7844d610a316ULL, 0x00f0cb8b250aa4b0ULL, + 0x00a19060143b3ae6ULL, 0x0014eb10b77cfd80ULL, + 0x000170905729dd06ULL, 0x00063b5b9cd72477ULL)}, + {FIELD_LITERAL(0x00ce382dc7993d92ULL, 0x00021153e938b4c8ULL, + 0x00096f7567f48f51ULL, 0x0058f81ddfe4b0d5ULL, + 0x00cc379a56b355c7ULL, 0x002c760770d3e819ULL, + 0x00ee22d1d26e5a40ULL, 0x00de6d93d5b082d7ULL)}, + {FIELD_LITERAL(0x000a91a42c52e056ULL, 0x00185f6b77fce7eaULL, + 0x000803c51962f6b5ULL, 0x0022528582ba563dULL, + 0x0043f8040e9856d6ULL, 0x0085a29ec81fb860ULL, + 0x005f9a611549f5ffULL, 0x00c1f974ecbd4b06ULL)}, + }}, {{ + {FIELD_LITERAL(0x005b64c6fd65ec97ULL, 0x00c1fdd7f877bc7fULL, + 0x000d9cc6c89f841cULL, 0x005c97b7f1aff9adULL, + 0x0075e3c61475d47eULL, 0x001ecb1ba8153011ULL, + 0x00fe7f1c8d71d40dULL, 0x003fa9757a229832ULL)}, + {FIELD_LITERAL(0x00ffc5c89d2b0cbaULL, 0x00d363d42e3e6fc3ULL, + 0x0019a1a0118e2e8aULL, 0x00f7baeff48882e1ULL, + 0x001bd5af28c6b514ULL, 0x0055476ca2253cb2ULL, + 0x00d8eb1977e2ddf3ULL, 0x00b173b1adb228a1ULL)}, + {FIELD_LITERAL(0x00f2cb99dd0ad707ULL, 0x00e1e08b6859ddd8ULL, + 0x000008f2d0650bccULL, 0x00d7ed392f8615c3ULL, + 0x00976750a94da27fULL, 0x003e83bb0ecb69baULL, + 0x00df8e8d15c14ac6ULL, 0x00f9f7174295d9c2ULL)}, + }}, {{ + {FIELD_LITERAL(0x00f11cc8e0e70bcbULL, 0x00e5dc689974e7ddULL, + 0x0014e409f9ee5870ULL, 0x00826e6689acbd63ULL, + 0x008a6f4e3d895d88ULL, 0x00b26a8da41fd4adULL, + 0x000fb7723f83efd7ULL, 0x009c749db0a5f6c3ULL)}, + {FIELD_LITERAL(0x002389319450f9baULL, 0x003677f31aa1250aULL, + 0x0092c3db642f38cbULL, 0x00f8b64c0dfc9773ULL, + 0x00cd49fe3505b795ULL, 0x0068105a4090a510ULL, + 0x00df0ba2072a8bb6ULL, 0x00eb396143afd8beULL)}, + {FIELD_LITERAL(0x00a0d4ecfb24cdffULL, 0x00ddaf8008ba6479ULL, + 0x00f0b3e36d4b0f44ULL, 0x003734bd3af1f146ULL, + 0x00b87e2efc75527eULL, 0x00d230df55ddab50ULL, + 0x002613257ae56c1dULL, 0x00bc0946d135934dULL)}, + }}, {{ + {FIELD_LITERAL(0x00468711bd994651ULL, 0x0033108fa67561bfULL, + 0x0089d760192a54b4ULL, 0x00adc433de9f1871ULL, + 0x000467d05f36e050ULL, 0x007847e0f0579f7fULL, + 0x00a2314ad320052dULL, 0x00b3a93649f0b243ULL)}, + {FIELD_LITERAL(0x0067f8f0c4fe26c9ULL, 0x0079c4a3cc8f67b9ULL, + 0x0082b1e62f23550dULL, 0x00f2d409caefd7f5ULL, + 0x0080e67dcdb26e81ULL, 0x0087ae993ea1f98aULL, + 0x00aa108becf61d03ULL, 0x001acf11efb608a3ULL)}, + {FIELD_LITERAL(0x008225febbab50d9ULL, 0x00f3b605e4dd2083ULL, + 0x00a32b28189e23d2ULL, 0x00d507e5e5eb4c97ULL, + 0x005a1a84e302821fULL, 0x0006f54c1c5f08c7ULL, + 0x00a347c8cb2843f0ULL, 0x0009f73e9544bfa5ULL)}, + }}, {{ + {FIELD_LITERAL(0x006c59c9ae744185ULL, 0x009fc32f1b4282cdULL, + 0x004d6348ca59b1acULL, 0x00105376881be067ULL, + 0x00af4096013147dcULL, 0x004abfb5a5cb3124ULL, + 0x000d2a7f8626c354ULL, 0x009c6ed568e07431ULL)}, + {FIELD_LITERAL(0x00e828333c297f8bULL, 0x009ef3cf8c3f7e1fULL, + 0x00ab45f8fff31cb9ULL, 0x00c8b4178cb0b013ULL, + 0x00d0c50dd3260a3fULL, 0x0097126ac257f5bcULL, + 0x0042376cc90c705aULL, 0x001d96fdb4a1071eULL)}, + {FIELD_LITERAL(0x00542d44d89ee1a8ULL, 0x00306642e0442d98ULL, + 0x0090853872b87338ULL, 0x002362cbf22dc044ULL, + 0x002c222adff663b8ULL, 0x0067c924495fcb79ULL, + 0x000e621d983c977cULL, 0x00df77a9eccb66fbULL)}, + }}, {{ + {FIELD_LITERAL(0x002809e4bbf1814aULL, 0x00b9e854f9fafb32ULL, + 0x00d35e67c10f7a67ULL, 0x008f1bcb76e748cfULL, + 0x004224d9515687d2ULL, 0x005ba0b774e620c4ULL, + 0x00b5e57db5d54119ULL, 0x00e15babe5683282ULL)}, + {FIELD_LITERAL(0x00832d02369b482cULL, 0x00cba52ff0d93450ULL, + 0x003fa9c908d554dbULL, 0x008d1e357b54122fULL, + 0x00abd91c2dc950c6ULL, 0x007eff1df4c0ec69ULL, + 0x003f6aeb13fb2d31ULL, 0x00002d6179fc5b2cULL)}, + {FIELD_LITERAL(0x0046c9eda81c9c89ULL, 0x00b60cb71c8f62fcULL, + 0x0022f5a683baa558ULL, 0x00f87319fccdf997ULL, + 0x009ca09b51ce6a22ULL, 0x005b12baf4af7d77ULL, + 0x008a46524a1e33e2ULL, 0x00035a77e988be0dULL)}, + }}, {{ + {FIELD_LITERAL(0x00a7efe46a7dbe2fULL, 0x002f66fd55014fe7ULL, + 0x006a428afa1ff026ULL, 0x0056caaa9604ab72ULL, + 0x0033f3bcd7fac8aeULL, 0x00ccb1aa01c86764ULL, + 0x00158d1edf13bf40ULL, 0x009848ee76fcf3b4ULL)}, + {FIELD_LITERAL(0x00a9e7730a819691ULL, 0x00d9cc73c4992b70ULL, + 0x00e299bde067de5aULL, 0x008c314eb705192aULL, + 0x00e7226f17e8a3ccULL, 0x0029dfd956e65a47ULL, + 0x0053a8e839073b12ULL, 0x006f942b2ab1597eULL)}, + {FIELD_LITERAL(0x001c3d780ecd5e39ULL, 0x0094f247fbdcc5feULL, + 0x00d5c786fd527764ULL, 0x00b6f4da74f0db2aULL, + 0x0080f1f8badcd5fcULL, 0x00f36a373ad2e23bULL, + 0x00f804f9f4343bf2ULL, 0x00d1af40ec623982ULL)}, + }}, {{ + {FIELD_LITERAL(0x0082aeace5f1b144ULL, 0x00f68b3108cf4dd3ULL, + 0x00634af01dde3020ULL, 0x000beab5df5c2355ULL, + 0x00e8b790d1b49b0bULL, 0x00e48d15854e36f4ULL, + 0x0040ab2d95f3db9fULL, 0x002711c4ed9e899aULL)}, + {FIELD_LITERAL(0x0039343746531ebeULL, 0x00c8509d835d429dULL, + 0x00e79eceff6b0018ULL, 0x004abfd31e8efce5ULL, + 0x007bbfaaa1e20210ULL, 0x00e3be89c193e179ULL, + 0x001c420f4c31d585ULL, 0x00f414a315bef5aeULL)}, + {FIELD_LITERAL(0x007c296a24990df8ULL, 0x00d5d07525a75588ULL, + 0x00dd8e113e94b7e7ULL, 0x007bbc58febe0cc8ULL, + 0x0029f51af9bfcad3ULL, 0x007e9311ec7ab6f3ULL, + 0x009a884de1676343ULL, 0x0050d5f2dce84be9ULL)}, + }}, {{ + {FIELD_LITERAL(0x005fa020cca2450aULL, 0x00491c29db6416d8ULL, + 0x0037cefe3f9f9a85ULL, 0x003d405230647066ULL, + 0x0049e835f0fdbe89ULL, 0x00feb78ac1a0815cULL, + 0x00828e4b32dc9724ULL, 0x00db84f2dc8d6fd4ULL)}, + {FIELD_LITERAL(0x0098cddc8b39549aULL, 0x006da37e3b05d22cULL, + 0x00ce633cfd4eb3cbULL, 0x00fda288ef526acdULL, + 0x0025338878c5d30aULL, 0x00f34438c4e5a1b4ULL, + 0x00584efea7c310f1ULL, 0x0041a551f1b660adULL)}, + {FIELD_LITERAL(0x00d7f7a8fbd6437aULL, 0x0062872413bf3753ULL, + 0x00ad4bbcb43c584bULL, 0x007fe49be601d7e3ULL, + 0x0077c659789babf4ULL, 0x00eb45fcb06a741bULL, + 0x005ce244913f9708ULL, 0x0088426401736326ULL)}, + }}, {{ + {FIELD_LITERAL(0x007bf562ca768d7cULL, 0x006c1f3a174e387cULL, + 0x00f024b447fee939ULL, 0x007e7af75f01143fULL, + 0x003adb70b4eed89dULL, 0x00e43544021ad79aULL, + 0x0091f7f7042011f6ULL, 0x0093c1a1ee3a0ddcULL)}, + {FIELD_LITERAL(0x00a0b68ec1eb72d2ULL, 0x002c03235c0d45a0ULL, + 0x00553627323fe8c5ULL, 0x006186e94b17af94ULL, + 0x00a9906196e29f14ULL, 0x0025b3aee6567733ULL, + 0x007e0dd840080517ULL, 0x0018eb5801a4ba93ULL)}, + {FIELD_LITERAL(0x00d7fe7017bf6a40ULL, 0x006e3f0624be0c42ULL, + 0x00ffbba205358245ULL, 0x00f9fc2cf8194239ULL, + 0x008d93b37bf15b4eULL, 0x006ddf2e38be8e95ULL, + 0x002b6e79bf5fcff9ULL, 0x00ab355da425e2deULL)}, + }}, {{ + {FIELD_LITERAL(0x00938f97e20be973ULL, 0x0099141a36aaf306ULL, + 0x0057b0ca29e545a1ULL, 0x0085db571f9fbc13ULL, + 0x008b333c554b4693ULL, 0x0043ab6ef3e241cbULL, + 0x0054fb20aa1e5c70ULL, 0x00be0ff852760adfULL)}, + {FIELD_LITERAL(0x003973d8938971d6ULL, 0x002aca26fa80c1f5ULL, + 0x00108af1faa6b513ULL, 0x00daae275d7924e6ULL, + 0x0053634ced721308ULL, 0x00d2355fe0bbd443ULL, + 0x00357612b2d22095ULL, 0x00f9bb9dd4136cf3ULL)}, + {FIELD_LITERAL(0x002bff12cf5e03a5ULL, 0x001bdb1fa8a19cf8ULL, + 0x00c91c6793f84d39ULL, 0x00f869f1b2eba9afULL, + 0x0059bc547dc3236bULL, 0x00d91611d6d38689ULL, + 0x00e062daaa2c0214ULL, 0x00ed3c047cc2bc82ULL)}, + }}, {{ + {FIELD_LITERAL(0x000050d70c32b31aULL, 0x001939d576d437b3ULL, + 0x00d709e598bf9fe6ULL, 0x00a885b34bd2ee9eULL, + 0x00dd4b5c08ab1a50ULL, 0x0091bebd50b55639ULL, + 0x00cf79ff64acdbc6ULL, 0x006067a39d826336ULL)}, + {FIELD_LITERAL(0x0062dd0fb31be374ULL, 0x00fcc96b84c8e727ULL, + 0x003f64f1375e6ae3ULL, 0x0057d9b6dd1af004ULL, + 0x00d6a167b1103c7bULL, 0x00dd28f3180fb537ULL, + 0x004ff27ad7167128ULL, 0x008934c33461f2acULL)}, + {FIELD_LITERAL(0x0065b472b7900043ULL, 0x00ba7efd2ff1064bULL, + 0x000b67d6c4c3020fULL, 0x0012d28469f4e46dULL, + 0x0031c32939703ec7ULL, 0x00b49f0bce133066ULL, + 0x00f7e10416181d47ULL, 0x005c90f51867eeccULL)}, + }}, {{ + {FIELD_LITERAL(0x0051207abd179101ULL, 0x00fc2a5c20d9c5daULL, + 0x00fb9d5f2701b6dfULL, 0x002dd040fdea82b8ULL, + 0x00f163b0738442ffULL, 0x00d9736bd68855b8ULL, + 0x00e0d8e93005e61cULL, 0x00df5a40b3988570ULL)}, + {FIELD_LITERAL(0x0006918f5dfce6dcULL, 0x00d4bf1c793c57fbULL, + 0x0069a3f649435364ULL, 0x00e89a50e5b0cd6eULL, + 0x00b9f6a237e973afULL, 0x006d4ed8b104e41dULL, + 0x00498946a3924cd2ULL, 0x00c136ec5ac9d4f7ULL)}, + {FIELD_LITERAL(0x0011a9c290ac5336ULL, 0x002b9a2d4a6a6533ULL, + 0x009a8a68c445d937ULL, 0x00361b27b07e5e5cULL, + 0x003c043b1755b974ULL, 0x00b7eb66cf1155eeULL, + 0x0077af5909eefff2ULL, 0x0098f609877cc806ULL)}, + }}, {{ + {FIELD_LITERAL(0x00ab13af436bf8f4ULL, 0x000bcf0a0dac8574ULL, + 0x00d50c864f705045ULL, 0x00c40e611debc842ULL, + 0x0085010489bd5caaULL, 0x007c5050acec026fULL, + 0x00f67d943c8da6d1ULL, 0x00de1da0278074c6ULL)}, + {FIELD_LITERAL(0x00b373076597455fULL, 0x00e83f1af53ac0f5ULL, + 0x0041f63c01dc6840ULL, 0x0097dea19b0c6f4bULL, + 0x007f9d63b4c1572cULL, 0x00e692d492d0f5f0ULL, + 0x00cbcb392e83b4adULL, 0x0069c0f39ed9b1a8ULL)}, + {FIELD_LITERAL(0x00861030012707c9ULL, 0x009fbbdc7fd4aafbULL, + 0x008f591d6b554822ULL, 0x00df08a41ea18adeULL, + 0x009d7d83e642abeaULL, 0x0098c71bda3b78ffULL, + 0x0022c89e7021f005ULL, 0x0044d29a3fe1e3c4ULL)}, + }}, {{ + {FIELD_LITERAL(0x00e748cd7b5c52f2ULL, 0x00ea9df883f89cc3ULL, + 0x0018970df156b6c7ULL, 0x00c5a46c2a33a847ULL, + 0x00cbde395e32aa09ULL, 0x0072474ebb423140ULL, + 0x00fb00053086a23dULL, 0x001dafcfe22d4e1fULL)}, + {FIELD_LITERAL(0x00c903ee6d825540ULL, 0x00add6c4cf98473eULL, + 0x007636efed4227f1ULL, 0x00905124ae55e772ULL, + 0x00e6b38fab12ed53ULL, 0x0045e132b863fe55ULL, + 0x003974662edb366aULL, 0x00b1787052be8208ULL)}, + {FIELD_LITERAL(0x00a614b00d775c7cULL, 0x00d7c78941cc7754ULL, + 0x00422dd68b5dabc4ULL, 0x00a6110f0167d28bULL, + 0x00685a309c252886ULL, 0x00b439ffd5143660ULL, + 0x003656e29ee7396fULL, 0x00c7c9b9ed5ad854ULL)}, + }}, {{ + {FIELD_LITERAL(0x0040f7e7c5b37bf2ULL, 0x0064e4dc81181bbaULL, + 0x00a8767ae2a366b6ULL, 0x001496b4f90546f2ULL, + 0x002a28493f860441ULL, 0x0021f59513049a3aULL, + 0x00852d369a8b7ee3ULL, 0x00dd2e7d8b7d30a9ULL)}, + {FIELD_LITERAL(0x00006e34a35d9fbcULL, 0x00eee4e48b2f019aULL, + 0x006b344743003a5fULL, 0x00541d514f04a7e3ULL, + 0x00e81f9ee7647455ULL, 0x005e2b916c438f81ULL, + 0x00116f8137b7eff0ULL, 0x009bd3decc7039d1ULL)}, + {FIELD_LITERAL(0x0005d226f434110dULL, 0x00af8288b8ef21d5ULL, + 0x004a7a52ef181c8cULL, 0x00be0b781b4b06deULL, + 0x00e6e3627ded07e1ULL, 0x00e43aa342272b8bULL, + 0x00e86ab424577d84ULL, 0x00fb292c566e35bbULL)}, + }}, {{ + {FIELD_LITERAL(0x00334f5303ea1222ULL, 0x00dfb3dbeb0a5d3eULL, + 0x002940d9592335c1ULL, 0x00706a7a63e8938aULL, + 0x005a533558bc4cafULL, 0x00558e33192022a9ULL, + 0x00970d9faf74c133ULL, 0x002979fcb63493caULL)}, + {FIELD_LITERAL(0x00e38abece3c82abULL, 0x005a51f18a2c7a86ULL, + 0x009dafa2e86d592eULL, 0x00495a62eb688678ULL, + 0x00b79df74c0eb212ULL, 0x0023e8cc78b75982ULL, + 0x005998cb91075e13ULL, 0x00735aa9ba61bc76ULL)}, + {FIELD_LITERAL(0x00d9f7a82ddbe628ULL, 0x00a1fc782889ae0fULL, + 0x0071ffda12d14b66ULL, 0x0037cf4eca7fb3d5ULL, + 0x00c80bc242c58808ULL, 0x0075bf8c2d08c863ULL, + 0x008d41f31afc52a7ULL, 0x00197962ecf38741ULL)}, + }}, {{ + {FIELD_LITERAL(0x006e9f475cccf2eeULL, 0x00454b9cd506430cULL, + 0x00224a4fb79ee479ULL, 0x0062e3347ef0b5e2ULL, + 0x0034fd2a3512232aULL, 0x00b8b3cb0f457046ULL, + 0x00eb20165daa38ecULL, 0x00128eebc2d9c0f7ULL)}, + {FIELD_LITERAL(0x00bfc5fa1e4ea21fULL, 0x00c21d7b6bb892e6ULL, + 0x00cf043f3acf0291ULL, 0x00c13f2f849b3c90ULL, + 0x00d1a97ebef10891ULL, 0x0061e130a445e7feULL, + 0x0019513fdedbf22bULL, 0x001d60c813bff841ULL)}, + {FIELD_LITERAL(0x0019561c7fcf0213ULL, 0x00e3dca6843ebd77ULL, + 0x0068ea95b9ca920eULL, 0x009bdfb70f253595ULL, + 0x00c68f59186aa02aULL, 0x005aee1cca1c3039ULL, + 0x00ab79a8a937a1ceULL, 0x00b9a0e549959e6fULL)}, + }}, {{ + {FIELD_LITERAL(0x00c79e0b6d97dfbdULL, 0x00917c71fd2bc6e8ULL, + 0x00db7529ccfb63d8ULL, 0x00be5be957f17866ULL, + 0x00a9e11fdc2cdac1ULL, 0x007b91a8e1f44443ULL, + 0x00a3065e4057d80fULL, 0x004825f5b8d5f6d4ULL)}, + {FIELD_LITERAL(0x003e4964fa8a8fc8ULL, 0x00f6a1cdbcf41689ULL, + 0x00943cb18fe7fda7ULL, 0x00606dafbf34440aULL, + 0x005d37a86399c789ULL, 0x00e79a2a69417403ULL, + 0x00fe34f7e68b8866ULL, 0x0011f448ed2df10eULL)}, + {FIELD_LITERAL(0x00f1f57efcc1fcc4ULL, 0x00513679117de154ULL, + 0x002e5b5b7c86d8c3ULL, 0x009f6486561f9cfbULL, + 0x00169e74b0170cf7ULL, 0x00900205af4af696ULL, + 0x006acfddb77853f3ULL, 0x00df184c90f31068ULL)}, + }}, {{ + {FIELD_LITERAL(0x00b37396c3320791ULL, 0x00fc7b67175c5783ULL, + 0x00c36d2cd73ecc38ULL, 0x0080ebcc0b328fc5ULL, + 0x0043a5b22b35d35dULL, 0x00466c9f1713c9daULL, + 0x0026ad346dcaa8daULL, 0x007c684e701183a6ULL)}, + {FIELD_LITERAL(0x00fd579ffb691713ULL, 0x00b76af4f81c412dULL, + 0x00f239de96110f82ULL, 0x00e965fb437f0306ULL, + 0x00ca7e9436900921ULL, 0x00e487f1325fa24aULL, + 0x00633907de476380ULL, 0x00721c62ac5b8ea0ULL)}, + {FIELD_LITERAL(0x00c0d54e542eb4f9ULL, 0x004ed657171c8dcfULL, + 0x00b743a4f7c2a39bULL, 0x00fd9f93ed6cc567ULL, + 0x00307fae3113e58bULL, 0x0058aa577c93c319ULL, + 0x00d254556f35b346ULL, 0x00491aada2203f0dULL)}, + }}, {{ + {FIELD_LITERAL(0x00dff3103786ff34ULL, 0x000144553b1f20c3ULL, + 0x0095613baeb930e4ULL, 0x00098058275ea5d4ULL, + 0x007cd1402b046756ULL, 0x0074d74e4d58aee3ULL, + 0x005f93fc343ff69bULL, 0x00873df17296b3b0ULL)}, + {FIELD_LITERAL(0x00c4a1fb48635413ULL, 0x00b5dd54423ad59fULL, + 0x009ff5d53fd24a88ULL, 0x003c98d267fc06a7ULL, + 0x002db7cb20013641ULL, 0x00bd1d6716e191f2ULL, + 0x006dbc8b29094241ULL, 0x0044bbf233dafa2cULL)}, + {FIELD_LITERAL(0x0055838d41f531e6ULL, 0x00bf6a2dd03c81b2ULL, + 0x005827a061c4839eULL, 0x0000de2cbb36aac3ULL, + 0x002efa29d9717478ULL, 0x00f9e928cc8a77baULL, + 0x00c134b458def9efULL, 0x00958a182223fc48ULL)}, + }}, {{ + {FIELD_LITERAL(0x000a9ee23c06881fULL, 0x002c727d3d871945ULL, + 0x00f47d971512d24aULL, 0x00671e816f9ef31aULL, + 0x00883af2cfaad673ULL, 0x00601f98583d6c9aULL, + 0x00b435f5adc79655ULL, 0x00ad87b71c04bff2ULL)}, + {FIELD_LITERAL(0x007860d99db787cfULL, 0x00fda8983018f4a8ULL, + 0x008c8866bac4743cULL, 0x00ef471f84c82a3fULL, + 0x00abea5976d3b8e7ULL, 0x00714882896cd015ULL, + 0x00b49fae584ddac5ULL, 0x008e33a1a0b69c81ULL)}, + {FIELD_LITERAL(0x007b6ee2c9e8a9ecULL, 0x002455dbbd89d622ULL, + 0x006490cf4eaab038ULL, 0x00d925f6c3081561ULL, + 0x00153b3047de7382ULL, 0x003b421f8bdceb6fULL, + 0x00761a4a5049da78ULL, 0x00980348c5202433ULL)}, + }}, {{ + {FIELD_LITERAL(0x007f8a43da97dd5cULL, 0x00058539c800fc7bULL, + 0x0040f3cf5a28414aULL, 0x00d68dd0d95283d6ULL, + 0x004adce9da90146eULL, 0x00befa41c7d4f908ULL, + 0x007603bc2e3c3060ULL, 0x00bdf360ab3545dbULL)}, + {FIELD_LITERAL(0x00eebfd4e2312cc3ULL, 0x00474b2564e4fc8cULL, + 0x003303ef14b1da9bULL, 0x003c93e0e66beb1dULL, + 0x0013619b0566925aULL, 0x008817c24d901bf3ULL, + 0x00b62bd8898d218bULL, 0x0075a7716f1e88a2ULL)}, + {FIELD_LITERAL(0x0009218da1e6890fULL, 0x0026907f5fd02575ULL, + 0x004dabed5f19d605ULL, 0x003abf181870249dULL, + 0x00b52fd048cc92c4ULL, 0x00b6dd51e415a5c5ULL, + 0x00d9eb82bd2b4014ULL, 0x002c865a43b46b43ULL)}, + }}, {{ + {FIELD_LITERAL(0x0070047189452f4cULL, 0x00f7ad12e1ce78d5ULL, + 0x00af1ba51ec44a8bULL, 0x005f39f63e667cd6ULL, + 0x00058eac4648425eULL, 0x00d7fdab42bea03bULL, + 0x0028576a5688de15ULL, 0x00af973209e77c10ULL)}, + {FIELD_LITERAL(0x00c338b915d8fef0ULL, 0x00a893292045c39aULL, + 0x0028ab4f2eba6887ULL, 0x0060743cb519fd61ULL, + 0x0006213964093ac0ULL, 0x007c0b7a43f6266dULL, + 0x008e3557c4fa5bdaULL, 0x002da976de7b8d9dULL)}, + {FIELD_LITERAL(0x0048729f8a8b6dcdULL, 0x00fe23b85cc4d323ULL, + 0x00e7384d16e4db0eULL, 0x004a423970678942ULL, + 0x00ec0b763345d4baULL, 0x00c477b9f99ed721ULL, + 0x00c29dad3777b230ULL, 0x001c517b466f7df6ULL)}, + }}, {{ + {FIELD_LITERAL(0x006366c380f7b574ULL, 0x001c7d1f09ff0438ULL, + 0x003e20a7301f5b22ULL, 0x00d3efb1916d28f6ULL, + 0x0049f4f81060ce83ULL, 0x00c69d91ea43ced1ULL, + 0x002b6f3e5cd269edULL, 0x005b0fb22ce9ec65ULL)}, + {FIELD_LITERAL(0x00aa2261022d883fULL, 0x00ebcca4548010acULL, + 0x002528512e28a437ULL, 0x0070ca7676b66082ULL, + 0x0084bda170f7c6d3ULL, 0x00581b4747c9b8bbULL, + 0x005c96a01061c7e2ULL, 0x00fb7c4a362b5273ULL)}, + {FIELD_LITERAL(0x00c30020eb512d02ULL, 0x0060f288283a4d26ULL, + 0x00b7ed13becde260ULL, 0x0075ebb74220f6e9ULL, + 0x00701079fcfe8a1fULL, 0x001c28fcdff58938ULL, + 0x002e4544b8f4df6bULL, 0x0060c5bc4f1a7d73ULL)}, + }}, {{ + {FIELD_LITERAL(0x00ae307cf069f701ULL, 0x005859f222dd618bULL, + 0x00212d6c46ec0b0dULL, 0x00a0fe4642afb62dULL, + 0x00420d8e4a0a8903ULL, 0x00a80ff639bdf7b0ULL, + 0x0019bee1490b5d8eULL, 0x007439e4b9c27a86ULL)}, + {FIELD_LITERAL(0x00a94700032a093fULL, 0x0076e96c225216e7ULL, + 0x00a63a4316e45f91ULL, 0x007d8bbb4645d3b2ULL, + 0x00340a6ff22793ebULL, 0x006f935d4572aeb7ULL, + 0x00b1fb69f00afa28ULL, 0x009e8f3423161ed3ULL)}, + {FIELD_LITERAL(0x009ef49c6b5ced17ULL, 0x00a555e6269e9f0aULL, + 0x007e6f1d79ec73b5ULL, 0x009ac78695a32ac4ULL, + 0x0001d77fbbcd5682ULL, 0x008cea1fee0aaeedULL, + 0x00f42bea82a53462ULL, 0x002e46ab96cafcc9ULL)}, + }}, {{ + {FIELD_LITERAL(0x0051cfcc5885377aULL, 0x00dce566cb1803caULL, + 0x00430c7643f2c7d4ULL, 0x00dce1a1337bdcc0ULL, + 0x0010d5bd7283c128ULL, 0x003b1b547f9b46feULL, + 0x000f245e37e770abULL, 0x007b72511f022b37ULL)}, + {FIELD_LITERAL(0x0060db815bc4786cULL, 0x006fab25beedc434ULL, + 0x00c610d06084797cULL, 0x000c48f08537bec0ULL, + 0x0031aba51c5b93daULL, 0x007968fa6e01f347ULL, + 0x0030070da52840c6ULL, 0x00c043c225a4837fULL)}, + {FIELD_LITERAL(0x001bcfd00649ee93ULL, 0x006dceb47e2a0fd5ULL, + 0x00f2cebda0cf8fd0ULL, 0x00b6b9d9d1fbdec3ULL, + 0x00815262e6490611ULL, 0x00ef7f5ce3176760ULL, + 0x00e49cd0c998d58bULL, 0x005fc6cc269ba57cULL)}, + }}, {{ + {FIELD_LITERAL(0x008940211aa0d633ULL, 0x00addae28136571dULL, + 0x00d68fdbba20d673ULL, 0x003bc6129bc9e21aULL, + 0x000346cf184ebe9aULL, 0x0068774d741ebc7fULL, + 0x0019d5e9e6966557ULL, 0x0003cbd7f981b651ULL)}, + {FIELD_LITERAL(0x004a2902926f8d3fULL, 0x00ad79b42637ab75ULL, + 0x0088f60b90f2d4e8ULL, 0x0030f54ef0e398c4ULL, + 0x00021dc9bf99681eULL, 0x007ebf66fde74ee3ULL, + 0x004ade654386e9a4ULL, 0x00e7485066be4c27ULL)}, + {FIELD_LITERAL(0x00445f1263983be0ULL, 0x004cf371dda45e6aULL, + 0x00744a89d5a310e7ULL, 0x001f20ce4f904833ULL, + 0x00e746edebe66e29ULL, 0x000912ab1f6c153dULL, + 0x00f61d77d9b2444cULL, 0x0001499cd6647610ULL)}, }} } }; @@ -343,133 +1063,421 @@ const struct curve448_precomputed_s *curve448_precomputed_base static const niels_t curve448_wnaf_base_table[32] = { {{ - {FIELD_LITERAL(0x00303cda6feea532,0x00860f1d5a3850e4,0x00226b9fa4728ccd,0x00e822938a0a0c0c,0x00263a61c9ea9216,0x001204029321b828,0x006a468360983c65,0x0002846f0a782143)}, - {FIELD_LITERAL(0x00303cda6feea532,0x00860f1d5a3850e4,0x00226b9fa4728ccd,0x006822938a0a0c0c,0x00263a61c9ea9215,0x001204029321b828,0x006a468360983c65,0x0082846f0a782143)}, - {FIELD_LITERAL(0x00ef8e22b275198d,0x00b0eb141a0b0e8b,0x001f6789da3cb38c,0x006d2ff8ed39073e,0x00610bdb69a167f3,0x00571f306c9689b4,0x00f557e6f84b2df8,0x002affd38b2c86db)}, + {FIELD_LITERAL(0x00303cda6feea532ULL, 0x00860f1d5a3850e4ULL, + 0x00226b9fa4728ccdULL, 0x00e822938a0a0c0cULL, + 0x00263a61c9ea9216ULL, 0x001204029321b828ULL, + 0x006a468360983c65ULL, 0x0002846f0a782143ULL)}, + {FIELD_LITERAL(0x00303cda6feea532ULL, 0x00860f1d5a3850e4ULL, + 0x00226b9fa4728ccdULL, 0x006822938a0a0c0cULL, + 0x00263a61c9ea9215ULL, 0x001204029321b828ULL, + 0x006a468360983c65ULL, 0x0082846f0a782143ULL)}, + {FIELD_LITERAL(0x00ef8e22b275198dULL, 0x00b0eb141a0b0e8bULL, + 0x001f6789da3cb38cULL, 0x006d2ff8ed39073eULL, + 0x00610bdb69a167f3ULL, 0x00571f306c9689b4ULL, + 0x00f557e6f84b2df8ULL, 0x002affd38b2c86dbULL)}, }}, {{ - {FIELD_LITERAL(0x00cea0fc8d2e88b5,0x00821612d69f1862,0x0074c283b3e67522,0x005a195ba05a876d,0x000cddfe557feea4,0x008046c795bcc5e5,0x00540969f4d6e119,0x00d27f96d6b143d5)}, - {FIELD_LITERAL(0x000c3b1019d474e8,0x00e19533e4952284,0x00cc9810ba7c920a,0x00f103d2785945ac,0x00bfa5696cc69b34,0x00a8d3d51e9ca839,0x005623cb459586b9,0x00eae7ce1cd52e9e)}, - {FIELD_LITERAL(0x0005a178751dd7d8,0x002cc3844c69c42f,0x00acbfe5efe10539,0x009c20f43431a65a,0x008435d96374a7b3,0x009ee57566877bd3,0x0044691725ed4757,0x001e87bb2fe2c6b2)}, + {FIELD_LITERAL(0x00cea0fc8d2e88b5ULL, 0x00821612d69f1862ULL, + 0x0074c283b3e67522ULL, 0x005a195ba05a876dULL, + 0x000cddfe557feea4ULL, 0x008046c795bcc5e5ULL, + 0x00540969f4d6e119ULL, 0x00d27f96d6b143d5ULL)}, + {FIELD_LITERAL(0x000c3b1019d474e8ULL, 0x00e19533e4952284ULL, + 0x00cc9810ba7c920aULL, 0x00f103d2785945acULL, + 0x00bfa5696cc69b34ULL, 0x00a8d3d51e9ca839ULL, + 0x005623cb459586b9ULL, 0x00eae7ce1cd52e9eULL)}, + {FIELD_LITERAL(0x0005a178751dd7d8ULL, 0x002cc3844c69c42fULL, + 0x00acbfe5efe10539ULL, 0x009c20f43431a65aULL, + 0x008435d96374a7b3ULL, 0x009ee57566877bd3ULL, + 0x0044691725ed4757ULL, 0x001e87bb2fe2c6b2ULL)}, }}, {{ - {FIELD_LITERAL(0x000cedc4debf7a04,0x002ffa45000470ac,0x002e9f9678201915,0x0017da1208c4fe72,0x007d558cc7d656cb,0x0037a827287cf289,0x00142472d3441819,0x009c21f166cf8dd1)}, - {FIELD_LITERAL(0x003ef83af164b2f2,0x000949a5a0525d0d,0x00f4498186cac051,0x00e77ac09ef126d2,0x0073ae0b2c9296e9,0x001c163f6922e3ed,0x0062946159321bea,0x00cfb79b22990b39)}, - {FIELD_LITERAL(0x00b001431ca9e654,0x002d7e5eabcc9a3a,0x0052e8114c2f6747,0x0079ac4f94487f92,0x00bffd919b5d749c,0x00261f92ad15e620,0x00718397b7a97895,0x00c1443e6ebbc0c4)}, + {FIELD_LITERAL(0x000cedc4debf7a04ULL, 0x002ffa45000470acULL, + 0x002e9f9678201915ULL, 0x0017da1208c4fe72ULL, + 0x007d558cc7d656cbULL, 0x0037a827287cf289ULL, + 0x00142472d3441819ULL, 0x009c21f166cf8dd1ULL)}, + {FIELD_LITERAL(0x003ef83af164b2f2ULL, 0x000949a5a0525d0dULL, + 0x00f4498186cac051ULL, 0x00e77ac09ef126d2ULL, + 0x0073ae0b2c9296e9ULL, 0x001c163f6922e3edULL, + 0x0062946159321beaULL, 0x00cfb79b22990b39ULL)}, + {FIELD_LITERAL(0x00b001431ca9e654ULL, 0x002d7e5eabcc9a3aULL, + 0x0052e8114c2f6747ULL, 0x0079ac4f94487f92ULL, + 0x00bffd919b5d749cULL, 0x00261f92ad15e620ULL, + 0x00718397b7a97895ULL, 0x00c1443e6ebbc0c4ULL)}, }}, {{ - {FIELD_LITERAL(0x00eacd90c1e0a049,0x008977935b149fbe,0x0004cb9ba11c93dc,0x009fbd5b3470844d,0x004bc18c9bfc22cf,0x0057679a991839f3,0x00ef15b76fb4092e,0x0074a5173a225041)}, - {FIELD_LITERAL(0x003f5f9d7ec4777b,0x00ab2e733c919c94,0x001bb6c035245ae5,0x00a325a49a883630,0x0033e9a9ea3cea2f,0x00e442a1eaa0e844,0x00b2116d5b0e71b8,0x00c16abed6d64047)}, - {FIELD_LITERAL(0x00c560b5ed051165,0x001945adc5d65094,0x00e221865710f910,0x00cc12bc9e9b8ceb,0x004faa9518914e35,0x0017476d89d42f6d,0x00b8f637c8fa1c8b,0x0088c7d2790864b8)}, + {FIELD_LITERAL(0x00eacd90c1e0a049ULL, 0x008977935b149fbeULL, + 0x0004cb9ba11c93dcULL, 0x009fbd5b3470844dULL, + 0x004bc18c9bfc22cfULL, 0x0057679a991839f3ULL, + 0x00ef15b76fb4092eULL, 0x0074a5173a225041ULL)}, + {FIELD_LITERAL(0x003f5f9d7ec4777bULL, 0x00ab2e733c919c94ULL, + 0x001bb6c035245ae5ULL, 0x00a325a49a883630ULL, + 0x0033e9a9ea3cea2fULL, 0x00e442a1eaa0e844ULL, + 0x00b2116d5b0e71b8ULL, 0x00c16abed6d64047ULL)}, + {FIELD_LITERAL(0x00c560b5ed051165ULL, 0x001945adc5d65094ULL, + 0x00e221865710f910ULL, 0x00cc12bc9e9b8cebULL, + 0x004faa9518914e35ULL, 0x0017476d89d42f6dULL, + 0x00b8f637c8fa1c8bULL, 0x0088c7d2790864b8ULL)}, }}, {{ - {FIELD_LITERAL(0x00ef7eafc1c69be6,0x0085d3855778fbea,0x002c8d5b450cb6f5,0x004e77de5e1e7fec,0x0047c057893abded,0x001b430b85d51e16,0x00965c7b45640c3c,0x00487b2bb1162b97)}, - {FIELD_LITERAL(0x0099c73a311beec2,0x00a3eff38d8912ad,0x002efa9d1d7e8972,0x00f717ae1e14d126,0x002833f795850c8b,0x0066c12ad71486bd,0x00ae9889da4820eb,0x00d6044309555c08)}, - {FIELD_LITERAL(0x004b1c5283d15e41,0x00669d8ea308ff75,0x0004390233f762a1,0x00e1d67b83cb6cec,0x003eebaa964c78b1,0x006b0aff965eb664,0x00b313d4470bdc37,0x008814ffcb3cb9d8)}, + {FIELD_LITERAL(0x00ef7eafc1c69be6ULL, 0x0085d3855778fbeaULL, + 0x002c8d5b450cb6f5ULL, 0x004e77de5e1e7fecULL, + 0x0047c057893abdedULL, 0x001b430b85d51e16ULL, + 0x00965c7b45640c3cULL, 0x00487b2bb1162b97ULL)}, + {FIELD_LITERAL(0x0099c73a311beec2ULL, 0x00a3eff38d8912adULL, + 0x002efa9d1d7e8972ULL, 0x00f717ae1e14d126ULL, + 0x002833f795850c8bULL, 0x0066c12ad71486bdULL, + 0x00ae9889da4820ebULL, 0x00d6044309555c08ULL)}, + {FIELD_LITERAL(0x004b1c5283d15e41ULL, 0x00669d8ea308ff75ULL, + 0x0004390233f762a1ULL, 0x00e1d67b83cb6cecULL, + 0x003eebaa964c78b1ULL, 0x006b0aff965eb664ULL, + 0x00b313d4470bdc37ULL, 0x008814ffcb3cb9d8ULL)}, }}, {{ - {FIELD_LITERAL(0x009724b8ce68db70,0x007678b5ed006f3d,0x00bdf4b89c0abd73,0x00299748e04c7c6d,0x00ddd86492c3c977,0x00c5a7febfa30a99,0x00ed84715b4b02bb,0x00319568adf70486)}, - {FIELD_LITERAL(0x0070ff2d864de5bb,0x005a37eeb637ee95,0x0033741c258de160,0x00e6ca5cb1988f46,0x001ceabd92a24661,0x0030957bd500fe40,0x001c3362afe912c5,0x005187889f678bd2)}, - {FIELD_LITERAL(0x0086835fc62bbdc7,0x009c3516ca4910a1,0x00956c71f8d00783,0x0095c78fcf63235f,0x00fc7ff6ba05c222,0x00cdd8b3f8d74a52,0x00ac5ae16de8256e,0x00e9d4be8ed48624)}, + {FIELD_LITERAL(0x009724b8ce68db70ULL, 0x007678b5ed006f3dULL, + 0x00bdf4b89c0abd73ULL, 0x00299748e04c7c6dULL, + 0x00ddd86492c3c977ULL, 0x00c5a7febfa30a99ULL, + 0x00ed84715b4b02bbULL, 0x00319568adf70486ULL)}, + {FIELD_LITERAL(0x0070ff2d864de5bbULL, 0x005a37eeb637ee95ULL, + 0x0033741c258de160ULL, 0x00e6ca5cb1988f46ULL, + 0x001ceabd92a24661ULL, 0x0030957bd500fe40ULL, + 0x001c3362afe912c5ULL, 0x005187889f678bd2ULL)}, + {FIELD_LITERAL(0x0086835fc62bbdc7ULL, 0x009c3516ca4910a1ULL, + 0x00956c71f8d00783ULL, 0x0095c78fcf63235fULL, + 0x00fc7ff6ba05c222ULL, 0x00cdd8b3f8d74a52ULL, + 0x00ac5ae16de8256eULL, 0x00e9d4be8ed48624ULL)}, }}, {{ - {FIELD_LITERAL(0x00c0ce11405df2d8,0x004e3f37b293d7b6,0x002410172e1ac6db,0x00b8dbff4bf8143d,0x003a7b409d56eb66,0x003e0f6a0dfef9af,0x0081c4e4d3645be1,0x00ce76076b127623)}, - {FIELD_LITERAL(0x00f6ee0f98974239,0x0042d89af07d3a4f,0x00846b7fe84346b5,0x006a21fc6a8d39a1,0x00ac8bc2541ff2d9,0x006d4e2a77732732,0x009a39b694cc3f2f,0x0085c0aa2a404c8f)}, - {FIELD_LITERAL(0x00b261101a218548,0x00c1cae96424277b,0x00869da0a77dd268,0x00bc0b09f8ec83ea,0x00d61027f8e82ba9,0x00aa4c85999dce67,0x00eac3132b9f3fe1,0x00fb9b0cf1c695d2)}, + {FIELD_LITERAL(0x00c0ce11405df2d8ULL, 0x004e3f37b293d7b6ULL, + 0x002410172e1ac6dbULL, 0x00b8dbff4bf8143dULL, + 0x003a7b409d56eb66ULL, 0x003e0f6a0dfef9afULL, + 0x0081c4e4d3645be1ULL, 0x00ce76076b127623ULL)}, + {FIELD_LITERAL(0x00f6ee0f98974239ULL, 0x0042d89af07d3a4fULL, + 0x00846b7fe84346b5ULL, 0x006a21fc6a8d39a1ULL, + 0x00ac8bc2541ff2d9ULL, 0x006d4e2a77732732ULL, + 0x009a39b694cc3f2fULL, 0x0085c0aa2a404c8fULL)}, + {FIELD_LITERAL(0x00b261101a218548ULL, 0x00c1cae96424277bULL, + 0x00869da0a77dd268ULL, 0x00bc0b09f8ec83eaULL, + 0x00d61027f8e82ba9ULL, 0x00aa4c85999dce67ULL, + 0x00eac3132b9f3fe1ULL, 0x00fb9b0cf1c695d2ULL)}, }}, {{ - {FIELD_LITERAL(0x0043079295512f0d,0x0046a009861758e0,0x003ee2842a807378,0x0034cc9d1298e4fa,0x009744eb4d31b3ee,0x00afacec96650cd0,0x00ac891b313761ae,0x00e864d6d26e708a)}, - {FIELD_LITERAL(0x00a84d7c8a23b491,0x0088e19aa868b27f,0x0005986d43e78ce9,0x00f28012f0606d28,0x0017ded7e10249b3,0x005ed4084b23af9b,0x00b9b0a940564472,0x00ad9056cceeb1f4)}, - {FIELD_LITERAL(0x00db91b357fe755e,0x00a1aa544b15359c,0x00af4931a0195574,0x007686124fe11aef,0x00d1ead3c7b9ef7e,0x00aaf5fc580f8c15,0x00e727be147ee1ec,0x003c61c1e1577b86)}, + {FIELD_LITERAL(0x0043079295512f0dULL, 0x0046a009861758e0ULL, + 0x003ee2842a807378ULL, 0x0034cc9d1298e4faULL, + 0x009744eb4d31b3eeULL, 0x00afacec96650cd0ULL, + 0x00ac891b313761aeULL, 0x00e864d6d26e708aULL)}, + {FIELD_LITERAL(0x00a84d7c8a23b491ULL, 0x0088e19aa868b27fULL, + 0x0005986d43e78ce9ULL, 0x00f28012f0606d28ULL, + 0x0017ded7e10249b3ULL, 0x005ed4084b23af9bULL, + 0x00b9b0a940564472ULL, 0x00ad9056cceeb1f4ULL)}, + {FIELD_LITERAL(0x00db91b357fe755eULL, 0x00a1aa544b15359cULL, + 0x00af4931a0195574ULL, 0x007686124fe11aefULL, + 0x00d1ead3c7b9ef7eULL, 0x00aaf5fc580f8c15ULL, + 0x00e727be147ee1ecULL, 0x003c61c1e1577b86ULL)}, }}, {{ - {FIELD_LITERAL(0x009d3fca983220cf,0x00cd11acbc853dc4,0x0017590409d27f1d,0x00d2176698082802,0x00fa01251b2838c8,0x00dd297a0d9b51c6,0x00d76c92c045820a,0x00534bc7c46c9033)}, - {FIELD_LITERAL(0x0080ed9bc9b07338,0x00fceac7745d2652,0x008a9d55f5f2cc69,0x0096ce72df301ac5,0x00f53232e7974d87,0x0071728c7ae73947,0x0090507602570778,0x00cb81cfd883b1b2)}, - {FIELD_LITERAL(0x005011aadea373da,0x003a8578ec896034,0x00f20a6535fa6d71,0x005152d31e5a87cf,0x002bac1c8e68ca31,0x00b0e323db4c1381,0x00f1d596b7d5ae25,0x00eae458097cb4e0)}, + {FIELD_LITERAL(0x009d3fca983220cfULL, 0x00cd11acbc853dc4ULL, + 0x0017590409d27f1dULL, 0x00d2176698082802ULL, + 0x00fa01251b2838c8ULL, 0x00dd297a0d9b51c6ULL, + 0x00d76c92c045820aULL, 0x00534bc7c46c9033ULL)}, + {FIELD_LITERAL(0x0080ed9bc9b07338ULL, 0x00fceac7745d2652ULL, + 0x008a9d55f5f2cc69ULL, 0x0096ce72df301ac5ULL, + 0x00f53232e7974d87ULL, 0x0071728c7ae73947ULL, + 0x0090507602570778ULL, 0x00cb81cfd883b1b2ULL)}, + {FIELD_LITERAL(0x005011aadea373daULL, 0x003a8578ec896034ULL, + 0x00f20a6535fa6d71ULL, 0x005152d31e5a87cfULL, + 0x002bac1c8e68ca31ULL, 0x00b0e323db4c1381ULL, + 0x00f1d596b7d5ae25ULL, 0x00eae458097cb4e0ULL)}, }}, {{ - {FIELD_LITERAL(0x00920ac80f9b0d21,0x00f80f7f73401246,0x0086d37849b557d6,0x0002bd4b317b752e,0x00b26463993a42bb,0x002070422a73b129,0x00341acaa0380cb3,0x00541914dd66a1b2)}, - {FIELD_LITERAL(0x00c1513cd66abe8c,0x000139e01118944d,0x0064abbcb8080bbb,0x00b3b08202473142,0x00c629ef25da2403,0x00f0aec3310d9b7f,0x0050b2227472d8cd,0x00f6c8a922d41fb4)}, - {FIELD_LITERAL(0x001075ccf26b7b1f,0x00bb6bb213170433,0x00e9491ad262da79,0x009ef4f48d2d384c,0x008992770766f09d,0x001584396b6b1101,0x00af3f8676c9feef,0x0024603c40269118)}, + {FIELD_LITERAL(0x00920ac80f9b0d21ULL, 0x00f80f7f73401246ULL, + 0x0086d37849b557d6ULL, 0x0002bd4b317b752eULL, + 0x00b26463993a42bbULL, 0x002070422a73b129ULL, + 0x00341acaa0380cb3ULL, 0x00541914dd66a1b2ULL)}, + {FIELD_LITERAL(0x00c1513cd66abe8cULL, 0x000139e01118944dULL, + 0x0064abbcb8080bbbULL, 0x00b3b08202473142ULL, + 0x00c629ef25da2403ULL, 0x00f0aec3310d9b7fULL, + 0x0050b2227472d8cdULL, 0x00f6c8a922d41fb4ULL)}, + {FIELD_LITERAL(0x001075ccf26b7b1fULL, 0x00bb6bb213170433ULL, + 0x00e9491ad262da79ULL, 0x009ef4f48d2d384cULL, + 0x008992770766f09dULL, 0x001584396b6b1101ULL, + 0x00af3f8676c9feefULL, 0x0024603c40269118ULL)}, }}, {{ - {FIELD_LITERAL(0x009dd7b31319527c,0x001e7ac948d873a9,0x00fa54b46ef9673a,0x0066efb8d5b02fe6,0x00754b1d3928aeae,0x0004262ac72a6f6b,0x0079b7d49a6eb026,0x003126a753540102)}, - {FIELD_LITERAL(0x009666e24f693947,0x00f714311269d45f,0x0010ffac1d0c851c,0x0066e80c37363497,0x00f1f4ad010c60b0,0x0015c87408470ff7,0x00651d5e9c7766a4,0x008138819d7116de)}, - {FIELD_LITERAL(0x003934b11c57253b,0x00ef308edf21f46e,0x00e54e99c7a16198,0x0080d57135764e63,0x00751c27b946bc24,0x00dd389ce4e9e129,0x00a1a2bfd1cd84dc,0x002fae73e5149b32)}, + {FIELD_LITERAL(0x009dd7b31319527cULL, 0x001e7ac948d873a9ULL, + 0x00fa54b46ef9673aULL, 0x0066efb8d5b02fe6ULL, + 0x00754b1d3928aeaeULL, 0x0004262ac72a6f6bULL, + 0x0079b7d49a6eb026ULL, 0x003126a753540102ULL)}, + {FIELD_LITERAL(0x009666e24f693947ULL, 0x00f714311269d45fULL, + 0x0010ffac1d0c851cULL, 0x0066e80c37363497ULL, + 0x00f1f4ad010c60b0ULL, 0x0015c87408470ff7ULL, + 0x00651d5e9c7766a4ULL, 0x008138819d7116deULL)}, + {FIELD_LITERAL(0x003934b11c57253bULL, 0x00ef308edf21f46eULL, + 0x00e54e99c7a16198ULL, 0x0080d57135764e63ULL, + 0x00751c27b946bc24ULL, 0x00dd389ce4e9e129ULL, + 0x00a1a2bfd1cd84dcULL, 0x002fae73e5149b32ULL)}, }}, {{ - {FIELD_LITERAL(0x00911657dffb4cdd,0x00c100b7cc553d06,0x00449d075ec467cc,0x007062100bc64e70,0x0043cf86f7bd21e7,0x00f401dc4b797dea,0x005224afb2f62e65,0x00d1ede3fb5a42be)}, - {FIELD_LITERAL(0x00f2ba36a41aa144,0x00a0c22d946ee18f,0x008aae8ef9a14f99,0x00eef4d79b19bb36,0x008e75ce3d27b1fc,0x00a65daa03b29a27,0x00d9cc83684eb145,0x009e1ed80cc2ed74)}, - {FIELD_LITERAL(0x00bed953d1997988,0x00b93ed175a24128,0x00871c5963fb6365,0x00ca2df20014a787,0x00f5d9c1d0b34322,0x00f6f5942818db0a,0x004cc091f49c9906,0x00e8a188a60bff9f)}, + {FIELD_LITERAL(0x00911657dffb4cddULL, 0x00c100b7cc553d06ULL, + 0x00449d075ec467ccULL, 0x007062100bc64e70ULL, + 0x0043cf86f7bd21e7ULL, 0x00f401dc4b797deaULL, + 0x005224afb2f62e65ULL, 0x00d1ede3fb5a42beULL)}, + {FIELD_LITERAL(0x00f2ba36a41aa144ULL, 0x00a0c22d946ee18fULL, + 0x008aae8ef9a14f99ULL, 0x00eef4d79b19bb36ULL, + 0x008e75ce3d27b1fcULL, 0x00a65daa03b29a27ULL, + 0x00d9cc83684eb145ULL, 0x009e1ed80cc2ed74ULL)}, + {FIELD_LITERAL(0x00bed953d1997988ULL, 0x00b93ed175a24128ULL, + 0x00871c5963fb6365ULL, 0x00ca2df20014a787ULL, + 0x00f5d9c1d0b34322ULL, 0x00f6f5942818db0aULL, + 0x004cc091f49c9906ULL, 0x00e8a188a60bff9fULL)}, }}, {{ - {FIELD_LITERAL(0x0032c7762032fae8,0x00e4087232e0bc21,0x00f767344b6e8d85,0x00bbf369b76c2aa2,0x008a1f46c6e1570c,0x001368cd9780369f,0x007359a39d079430,0x0003646512921434)}, - {FIELD_LITERAL(0x007c4b47ca7c73e7,0x005396221039734b,0x008b64ddf0e45d7e,0x00bfad5af285e6c2,0x008ec711c5b1a1a8,0x00cf663301237f98,0x00917ee3f1655126,0x004152f337efedd8)}, - {FIELD_LITERAL(0x0007c7edc9305daa,0x000a6664f273701c,0x00f6e78795e200b1,0x005d05b9ecd2473e,0x0014f5f17c865786,0x00c7fd2d166fa995,0x004939a2d8eb80e0,0x002244ba0942c199)}, + {FIELD_LITERAL(0x0032c7762032fae8ULL, 0x00e4087232e0bc21ULL, + 0x00f767344b6e8d85ULL, 0x00bbf369b76c2aa2ULL, + 0x008a1f46c6e1570cULL, 0x001368cd9780369fULL, + 0x007359a39d079430ULL, 0x0003646512921434ULL)}, + {FIELD_LITERAL(0x007c4b47ca7c73e7ULL, 0x005396221039734bULL, + 0x008b64ddf0e45d7eULL, 0x00bfad5af285e6c2ULL, + 0x008ec711c5b1a1a8ULL, 0x00cf663301237f98ULL, + 0x00917ee3f1655126ULL, 0x004152f337efedd8ULL)}, + {FIELD_LITERAL(0x0007c7edc9305daaULL, 0x000a6664f273701cULL, + 0x00f6e78795e200b1ULL, 0x005d05b9ecd2473eULL, + 0x0014f5f17c865786ULL, 0x00c7fd2d166fa995ULL, + 0x004939a2d8eb80e0ULL, 0x002244ba0942c199ULL)}, }}, {{ - {FIELD_LITERAL(0x00321e767f0262cf,0x002e57d776caf68e,0x00bf2c94814f0437,0x00c339196acd622f,0x001db4cce71e2770,0x001ded5ddba6eee2,0x0078608ab1554c8d,0x00067fe0ab76365b)}, - {FIELD_LITERAL(0x00f09758e11e3985,0x00169efdbd64fad3,0x00e8889b7d6dacd6,0x0035cdd58ea88209,0x00bcda47586d7f49,0x003cdddcb2879088,0x0016da70187e954b,0x009556ea2e92aacd)}, - {FIELD_LITERAL(0x008cab16bd1ff897,0x00b389972cdf753f,0x00ea8ed1e46dfdc0,0x004fe7ef94c589f4,0x002b8ae9b805ecf3,0x0025c08d892874a5,0x0023938e98d44c4c,0x00f759134cabf69c)}, + {FIELD_LITERAL(0x00321e767f0262cfULL, 0x002e57d776caf68eULL, + 0x00bf2c94814f0437ULL, 0x00c339196acd622fULL, + 0x001db4cce71e2770ULL, 0x001ded5ddba6eee2ULL, + 0x0078608ab1554c8dULL, 0x00067fe0ab76365bULL)}, + {FIELD_LITERAL(0x00f09758e11e3985ULL, 0x00169efdbd64fad3ULL, + 0x00e8889b7d6dacd6ULL, 0x0035cdd58ea88209ULL, + 0x00bcda47586d7f49ULL, 0x003cdddcb2879088ULL, + 0x0016da70187e954bULL, 0x009556ea2e92aacdULL)}, + {FIELD_LITERAL(0x008cab16bd1ff897ULL, 0x00b389972cdf753fULL, + 0x00ea8ed1e46dfdc0ULL, 0x004fe7ef94c589f4ULL, + 0x002b8ae9b805ecf3ULL, 0x0025c08d892874a5ULL, + 0x0023938e98d44c4cULL, 0x00f759134cabf69cULL)}, }}, {{ - {FIELD_LITERAL(0x006c2a84678e4b3b,0x007a194aacd1868f,0x00ed0225af424761,0x00da0a6f293c64b8,0x001062ac5c6a7a18,0x0030f5775a8aeef4,0x0002acaad76b7af0,0x00410b8fd63a579f)}, - {FIELD_LITERAL(0x001ec59db3d9590e,0x001e9e3f1c3f182d,0x0045a9c3ec2cab14,0x0008198572aeb673,0x00773b74068bd167,0x0012535eaa395434,0x0044dba9e3bbb74a,0x002fba4d3c74bd0e)}, - {FIELD_LITERAL(0x0042bf08fe66922c,0x003318b8fbb49e8c,0x00d75946004aa14c,0x00f601586b42bf1c,0x00c74cf1d912fe66,0x00abcb36974b30ad,0x007eb78720c9d2b8,0x009f54ab7bd4df85)}, + {FIELD_LITERAL(0x006c2a84678e4b3bULL, 0x007a194aacd1868fULL, + 0x00ed0225af424761ULL, 0x00da0a6f293c64b8ULL, + 0x001062ac5c6a7a18ULL, 0x0030f5775a8aeef4ULL, + 0x0002acaad76b7af0ULL, 0x00410b8fd63a579fULL)}, + {FIELD_LITERAL(0x001ec59db3d9590eULL, 0x001e9e3f1c3f182dULL, + 0x0045a9c3ec2cab14ULL, 0x0008198572aeb673ULL, + 0x00773b74068bd167ULL, 0x0012535eaa395434ULL, + 0x0044dba9e3bbb74aULL, 0x002fba4d3c74bd0eULL)}, + {FIELD_LITERAL(0x0042bf08fe66922cULL, 0x003318b8fbb49e8cULL, + 0x00d75946004aa14cULL, 0x00f601586b42bf1cULL, + 0x00c74cf1d912fe66ULL, 0x00abcb36974b30adULL, + 0x007eb78720c9d2b8ULL, 0x009f54ab7bd4df85ULL)}, }}, {{ - {FIELD_LITERAL(0x00db9fc948f73826,0x00fa8b3746ed8ee9,0x00132cb65aafbeb2,0x00c36ff3fe7925b8,0x00837daed353d2fe,0x00ec661be0667cf4,0x005beb8ed2e90204,0x00d77dd69e564967)}, - {FIELD_LITERAL(0x0042e6268b861751,0x0008dd0469500c16,0x00b51b57c338a3fd,0x00cc4497d85cff6b,0x002f13d6b57c34a4,0x0083652eaf301105,0x00cc344294cc93a8,0x0060f4d02810e270)}, - {FIELD_LITERAL(0x00a8954363cd518b,0x00ad171124bccb7b,0x0065f46a4adaae00,0x001b1a5b2a96e500,0x0043fe24f8233285,0x0066996d8ae1f2c3,0x00c530f3264169f9,0x00c0f92d07cf6a57)}, + {FIELD_LITERAL(0x00db9fc948f73826ULL, 0x00fa8b3746ed8ee9ULL, + 0x00132cb65aafbeb2ULL, 0x00c36ff3fe7925b8ULL, + 0x00837daed353d2feULL, 0x00ec661be0667cf4ULL, + 0x005beb8ed2e90204ULL, 0x00d77dd69e564967ULL)}, + {FIELD_LITERAL(0x0042e6268b861751ULL, 0x0008dd0469500c16ULL, + 0x00b51b57c338a3fdULL, 0x00cc4497d85cff6bULL, + 0x002f13d6b57c34a4ULL, 0x0083652eaf301105ULL, + 0x00cc344294cc93a8ULL, 0x0060f4d02810e270ULL)}, + {FIELD_LITERAL(0x00a8954363cd518bULL, 0x00ad171124bccb7bULL, + 0x0065f46a4adaae00ULL, 0x001b1a5b2a96e500ULL, + 0x0043fe24f8233285ULL, 0x0066996d8ae1f2c3ULL, + 0x00c530f3264169f9ULL, 0x00c0f92d07cf6a57ULL)}, }}, {{ - {FIELD_LITERAL(0x0036a55c6815d943,0x008c8d1def993db3,0x002e0e1e8ff7318f,0x00d883a4b92db00a,0x002f5e781ae33906,0x001a72adb235c06d,0x00f2e59e736e9caa,0x001a4b58e3031914)}, - {FIELD_LITERAL(0x00d73bfae5e00844,0x00bf459766fb5f52,0x0061b4f5a5313cde,0x004392d4c3b95514,0x000d3551b1077523,0x0000998840ee5d71,0x006de6e340448b7b,0x00251aa504875d6e)}, - {FIELD_LITERAL(0x003bf343427ac342,0x00adc0a78642b8c5,0x0003b893175a8314,0x0061a34ade5703bc,0x00ea3ea8bb71d632,0x00be0df9a1f198c2,0x0046dd8e7c1635fb,0x00f1523fdd25d5e5)}, + {FIELD_LITERAL(0x0036a55c6815d943ULL, 0x008c8d1def993db3ULL, + 0x002e0e1e8ff7318fULL, 0x00d883a4b92db00aULL, + 0x002f5e781ae33906ULL, 0x001a72adb235c06dULL, + 0x00f2e59e736e9caaULL, 0x001a4b58e3031914ULL)}, + {FIELD_LITERAL(0x00d73bfae5e00844ULL, 0x00bf459766fb5f52ULL, + 0x0061b4f5a5313cdeULL, 0x004392d4c3b95514ULL, + 0x000d3551b1077523ULL, 0x0000998840ee5d71ULL, + 0x006de6e340448b7bULL, 0x00251aa504875d6eULL)}, + {FIELD_LITERAL(0x003bf343427ac342ULL, 0x00adc0a78642b8c5ULL, + 0x0003b893175a8314ULL, 0x0061a34ade5703bcULL, + 0x00ea3ea8bb71d632ULL, 0x00be0df9a1f198c2ULL, + 0x0046dd8e7c1635fbULL, 0x00f1523fdd25d5e5ULL)}, }}, {{ - {FIELD_LITERAL(0x00633f63fc9dd406,0x00e713ff80e04a43,0x0060c6e970f2d621,0x00a57cd7f0df1891,0x00f2406a550650bb,0x00b064290efdc684,0x001eab0144d17916,0x00cd15f863c293ab)}, - {FIELD_LITERAL(0x0029cec55273f70d,0x007044ee275c6340,0x0040f637a93015e2,0x00338bb78db5aae9,0x001491b2a6132147,0x00a125d6cfe6bde3,0x005f7ac561ba8669,0x001d5eaea3fbaacf)}, - {FIELD_LITERAL(0x00054e9635e3be31,0x000e43f31e2872be,0x00d05b1c9e339841,0x006fac50bd81fd98,0x00cdc7852eaebb09,0x004ff519b061991b,0x009099e8107d4c85,0x00273e24c36a4a61)}, + {FIELD_LITERAL(0x00633f63fc9dd406ULL, 0x00e713ff80e04a43ULL, + 0x0060c6e970f2d621ULL, 0x00a57cd7f0df1891ULL, + 0x00f2406a550650bbULL, 0x00b064290efdc684ULL, + 0x001eab0144d17916ULL, 0x00cd15f863c293abULL)}, + {FIELD_LITERAL(0x0029cec55273f70dULL, 0x007044ee275c6340ULL, + 0x0040f637a93015e2ULL, 0x00338bb78db5aae9ULL, + 0x001491b2a6132147ULL, 0x00a125d6cfe6bde3ULL, + 0x005f7ac561ba8669ULL, 0x001d5eaea3fbaacfULL)}, + {FIELD_LITERAL(0x00054e9635e3be31ULL, 0x000e43f31e2872beULL, + 0x00d05b1c9e339841ULL, 0x006fac50bd81fd98ULL, + 0x00cdc7852eaebb09ULL, 0x004ff519b061991bULL, + 0x009099e8107d4c85ULL, 0x00273e24c36a4a61ULL)}, }}, {{ - {FIELD_LITERAL(0x00070b4441ef2c46,0x00efa5b02801a109,0x00bf0b8c3ee64adf,0x008a67e0b3452e98,0x001916b1f2fa7a74,0x00d781a78ff6cdc3,0x008682ce57e5c919,0x00cc1109dd210da3)}, - {FIELD_LITERAL(0x00cae8aaff388663,0x005e983a35dda1c7,0x007ab1030d8e37f4,0x00e48940f5d032fe,0x006a36f9ef30b331,0x009be6f03958c757,0x0086231ceba91400,0x008bd0f7b823e7aa)}, - {FIELD_LITERAL(0x00cf881ebef5a45a,0x004ebea78e7c6f2c,0x0090da9209cf26a0,0x00de2b2e4c775b84,0x0071d6031c3c15ae,0x00d9e927ef177d70,0x00894ee8c23896fd,0x00e3b3b401e41aad)}, + {FIELD_LITERAL(0x00070b4441ef2c46ULL, 0x00efa5b02801a109ULL, + 0x00bf0b8c3ee64adfULL, 0x008a67e0b3452e98ULL, + 0x001916b1f2fa7a74ULL, 0x00d781a78ff6cdc3ULL, + 0x008682ce57e5c919ULL, 0x00cc1109dd210da3ULL)}, + {FIELD_LITERAL(0x00cae8aaff388663ULL, 0x005e983a35dda1c7ULL, + 0x007ab1030d8e37f4ULL, 0x00e48940f5d032feULL, + 0x006a36f9ef30b331ULL, 0x009be6f03958c757ULL, + 0x0086231ceba91400ULL, 0x008bd0f7b823e7aaULL)}, + {FIELD_LITERAL(0x00cf881ebef5a45aULL, 0x004ebea78e7c6f2cULL, + 0x0090da9209cf26a0ULL, 0x00de2b2e4c775b84ULL, + 0x0071d6031c3c15aeULL, 0x00d9e927ef177d70ULL, + 0x00894ee8c23896fdULL, 0x00e3b3b401e41aadULL)}, }}, {{ - {FIELD_LITERAL(0x00204fef26864170,0x00819269c5dee0f8,0x00bfb4713ec97966,0x0026339a6f34df78,0x001f26e64c761dc2,0x00effe3af313cb60,0x00e17b70138f601b,0x00f16e1ccd9ede5e)}, - {FIELD_LITERAL(0x005d9a8353fdb2db,0x0055cc2048c698f0,0x00f6c4ac89657218,0x00525034d73faeb2,0x00435776fbda3c7d,0x0070ea5312323cbc,0x007a105d44d069fb,0x006dbc8d6dc786aa)}, - {FIELD_LITERAL(0x0017cff19cd394ec,0x00fef7b810922587,0x00e6483970dff548,0x00ddf36ad6874264,0x00e61778523fcce2,0x0093a66c0c93b24a,0x00fd367114db7f86,0x007652d7ddce26dd)}, + {FIELD_LITERAL(0x00204fef26864170ULL, 0x00819269c5dee0f8ULL, + 0x00bfb4713ec97966ULL, 0x0026339a6f34df78ULL, + 0x001f26e64c761dc2ULL, 0x00effe3af313cb60ULL, + 0x00e17b70138f601bULL, 0x00f16e1ccd9ede5eULL)}, + {FIELD_LITERAL(0x005d9a8353fdb2dbULL, 0x0055cc2048c698f0ULL, + 0x00f6c4ac89657218ULL, 0x00525034d73faeb2ULL, + 0x00435776fbda3c7dULL, 0x0070ea5312323cbcULL, + 0x007a105d44d069fbULL, 0x006dbc8d6dc786aaULL)}, + {FIELD_LITERAL(0x0017cff19cd394ecULL, 0x00fef7b810922587ULL, + 0x00e6483970dff548ULL, 0x00ddf36ad6874264ULL, + 0x00e61778523fcce2ULL, 0x0093a66c0c93b24aULL, + 0x00fd367114db7f86ULL, 0x007652d7ddce26ddULL)}, }}, {{ - {FIELD_LITERAL(0x00d92ced7ba12843,0x00aea9c7771e86e7,0x0046639693354f7b,0x00a628dbb6a80c47,0x003a0b0507372953,0x00421113ab45c0d9,0x00e545f08362ab7a,0x0028ce087b4d6d96)}, - {FIELD_LITERAL(0x00a67ee7cf9f99eb,0x005713b275f2ff68,0x00f1d536a841513d,0x00823b59b024712e,0x009c46b9d0d38cec,0x00cdb1595aa2d7d4,0x008375b3423d9af8,0x000ab0b516d978f7)}, - {FIELD_LITERAL(0x00428dcb3c510b0f,0x00585607ea24bb4e,0x003736bf1603687a,0x00c47e568c4fe3c7,0x003cd00282848605,0x0043a487c3b91939,0x004ffc04e1095a06,0x00a4c989a3d4b918)}, + {FIELD_LITERAL(0x00d92ced7ba12843ULL, 0x00aea9c7771e86e7ULL, + 0x0046639693354f7bULL, 0x00a628dbb6a80c47ULL, + 0x003a0b0507372953ULL, 0x00421113ab45c0d9ULL, + 0x00e545f08362ab7aULL, 0x0028ce087b4d6d96ULL)}, + {FIELD_LITERAL(0x00a67ee7cf9f99ebULL, 0x005713b275f2ff68ULL, + 0x00f1d536a841513dULL, 0x00823b59b024712eULL, + 0x009c46b9d0d38cecULL, 0x00cdb1595aa2d7d4ULL, + 0x008375b3423d9af8ULL, 0x000ab0b516d978f7ULL)}, + {FIELD_LITERAL(0x00428dcb3c510b0fULL, 0x00585607ea24bb4eULL, + 0x003736bf1603687aULL, 0x00c47e568c4fe3c7ULL, + 0x003cd00282848605ULL, 0x0043a487c3b91939ULL, + 0x004ffc04e1095a06ULL, 0x00a4c989a3d4b918ULL)}, }}, {{ - {FIELD_LITERAL(0x00a8778d0e429f7a,0x004c02b059105a68,0x0016653b609da3ff,0x00d5107bd1a12d27,0x00b4708f9a771cab,0x00bb63b662033f69,0x0072f322240e7215,0x0019445b59c69222)}, - {FIELD_LITERAL(0x00cf4f6069a658e6,0x0053ca52859436a6,0x0064b994d7e3e117,0x00cb469b9a07f534,0x00cfb68f399e9d47,0x00f0dcb8dac1c6e7,0x00f2ab67f538b3a5,0x0055544f178ab975)}, - {FIELD_LITERAL(0x0099b7a2685d538c,0x00e2f1897b7c0018,0x003adac8ce48dae3,0x00089276d5c50c0c,0x00172fca07ad6717,0x00cb1a72f54069e5,0x004ee42f133545b3,0x00785f8651362f16)}, + {FIELD_LITERAL(0x00a8778d0e429f7aULL, 0x004c02b059105a68ULL, + 0x0016653b609da3ffULL, 0x00d5107bd1a12d27ULL, + 0x00b4708f9a771cabULL, 0x00bb63b662033f69ULL, + 0x0072f322240e7215ULL, 0x0019445b59c69222ULL)}, + {FIELD_LITERAL(0x00cf4f6069a658e6ULL, 0x0053ca52859436a6ULL, + 0x0064b994d7e3e117ULL, 0x00cb469b9a07f534ULL, + 0x00cfb68f399e9d47ULL, 0x00f0dcb8dac1c6e7ULL, + 0x00f2ab67f538b3a5ULL, 0x0055544f178ab975ULL)}, + {FIELD_LITERAL(0x0099b7a2685d538cULL, 0x00e2f1897b7c0018ULL, + 0x003adac8ce48dae3ULL, 0x00089276d5c50c0cULL, + 0x00172fca07ad6717ULL, 0x00cb1a72f54069e5ULL, + 0x004ee42f133545b3ULL, 0x00785f8651362f16ULL)}, }}, {{ - {FIELD_LITERAL(0x0049cbac38509e11,0x0015234505d42cdf,0x00794fb0b5840f1c,0x00496437344045a5,0x0031b6d944e4f9b0,0x00b207318ac1f5d8,0x0000c840da7f5c5d,0x00526f373a5c8814)}, - {FIELD_LITERAL(0x002c7b7742d1dfd9,0x002cabeb18623c01,0x00055f5e3e044446,0x006c20f3b4ef54ba,0x00c600141ec6b35f,0x00354f437f1a32a3,0x00bac4624a3520f9,0x00c483f734a90691)}, - {FIELD_LITERAL(0x0053a737d422918d,0x00f7fca1d8758625,0x00c360336dadb04c,0x00f38e3d9158a1b8,0x0069ce3b418e84c6,0x005d1697eca16ead,0x00f8bd6a35ece13d,0x007885dfc2b5afea)}, + {FIELD_LITERAL(0x0049cbac38509e11ULL, 0x0015234505d42cdfULL, + 0x00794fb0b5840f1cULL, 0x00496437344045a5ULL, + 0x0031b6d944e4f9b0ULL, 0x00b207318ac1f5d8ULL, + 0x0000c840da7f5c5dULL, 0x00526f373a5c8814ULL)}, + {FIELD_LITERAL(0x002c7b7742d1dfd9ULL, 0x002cabeb18623c01ULL, + 0x00055f5e3e044446ULL, 0x006c20f3b4ef54baULL, + 0x00c600141ec6b35fULL, 0x00354f437f1a32a3ULL, + 0x00bac4624a3520f9ULL, 0x00c483f734a90691ULL)}, + {FIELD_LITERAL(0x0053a737d422918dULL, 0x00f7fca1d8758625ULL, + 0x00c360336dadb04cULL, 0x00f38e3d9158a1b8ULL, + 0x0069ce3b418e84c6ULL, 0x005d1697eca16eadULL, + 0x00f8bd6a35ece13dULL, 0x007885dfc2b5afeaULL)}, }}, {{ - {FIELD_LITERAL(0x00c3617ae260776c,0x00b20dc3e96922d7,0x00a1a7802246706a,0x00ca6505a5240244,0x002246b62d919782,0x001439102d7aa9b3,0x00e8af1139e6422c,0x00c888d1b52f2b05)}, - {FIELD_LITERAL(0x005b67690ffd41d9,0x005294f28df516f9,0x00a879272412fcb9,0x00098b629a6d1c8d,0x00fabd3c8050865a,0x00cd7e5b0a3879c5,0x00153238210f3423,0x00357cac101e9f42)}, - {FIELD_LITERAL(0x008917b454444fb7,0x00f59247c97e441b,0x00a6200a6815152d,0x0009a4228601d254,0x001c0360559bd374,0x007563362039cb36,0x00bd75b48d74e32b,0x0017f515ac3499e8)}, + {FIELD_LITERAL(0x00c3617ae260776cULL, 0x00b20dc3e96922d7ULL, + 0x00a1a7802246706aULL, 0x00ca6505a5240244ULL, + 0x002246b62d919782ULL, 0x001439102d7aa9b3ULL, + 0x00e8af1139e6422cULL, 0x00c888d1b52f2b05ULL)}, + {FIELD_LITERAL(0x005b67690ffd41d9ULL, 0x005294f28df516f9ULL, + 0x00a879272412fcb9ULL, 0x00098b629a6d1c8dULL, + 0x00fabd3c8050865aULL, 0x00cd7e5b0a3879c5ULL, + 0x00153238210f3423ULL, 0x00357cac101e9f42ULL)}, + {FIELD_LITERAL(0x008917b454444fb7ULL, 0x00f59247c97e441bULL, + 0x00a6200a6815152dULL, 0x0009a4228601d254ULL, + 0x001c0360559bd374ULL, 0x007563362039cb36ULL, + 0x00bd75b48d74e32bULL, 0x0017f515ac3499e8ULL)}, }}, {{ - {FIELD_LITERAL(0x001532a7ffe41c5a,0x00eb1edce358d6bf,0x00ddbacc7b678a7b,0x008a7b70f3c841a3,0x00f1923bf27d3f4c,0x000b2713ed8f7873,0x00aaf67e29047902,0x0044994a70b3976d)}, - {FIELD_LITERAL(0x00d54e802082d42c,0x00a55aa0dce7cc6c,0x006477b96073f146,0x0082efe4ceb43594,0x00a922bcba026845,0x0077f19d1ab75182,0x00c2bb2737846e59,0x0004d7eec791dd33)}, - {FIELD_LITERAL(0x0044588d1a81d680,0x00b0a9097208e4f8,0x00212605350dc57e,0x0028717cd2871123,0x00fb083c100fd979,0x0045a056ce063fdf,0x00a5d604b4dd6a41,0x001dabc08ba4e236)}, + {FIELD_LITERAL(0x001532a7ffe41c5aULL, 0x00eb1edce358d6bfULL, + 0x00ddbacc7b678a7bULL, 0x008a7b70f3c841a3ULL, + 0x00f1923bf27d3f4cULL, 0x000b2713ed8f7873ULL, + 0x00aaf67e29047902ULL, 0x0044994a70b3976dULL)}, + {FIELD_LITERAL(0x00d54e802082d42cULL, 0x00a55aa0dce7cc6cULL, + 0x006477b96073f146ULL, 0x0082efe4ceb43594ULL, + 0x00a922bcba026845ULL, 0x0077f19d1ab75182ULL, + 0x00c2bb2737846e59ULL, 0x0004d7eec791dd33ULL)}, + {FIELD_LITERAL(0x0044588d1a81d680ULL, 0x00b0a9097208e4f8ULL, + 0x00212605350dc57eULL, 0x0028717cd2871123ULL, + 0x00fb083c100fd979ULL, 0x0045a056ce063fdfULL, + 0x00a5d604b4dd6a41ULL, 0x001dabc08ba4e236ULL)}, }}, {{ - {FIELD_LITERAL(0x00c4887198d7a7fa,0x00244f98fb45784a,0x0045911e15a15d01,0x001d323d374c0966,0x00967c3915196562,0x0039373abd2f3c67,0x000d2c5614312423,0x0041cf2215442ce3)}, - {FIELD_LITERAL(0x008ede889ada7f06,0x001611e91de2e135,0x00fdb9a458a471b9,0x00563484e03710d1,0x0031cc81925e3070,0x0062c97b3af80005,0x00fa733eea28edeb,0x00e82457e1ebbc88)}, - {FIELD_LITERAL(0x006a0df5fe9b6f59,0x00a0d4ff46040d92,0x004a7cedb6f93250,0x00d1df8855b8c357,0x00e73a46086fd058,0x0048fb0add6dfe59,0x001e03a28f1b4e3d,0x00a871c993308d76)}, + {FIELD_LITERAL(0x00c4887198d7a7faULL, 0x00244f98fb45784aULL, + 0x0045911e15a15d01ULL, 0x001d323d374c0966ULL, + 0x00967c3915196562ULL, 0x0039373abd2f3c67ULL, + 0x000d2c5614312423ULL, 0x0041cf2215442ce3ULL)}, + {FIELD_LITERAL(0x008ede889ada7f06ULL, 0x001611e91de2e135ULL, + 0x00fdb9a458a471b9ULL, 0x00563484e03710d1ULL, + 0x0031cc81925e3070ULL, 0x0062c97b3af80005ULL, + 0x00fa733eea28edebULL, 0x00e82457e1ebbc88ULL)}, + {FIELD_LITERAL(0x006a0df5fe9b6f59ULL, 0x00a0d4ff46040d92ULL, + 0x004a7cedb6f93250ULL, 0x00d1df8855b8c357ULL, + 0x00e73a46086fd058ULL, 0x0048fb0add6dfe59ULL, + 0x001e03a28f1b4e3dULL, 0x00a871c993308d76ULL)}, }}, {{ - {FIELD_LITERAL(0x0030dbb2d1766ec8,0x00586c0ad138555e,0x00d1a34f9e91c77c,0x0063408ad0e89014,0x00d61231b05f6f5b,0x0009abf569f5fd8a,0x00aec67a110f1c43,0x0031d1a790938dd7)}, - {FIELD_LITERAL(0x006cded841e2a862,0x00198d60af0ab6fb,0x0018f09db809e750,0x004e6ac676016263,0x00eafcd1620969cb,0x002c9784ca34917d,0x0054f00079796de7,0x00d9fab5c5972204)}, - {FIELD_LITERAL(0x004bd0fee2438a83,0x00b571e62b0f83bd,0x0059287d7ce74800,0x00fb3631b645c3f0,0x00a018e977f78494,0x0091e27065c27b12,0x007696c1817165e0,0x008c40be7c45ba3a)}, + {FIELD_LITERAL(0x0030dbb2d1766ec8ULL, 0x00586c0ad138555eULL, + 0x00d1a34f9e91c77cULL, 0x0063408ad0e89014ULL, + 0x00d61231b05f6f5bULL, 0x0009abf569f5fd8aULL, + 0x00aec67a110f1c43ULL, 0x0031d1a790938dd7ULL)}, + {FIELD_LITERAL(0x006cded841e2a862ULL, 0x00198d60af0ab6fbULL, + 0x0018f09db809e750ULL, 0x004e6ac676016263ULL, + 0x00eafcd1620969cbULL, 0x002c9784ca34917dULL, + 0x0054f00079796de7ULL, 0x00d9fab5c5972204ULL)}, + {FIELD_LITERAL(0x004bd0fee2438a83ULL, 0x00b571e62b0f83bdULL, + 0x0059287d7ce74800ULL, 0x00fb3631b645c3f0ULL, + 0x00a018e977f78494ULL, 0x0091e27065c27b12ULL, + 0x007696c1817165e0ULL, 0x008c40be7c45ba3aULL)}, }}, {{ - {FIELD_LITERAL(0x00a0f326327cb684,0x001c7d0f672680ff,0x008c1c81ffb112d1,0x00f8f801674eddc8,0x00e926d5d48c2a9d,0x005bd6d954c6fe9a,0x004c6b24b4e33703,0x00d05eb5c09105cc)}, - {FIELD_LITERAL(0x00d61731caacf2cf,0x002df0c7609e01c5,0x00306172208b1e2b,0x00b413fe4fb2b686,0x00826d360902a221,0x003f8d056e67e7f7,0x0065025b0175e989,0x00369add117865eb)}, - {FIELD_LITERAL(0x00aaf895aec2fa11,0x000f892bc313eb52,0x005b1c794dad050b,0x003f8ec4864cec14,0x00af81058d0b90e5,0x00ebe43e183997bb,0x00a9d610f9f3e615,0x007acd8eec2e88d3)}, + {FIELD_LITERAL(0x00a0f326327cb684ULL, 0x001c7d0f672680ffULL, + 0x008c1c81ffb112d1ULL, 0x00f8f801674eddc8ULL, + 0x00e926d5d48c2a9dULL, 0x005bd6d954c6fe9aULL, + 0x004c6b24b4e33703ULL, 0x00d05eb5c09105ccULL)}, + {FIELD_LITERAL(0x00d61731caacf2cfULL, 0x002df0c7609e01c5ULL, + 0x00306172208b1e2bULL, 0x00b413fe4fb2b686ULL, + 0x00826d360902a221ULL, 0x003f8d056e67e7f7ULL, + 0x0065025b0175e989ULL, 0x00369add117865ebULL)}, + {FIELD_LITERAL(0x00aaf895aec2fa11ULL, 0x000f892bc313eb52ULL, + 0x005b1c794dad050bULL, 0x003f8ec4864cec14ULL, + 0x00af81058d0b90e5ULL, 0x00ebe43e183997bbULL, + 0x00a9d610f9f3e615ULL, 0x007acd8eec2e88d3ULL)}, }}, {{ - {FIELD_LITERAL(0x0049b2fab13812a3,0x00846db32cd60431,0x000177fa578c8d6c,0x00047d0e2ad4bc51,0x00b158ba38d1e588,0x006a45daad79e3f3,0x000997b93cab887b,0x00c47ea42fa23dc3)}, - {FIELD_LITERAL(0x0012b6fef7aeb1ca,0x009412768194b6a7,0x00ff0d351f23ab93,0x007e8a14c1aff71b,0x006c1c0170c512bc,0x0016243ea02ab2e5,0x007bb6865b303f3e,0x0015ce6b29b159f4)}, - {FIELD_LITERAL(0x009961cd02e68108,0x00e2035d3a1d0836,0x005d51f69b5e1a1d,0x004bccb4ea36edcd,0x0069be6a7aeef268,0x0063f4dd9de8d5a7,0x006283783092ca35,0x0075a31af2c35409)}, + {FIELD_LITERAL(0x0049b2fab13812a3ULL, 0x00846db32cd60431ULL, + 0x000177fa578c8d6cULL, 0x00047d0e2ad4bc51ULL, + 0x00b158ba38d1e588ULL, 0x006a45daad79e3f3ULL, + 0x000997b93cab887bULL, 0x00c47ea42fa23dc3ULL)}, + {FIELD_LITERAL(0x0012b6fef7aeb1caULL, 0x009412768194b6a7ULL, + 0x00ff0d351f23ab93ULL, 0x007e8a14c1aff71bULL, + 0x006c1c0170c512bcULL, 0x0016243ea02ab2e5ULL, + 0x007bb6865b303f3eULL, 0x0015ce6b29b159f4ULL)}, + {FIELD_LITERAL(0x009961cd02e68108ULL, 0x00e2035d3a1d0836ULL, + 0x005d51f69b5e1a1dULL, 0x004bccb4ea36edcdULL, + 0x0069be6a7aeef268ULL, 0x0063f4dd9de8d5a7ULL, + 0x006283783092ca35ULL, 0x0075a31af2c35409ULL)}, }}, {{ - {FIELD_LITERAL(0x00c412365162e8cf,0x00012283fb34388a,0x003e6543babf39e2,0x00eead6b3a804978,0x0099c0314e8b326f,0x00e98e0a8d477a4f,0x00d2eb96b127a687,0x00ed8d7df87571bb)}, - {FIELD_LITERAL(0x00777463e308cacf,0x00c8acb93950132d,0x00ebddbf4ca48b2c,0x0026ad7ca0795a0a,0x00f99a3d9a715064,0x000d60bcf9d4dfcc,0x005e65a73a437a06,0x0019d536a8db56c8)}, - {FIELD_LITERAL(0x00192d7dd558d135,0x0027cd6a8323ffa7,0x00239f1a412dc1e7,0x0046b4b3be74fc5c,0x0020c47a2bef5bce,0x00aa17e48f43862b,0x00f7e26c96342e5f,0x0008011c530f39a9)}, + {FIELD_LITERAL(0x00c412365162e8cfULL, 0x00012283fb34388aULL, + 0x003e6543babf39e2ULL, 0x00eead6b3a804978ULL, + 0x0099c0314e8b326fULL, 0x00e98e0a8d477a4fULL, + 0x00d2eb96b127a687ULL, 0x00ed8d7df87571bbULL)}, + {FIELD_LITERAL(0x00777463e308cacfULL, 0x00c8acb93950132dULL, + 0x00ebddbf4ca48b2cULL, 0x0026ad7ca0795a0aULL, + 0x00f99a3d9a715064ULL, 0x000d60bcf9d4dfccULL, + 0x005e65a73a437a06ULL, 0x0019d536a8db56c8ULL)}, + {FIELD_LITERAL(0x00192d7dd558d135ULL, 0x0027cd6a8323ffa7ULL, + 0x00239f1a412dc1e7ULL, 0x0046b4b3be74fc5cULL, + 0x0020c47a2bef5bceULL, 0x00aa17e48f43862bULL, + 0x00f7e26c96342e5fULL, 0x0008011c530f39a9ULL)}, }}, {{ - {FIELD_LITERAL(0x00aad4ac569bf0f1,0x00a67adc90b27740,0x0048551369a5751a,0x0031252584a3306a,0x0084e15df770e6fc,0x00d7bba1c74b5805,0x00a80ef223af1012,0x0089c85ceb843a34)}, - {FIELD_LITERAL(0x00c4545be4a54004,0x0099e11f60357e6c,0x001f3936d19515a6,0x007793df84341a6e,0x0051061886717ffa,0x00e9b0a660b28f85,0x0044ea685892de0d,0x000257d2a1fda9d9)}, - {FIELD_LITERAL(0x007e8b01b24ac8a8,0x006cf3b0b5ca1337,0x00f1607d3e36a570,0x0039b7fab82991a1,0x00231777065840c5,0x00998e5afdd346f9,0x00b7dc3e64acc85f,0x00baacc748013ad6)}, + {FIELD_LITERAL(0x00aad4ac569bf0f1ULL, 0x00a67adc90b27740ULL, + 0x0048551369a5751aULL, 0x0031252584a3306aULL, + 0x0084e15df770e6fcULL, 0x00d7bba1c74b5805ULL, + 0x00a80ef223af1012ULL, 0x0089c85ceb843a34ULL)}, + {FIELD_LITERAL(0x00c4545be4a54004ULL, 0x0099e11f60357e6cULL, + 0x001f3936d19515a6ULL, 0x007793df84341a6eULL, + 0x0051061886717ffaULL, 0x00e9b0a660b28f85ULL, + 0x0044ea685892de0dULL, 0x000257d2a1fda9d9ULL)}, + {FIELD_LITERAL(0x007e8b01b24ac8a8ULL, 0x006cf3b0b5ca1337ULL, + 0x00f1607d3e36a570ULL, 0x0039b7fab82991a1ULL, + 0x00231777065840c5ULL, 0x00998e5afdd346f9ULL, + 0x00b7dc3e64acc85fULL, 0x00baacc748013ad6ULL)}, }}, {{ - {FIELD_LITERAL(0x008ea6a4177580bf,0x005fa1953e3f0378,0x005fe409ac74d614,0x00452327f477e047,0x00a4018507fb6073,0x007b6e71951caac8,0x0012b42ab8a6ce91,0x0080eca677294ab7)}, - {FIELD_LITERAL(0x00a53edc023ba69b,0x00c6afa83ddde2e8,0x00c3f638b307b14e,0x004a357a64414062,0x00e4d94d8b582dc9,0x001739caf71695b7,0x0012431b2ae28de1,0x003b6bc98682907c)}, - {FIELD_LITERAL(0x008a9a93be1f99d6,0x0079fa627cc699c8,0x00b0cfb134ba84c8,0x001c4b778249419a,0x00df4ab3d9c44f40,0x009f596e6c1a9e3c,0x001979c0df237316,0x00501e953a919b87)}, + {FIELD_LITERAL(0x008ea6a4177580bfULL, 0x005fa1953e3f0378ULL, + 0x005fe409ac74d614ULL, 0x00452327f477e047ULL, + 0x00a4018507fb6073ULL, 0x007b6e71951caac8ULL, + 0x0012b42ab8a6ce91ULL, 0x0080eca677294ab7ULL)}, + {FIELD_LITERAL(0x00a53edc023ba69bULL, 0x00c6afa83ddde2e8ULL, + 0x00c3f638b307b14eULL, 0x004a357a64414062ULL, + 0x00e4d94d8b582dc9ULL, 0x001739caf71695b7ULL, + 0x0012431b2ae28de1ULL, 0x003b6bc98682907cULL)}, + {FIELD_LITERAL(0x008a9a93be1f99d6ULL, 0x0079fa627cc699c8ULL, + 0x00b0cfb134ba84c8ULL, 0x001c4b778249419aULL, + 0x00df4ab3d9c44f40ULL, 0x009f596e6c1a9e3cULL, + 0x001979c0df237316ULL, 0x00501e953a919b87ULL)}, }} }; const niels_t *curve448_wnaf_base = curve448_wnaf_base_table; diff --git a/crypto/ec/curve448/f_generic.c b/crypto/ec/curve448/f_generic.c index e459e54..7e63998 100644 --- a/crypto/ec/curve448/f_generic.c +++ b/crypto/ec/curve448/f_generic.c @@ -12,9 +12,9 @@ #include "field.h" static const gf MODULUS = { - FIELD_LITERAL(0xffffffffffffff, 0xffffffffffffff, 0xffffffffffffff, - 0xffffffffffffff, 0xfffffffffffffe, 0xffffffffffffff, - 0xffffffffffffff, 0xffffffffffffff) + FIELD_LITERAL(0xffffffffffffffULL, 0xffffffffffffffULL, 0xffffffffffffffULL, + 0xffffffffffffffULL, 0xfffffffffffffeULL, 0xffffffffffffffULL, + 0xffffffffffffffULL, 0xffffffffffffffULL) }; /* Serialize to wire format. */ diff --git a/crypto/ec/curve448/scalar.c b/crypto/ec/curve448/scalar.c index ce9a488..2923859 100644 --- a/crypto/ec/curve448/scalar.c +++ b/crypto/ec/curve448/scalar.c @@ -14,24 +14,24 @@ #include "word.h" #include "point_448.h" -static const c448_word_t MONTGOMERY_FACTOR = (c448_word_t) 0x3bd440fae918bc5; +static const c448_word_t MONTGOMERY_FACTOR = (c448_word_t) 0x3bd440fae918bc5ULL; static const curve448_scalar_t sc_p = { { { - SC_LIMB(0x2378c292ab5844f3), SC_LIMB(0x216cc2728dc58f55), - SC_LIMB(0xc44edb49aed63690), SC_LIMB(0xffffffff7cca23e9), - SC_LIMB(0xffffffffffffffff), SC_LIMB(0xffffffffffffffff), - SC_LIMB(0x3fffffffffffffff) + SC_LIMB(0x2378c292ab5844f3ULL), SC_LIMB(0x216cc2728dc58f55ULL), + SC_LIMB(0xc44edb49aed63690ULL), SC_LIMB(0xffffffff7cca23e9ULL), + SC_LIMB(0xffffffffffffffffULL), SC_LIMB(0xffffffffffffffffULL), + SC_LIMB(0x3fffffffffffffffULL) } } }, sc_r2 = { { { - SC_LIMB(0xe3539257049b9b60), SC_LIMB(0x7af32c4bc1b195d9), - SC_LIMB(0x0d66de2388ea1859), SC_LIMB(0xae17cf725ee4d838), - SC_LIMB(0x1a9cc14ba3c47c44), SC_LIMB(0x2052bcb7e4d070af), - SC_LIMB(0x3402a939f823b729) + SC_LIMB(0xe3539257049b9b60ULL), SC_LIMB(0x7af32c4bc1b195d9ULL), + SC_LIMB(0x0d66de2388ea1859ULL), SC_LIMB(0xae17cf725ee4d838ULL), + SC_LIMB(0x1a9cc14ba3c47c44ULL), SC_LIMB(0x2052bcb7e4d070afULL), + SC_LIMB(0x3402a939f823b729ULL) } } }; diff --git a/crypto/sha/keccak1600.c b/crypto/sha/keccak1600.c index 7aa0755..ff53a26 100644 --- a/crypto/sha/keccak1600.c +++ b/crypto/sha/keccak1600.c @@ -85,30 +85,30 @@ static const unsigned char rhotates[5][5] = { }; static const uint64_t iotas[] = { - BIT_INTERLEAVE ? 0x0000000000000001U : 0x0000000000000001U, - BIT_INTERLEAVE ? 0x0000008900000000U : 0x0000000000008082U, - BIT_INTERLEAVE ? 0x8000008b00000000U : 0x800000000000808aU, - BIT_INTERLEAVE ? 0x8000808000000000U : 0x8000000080008000U, - BIT_INTERLEAVE ? 0x0000008b00000001U : 0x000000000000808bU, - BIT_INTERLEAVE ? 0x0000800000000001U : 0x0000000080000001U, - BIT_INTERLEAVE ? 0x8000808800000001U : 0x8000000080008081U, - BIT_INTERLEAVE ? 0x8000008200000001U : 0x8000000000008009U, - BIT_INTERLEAVE ? 0x0000000b00000000U : 0x000000000000008aU, - BIT_INTERLEAVE ? 0x0000000a00000000U : 0x0000000000000088U, - BIT_INTERLEAVE ? 0x0000808200000001U : 0x0000000080008009U, - BIT_INTERLEAVE ? 0x0000800300000000U : 0x000000008000000aU, - BIT_INTERLEAVE ? 0x0000808b00000001U : 0x000000008000808bU, - BIT_INTERLEAVE ? 0x8000000b00000001U : 0x800000000000008bU, - BIT_INTERLEAVE ? 0x8000008a00000001U : 0x8000000000008089U, - BIT_INTERLEAVE ? 0x8000008100000001U : 0x8000000000008003U, - BIT_INTERLEAVE ? 0x8000008100000000U : 0x8000000000008002U, - BIT_INTERLEAVE ? 0x8000000800000000U : 0x8000000000000080U, - BIT_INTERLEAVE ? 0x0000008300000000U : 0x000000000000800aU, - BIT_INTERLEAVE ? 0x8000800300000000U : 0x800000008000000aU, - BIT_INTERLEAVE ? 0x8000808800000001U : 0x8000000080008081U, - BIT_INTERLEAVE ? 0x8000008800000000U : 0x8000000000008080U, - BIT_INTERLEAVE ? 0x0000800000000001U : 0x0000000080000001U, - BIT_INTERLEAVE ? 0x8000808200000000U : 0x8000000080008008U + BIT_INTERLEAVE ? 0x0000000000000001ULL : 0x0000000000000001ULL, + BIT_INTERLEAVE ? 0x0000008900000000ULL : 0x0000000000008082ULL, + BIT_INTERLEAVE ? 0x8000008b00000000ULL : 0x800000000000808aULL, + BIT_INTERLEAVE ? 0x8000808000000000ULL : 0x8000000080008000ULL, + BIT_INTERLEAVE ? 0x0000008b00000001ULL : 0x000000000000808bULL, + BIT_INTERLEAVE ? 0x0000800000000001ULL : 0x0000000080000001ULL, + BIT_INTERLEAVE ? 0x8000808800000001ULL : 0x8000000080008081ULL, + BIT_INTERLEAVE ? 0x8000008200000001ULL : 0x8000000000008009ULL, + BIT_INTERLEAVE ? 0x0000000b00000000ULL : 0x000000000000008aULL, + BIT_INTERLEAVE ? 0x0000000a00000000ULL : 0x0000000000000088ULL, + BIT_INTERLEAVE ? 0x0000808200000001ULL : 0x0000000080008009ULL, + BIT_INTERLEAVE ? 0x0000800300000000ULL : 0x000000008000000aULL, + BIT_INTERLEAVE ? 0x0000808b00000001ULL : 0x000000008000808bULL, + BIT_INTERLEAVE ? 0x8000000b00000001ULL : 0x800000000000008bULL, + BIT_INTERLEAVE ? 0x8000008a00000001ULL : 0x8000000000008089ULL, + BIT_INTERLEAVE ? 0x8000008100000001ULL : 0x8000000000008003ULL, + BIT_INTERLEAVE ? 0x8000008100000000ULL : 0x8000000000008002ULL, + BIT_INTERLEAVE ? 0x8000000800000000ULL : 0x8000000000000080ULL, + BIT_INTERLEAVE ? 0x0000008300000000ULL : 0x000000000000800aULL, + BIT_INTERLEAVE ? 0x8000800300000000ULL : 0x800000008000000aULL, + BIT_INTERLEAVE ? 0x8000808800000001ULL : 0x8000000080008081ULL, + BIT_INTERLEAVE ? 0x8000008800000000ULL : 0x8000000000008080ULL, + BIT_INTERLEAVE ? 0x0000800000000001ULL : 0x0000000080000001ULL, + BIT_INTERLEAVE ? 0x8000808200000000ULL : 0x8000000080008008ULL }; #if defined(KECCAK_REF) diff --git a/test/asn1_encode_test.c b/test/asn1_encode_test.c index 18c4645..64f8f17 100644 --- a/test/asn1_encode_test.c +++ b/test/asn1_encode_test.c @@ -396,7 +396,7 @@ static ASN1_INT64_DATA int64_expected[] = { CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad (illegal padding) */ CUSTOM_EXPECTED_SUCCESS(INT64_MIN, INT64_MIN), /* t_8bytes_4_neg */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad (illegal padding) */ - CUSTOM_EXPECTED_SUCCESS(0x1ffffffff, 0x1ffffffff), /* t_5bytes_1 */ + CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */ CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */ CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */ @@ -446,7 +446,7 @@ static ASN1_UINT64_DATA uint64_expected[] = { CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */ - CUSTOM_EXPECTED_SUCCESS(0x1ffffffff, 0x1ffffffff), /* t_5bytes_1 */ + CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */ CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */ CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */ diff --git a/test/bioprinttest.c b/test/bioprinttest.c index 97151cd..14f0bfe 100644 --- a/test/bioprinttest.c +++ b/test/bioprinttest.c @@ -146,14 +146,14 @@ typedef struct j_data_st { } j_data; static j_data jf_data[] = { - { 0xffffffffffffffffU, "%ju", "18446744073709551615" }, - { 0xffffffffffffffffU, "%jx", "ffffffffffffffff" }, - { 0x8000000000000000U, "%ju", "9223372036854775808" }, + { 0xffffffffffffffffULL, "%ju", "18446744073709551615" }, + { 0xffffffffffffffffULL, "%jx", "ffffffffffffffff" }, + { 0x8000000000000000ULL, "%ju", "9223372036854775808" }, /* * These tests imply two's-complement, but it's the only binary * representation we support, see test/sanitytest.c... */ - { 0x8000000000000000U, "%ji", "-9223372036854775808" }, + { 0x8000000000000000ULL, "%ji", "-9223372036854775808" }, }; static int test_j(int i) diff --git a/test/ct_test.c b/test/ct_test.c index e1cc148..8f1e199 100644 --- a/test/ct_test.c +++ b/test/ct_test.c @@ -63,7 +63,7 @@ static CT_TEST_FIXTURE *set_up(const char *const test_case_name) if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) goto end; fixture->test_case_name = test_case_name; - fixture->epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ + fixture->epoch_time_in_ms = 1473269626000ULL; /* Sep 7 17:33:46 2016 GMT */ if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new()) || !TEST_int_eq( CTLOG_STORE_load_default_file(fixture->ctlog_store), 1)) @@ -423,7 +423,7 @@ static int test_verify_fails_for_future_sct(void) SETUP_CT_TEST_FIXTURE(); if (fixture == NULL) return 0; - fixture->epoch_time_in_ms = 1365094800000; /* Apr 4 17:00:00 2013 GMT */ + fixture->epoch_time_in_ms = 1365094800000ULL; /* Apr 4 17:00:00 2013 GMT */ fixture->certs_dir = certs_dir; fixture->certificate_file = "embeddedSCTs1.pem"; fixture->issuer_file = "embeddedSCTs1_issuer.pem"; From levitte at openssl.org Mon Mar 11 13:47:06 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 11 Mar 2019 13:47:06 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1552312026.450321.21159.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 191570d0b94c88fa95b3c223456863448d697fce (commit) from d38ef8c89e11ed5b033a911a7d40b833992c6e09 (commit) - Log ----------------------------------------------------------------- commit 191570d0b94c88fa95b3c223456863448d697fce Author: Shane Lontis Date: Wed Mar 6 12:57:09 2019 +1000 fix truncation of integers on 32bit AIX Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8417) (cherry picked from commit 98f29466dc1ed7f80b9b8750309a41b5a1150d25) ----------------------------------------------------------------------- Summary of changes: crypto/blake2/blake2b.c | 8 +- crypto/ec/curve448/curve448.c | 4 +- crypto/ec/curve448/curve448_tables.c | 1838 ++++++++++++++++++++++++++-------- crypto/ec/curve448/f_generic.c | 6 +- crypto/ec/curve448/scalar.c | 18 +- crypto/sha/keccak1600.c | 48 +- test/asn1_encode_test.c | 4 +- test/bioprinttest.c | 8 +- test/ct_test.c | 4 +- 9 files changed, 1473 insertions(+), 465 deletions(-) diff --git a/crypto/blake2/blake2b.c b/crypto/blake2/blake2b.c index 829ba5b..8c86a57 100644 --- a/crypto/blake2/blake2b.c +++ b/crypto/blake2/blake2b.c @@ -23,10 +23,10 @@ static const uint64_t blake2b_IV[8] = { - 0x6a09e667f3bcc908U, 0xbb67ae8584caa73bU, - 0x3c6ef372fe94f82bU, 0xa54ff53a5f1d36f1U, - 0x510e527fade682d1U, 0x9b05688c2b3e6c1fU, - 0x1f83d9abfb41bd6bU, 0x5be0cd19137e2179U + 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, + 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, + 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, + 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL }; static const uint8_t blake2b_sigma[12][16] = diff --git a/crypto/ec/curve448/curve448.c b/crypto/ec/curve448/curve448.c index 7dc68c8..2403cec 100644 --- a/crypto/ec/curve448/curve448.c +++ b/crypto/ec/curve448/curve448.c @@ -27,8 +27,8 @@ static const curve448_scalar_t precomputed_scalarmul_adjustment = { { { - SC_LIMB(0xc873d6d54a7bb0cf), SC_LIMB(0xe933d8d723a70aad), - SC_LIMB(0xbb124b65129c96fd), SC_LIMB(0x00000008335dc163) + SC_LIMB(0xc873d6d54a7bb0cfULL), SC_LIMB(0xe933d8d723a70aadULL), + SC_LIMB(0xbb124b65129c96fdULL), SC_LIMB(0x00000008335dc163ULL) } } }; diff --git a/crypto/ec/curve448/curve448_tables.c b/crypto/ec/curve448/curve448_tables.c index a1185b1..8e0db94 100644 --- a/crypto/ec/curve448/curve448_tables.c +++ b/crypto/ec/curve448/curve448_tables.c @@ -16,325 +16,1045 @@ static const curve448_precomputed_s curve448_precomputed_base_table = { { {{ - {FIELD_LITERAL(0x00cc3b062366f4cc,0x003d6e34e314aa3c,0x00d51c0a7521774d,0x0094e060eec6ab8b,0x00d21291b4d80082,0x00befed12b55ef1e,0x00c3dd2df5c94518,0x00e0a7b112b8d4e6)}, - {FIELD_LITERAL(0x0019eb5608d8723a,0x00d1bab52fb3aedb,0x00270a7311ebc90c,0x0037c12b91be7f13,0x005be16cd8b5c704,0x003e181acda888e1,0x00bc1f00fc3fc6d0,0x00d3839bfa319e20)}, - {FIELD_LITERAL(0x003caeb88611909f,0x00ea8b378c4df3d4,0x00b3295b95a5a19a,0x00a65f97514bdfb5,0x00b39efba743cab1,0x0016ba98b862fd2d,0x0001508812ee71d7,0x000a75740eea114a)}, - }}, {{ - {FIELD_LITERAL(0x00ebcf0eb649f823,0x00166d332e98ea03,0x0059ddf64f5cd5f6,0x0047763123d9471b,0x00a64065c53ef62f,0x00978e44c480153d,0x000b5b2a0265f194,0x0046a24b9f32965a)}, - {FIELD_LITERAL(0x00b9eef787034df0,0x0020bc24de3390cd,0x000022160bae99bb,0x00ae66e886e97946,0x0048d4bbe02cbb8b,0x0072ba97b34e38d4,0x00eae7ec8f03e85a,0x005ba92ecf808b2c)}, - {FIELD_LITERAL(0x00c9cfbbe74258fd,0x00843a979ea9eaa7,0x000cbb4371cfbe90,0x0059bac8f7f0a628,0x004b3dff882ff530,0x0011869df4d90733,0x00595aa71f4abfc2,0x0070e2d38990c2e6)}, - }}, {{ - {FIELD_LITERAL(0x00de2010c0a01733,0x00c739a612e24297,0x00a7212643141d7c,0x00f88444f6b67c11,0x00484b7b16ec28f2,0x009c1b8856af9c68,0x00ff4669591fe9d6,0x0054974be08a32c8)}, - {FIELD_LITERAL(0x0010de3fd682ceed,0x008c07642d83ca4e,0x0013bb064e00a1cc,0x009411ae27870e11,0x00ea8e5b4d531223,0x0032fe7d2aaece2e,0x00d989e243e7bb41,0x000fe79a508e9b8b)}, - {FIELD_LITERAL(0x005e0426b9bfc5b1,0x0041a5b1d29ee4fa,0x0015b0def7774391,0x00bc164f1f51af01,0x00d543b0942797b9,0x003c129b6398099c,0x002b114c6e5adf18,0x00b4e630e4018a7b)}, - }}, {{ - {FIELD_LITERAL(0x00d490afc95f8420,0x00b096bf50c1d9b9,0x00799fd707679866,0x007c74d9334afbea,0x00efaa8be80ff4ed,0x0075c4943bb81694,0x00c21c2fca161f36,0x00e77035d492bfee)}, - {FIELD_LITERAL(0x006658a190dd6661,0x00e0e9bab38609a6,0x0028895c802237ed,0x006a0229c494f587,0x002dcde96c9916b7,0x00d158822de16218,0x00173b917a06856f,0x00ca78a79ae07326)}, - {FIELD_LITERAL(0x00e35bfc79caced4,0x0087238a3e1fe3bb,0x00bcbf0ff4ceff5b,0x00a19c1c94099b91,0x0071e102b49db976,0x0059e3d004eada1e,0x008da78afa58a47e,0x00579c8ebf269187)}, - }}, {{ - {FIELD_LITERAL(0x00a16c2905eee75f,0x009d4bcaea2c7e1d,0x00d3bd79bfad19df,0x0050da745193342c,0x006abdb8f6b29ab1,0x00a24fe0a4fef7ef,0x0063730da1057dfb,0x00a08c312c8eb108)}, - {FIELD_LITERAL(0x00b583be005375be,0x00a40c8f8a4e3df4,0x003fac4a8f5bdbf7,0x00d4481d872cd718,0x004dc8749cdbaefe,0x00cce740d5e5c975,0x000b1c1f4241fd21,0x00a76de1b4e1cd07)}, - {FIELD_LITERAL(0x007a076500d30b62,0x000a6e117b7f090f,0x00c8712ae7eebd9a,0x000fbd6c1d5f6ff7,0x003a7977246ebf11,0x00166ed969c6600e,0x00aa42e469c98bec,0x00dc58f307cf0666)}, - }}, {{ - {FIELD_LITERAL(0x004b491f65a9a28b,0x006a10309e8a55b7,0x00b67210185187ef,0x00cf6497b12d9b8f,0x0085778c56e2b1ba,0x0015b4c07a814d85,0x00686479e62da561,0x008de5d88f114916)}, - {FIELD_LITERAL(0x00e37c88d6bba7b1,0x003e4577e1b8d433,0x0050d8ea5f510ec0,0x0042fc9f2da9ef59,0x003bd074c1141420,0x00561b8b7b68774e,0x00232e5e5d1013a3,0x006b7f2cb3d7e73f)}, - {FIELD_LITERAL(0x004bdd0f0b41e6a0,0x001773057c405d24,0x006029f99915bd97,0x006a5ba70a17fe2f,0x0046111977df7e08,0x004d8124c89fb6b7,0x00580983b2bb2724,0x00207bf330d6f3fe)}, - }}, {{ - {FIELD_LITERAL(0x007efdc93972a48b,0x002f5e50e78d5fee,0x0080dc11d61c7fe5,0x0065aa598707245b,0x009abba2300641be,0x000c68787656543a,0x00ffe0fef2dc0a17,0x00007ffbd6cb4f3a)}, - {FIELD_LITERAL(0x0036012f2b836efc,0x00458c126d6b5fbc,0x00a34436d719ad1e,0x0097be6167117dea,0x0009c219c879cff3,0x0065564493e60755,0x00993ac94a8cdec0,0x002d4885a4d0dbaf)}, - {FIELD_LITERAL(0x00598b60b4c068ba,0x00c547a0be7f1afd,0x009582164acf12af,0x00af4acac4fbbe40,0x005f6ca7c539121a,0x003b6e752ebf9d66,0x00f08a30d5cac5d4,0x00e399bb5f97c5a9)}, - }}, {{ - {FIELD_LITERAL(0x007445a0409c0a66,0x00a65c369f3829c0,0x0031d248a4f74826,0x006817f34defbe8e,0x00649741d95ebf2e,0x00d46466ab16b397,0x00fdc35703bee414,0x00343b43334525f8)}, - {FIELD_LITERAL(0x001796bea93f6401,0x00090c5a42e85269,0x00672412ba1252ed,0x001201d47b6de7de,0x006877bccfe66497,0x00b554fd97a4c161,0x009753f42dbac3cf,0x00e983e3e378270a)}, - {FIELD_LITERAL(0x00ac3eff18849872,0x00f0eea3bff05690,0x00a6d72c21dd505d,0x001b832642424169,0x00a6813017b540e5,0x00a744bd71b385cd,0x0022a7d089130a7b,0x004edeec9a133486)}, - }}, {{ - {FIELD_LITERAL(0x00b2d6729196e8a9,0x0088a9bb2031cef4,0x00579e7787dc1567,0x0030f49feb059190,0x00a0b1d69c7f7d8f,0x0040bdcc6d9d806f,0x00d76c4037edd095,0x00bbf24376415dd7)}, - {FIELD_LITERAL(0x00240465ff5a7197,0x00bb97e76caf27d0,0x004b4edbf8116d39,0x001d8586f708cbaa,0x000f8ee8ff8e4a50,0x00dde5a1945dd622,0x00e6fc1c0957e07c,0x0041c9cdabfd88a0)}, - {FIELD_LITERAL(0x005344b0bf5b548c,0x002957d0b705cc99,0x00f586a70390553d,0x0075b3229f583cc3,0x00a1aa78227490e4,0x001bf09cf7957717,0x00cf6bf344325f52,0x0065bd1c23ca3ecf)}, - }}, {{ - {FIELD_LITERAL(0x009bff3b3239363c,0x00e17368796ef7c0,0x00528b0fe0971f3a,0x0008014fc8d4a095,0x00d09f2e8a521ec4,0x006713ab5dde5987,0x0003015758e0dbb1,0x00215999f1ba212d)}, - {FIELD_LITERAL(0x002c88e93527da0e,0x0077c78f3456aad5,0x0071087a0a389d1c,0x00934dac1fb96dbd,0x008470e801162697,0x005bc2196cd4ad49,0x00e535601d5087c3,0x00769888700f497f)}, - {FIELD_LITERAL(0x00da7a4b557298ad,0x0019d2589ea5df76,0x00ef3e38be0c6497,0x00a9644e1312609a,0x004592f61b2558da,0x0082c1df510d7e46,0x0042809a535c0023,0x00215bcb5afd7757)}, - }}, {{ - {FIELD_LITERAL(0x002b9df55a1a4213,0x00dcfc3b464a26be,0x00c4f9e07a8144d5,0x00c8e0617a92b602,0x008e3c93accafae0,0x00bf1bcb95b2ca60,0x004ce2426a613bf3,0x00266cac58e40921)}, - {FIELD_LITERAL(0x008456d5db76e8f0,0x0032ca9cab2ce163,0x0059f2b8bf91abcf,0x0063c2a021712788,0x00f86155af22f72d,0x00db98b2a6c005a0,0x00ac6e416a693ac4,0x007a93572af53226)}, - {FIELD_LITERAL(0x0087767520f0de22,0x0091f64012279fb5,0x001050f1f0644999,0x004f097a2477ad3c,0x006b37913a9947bd,0x001a3d78645af241,0x0057832bbb3008a7,0x002c1d902b80dc20)}, - }}, {{ - {FIELD_LITERAL(0x001a6002bf178877,0x009bce168aa5af50,0x005fc318ff04a7f5,0x0052818f55c36461,0x008768f5d4b24afb,0x0037ffbae7b69c85,0x0018195a4b61edc0,0x001e12ea088434b2)}, - {FIELD_LITERAL(0x0047d3f804e7ab07,0x00a809ab5f905260,0x00b3ffc7cdaf306d,0x00746e8ec2d6e509,0x00d0dade8887a645,0x00acceeebde0dd37,0x009bc2579054686b,0x0023804f97f1c2bf)}, - {FIELD_LITERAL(0x0043e2e2e50b80d7,0x00143aafe4427e0f,0x005594aaecab855b,0x008b12ccaaecbc01,0x002deeb091082bc3,0x009cca4be2ae7514,0x00142b96e696d047,0x00ad2a2b1c05256a)}, - }}, {{ - {FIELD_LITERAL(0x003914f2f144b78b,0x007a95dd8bee6f68,0x00c7f4384d61c8e6,0x004e51eb60f1bdb2,0x00f64be7aa4621d8,0x006797bfec2f0ac0,0x007d17aab3c75900,0x001893e73cac8bc5)}, - {FIELD_LITERAL(0x00140360b768665b,0x00b68aca4967f977,0x0001089b66195ae4,0x00fe71122185e725,0x000bca2618d49637,0x00a54f0557d7e98a,0x00cdcd2f91d6f417,0x00ab8c13741fd793)}, - {FIELD_LITERAL(0x00725ee6b1e549e0,0x007124a0769777fa,0x000b68fdad07ae42,0x0085b909cd4952df,0x0092d2e3c81606f4,0x009f22f6cac099a0,0x00f59da57f2799a8,0x00f06c090122f777)}, - }}, {{ - {FIELD_LITERAL(0x00ce0bed0a3532bc,0x001a5048a22df16b,0x00e31db4cbad8bf1,0x00e89292120cf00e,0x007d1dd1a9b00034,0x00e2a9041ff8f680,0x006a4c837ae596e7,0x00713af1068070b3)}, - {FIELD_LITERAL(0x00c4fe64ce66d04b,0x00b095d52e09b3d7,0x00758bbecb1a3a8e,0x00f35cce8d0650c0,0x002b878aa5984473,0x0062e0a3b7544ddc,0x00b25b290ed116fe,0x007b0f6abe0bebf2)}, - {FIELD_LITERAL(0x0081d4e3addae0a8,0x003410c836c7ffcc,0x00c8129ad89e4314,0x000e3d5a23922dcd,0x00d91e46f29c31f3,0x006c728cde8c5947,0x002bc655ba2566c0,0x002ca94721533108)}, - }}, {{ - {FIELD_LITERAL(0x0051e4b3f764d8a9,0x0019792d46e904a0,0x00853bc13dbc8227,0x000840208179f12d,0x0068243474879235,0x0013856fbfe374d0,0x00bda12fe8676424,0x00bbb43635926eb2)}, - {FIELD_LITERAL(0x0012cdc880a93982,0x003c495b21cd1b58,0x00b7e5c93f22a26e,0x0044aa82dfb99458,0x009ba092cdffe9c0,0x00a14b3ab2083b73,0x000271c2f70e1c4b,0x00eea9cac0f66eb8)}, - {FIELD_LITERAL(0x001a1847c4ac5480,0x00b1b412935bb03a,0x00f74285983bf2b2,0x00624138b5b5d0f1,0x008820c0b03d38bf,0x00b94e50a18c1572,0x0060f6934841798f,0x00c52f5d66d6ebe2)}, - }}, {{ - {FIELD_LITERAL(0x00da23d59f9bcea6,0x00e0f27007a06a4b,0x00128b5b43a6758c,0x000cf50190fa8b56,0x00fc877aba2b2d72,0x00623bef52edf53f,0x00e6af6b819669e2,0x00e314dc34fcaa4f)}, - {FIELD_LITERAL(0x0066e5eddd164d1e,0x00418a7c6fe28238,0x0002e2f37e962c25,0x00f01f56b5975306,0x0048842fa503875c,0x0057b0e968078143,0x00ff683024f3d134,0x0082ae28fcad12e4)}, - {FIELD_LITERAL(0x0011ddfd21260e42,0x00d05b0319a76892,0x00183ea4368e9b8f,0x00b0815662affc96,0x00b466a5e7ce7c88,0x00db93b07506e6ee,0x0033885f82f62401,0x0086f9090ec9b419)}, - }}, {{ - {FIELD_LITERAL(0x00d95d1c5fcb435a,0x0016d1ed6b5086f9,0x00792aa0b7e54d71,0x0067b65715f1925d,0x00a219755ec6176b,0x00bc3f026b12c28f,0x00700c897ffeb93e,0x0089b83f6ec50b46)}, - {FIELD_LITERAL(0x003c97e6384da36e,0x00423d53eac81a09,0x00b70d68f3cdce35,0x00ee7959b354b92c,0x00f4e9718819c8ca,0x009349f12acbffe9,0x005aee7b62cb7da6,0x00d97764154ffc86)}, - {FIELD_LITERAL(0x00526324babb46dc,0x002ee99b38d7bf9e,0x007ea51794706ef4,0x00abeb04da6e3c39,0x006b457c1d281060,0x00fe243e9a66c793,0x00378de0fb6c6ee4,0x003e4194b9c3cb93)}, - }}, {{ - {FIELD_LITERAL(0x00fed3cd80ca2292,0x0015b043a73ca613,0x000a9fd7bf9be227,0x003b5e03de2db983,0x005af72d46904ef7,0x00c0f1b5c49faa99,0x00dc86fc3bd305e1,0x00c92f08c1cb1797)}, - {FIELD_LITERAL(0x0079680ce111ed3b,0x001a1ed82806122c,0x000c2e7466d15df3,0x002c407f6f7150fd,0x00c5e7c96b1b0ce3,0x009aa44626863ff9,0x00887b8b5b80be42,0x00b6023cec964825)}, - {FIELD_LITERAL(0x00e4a8e1048970c8,0x0062887b7830a302,0x00bcf1c8cd81402b,0x0056dbb81a68f5be,0x0014eced83f12452,0x00139e1a510150df,0x00bb81140a82d1a3,0x000febcc1aaf1aa7)}, - }}, {{ - {FIELD_LITERAL(0x00a7527958238159,0x0013ec9537a84cd6,0x001d7fee7d562525,0x00b9eefa6191d5e5,0x00dbc97db70bcb8a,0x00481affc7a4d395,0x006f73d3e70c31bb,0x00183f324ed96a61)}, - {FIELD_LITERAL(0x0039dd7ce7fc6860,0x00d64f6425653da1,0x003e037c7f57d0af,0x0063477a06e2bcf2,0x001727dbb7ac67e6,0x0049589f5efafe2e,0x00fc0fef2e813d54,0x008baa5d087fb50d)}, - {FIELD_LITERAL(0x0024fb59d9b457c7,0x00a7d4e060223e4c,0x00c118d1b555fd80,0x0082e216c732f22a,0x00cd2a2993089504,0x003638e836a3e13d,0x000d855ee89b4729,0x008ec5b7d4810c91)}, - }}, {{ - {FIELD_LITERAL(0x001bf51f7d65cdfd,0x00d14cdafa16a97d,0x002c38e60fcd10e7,0x00a27446e393efbd,0x000b5d8946a71fdd,0x0063df2cde128f2f,0x006c8679569b1888,0x0059ffc4925d732d)}, - {FIELD_LITERAL(0x00ece96f95f2b66f,0x00ece7952813a27b,0x0026fc36592e489e,0x007157d1a2de0f66,0x00759dc111d86ddf,0x0012881e5780bb0f,0x00c8ccc83ad29496,0x0012b9bd1929eb71)}, - {FIELD_LITERAL(0x000fa15a20da5df0,0x00349ddb1a46cd31,0x002c512ad1d8e726,0x00047611f669318d,0x009e68fba591e17e,0x004320dffa803906,0x00a640874951a3d3,0x00b6353478baa24f)}, - }}, {{ - {FIELD_LITERAL(0x009696510000d333,0x00ec2f788bc04826,0x000e4d02b1f67ba5,0x00659aa8dace08b6,0x00d7a38a3a3ae533,0x008856defa8c746b,0x004d7a4402d3da1a,0x00ea82e06229260f)}, - {FIELD_LITERAL(0x006a15bb20f75c0c,0x0079a144027a5d0c,0x00d19116ce0b4d70,0x0059b83bcb0b268e,0x005f58f63f16c127,0x0079958318ee2c37,0x00defbb063d07f82,0x00f1f0b931d2d446)}, - {FIELD_LITERAL(0x00cb5e4c3c35d422,0x008df885ca43577f,0x00fa50b16ca3e471,0x005a0e58e17488c8,0x00b2ceccd6d34d19,0x00f01d5d235e36e9,0x00db2e7e4be6ca44,0x00260ab77f35fccd)}, - }}, {{ - {FIELD_LITERAL(0x006f6fd9baac61d5,0x002a7710a020a895,0x009de0db7fc03d4d,0x00cdedcb1875f40b,0x00050caf9b6b1e22,0x005e3a6654456ab0,0x00775fdf8c4423d4,0x0028701ea5738b5d)}, - {FIELD_LITERAL(0x009ffd90abfeae96,0x00cba3c2b624a516,0x005ef08bcee46c91,0x00e6fde30afb6185,0x00f0b4db4f818ce4,0x006c54f45d2127f5,0x00040125035854c7,0x00372658a3287e13)}, - {FIELD_LITERAL(0x00d7070fb1beb2ab,0x0078fc845a93896b,0x006894a4b2f224a6,0x005bdd8192b9dbde,0x00b38839874b3a9e,0x00f93618b04b7a57,0x003e3ec75fd2c67e,0x00bf5e6bfc29494a)}, - }}, {{ - {FIELD_LITERAL(0x00f19224ebba2aa5,0x0074f89d358e694d,0x00eea486597135ad,0x0081579a4555c7e1,0x0010b9b872930a9d,0x00f002e87a30ecc0,0x009b9d66b6de56e2,0x00a3c4f45e8004eb)}, - {FIELD_LITERAL(0x0045e8dda9400888,0x002ff12e5fc05db7,0x00a7098d54afe69c,0x00cdbe846a500585,0x00879c1593ca1882,0x003f7a7fea76c8b0,0x002cd73dd0c8e0a1,0x00645d6ce96f51fe)}, - {FIELD_LITERAL(0x002b7e83e123d6d6,0x00398346f7419c80,0x0042922e55940163,0x005e7fc5601886a3,0x00e88f2cee1d3103,0x00e7fab135f2e377,0x00b059984dbf0ded,0x0009ce080faa5bb8)}, - }}, {{ - {FIELD_LITERAL(0x0085e78af7758979,0x00275a4ee1631a3a,0x00d26bc0ed78b683,0x004f8355ea21064f,0x00d618e1a32696e5,0x008d8d7b150e5680,0x00a74cd854b278d2,0x001dd62702203ea0)}, - {FIELD_LITERAL(0x00f89335c2a59286,0x00a0f5c905d55141,0x00b41fb836ee9382,0x00e235d51730ca43,0x00a5cb37b5c0a69a,0x009b966ffe136c45,0x00cb2ea10bf80ed1,0x00fb2b370b40dc35)}, - {FIELD_LITERAL(0x00d687d16d4ee8ba,0x0071520bdd069dff,0x00de85c60d32355d,0x0087d2e3565102f4,0x00cde391b8dfc9aa,0x00e18d69efdfefe5,0x004a9d0591954e91,0x00fa36dd8b50eee5)}, - }}, {{ - {FIELD_LITERAL(0x002e788749a865f7,0x006e4dc3116861ea,0x009f1428c37276e6,0x00e7d2e0fc1e1226,0x003aeebc6b6c45f6,0x0071a8073bf500c9,0x004b22ad986b530c,0x00f439e63c0d79d4)}, - {FIELD_LITERAL(0x006bc3d53011f470,0x00032d6e692b83e8,0x00059722f497cd0b,0x0009b4e6f0c497cc,0x0058a804b7cce6c0,0x002b71d3302bbd5d,0x00e2f82a36765fce,0x008dded99524c703)}, - {FIELD_LITERAL(0x004d058953747d64,0x00701940fe79aa6f,0x00a620ac71c760bf,0x009532b611158b75,0x00547ed7f466f300,0x003cb5ab53a8401a,0x00c7763168ce3120,0x007e48e33e4b9ab2)}, - }}, {{ - {FIELD_LITERAL(0x001b2fc57bf3c738,0x006a3f918993fb80,0x0026f7a14fdec288,0x0075a2cdccef08db,0x00d3ecbc9eecdbf1,0x0048c40f06e5bf7f,0x00d63e423009896b,0x000598bc99c056a8)}, - {FIELD_LITERAL(0x002f194eaafa46dc,0x008e38f57fe87613,0x00dc8e5ae25f4ab2,0x000a17809575e6bd,0x00d3ec7923ba366a,0x003a7e72e0ad75e3,0x0010024b88436e0a,0x00ed3c5444b64051)}, - {FIELD_LITERAL(0x00831fc1340af342,0x00c9645669466d35,0x007692b4cc5a080f,0x009fd4a47ac9259f,0x001eeddf7d45928b,0x003c0446fc45f28b,0x002c0713aa3e2507,0x0095706935f0f41e)}, - }}, {{ - {FIELD_LITERAL(0x00766ae4190ec6d8,0x0065768cabc71380,0x00b902598416cdc2,0x00380021ad38df52,0x008f0b89d6551134,0x004254d4cc62c5a5,0x000d79f4484b9b94,0x00b516732ae3c50e)}, - {FIELD_LITERAL(0x001fb73475c45509,0x00d2b2e5ea43345a,0x00cb3c3842077bd1,0x0029f90ad820946e,0x007c11b2380778aa,0x009e54ece62c1704,0x004bc60c41ca01c3,0x004525679a5a0b03)}, - {FIELD_LITERAL(0x00c64fbddbed87b3,0x0040601d11731faa,0x009c22475b6f9d67,0x0024b79dae875f15,0x00616fed3f02c3b0,0x0000cf39f6af2d3b,0x00c46bac0aa9a688,0x00ab23e2800da204)}, - }}, {{ - {FIELD_LITERAL(0x000b3a37617632b0,0x00597199fe1cfb6c,0x0042a7ccdfeafdd6,0x004cc9f15ebcea17,0x00f436e596a6b4a4,0x00168861142df0d8,0x000753edfec26af5,0x000c495d7e388116)}, - {FIELD_LITERAL(0x0017085f4a346148,0x00c7cf7a37f62272,0x001776e129bc5c30,0x009955134c9eef2a,0x001ba5bdf1df07be,0x00ec39497103a55c,0x006578354fda6cfb,0x005f02719d4f15ee)}, - {FIELD_LITERAL(0x0052b9d9b5d9655d,0x00d4ec7ba1b461c3,0x00f95df4974f280b,0x003d8e5ca11aeb51,0x00d4981eb5a70b26,0x000af9a4f6659f29,0x004598c846faeb43,0x0049d9a183a47670)}, - }}, {{ - {FIELD_LITERAL(0x000a72d23dcb3f1f,0x00a3737f84011727,0x00f870c0fbbf4a47,0x00a7aadd04b5c9ca,0x000c7715c67bd072,0x00015a136afcd74e,0x0080d5caea499634,0x0026b448ec7514b7)}, - {FIELD_LITERAL(0x00b60167d9e7d065,0x00e60ba0d07381e8,0x003a4f17b725c2d4,0x006c19fe176b64fa,0x003b57b31af86ccb,0x0021047c286180fd,0x00bdc8fb00c6dbb6,0x00fe4a9f4bab4f3f)}, - {FIELD_LITERAL(0x0088ffc3a16111f7,0x009155e4245d0bc8,0x00851d68220572d5,0x00557ace1e514d29,0x0031d7c339d91022,0x00101d0ae2eaceea,0x00246ab3f837b66a,0x00d5216d381ff530)}, - }}, {{ - {FIELD_LITERAL(0x0057e7ea35f36dae,0x00f47d7ad15de22e,0x00d757ea4b105115,0x008311457d579d7e,0x00b49b75b1edd4eb,0x0081c7ff742fd63a,0x00ddda3187433df6,0x00475727d55f9c66)}, - {FIELD_LITERAL(0x00a6295218dc136a,0x00563b3af0e9c012,0x00d3753b0145db1b,0x004550389c043dc1,0x00ea94ae27401bdf,0x002b0b949f2b7956,0x00c63f780ad8e23c,0x00e591c47d6bab15)}, - {FIELD_LITERAL(0x00416c582b058eb6,0x004107da5b2cc695,0x00b3cd2556aeec64,0x00c0b418267e57a1,0x001799293579bd2e,0x0046ed44590e4d07,0x001d7459b3630a1e,0x00c6afba8b6696aa)}, - }}, {{ - {FIELD_LITERAL(0x008d6009b26da3f8,0x00898e88ca06b1ca,0x00edb22b2ed7fe62,0x00fbc93516aabe80,0x008b4b470c42ce0d,0x00e0032ba7d0dcbb,0x00d76da3a956ecc8,0x007f20fe74e3852a)}, - {FIELD_LITERAL(0x002419222c607674,0x00a7f23af89188b3,0x00ad127284e73d1c,0x008bba582fae1c51,0x00fc6aa7ca9ecab1,0x003df5319eb6c2ba,0x002a05af8a8b199a,0x004bf8354558407c)}, - {FIELD_LITERAL(0x00ce7d4a30f0fcbf,0x00d02c272629f03d,0x0048c001f7400bc2,0x002c21368011958d,0x0098a550391e96b5,0x002d80b66390f379,0x001fa878760cc785,0x001adfce54b613d5)}, - }}, {{ - {FIELD_LITERAL(0x001ed4dc71fa2523,0x005d0bff19bf9b5c,0x00c3801cee065a64,0x001ed0b504323fbf,0x0003ab9fdcbbc593,0x00df82070178b8d2,0x00a2bcaa9c251f85,0x00c628a3674bd02e)}, - {FIELD_LITERAL(0x006b7a0674f9f8de,0x00a742414e5c7cff,0x0041cbf3c6e13221,0x00e3a64fd207af24,0x0087c05f15fbe8d1,0x004c50936d9e8a33,0x001306ec21042b6d,0x00a4f4137d1141c2)}, - {FIELD_LITERAL(0x0009e6fb921568b0,0x00b3c60120219118,0x002a6c3460dd503a,0x009db1ef11654b54,0x0063e4bf0be79601,0x00670d34bb2592b9,0x00dcee2f6c4130ce,0x00b2682e88e77f54)}, - }}, {{ - {FIELD_LITERAL(0x000d5b4b3da135ab,0x00838f3e5064d81d,0x00d44eb50f6d94ed,0x0008931ab502ac6d,0x00debe01ca3d3586,0x0025c206775f0641,0x005ad4b6ae912763,0x007e2c318ad8f247)}, - {FIELD_LITERAL(0x00ddbe0750dd1add,0x004b3c7b885844b8,0x00363e7ecf12f1ae,0x0062e953e6438f9d,0x0023cc73b076afe9,0x00b09fa083b4da32,0x00c7c3d2456c541d,0x005b591ec6b694d4)}, - {FIELD_LITERAL(0x0028656e19d62fcf,0x0052a4af03df148d,0x00122765ddd14e42,0x00f2252904f67157,0x004741965b636f3a,0x006441d296132cb9,0x005e2106f956a5b7,0x00247029592d335c)}, - }}, {{ - {FIELD_LITERAL(0x003fe038eb92f894,0x000e6da1b72e8e32,0x003a1411bfcbe0fa,0x00b55d473164a9e4,0x00b9a775ac2df48d,0x0002ddf350659e21,0x00a279a69eb19cb3,0x00f844eab25cba44)}, - {FIELD_LITERAL(0x00c41d1f9c1f1ac1,0x007b2df4e9f19146,0x00b469355fd5ba7a,0x00b5e1965afc852a,0x00388d5f1e2d8217,0x0022079e4c09ae93,0x0014268acd4ef518,0x00c1dd8d9640464c)}, - {FIELD_LITERAL(0x0038526adeed0c55,0x00dd68c607e3fe85,0x00f746ddd48a5d57,0x0042f2952b963b7c,0x001cbbd6876d5ec2,0x005e341470bca5c2,0x00871d41e085f413,0x00e53ab098f45732)}, - }}, {{ - {FIELD_LITERAL(0x004d51124797c831,0x008f5ae3750347ad,0x0070ced94c1a0c8e,0x00f6db2043898e64,0x000d00c9a5750cd0,0x000741ec59bad712,0x003c9d11aab37b7f,0x00a67ba169807714)}, - {FIELD_LITERAL(0x00adb2c1566e8b8f,0x0096c68a35771a9a,0x00869933356f334a,0x00ba9c93459f5962,0x009ec73fb6e8ca4b,0x003c3802c27202e1,0x0031f5b733e0c008,0x00f9058c19611fa9)}, - {FIELD_LITERAL(0x00238f01814a3421,0x00c325a44b6cce28,0x002136f97aeb0e73,0x000cac8268a4afe2,0x0022fd218da471b3,0x009dcd8dfff8def9,0x00cb9f8181d999bb,0x00143ae56edea349)}, - }}, {{ - {FIELD_LITERAL(0x0000623bf87622c5,0x00a1966fdd069496,0x00c315b7b812f9fc,0x00bdf5efcd128b97,0x001d464f532e3e16,0x003cd94f081bfd7e,0x00ed9dae12ce4009,0x002756f5736eee70)}, - {FIELD_LITERAL(0x00a5187e6ee7341b,0x00e6d52e82d83b6e,0x00df3c41323094a7,0x00b3324f444e9de9,0x00689eb21a35bfe5,0x00f16363becd548d,0x00e187cc98e7f60f,0x00127d9062f0ccab)}, - {FIELD_LITERAL(0x004ad71b31c29e40,0x00a5fcace12fae29,0x004425b5597280ed,0x00e7ef5d716c3346,0x0010b53ada410ac8,0x0092310226060c9b,0x0091c26128729c7e,0x0088b42900f8ec3b)}, - }}, {{ - {FIELD_LITERAL(0x00f1e26e9762d4a8,0x00d9d74082183414,0x00ffec9bd57a0282,0x000919e128fd497a,0x00ab7ae7d00fe5f8,0x0054dc442851ff68,0x00c9ebeb3b861687,0x00507f7cab8b698f)}, - {FIELD_LITERAL(0x00c13c5aae3ae341,0x009c6c9ed98373e7,0x00098f26864577a8,0x0015b886e9488b45,0x0037692c42aadba5,0x00b83170b8e7791c,0x001670952ece1b44,0x00fd932a39276da2)}, - {FIELD_LITERAL(0x0081a3259bef3398,0x005480fff416107b,0x00ce4f607d21be98,0x003ffc084b41df9b,0x0043d0bb100502d1,0x00ec35f575ba3261,0x00ca18f677300ef3,0x00e8bb0a827d8548)}, - }}, {{ - {FIELD_LITERAL(0x00df76b3328ada72,0x002e20621604a7c2,0x00f910638a105b09,0x00ef4724d96ef2cd,0x00377d83d6b8a2f7,0x00b4f48805ade324,0x001cd5da8b152018,0x0045af671a20ca7f)}, - {FIELD_LITERAL(0x009ae3b93a56c404,0x004a410b7a456699,0x00023a619355e6b2,0x009cdc7297387257,0x0055b94d4ae70d04,0x002cbd607f65b005,0x003208b489697166,0x00ea2aa058867370)}, - {FIELD_LITERAL(0x00f29d2598ee3f32,0x00b4ac5385d82adc,0x007633eaf04df19b,0x00aa2d3d77ceab01,0x004a2302fcbb778a,0x00927f225d5afa34,0x004a8e9d5047f237,0x008224ae9dbce530)}, - }}, {{ - {FIELD_LITERAL(0x001cf640859b02f8,0x00758d1d5d5ce427,0x00763c784ef4604c,0x005fa81aee205270,0x00ac537bfdfc44cb,0x004b919bd342d670,0x00238508d9bf4b7a,0x00154888795644f3)}, - {FIELD_LITERAL(0x00c845923c084294,0x00072419a201bc25,0x0045f408b5f8e669,0x00e9d6a186b74dfe,0x00e19108c68fa075,0x0017b91d874177b7,0x002f0ca2c7912c5a,0x009400aa385a90a2)}, - {FIELD_LITERAL(0x0071110b01482184,0x00cfed0044f2bef8,0x0034f2901cf4662e,0x003b4ae2a67f9834,0x00cca9b96fe94810,0x00522507ae77abd0,0x00bac7422721e73e,0x0066622b0f3a62b0)}, - }}, {{ - {FIELD_LITERAL(0x00f8ac5cf4705b6a,0x00867d82dcb457e3,0x007e13ab2ccc2ce9,0x009ee9a018d3930e,0x008370f8ecb42df8,0x002d9f019add263e,0x003302385b92d196,0x00a15654536e2c0c)}, - {FIELD_LITERAL(0x0026ef1614e160af,0x00c023f9edfc9c76,0x00cff090da5f57ba,0x0076db7a66643ae9,0x0019462f8c646999,0x008fec00b3854b22,0x00d55041692a0a1c,0x0065db894215ca00)}, - {FIELD_LITERAL(0x00a925036e0a451c,0x002a0390c36b6cc1,0x00f27020d90894f4,0x008d90d52cbd3d7f,0x00e1d0137392f3b8,0x00f017c158b51a8f,0x00cac313d3ed7dbc,0x00b99a81e3eb42d3)}, - }}, {{ - {FIELD_LITERAL(0x00b54850275fe626,0x0053a3fd1ec71140,0x00e3d2d7dbe096fa,0x00e4ac7b595cce4c,0x0077bad449c0a494,0x00b7c98814afd5b3,0x0057226f58486cf9,0x00b1557154f0cc57)}, - {FIELD_LITERAL(0x008cc9cd236315c0,0x0031d9c5b39fda54,0x00a5713ef37e1171,0x00293d5ae2886325,0x00c4aba3e05015e1,0x0003f35ef78e4fc6,0x0039d6bd3ac1527b,0x0019d7c3afb77106)}, - {FIELD_LITERAL(0x007b162931a985af,0x00ad40a2e0daa713,0x006df27c4009f118,0x00503e9f4e2e8bec,0x00751a77c82c182d,0x000298937769245b,0x00ffb1e8fabf9ee5,0x0008334706e09abe)}, - }}, {{ - {FIELD_LITERAL(0x00dbca4e98a7dcd9,0x00ee29cfc78bde99,0x00e4a3b6995f52e9,0x0045d70189ae8096,0x00fd2a8a3b9b0d1b,0x00af1793b107d8e1,0x00dbf92cbe4afa20,0x00da60f798e3681d)}, - {FIELD_LITERAL(0x004246bfcecc627a,0x004ba431246c03a4,0x00bd1d101872d497,0x003b73d3f185ee16,0x001feb2e2678c0e3,0x00ff13c5a89dec76,0x00ed06042e771d8f,0x00a4fd2a897a83dd)}, - {FIELD_LITERAL(0x009a4a3be50d6597,0x00de3165fc5a1096,0x004f3f56e345b0c7,0x00f7bf721d5ab8bc,0x004313e47b098c50,0x00e4c7d5c0e1adbb,0x002e3e3db365051e,0x00a480c2cd6a96fb)}, - }}, {{ - {FIELD_LITERAL(0x00417fa30a7119ed,0x00af257758419751,0x00d358a487b463d4,0x0089703cc720b00d,0x00ce56314ff7f271,0x0064db171ade62c1,0x00640b36d4a22fed,0x00424eb88696d23f)}, - {FIELD_LITERAL(0x004ede34af2813f3,0x00d4a8e11c9e8216,0x004796d5041de8a5,0x00c4c6b4d21cc987,0x00e8a433ee07fa1e,0x0055720b5abcc5a1,0x008873ea9c74b080,0x005b3fec1ab65d48)}, - {FIELD_LITERAL(0x0047e5277db70ec5,0x000a096c66db7d6b,0x00b4164cc1730159,0x004a9f783fe720fe,0x00a8177b94449dbc,0x0095a24ff49a599f,0x0069c1c578250cbc,0x00452019213debf4)}, - }}, {{ - {FIELD_LITERAL(0x0021ce99e09ebda3,0x00fcbd9f91875ad0,0x009bbf6b7b7a0b5f,0x00388886a69b1940,0x00926a56d0f81f12,0x00e12903c3358d46,0x005dfce4e8e1ce9d,0x0044cfa94e2f7e23)}, - {FIELD_LITERAL(0x001bd59c09e982ea,0x00f72daeb937b289,0x0018b76dca908e0e,0x00edb498512384ad,0x00ce0243b6cc9538,0x00f96ff690cb4e70,0x007c77bf9f673c8d,0x005bf704c088a528)}, - {FIELD_LITERAL(0x0093d4628dcb33be,0x0095263d51d42582,0x0049b3222458fe06,0x00e7fce73b653a7f,0x003ca2ebce60b369,0x00c5de239a32bea4,0x0063b8b3d71fb6bf,0x0039aeeb78a1a839)}, - }}, {{ - {FIELD_LITERAL(0x007dc52da400336c,0x001fded1e15b9457,0x00902e00f5568e3a,0x00219bef40456d2d,0x005684161fb3dbc9,0x004a4e9be49a76ea,0x006e685ae88b78ff,0x0021c42f13042d3c)}, - {FIELD_LITERAL(0x00fb22bb5fd3ce50,0x0017b48aada7ae54,0x00fd5c44ad19a536,0x000ccc4e4e55e45c,0x00fd637d45b4c3f5,0x0038914e023c37cf,0x00ac1881d6a8d898,0x00611ed8d3d943a8)}, - {FIELD_LITERAL(0x0056e2259d113d2b,0x00594819b284ec16,0x00c7bf794bb36696,0x00721ee75097cdc6,0x00f71be9047a2892,0x00df6ba142564edf,0x0069580b7a184e8d,0x00f056e38fca0fee)}, - }}, {{ - {FIELD_LITERAL(0x009df98566a18c6d,0x00cf3a200968f219,0x0044ba60da6d9086,0x00dbc9c0e344da03,0x000f9401c4466855,0x00d46a57c5b0a8d1,0x00875a635d7ac7c6,0x00ef4a933b7e0ae6)}, - {FIELD_LITERAL(0x005e8694077a1535,0x008bef75f71c8f1d,0x000a7c1316423511,0x00906e1d70604320,0x003fc46c1a2ffbd6,0x00d1d5022e68f360,0x002515fba37bbf46,0x00ca16234e023b44)}, - {FIELD_LITERAL(0x00787c99561f4690,0x00a857a8c1561f27,0x00a10df9223c09fe,0x00b98a9562e3b154,0x004330b8744c3ed2,0x00e06812807ec5c4,0x00e4cf6a7db9f1e3,0x00d95b089f132a34)}, - }}, {{ - {FIELD_LITERAL(0x002922b39ca33eec,0x0090d12a5f3ab194,0x00ab60c02fb5f8ed,0x00188d292abba1cf,0x00e10edec9698f6e,0x0069a4d9934133c8,0x0024aac40e6d3d06,0x001702c2177661b0)}, - {FIELD_LITERAL(0x00139078397030bd,0x000e3c447e859a00,0x0064a5b334c82393,0x00b8aabeb7358093,0x00020778bb9ae73b,0x0032ee94c7892a18,0x008215253cb41bda,0x005e2797593517ae)}, - {FIELD_LITERAL(0x0083765a5f855d4a,0x0051b6d1351b8ee2,0x00116de548b0f7bb,0x0087bd88703affa0,0x0095b2cc34d7fdd2,0x0084cd81b53f0bc8,0x008562fc995350ed,0x00a39abb193651e3)}, - }}, {{ - {FIELD_LITERAL(0x0019e23f0474b114,0x00eb94c2ad3b437e,0x006ddb34683b75ac,0x00391f9209b564c6,0x00083b3bb3bff7aa,0x00eedcd0f6dceefc,0x00b50817f794fe01,0x0036474deaaa75c9)}, - {FIELD_LITERAL(0x0091868594265aa2,0x00797accae98ca6d,0x0008d8c5f0f8a184,0x00d1f4f1c2b2fe6e,0x0036783dfb48a006,0x008c165120503527,0x0025fd780058ce9b,0x0068beb007be7d27)}, - {FIELD_LITERAL(0x00d0ff88aa7c90c2,0x00b2c60dacf53394,0x0094a7284d9666d6,0x00bed9022ce7a19d,0x00c51553f0cd7682,0x00c3fb870b124992,0x008d0bc539956c9b,0x00fc8cf258bb8885)}, - }}, {{ - {FIELD_LITERAL(0x003667bf998406f8,0x0000115c43a12975,0x001e662f3b20e8fd,0x0019ffa534cb24eb,0x00016be0dc8efb45,0x00ff76a8b26243f5,0x00ae20d241a541e3,0x0069bd6af13cd430)}, - {FIELD_LITERAL(0x0045fdc16487cda3,0x00b2d8e844cf2ed7,0x00612c50e88c1607,0x00a08aabc66c1672,0x006031fdcbb24d97,0x001b639525744b93,0x004409d62639ab17,0x00a1853d0347ab1d)}, - {FIELD_LITERAL(0x0075a1a56ebf5c21,0x00a3e72be9ac53ed,0x00efcde1629170c2,0x0004225fe91ef535,0x0088049fc73dfda7,0x004abc74857e1288,0x0024e2434657317c,0x00d98cb3d3e5543c)}, - }}, {{ - {FIELD_LITERAL(0x00b4b53eab6bdb19,0x009b22d8b43711d0,0x00d948b9d961785d,0x00cb167b6f279ead,0x00191de3a678e1c9,0x00d9dd9511095c2e,0x00f284324cd43067,0x00ed74fa535151dd)}, - {FIELD_LITERAL(0x007e32c049b5c477,0x009d2bfdbd9bcfd8,0x00636e93045938c6,0x007fde4af7687298,0x0046a5184fafa5d3,0x0079b1e7f13a359b,0x00875adf1fb927d6,0x00333e21c61bcad2)}, - {FIELD_LITERAL(0x00048014f73d8b8d,0x0075684aa0966388,0x0092be7df06dc47c,0x0097cebcd0f5568a,0x005a7004d9c4c6a9,0x00b0ecbb659924c7,0x00d90332dd492a7c,0x0057fc14df11493d)}, - }}, {{ - {FIELD_LITERAL(0x0008ed8ea0ad95be,0x0041d324b9709645,0x00e25412257a19b4,0x0058df9f3423d8d2,0x00a9ab20def71304,0x009ae0dbf8ac4a81,0x00c9565977e4392a,0x003c9269444baf55)}, - {FIELD_LITERAL(0x007df6cbb926830b,0x00d336058ae37865,0x007af47dac696423,0x0048d3011ec64ac8,0x006b87666e40049f,0x0036a2e0e51303d7,0x00ba319bd79dbc55,0x003e2737ecc94f53)}, - {FIELD_LITERAL(0x00d296ff726272d9,0x00f6d097928fcf57,0x00e0e616a55d7013,0x00deaf454ed9eac7,0x0073a56bedef4d92,0x006ccfdf6fc92e19,0x009d1ee1371a7218,0x00ee3c2ee4462d80)}, - }}, {{ - {FIELD_LITERAL(0x00437bce9bccdf9d,0x00e0c8e2f85dc0a3,0x00c91a7073995a19,0x00856ec9fe294559,0x009e4b33394b156e,0x00e245b0dc497e5c,0x006a54e687eeaeff,0x00f1cd1cd00fdb7c)}, - {FIELD_LITERAL(0x008132ae5c5d8cd1,0x00121d68324a1d9f,0x00d6be9dafcb8c76,0x00684d9070edf745,0x00519fbc96d7448e,0x00388182fdc1f27e,0x000235baed41f158,0x00bf6cf6f1a1796a)}, - {FIELD_LITERAL(0x002adc4b4d148219,0x003084ada0d3a90a,0x0046de8aab0f2e4e,0x00452d342a67b5fd,0x00d4b50f01d4de21,0x00db6d9fc0cefb79,0x008c184c86a462cd,0x00e17c83764d42da)}, - }}, {{ - {FIELD_LITERAL(0x007b2743b9a1e01a,0x007847ffd42688c4,0x006c7844d610a316,0x00f0cb8b250aa4b0,0x00a19060143b3ae6,0x0014eb10b77cfd80,0x000170905729dd06,0x00063b5b9cd72477)}, - {FIELD_LITERAL(0x00ce382dc7993d92,0x00021153e938b4c8,0x00096f7567f48f51,0x0058f81ddfe4b0d5,0x00cc379a56b355c7,0x002c760770d3e819,0x00ee22d1d26e5a40,0x00de6d93d5b082d7)}, - {FIELD_LITERAL(0x000a91a42c52e056,0x00185f6b77fce7ea,0x000803c51962f6b5,0x0022528582ba563d,0x0043f8040e9856d6,0x0085a29ec81fb860,0x005f9a611549f5ff,0x00c1f974ecbd4b06)}, - }}, {{ - {FIELD_LITERAL(0x005b64c6fd65ec97,0x00c1fdd7f877bc7f,0x000d9cc6c89f841c,0x005c97b7f1aff9ad,0x0075e3c61475d47e,0x001ecb1ba8153011,0x00fe7f1c8d71d40d,0x003fa9757a229832)}, - {FIELD_LITERAL(0x00ffc5c89d2b0cba,0x00d363d42e3e6fc3,0x0019a1a0118e2e8a,0x00f7baeff48882e1,0x001bd5af28c6b514,0x0055476ca2253cb2,0x00d8eb1977e2ddf3,0x00b173b1adb228a1)}, - {FIELD_LITERAL(0x00f2cb99dd0ad707,0x00e1e08b6859ddd8,0x000008f2d0650bcc,0x00d7ed392f8615c3,0x00976750a94da27f,0x003e83bb0ecb69ba,0x00df8e8d15c14ac6,0x00f9f7174295d9c2)}, - }}, {{ - {FIELD_LITERAL(0x00f11cc8e0e70bcb,0x00e5dc689974e7dd,0x0014e409f9ee5870,0x00826e6689acbd63,0x008a6f4e3d895d88,0x00b26a8da41fd4ad,0x000fb7723f83efd7,0x009c749db0a5f6c3)}, - {FIELD_LITERAL(0x002389319450f9ba,0x003677f31aa1250a,0x0092c3db642f38cb,0x00f8b64c0dfc9773,0x00cd49fe3505b795,0x0068105a4090a510,0x00df0ba2072a8bb6,0x00eb396143afd8be)}, - {FIELD_LITERAL(0x00a0d4ecfb24cdff,0x00ddaf8008ba6479,0x00f0b3e36d4b0f44,0x003734bd3af1f146,0x00b87e2efc75527e,0x00d230df55ddab50,0x002613257ae56c1d,0x00bc0946d135934d)}, - }}, {{ - {FIELD_LITERAL(0x00468711bd994651,0x0033108fa67561bf,0x0089d760192a54b4,0x00adc433de9f1871,0x000467d05f36e050,0x007847e0f0579f7f,0x00a2314ad320052d,0x00b3a93649f0b243)}, - {FIELD_LITERAL(0x0067f8f0c4fe26c9,0x0079c4a3cc8f67b9,0x0082b1e62f23550d,0x00f2d409caefd7f5,0x0080e67dcdb26e81,0x0087ae993ea1f98a,0x00aa108becf61d03,0x001acf11efb608a3)}, - {FIELD_LITERAL(0x008225febbab50d9,0x00f3b605e4dd2083,0x00a32b28189e23d2,0x00d507e5e5eb4c97,0x005a1a84e302821f,0x0006f54c1c5f08c7,0x00a347c8cb2843f0,0x0009f73e9544bfa5)}, - }}, {{ - {FIELD_LITERAL(0x006c59c9ae744185,0x009fc32f1b4282cd,0x004d6348ca59b1ac,0x00105376881be067,0x00af4096013147dc,0x004abfb5a5cb3124,0x000d2a7f8626c354,0x009c6ed568e07431)}, - {FIELD_LITERAL(0x00e828333c297f8b,0x009ef3cf8c3f7e1f,0x00ab45f8fff31cb9,0x00c8b4178cb0b013,0x00d0c50dd3260a3f,0x0097126ac257f5bc,0x0042376cc90c705a,0x001d96fdb4a1071e)}, - {FIELD_LITERAL(0x00542d44d89ee1a8,0x00306642e0442d98,0x0090853872b87338,0x002362cbf22dc044,0x002c222adff663b8,0x0067c924495fcb79,0x000e621d983c977c,0x00df77a9eccb66fb)}, - }}, {{ - {FIELD_LITERAL(0x002809e4bbf1814a,0x00b9e854f9fafb32,0x00d35e67c10f7a67,0x008f1bcb76e748cf,0x004224d9515687d2,0x005ba0b774e620c4,0x00b5e57db5d54119,0x00e15babe5683282)}, - {FIELD_LITERAL(0x00832d02369b482c,0x00cba52ff0d93450,0x003fa9c908d554db,0x008d1e357b54122f,0x00abd91c2dc950c6,0x007eff1df4c0ec69,0x003f6aeb13fb2d31,0x00002d6179fc5b2c)}, - {FIELD_LITERAL(0x0046c9eda81c9c89,0x00b60cb71c8f62fc,0x0022f5a683baa558,0x00f87319fccdf997,0x009ca09b51ce6a22,0x005b12baf4af7d77,0x008a46524a1e33e2,0x00035a77e988be0d)}, - }}, {{ - {FIELD_LITERAL(0x00a7efe46a7dbe2f,0x002f66fd55014fe7,0x006a428afa1ff026,0x0056caaa9604ab72,0x0033f3bcd7fac8ae,0x00ccb1aa01c86764,0x00158d1edf13bf40,0x009848ee76fcf3b4)}, - {FIELD_LITERAL(0x00a9e7730a819691,0x00d9cc73c4992b70,0x00e299bde067de5a,0x008c314eb705192a,0x00e7226f17e8a3cc,0x0029dfd956e65a47,0x0053a8e839073b12,0x006f942b2ab1597e)}, - {FIELD_LITERAL(0x001c3d780ecd5e39,0x0094f247fbdcc5fe,0x00d5c786fd527764,0x00b6f4da74f0db2a,0x0080f1f8badcd5fc,0x00f36a373ad2e23b,0x00f804f9f4343bf2,0x00d1af40ec623982)}, - }}, {{ - {FIELD_LITERAL(0x0082aeace5f1b144,0x00f68b3108cf4dd3,0x00634af01dde3020,0x000beab5df5c2355,0x00e8b790d1b49b0b,0x00e48d15854e36f4,0x0040ab2d95f3db9f,0x002711c4ed9e899a)}, - {FIELD_LITERAL(0x0039343746531ebe,0x00c8509d835d429d,0x00e79eceff6b0018,0x004abfd31e8efce5,0x007bbfaaa1e20210,0x00e3be89c193e179,0x001c420f4c31d585,0x00f414a315bef5ae)}, - {FIELD_LITERAL(0x007c296a24990df8,0x00d5d07525a75588,0x00dd8e113e94b7e7,0x007bbc58febe0cc8,0x0029f51af9bfcad3,0x007e9311ec7ab6f3,0x009a884de1676343,0x0050d5f2dce84be9)}, - }}, {{ - {FIELD_LITERAL(0x005fa020cca2450a,0x00491c29db6416d8,0x0037cefe3f9f9a85,0x003d405230647066,0x0049e835f0fdbe89,0x00feb78ac1a0815c,0x00828e4b32dc9724,0x00db84f2dc8d6fd4)}, - {FIELD_LITERAL(0x0098cddc8b39549a,0x006da37e3b05d22c,0x00ce633cfd4eb3cb,0x00fda288ef526acd,0x0025338878c5d30a,0x00f34438c4e5a1b4,0x00584efea7c310f1,0x0041a551f1b660ad)}, - {FIELD_LITERAL(0x00d7f7a8fbd6437a,0x0062872413bf3753,0x00ad4bbcb43c584b,0x007fe49be601d7e3,0x0077c659789babf4,0x00eb45fcb06a741b,0x005ce244913f9708,0x0088426401736326)}, - }}, {{ - {FIELD_LITERAL(0x007bf562ca768d7c,0x006c1f3a174e387c,0x00f024b447fee939,0x007e7af75f01143f,0x003adb70b4eed89d,0x00e43544021ad79a,0x0091f7f7042011f6,0x0093c1a1ee3a0ddc)}, - {FIELD_LITERAL(0x00a0b68ec1eb72d2,0x002c03235c0d45a0,0x00553627323fe8c5,0x006186e94b17af94,0x00a9906196e29f14,0x0025b3aee6567733,0x007e0dd840080517,0x0018eb5801a4ba93)}, - {FIELD_LITERAL(0x00d7fe7017bf6a40,0x006e3f0624be0c42,0x00ffbba205358245,0x00f9fc2cf8194239,0x008d93b37bf15b4e,0x006ddf2e38be8e95,0x002b6e79bf5fcff9,0x00ab355da425e2de)}, - }}, {{ - {FIELD_LITERAL(0x00938f97e20be973,0x0099141a36aaf306,0x0057b0ca29e545a1,0x0085db571f9fbc13,0x008b333c554b4693,0x0043ab6ef3e241cb,0x0054fb20aa1e5c70,0x00be0ff852760adf)}, - {FIELD_LITERAL(0x003973d8938971d6,0x002aca26fa80c1f5,0x00108af1faa6b513,0x00daae275d7924e6,0x0053634ced721308,0x00d2355fe0bbd443,0x00357612b2d22095,0x00f9bb9dd4136cf3)}, - {FIELD_LITERAL(0x002bff12cf5e03a5,0x001bdb1fa8a19cf8,0x00c91c6793f84d39,0x00f869f1b2eba9af,0x0059bc547dc3236b,0x00d91611d6d38689,0x00e062daaa2c0214,0x00ed3c047cc2bc82)}, - }}, {{ - {FIELD_LITERAL(0x000050d70c32b31a,0x001939d576d437b3,0x00d709e598bf9fe6,0x00a885b34bd2ee9e,0x00dd4b5c08ab1a50,0x0091bebd50b55639,0x00cf79ff64acdbc6,0x006067a39d826336)}, - {FIELD_LITERAL(0x0062dd0fb31be374,0x00fcc96b84c8e727,0x003f64f1375e6ae3,0x0057d9b6dd1af004,0x00d6a167b1103c7b,0x00dd28f3180fb537,0x004ff27ad7167128,0x008934c33461f2ac)}, - {FIELD_LITERAL(0x0065b472b7900043,0x00ba7efd2ff1064b,0x000b67d6c4c3020f,0x0012d28469f4e46d,0x0031c32939703ec7,0x00b49f0bce133066,0x00f7e10416181d47,0x005c90f51867eecc)}, - }}, {{ - {FIELD_LITERAL(0x0051207abd179101,0x00fc2a5c20d9c5da,0x00fb9d5f2701b6df,0x002dd040fdea82b8,0x00f163b0738442ff,0x00d9736bd68855b8,0x00e0d8e93005e61c,0x00df5a40b3988570)}, - {FIELD_LITERAL(0x0006918f5dfce6dc,0x00d4bf1c793c57fb,0x0069a3f649435364,0x00e89a50e5b0cd6e,0x00b9f6a237e973af,0x006d4ed8b104e41d,0x00498946a3924cd2,0x00c136ec5ac9d4f7)}, - {FIELD_LITERAL(0x0011a9c290ac5336,0x002b9a2d4a6a6533,0x009a8a68c445d937,0x00361b27b07e5e5c,0x003c043b1755b974,0x00b7eb66cf1155ee,0x0077af5909eefff2,0x0098f609877cc806)}, - }}, {{ - {FIELD_LITERAL(0x00ab13af436bf8f4,0x000bcf0a0dac8574,0x00d50c864f705045,0x00c40e611debc842,0x0085010489bd5caa,0x007c5050acec026f,0x00f67d943c8da6d1,0x00de1da0278074c6)}, - {FIELD_LITERAL(0x00b373076597455f,0x00e83f1af53ac0f5,0x0041f63c01dc6840,0x0097dea19b0c6f4b,0x007f9d63b4c1572c,0x00e692d492d0f5f0,0x00cbcb392e83b4ad,0x0069c0f39ed9b1a8)}, - {FIELD_LITERAL(0x00861030012707c9,0x009fbbdc7fd4aafb,0x008f591d6b554822,0x00df08a41ea18ade,0x009d7d83e642abea,0x0098c71bda3b78ff,0x0022c89e7021f005,0x0044d29a3fe1e3c4)}, - }}, {{ - {FIELD_LITERAL(0x00e748cd7b5c52f2,0x00ea9df883f89cc3,0x0018970df156b6c7,0x00c5a46c2a33a847,0x00cbde395e32aa09,0x0072474ebb423140,0x00fb00053086a23d,0x001dafcfe22d4e1f)}, - {FIELD_LITERAL(0x00c903ee6d825540,0x00add6c4cf98473e,0x007636efed4227f1,0x00905124ae55e772,0x00e6b38fab12ed53,0x0045e132b863fe55,0x003974662edb366a,0x00b1787052be8208)}, - {FIELD_LITERAL(0x00a614b00d775c7c,0x00d7c78941cc7754,0x00422dd68b5dabc4,0x00a6110f0167d28b,0x00685a309c252886,0x00b439ffd5143660,0x003656e29ee7396f,0x00c7c9b9ed5ad854)}, - }}, {{ - {FIELD_LITERAL(0x0040f7e7c5b37bf2,0x0064e4dc81181bba,0x00a8767ae2a366b6,0x001496b4f90546f2,0x002a28493f860441,0x0021f59513049a3a,0x00852d369a8b7ee3,0x00dd2e7d8b7d30a9)}, - {FIELD_LITERAL(0x00006e34a35d9fbc,0x00eee4e48b2f019a,0x006b344743003a5f,0x00541d514f04a7e3,0x00e81f9ee7647455,0x005e2b916c438f81,0x00116f8137b7eff0,0x009bd3decc7039d1)}, - {FIELD_LITERAL(0x0005d226f434110d,0x00af8288b8ef21d5,0x004a7a52ef181c8c,0x00be0b781b4b06de,0x00e6e3627ded07e1,0x00e43aa342272b8b,0x00e86ab424577d84,0x00fb292c566e35bb)}, - }}, {{ - {FIELD_LITERAL(0x00334f5303ea1222,0x00dfb3dbeb0a5d3e,0x002940d9592335c1,0x00706a7a63e8938a,0x005a533558bc4caf,0x00558e33192022a9,0x00970d9faf74c133,0x002979fcb63493ca)}, - {FIELD_LITERAL(0x00e38abece3c82ab,0x005a51f18a2c7a86,0x009dafa2e86d592e,0x00495a62eb688678,0x00b79df74c0eb212,0x0023e8cc78b75982,0x005998cb91075e13,0x00735aa9ba61bc76)}, - {FIELD_LITERAL(0x00d9f7a82ddbe628,0x00a1fc782889ae0f,0x0071ffda12d14b66,0x0037cf4eca7fb3d5,0x00c80bc242c58808,0x0075bf8c2d08c863,0x008d41f31afc52a7,0x00197962ecf38741)}, - }}, {{ - {FIELD_LITERAL(0x006e9f475cccf2ee,0x00454b9cd506430c,0x00224a4fb79ee479,0x0062e3347ef0b5e2,0x0034fd2a3512232a,0x00b8b3cb0f457046,0x00eb20165daa38ec,0x00128eebc2d9c0f7)}, - {FIELD_LITERAL(0x00bfc5fa1e4ea21f,0x00c21d7b6bb892e6,0x00cf043f3acf0291,0x00c13f2f849b3c90,0x00d1a97ebef10891,0x0061e130a445e7fe,0x0019513fdedbf22b,0x001d60c813bff841)}, - {FIELD_LITERAL(0x0019561c7fcf0213,0x00e3dca6843ebd77,0x0068ea95b9ca920e,0x009bdfb70f253595,0x00c68f59186aa02a,0x005aee1cca1c3039,0x00ab79a8a937a1ce,0x00b9a0e549959e6f)}, - }}, {{ - {FIELD_LITERAL(0x00c79e0b6d97dfbd,0x00917c71fd2bc6e8,0x00db7529ccfb63d8,0x00be5be957f17866,0x00a9e11fdc2cdac1,0x007b91a8e1f44443,0x00a3065e4057d80f,0x004825f5b8d5f6d4)}, - {FIELD_LITERAL(0x003e4964fa8a8fc8,0x00f6a1cdbcf41689,0x00943cb18fe7fda7,0x00606dafbf34440a,0x005d37a86399c789,0x00e79a2a69417403,0x00fe34f7e68b8866,0x0011f448ed2df10e)}, - {FIELD_LITERAL(0x00f1f57efcc1fcc4,0x00513679117de154,0x002e5b5b7c86d8c3,0x009f6486561f9cfb,0x00169e74b0170cf7,0x00900205af4af696,0x006acfddb77853f3,0x00df184c90f31068)}, - }}, {{ - {FIELD_LITERAL(0x00b37396c3320791,0x00fc7b67175c5783,0x00c36d2cd73ecc38,0x0080ebcc0b328fc5,0x0043a5b22b35d35d,0x00466c9f1713c9da,0x0026ad346dcaa8da,0x007c684e701183a6)}, - {FIELD_LITERAL(0x00fd579ffb691713,0x00b76af4f81c412d,0x00f239de96110f82,0x00e965fb437f0306,0x00ca7e9436900921,0x00e487f1325fa24a,0x00633907de476380,0x00721c62ac5b8ea0)}, - {FIELD_LITERAL(0x00c0d54e542eb4f9,0x004ed657171c8dcf,0x00b743a4f7c2a39b,0x00fd9f93ed6cc567,0x00307fae3113e58b,0x0058aa577c93c319,0x00d254556f35b346,0x00491aada2203f0d)}, - }}, {{ - {FIELD_LITERAL(0x00dff3103786ff34,0x000144553b1f20c3,0x0095613baeb930e4,0x00098058275ea5d4,0x007cd1402b046756,0x0074d74e4d58aee3,0x005f93fc343ff69b,0x00873df17296b3b0)}, - {FIELD_LITERAL(0x00c4a1fb48635413,0x00b5dd54423ad59f,0x009ff5d53fd24a88,0x003c98d267fc06a7,0x002db7cb20013641,0x00bd1d6716e191f2,0x006dbc8b29094241,0x0044bbf233dafa2c)}, - {FIELD_LITERAL(0x0055838d41f531e6,0x00bf6a2dd03c81b2,0x005827a061c4839e,0x0000de2cbb36aac3,0x002efa29d9717478,0x00f9e928cc8a77ba,0x00c134b458def9ef,0x00958a182223fc48)}, - }}, {{ - {FIELD_LITERAL(0x000a9ee23c06881f,0x002c727d3d871945,0x00f47d971512d24a,0x00671e816f9ef31a,0x00883af2cfaad673,0x00601f98583d6c9a,0x00b435f5adc79655,0x00ad87b71c04bff2)}, - {FIELD_LITERAL(0x007860d99db787cf,0x00fda8983018f4a8,0x008c8866bac4743c,0x00ef471f84c82a3f,0x00abea5976d3b8e7,0x00714882896cd015,0x00b49fae584ddac5,0x008e33a1a0b69c81)}, - {FIELD_LITERAL(0x007b6ee2c9e8a9ec,0x002455dbbd89d622,0x006490cf4eaab038,0x00d925f6c3081561,0x00153b3047de7382,0x003b421f8bdceb6f,0x00761a4a5049da78,0x00980348c5202433)}, - }}, {{ - {FIELD_LITERAL(0x007f8a43da97dd5c,0x00058539c800fc7b,0x0040f3cf5a28414a,0x00d68dd0d95283d6,0x004adce9da90146e,0x00befa41c7d4f908,0x007603bc2e3c3060,0x00bdf360ab3545db)}, - {FIELD_LITERAL(0x00eebfd4e2312cc3,0x00474b2564e4fc8c,0x003303ef14b1da9b,0x003c93e0e66beb1d,0x0013619b0566925a,0x008817c24d901bf3,0x00b62bd8898d218b,0x0075a7716f1e88a2)}, - {FIELD_LITERAL(0x0009218da1e6890f,0x0026907f5fd02575,0x004dabed5f19d605,0x003abf181870249d,0x00b52fd048cc92c4,0x00b6dd51e415a5c5,0x00d9eb82bd2b4014,0x002c865a43b46b43)}, - }}, {{ - {FIELD_LITERAL(0x0070047189452f4c,0x00f7ad12e1ce78d5,0x00af1ba51ec44a8b,0x005f39f63e667cd6,0x00058eac4648425e,0x00d7fdab42bea03b,0x0028576a5688de15,0x00af973209e77c10)}, - {FIELD_LITERAL(0x00c338b915d8fef0,0x00a893292045c39a,0x0028ab4f2eba6887,0x0060743cb519fd61,0x0006213964093ac0,0x007c0b7a43f6266d,0x008e3557c4fa5bda,0x002da976de7b8d9d)}, - {FIELD_LITERAL(0x0048729f8a8b6dcd,0x00fe23b85cc4d323,0x00e7384d16e4db0e,0x004a423970678942,0x00ec0b763345d4ba,0x00c477b9f99ed721,0x00c29dad3777b230,0x001c517b466f7df6)}, - }}, {{ - {FIELD_LITERAL(0x006366c380f7b574,0x001c7d1f09ff0438,0x003e20a7301f5b22,0x00d3efb1916d28f6,0x0049f4f81060ce83,0x00c69d91ea43ced1,0x002b6f3e5cd269ed,0x005b0fb22ce9ec65)}, - {FIELD_LITERAL(0x00aa2261022d883f,0x00ebcca4548010ac,0x002528512e28a437,0x0070ca7676b66082,0x0084bda170f7c6d3,0x00581b4747c9b8bb,0x005c96a01061c7e2,0x00fb7c4a362b5273)}, - {FIELD_LITERAL(0x00c30020eb512d02,0x0060f288283a4d26,0x00b7ed13becde260,0x0075ebb74220f6e9,0x00701079fcfe8a1f,0x001c28fcdff58938,0x002e4544b8f4df6b,0x0060c5bc4f1a7d73)}, - }}, {{ - {FIELD_LITERAL(0x00ae307cf069f701,0x005859f222dd618b,0x00212d6c46ec0b0d,0x00a0fe4642afb62d,0x00420d8e4a0a8903,0x00a80ff639bdf7b0,0x0019bee1490b5d8e,0x007439e4b9c27a86)}, - {FIELD_LITERAL(0x00a94700032a093f,0x0076e96c225216e7,0x00a63a4316e45f91,0x007d8bbb4645d3b2,0x00340a6ff22793eb,0x006f935d4572aeb7,0x00b1fb69f00afa28,0x009e8f3423161ed3)}, - {FIELD_LITERAL(0x009ef49c6b5ced17,0x00a555e6269e9f0a,0x007e6f1d79ec73b5,0x009ac78695a32ac4,0x0001d77fbbcd5682,0x008cea1fee0aaeed,0x00f42bea82a53462,0x002e46ab96cafcc9)}, - }}, {{ - {FIELD_LITERAL(0x0051cfcc5885377a,0x00dce566cb1803ca,0x00430c7643f2c7d4,0x00dce1a1337bdcc0,0x0010d5bd7283c128,0x003b1b547f9b46fe,0x000f245e37e770ab,0x007b72511f022b37)}, - {FIELD_LITERAL(0x0060db815bc4786c,0x006fab25beedc434,0x00c610d06084797c,0x000c48f08537bec0,0x0031aba51c5b93da,0x007968fa6e01f347,0x0030070da52840c6,0x00c043c225a4837f)}, - {FIELD_LITERAL(0x001bcfd00649ee93,0x006dceb47e2a0fd5,0x00f2cebda0cf8fd0,0x00b6b9d9d1fbdec3,0x00815262e6490611,0x00ef7f5ce3176760,0x00e49cd0c998d58b,0x005fc6cc269ba57c)}, - }}, {{ - {FIELD_LITERAL(0x008940211aa0d633,0x00addae28136571d,0x00d68fdbba20d673,0x003bc6129bc9e21a,0x000346cf184ebe9a,0x0068774d741ebc7f,0x0019d5e9e6966557,0x0003cbd7f981b651)}, - {FIELD_LITERAL(0x004a2902926f8d3f,0x00ad79b42637ab75,0x0088f60b90f2d4e8,0x0030f54ef0e398c4,0x00021dc9bf99681e,0x007ebf66fde74ee3,0x004ade654386e9a4,0x00e7485066be4c27)}, - {FIELD_LITERAL(0x00445f1263983be0,0x004cf371dda45e6a,0x00744a89d5a310e7,0x001f20ce4f904833,0x00e746edebe66e29,0x000912ab1f6c153d,0x00f61d77d9b2444c,0x0001499cd6647610)}, + {FIELD_LITERAL(0x00cc3b062366f4ccULL, 0x003d6e34e314aa3cULL, + 0x00d51c0a7521774dULL, 0x0094e060eec6ab8bULL, + 0x00d21291b4d80082ULL, 0x00befed12b55ef1eULL, + 0x00c3dd2df5c94518ULL, 0x00e0a7b112b8d4e6ULL)}, + {FIELD_LITERAL(0x0019eb5608d8723aULL, 0x00d1bab52fb3aedbULL, + 0x00270a7311ebc90cULL, 0x0037c12b91be7f13ULL, + 0x005be16cd8b5c704ULL, 0x003e181acda888e1ULL, + 0x00bc1f00fc3fc6d0ULL, 0x00d3839bfa319e20ULL)}, + {FIELD_LITERAL(0x003caeb88611909fULL, 0x00ea8b378c4df3d4ULL, + 0x00b3295b95a5a19aULL, 0x00a65f97514bdfb5ULL, + 0x00b39efba743cab1ULL, 0x0016ba98b862fd2dULL, + 0x0001508812ee71d7ULL, 0x000a75740eea114aULL)}, + }}, {{ + {FIELD_LITERAL(0x00ebcf0eb649f823ULL, 0x00166d332e98ea03ULL, + 0x0059ddf64f5cd5f6ULL, 0x0047763123d9471bULL, + 0x00a64065c53ef62fULL, 0x00978e44c480153dULL, + 0x000b5b2a0265f194ULL, 0x0046a24b9f32965aULL)}, + {FIELD_LITERAL(0x00b9eef787034df0ULL, 0x0020bc24de3390cdULL, + 0x000022160bae99bbULL, 0x00ae66e886e97946ULL, + 0x0048d4bbe02cbb8bULL, 0x0072ba97b34e38d4ULL, + 0x00eae7ec8f03e85aULL, 0x005ba92ecf808b2cULL)}, + {FIELD_LITERAL(0x00c9cfbbe74258fdULL, 0x00843a979ea9eaa7ULL, + 0x000cbb4371cfbe90ULL, 0x0059bac8f7f0a628ULL, + 0x004b3dff882ff530ULL, 0x0011869df4d90733ULL, + 0x00595aa71f4abfc2ULL, 0x0070e2d38990c2e6ULL)}, + }}, {{ + {FIELD_LITERAL(0x00de2010c0a01733ULL, 0x00c739a612e24297ULL, + 0x00a7212643141d7cULL, 0x00f88444f6b67c11ULL, + 0x00484b7b16ec28f2ULL, 0x009c1b8856af9c68ULL, + 0x00ff4669591fe9d6ULL, 0x0054974be08a32c8ULL)}, + {FIELD_LITERAL(0x0010de3fd682ceedULL, 0x008c07642d83ca4eULL, + 0x0013bb064e00a1ccULL, 0x009411ae27870e11ULL, + 0x00ea8e5b4d531223ULL, 0x0032fe7d2aaece2eULL, + 0x00d989e243e7bb41ULL, 0x000fe79a508e9b8bULL)}, + {FIELD_LITERAL(0x005e0426b9bfc5b1ULL, 0x0041a5b1d29ee4faULL, + 0x0015b0def7774391ULL, 0x00bc164f1f51af01ULL, + 0x00d543b0942797b9ULL, 0x003c129b6398099cULL, + 0x002b114c6e5adf18ULL, 0x00b4e630e4018a7bULL)}, + }}, {{ + {FIELD_LITERAL(0x00d490afc95f8420ULL, 0x00b096bf50c1d9b9ULL, + 0x00799fd707679866ULL, 0x007c74d9334afbeaULL, + 0x00efaa8be80ff4edULL, 0x0075c4943bb81694ULL, + 0x00c21c2fca161f36ULL, 0x00e77035d492bfeeULL)}, + {FIELD_LITERAL(0x006658a190dd6661ULL, 0x00e0e9bab38609a6ULL, + 0x0028895c802237edULL, 0x006a0229c494f587ULL, + 0x002dcde96c9916b7ULL, 0x00d158822de16218ULL, + 0x00173b917a06856fULL, 0x00ca78a79ae07326ULL)}, + {FIELD_LITERAL(0x00e35bfc79caced4ULL, 0x0087238a3e1fe3bbULL, + 0x00bcbf0ff4ceff5bULL, 0x00a19c1c94099b91ULL, + 0x0071e102b49db976ULL, 0x0059e3d004eada1eULL, + 0x008da78afa58a47eULL, 0x00579c8ebf269187ULL)}, + }}, {{ + {FIELD_LITERAL(0x00a16c2905eee75fULL, 0x009d4bcaea2c7e1dULL, + 0x00d3bd79bfad19dfULL, 0x0050da745193342cULL, + 0x006abdb8f6b29ab1ULL, 0x00a24fe0a4fef7efULL, + 0x0063730da1057dfbULL, 0x00a08c312c8eb108ULL)}, + {FIELD_LITERAL(0x00b583be005375beULL, 0x00a40c8f8a4e3df4ULL, + 0x003fac4a8f5bdbf7ULL, 0x00d4481d872cd718ULL, + 0x004dc8749cdbaefeULL, 0x00cce740d5e5c975ULL, + 0x000b1c1f4241fd21ULL, 0x00a76de1b4e1cd07ULL)}, + {FIELD_LITERAL(0x007a076500d30b62ULL, 0x000a6e117b7f090fULL, + 0x00c8712ae7eebd9aULL, 0x000fbd6c1d5f6ff7ULL, + 0x003a7977246ebf11ULL, 0x00166ed969c6600eULL, + 0x00aa42e469c98becULL, 0x00dc58f307cf0666ULL)}, + }}, {{ + {FIELD_LITERAL(0x004b491f65a9a28bULL, 0x006a10309e8a55b7ULL, + 0x00b67210185187efULL, 0x00cf6497b12d9b8fULL, + 0x0085778c56e2b1baULL, 0x0015b4c07a814d85ULL, + 0x00686479e62da561ULL, 0x008de5d88f114916ULL)}, + {FIELD_LITERAL(0x00e37c88d6bba7b1ULL, 0x003e4577e1b8d433ULL, + 0x0050d8ea5f510ec0ULL, 0x0042fc9f2da9ef59ULL, + 0x003bd074c1141420ULL, 0x00561b8b7b68774eULL, + 0x00232e5e5d1013a3ULL, 0x006b7f2cb3d7e73fULL)}, + {FIELD_LITERAL(0x004bdd0f0b41e6a0ULL, 0x001773057c405d24ULL, + 0x006029f99915bd97ULL, 0x006a5ba70a17fe2fULL, + 0x0046111977df7e08ULL, 0x004d8124c89fb6b7ULL, + 0x00580983b2bb2724ULL, 0x00207bf330d6f3feULL)}, + }}, {{ + {FIELD_LITERAL(0x007efdc93972a48bULL, 0x002f5e50e78d5feeULL, + 0x0080dc11d61c7fe5ULL, 0x0065aa598707245bULL, + 0x009abba2300641beULL, 0x000c68787656543aULL, + 0x00ffe0fef2dc0a17ULL, 0x00007ffbd6cb4f3aULL)}, + {FIELD_LITERAL(0x0036012f2b836efcULL, 0x00458c126d6b5fbcULL, + 0x00a34436d719ad1eULL, 0x0097be6167117deaULL, + 0x0009c219c879cff3ULL, 0x0065564493e60755ULL, + 0x00993ac94a8cdec0ULL, 0x002d4885a4d0dbafULL)}, + {FIELD_LITERAL(0x00598b60b4c068baULL, 0x00c547a0be7f1afdULL, + 0x009582164acf12afULL, 0x00af4acac4fbbe40ULL, + 0x005f6ca7c539121aULL, 0x003b6e752ebf9d66ULL, + 0x00f08a30d5cac5d4ULL, 0x00e399bb5f97c5a9ULL)}, + }}, {{ + {FIELD_LITERAL(0x007445a0409c0a66ULL, 0x00a65c369f3829c0ULL, + 0x0031d248a4f74826ULL, 0x006817f34defbe8eULL, + 0x00649741d95ebf2eULL, 0x00d46466ab16b397ULL, + 0x00fdc35703bee414ULL, 0x00343b43334525f8ULL)}, + {FIELD_LITERAL(0x001796bea93f6401ULL, 0x00090c5a42e85269ULL, + 0x00672412ba1252edULL, 0x001201d47b6de7deULL, + 0x006877bccfe66497ULL, 0x00b554fd97a4c161ULL, + 0x009753f42dbac3cfULL, 0x00e983e3e378270aULL)}, + {FIELD_LITERAL(0x00ac3eff18849872ULL, 0x00f0eea3bff05690ULL, + 0x00a6d72c21dd505dULL, 0x001b832642424169ULL, + 0x00a6813017b540e5ULL, 0x00a744bd71b385cdULL, + 0x0022a7d089130a7bULL, 0x004edeec9a133486ULL)}, + }}, {{ + {FIELD_LITERAL(0x00b2d6729196e8a9ULL, 0x0088a9bb2031cef4ULL, + 0x00579e7787dc1567ULL, 0x0030f49feb059190ULL, + 0x00a0b1d69c7f7d8fULL, 0x0040bdcc6d9d806fULL, + 0x00d76c4037edd095ULL, 0x00bbf24376415dd7ULL)}, + {FIELD_LITERAL(0x00240465ff5a7197ULL, 0x00bb97e76caf27d0ULL, + 0x004b4edbf8116d39ULL, 0x001d8586f708cbaaULL, + 0x000f8ee8ff8e4a50ULL, 0x00dde5a1945dd622ULL, + 0x00e6fc1c0957e07cULL, 0x0041c9cdabfd88a0ULL)}, + {FIELD_LITERAL(0x005344b0bf5b548cULL, 0x002957d0b705cc99ULL, + 0x00f586a70390553dULL, 0x0075b3229f583cc3ULL, + 0x00a1aa78227490e4ULL, 0x001bf09cf7957717ULL, + 0x00cf6bf344325f52ULL, 0x0065bd1c23ca3ecfULL)}, + }}, {{ + {FIELD_LITERAL(0x009bff3b3239363cULL, 0x00e17368796ef7c0ULL, + 0x00528b0fe0971f3aULL, 0x0008014fc8d4a095ULL, + 0x00d09f2e8a521ec4ULL, 0x006713ab5dde5987ULL, + 0x0003015758e0dbb1ULL, 0x00215999f1ba212dULL)}, + {FIELD_LITERAL(0x002c88e93527da0eULL, 0x0077c78f3456aad5ULL, + 0x0071087a0a389d1cULL, 0x00934dac1fb96dbdULL, + 0x008470e801162697ULL, 0x005bc2196cd4ad49ULL, + 0x00e535601d5087c3ULL, 0x00769888700f497fULL)}, + {FIELD_LITERAL(0x00da7a4b557298adULL, 0x0019d2589ea5df76ULL, + 0x00ef3e38be0c6497ULL, 0x00a9644e1312609aULL, + 0x004592f61b2558daULL, 0x0082c1df510d7e46ULL, + 0x0042809a535c0023ULL, 0x00215bcb5afd7757ULL)}, + }}, {{ + {FIELD_LITERAL(0x002b9df55a1a4213ULL, 0x00dcfc3b464a26beULL, + 0x00c4f9e07a8144d5ULL, 0x00c8e0617a92b602ULL, + 0x008e3c93accafae0ULL, 0x00bf1bcb95b2ca60ULL, + 0x004ce2426a613bf3ULL, 0x00266cac58e40921ULL)}, + {FIELD_LITERAL(0x008456d5db76e8f0ULL, 0x0032ca9cab2ce163ULL, + 0x0059f2b8bf91abcfULL, 0x0063c2a021712788ULL, + 0x00f86155af22f72dULL, 0x00db98b2a6c005a0ULL, + 0x00ac6e416a693ac4ULL, 0x007a93572af53226ULL)}, + {FIELD_LITERAL(0x0087767520f0de22ULL, 0x0091f64012279fb5ULL, + 0x001050f1f0644999ULL, 0x004f097a2477ad3cULL, + 0x006b37913a9947bdULL, 0x001a3d78645af241ULL, + 0x0057832bbb3008a7ULL, 0x002c1d902b80dc20ULL)}, + }}, {{ + {FIELD_LITERAL(0x001a6002bf178877ULL, 0x009bce168aa5af50ULL, + 0x005fc318ff04a7f5ULL, 0x0052818f55c36461ULL, + 0x008768f5d4b24afbULL, 0x0037ffbae7b69c85ULL, + 0x0018195a4b61edc0ULL, 0x001e12ea088434b2ULL)}, + {FIELD_LITERAL(0x0047d3f804e7ab07ULL, 0x00a809ab5f905260ULL, + 0x00b3ffc7cdaf306dULL, 0x00746e8ec2d6e509ULL, + 0x00d0dade8887a645ULL, 0x00acceeebde0dd37ULL, + 0x009bc2579054686bULL, 0x0023804f97f1c2bfULL)}, + {FIELD_LITERAL(0x0043e2e2e50b80d7ULL, 0x00143aafe4427e0fULL, + 0x005594aaecab855bULL, 0x008b12ccaaecbc01ULL, + 0x002deeb091082bc3ULL, 0x009cca4be2ae7514ULL, + 0x00142b96e696d047ULL, 0x00ad2a2b1c05256aULL)}, + }}, {{ + {FIELD_LITERAL(0x003914f2f144b78bULL, 0x007a95dd8bee6f68ULL, + 0x00c7f4384d61c8e6ULL, 0x004e51eb60f1bdb2ULL, + 0x00f64be7aa4621d8ULL, 0x006797bfec2f0ac0ULL, + 0x007d17aab3c75900ULL, 0x001893e73cac8bc5ULL)}, + {FIELD_LITERAL(0x00140360b768665bULL, 0x00b68aca4967f977ULL, + 0x0001089b66195ae4ULL, 0x00fe71122185e725ULL, + 0x000bca2618d49637ULL, 0x00a54f0557d7e98aULL, + 0x00cdcd2f91d6f417ULL, 0x00ab8c13741fd793ULL)}, + {FIELD_LITERAL(0x00725ee6b1e549e0ULL, 0x007124a0769777faULL, + 0x000b68fdad07ae42ULL, 0x0085b909cd4952dfULL, + 0x0092d2e3c81606f4ULL, 0x009f22f6cac099a0ULL, + 0x00f59da57f2799a8ULL, 0x00f06c090122f777ULL)}, + }}, {{ + {FIELD_LITERAL(0x00ce0bed0a3532bcULL, 0x001a5048a22df16bULL, + 0x00e31db4cbad8bf1ULL, 0x00e89292120cf00eULL, + 0x007d1dd1a9b00034ULL, 0x00e2a9041ff8f680ULL, + 0x006a4c837ae596e7ULL, 0x00713af1068070b3ULL)}, + {FIELD_LITERAL(0x00c4fe64ce66d04bULL, 0x00b095d52e09b3d7ULL, + 0x00758bbecb1a3a8eULL, 0x00f35cce8d0650c0ULL, + 0x002b878aa5984473ULL, 0x0062e0a3b7544ddcULL, + 0x00b25b290ed116feULL, 0x007b0f6abe0bebf2ULL)}, + {FIELD_LITERAL(0x0081d4e3addae0a8ULL, 0x003410c836c7ffccULL, + 0x00c8129ad89e4314ULL, 0x000e3d5a23922dcdULL, + 0x00d91e46f29c31f3ULL, 0x006c728cde8c5947ULL, + 0x002bc655ba2566c0ULL, 0x002ca94721533108ULL)}, + }}, {{ + {FIELD_LITERAL(0x0051e4b3f764d8a9ULL, 0x0019792d46e904a0ULL, + 0x00853bc13dbc8227ULL, 0x000840208179f12dULL, + 0x0068243474879235ULL, 0x0013856fbfe374d0ULL, + 0x00bda12fe8676424ULL, 0x00bbb43635926eb2ULL)}, + {FIELD_LITERAL(0x0012cdc880a93982ULL, 0x003c495b21cd1b58ULL, + 0x00b7e5c93f22a26eULL, 0x0044aa82dfb99458ULL, + 0x009ba092cdffe9c0ULL, 0x00a14b3ab2083b73ULL, + 0x000271c2f70e1c4bULL, 0x00eea9cac0f66eb8ULL)}, + {FIELD_LITERAL(0x001a1847c4ac5480ULL, 0x00b1b412935bb03aULL, + 0x00f74285983bf2b2ULL, 0x00624138b5b5d0f1ULL, + 0x008820c0b03d38bfULL, 0x00b94e50a18c1572ULL, + 0x0060f6934841798fULL, 0x00c52f5d66d6ebe2ULL)}, + }}, {{ + {FIELD_LITERAL(0x00da23d59f9bcea6ULL, 0x00e0f27007a06a4bULL, + 0x00128b5b43a6758cULL, 0x000cf50190fa8b56ULL, + 0x00fc877aba2b2d72ULL, 0x00623bef52edf53fULL, + 0x00e6af6b819669e2ULL, 0x00e314dc34fcaa4fULL)}, + {FIELD_LITERAL(0x0066e5eddd164d1eULL, 0x00418a7c6fe28238ULL, + 0x0002e2f37e962c25ULL, 0x00f01f56b5975306ULL, + 0x0048842fa503875cULL, 0x0057b0e968078143ULL, + 0x00ff683024f3d134ULL, 0x0082ae28fcad12e4ULL)}, + {FIELD_LITERAL(0x0011ddfd21260e42ULL, 0x00d05b0319a76892ULL, + 0x00183ea4368e9b8fULL, 0x00b0815662affc96ULL, + 0x00b466a5e7ce7c88ULL, 0x00db93b07506e6eeULL, + 0x0033885f82f62401ULL, 0x0086f9090ec9b419ULL)}, + }}, {{ + {FIELD_LITERAL(0x00d95d1c5fcb435aULL, 0x0016d1ed6b5086f9ULL, + 0x00792aa0b7e54d71ULL, 0x0067b65715f1925dULL, + 0x00a219755ec6176bULL, 0x00bc3f026b12c28fULL, + 0x00700c897ffeb93eULL, 0x0089b83f6ec50b46ULL)}, + {FIELD_LITERAL(0x003c97e6384da36eULL, 0x00423d53eac81a09ULL, + 0x00b70d68f3cdce35ULL, 0x00ee7959b354b92cULL, + 0x00f4e9718819c8caULL, 0x009349f12acbffe9ULL, + 0x005aee7b62cb7da6ULL, 0x00d97764154ffc86ULL)}, + {FIELD_LITERAL(0x00526324babb46dcULL, 0x002ee99b38d7bf9eULL, + 0x007ea51794706ef4ULL, 0x00abeb04da6e3c39ULL, + 0x006b457c1d281060ULL, 0x00fe243e9a66c793ULL, + 0x00378de0fb6c6ee4ULL, 0x003e4194b9c3cb93ULL)}, + }}, {{ + {FIELD_LITERAL(0x00fed3cd80ca2292ULL, 0x0015b043a73ca613ULL, + 0x000a9fd7bf9be227ULL, 0x003b5e03de2db983ULL, + 0x005af72d46904ef7ULL, 0x00c0f1b5c49faa99ULL, + 0x00dc86fc3bd305e1ULL, 0x00c92f08c1cb1797ULL)}, + {FIELD_LITERAL(0x0079680ce111ed3bULL, 0x001a1ed82806122cULL, + 0x000c2e7466d15df3ULL, 0x002c407f6f7150fdULL, + 0x00c5e7c96b1b0ce3ULL, 0x009aa44626863ff9ULL, + 0x00887b8b5b80be42ULL, 0x00b6023cec964825ULL)}, + {FIELD_LITERAL(0x00e4a8e1048970c8ULL, 0x0062887b7830a302ULL, + 0x00bcf1c8cd81402bULL, 0x0056dbb81a68f5beULL, + 0x0014eced83f12452ULL, 0x00139e1a510150dfULL, + 0x00bb81140a82d1a3ULL, 0x000febcc1aaf1aa7ULL)}, + }}, {{ + {FIELD_LITERAL(0x00a7527958238159ULL, 0x0013ec9537a84cd6ULL, + 0x001d7fee7d562525ULL, 0x00b9eefa6191d5e5ULL, + 0x00dbc97db70bcb8aULL, 0x00481affc7a4d395ULL, + 0x006f73d3e70c31bbULL, 0x00183f324ed96a61ULL)}, + {FIELD_LITERAL(0x0039dd7ce7fc6860ULL, 0x00d64f6425653da1ULL, + 0x003e037c7f57d0afULL, 0x0063477a06e2bcf2ULL, + 0x001727dbb7ac67e6ULL, 0x0049589f5efafe2eULL, + 0x00fc0fef2e813d54ULL, 0x008baa5d087fb50dULL)}, + {FIELD_LITERAL(0x0024fb59d9b457c7ULL, 0x00a7d4e060223e4cULL, + 0x00c118d1b555fd80ULL, 0x0082e216c732f22aULL, + 0x00cd2a2993089504ULL, 0x003638e836a3e13dULL, + 0x000d855ee89b4729ULL, 0x008ec5b7d4810c91ULL)}, + }}, {{ + {FIELD_LITERAL(0x001bf51f7d65cdfdULL, 0x00d14cdafa16a97dULL, + 0x002c38e60fcd10e7ULL, 0x00a27446e393efbdULL, + 0x000b5d8946a71fddULL, 0x0063df2cde128f2fULL, + 0x006c8679569b1888ULL, 0x0059ffc4925d732dULL)}, + {FIELD_LITERAL(0x00ece96f95f2b66fULL, 0x00ece7952813a27bULL, + 0x0026fc36592e489eULL, 0x007157d1a2de0f66ULL, + 0x00759dc111d86ddfULL, 0x0012881e5780bb0fULL, + 0x00c8ccc83ad29496ULL, 0x0012b9bd1929eb71ULL)}, + {FIELD_LITERAL(0x000fa15a20da5df0ULL, 0x00349ddb1a46cd31ULL, + 0x002c512ad1d8e726ULL, 0x00047611f669318dULL, + 0x009e68fba591e17eULL, 0x004320dffa803906ULL, + 0x00a640874951a3d3ULL, 0x00b6353478baa24fULL)}, + }}, {{ + {FIELD_LITERAL(0x009696510000d333ULL, 0x00ec2f788bc04826ULL, + 0x000e4d02b1f67ba5ULL, 0x00659aa8dace08b6ULL, + 0x00d7a38a3a3ae533ULL, 0x008856defa8c746bULL, + 0x004d7a4402d3da1aULL, 0x00ea82e06229260fULL)}, + {FIELD_LITERAL(0x006a15bb20f75c0cULL, 0x0079a144027a5d0cULL, + 0x00d19116ce0b4d70ULL, 0x0059b83bcb0b268eULL, + 0x005f58f63f16c127ULL, 0x0079958318ee2c37ULL, + 0x00defbb063d07f82ULL, 0x00f1f0b931d2d446ULL)}, + {FIELD_LITERAL(0x00cb5e4c3c35d422ULL, 0x008df885ca43577fULL, + 0x00fa50b16ca3e471ULL, 0x005a0e58e17488c8ULL, + 0x00b2ceccd6d34d19ULL, 0x00f01d5d235e36e9ULL, + 0x00db2e7e4be6ca44ULL, 0x00260ab77f35fccdULL)}, + }}, {{ + {FIELD_LITERAL(0x006f6fd9baac61d5ULL, 0x002a7710a020a895ULL, + 0x009de0db7fc03d4dULL, 0x00cdedcb1875f40bULL, + 0x00050caf9b6b1e22ULL, 0x005e3a6654456ab0ULL, + 0x00775fdf8c4423d4ULL, 0x0028701ea5738b5dULL)}, + {FIELD_LITERAL(0x009ffd90abfeae96ULL, 0x00cba3c2b624a516ULL, + 0x005ef08bcee46c91ULL, 0x00e6fde30afb6185ULL, + 0x00f0b4db4f818ce4ULL, 0x006c54f45d2127f5ULL, + 0x00040125035854c7ULL, 0x00372658a3287e13ULL)}, + {FIELD_LITERAL(0x00d7070fb1beb2abULL, 0x0078fc845a93896bULL, + 0x006894a4b2f224a6ULL, 0x005bdd8192b9dbdeULL, + 0x00b38839874b3a9eULL, 0x00f93618b04b7a57ULL, + 0x003e3ec75fd2c67eULL, 0x00bf5e6bfc29494aULL)}, + }}, {{ + {FIELD_LITERAL(0x00f19224ebba2aa5ULL, 0x0074f89d358e694dULL, + 0x00eea486597135adULL, 0x0081579a4555c7e1ULL, + 0x0010b9b872930a9dULL, 0x00f002e87a30ecc0ULL, + 0x009b9d66b6de56e2ULL, 0x00a3c4f45e8004ebULL)}, + {FIELD_LITERAL(0x0045e8dda9400888ULL, 0x002ff12e5fc05db7ULL, + 0x00a7098d54afe69cULL, 0x00cdbe846a500585ULL, + 0x00879c1593ca1882ULL, 0x003f7a7fea76c8b0ULL, + 0x002cd73dd0c8e0a1ULL, 0x00645d6ce96f51feULL)}, + {FIELD_LITERAL(0x002b7e83e123d6d6ULL, 0x00398346f7419c80ULL, + 0x0042922e55940163ULL, 0x005e7fc5601886a3ULL, + 0x00e88f2cee1d3103ULL, 0x00e7fab135f2e377ULL, + 0x00b059984dbf0dedULL, 0x0009ce080faa5bb8ULL)}, + }}, {{ + {FIELD_LITERAL(0x0085e78af7758979ULL, 0x00275a4ee1631a3aULL, + 0x00d26bc0ed78b683ULL, 0x004f8355ea21064fULL, + 0x00d618e1a32696e5ULL, 0x008d8d7b150e5680ULL, + 0x00a74cd854b278d2ULL, 0x001dd62702203ea0ULL)}, + {FIELD_LITERAL(0x00f89335c2a59286ULL, 0x00a0f5c905d55141ULL, + 0x00b41fb836ee9382ULL, 0x00e235d51730ca43ULL, + 0x00a5cb37b5c0a69aULL, 0x009b966ffe136c45ULL, + 0x00cb2ea10bf80ed1ULL, 0x00fb2b370b40dc35ULL)}, + {FIELD_LITERAL(0x00d687d16d4ee8baULL, 0x0071520bdd069dffULL, + 0x00de85c60d32355dULL, 0x0087d2e3565102f4ULL, + 0x00cde391b8dfc9aaULL, 0x00e18d69efdfefe5ULL, + 0x004a9d0591954e91ULL, 0x00fa36dd8b50eee5ULL)}, + }}, {{ + {FIELD_LITERAL(0x002e788749a865f7ULL, 0x006e4dc3116861eaULL, + 0x009f1428c37276e6ULL, 0x00e7d2e0fc1e1226ULL, + 0x003aeebc6b6c45f6ULL, 0x0071a8073bf500c9ULL, + 0x004b22ad986b530cULL, 0x00f439e63c0d79d4ULL)}, + {FIELD_LITERAL(0x006bc3d53011f470ULL, 0x00032d6e692b83e8ULL, + 0x00059722f497cd0bULL, 0x0009b4e6f0c497ccULL, + 0x0058a804b7cce6c0ULL, 0x002b71d3302bbd5dULL, + 0x00e2f82a36765fceULL, 0x008dded99524c703ULL)}, + {FIELD_LITERAL(0x004d058953747d64ULL, 0x00701940fe79aa6fULL, + 0x00a620ac71c760bfULL, 0x009532b611158b75ULL, + 0x00547ed7f466f300ULL, 0x003cb5ab53a8401aULL, + 0x00c7763168ce3120ULL, 0x007e48e33e4b9ab2ULL)}, + }}, {{ + {FIELD_LITERAL(0x001b2fc57bf3c738ULL, 0x006a3f918993fb80ULL, + 0x0026f7a14fdec288ULL, 0x0075a2cdccef08dbULL, + 0x00d3ecbc9eecdbf1ULL, 0x0048c40f06e5bf7fULL, + 0x00d63e423009896bULL, 0x000598bc99c056a8ULL)}, + {FIELD_LITERAL(0x002f194eaafa46dcULL, 0x008e38f57fe87613ULL, + 0x00dc8e5ae25f4ab2ULL, 0x000a17809575e6bdULL, + 0x00d3ec7923ba366aULL, 0x003a7e72e0ad75e3ULL, + 0x0010024b88436e0aULL, 0x00ed3c5444b64051ULL)}, + {FIELD_LITERAL(0x00831fc1340af342ULL, 0x00c9645669466d35ULL, + 0x007692b4cc5a080fULL, 0x009fd4a47ac9259fULL, + 0x001eeddf7d45928bULL, 0x003c0446fc45f28bULL, + 0x002c0713aa3e2507ULL, 0x0095706935f0f41eULL)}, + }}, {{ + {FIELD_LITERAL(0x00766ae4190ec6d8ULL, 0x0065768cabc71380ULL, + 0x00b902598416cdc2ULL, 0x00380021ad38df52ULL, + 0x008f0b89d6551134ULL, 0x004254d4cc62c5a5ULL, + 0x000d79f4484b9b94ULL, 0x00b516732ae3c50eULL)}, + {FIELD_LITERAL(0x001fb73475c45509ULL, 0x00d2b2e5ea43345aULL, + 0x00cb3c3842077bd1ULL, 0x0029f90ad820946eULL, + 0x007c11b2380778aaULL, 0x009e54ece62c1704ULL, + 0x004bc60c41ca01c3ULL, 0x004525679a5a0b03ULL)}, + {FIELD_LITERAL(0x00c64fbddbed87b3ULL, 0x0040601d11731faaULL, + 0x009c22475b6f9d67ULL, 0x0024b79dae875f15ULL, + 0x00616fed3f02c3b0ULL, 0x0000cf39f6af2d3bULL, + 0x00c46bac0aa9a688ULL, 0x00ab23e2800da204ULL)}, + }}, {{ + {FIELD_LITERAL(0x000b3a37617632b0ULL, 0x00597199fe1cfb6cULL, + 0x0042a7ccdfeafdd6ULL, 0x004cc9f15ebcea17ULL, + 0x00f436e596a6b4a4ULL, 0x00168861142df0d8ULL, + 0x000753edfec26af5ULL, 0x000c495d7e388116ULL)}, + {FIELD_LITERAL(0x0017085f4a346148ULL, 0x00c7cf7a37f62272ULL, + 0x001776e129bc5c30ULL, 0x009955134c9eef2aULL, + 0x001ba5bdf1df07beULL, 0x00ec39497103a55cULL, + 0x006578354fda6cfbULL, 0x005f02719d4f15eeULL)}, + {FIELD_LITERAL(0x0052b9d9b5d9655dULL, 0x00d4ec7ba1b461c3ULL, + 0x00f95df4974f280bULL, 0x003d8e5ca11aeb51ULL, + 0x00d4981eb5a70b26ULL, 0x000af9a4f6659f29ULL, + 0x004598c846faeb43ULL, 0x0049d9a183a47670ULL)}, + }}, {{ + {FIELD_LITERAL(0x000a72d23dcb3f1fULL, 0x00a3737f84011727ULL, + 0x00f870c0fbbf4a47ULL, 0x00a7aadd04b5c9caULL, + 0x000c7715c67bd072ULL, 0x00015a136afcd74eULL, + 0x0080d5caea499634ULL, 0x0026b448ec7514b7ULL)}, + {FIELD_LITERAL(0x00b60167d9e7d065ULL, 0x00e60ba0d07381e8ULL, + 0x003a4f17b725c2d4ULL, 0x006c19fe176b64faULL, + 0x003b57b31af86ccbULL, 0x0021047c286180fdULL, + 0x00bdc8fb00c6dbb6ULL, 0x00fe4a9f4bab4f3fULL)}, + {FIELD_LITERAL(0x0088ffc3a16111f7ULL, 0x009155e4245d0bc8ULL, + 0x00851d68220572d5ULL, 0x00557ace1e514d29ULL, + 0x0031d7c339d91022ULL, 0x00101d0ae2eaceeaULL, + 0x00246ab3f837b66aULL, 0x00d5216d381ff530ULL)}, + }}, {{ + {FIELD_LITERAL(0x0057e7ea35f36daeULL, 0x00f47d7ad15de22eULL, + 0x00d757ea4b105115ULL, 0x008311457d579d7eULL, + 0x00b49b75b1edd4ebULL, 0x0081c7ff742fd63aULL, + 0x00ddda3187433df6ULL, 0x00475727d55f9c66ULL)}, + {FIELD_LITERAL(0x00a6295218dc136aULL, 0x00563b3af0e9c012ULL, + 0x00d3753b0145db1bULL, 0x004550389c043dc1ULL, + 0x00ea94ae27401bdfULL, 0x002b0b949f2b7956ULL, + 0x00c63f780ad8e23cULL, 0x00e591c47d6bab15ULL)}, + {FIELD_LITERAL(0x00416c582b058eb6ULL, 0x004107da5b2cc695ULL, + 0x00b3cd2556aeec64ULL, 0x00c0b418267e57a1ULL, + 0x001799293579bd2eULL, 0x0046ed44590e4d07ULL, + 0x001d7459b3630a1eULL, 0x00c6afba8b6696aaULL)}, + }}, {{ + {FIELD_LITERAL(0x008d6009b26da3f8ULL, 0x00898e88ca06b1caULL, + 0x00edb22b2ed7fe62ULL, 0x00fbc93516aabe80ULL, + 0x008b4b470c42ce0dULL, 0x00e0032ba7d0dcbbULL, + 0x00d76da3a956ecc8ULL, 0x007f20fe74e3852aULL)}, + {FIELD_LITERAL(0x002419222c607674ULL, 0x00a7f23af89188b3ULL, + 0x00ad127284e73d1cULL, 0x008bba582fae1c51ULL, + 0x00fc6aa7ca9ecab1ULL, 0x003df5319eb6c2baULL, + 0x002a05af8a8b199aULL, 0x004bf8354558407cULL)}, + {FIELD_LITERAL(0x00ce7d4a30f0fcbfULL, 0x00d02c272629f03dULL, + 0x0048c001f7400bc2ULL, 0x002c21368011958dULL, + 0x0098a550391e96b5ULL, 0x002d80b66390f379ULL, + 0x001fa878760cc785ULL, 0x001adfce54b613d5ULL)}, + }}, {{ + {FIELD_LITERAL(0x001ed4dc71fa2523ULL, 0x005d0bff19bf9b5cULL, + 0x00c3801cee065a64ULL, 0x001ed0b504323fbfULL, + 0x0003ab9fdcbbc593ULL, 0x00df82070178b8d2ULL, + 0x00a2bcaa9c251f85ULL, 0x00c628a3674bd02eULL)}, + {FIELD_LITERAL(0x006b7a0674f9f8deULL, 0x00a742414e5c7cffULL, + 0x0041cbf3c6e13221ULL, 0x00e3a64fd207af24ULL, + 0x0087c05f15fbe8d1ULL, 0x004c50936d9e8a33ULL, + 0x001306ec21042b6dULL, 0x00a4f4137d1141c2ULL)}, + {FIELD_LITERAL(0x0009e6fb921568b0ULL, 0x00b3c60120219118ULL, + 0x002a6c3460dd503aULL, 0x009db1ef11654b54ULL, + 0x0063e4bf0be79601ULL, 0x00670d34bb2592b9ULL, + 0x00dcee2f6c4130ceULL, 0x00b2682e88e77f54ULL)}, + }}, {{ + {FIELD_LITERAL(0x000d5b4b3da135abULL, 0x00838f3e5064d81dULL, + 0x00d44eb50f6d94edULL, 0x0008931ab502ac6dULL, + 0x00debe01ca3d3586ULL, 0x0025c206775f0641ULL, + 0x005ad4b6ae912763ULL, 0x007e2c318ad8f247ULL)}, + {FIELD_LITERAL(0x00ddbe0750dd1addULL, 0x004b3c7b885844b8ULL, + 0x00363e7ecf12f1aeULL, 0x0062e953e6438f9dULL, + 0x0023cc73b076afe9ULL, 0x00b09fa083b4da32ULL, + 0x00c7c3d2456c541dULL, 0x005b591ec6b694d4ULL)}, + {FIELD_LITERAL(0x0028656e19d62fcfULL, 0x0052a4af03df148dULL, + 0x00122765ddd14e42ULL, 0x00f2252904f67157ULL, + 0x004741965b636f3aULL, 0x006441d296132cb9ULL, + 0x005e2106f956a5b7ULL, 0x00247029592d335cULL)}, + }}, {{ + {FIELD_LITERAL(0x003fe038eb92f894ULL, 0x000e6da1b72e8e32ULL, + 0x003a1411bfcbe0faULL, 0x00b55d473164a9e4ULL, + 0x00b9a775ac2df48dULL, 0x0002ddf350659e21ULL, + 0x00a279a69eb19cb3ULL, 0x00f844eab25cba44ULL)}, + {FIELD_LITERAL(0x00c41d1f9c1f1ac1ULL, 0x007b2df4e9f19146ULL, + 0x00b469355fd5ba7aULL, 0x00b5e1965afc852aULL, + 0x00388d5f1e2d8217ULL, 0x0022079e4c09ae93ULL, + 0x0014268acd4ef518ULL, 0x00c1dd8d9640464cULL)}, + {FIELD_LITERAL(0x0038526adeed0c55ULL, 0x00dd68c607e3fe85ULL, + 0x00f746ddd48a5d57ULL, 0x0042f2952b963b7cULL, + 0x001cbbd6876d5ec2ULL, 0x005e341470bca5c2ULL, + 0x00871d41e085f413ULL, 0x00e53ab098f45732ULL)}, + }}, {{ + {FIELD_LITERAL(0x004d51124797c831ULL, 0x008f5ae3750347adULL, + 0x0070ced94c1a0c8eULL, 0x00f6db2043898e64ULL, + 0x000d00c9a5750cd0ULL, 0x000741ec59bad712ULL, + 0x003c9d11aab37b7fULL, 0x00a67ba169807714ULL)}, + {FIELD_LITERAL(0x00adb2c1566e8b8fULL, 0x0096c68a35771a9aULL, + 0x00869933356f334aULL, 0x00ba9c93459f5962ULL, + 0x009ec73fb6e8ca4bULL, 0x003c3802c27202e1ULL, + 0x0031f5b733e0c008ULL, 0x00f9058c19611fa9ULL)}, + {FIELD_LITERAL(0x00238f01814a3421ULL, 0x00c325a44b6cce28ULL, + 0x002136f97aeb0e73ULL, 0x000cac8268a4afe2ULL, + 0x0022fd218da471b3ULL, 0x009dcd8dfff8def9ULL, + 0x00cb9f8181d999bbULL, 0x00143ae56edea349ULL)}, + }}, {{ + {FIELD_LITERAL(0x0000623bf87622c5ULL, 0x00a1966fdd069496ULL, + 0x00c315b7b812f9fcULL, 0x00bdf5efcd128b97ULL, + 0x001d464f532e3e16ULL, 0x003cd94f081bfd7eULL, + 0x00ed9dae12ce4009ULL, 0x002756f5736eee70ULL)}, + {FIELD_LITERAL(0x00a5187e6ee7341bULL, 0x00e6d52e82d83b6eULL, + 0x00df3c41323094a7ULL, 0x00b3324f444e9de9ULL, + 0x00689eb21a35bfe5ULL, 0x00f16363becd548dULL, + 0x00e187cc98e7f60fULL, 0x00127d9062f0ccabULL)}, + {FIELD_LITERAL(0x004ad71b31c29e40ULL, 0x00a5fcace12fae29ULL, + 0x004425b5597280edULL, 0x00e7ef5d716c3346ULL, + 0x0010b53ada410ac8ULL, 0x0092310226060c9bULL, + 0x0091c26128729c7eULL, 0x0088b42900f8ec3bULL)}, + }}, {{ + {FIELD_LITERAL(0x00f1e26e9762d4a8ULL, 0x00d9d74082183414ULL, + 0x00ffec9bd57a0282ULL, 0x000919e128fd497aULL, + 0x00ab7ae7d00fe5f8ULL, 0x0054dc442851ff68ULL, + 0x00c9ebeb3b861687ULL, 0x00507f7cab8b698fULL)}, + {FIELD_LITERAL(0x00c13c5aae3ae341ULL, 0x009c6c9ed98373e7ULL, + 0x00098f26864577a8ULL, 0x0015b886e9488b45ULL, + 0x0037692c42aadba5ULL, 0x00b83170b8e7791cULL, + 0x001670952ece1b44ULL, 0x00fd932a39276da2ULL)}, + {FIELD_LITERAL(0x0081a3259bef3398ULL, 0x005480fff416107bULL, + 0x00ce4f607d21be98ULL, 0x003ffc084b41df9bULL, + 0x0043d0bb100502d1ULL, 0x00ec35f575ba3261ULL, + 0x00ca18f677300ef3ULL, 0x00e8bb0a827d8548ULL)}, + }}, {{ + {FIELD_LITERAL(0x00df76b3328ada72ULL, 0x002e20621604a7c2ULL, + 0x00f910638a105b09ULL, 0x00ef4724d96ef2cdULL, + 0x00377d83d6b8a2f7ULL, 0x00b4f48805ade324ULL, + 0x001cd5da8b152018ULL, 0x0045af671a20ca7fULL)}, + {FIELD_LITERAL(0x009ae3b93a56c404ULL, 0x004a410b7a456699ULL, + 0x00023a619355e6b2ULL, 0x009cdc7297387257ULL, + 0x0055b94d4ae70d04ULL, 0x002cbd607f65b005ULL, + 0x003208b489697166ULL, 0x00ea2aa058867370ULL)}, + {FIELD_LITERAL(0x00f29d2598ee3f32ULL, 0x00b4ac5385d82adcULL, + 0x007633eaf04df19bULL, 0x00aa2d3d77ceab01ULL, + 0x004a2302fcbb778aULL, 0x00927f225d5afa34ULL, + 0x004a8e9d5047f237ULL, 0x008224ae9dbce530ULL)}, + }}, {{ + {FIELD_LITERAL(0x001cf640859b02f8ULL, 0x00758d1d5d5ce427ULL, + 0x00763c784ef4604cULL, 0x005fa81aee205270ULL, + 0x00ac537bfdfc44cbULL, 0x004b919bd342d670ULL, + 0x00238508d9bf4b7aULL, 0x00154888795644f3ULL)}, + {FIELD_LITERAL(0x00c845923c084294ULL, 0x00072419a201bc25ULL, + 0x0045f408b5f8e669ULL, 0x00e9d6a186b74dfeULL, + 0x00e19108c68fa075ULL, 0x0017b91d874177b7ULL, + 0x002f0ca2c7912c5aULL, 0x009400aa385a90a2ULL)}, + {FIELD_LITERAL(0x0071110b01482184ULL, 0x00cfed0044f2bef8ULL, + 0x0034f2901cf4662eULL, 0x003b4ae2a67f9834ULL, + 0x00cca9b96fe94810ULL, 0x00522507ae77abd0ULL, + 0x00bac7422721e73eULL, 0x0066622b0f3a62b0ULL)}, + }}, {{ + {FIELD_LITERAL(0x00f8ac5cf4705b6aULL, 0x00867d82dcb457e3ULL, + 0x007e13ab2ccc2ce9ULL, 0x009ee9a018d3930eULL, + 0x008370f8ecb42df8ULL, 0x002d9f019add263eULL, + 0x003302385b92d196ULL, 0x00a15654536e2c0cULL)}, + {FIELD_LITERAL(0x0026ef1614e160afULL, 0x00c023f9edfc9c76ULL, + 0x00cff090da5f57baULL, 0x0076db7a66643ae9ULL, + 0x0019462f8c646999ULL, 0x008fec00b3854b22ULL, + 0x00d55041692a0a1cULL, 0x0065db894215ca00ULL)}, + {FIELD_LITERAL(0x00a925036e0a451cULL, 0x002a0390c36b6cc1ULL, + 0x00f27020d90894f4ULL, 0x008d90d52cbd3d7fULL, + 0x00e1d0137392f3b8ULL, 0x00f017c158b51a8fULL, + 0x00cac313d3ed7dbcULL, 0x00b99a81e3eb42d3ULL)}, + }}, {{ + {FIELD_LITERAL(0x00b54850275fe626ULL, 0x0053a3fd1ec71140ULL, + 0x00e3d2d7dbe096faULL, 0x00e4ac7b595cce4cULL, + 0x0077bad449c0a494ULL, 0x00b7c98814afd5b3ULL, + 0x0057226f58486cf9ULL, 0x00b1557154f0cc57ULL)}, + {FIELD_LITERAL(0x008cc9cd236315c0ULL, 0x0031d9c5b39fda54ULL, + 0x00a5713ef37e1171ULL, 0x00293d5ae2886325ULL, + 0x00c4aba3e05015e1ULL, 0x0003f35ef78e4fc6ULL, + 0x0039d6bd3ac1527bULL, 0x0019d7c3afb77106ULL)}, + {FIELD_LITERAL(0x007b162931a985afULL, 0x00ad40a2e0daa713ULL, + 0x006df27c4009f118ULL, 0x00503e9f4e2e8becULL, + 0x00751a77c82c182dULL, 0x000298937769245bULL, + 0x00ffb1e8fabf9ee5ULL, 0x0008334706e09abeULL)}, + }}, {{ + {FIELD_LITERAL(0x00dbca4e98a7dcd9ULL, 0x00ee29cfc78bde99ULL, + 0x00e4a3b6995f52e9ULL, 0x0045d70189ae8096ULL, + 0x00fd2a8a3b9b0d1bULL, 0x00af1793b107d8e1ULL, + 0x00dbf92cbe4afa20ULL, 0x00da60f798e3681dULL)}, + {FIELD_LITERAL(0x004246bfcecc627aULL, 0x004ba431246c03a4ULL, + 0x00bd1d101872d497ULL, 0x003b73d3f185ee16ULL, + 0x001feb2e2678c0e3ULL, 0x00ff13c5a89dec76ULL, + 0x00ed06042e771d8fULL, 0x00a4fd2a897a83ddULL)}, + {FIELD_LITERAL(0x009a4a3be50d6597ULL, 0x00de3165fc5a1096ULL, + 0x004f3f56e345b0c7ULL, 0x00f7bf721d5ab8bcULL, + 0x004313e47b098c50ULL, 0x00e4c7d5c0e1adbbULL, + 0x002e3e3db365051eULL, 0x00a480c2cd6a96fbULL)}, + }}, {{ + {FIELD_LITERAL(0x00417fa30a7119edULL, 0x00af257758419751ULL, + 0x00d358a487b463d4ULL, 0x0089703cc720b00dULL, + 0x00ce56314ff7f271ULL, 0x0064db171ade62c1ULL, + 0x00640b36d4a22fedULL, 0x00424eb88696d23fULL)}, + {FIELD_LITERAL(0x004ede34af2813f3ULL, 0x00d4a8e11c9e8216ULL, + 0x004796d5041de8a5ULL, 0x00c4c6b4d21cc987ULL, + 0x00e8a433ee07fa1eULL, 0x0055720b5abcc5a1ULL, + 0x008873ea9c74b080ULL, 0x005b3fec1ab65d48ULL)}, + {FIELD_LITERAL(0x0047e5277db70ec5ULL, 0x000a096c66db7d6bULL, + 0x00b4164cc1730159ULL, 0x004a9f783fe720feULL, + 0x00a8177b94449dbcULL, 0x0095a24ff49a599fULL, + 0x0069c1c578250cbcULL, 0x00452019213debf4ULL)}, + }}, {{ + {FIELD_LITERAL(0x0021ce99e09ebda3ULL, 0x00fcbd9f91875ad0ULL, + 0x009bbf6b7b7a0b5fULL, 0x00388886a69b1940ULL, + 0x00926a56d0f81f12ULL, 0x00e12903c3358d46ULL, + 0x005dfce4e8e1ce9dULL, 0x0044cfa94e2f7e23ULL)}, + {FIELD_LITERAL(0x001bd59c09e982eaULL, 0x00f72daeb937b289ULL, + 0x0018b76dca908e0eULL, 0x00edb498512384adULL, + 0x00ce0243b6cc9538ULL, 0x00f96ff690cb4e70ULL, + 0x007c77bf9f673c8dULL, 0x005bf704c088a528ULL)}, + {FIELD_LITERAL(0x0093d4628dcb33beULL, 0x0095263d51d42582ULL, + 0x0049b3222458fe06ULL, 0x00e7fce73b653a7fULL, + 0x003ca2ebce60b369ULL, 0x00c5de239a32bea4ULL, + 0x0063b8b3d71fb6bfULL, 0x0039aeeb78a1a839ULL)}, + }}, {{ + {FIELD_LITERAL(0x007dc52da400336cULL, 0x001fded1e15b9457ULL, + 0x00902e00f5568e3aULL, 0x00219bef40456d2dULL, + 0x005684161fb3dbc9ULL, 0x004a4e9be49a76eaULL, + 0x006e685ae88b78ffULL, 0x0021c42f13042d3cULL)}, + {FIELD_LITERAL(0x00fb22bb5fd3ce50ULL, 0x0017b48aada7ae54ULL, + 0x00fd5c44ad19a536ULL, 0x000ccc4e4e55e45cULL, + 0x00fd637d45b4c3f5ULL, 0x0038914e023c37cfULL, + 0x00ac1881d6a8d898ULL, 0x00611ed8d3d943a8ULL)}, + {FIELD_LITERAL(0x0056e2259d113d2bULL, 0x00594819b284ec16ULL, + 0x00c7bf794bb36696ULL, 0x00721ee75097cdc6ULL, + 0x00f71be9047a2892ULL, 0x00df6ba142564edfULL, + 0x0069580b7a184e8dULL, 0x00f056e38fca0feeULL)}, + }}, {{ + {FIELD_LITERAL(0x009df98566a18c6dULL, 0x00cf3a200968f219ULL, + 0x0044ba60da6d9086ULL, 0x00dbc9c0e344da03ULL, + 0x000f9401c4466855ULL, 0x00d46a57c5b0a8d1ULL, + 0x00875a635d7ac7c6ULL, 0x00ef4a933b7e0ae6ULL)}, + {FIELD_LITERAL(0x005e8694077a1535ULL, 0x008bef75f71c8f1dULL, + 0x000a7c1316423511ULL, 0x00906e1d70604320ULL, + 0x003fc46c1a2ffbd6ULL, 0x00d1d5022e68f360ULL, + 0x002515fba37bbf46ULL, 0x00ca16234e023b44ULL)}, + {FIELD_LITERAL(0x00787c99561f4690ULL, 0x00a857a8c1561f27ULL, + 0x00a10df9223c09feULL, 0x00b98a9562e3b154ULL, + 0x004330b8744c3ed2ULL, 0x00e06812807ec5c4ULL, + 0x00e4cf6a7db9f1e3ULL, 0x00d95b089f132a34ULL)}, + }}, {{ + {FIELD_LITERAL(0x002922b39ca33eecULL, 0x0090d12a5f3ab194ULL, + 0x00ab60c02fb5f8edULL, 0x00188d292abba1cfULL, + 0x00e10edec9698f6eULL, 0x0069a4d9934133c8ULL, + 0x0024aac40e6d3d06ULL, 0x001702c2177661b0ULL)}, + {FIELD_LITERAL(0x00139078397030bdULL, 0x000e3c447e859a00ULL, + 0x0064a5b334c82393ULL, 0x00b8aabeb7358093ULL, + 0x00020778bb9ae73bULL, 0x0032ee94c7892a18ULL, + 0x008215253cb41bdaULL, 0x005e2797593517aeULL)}, + {FIELD_LITERAL(0x0083765a5f855d4aULL, 0x0051b6d1351b8ee2ULL, + 0x00116de548b0f7bbULL, 0x0087bd88703affa0ULL, + 0x0095b2cc34d7fdd2ULL, 0x0084cd81b53f0bc8ULL, + 0x008562fc995350edULL, 0x00a39abb193651e3ULL)}, + }}, {{ + {FIELD_LITERAL(0x0019e23f0474b114ULL, 0x00eb94c2ad3b437eULL, + 0x006ddb34683b75acULL, 0x00391f9209b564c6ULL, + 0x00083b3bb3bff7aaULL, 0x00eedcd0f6dceefcULL, + 0x00b50817f794fe01ULL, 0x0036474deaaa75c9ULL)}, + {FIELD_LITERAL(0x0091868594265aa2ULL, 0x00797accae98ca6dULL, + 0x0008d8c5f0f8a184ULL, 0x00d1f4f1c2b2fe6eULL, + 0x0036783dfb48a006ULL, 0x008c165120503527ULL, + 0x0025fd780058ce9bULL, 0x0068beb007be7d27ULL)}, + {FIELD_LITERAL(0x00d0ff88aa7c90c2ULL, 0x00b2c60dacf53394ULL, + 0x0094a7284d9666d6ULL, 0x00bed9022ce7a19dULL, + 0x00c51553f0cd7682ULL, 0x00c3fb870b124992ULL, + 0x008d0bc539956c9bULL, 0x00fc8cf258bb8885ULL)}, + }}, {{ + {FIELD_LITERAL(0x003667bf998406f8ULL, 0x0000115c43a12975ULL, + 0x001e662f3b20e8fdULL, 0x0019ffa534cb24ebULL, + 0x00016be0dc8efb45ULL, 0x00ff76a8b26243f5ULL, + 0x00ae20d241a541e3ULL, 0x0069bd6af13cd430ULL)}, + {FIELD_LITERAL(0x0045fdc16487cda3ULL, 0x00b2d8e844cf2ed7ULL, + 0x00612c50e88c1607ULL, 0x00a08aabc66c1672ULL, + 0x006031fdcbb24d97ULL, 0x001b639525744b93ULL, + 0x004409d62639ab17ULL, 0x00a1853d0347ab1dULL)}, + {FIELD_LITERAL(0x0075a1a56ebf5c21ULL, 0x00a3e72be9ac53edULL, + 0x00efcde1629170c2ULL, 0x0004225fe91ef535ULL, + 0x0088049fc73dfda7ULL, 0x004abc74857e1288ULL, + 0x0024e2434657317cULL, 0x00d98cb3d3e5543cULL)}, + }}, {{ + {FIELD_LITERAL(0x00b4b53eab6bdb19ULL, 0x009b22d8b43711d0ULL, + 0x00d948b9d961785dULL, 0x00cb167b6f279eadULL, + 0x00191de3a678e1c9ULL, 0x00d9dd9511095c2eULL, + 0x00f284324cd43067ULL, 0x00ed74fa535151ddULL)}, + {FIELD_LITERAL(0x007e32c049b5c477ULL, 0x009d2bfdbd9bcfd8ULL, + 0x00636e93045938c6ULL, 0x007fde4af7687298ULL, + 0x0046a5184fafa5d3ULL, 0x0079b1e7f13a359bULL, + 0x00875adf1fb927d6ULL, 0x00333e21c61bcad2ULL)}, + {FIELD_LITERAL(0x00048014f73d8b8dULL, 0x0075684aa0966388ULL, + 0x0092be7df06dc47cULL, 0x0097cebcd0f5568aULL, + 0x005a7004d9c4c6a9ULL, 0x00b0ecbb659924c7ULL, + 0x00d90332dd492a7cULL, 0x0057fc14df11493dULL)}, + }}, {{ + {FIELD_LITERAL(0x0008ed8ea0ad95beULL, 0x0041d324b9709645ULL, + 0x00e25412257a19b4ULL, 0x0058df9f3423d8d2ULL, + 0x00a9ab20def71304ULL, 0x009ae0dbf8ac4a81ULL, + 0x00c9565977e4392aULL, 0x003c9269444baf55ULL)}, + {FIELD_LITERAL(0x007df6cbb926830bULL, 0x00d336058ae37865ULL, + 0x007af47dac696423ULL, 0x0048d3011ec64ac8ULL, + 0x006b87666e40049fULL, 0x0036a2e0e51303d7ULL, + 0x00ba319bd79dbc55ULL, 0x003e2737ecc94f53ULL)}, + {FIELD_LITERAL(0x00d296ff726272d9ULL, 0x00f6d097928fcf57ULL, + 0x00e0e616a55d7013ULL, 0x00deaf454ed9eac7ULL, + 0x0073a56bedef4d92ULL, 0x006ccfdf6fc92e19ULL, + 0x009d1ee1371a7218ULL, 0x00ee3c2ee4462d80ULL)}, + }}, {{ + {FIELD_LITERAL(0x00437bce9bccdf9dULL, 0x00e0c8e2f85dc0a3ULL, + 0x00c91a7073995a19ULL, 0x00856ec9fe294559ULL, + 0x009e4b33394b156eULL, 0x00e245b0dc497e5cULL, + 0x006a54e687eeaeffULL, 0x00f1cd1cd00fdb7cULL)}, + {FIELD_LITERAL(0x008132ae5c5d8cd1ULL, 0x00121d68324a1d9fULL, + 0x00d6be9dafcb8c76ULL, 0x00684d9070edf745ULL, + 0x00519fbc96d7448eULL, 0x00388182fdc1f27eULL, + 0x000235baed41f158ULL, 0x00bf6cf6f1a1796aULL)}, + {FIELD_LITERAL(0x002adc4b4d148219ULL, 0x003084ada0d3a90aULL, + 0x0046de8aab0f2e4eULL, 0x00452d342a67b5fdULL, + 0x00d4b50f01d4de21ULL, 0x00db6d9fc0cefb79ULL, + 0x008c184c86a462cdULL, 0x00e17c83764d42daULL)}, + }}, {{ + {FIELD_LITERAL(0x007b2743b9a1e01aULL, 0x007847ffd42688c4ULL, + 0x006c7844d610a316ULL, 0x00f0cb8b250aa4b0ULL, + 0x00a19060143b3ae6ULL, 0x0014eb10b77cfd80ULL, + 0x000170905729dd06ULL, 0x00063b5b9cd72477ULL)}, + {FIELD_LITERAL(0x00ce382dc7993d92ULL, 0x00021153e938b4c8ULL, + 0x00096f7567f48f51ULL, 0x0058f81ddfe4b0d5ULL, + 0x00cc379a56b355c7ULL, 0x002c760770d3e819ULL, + 0x00ee22d1d26e5a40ULL, 0x00de6d93d5b082d7ULL)}, + {FIELD_LITERAL(0x000a91a42c52e056ULL, 0x00185f6b77fce7eaULL, + 0x000803c51962f6b5ULL, 0x0022528582ba563dULL, + 0x0043f8040e9856d6ULL, 0x0085a29ec81fb860ULL, + 0x005f9a611549f5ffULL, 0x00c1f974ecbd4b06ULL)}, + }}, {{ + {FIELD_LITERAL(0x005b64c6fd65ec97ULL, 0x00c1fdd7f877bc7fULL, + 0x000d9cc6c89f841cULL, 0x005c97b7f1aff9adULL, + 0x0075e3c61475d47eULL, 0x001ecb1ba8153011ULL, + 0x00fe7f1c8d71d40dULL, 0x003fa9757a229832ULL)}, + {FIELD_LITERAL(0x00ffc5c89d2b0cbaULL, 0x00d363d42e3e6fc3ULL, + 0x0019a1a0118e2e8aULL, 0x00f7baeff48882e1ULL, + 0x001bd5af28c6b514ULL, 0x0055476ca2253cb2ULL, + 0x00d8eb1977e2ddf3ULL, 0x00b173b1adb228a1ULL)}, + {FIELD_LITERAL(0x00f2cb99dd0ad707ULL, 0x00e1e08b6859ddd8ULL, + 0x000008f2d0650bccULL, 0x00d7ed392f8615c3ULL, + 0x00976750a94da27fULL, 0x003e83bb0ecb69baULL, + 0x00df8e8d15c14ac6ULL, 0x00f9f7174295d9c2ULL)}, + }}, {{ + {FIELD_LITERAL(0x00f11cc8e0e70bcbULL, 0x00e5dc689974e7ddULL, + 0x0014e409f9ee5870ULL, 0x00826e6689acbd63ULL, + 0x008a6f4e3d895d88ULL, 0x00b26a8da41fd4adULL, + 0x000fb7723f83efd7ULL, 0x009c749db0a5f6c3ULL)}, + {FIELD_LITERAL(0x002389319450f9baULL, 0x003677f31aa1250aULL, + 0x0092c3db642f38cbULL, 0x00f8b64c0dfc9773ULL, + 0x00cd49fe3505b795ULL, 0x0068105a4090a510ULL, + 0x00df0ba2072a8bb6ULL, 0x00eb396143afd8beULL)}, + {FIELD_LITERAL(0x00a0d4ecfb24cdffULL, 0x00ddaf8008ba6479ULL, + 0x00f0b3e36d4b0f44ULL, 0x003734bd3af1f146ULL, + 0x00b87e2efc75527eULL, 0x00d230df55ddab50ULL, + 0x002613257ae56c1dULL, 0x00bc0946d135934dULL)}, + }}, {{ + {FIELD_LITERAL(0x00468711bd994651ULL, 0x0033108fa67561bfULL, + 0x0089d760192a54b4ULL, 0x00adc433de9f1871ULL, + 0x000467d05f36e050ULL, 0x007847e0f0579f7fULL, + 0x00a2314ad320052dULL, 0x00b3a93649f0b243ULL)}, + {FIELD_LITERAL(0x0067f8f0c4fe26c9ULL, 0x0079c4a3cc8f67b9ULL, + 0x0082b1e62f23550dULL, 0x00f2d409caefd7f5ULL, + 0x0080e67dcdb26e81ULL, 0x0087ae993ea1f98aULL, + 0x00aa108becf61d03ULL, 0x001acf11efb608a3ULL)}, + {FIELD_LITERAL(0x008225febbab50d9ULL, 0x00f3b605e4dd2083ULL, + 0x00a32b28189e23d2ULL, 0x00d507e5e5eb4c97ULL, + 0x005a1a84e302821fULL, 0x0006f54c1c5f08c7ULL, + 0x00a347c8cb2843f0ULL, 0x0009f73e9544bfa5ULL)}, + }}, {{ + {FIELD_LITERAL(0x006c59c9ae744185ULL, 0x009fc32f1b4282cdULL, + 0x004d6348ca59b1acULL, 0x00105376881be067ULL, + 0x00af4096013147dcULL, 0x004abfb5a5cb3124ULL, + 0x000d2a7f8626c354ULL, 0x009c6ed568e07431ULL)}, + {FIELD_LITERAL(0x00e828333c297f8bULL, 0x009ef3cf8c3f7e1fULL, + 0x00ab45f8fff31cb9ULL, 0x00c8b4178cb0b013ULL, + 0x00d0c50dd3260a3fULL, 0x0097126ac257f5bcULL, + 0x0042376cc90c705aULL, 0x001d96fdb4a1071eULL)}, + {FIELD_LITERAL(0x00542d44d89ee1a8ULL, 0x00306642e0442d98ULL, + 0x0090853872b87338ULL, 0x002362cbf22dc044ULL, + 0x002c222adff663b8ULL, 0x0067c924495fcb79ULL, + 0x000e621d983c977cULL, 0x00df77a9eccb66fbULL)}, + }}, {{ + {FIELD_LITERAL(0x002809e4bbf1814aULL, 0x00b9e854f9fafb32ULL, + 0x00d35e67c10f7a67ULL, 0x008f1bcb76e748cfULL, + 0x004224d9515687d2ULL, 0x005ba0b774e620c4ULL, + 0x00b5e57db5d54119ULL, 0x00e15babe5683282ULL)}, + {FIELD_LITERAL(0x00832d02369b482cULL, 0x00cba52ff0d93450ULL, + 0x003fa9c908d554dbULL, 0x008d1e357b54122fULL, + 0x00abd91c2dc950c6ULL, 0x007eff1df4c0ec69ULL, + 0x003f6aeb13fb2d31ULL, 0x00002d6179fc5b2cULL)}, + {FIELD_LITERAL(0x0046c9eda81c9c89ULL, 0x00b60cb71c8f62fcULL, + 0x0022f5a683baa558ULL, 0x00f87319fccdf997ULL, + 0x009ca09b51ce6a22ULL, 0x005b12baf4af7d77ULL, + 0x008a46524a1e33e2ULL, 0x00035a77e988be0dULL)}, + }}, {{ + {FIELD_LITERAL(0x00a7efe46a7dbe2fULL, 0x002f66fd55014fe7ULL, + 0x006a428afa1ff026ULL, 0x0056caaa9604ab72ULL, + 0x0033f3bcd7fac8aeULL, 0x00ccb1aa01c86764ULL, + 0x00158d1edf13bf40ULL, 0x009848ee76fcf3b4ULL)}, + {FIELD_LITERAL(0x00a9e7730a819691ULL, 0x00d9cc73c4992b70ULL, + 0x00e299bde067de5aULL, 0x008c314eb705192aULL, + 0x00e7226f17e8a3ccULL, 0x0029dfd956e65a47ULL, + 0x0053a8e839073b12ULL, 0x006f942b2ab1597eULL)}, + {FIELD_LITERAL(0x001c3d780ecd5e39ULL, 0x0094f247fbdcc5feULL, + 0x00d5c786fd527764ULL, 0x00b6f4da74f0db2aULL, + 0x0080f1f8badcd5fcULL, 0x00f36a373ad2e23bULL, + 0x00f804f9f4343bf2ULL, 0x00d1af40ec623982ULL)}, + }}, {{ + {FIELD_LITERAL(0x0082aeace5f1b144ULL, 0x00f68b3108cf4dd3ULL, + 0x00634af01dde3020ULL, 0x000beab5df5c2355ULL, + 0x00e8b790d1b49b0bULL, 0x00e48d15854e36f4ULL, + 0x0040ab2d95f3db9fULL, 0x002711c4ed9e899aULL)}, + {FIELD_LITERAL(0x0039343746531ebeULL, 0x00c8509d835d429dULL, + 0x00e79eceff6b0018ULL, 0x004abfd31e8efce5ULL, + 0x007bbfaaa1e20210ULL, 0x00e3be89c193e179ULL, + 0x001c420f4c31d585ULL, 0x00f414a315bef5aeULL)}, + {FIELD_LITERAL(0x007c296a24990df8ULL, 0x00d5d07525a75588ULL, + 0x00dd8e113e94b7e7ULL, 0x007bbc58febe0cc8ULL, + 0x0029f51af9bfcad3ULL, 0x007e9311ec7ab6f3ULL, + 0x009a884de1676343ULL, 0x0050d5f2dce84be9ULL)}, + }}, {{ + {FIELD_LITERAL(0x005fa020cca2450aULL, 0x00491c29db6416d8ULL, + 0x0037cefe3f9f9a85ULL, 0x003d405230647066ULL, + 0x0049e835f0fdbe89ULL, 0x00feb78ac1a0815cULL, + 0x00828e4b32dc9724ULL, 0x00db84f2dc8d6fd4ULL)}, + {FIELD_LITERAL(0x0098cddc8b39549aULL, 0x006da37e3b05d22cULL, + 0x00ce633cfd4eb3cbULL, 0x00fda288ef526acdULL, + 0x0025338878c5d30aULL, 0x00f34438c4e5a1b4ULL, + 0x00584efea7c310f1ULL, 0x0041a551f1b660adULL)}, + {FIELD_LITERAL(0x00d7f7a8fbd6437aULL, 0x0062872413bf3753ULL, + 0x00ad4bbcb43c584bULL, 0x007fe49be601d7e3ULL, + 0x0077c659789babf4ULL, 0x00eb45fcb06a741bULL, + 0x005ce244913f9708ULL, 0x0088426401736326ULL)}, + }}, {{ + {FIELD_LITERAL(0x007bf562ca768d7cULL, 0x006c1f3a174e387cULL, + 0x00f024b447fee939ULL, 0x007e7af75f01143fULL, + 0x003adb70b4eed89dULL, 0x00e43544021ad79aULL, + 0x0091f7f7042011f6ULL, 0x0093c1a1ee3a0ddcULL)}, + {FIELD_LITERAL(0x00a0b68ec1eb72d2ULL, 0x002c03235c0d45a0ULL, + 0x00553627323fe8c5ULL, 0x006186e94b17af94ULL, + 0x00a9906196e29f14ULL, 0x0025b3aee6567733ULL, + 0x007e0dd840080517ULL, 0x0018eb5801a4ba93ULL)}, + {FIELD_LITERAL(0x00d7fe7017bf6a40ULL, 0x006e3f0624be0c42ULL, + 0x00ffbba205358245ULL, 0x00f9fc2cf8194239ULL, + 0x008d93b37bf15b4eULL, 0x006ddf2e38be8e95ULL, + 0x002b6e79bf5fcff9ULL, 0x00ab355da425e2deULL)}, + }}, {{ + {FIELD_LITERAL(0x00938f97e20be973ULL, 0x0099141a36aaf306ULL, + 0x0057b0ca29e545a1ULL, 0x0085db571f9fbc13ULL, + 0x008b333c554b4693ULL, 0x0043ab6ef3e241cbULL, + 0x0054fb20aa1e5c70ULL, 0x00be0ff852760adfULL)}, + {FIELD_LITERAL(0x003973d8938971d6ULL, 0x002aca26fa80c1f5ULL, + 0x00108af1faa6b513ULL, 0x00daae275d7924e6ULL, + 0x0053634ced721308ULL, 0x00d2355fe0bbd443ULL, + 0x00357612b2d22095ULL, 0x00f9bb9dd4136cf3ULL)}, + {FIELD_LITERAL(0x002bff12cf5e03a5ULL, 0x001bdb1fa8a19cf8ULL, + 0x00c91c6793f84d39ULL, 0x00f869f1b2eba9afULL, + 0x0059bc547dc3236bULL, 0x00d91611d6d38689ULL, + 0x00e062daaa2c0214ULL, 0x00ed3c047cc2bc82ULL)}, + }}, {{ + {FIELD_LITERAL(0x000050d70c32b31aULL, 0x001939d576d437b3ULL, + 0x00d709e598bf9fe6ULL, 0x00a885b34bd2ee9eULL, + 0x00dd4b5c08ab1a50ULL, 0x0091bebd50b55639ULL, + 0x00cf79ff64acdbc6ULL, 0x006067a39d826336ULL)}, + {FIELD_LITERAL(0x0062dd0fb31be374ULL, 0x00fcc96b84c8e727ULL, + 0x003f64f1375e6ae3ULL, 0x0057d9b6dd1af004ULL, + 0x00d6a167b1103c7bULL, 0x00dd28f3180fb537ULL, + 0x004ff27ad7167128ULL, 0x008934c33461f2acULL)}, + {FIELD_LITERAL(0x0065b472b7900043ULL, 0x00ba7efd2ff1064bULL, + 0x000b67d6c4c3020fULL, 0x0012d28469f4e46dULL, + 0x0031c32939703ec7ULL, 0x00b49f0bce133066ULL, + 0x00f7e10416181d47ULL, 0x005c90f51867eeccULL)}, + }}, {{ + {FIELD_LITERAL(0x0051207abd179101ULL, 0x00fc2a5c20d9c5daULL, + 0x00fb9d5f2701b6dfULL, 0x002dd040fdea82b8ULL, + 0x00f163b0738442ffULL, 0x00d9736bd68855b8ULL, + 0x00e0d8e93005e61cULL, 0x00df5a40b3988570ULL)}, + {FIELD_LITERAL(0x0006918f5dfce6dcULL, 0x00d4bf1c793c57fbULL, + 0x0069a3f649435364ULL, 0x00e89a50e5b0cd6eULL, + 0x00b9f6a237e973afULL, 0x006d4ed8b104e41dULL, + 0x00498946a3924cd2ULL, 0x00c136ec5ac9d4f7ULL)}, + {FIELD_LITERAL(0x0011a9c290ac5336ULL, 0x002b9a2d4a6a6533ULL, + 0x009a8a68c445d937ULL, 0x00361b27b07e5e5cULL, + 0x003c043b1755b974ULL, 0x00b7eb66cf1155eeULL, + 0x0077af5909eefff2ULL, 0x0098f609877cc806ULL)}, + }}, {{ + {FIELD_LITERAL(0x00ab13af436bf8f4ULL, 0x000bcf0a0dac8574ULL, + 0x00d50c864f705045ULL, 0x00c40e611debc842ULL, + 0x0085010489bd5caaULL, 0x007c5050acec026fULL, + 0x00f67d943c8da6d1ULL, 0x00de1da0278074c6ULL)}, + {FIELD_LITERAL(0x00b373076597455fULL, 0x00e83f1af53ac0f5ULL, + 0x0041f63c01dc6840ULL, 0x0097dea19b0c6f4bULL, + 0x007f9d63b4c1572cULL, 0x00e692d492d0f5f0ULL, + 0x00cbcb392e83b4adULL, 0x0069c0f39ed9b1a8ULL)}, + {FIELD_LITERAL(0x00861030012707c9ULL, 0x009fbbdc7fd4aafbULL, + 0x008f591d6b554822ULL, 0x00df08a41ea18adeULL, + 0x009d7d83e642abeaULL, 0x0098c71bda3b78ffULL, + 0x0022c89e7021f005ULL, 0x0044d29a3fe1e3c4ULL)}, + }}, {{ + {FIELD_LITERAL(0x00e748cd7b5c52f2ULL, 0x00ea9df883f89cc3ULL, + 0x0018970df156b6c7ULL, 0x00c5a46c2a33a847ULL, + 0x00cbde395e32aa09ULL, 0x0072474ebb423140ULL, + 0x00fb00053086a23dULL, 0x001dafcfe22d4e1fULL)}, + {FIELD_LITERAL(0x00c903ee6d825540ULL, 0x00add6c4cf98473eULL, + 0x007636efed4227f1ULL, 0x00905124ae55e772ULL, + 0x00e6b38fab12ed53ULL, 0x0045e132b863fe55ULL, + 0x003974662edb366aULL, 0x00b1787052be8208ULL)}, + {FIELD_LITERAL(0x00a614b00d775c7cULL, 0x00d7c78941cc7754ULL, + 0x00422dd68b5dabc4ULL, 0x00a6110f0167d28bULL, + 0x00685a309c252886ULL, 0x00b439ffd5143660ULL, + 0x003656e29ee7396fULL, 0x00c7c9b9ed5ad854ULL)}, + }}, {{ + {FIELD_LITERAL(0x0040f7e7c5b37bf2ULL, 0x0064e4dc81181bbaULL, + 0x00a8767ae2a366b6ULL, 0x001496b4f90546f2ULL, + 0x002a28493f860441ULL, 0x0021f59513049a3aULL, + 0x00852d369a8b7ee3ULL, 0x00dd2e7d8b7d30a9ULL)}, + {FIELD_LITERAL(0x00006e34a35d9fbcULL, 0x00eee4e48b2f019aULL, + 0x006b344743003a5fULL, 0x00541d514f04a7e3ULL, + 0x00e81f9ee7647455ULL, 0x005e2b916c438f81ULL, + 0x00116f8137b7eff0ULL, 0x009bd3decc7039d1ULL)}, + {FIELD_LITERAL(0x0005d226f434110dULL, 0x00af8288b8ef21d5ULL, + 0x004a7a52ef181c8cULL, 0x00be0b781b4b06deULL, + 0x00e6e3627ded07e1ULL, 0x00e43aa342272b8bULL, + 0x00e86ab424577d84ULL, 0x00fb292c566e35bbULL)}, + }}, {{ + {FIELD_LITERAL(0x00334f5303ea1222ULL, 0x00dfb3dbeb0a5d3eULL, + 0x002940d9592335c1ULL, 0x00706a7a63e8938aULL, + 0x005a533558bc4cafULL, 0x00558e33192022a9ULL, + 0x00970d9faf74c133ULL, 0x002979fcb63493caULL)}, + {FIELD_LITERAL(0x00e38abece3c82abULL, 0x005a51f18a2c7a86ULL, + 0x009dafa2e86d592eULL, 0x00495a62eb688678ULL, + 0x00b79df74c0eb212ULL, 0x0023e8cc78b75982ULL, + 0x005998cb91075e13ULL, 0x00735aa9ba61bc76ULL)}, + {FIELD_LITERAL(0x00d9f7a82ddbe628ULL, 0x00a1fc782889ae0fULL, + 0x0071ffda12d14b66ULL, 0x0037cf4eca7fb3d5ULL, + 0x00c80bc242c58808ULL, 0x0075bf8c2d08c863ULL, + 0x008d41f31afc52a7ULL, 0x00197962ecf38741ULL)}, + }}, {{ + {FIELD_LITERAL(0x006e9f475cccf2eeULL, 0x00454b9cd506430cULL, + 0x00224a4fb79ee479ULL, 0x0062e3347ef0b5e2ULL, + 0x0034fd2a3512232aULL, 0x00b8b3cb0f457046ULL, + 0x00eb20165daa38ecULL, 0x00128eebc2d9c0f7ULL)}, + {FIELD_LITERAL(0x00bfc5fa1e4ea21fULL, 0x00c21d7b6bb892e6ULL, + 0x00cf043f3acf0291ULL, 0x00c13f2f849b3c90ULL, + 0x00d1a97ebef10891ULL, 0x0061e130a445e7feULL, + 0x0019513fdedbf22bULL, 0x001d60c813bff841ULL)}, + {FIELD_LITERAL(0x0019561c7fcf0213ULL, 0x00e3dca6843ebd77ULL, + 0x0068ea95b9ca920eULL, 0x009bdfb70f253595ULL, + 0x00c68f59186aa02aULL, 0x005aee1cca1c3039ULL, + 0x00ab79a8a937a1ceULL, 0x00b9a0e549959e6fULL)}, + }}, {{ + {FIELD_LITERAL(0x00c79e0b6d97dfbdULL, 0x00917c71fd2bc6e8ULL, + 0x00db7529ccfb63d8ULL, 0x00be5be957f17866ULL, + 0x00a9e11fdc2cdac1ULL, 0x007b91a8e1f44443ULL, + 0x00a3065e4057d80fULL, 0x004825f5b8d5f6d4ULL)}, + {FIELD_LITERAL(0x003e4964fa8a8fc8ULL, 0x00f6a1cdbcf41689ULL, + 0x00943cb18fe7fda7ULL, 0x00606dafbf34440aULL, + 0x005d37a86399c789ULL, 0x00e79a2a69417403ULL, + 0x00fe34f7e68b8866ULL, 0x0011f448ed2df10eULL)}, + {FIELD_LITERAL(0x00f1f57efcc1fcc4ULL, 0x00513679117de154ULL, + 0x002e5b5b7c86d8c3ULL, 0x009f6486561f9cfbULL, + 0x00169e74b0170cf7ULL, 0x00900205af4af696ULL, + 0x006acfddb77853f3ULL, 0x00df184c90f31068ULL)}, + }}, {{ + {FIELD_LITERAL(0x00b37396c3320791ULL, 0x00fc7b67175c5783ULL, + 0x00c36d2cd73ecc38ULL, 0x0080ebcc0b328fc5ULL, + 0x0043a5b22b35d35dULL, 0x00466c9f1713c9daULL, + 0x0026ad346dcaa8daULL, 0x007c684e701183a6ULL)}, + {FIELD_LITERAL(0x00fd579ffb691713ULL, 0x00b76af4f81c412dULL, + 0x00f239de96110f82ULL, 0x00e965fb437f0306ULL, + 0x00ca7e9436900921ULL, 0x00e487f1325fa24aULL, + 0x00633907de476380ULL, 0x00721c62ac5b8ea0ULL)}, + {FIELD_LITERAL(0x00c0d54e542eb4f9ULL, 0x004ed657171c8dcfULL, + 0x00b743a4f7c2a39bULL, 0x00fd9f93ed6cc567ULL, + 0x00307fae3113e58bULL, 0x0058aa577c93c319ULL, + 0x00d254556f35b346ULL, 0x00491aada2203f0dULL)}, + }}, {{ + {FIELD_LITERAL(0x00dff3103786ff34ULL, 0x000144553b1f20c3ULL, + 0x0095613baeb930e4ULL, 0x00098058275ea5d4ULL, + 0x007cd1402b046756ULL, 0x0074d74e4d58aee3ULL, + 0x005f93fc343ff69bULL, 0x00873df17296b3b0ULL)}, + {FIELD_LITERAL(0x00c4a1fb48635413ULL, 0x00b5dd54423ad59fULL, + 0x009ff5d53fd24a88ULL, 0x003c98d267fc06a7ULL, + 0x002db7cb20013641ULL, 0x00bd1d6716e191f2ULL, + 0x006dbc8b29094241ULL, 0x0044bbf233dafa2cULL)}, + {FIELD_LITERAL(0x0055838d41f531e6ULL, 0x00bf6a2dd03c81b2ULL, + 0x005827a061c4839eULL, 0x0000de2cbb36aac3ULL, + 0x002efa29d9717478ULL, 0x00f9e928cc8a77baULL, + 0x00c134b458def9efULL, 0x00958a182223fc48ULL)}, + }}, {{ + {FIELD_LITERAL(0x000a9ee23c06881fULL, 0x002c727d3d871945ULL, + 0x00f47d971512d24aULL, 0x00671e816f9ef31aULL, + 0x00883af2cfaad673ULL, 0x00601f98583d6c9aULL, + 0x00b435f5adc79655ULL, 0x00ad87b71c04bff2ULL)}, + {FIELD_LITERAL(0x007860d99db787cfULL, 0x00fda8983018f4a8ULL, + 0x008c8866bac4743cULL, 0x00ef471f84c82a3fULL, + 0x00abea5976d3b8e7ULL, 0x00714882896cd015ULL, + 0x00b49fae584ddac5ULL, 0x008e33a1a0b69c81ULL)}, + {FIELD_LITERAL(0x007b6ee2c9e8a9ecULL, 0x002455dbbd89d622ULL, + 0x006490cf4eaab038ULL, 0x00d925f6c3081561ULL, + 0x00153b3047de7382ULL, 0x003b421f8bdceb6fULL, + 0x00761a4a5049da78ULL, 0x00980348c5202433ULL)}, + }}, {{ + {FIELD_LITERAL(0x007f8a43da97dd5cULL, 0x00058539c800fc7bULL, + 0x0040f3cf5a28414aULL, 0x00d68dd0d95283d6ULL, + 0x004adce9da90146eULL, 0x00befa41c7d4f908ULL, + 0x007603bc2e3c3060ULL, 0x00bdf360ab3545dbULL)}, + {FIELD_LITERAL(0x00eebfd4e2312cc3ULL, 0x00474b2564e4fc8cULL, + 0x003303ef14b1da9bULL, 0x003c93e0e66beb1dULL, + 0x0013619b0566925aULL, 0x008817c24d901bf3ULL, + 0x00b62bd8898d218bULL, 0x0075a7716f1e88a2ULL)}, + {FIELD_LITERAL(0x0009218da1e6890fULL, 0x0026907f5fd02575ULL, + 0x004dabed5f19d605ULL, 0x003abf181870249dULL, + 0x00b52fd048cc92c4ULL, 0x00b6dd51e415a5c5ULL, + 0x00d9eb82bd2b4014ULL, 0x002c865a43b46b43ULL)}, + }}, {{ + {FIELD_LITERAL(0x0070047189452f4cULL, 0x00f7ad12e1ce78d5ULL, + 0x00af1ba51ec44a8bULL, 0x005f39f63e667cd6ULL, + 0x00058eac4648425eULL, 0x00d7fdab42bea03bULL, + 0x0028576a5688de15ULL, 0x00af973209e77c10ULL)}, + {FIELD_LITERAL(0x00c338b915d8fef0ULL, 0x00a893292045c39aULL, + 0x0028ab4f2eba6887ULL, 0x0060743cb519fd61ULL, + 0x0006213964093ac0ULL, 0x007c0b7a43f6266dULL, + 0x008e3557c4fa5bdaULL, 0x002da976de7b8d9dULL)}, + {FIELD_LITERAL(0x0048729f8a8b6dcdULL, 0x00fe23b85cc4d323ULL, + 0x00e7384d16e4db0eULL, 0x004a423970678942ULL, + 0x00ec0b763345d4baULL, 0x00c477b9f99ed721ULL, + 0x00c29dad3777b230ULL, 0x001c517b466f7df6ULL)}, + }}, {{ + {FIELD_LITERAL(0x006366c380f7b574ULL, 0x001c7d1f09ff0438ULL, + 0x003e20a7301f5b22ULL, 0x00d3efb1916d28f6ULL, + 0x0049f4f81060ce83ULL, 0x00c69d91ea43ced1ULL, + 0x002b6f3e5cd269edULL, 0x005b0fb22ce9ec65ULL)}, + {FIELD_LITERAL(0x00aa2261022d883fULL, 0x00ebcca4548010acULL, + 0x002528512e28a437ULL, 0x0070ca7676b66082ULL, + 0x0084bda170f7c6d3ULL, 0x00581b4747c9b8bbULL, + 0x005c96a01061c7e2ULL, 0x00fb7c4a362b5273ULL)}, + {FIELD_LITERAL(0x00c30020eb512d02ULL, 0x0060f288283a4d26ULL, + 0x00b7ed13becde260ULL, 0x0075ebb74220f6e9ULL, + 0x00701079fcfe8a1fULL, 0x001c28fcdff58938ULL, + 0x002e4544b8f4df6bULL, 0x0060c5bc4f1a7d73ULL)}, + }}, {{ + {FIELD_LITERAL(0x00ae307cf069f701ULL, 0x005859f222dd618bULL, + 0x00212d6c46ec0b0dULL, 0x00a0fe4642afb62dULL, + 0x00420d8e4a0a8903ULL, 0x00a80ff639bdf7b0ULL, + 0x0019bee1490b5d8eULL, 0x007439e4b9c27a86ULL)}, + {FIELD_LITERAL(0x00a94700032a093fULL, 0x0076e96c225216e7ULL, + 0x00a63a4316e45f91ULL, 0x007d8bbb4645d3b2ULL, + 0x00340a6ff22793ebULL, 0x006f935d4572aeb7ULL, + 0x00b1fb69f00afa28ULL, 0x009e8f3423161ed3ULL)}, + {FIELD_LITERAL(0x009ef49c6b5ced17ULL, 0x00a555e6269e9f0aULL, + 0x007e6f1d79ec73b5ULL, 0x009ac78695a32ac4ULL, + 0x0001d77fbbcd5682ULL, 0x008cea1fee0aaeedULL, + 0x00f42bea82a53462ULL, 0x002e46ab96cafcc9ULL)}, + }}, {{ + {FIELD_LITERAL(0x0051cfcc5885377aULL, 0x00dce566cb1803caULL, + 0x00430c7643f2c7d4ULL, 0x00dce1a1337bdcc0ULL, + 0x0010d5bd7283c128ULL, 0x003b1b547f9b46feULL, + 0x000f245e37e770abULL, 0x007b72511f022b37ULL)}, + {FIELD_LITERAL(0x0060db815bc4786cULL, 0x006fab25beedc434ULL, + 0x00c610d06084797cULL, 0x000c48f08537bec0ULL, + 0x0031aba51c5b93daULL, 0x007968fa6e01f347ULL, + 0x0030070da52840c6ULL, 0x00c043c225a4837fULL)}, + {FIELD_LITERAL(0x001bcfd00649ee93ULL, 0x006dceb47e2a0fd5ULL, + 0x00f2cebda0cf8fd0ULL, 0x00b6b9d9d1fbdec3ULL, + 0x00815262e6490611ULL, 0x00ef7f5ce3176760ULL, + 0x00e49cd0c998d58bULL, 0x005fc6cc269ba57cULL)}, + }}, {{ + {FIELD_LITERAL(0x008940211aa0d633ULL, 0x00addae28136571dULL, + 0x00d68fdbba20d673ULL, 0x003bc6129bc9e21aULL, + 0x000346cf184ebe9aULL, 0x0068774d741ebc7fULL, + 0x0019d5e9e6966557ULL, 0x0003cbd7f981b651ULL)}, + {FIELD_LITERAL(0x004a2902926f8d3fULL, 0x00ad79b42637ab75ULL, + 0x0088f60b90f2d4e8ULL, 0x0030f54ef0e398c4ULL, + 0x00021dc9bf99681eULL, 0x007ebf66fde74ee3ULL, + 0x004ade654386e9a4ULL, 0x00e7485066be4c27ULL)}, + {FIELD_LITERAL(0x00445f1263983be0ULL, 0x004cf371dda45e6aULL, + 0x00744a89d5a310e7ULL, 0x001f20ce4f904833ULL, + 0x00e746edebe66e29ULL, 0x000912ab1f6c153dULL, + 0x00f61d77d9b2444cULL, 0x0001499cd6647610ULL)}, }} } }; @@ -343,133 +1063,421 @@ const struct curve448_precomputed_s *curve448_precomputed_base static const niels_t curve448_wnaf_base_table[32] = { {{ - {FIELD_LITERAL(0x00303cda6feea532,0x00860f1d5a3850e4,0x00226b9fa4728ccd,0x00e822938a0a0c0c,0x00263a61c9ea9216,0x001204029321b828,0x006a468360983c65,0x0002846f0a782143)}, - {FIELD_LITERAL(0x00303cda6feea532,0x00860f1d5a3850e4,0x00226b9fa4728ccd,0x006822938a0a0c0c,0x00263a61c9ea9215,0x001204029321b828,0x006a468360983c65,0x0082846f0a782143)}, - {FIELD_LITERAL(0x00ef8e22b275198d,0x00b0eb141a0b0e8b,0x001f6789da3cb38c,0x006d2ff8ed39073e,0x00610bdb69a167f3,0x00571f306c9689b4,0x00f557e6f84b2df8,0x002affd38b2c86db)}, + {FIELD_LITERAL(0x00303cda6feea532ULL, 0x00860f1d5a3850e4ULL, + 0x00226b9fa4728ccdULL, 0x00e822938a0a0c0cULL, + 0x00263a61c9ea9216ULL, 0x001204029321b828ULL, + 0x006a468360983c65ULL, 0x0002846f0a782143ULL)}, + {FIELD_LITERAL(0x00303cda6feea532ULL, 0x00860f1d5a3850e4ULL, + 0x00226b9fa4728ccdULL, 0x006822938a0a0c0cULL, + 0x00263a61c9ea9215ULL, 0x001204029321b828ULL, + 0x006a468360983c65ULL, 0x0082846f0a782143ULL)}, + {FIELD_LITERAL(0x00ef8e22b275198dULL, 0x00b0eb141a0b0e8bULL, + 0x001f6789da3cb38cULL, 0x006d2ff8ed39073eULL, + 0x00610bdb69a167f3ULL, 0x00571f306c9689b4ULL, + 0x00f557e6f84b2df8ULL, 0x002affd38b2c86dbULL)}, }}, {{ - {FIELD_LITERAL(0x00cea0fc8d2e88b5,0x00821612d69f1862,0x0074c283b3e67522,0x005a195ba05a876d,0x000cddfe557feea4,0x008046c795bcc5e5,0x00540969f4d6e119,0x00d27f96d6b143d5)}, - {FIELD_LITERAL(0x000c3b1019d474e8,0x00e19533e4952284,0x00cc9810ba7c920a,0x00f103d2785945ac,0x00bfa5696cc69b34,0x00a8d3d51e9ca839,0x005623cb459586b9,0x00eae7ce1cd52e9e)}, - {FIELD_LITERAL(0x0005a178751dd7d8,0x002cc3844c69c42f,0x00acbfe5efe10539,0x009c20f43431a65a,0x008435d96374a7b3,0x009ee57566877bd3,0x0044691725ed4757,0x001e87bb2fe2c6b2)}, + {FIELD_LITERAL(0x00cea0fc8d2e88b5ULL, 0x00821612d69f1862ULL, + 0x0074c283b3e67522ULL, 0x005a195ba05a876dULL, + 0x000cddfe557feea4ULL, 0x008046c795bcc5e5ULL, + 0x00540969f4d6e119ULL, 0x00d27f96d6b143d5ULL)}, + {FIELD_LITERAL(0x000c3b1019d474e8ULL, 0x00e19533e4952284ULL, + 0x00cc9810ba7c920aULL, 0x00f103d2785945acULL, + 0x00bfa5696cc69b34ULL, 0x00a8d3d51e9ca839ULL, + 0x005623cb459586b9ULL, 0x00eae7ce1cd52e9eULL)}, + {FIELD_LITERAL(0x0005a178751dd7d8ULL, 0x002cc3844c69c42fULL, + 0x00acbfe5efe10539ULL, 0x009c20f43431a65aULL, + 0x008435d96374a7b3ULL, 0x009ee57566877bd3ULL, + 0x0044691725ed4757ULL, 0x001e87bb2fe2c6b2ULL)}, }}, {{ - {FIELD_LITERAL(0x000cedc4debf7a04,0x002ffa45000470ac,0x002e9f9678201915,0x0017da1208c4fe72,0x007d558cc7d656cb,0x0037a827287cf289,0x00142472d3441819,0x009c21f166cf8dd1)}, - {FIELD_LITERAL(0x003ef83af164b2f2,0x000949a5a0525d0d,0x00f4498186cac051,0x00e77ac09ef126d2,0x0073ae0b2c9296e9,0x001c163f6922e3ed,0x0062946159321bea,0x00cfb79b22990b39)}, - {FIELD_LITERAL(0x00b001431ca9e654,0x002d7e5eabcc9a3a,0x0052e8114c2f6747,0x0079ac4f94487f92,0x00bffd919b5d749c,0x00261f92ad15e620,0x00718397b7a97895,0x00c1443e6ebbc0c4)}, + {FIELD_LITERAL(0x000cedc4debf7a04ULL, 0x002ffa45000470acULL, + 0x002e9f9678201915ULL, 0x0017da1208c4fe72ULL, + 0x007d558cc7d656cbULL, 0x0037a827287cf289ULL, + 0x00142472d3441819ULL, 0x009c21f166cf8dd1ULL)}, + {FIELD_LITERAL(0x003ef83af164b2f2ULL, 0x000949a5a0525d0dULL, + 0x00f4498186cac051ULL, 0x00e77ac09ef126d2ULL, + 0x0073ae0b2c9296e9ULL, 0x001c163f6922e3edULL, + 0x0062946159321beaULL, 0x00cfb79b22990b39ULL)}, + {FIELD_LITERAL(0x00b001431ca9e654ULL, 0x002d7e5eabcc9a3aULL, + 0x0052e8114c2f6747ULL, 0x0079ac4f94487f92ULL, + 0x00bffd919b5d749cULL, 0x00261f92ad15e620ULL, + 0x00718397b7a97895ULL, 0x00c1443e6ebbc0c4ULL)}, }}, {{ - {FIELD_LITERAL(0x00eacd90c1e0a049,0x008977935b149fbe,0x0004cb9ba11c93dc,0x009fbd5b3470844d,0x004bc18c9bfc22cf,0x0057679a991839f3,0x00ef15b76fb4092e,0x0074a5173a225041)}, - {FIELD_LITERAL(0x003f5f9d7ec4777b,0x00ab2e733c919c94,0x001bb6c035245ae5,0x00a325a49a883630,0x0033e9a9ea3cea2f,0x00e442a1eaa0e844,0x00b2116d5b0e71b8,0x00c16abed6d64047)}, - {FIELD_LITERAL(0x00c560b5ed051165,0x001945adc5d65094,0x00e221865710f910,0x00cc12bc9e9b8ceb,0x004faa9518914e35,0x0017476d89d42f6d,0x00b8f637c8fa1c8b,0x0088c7d2790864b8)}, + {FIELD_LITERAL(0x00eacd90c1e0a049ULL, 0x008977935b149fbeULL, + 0x0004cb9ba11c93dcULL, 0x009fbd5b3470844dULL, + 0x004bc18c9bfc22cfULL, 0x0057679a991839f3ULL, + 0x00ef15b76fb4092eULL, 0x0074a5173a225041ULL)}, + {FIELD_LITERAL(0x003f5f9d7ec4777bULL, 0x00ab2e733c919c94ULL, + 0x001bb6c035245ae5ULL, 0x00a325a49a883630ULL, + 0x0033e9a9ea3cea2fULL, 0x00e442a1eaa0e844ULL, + 0x00b2116d5b0e71b8ULL, 0x00c16abed6d64047ULL)}, + {FIELD_LITERAL(0x00c560b5ed051165ULL, 0x001945adc5d65094ULL, + 0x00e221865710f910ULL, 0x00cc12bc9e9b8cebULL, + 0x004faa9518914e35ULL, 0x0017476d89d42f6dULL, + 0x00b8f637c8fa1c8bULL, 0x0088c7d2790864b8ULL)}, }}, {{ - {FIELD_LITERAL(0x00ef7eafc1c69be6,0x0085d3855778fbea,0x002c8d5b450cb6f5,0x004e77de5e1e7fec,0x0047c057893abded,0x001b430b85d51e16,0x00965c7b45640c3c,0x00487b2bb1162b97)}, - {FIELD_LITERAL(0x0099c73a311beec2,0x00a3eff38d8912ad,0x002efa9d1d7e8972,0x00f717ae1e14d126,0x002833f795850c8b,0x0066c12ad71486bd,0x00ae9889da4820eb,0x00d6044309555c08)}, - {FIELD_LITERAL(0x004b1c5283d15e41,0x00669d8ea308ff75,0x0004390233f762a1,0x00e1d67b83cb6cec,0x003eebaa964c78b1,0x006b0aff965eb664,0x00b313d4470bdc37,0x008814ffcb3cb9d8)}, + {FIELD_LITERAL(0x00ef7eafc1c69be6ULL, 0x0085d3855778fbeaULL, + 0x002c8d5b450cb6f5ULL, 0x004e77de5e1e7fecULL, + 0x0047c057893abdedULL, 0x001b430b85d51e16ULL, + 0x00965c7b45640c3cULL, 0x00487b2bb1162b97ULL)}, + {FIELD_LITERAL(0x0099c73a311beec2ULL, 0x00a3eff38d8912adULL, + 0x002efa9d1d7e8972ULL, 0x00f717ae1e14d126ULL, + 0x002833f795850c8bULL, 0x0066c12ad71486bdULL, + 0x00ae9889da4820ebULL, 0x00d6044309555c08ULL)}, + {FIELD_LITERAL(0x004b1c5283d15e41ULL, 0x00669d8ea308ff75ULL, + 0x0004390233f762a1ULL, 0x00e1d67b83cb6cecULL, + 0x003eebaa964c78b1ULL, 0x006b0aff965eb664ULL, + 0x00b313d4470bdc37ULL, 0x008814ffcb3cb9d8ULL)}, }}, {{ - {FIELD_LITERAL(0x009724b8ce68db70,0x007678b5ed006f3d,0x00bdf4b89c0abd73,0x00299748e04c7c6d,0x00ddd86492c3c977,0x00c5a7febfa30a99,0x00ed84715b4b02bb,0x00319568adf70486)}, - {FIELD_LITERAL(0x0070ff2d864de5bb,0x005a37eeb637ee95,0x0033741c258de160,0x00e6ca5cb1988f46,0x001ceabd92a24661,0x0030957bd500fe40,0x001c3362afe912c5,0x005187889f678bd2)}, - {FIELD_LITERAL(0x0086835fc62bbdc7,0x009c3516ca4910a1,0x00956c71f8d00783,0x0095c78fcf63235f,0x00fc7ff6ba05c222,0x00cdd8b3f8d74a52,0x00ac5ae16de8256e,0x00e9d4be8ed48624)}, + {FIELD_LITERAL(0x009724b8ce68db70ULL, 0x007678b5ed006f3dULL, + 0x00bdf4b89c0abd73ULL, 0x00299748e04c7c6dULL, + 0x00ddd86492c3c977ULL, 0x00c5a7febfa30a99ULL, + 0x00ed84715b4b02bbULL, 0x00319568adf70486ULL)}, + {FIELD_LITERAL(0x0070ff2d864de5bbULL, 0x005a37eeb637ee95ULL, + 0x0033741c258de160ULL, 0x00e6ca5cb1988f46ULL, + 0x001ceabd92a24661ULL, 0x0030957bd500fe40ULL, + 0x001c3362afe912c5ULL, 0x005187889f678bd2ULL)}, + {FIELD_LITERAL(0x0086835fc62bbdc7ULL, 0x009c3516ca4910a1ULL, + 0x00956c71f8d00783ULL, 0x0095c78fcf63235fULL, + 0x00fc7ff6ba05c222ULL, 0x00cdd8b3f8d74a52ULL, + 0x00ac5ae16de8256eULL, 0x00e9d4be8ed48624ULL)}, }}, {{ - {FIELD_LITERAL(0x00c0ce11405df2d8,0x004e3f37b293d7b6,0x002410172e1ac6db,0x00b8dbff4bf8143d,0x003a7b409d56eb66,0x003e0f6a0dfef9af,0x0081c4e4d3645be1,0x00ce76076b127623)}, - {FIELD_LITERAL(0x00f6ee0f98974239,0x0042d89af07d3a4f,0x00846b7fe84346b5,0x006a21fc6a8d39a1,0x00ac8bc2541ff2d9,0x006d4e2a77732732,0x009a39b694cc3f2f,0x0085c0aa2a404c8f)}, - {FIELD_LITERAL(0x00b261101a218548,0x00c1cae96424277b,0x00869da0a77dd268,0x00bc0b09f8ec83ea,0x00d61027f8e82ba9,0x00aa4c85999dce67,0x00eac3132b9f3fe1,0x00fb9b0cf1c695d2)}, + {FIELD_LITERAL(0x00c0ce11405df2d8ULL, 0x004e3f37b293d7b6ULL, + 0x002410172e1ac6dbULL, 0x00b8dbff4bf8143dULL, + 0x003a7b409d56eb66ULL, 0x003e0f6a0dfef9afULL, + 0x0081c4e4d3645be1ULL, 0x00ce76076b127623ULL)}, + {FIELD_LITERAL(0x00f6ee0f98974239ULL, 0x0042d89af07d3a4fULL, + 0x00846b7fe84346b5ULL, 0x006a21fc6a8d39a1ULL, + 0x00ac8bc2541ff2d9ULL, 0x006d4e2a77732732ULL, + 0x009a39b694cc3f2fULL, 0x0085c0aa2a404c8fULL)}, + {FIELD_LITERAL(0x00b261101a218548ULL, 0x00c1cae96424277bULL, + 0x00869da0a77dd268ULL, 0x00bc0b09f8ec83eaULL, + 0x00d61027f8e82ba9ULL, 0x00aa4c85999dce67ULL, + 0x00eac3132b9f3fe1ULL, 0x00fb9b0cf1c695d2ULL)}, }}, {{ - {FIELD_LITERAL(0x0043079295512f0d,0x0046a009861758e0,0x003ee2842a807378,0x0034cc9d1298e4fa,0x009744eb4d31b3ee,0x00afacec96650cd0,0x00ac891b313761ae,0x00e864d6d26e708a)}, - {FIELD_LITERAL(0x00a84d7c8a23b491,0x0088e19aa868b27f,0x0005986d43e78ce9,0x00f28012f0606d28,0x0017ded7e10249b3,0x005ed4084b23af9b,0x00b9b0a940564472,0x00ad9056cceeb1f4)}, - {FIELD_LITERAL(0x00db91b357fe755e,0x00a1aa544b15359c,0x00af4931a0195574,0x007686124fe11aef,0x00d1ead3c7b9ef7e,0x00aaf5fc580f8c15,0x00e727be147ee1ec,0x003c61c1e1577b86)}, + {FIELD_LITERAL(0x0043079295512f0dULL, 0x0046a009861758e0ULL, + 0x003ee2842a807378ULL, 0x0034cc9d1298e4faULL, + 0x009744eb4d31b3eeULL, 0x00afacec96650cd0ULL, + 0x00ac891b313761aeULL, 0x00e864d6d26e708aULL)}, + {FIELD_LITERAL(0x00a84d7c8a23b491ULL, 0x0088e19aa868b27fULL, + 0x0005986d43e78ce9ULL, 0x00f28012f0606d28ULL, + 0x0017ded7e10249b3ULL, 0x005ed4084b23af9bULL, + 0x00b9b0a940564472ULL, 0x00ad9056cceeb1f4ULL)}, + {FIELD_LITERAL(0x00db91b357fe755eULL, 0x00a1aa544b15359cULL, + 0x00af4931a0195574ULL, 0x007686124fe11aefULL, + 0x00d1ead3c7b9ef7eULL, 0x00aaf5fc580f8c15ULL, + 0x00e727be147ee1ecULL, 0x003c61c1e1577b86ULL)}, }}, {{ - {FIELD_LITERAL(0x009d3fca983220cf,0x00cd11acbc853dc4,0x0017590409d27f1d,0x00d2176698082802,0x00fa01251b2838c8,0x00dd297a0d9b51c6,0x00d76c92c045820a,0x00534bc7c46c9033)}, - {FIELD_LITERAL(0x0080ed9bc9b07338,0x00fceac7745d2652,0x008a9d55f5f2cc69,0x0096ce72df301ac5,0x00f53232e7974d87,0x0071728c7ae73947,0x0090507602570778,0x00cb81cfd883b1b2)}, - {FIELD_LITERAL(0x005011aadea373da,0x003a8578ec896034,0x00f20a6535fa6d71,0x005152d31e5a87cf,0x002bac1c8e68ca31,0x00b0e323db4c1381,0x00f1d596b7d5ae25,0x00eae458097cb4e0)}, + {FIELD_LITERAL(0x009d3fca983220cfULL, 0x00cd11acbc853dc4ULL, + 0x0017590409d27f1dULL, 0x00d2176698082802ULL, + 0x00fa01251b2838c8ULL, 0x00dd297a0d9b51c6ULL, + 0x00d76c92c045820aULL, 0x00534bc7c46c9033ULL)}, + {FIELD_LITERAL(0x0080ed9bc9b07338ULL, 0x00fceac7745d2652ULL, + 0x008a9d55f5f2cc69ULL, 0x0096ce72df301ac5ULL, + 0x00f53232e7974d87ULL, 0x0071728c7ae73947ULL, + 0x0090507602570778ULL, 0x00cb81cfd883b1b2ULL)}, + {FIELD_LITERAL(0x005011aadea373daULL, 0x003a8578ec896034ULL, + 0x00f20a6535fa6d71ULL, 0x005152d31e5a87cfULL, + 0x002bac1c8e68ca31ULL, 0x00b0e323db4c1381ULL, + 0x00f1d596b7d5ae25ULL, 0x00eae458097cb4e0ULL)}, }}, {{ - {FIELD_LITERAL(0x00920ac80f9b0d21,0x00f80f7f73401246,0x0086d37849b557d6,0x0002bd4b317b752e,0x00b26463993a42bb,0x002070422a73b129,0x00341acaa0380cb3,0x00541914dd66a1b2)}, - {FIELD_LITERAL(0x00c1513cd66abe8c,0x000139e01118944d,0x0064abbcb8080bbb,0x00b3b08202473142,0x00c629ef25da2403,0x00f0aec3310d9b7f,0x0050b2227472d8cd,0x00f6c8a922d41fb4)}, - {FIELD_LITERAL(0x001075ccf26b7b1f,0x00bb6bb213170433,0x00e9491ad262da79,0x009ef4f48d2d384c,0x008992770766f09d,0x001584396b6b1101,0x00af3f8676c9feef,0x0024603c40269118)}, + {FIELD_LITERAL(0x00920ac80f9b0d21ULL, 0x00f80f7f73401246ULL, + 0x0086d37849b557d6ULL, 0x0002bd4b317b752eULL, + 0x00b26463993a42bbULL, 0x002070422a73b129ULL, + 0x00341acaa0380cb3ULL, 0x00541914dd66a1b2ULL)}, + {FIELD_LITERAL(0x00c1513cd66abe8cULL, 0x000139e01118944dULL, + 0x0064abbcb8080bbbULL, 0x00b3b08202473142ULL, + 0x00c629ef25da2403ULL, 0x00f0aec3310d9b7fULL, + 0x0050b2227472d8cdULL, 0x00f6c8a922d41fb4ULL)}, + {FIELD_LITERAL(0x001075ccf26b7b1fULL, 0x00bb6bb213170433ULL, + 0x00e9491ad262da79ULL, 0x009ef4f48d2d384cULL, + 0x008992770766f09dULL, 0x001584396b6b1101ULL, + 0x00af3f8676c9feefULL, 0x0024603c40269118ULL)}, }}, {{ - {FIELD_LITERAL(0x009dd7b31319527c,0x001e7ac948d873a9,0x00fa54b46ef9673a,0x0066efb8d5b02fe6,0x00754b1d3928aeae,0x0004262ac72a6f6b,0x0079b7d49a6eb026,0x003126a753540102)}, - {FIELD_LITERAL(0x009666e24f693947,0x00f714311269d45f,0x0010ffac1d0c851c,0x0066e80c37363497,0x00f1f4ad010c60b0,0x0015c87408470ff7,0x00651d5e9c7766a4,0x008138819d7116de)}, - {FIELD_LITERAL(0x003934b11c57253b,0x00ef308edf21f46e,0x00e54e99c7a16198,0x0080d57135764e63,0x00751c27b946bc24,0x00dd389ce4e9e129,0x00a1a2bfd1cd84dc,0x002fae73e5149b32)}, + {FIELD_LITERAL(0x009dd7b31319527cULL, 0x001e7ac948d873a9ULL, + 0x00fa54b46ef9673aULL, 0x0066efb8d5b02fe6ULL, + 0x00754b1d3928aeaeULL, 0x0004262ac72a6f6bULL, + 0x0079b7d49a6eb026ULL, 0x003126a753540102ULL)}, + {FIELD_LITERAL(0x009666e24f693947ULL, 0x00f714311269d45fULL, + 0x0010ffac1d0c851cULL, 0x0066e80c37363497ULL, + 0x00f1f4ad010c60b0ULL, 0x0015c87408470ff7ULL, + 0x00651d5e9c7766a4ULL, 0x008138819d7116deULL)}, + {FIELD_LITERAL(0x003934b11c57253bULL, 0x00ef308edf21f46eULL, + 0x00e54e99c7a16198ULL, 0x0080d57135764e63ULL, + 0x00751c27b946bc24ULL, 0x00dd389ce4e9e129ULL, + 0x00a1a2bfd1cd84dcULL, 0x002fae73e5149b32ULL)}, }}, {{ - {FIELD_LITERAL(0x00911657dffb4cdd,0x00c100b7cc553d06,0x00449d075ec467cc,0x007062100bc64e70,0x0043cf86f7bd21e7,0x00f401dc4b797dea,0x005224afb2f62e65,0x00d1ede3fb5a42be)}, - {FIELD_LITERAL(0x00f2ba36a41aa144,0x00a0c22d946ee18f,0x008aae8ef9a14f99,0x00eef4d79b19bb36,0x008e75ce3d27b1fc,0x00a65daa03b29a27,0x00d9cc83684eb145,0x009e1ed80cc2ed74)}, - {FIELD_LITERAL(0x00bed953d1997988,0x00b93ed175a24128,0x00871c5963fb6365,0x00ca2df20014a787,0x00f5d9c1d0b34322,0x00f6f5942818db0a,0x004cc091f49c9906,0x00e8a188a60bff9f)}, + {FIELD_LITERAL(0x00911657dffb4cddULL, 0x00c100b7cc553d06ULL, + 0x00449d075ec467ccULL, 0x007062100bc64e70ULL, + 0x0043cf86f7bd21e7ULL, 0x00f401dc4b797deaULL, + 0x005224afb2f62e65ULL, 0x00d1ede3fb5a42beULL)}, + {FIELD_LITERAL(0x00f2ba36a41aa144ULL, 0x00a0c22d946ee18fULL, + 0x008aae8ef9a14f99ULL, 0x00eef4d79b19bb36ULL, + 0x008e75ce3d27b1fcULL, 0x00a65daa03b29a27ULL, + 0x00d9cc83684eb145ULL, 0x009e1ed80cc2ed74ULL)}, + {FIELD_LITERAL(0x00bed953d1997988ULL, 0x00b93ed175a24128ULL, + 0x00871c5963fb6365ULL, 0x00ca2df20014a787ULL, + 0x00f5d9c1d0b34322ULL, 0x00f6f5942818db0aULL, + 0x004cc091f49c9906ULL, 0x00e8a188a60bff9fULL)}, }}, {{ - {FIELD_LITERAL(0x0032c7762032fae8,0x00e4087232e0bc21,0x00f767344b6e8d85,0x00bbf369b76c2aa2,0x008a1f46c6e1570c,0x001368cd9780369f,0x007359a39d079430,0x0003646512921434)}, - {FIELD_LITERAL(0x007c4b47ca7c73e7,0x005396221039734b,0x008b64ddf0e45d7e,0x00bfad5af285e6c2,0x008ec711c5b1a1a8,0x00cf663301237f98,0x00917ee3f1655126,0x004152f337efedd8)}, - {FIELD_LITERAL(0x0007c7edc9305daa,0x000a6664f273701c,0x00f6e78795e200b1,0x005d05b9ecd2473e,0x0014f5f17c865786,0x00c7fd2d166fa995,0x004939a2d8eb80e0,0x002244ba0942c199)}, + {FIELD_LITERAL(0x0032c7762032fae8ULL, 0x00e4087232e0bc21ULL, + 0x00f767344b6e8d85ULL, 0x00bbf369b76c2aa2ULL, + 0x008a1f46c6e1570cULL, 0x001368cd9780369fULL, + 0x007359a39d079430ULL, 0x0003646512921434ULL)}, + {FIELD_LITERAL(0x007c4b47ca7c73e7ULL, 0x005396221039734bULL, + 0x008b64ddf0e45d7eULL, 0x00bfad5af285e6c2ULL, + 0x008ec711c5b1a1a8ULL, 0x00cf663301237f98ULL, + 0x00917ee3f1655126ULL, 0x004152f337efedd8ULL)}, + {FIELD_LITERAL(0x0007c7edc9305daaULL, 0x000a6664f273701cULL, + 0x00f6e78795e200b1ULL, 0x005d05b9ecd2473eULL, + 0x0014f5f17c865786ULL, 0x00c7fd2d166fa995ULL, + 0x004939a2d8eb80e0ULL, 0x002244ba0942c199ULL)}, }}, {{ - {FIELD_LITERAL(0x00321e767f0262cf,0x002e57d776caf68e,0x00bf2c94814f0437,0x00c339196acd622f,0x001db4cce71e2770,0x001ded5ddba6eee2,0x0078608ab1554c8d,0x00067fe0ab76365b)}, - {FIELD_LITERAL(0x00f09758e11e3985,0x00169efdbd64fad3,0x00e8889b7d6dacd6,0x0035cdd58ea88209,0x00bcda47586d7f49,0x003cdddcb2879088,0x0016da70187e954b,0x009556ea2e92aacd)}, - {FIELD_LITERAL(0x008cab16bd1ff897,0x00b389972cdf753f,0x00ea8ed1e46dfdc0,0x004fe7ef94c589f4,0x002b8ae9b805ecf3,0x0025c08d892874a5,0x0023938e98d44c4c,0x00f759134cabf69c)}, + {FIELD_LITERAL(0x00321e767f0262cfULL, 0x002e57d776caf68eULL, + 0x00bf2c94814f0437ULL, 0x00c339196acd622fULL, + 0x001db4cce71e2770ULL, 0x001ded5ddba6eee2ULL, + 0x0078608ab1554c8dULL, 0x00067fe0ab76365bULL)}, + {FIELD_LITERAL(0x00f09758e11e3985ULL, 0x00169efdbd64fad3ULL, + 0x00e8889b7d6dacd6ULL, 0x0035cdd58ea88209ULL, + 0x00bcda47586d7f49ULL, 0x003cdddcb2879088ULL, + 0x0016da70187e954bULL, 0x009556ea2e92aacdULL)}, + {FIELD_LITERAL(0x008cab16bd1ff897ULL, 0x00b389972cdf753fULL, + 0x00ea8ed1e46dfdc0ULL, 0x004fe7ef94c589f4ULL, + 0x002b8ae9b805ecf3ULL, 0x0025c08d892874a5ULL, + 0x0023938e98d44c4cULL, 0x00f759134cabf69cULL)}, }}, {{ - {FIELD_LITERAL(0x006c2a84678e4b3b,0x007a194aacd1868f,0x00ed0225af424761,0x00da0a6f293c64b8,0x001062ac5c6a7a18,0x0030f5775a8aeef4,0x0002acaad76b7af0,0x00410b8fd63a579f)}, - {FIELD_LITERAL(0x001ec59db3d9590e,0x001e9e3f1c3f182d,0x0045a9c3ec2cab14,0x0008198572aeb673,0x00773b74068bd167,0x0012535eaa395434,0x0044dba9e3bbb74a,0x002fba4d3c74bd0e)}, - {FIELD_LITERAL(0x0042bf08fe66922c,0x003318b8fbb49e8c,0x00d75946004aa14c,0x00f601586b42bf1c,0x00c74cf1d912fe66,0x00abcb36974b30ad,0x007eb78720c9d2b8,0x009f54ab7bd4df85)}, + {FIELD_LITERAL(0x006c2a84678e4b3bULL, 0x007a194aacd1868fULL, + 0x00ed0225af424761ULL, 0x00da0a6f293c64b8ULL, + 0x001062ac5c6a7a18ULL, 0x0030f5775a8aeef4ULL, + 0x0002acaad76b7af0ULL, 0x00410b8fd63a579fULL)}, + {FIELD_LITERAL(0x001ec59db3d9590eULL, 0x001e9e3f1c3f182dULL, + 0x0045a9c3ec2cab14ULL, 0x0008198572aeb673ULL, + 0x00773b74068bd167ULL, 0x0012535eaa395434ULL, + 0x0044dba9e3bbb74aULL, 0x002fba4d3c74bd0eULL)}, + {FIELD_LITERAL(0x0042bf08fe66922cULL, 0x003318b8fbb49e8cULL, + 0x00d75946004aa14cULL, 0x00f601586b42bf1cULL, + 0x00c74cf1d912fe66ULL, 0x00abcb36974b30adULL, + 0x007eb78720c9d2b8ULL, 0x009f54ab7bd4df85ULL)}, }}, {{ - {FIELD_LITERAL(0x00db9fc948f73826,0x00fa8b3746ed8ee9,0x00132cb65aafbeb2,0x00c36ff3fe7925b8,0x00837daed353d2fe,0x00ec661be0667cf4,0x005beb8ed2e90204,0x00d77dd69e564967)}, - {FIELD_LITERAL(0x0042e6268b861751,0x0008dd0469500c16,0x00b51b57c338a3fd,0x00cc4497d85cff6b,0x002f13d6b57c34a4,0x0083652eaf301105,0x00cc344294cc93a8,0x0060f4d02810e270)}, - {FIELD_LITERAL(0x00a8954363cd518b,0x00ad171124bccb7b,0x0065f46a4adaae00,0x001b1a5b2a96e500,0x0043fe24f8233285,0x0066996d8ae1f2c3,0x00c530f3264169f9,0x00c0f92d07cf6a57)}, + {FIELD_LITERAL(0x00db9fc948f73826ULL, 0x00fa8b3746ed8ee9ULL, + 0x00132cb65aafbeb2ULL, 0x00c36ff3fe7925b8ULL, + 0x00837daed353d2feULL, 0x00ec661be0667cf4ULL, + 0x005beb8ed2e90204ULL, 0x00d77dd69e564967ULL)}, + {FIELD_LITERAL(0x0042e6268b861751ULL, 0x0008dd0469500c16ULL, + 0x00b51b57c338a3fdULL, 0x00cc4497d85cff6bULL, + 0x002f13d6b57c34a4ULL, 0x0083652eaf301105ULL, + 0x00cc344294cc93a8ULL, 0x0060f4d02810e270ULL)}, + {FIELD_LITERAL(0x00a8954363cd518bULL, 0x00ad171124bccb7bULL, + 0x0065f46a4adaae00ULL, 0x001b1a5b2a96e500ULL, + 0x0043fe24f8233285ULL, 0x0066996d8ae1f2c3ULL, + 0x00c530f3264169f9ULL, 0x00c0f92d07cf6a57ULL)}, }}, {{ - {FIELD_LITERAL(0x0036a55c6815d943,0x008c8d1def993db3,0x002e0e1e8ff7318f,0x00d883a4b92db00a,0x002f5e781ae33906,0x001a72adb235c06d,0x00f2e59e736e9caa,0x001a4b58e3031914)}, - {FIELD_LITERAL(0x00d73bfae5e00844,0x00bf459766fb5f52,0x0061b4f5a5313cde,0x004392d4c3b95514,0x000d3551b1077523,0x0000998840ee5d71,0x006de6e340448b7b,0x00251aa504875d6e)}, - {FIELD_LITERAL(0x003bf343427ac342,0x00adc0a78642b8c5,0x0003b893175a8314,0x0061a34ade5703bc,0x00ea3ea8bb71d632,0x00be0df9a1f198c2,0x0046dd8e7c1635fb,0x00f1523fdd25d5e5)}, + {FIELD_LITERAL(0x0036a55c6815d943ULL, 0x008c8d1def993db3ULL, + 0x002e0e1e8ff7318fULL, 0x00d883a4b92db00aULL, + 0x002f5e781ae33906ULL, 0x001a72adb235c06dULL, + 0x00f2e59e736e9caaULL, 0x001a4b58e3031914ULL)}, + {FIELD_LITERAL(0x00d73bfae5e00844ULL, 0x00bf459766fb5f52ULL, + 0x0061b4f5a5313cdeULL, 0x004392d4c3b95514ULL, + 0x000d3551b1077523ULL, 0x0000998840ee5d71ULL, + 0x006de6e340448b7bULL, 0x00251aa504875d6eULL)}, + {FIELD_LITERAL(0x003bf343427ac342ULL, 0x00adc0a78642b8c5ULL, + 0x0003b893175a8314ULL, 0x0061a34ade5703bcULL, + 0x00ea3ea8bb71d632ULL, 0x00be0df9a1f198c2ULL, + 0x0046dd8e7c1635fbULL, 0x00f1523fdd25d5e5ULL)}, }}, {{ - {FIELD_LITERAL(0x00633f63fc9dd406,0x00e713ff80e04a43,0x0060c6e970f2d621,0x00a57cd7f0df1891,0x00f2406a550650bb,0x00b064290efdc684,0x001eab0144d17916,0x00cd15f863c293ab)}, - {FIELD_LITERAL(0x0029cec55273f70d,0x007044ee275c6340,0x0040f637a93015e2,0x00338bb78db5aae9,0x001491b2a6132147,0x00a125d6cfe6bde3,0x005f7ac561ba8669,0x001d5eaea3fbaacf)}, - {FIELD_LITERAL(0x00054e9635e3be31,0x000e43f31e2872be,0x00d05b1c9e339841,0x006fac50bd81fd98,0x00cdc7852eaebb09,0x004ff519b061991b,0x009099e8107d4c85,0x00273e24c36a4a61)}, + {FIELD_LITERAL(0x00633f63fc9dd406ULL, 0x00e713ff80e04a43ULL, + 0x0060c6e970f2d621ULL, 0x00a57cd7f0df1891ULL, + 0x00f2406a550650bbULL, 0x00b064290efdc684ULL, + 0x001eab0144d17916ULL, 0x00cd15f863c293abULL)}, + {FIELD_LITERAL(0x0029cec55273f70dULL, 0x007044ee275c6340ULL, + 0x0040f637a93015e2ULL, 0x00338bb78db5aae9ULL, + 0x001491b2a6132147ULL, 0x00a125d6cfe6bde3ULL, + 0x005f7ac561ba8669ULL, 0x001d5eaea3fbaacfULL)}, + {FIELD_LITERAL(0x00054e9635e3be31ULL, 0x000e43f31e2872beULL, + 0x00d05b1c9e339841ULL, 0x006fac50bd81fd98ULL, + 0x00cdc7852eaebb09ULL, 0x004ff519b061991bULL, + 0x009099e8107d4c85ULL, 0x00273e24c36a4a61ULL)}, }}, {{ - {FIELD_LITERAL(0x00070b4441ef2c46,0x00efa5b02801a109,0x00bf0b8c3ee64adf,0x008a67e0b3452e98,0x001916b1f2fa7a74,0x00d781a78ff6cdc3,0x008682ce57e5c919,0x00cc1109dd210da3)}, - {FIELD_LITERAL(0x00cae8aaff388663,0x005e983a35dda1c7,0x007ab1030d8e37f4,0x00e48940f5d032fe,0x006a36f9ef30b331,0x009be6f03958c757,0x0086231ceba91400,0x008bd0f7b823e7aa)}, - {FIELD_LITERAL(0x00cf881ebef5a45a,0x004ebea78e7c6f2c,0x0090da9209cf26a0,0x00de2b2e4c775b84,0x0071d6031c3c15ae,0x00d9e927ef177d70,0x00894ee8c23896fd,0x00e3b3b401e41aad)}, + {FIELD_LITERAL(0x00070b4441ef2c46ULL, 0x00efa5b02801a109ULL, + 0x00bf0b8c3ee64adfULL, 0x008a67e0b3452e98ULL, + 0x001916b1f2fa7a74ULL, 0x00d781a78ff6cdc3ULL, + 0x008682ce57e5c919ULL, 0x00cc1109dd210da3ULL)}, + {FIELD_LITERAL(0x00cae8aaff388663ULL, 0x005e983a35dda1c7ULL, + 0x007ab1030d8e37f4ULL, 0x00e48940f5d032feULL, + 0x006a36f9ef30b331ULL, 0x009be6f03958c757ULL, + 0x0086231ceba91400ULL, 0x008bd0f7b823e7aaULL)}, + {FIELD_LITERAL(0x00cf881ebef5a45aULL, 0x004ebea78e7c6f2cULL, + 0x0090da9209cf26a0ULL, 0x00de2b2e4c775b84ULL, + 0x0071d6031c3c15aeULL, 0x00d9e927ef177d70ULL, + 0x00894ee8c23896fdULL, 0x00e3b3b401e41aadULL)}, }}, {{ - {FIELD_LITERAL(0x00204fef26864170,0x00819269c5dee0f8,0x00bfb4713ec97966,0x0026339a6f34df78,0x001f26e64c761dc2,0x00effe3af313cb60,0x00e17b70138f601b,0x00f16e1ccd9ede5e)}, - {FIELD_LITERAL(0x005d9a8353fdb2db,0x0055cc2048c698f0,0x00f6c4ac89657218,0x00525034d73faeb2,0x00435776fbda3c7d,0x0070ea5312323cbc,0x007a105d44d069fb,0x006dbc8d6dc786aa)}, - {FIELD_LITERAL(0x0017cff19cd394ec,0x00fef7b810922587,0x00e6483970dff548,0x00ddf36ad6874264,0x00e61778523fcce2,0x0093a66c0c93b24a,0x00fd367114db7f86,0x007652d7ddce26dd)}, + {FIELD_LITERAL(0x00204fef26864170ULL, 0x00819269c5dee0f8ULL, + 0x00bfb4713ec97966ULL, 0x0026339a6f34df78ULL, + 0x001f26e64c761dc2ULL, 0x00effe3af313cb60ULL, + 0x00e17b70138f601bULL, 0x00f16e1ccd9ede5eULL)}, + {FIELD_LITERAL(0x005d9a8353fdb2dbULL, 0x0055cc2048c698f0ULL, + 0x00f6c4ac89657218ULL, 0x00525034d73faeb2ULL, + 0x00435776fbda3c7dULL, 0x0070ea5312323cbcULL, + 0x007a105d44d069fbULL, 0x006dbc8d6dc786aaULL)}, + {FIELD_LITERAL(0x0017cff19cd394ecULL, 0x00fef7b810922587ULL, + 0x00e6483970dff548ULL, 0x00ddf36ad6874264ULL, + 0x00e61778523fcce2ULL, 0x0093a66c0c93b24aULL, + 0x00fd367114db7f86ULL, 0x007652d7ddce26ddULL)}, }}, {{ - {FIELD_LITERAL(0x00d92ced7ba12843,0x00aea9c7771e86e7,0x0046639693354f7b,0x00a628dbb6a80c47,0x003a0b0507372953,0x00421113ab45c0d9,0x00e545f08362ab7a,0x0028ce087b4d6d96)}, - {FIELD_LITERAL(0x00a67ee7cf9f99eb,0x005713b275f2ff68,0x00f1d536a841513d,0x00823b59b024712e,0x009c46b9d0d38cec,0x00cdb1595aa2d7d4,0x008375b3423d9af8,0x000ab0b516d978f7)}, - {FIELD_LITERAL(0x00428dcb3c510b0f,0x00585607ea24bb4e,0x003736bf1603687a,0x00c47e568c4fe3c7,0x003cd00282848605,0x0043a487c3b91939,0x004ffc04e1095a06,0x00a4c989a3d4b918)}, + {FIELD_LITERAL(0x00d92ced7ba12843ULL, 0x00aea9c7771e86e7ULL, + 0x0046639693354f7bULL, 0x00a628dbb6a80c47ULL, + 0x003a0b0507372953ULL, 0x00421113ab45c0d9ULL, + 0x00e545f08362ab7aULL, 0x0028ce087b4d6d96ULL)}, + {FIELD_LITERAL(0x00a67ee7cf9f99ebULL, 0x005713b275f2ff68ULL, + 0x00f1d536a841513dULL, 0x00823b59b024712eULL, + 0x009c46b9d0d38cecULL, 0x00cdb1595aa2d7d4ULL, + 0x008375b3423d9af8ULL, 0x000ab0b516d978f7ULL)}, + {FIELD_LITERAL(0x00428dcb3c510b0fULL, 0x00585607ea24bb4eULL, + 0x003736bf1603687aULL, 0x00c47e568c4fe3c7ULL, + 0x003cd00282848605ULL, 0x0043a487c3b91939ULL, + 0x004ffc04e1095a06ULL, 0x00a4c989a3d4b918ULL)}, }}, {{ - {FIELD_LITERAL(0x00a8778d0e429f7a,0x004c02b059105a68,0x0016653b609da3ff,0x00d5107bd1a12d27,0x00b4708f9a771cab,0x00bb63b662033f69,0x0072f322240e7215,0x0019445b59c69222)}, - {FIELD_LITERAL(0x00cf4f6069a658e6,0x0053ca52859436a6,0x0064b994d7e3e117,0x00cb469b9a07f534,0x00cfb68f399e9d47,0x00f0dcb8dac1c6e7,0x00f2ab67f538b3a5,0x0055544f178ab975)}, - {FIELD_LITERAL(0x0099b7a2685d538c,0x00e2f1897b7c0018,0x003adac8ce48dae3,0x00089276d5c50c0c,0x00172fca07ad6717,0x00cb1a72f54069e5,0x004ee42f133545b3,0x00785f8651362f16)}, + {FIELD_LITERAL(0x00a8778d0e429f7aULL, 0x004c02b059105a68ULL, + 0x0016653b609da3ffULL, 0x00d5107bd1a12d27ULL, + 0x00b4708f9a771cabULL, 0x00bb63b662033f69ULL, + 0x0072f322240e7215ULL, 0x0019445b59c69222ULL)}, + {FIELD_LITERAL(0x00cf4f6069a658e6ULL, 0x0053ca52859436a6ULL, + 0x0064b994d7e3e117ULL, 0x00cb469b9a07f534ULL, + 0x00cfb68f399e9d47ULL, 0x00f0dcb8dac1c6e7ULL, + 0x00f2ab67f538b3a5ULL, 0x0055544f178ab975ULL)}, + {FIELD_LITERAL(0x0099b7a2685d538cULL, 0x00e2f1897b7c0018ULL, + 0x003adac8ce48dae3ULL, 0x00089276d5c50c0cULL, + 0x00172fca07ad6717ULL, 0x00cb1a72f54069e5ULL, + 0x004ee42f133545b3ULL, 0x00785f8651362f16ULL)}, }}, {{ - {FIELD_LITERAL(0x0049cbac38509e11,0x0015234505d42cdf,0x00794fb0b5840f1c,0x00496437344045a5,0x0031b6d944e4f9b0,0x00b207318ac1f5d8,0x0000c840da7f5c5d,0x00526f373a5c8814)}, - {FIELD_LITERAL(0x002c7b7742d1dfd9,0x002cabeb18623c01,0x00055f5e3e044446,0x006c20f3b4ef54ba,0x00c600141ec6b35f,0x00354f437f1a32a3,0x00bac4624a3520f9,0x00c483f734a90691)}, - {FIELD_LITERAL(0x0053a737d422918d,0x00f7fca1d8758625,0x00c360336dadb04c,0x00f38e3d9158a1b8,0x0069ce3b418e84c6,0x005d1697eca16ead,0x00f8bd6a35ece13d,0x007885dfc2b5afea)}, + {FIELD_LITERAL(0x0049cbac38509e11ULL, 0x0015234505d42cdfULL, + 0x00794fb0b5840f1cULL, 0x00496437344045a5ULL, + 0x0031b6d944e4f9b0ULL, 0x00b207318ac1f5d8ULL, + 0x0000c840da7f5c5dULL, 0x00526f373a5c8814ULL)}, + {FIELD_LITERAL(0x002c7b7742d1dfd9ULL, 0x002cabeb18623c01ULL, + 0x00055f5e3e044446ULL, 0x006c20f3b4ef54baULL, + 0x00c600141ec6b35fULL, 0x00354f437f1a32a3ULL, + 0x00bac4624a3520f9ULL, 0x00c483f734a90691ULL)}, + {FIELD_LITERAL(0x0053a737d422918dULL, 0x00f7fca1d8758625ULL, + 0x00c360336dadb04cULL, 0x00f38e3d9158a1b8ULL, + 0x0069ce3b418e84c6ULL, 0x005d1697eca16eadULL, + 0x00f8bd6a35ece13dULL, 0x007885dfc2b5afeaULL)}, }}, {{ - {FIELD_LITERAL(0x00c3617ae260776c,0x00b20dc3e96922d7,0x00a1a7802246706a,0x00ca6505a5240244,0x002246b62d919782,0x001439102d7aa9b3,0x00e8af1139e6422c,0x00c888d1b52f2b05)}, - {FIELD_LITERAL(0x005b67690ffd41d9,0x005294f28df516f9,0x00a879272412fcb9,0x00098b629a6d1c8d,0x00fabd3c8050865a,0x00cd7e5b0a3879c5,0x00153238210f3423,0x00357cac101e9f42)}, - {FIELD_LITERAL(0x008917b454444fb7,0x00f59247c97e441b,0x00a6200a6815152d,0x0009a4228601d254,0x001c0360559bd374,0x007563362039cb36,0x00bd75b48d74e32b,0x0017f515ac3499e8)}, + {FIELD_LITERAL(0x00c3617ae260776cULL, 0x00b20dc3e96922d7ULL, + 0x00a1a7802246706aULL, 0x00ca6505a5240244ULL, + 0x002246b62d919782ULL, 0x001439102d7aa9b3ULL, + 0x00e8af1139e6422cULL, 0x00c888d1b52f2b05ULL)}, + {FIELD_LITERAL(0x005b67690ffd41d9ULL, 0x005294f28df516f9ULL, + 0x00a879272412fcb9ULL, 0x00098b629a6d1c8dULL, + 0x00fabd3c8050865aULL, 0x00cd7e5b0a3879c5ULL, + 0x00153238210f3423ULL, 0x00357cac101e9f42ULL)}, + {FIELD_LITERAL(0x008917b454444fb7ULL, 0x00f59247c97e441bULL, + 0x00a6200a6815152dULL, 0x0009a4228601d254ULL, + 0x001c0360559bd374ULL, 0x007563362039cb36ULL, + 0x00bd75b48d74e32bULL, 0x0017f515ac3499e8ULL)}, }}, {{ - {FIELD_LITERAL(0x001532a7ffe41c5a,0x00eb1edce358d6bf,0x00ddbacc7b678a7b,0x008a7b70f3c841a3,0x00f1923bf27d3f4c,0x000b2713ed8f7873,0x00aaf67e29047902,0x0044994a70b3976d)}, - {FIELD_LITERAL(0x00d54e802082d42c,0x00a55aa0dce7cc6c,0x006477b96073f146,0x0082efe4ceb43594,0x00a922bcba026845,0x0077f19d1ab75182,0x00c2bb2737846e59,0x0004d7eec791dd33)}, - {FIELD_LITERAL(0x0044588d1a81d680,0x00b0a9097208e4f8,0x00212605350dc57e,0x0028717cd2871123,0x00fb083c100fd979,0x0045a056ce063fdf,0x00a5d604b4dd6a41,0x001dabc08ba4e236)}, + {FIELD_LITERAL(0x001532a7ffe41c5aULL, 0x00eb1edce358d6bfULL, + 0x00ddbacc7b678a7bULL, 0x008a7b70f3c841a3ULL, + 0x00f1923bf27d3f4cULL, 0x000b2713ed8f7873ULL, + 0x00aaf67e29047902ULL, 0x0044994a70b3976dULL)}, + {FIELD_LITERAL(0x00d54e802082d42cULL, 0x00a55aa0dce7cc6cULL, + 0x006477b96073f146ULL, 0x0082efe4ceb43594ULL, + 0x00a922bcba026845ULL, 0x0077f19d1ab75182ULL, + 0x00c2bb2737846e59ULL, 0x0004d7eec791dd33ULL)}, + {FIELD_LITERAL(0x0044588d1a81d680ULL, 0x00b0a9097208e4f8ULL, + 0x00212605350dc57eULL, 0x0028717cd2871123ULL, + 0x00fb083c100fd979ULL, 0x0045a056ce063fdfULL, + 0x00a5d604b4dd6a41ULL, 0x001dabc08ba4e236ULL)}, }}, {{ - {FIELD_LITERAL(0x00c4887198d7a7fa,0x00244f98fb45784a,0x0045911e15a15d01,0x001d323d374c0966,0x00967c3915196562,0x0039373abd2f3c67,0x000d2c5614312423,0x0041cf2215442ce3)}, - {FIELD_LITERAL(0x008ede889ada7f06,0x001611e91de2e135,0x00fdb9a458a471b9,0x00563484e03710d1,0x0031cc81925e3070,0x0062c97b3af80005,0x00fa733eea28edeb,0x00e82457e1ebbc88)}, - {FIELD_LITERAL(0x006a0df5fe9b6f59,0x00a0d4ff46040d92,0x004a7cedb6f93250,0x00d1df8855b8c357,0x00e73a46086fd058,0x0048fb0add6dfe59,0x001e03a28f1b4e3d,0x00a871c993308d76)}, + {FIELD_LITERAL(0x00c4887198d7a7faULL, 0x00244f98fb45784aULL, + 0x0045911e15a15d01ULL, 0x001d323d374c0966ULL, + 0x00967c3915196562ULL, 0x0039373abd2f3c67ULL, + 0x000d2c5614312423ULL, 0x0041cf2215442ce3ULL)}, + {FIELD_LITERAL(0x008ede889ada7f06ULL, 0x001611e91de2e135ULL, + 0x00fdb9a458a471b9ULL, 0x00563484e03710d1ULL, + 0x0031cc81925e3070ULL, 0x0062c97b3af80005ULL, + 0x00fa733eea28edebULL, 0x00e82457e1ebbc88ULL)}, + {FIELD_LITERAL(0x006a0df5fe9b6f59ULL, 0x00a0d4ff46040d92ULL, + 0x004a7cedb6f93250ULL, 0x00d1df8855b8c357ULL, + 0x00e73a46086fd058ULL, 0x0048fb0add6dfe59ULL, + 0x001e03a28f1b4e3dULL, 0x00a871c993308d76ULL)}, }}, {{ - {FIELD_LITERAL(0x0030dbb2d1766ec8,0x00586c0ad138555e,0x00d1a34f9e91c77c,0x0063408ad0e89014,0x00d61231b05f6f5b,0x0009abf569f5fd8a,0x00aec67a110f1c43,0x0031d1a790938dd7)}, - {FIELD_LITERAL(0x006cded841e2a862,0x00198d60af0ab6fb,0x0018f09db809e750,0x004e6ac676016263,0x00eafcd1620969cb,0x002c9784ca34917d,0x0054f00079796de7,0x00d9fab5c5972204)}, - {FIELD_LITERAL(0x004bd0fee2438a83,0x00b571e62b0f83bd,0x0059287d7ce74800,0x00fb3631b645c3f0,0x00a018e977f78494,0x0091e27065c27b12,0x007696c1817165e0,0x008c40be7c45ba3a)}, + {FIELD_LITERAL(0x0030dbb2d1766ec8ULL, 0x00586c0ad138555eULL, + 0x00d1a34f9e91c77cULL, 0x0063408ad0e89014ULL, + 0x00d61231b05f6f5bULL, 0x0009abf569f5fd8aULL, + 0x00aec67a110f1c43ULL, 0x0031d1a790938dd7ULL)}, + {FIELD_LITERAL(0x006cded841e2a862ULL, 0x00198d60af0ab6fbULL, + 0x0018f09db809e750ULL, 0x004e6ac676016263ULL, + 0x00eafcd1620969cbULL, 0x002c9784ca34917dULL, + 0x0054f00079796de7ULL, 0x00d9fab5c5972204ULL)}, + {FIELD_LITERAL(0x004bd0fee2438a83ULL, 0x00b571e62b0f83bdULL, + 0x0059287d7ce74800ULL, 0x00fb3631b645c3f0ULL, + 0x00a018e977f78494ULL, 0x0091e27065c27b12ULL, + 0x007696c1817165e0ULL, 0x008c40be7c45ba3aULL)}, }}, {{ - {FIELD_LITERAL(0x00a0f326327cb684,0x001c7d0f672680ff,0x008c1c81ffb112d1,0x00f8f801674eddc8,0x00e926d5d48c2a9d,0x005bd6d954c6fe9a,0x004c6b24b4e33703,0x00d05eb5c09105cc)}, - {FIELD_LITERAL(0x00d61731caacf2cf,0x002df0c7609e01c5,0x00306172208b1e2b,0x00b413fe4fb2b686,0x00826d360902a221,0x003f8d056e67e7f7,0x0065025b0175e989,0x00369add117865eb)}, - {FIELD_LITERAL(0x00aaf895aec2fa11,0x000f892bc313eb52,0x005b1c794dad050b,0x003f8ec4864cec14,0x00af81058d0b90e5,0x00ebe43e183997bb,0x00a9d610f9f3e615,0x007acd8eec2e88d3)}, + {FIELD_LITERAL(0x00a0f326327cb684ULL, 0x001c7d0f672680ffULL, + 0x008c1c81ffb112d1ULL, 0x00f8f801674eddc8ULL, + 0x00e926d5d48c2a9dULL, 0x005bd6d954c6fe9aULL, + 0x004c6b24b4e33703ULL, 0x00d05eb5c09105ccULL)}, + {FIELD_LITERAL(0x00d61731caacf2cfULL, 0x002df0c7609e01c5ULL, + 0x00306172208b1e2bULL, 0x00b413fe4fb2b686ULL, + 0x00826d360902a221ULL, 0x003f8d056e67e7f7ULL, + 0x0065025b0175e989ULL, 0x00369add117865ebULL)}, + {FIELD_LITERAL(0x00aaf895aec2fa11ULL, 0x000f892bc313eb52ULL, + 0x005b1c794dad050bULL, 0x003f8ec4864cec14ULL, + 0x00af81058d0b90e5ULL, 0x00ebe43e183997bbULL, + 0x00a9d610f9f3e615ULL, 0x007acd8eec2e88d3ULL)}, }}, {{ - {FIELD_LITERAL(0x0049b2fab13812a3,0x00846db32cd60431,0x000177fa578c8d6c,0x00047d0e2ad4bc51,0x00b158ba38d1e588,0x006a45daad79e3f3,0x000997b93cab887b,0x00c47ea42fa23dc3)}, - {FIELD_LITERAL(0x0012b6fef7aeb1ca,0x009412768194b6a7,0x00ff0d351f23ab93,0x007e8a14c1aff71b,0x006c1c0170c512bc,0x0016243ea02ab2e5,0x007bb6865b303f3e,0x0015ce6b29b159f4)}, - {FIELD_LITERAL(0x009961cd02e68108,0x00e2035d3a1d0836,0x005d51f69b5e1a1d,0x004bccb4ea36edcd,0x0069be6a7aeef268,0x0063f4dd9de8d5a7,0x006283783092ca35,0x0075a31af2c35409)}, + {FIELD_LITERAL(0x0049b2fab13812a3ULL, 0x00846db32cd60431ULL, + 0x000177fa578c8d6cULL, 0x00047d0e2ad4bc51ULL, + 0x00b158ba38d1e588ULL, 0x006a45daad79e3f3ULL, + 0x000997b93cab887bULL, 0x00c47ea42fa23dc3ULL)}, + {FIELD_LITERAL(0x0012b6fef7aeb1caULL, 0x009412768194b6a7ULL, + 0x00ff0d351f23ab93ULL, 0x007e8a14c1aff71bULL, + 0x006c1c0170c512bcULL, 0x0016243ea02ab2e5ULL, + 0x007bb6865b303f3eULL, 0x0015ce6b29b159f4ULL)}, + {FIELD_LITERAL(0x009961cd02e68108ULL, 0x00e2035d3a1d0836ULL, + 0x005d51f69b5e1a1dULL, 0x004bccb4ea36edcdULL, + 0x0069be6a7aeef268ULL, 0x0063f4dd9de8d5a7ULL, + 0x006283783092ca35ULL, 0x0075a31af2c35409ULL)}, }}, {{ - {FIELD_LITERAL(0x00c412365162e8cf,0x00012283fb34388a,0x003e6543babf39e2,0x00eead6b3a804978,0x0099c0314e8b326f,0x00e98e0a8d477a4f,0x00d2eb96b127a687,0x00ed8d7df87571bb)}, - {FIELD_LITERAL(0x00777463e308cacf,0x00c8acb93950132d,0x00ebddbf4ca48b2c,0x0026ad7ca0795a0a,0x00f99a3d9a715064,0x000d60bcf9d4dfcc,0x005e65a73a437a06,0x0019d536a8db56c8)}, - {FIELD_LITERAL(0x00192d7dd558d135,0x0027cd6a8323ffa7,0x00239f1a412dc1e7,0x0046b4b3be74fc5c,0x0020c47a2bef5bce,0x00aa17e48f43862b,0x00f7e26c96342e5f,0x0008011c530f39a9)}, + {FIELD_LITERAL(0x00c412365162e8cfULL, 0x00012283fb34388aULL, + 0x003e6543babf39e2ULL, 0x00eead6b3a804978ULL, + 0x0099c0314e8b326fULL, 0x00e98e0a8d477a4fULL, + 0x00d2eb96b127a687ULL, 0x00ed8d7df87571bbULL)}, + {FIELD_LITERAL(0x00777463e308cacfULL, 0x00c8acb93950132dULL, + 0x00ebddbf4ca48b2cULL, 0x0026ad7ca0795a0aULL, + 0x00f99a3d9a715064ULL, 0x000d60bcf9d4dfccULL, + 0x005e65a73a437a06ULL, 0x0019d536a8db56c8ULL)}, + {FIELD_LITERAL(0x00192d7dd558d135ULL, 0x0027cd6a8323ffa7ULL, + 0x00239f1a412dc1e7ULL, 0x0046b4b3be74fc5cULL, + 0x0020c47a2bef5bceULL, 0x00aa17e48f43862bULL, + 0x00f7e26c96342e5fULL, 0x0008011c530f39a9ULL)}, }}, {{ - {FIELD_LITERAL(0x00aad4ac569bf0f1,0x00a67adc90b27740,0x0048551369a5751a,0x0031252584a3306a,0x0084e15df770e6fc,0x00d7bba1c74b5805,0x00a80ef223af1012,0x0089c85ceb843a34)}, - {FIELD_LITERAL(0x00c4545be4a54004,0x0099e11f60357e6c,0x001f3936d19515a6,0x007793df84341a6e,0x0051061886717ffa,0x00e9b0a660b28f85,0x0044ea685892de0d,0x000257d2a1fda9d9)}, - {FIELD_LITERAL(0x007e8b01b24ac8a8,0x006cf3b0b5ca1337,0x00f1607d3e36a570,0x0039b7fab82991a1,0x00231777065840c5,0x00998e5afdd346f9,0x00b7dc3e64acc85f,0x00baacc748013ad6)}, + {FIELD_LITERAL(0x00aad4ac569bf0f1ULL, 0x00a67adc90b27740ULL, + 0x0048551369a5751aULL, 0x0031252584a3306aULL, + 0x0084e15df770e6fcULL, 0x00d7bba1c74b5805ULL, + 0x00a80ef223af1012ULL, 0x0089c85ceb843a34ULL)}, + {FIELD_LITERAL(0x00c4545be4a54004ULL, 0x0099e11f60357e6cULL, + 0x001f3936d19515a6ULL, 0x007793df84341a6eULL, + 0x0051061886717ffaULL, 0x00e9b0a660b28f85ULL, + 0x0044ea685892de0dULL, 0x000257d2a1fda9d9ULL)}, + {FIELD_LITERAL(0x007e8b01b24ac8a8ULL, 0x006cf3b0b5ca1337ULL, + 0x00f1607d3e36a570ULL, 0x0039b7fab82991a1ULL, + 0x00231777065840c5ULL, 0x00998e5afdd346f9ULL, + 0x00b7dc3e64acc85fULL, 0x00baacc748013ad6ULL)}, }}, {{ - {FIELD_LITERAL(0x008ea6a4177580bf,0x005fa1953e3f0378,0x005fe409ac74d614,0x00452327f477e047,0x00a4018507fb6073,0x007b6e71951caac8,0x0012b42ab8a6ce91,0x0080eca677294ab7)}, - {FIELD_LITERAL(0x00a53edc023ba69b,0x00c6afa83ddde2e8,0x00c3f638b307b14e,0x004a357a64414062,0x00e4d94d8b582dc9,0x001739caf71695b7,0x0012431b2ae28de1,0x003b6bc98682907c)}, - {FIELD_LITERAL(0x008a9a93be1f99d6,0x0079fa627cc699c8,0x00b0cfb134ba84c8,0x001c4b778249419a,0x00df4ab3d9c44f40,0x009f596e6c1a9e3c,0x001979c0df237316,0x00501e953a919b87)}, + {FIELD_LITERAL(0x008ea6a4177580bfULL, 0x005fa1953e3f0378ULL, + 0x005fe409ac74d614ULL, 0x00452327f477e047ULL, + 0x00a4018507fb6073ULL, 0x007b6e71951caac8ULL, + 0x0012b42ab8a6ce91ULL, 0x0080eca677294ab7ULL)}, + {FIELD_LITERAL(0x00a53edc023ba69bULL, 0x00c6afa83ddde2e8ULL, + 0x00c3f638b307b14eULL, 0x004a357a64414062ULL, + 0x00e4d94d8b582dc9ULL, 0x001739caf71695b7ULL, + 0x0012431b2ae28de1ULL, 0x003b6bc98682907cULL)}, + {FIELD_LITERAL(0x008a9a93be1f99d6ULL, 0x0079fa627cc699c8ULL, + 0x00b0cfb134ba84c8ULL, 0x001c4b778249419aULL, + 0x00df4ab3d9c44f40ULL, 0x009f596e6c1a9e3cULL, + 0x001979c0df237316ULL, 0x00501e953a919b87ULL)}, }} }; const niels_t *curve448_wnaf_base = curve448_wnaf_base_table; diff --git a/crypto/ec/curve448/f_generic.c b/crypto/ec/curve448/f_generic.c index ed8f36d..ae3312f 100644 --- a/crypto/ec/curve448/f_generic.c +++ b/crypto/ec/curve448/f_generic.c @@ -12,9 +12,9 @@ #include "field.h" static const gf MODULUS = { - FIELD_LITERAL(0xffffffffffffff, 0xffffffffffffff, 0xffffffffffffff, - 0xffffffffffffff, 0xfffffffffffffe, 0xffffffffffffff, - 0xffffffffffffff, 0xffffffffffffff) + FIELD_LITERAL(0xffffffffffffffULL, 0xffffffffffffffULL, 0xffffffffffffffULL, + 0xffffffffffffffULL, 0xfffffffffffffeULL, 0xffffffffffffffULL, + 0xffffffffffffffULL, 0xffffffffffffffULL) }; /* Serialize to wire format. */ diff --git a/crypto/ec/curve448/scalar.c b/crypto/ec/curve448/scalar.c index b5702c0..adde84d 100644 --- a/crypto/ec/curve448/scalar.c +++ b/crypto/ec/curve448/scalar.c @@ -14,24 +14,24 @@ #include "word.h" #include "point_448.h" -static const c448_word_t MONTGOMERY_FACTOR = (c448_word_t) 0x3bd440fae918bc5; +static const c448_word_t MONTGOMERY_FACTOR = (c448_word_t) 0x3bd440fae918bc5ULL; static const curve448_scalar_t sc_p = { { { - SC_LIMB(0x2378c292ab5844f3), SC_LIMB(0x216cc2728dc58f55), - SC_LIMB(0xc44edb49aed63690), SC_LIMB(0xffffffff7cca23e9), - SC_LIMB(0xffffffffffffffff), SC_LIMB(0xffffffffffffffff), - SC_LIMB(0x3fffffffffffffff) + SC_LIMB(0x2378c292ab5844f3ULL), SC_LIMB(0x216cc2728dc58f55ULL), + SC_LIMB(0xc44edb49aed63690ULL), SC_LIMB(0xffffffff7cca23e9ULL), + SC_LIMB(0xffffffffffffffffULL), SC_LIMB(0xffffffffffffffffULL), + SC_LIMB(0x3fffffffffffffffULL) } } }, sc_r2 = { { { - SC_LIMB(0xe3539257049b9b60), SC_LIMB(0x7af32c4bc1b195d9), - SC_LIMB(0x0d66de2388ea1859), SC_LIMB(0xae17cf725ee4d838), - SC_LIMB(0x1a9cc14ba3c47c44), SC_LIMB(0x2052bcb7e4d070af), - SC_LIMB(0x3402a939f823b729) + SC_LIMB(0xe3539257049b9b60ULL), SC_LIMB(0x7af32c4bc1b195d9ULL), + SC_LIMB(0x0d66de2388ea1859ULL), SC_LIMB(0xae17cf725ee4d838ULL), + SC_LIMB(0x1a9cc14ba3c47c44ULL), SC_LIMB(0x2052bcb7e4d070afULL), + SC_LIMB(0x3402a939f823b729ULL) } } }; diff --git a/crypto/sha/keccak1600.c b/crypto/sha/keccak1600.c index e722348..0d34e81 100644 --- a/crypto/sha/keccak1600.c +++ b/crypto/sha/keccak1600.c @@ -78,30 +78,30 @@ static const unsigned char rhotates[5][5] = { }; static const uint64_t iotas[] = { - BIT_INTERLEAVE ? 0x0000000000000001U : 0x0000000000000001U, - BIT_INTERLEAVE ? 0x0000008900000000U : 0x0000000000008082U, - BIT_INTERLEAVE ? 0x8000008b00000000U : 0x800000000000808aU, - BIT_INTERLEAVE ? 0x8000808000000000U : 0x8000000080008000U, - BIT_INTERLEAVE ? 0x0000008b00000001U : 0x000000000000808bU, - BIT_INTERLEAVE ? 0x0000800000000001U : 0x0000000080000001U, - BIT_INTERLEAVE ? 0x8000808800000001U : 0x8000000080008081U, - BIT_INTERLEAVE ? 0x8000008200000001U : 0x8000000000008009U, - BIT_INTERLEAVE ? 0x0000000b00000000U : 0x000000000000008aU, - BIT_INTERLEAVE ? 0x0000000a00000000U : 0x0000000000000088U, - BIT_INTERLEAVE ? 0x0000808200000001U : 0x0000000080008009U, - BIT_INTERLEAVE ? 0x0000800300000000U : 0x000000008000000aU, - BIT_INTERLEAVE ? 0x0000808b00000001U : 0x000000008000808bU, - BIT_INTERLEAVE ? 0x8000000b00000001U : 0x800000000000008bU, - BIT_INTERLEAVE ? 0x8000008a00000001U : 0x8000000000008089U, - BIT_INTERLEAVE ? 0x8000008100000001U : 0x8000000000008003U, - BIT_INTERLEAVE ? 0x8000008100000000U : 0x8000000000008002U, - BIT_INTERLEAVE ? 0x8000000800000000U : 0x8000000000000080U, - BIT_INTERLEAVE ? 0x0000008300000000U : 0x000000000000800aU, - BIT_INTERLEAVE ? 0x8000800300000000U : 0x800000008000000aU, - BIT_INTERLEAVE ? 0x8000808800000001U : 0x8000000080008081U, - BIT_INTERLEAVE ? 0x8000008800000000U : 0x8000000000008080U, - BIT_INTERLEAVE ? 0x0000800000000001U : 0x0000000080000001U, - BIT_INTERLEAVE ? 0x8000808200000000U : 0x8000000080008008U + BIT_INTERLEAVE ? 0x0000000000000001ULL : 0x0000000000000001ULL, + BIT_INTERLEAVE ? 0x0000008900000000ULL : 0x0000000000008082ULL, + BIT_INTERLEAVE ? 0x8000008b00000000ULL : 0x800000000000808aULL, + BIT_INTERLEAVE ? 0x8000808000000000ULL : 0x8000000080008000ULL, + BIT_INTERLEAVE ? 0x0000008b00000001ULL : 0x000000000000808bULL, + BIT_INTERLEAVE ? 0x0000800000000001ULL : 0x0000000080000001ULL, + BIT_INTERLEAVE ? 0x8000808800000001ULL : 0x8000000080008081ULL, + BIT_INTERLEAVE ? 0x8000008200000001ULL : 0x8000000000008009ULL, + BIT_INTERLEAVE ? 0x0000000b00000000ULL : 0x000000000000008aULL, + BIT_INTERLEAVE ? 0x0000000a00000000ULL : 0x0000000000000088ULL, + BIT_INTERLEAVE ? 0x0000808200000001ULL : 0x0000000080008009ULL, + BIT_INTERLEAVE ? 0x0000800300000000ULL : 0x000000008000000aULL, + BIT_INTERLEAVE ? 0x0000808b00000001ULL : 0x000000008000808bULL, + BIT_INTERLEAVE ? 0x8000000b00000001ULL : 0x800000000000008bULL, + BIT_INTERLEAVE ? 0x8000008a00000001ULL : 0x8000000000008089ULL, + BIT_INTERLEAVE ? 0x8000008100000001ULL : 0x8000000000008003ULL, + BIT_INTERLEAVE ? 0x8000008100000000ULL : 0x8000000000008002ULL, + BIT_INTERLEAVE ? 0x8000000800000000ULL : 0x8000000000000080ULL, + BIT_INTERLEAVE ? 0x0000008300000000ULL : 0x000000000000800aULL, + BIT_INTERLEAVE ? 0x8000800300000000ULL : 0x800000008000000aULL, + BIT_INTERLEAVE ? 0x8000808800000001ULL : 0x8000000080008081ULL, + BIT_INTERLEAVE ? 0x8000008800000000ULL : 0x8000000000008080ULL, + BIT_INTERLEAVE ? 0x0000800000000001ULL : 0x0000000080000001ULL, + BIT_INTERLEAVE ? 0x8000808200000000ULL : 0x8000000080008008ULL }; #if defined(KECCAK_REF) diff --git a/test/asn1_encode_test.c b/test/asn1_encode_test.c index 6a64bf9..31b2163 100644 --- a/test/asn1_encode_test.c +++ b/test/asn1_encode_test.c @@ -396,7 +396,7 @@ static ASN1_INT64_DATA int64_expected[] = { CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad (illegal padding) */ CUSTOM_EXPECTED_SUCCESS(INT64_MIN, INT64_MIN), /* t_8bytes_4_neg */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad (illegal padding) */ - CUSTOM_EXPECTED_SUCCESS(0x1ffffffff, 0x1ffffffff), /* t_5bytes_1 */ + CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */ CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */ CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */ @@ -446,7 +446,7 @@ static ASN1_UINT64_DATA uint64_expected[] = { CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */ - CUSTOM_EXPECTED_SUCCESS(0x1ffffffff, 0x1ffffffff), /* t_5bytes_1 */ + CUSTOM_EXPECTED_SUCCESS(0x1ffffffffULL, 0x1ffffffffULL), /* t_5bytes_1 */ CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */ CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */ diff --git a/test/bioprinttest.c b/test/bioprinttest.c index d35bffa..c243bd5 100644 --- a/test/bioprinttest.c +++ b/test/bioprinttest.c @@ -146,14 +146,14 @@ typedef struct j_data_st { } j_data; static j_data jf_data[] = { - { 0xffffffffffffffffU, "%ju", "18446744073709551615" }, - { 0xffffffffffffffffU, "%jx", "ffffffffffffffff" }, - { 0x8000000000000000U, "%ju", "9223372036854775808" }, + { 0xffffffffffffffffULL, "%ju", "18446744073709551615" }, + { 0xffffffffffffffffULL, "%jx", "ffffffffffffffff" }, + { 0x8000000000000000ULL, "%ju", "9223372036854775808" }, /* * These tests imply two's-complement, but it's the only binary * representation we support, see test/sanitytest.c... */ - { 0x8000000000000000U, "%ji", "-9223372036854775808" }, + { 0x8000000000000000ULL, "%ji", "-9223372036854775808" }, }; static int test_j(int i) diff --git a/test/ct_test.c b/test/ct_test.c index de37476..ae75482 100644 --- a/test/ct_test.c +++ b/test/ct_test.c @@ -63,7 +63,7 @@ static CT_TEST_FIXTURE *set_up(const char *const test_case_name) if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) goto end; fixture->test_case_name = test_case_name; - fixture->epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ + fixture->epoch_time_in_ms = 1473269626000ULL; /* Sep 7 17:33:46 2016 GMT */ if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new()) || !TEST_int_eq( CTLOG_STORE_load_default_file(fixture->ctlog_store), 1)) @@ -423,7 +423,7 @@ static int test_verify_fails_for_future_sct(void) SETUP_CT_TEST_FIXTURE(); if (fixture == NULL) return 0; - fixture->epoch_time_in_ms = 1365094800000; /* Apr 4 17:00:00 2013 GMT */ + fixture->epoch_time_in_ms = 1365094800000ULL; /* Apr 4 17:00:00 2013 GMT */ fixture->certs_dir = certs_dir; fixture->certificate_file = "embeddedSCTs1.pem"; fixture->issuer_file = "embeddedSCTs1_issuer.pem"; From builds at travis-ci.org Mon Mar 11 14:05:32 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 11 Mar 2019 14:05:32 +0000 Subject: Passed: openssl/openssl#23952 (master - 2a6a560) In-Reply-To: Message-ID: <5c866b2c41cd_43fc68b2c55ec21219d@111eab2e-d508-4b6c-a990-dca0600a9526.mail> Build Update for openssl/openssl ------------------------------------- Build: #23952 Status: Passed Duration: 21 mins and 56 secs Commit: 2a6a560 (master) Author: Rich Salz Message: Add regenerated header files Reviewed-by: Nicola Tuveri Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8397) View the changeset: https://github.com/openssl/openssl/compare/4d768e966ff9...2a6a56073ce2 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/504695932?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Mon Mar 11 14:20:25 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 11 Mar 2019 14:20:25 +0000 Subject: Passed: openssl/openssl#23953 (master - 98f2946) In-Reply-To: Message-ID: <5c866ea93cbdd_43fc68b2e5a18219523@111eab2e-d508-4b6c-a990-dca0600a9526.mail> Build Update for openssl/openssl ------------------------------------- Build: #23953 Status: Passed Duration: 27 mins and 46 secs Commit: 98f2946 (master) Author: Shane Lontis Message: fix truncation of integers on 32bit AIX Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8417) View the changeset: https://github.com/openssl/openssl/compare/2a6a56073ce2...98f29466dc1e View the full build log and details: https://travis-ci.org/openssl/openssl/builds/504697676?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Mon Mar 11 14:28:37 2019 From: builds at travis-ci.org (Travis CI) Date: Mon, 11 Mar 2019 14:28:37 +0000 Subject: Still Failing: openssl/openssl#23954 (OpenSSL_1_1_1-stable - 191570d) In-Reply-To: Message-ID: <5c867094d410f_43fcd252dbef0118189@fce5ff8b-b645-40a0-b38c-0886b9db5415.mail> Build Update for openssl/openssl ------------------------------------- Build: #23954 Status: Still Failing Duration: 23 mins and 32 secs Commit: 191570d (OpenSSL_1_1_1-stable) Author: Shane Lontis Message: fix truncation of integers on 32bit AIX Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8417) (cherry picked from commit 98f29466dc1ed7f80b9b8750309a41b5a1150d25) View the changeset: https://github.com/openssl/openssl/compare/d38ef8c89e11...191570d0b94c View the full build log and details: https://travis-ci.org/openssl/openssl/builds/504697997?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 11 17:56:58 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Mar 2019 17:56:58 +0000 Subject: Build failed: openssl master.23358 Message-ID: <20190311175658.1.B23275FB49F646EA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 11 19:30:54 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Mar 2019 19:30:54 +0000 Subject: Build completed: openssl master.23359 Message-ID: <20190311193054.1.F788BB19A9FA0FBD@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Mon Mar 11 19:40:48 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 11 Mar 2019 19:40:48 +0000 Subject: [openssl] master update Message-ID: <1552333248.309728.21372.nullmailer@dev.openssl.org> The branch master has been updated via c453283421299b7f8e0db6d6069c68369294a9f7 (commit) via 021a65527735af2ddc063d9300138660e3782a15 (commit) via 16c2f1bdb5f051ee2c0ac96182a0fb5bad7daa68 (commit) via 3374dc03edda56cbfd2a558fc62b7970eb0b9ad1 (commit) via 4c2883a9bf59c5ee31e8e2e101b3894a16c06950 (commit) via 3f4e8d6604842db4f416d029e9bbeddf90976c00 (commit) from 98f29466dc1ed7f80b9b8750309a41b5a1150d25 (commit) - Log ----------------------------------------------------------------- commit c453283421299b7f8e0db6d6069c68369294a9f7 Author: Richard Levitte Date: Thu Feb 21 21:20:53 2019 +0100 Add documentation Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8287) commit 021a65527735af2ddc063d9300138660e3782a15 Author: Richard Levitte Date: Wed Feb 20 22:55:43 2019 +0100 Add provider tests Two tests are added, one that tests the internal API, the other tests the public API. Those two tests both test the same provider, which acts both as a built-in provider and as a loadable provider module. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8287) commit 16c2f1bdb5f051ee2c0ac96182a0fb5bad7daa68 Author: Richard Levitte Date: Wed Feb 20 22:55:29 2019 +0100 Add provider module infrastructure Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8287) commit 3374dc03edda56cbfd2a558fc62b7970eb0b9ad1 Author: Richard Levitte Date: Tue Feb 19 23:07:57 2019 +0100 Replumbing: New public API to load or add providers Adding a provider means creating an internal provier object and adding it to the store. This allows the addition of built in providers, be it in the OpenSSL libraries or in any application. "Loading" a provider is defined broadly. A built in provider is already "loaded" in essence and only needs activating, while a provider in a dynamically loadable module requires actually loading the module itself. In this API, "loading" a provider does both. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8287) commit 4c2883a9bf59c5ee31e8e2e101b3894a16c06950 Author: Richard Levitte Date: Sun Jan 20 13:14:58 2019 +0100 Replumbing: Add the Provider Object, type OSSL_PROVIDER The OSSL_PROVIDER is the core object involved in loading a provider module, initialize a provider and do the initial communication of provider wide and core wide dispatch tables. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8287) commit 3f4e8d6604842db4f416d029e9bbeddf90976c00 Author: Richard Levitte Date: Tue Feb 5 23:18:50 2019 +0100 Replumbing: Add MODULESDIR macro and OPENSSL_MODULES environment variable These will be used to point out general OpenSSL modules directory. ENGINE modules are kept apart for backward compatibility. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8287) ----------------------------------------------------------------------- Summary of changes: Configurations/descrip.mms.tmpl | 5 +- Configurations/unix-Makefile.tmpl | 4 +- Configurations/windows-makefile.tmpl | 26 +- crypto/build.info | 6 +- crypto/cpt_err.c | 12 +- crypto/err/openssl.txt | 5 + crypto/provider.c | 70 ++++++ crypto/provider_core.c | 418 +++++++++++++++++++++++++++++++ doc/internal/man3/ossl_provider_new.pod | 196 +++++++++++++++ doc/man3/OSSL_PROVIDER.pod | 112 +++++++++ include/internal/provider.h | 61 +++++ include/internal/symhacks.h | 26 ++ include/openssl/core.h | 20 ++ include/openssl/core_numbers.h | 76 ++++++ include/openssl/cryptoerr.h | 5 + include/openssl/ossl_typ.h | 2 + include/openssl/provider.h | 34 +++ test/build.info | 23 ++ test/p_test.c | 110 ++++++++ test/provider_internal_test.c | 79 ++++++ test/provider_test.c | 69 +++++ test/recipes/02-test_internal_provider.t | 18 ++ test/recipes/04-test_provider.t | 18 ++ util/libcrypto.num | 5 + util/perl/OpenSSL/ParseC.pm | 9 + util/private.num | 1 + util/providers.num | 1 + 27 files changed, 1401 insertions(+), 10 deletions(-) create mode 100644 crypto/provider.c create mode 100644 crypto/provider_core.c create mode 100644 doc/internal/man3/ossl_provider_new.pod create mode 100644 doc/man3/OSSL_PROVIDER.pod create mode 100644 include/internal/provider.h create mode 100644 include/internal/symhacks.h create mode 100644 include/openssl/core_numbers.h create mode 100644 include/openssl/provider.h create mode 100644 test/p_test.c create mode 100644 test/provider_internal_test.c create mode 100644 test/provider_test.c create mode 100644 test/recipes/02-test_internal_provider.t create mode 100644 test/recipes/04-test_provider.t create mode 100644 util/providers.num diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl index 8efdeb7..2f74756 100644 --- a/Configurations/descrip.mms.tmpl +++ b/Configurations/descrip.mms.tmpl @@ -167,6 +167,8 @@ OPENSSLDIR={- catdir($config{openssldir}) or OPENSSLDIR_C={- platform->osslprefix() -}DATAROOT:[000000] # Where installed ENGINE modules reside, for C ENGINESDIR_C={- platform->osslprefix() -}ENGINES{- $sover_dirname.$target{pointer_size} -}: +# Where modules reside, for C +MODULESDIR_C={- platform->osslprefix() -}MODULES{- $sover_dirname.$target{pointer_size} -}: ##### User defined commands and flags ################################ @@ -226,7 +228,8 @@ LIB_DEFINES={- our $lib_defines = @{$config{shared_defines}})); join('', $lib_defines, (map { ",$_" } 'OPENSSLDIR="""$(OPENSSLDIR_C)"""', - 'ENGINESDIR="""$(ENGINESDIR_C)"""'), + 'ENGINESDIR="""$(ENGINESDIR_C)"""', + 'MODULESDIR="""$(MODULESDIR_C)"""'), '$(CNF_DEFINES)', '$(DEFINES)') -} LIB_INCLUDES={- our $lib_includes = join(',', @{$target{lib_includes}}, diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index dfae9af..2561c47 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -142,6 +142,7 @@ LIBDIR={- our $libdir = $config{libdir}; libdir={- file_name_is_absolute($libdir) ? $libdir : '$(INSTALLTOP)/$(LIBDIR)' -} ENGINESDIR=$(libdir)/engines-{- $sover_dirname -} +MODULESDIR=$(libdir)/ossl-modules # Convenience variable for those who want to set the rpath in shared # libraries and applications @@ -238,7 +239,8 @@ LIB_CPPFLAGS={- our $lib_cppflags = join(' ', $lib_cppflags, (map { '-D'.$_ } 'OPENSSLDIR="\"$(OPENSSLDIR)\""', - 'ENGINESDIR="\"$(ENGINESDIR)\""'), + 'ENGINESDIR="\"$(ENGINESDIR)\""', + 'MODULESDIR="\"$(MODULESDIR)\""'), '$(CNF_CPPFLAGS)', '$(CPPFLAGS)') -} LIB_CFLAGS={- join(' ', $target{lib_cflags} || (), $target{shared_cflag} || (), diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index 6d38cfe..f327169 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -148,20 +148,33 @@ OPENSSLDIR_dev={- # OPENSSLDIR_dir={- canonpath($openssldir_dir) -} LIBDIR={- our $libdir = $config{libdir} || "lib"; file_name_is_absolute($libdir) ? "" : $libdir -} -ENGINESDIR_dev={- use File::Spec::Functions qw(:DEFAULT splitpath); - our $enginesdir = catdir($prefix,$libdir,"engines-$sover_dirname"); - our ($enginesdir_dev, $enginesdir_dir, $enginesdir_file) = - splitpath($enginesdir, 1); - $enginesdir_dev -} +MODULESDIR_dev={- use File::Spec::Functions qw(:DEFAULT splitpath); + our $modulesprefix = catdir($prefix,$libdir); + our ($modulesprefix_dev, $modulesprefix_dir, + $modulesprefix_file) = + splitpath($modulesprefix, 1); + our $modulesdir_dev = $modulesprefix_dev; + our $modulesdir_dir = + catdir($modulesprefix_dir, "ossl-modules"); + our $modulesdir = catpath($modulesdir_dev, $modulesdir_dir); + our $enginesdir_dev = $modulesprefix_dev; + out $enginesdir_dir = + catdir($modulesprefix_dir, "engines-$sover_dirname"); + our $enginesdir = catpath($enginesdir_dev, $enginesdir_dir); + $modulesdir_dev -} +MODULESDIR_dir={- canonpath($modulesdir_dir) -} +ENGINESDIR_dev={- $enginesdir_dev -} ENGINESDIR_dir={- canonpath($enginesdir_dir) -} !IF "$(DESTDIR)" != "" INSTALLTOP=$(DESTDIR)$(INSTALLTOP_dir) OPENSSLDIR=$(DESTDIR)$(OPENSSLDIR_dir) ENGINESDIR=$(DESTDIR)$(ENGINESDIR_dir) +MODULESDIR=$(DESTDIR)$(MODULESDIR_dir) !ELSE INSTALLTOP=$(INSTALLTOP_dev)$(INSTALLTOP_dir) OPENSSLDIR=$(OPENSSLDIR_dev)$(OPENSSLDIR_dir) ENGINESDIR=$(ENGINESDIR_dev)$(ENGINESDIR_dir) +MODULESDIR=$(MODULESDIR_dev)$(MODULESDIR_dir) !ENDIF # $(libdir) is chosen to be compatible with the GNU coding standards @@ -255,7 +268,8 @@ LIB_CPPFLAGS={- our $lib_cppflags = join(' ', $lib_cppflags, (map { '-D'.quotify1($_) } "OPENSSLDIR=\"$openssldir\"", - "ENGINESDIR=\"$enginesdir\""), + "ENGINESDIR=\"$enginesdir\"", + "MODULESDIR=\"$modulesdir\""), '$(CNF_CPPFLAGS)', '$(CPPFLAGS)') -} LIB_CFLAGS={- join(' ', $target{lib_cflags} || (), $target{shared_cflag} || (), diff --git a/crypto/build.info b/crypto/build.info index e3e9cee..0cca6ab 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -8,12 +8,16 @@ SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 x509v3 conf \ err comp ocsp cms ts srp cmac ct async kmac ess LIBS=../libcrypto +# The Core +SOURCE[../libcrypto]=provider_core.c + +# Central utilities SOURCE[../libcrypto]=\ cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \ threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c context.c sparse_array.c \ - trace.c \ + trace.c provider.c \ {- $target{cpuid_asm_src} -} {- $target{uplink_aux_src} -} DEPEND[cversion.o]=buildinf.h diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c index 8c11da8..bf7985c 100644 --- a/crypto/cpt_err.c +++ b/crypto/cpt_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -32,6 +32,8 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = { "CRYPTO_set_ex_data"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_FIPS_MODE_SET, 0), "FIPS_mode_set"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_GET_AND_LOCK, 0), "get_and_lock"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_GET_PROVIDER_STORE, 0), + "get_provider_store"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_ATEXIT, 0), "OPENSSL_atexit"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_BUF2HEXSTR, 0), "OPENSSL_buf2hexstr"}, @@ -44,6 +46,12 @@ static const ERR_STRING_DATA CRYPTO_str_functs[] = { {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_SK_DEEP_COPY, 0), "OPENSSL_sk_deep_copy"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_SK_DUP, 0), "OPENSSL_sk_dup"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN, 0), + "OSSL_PROVIDER_add_builtin"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OSSL_PROVIDER_ACTIVATE, 0), + "ossl_provider_activate"}, + {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OSSL_PROVIDER_NEW, 0), + "ossl_provider_new"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_HMAC_INIT, 0), "pkey_hmac_init"}, {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_PKEY_POLY1305_INIT, 0), "pkey_poly1305_init"}, @@ -60,6 +68,8 @@ static const ERR_STRING_DATA CRYPTO_str_reasons[] = { "illegal hex digit"}, {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"}, + {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PROVIDER_ALREADY_EXISTS), + "provider already exists"}, {0, NULL} }; diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index aec6a8d..3b3f761 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -359,6 +359,7 @@ CRYPTO_F_CRYPTO_OCB128_INIT:122:CRYPTO_ocb128_init CRYPTO_F_CRYPTO_SET_EX_DATA:102:CRYPTO_set_ex_data CRYPTO_F_FIPS_MODE_SET:109:FIPS_mode_set CRYPTO_F_GET_AND_LOCK:113:get_and_lock +CRYPTO_F_GET_PROVIDER_STORE:133:get_provider_store CRYPTO_F_OPENSSL_ATEXIT:114:OPENSSL_atexit CRYPTO_F_OPENSSL_BUF2HEXSTR:117:OPENSSL_buf2hexstr CRYPTO_F_OPENSSL_FOPEN:119:openssl_fopen @@ -367,6 +368,9 @@ CRYPTO_F_OPENSSL_INIT_CRYPTO:116:OPENSSL_init_crypto CRYPTO_F_OPENSSL_LH_NEW:126:OPENSSL_LH_new CRYPTO_F_OPENSSL_SK_DEEP_COPY:127:OPENSSL_sk_deep_copy CRYPTO_F_OPENSSL_SK_DUP:128:OPENSSL_sk_dup +CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN:132:OSSL_PROVIDER_add_builtin +CRYPTO_F_OSSL_PROVIDER_ACTIVATE:130:ossl_provider_activate +CRYPTO_F_OSSL_PROVIDER_NEW:131:ossl_provider_new CRYPTO_F_PKEY_HMAC_INIT:123:pkey_hmac_init CRYPTO_F_PKEY_POLY1305_INIT:124:pkey_poly1305_init CRYPTO_F_PKEY_SIPHASH_INIT:125:pkey_siphash_init @@ -2097,6 +2101,7 @@ CONF_R_VARIABLE_HAS_NO_VALUE:104:variable has no value CRYPTO_R_FIPS_MODE_NOT_SUPPORTED:101:fips mode not supported CRYPTO_R_ILLEGAL_HEX_DIGIT:102:illegal hex digit CRYPTO_R_ODD_NUMBER_OF_DIGITS:103:odd number of digits +CRYPTO_R_PROVIDER_ALREADY_EXISTS:104:provider already exists CT_R_BASE64_DECODE_ERROR:108:base64 decode error CT_R_INVALID_LOG_ID_LENGTH:100:invalid log id length CT_R_LOG_CONF_INVALID:109:log conf invalid diff --git a/crypto/provider.c b/crypto/provider.c new file mode 100644 index 0000000..823d5dd --- /dev/null +++ b/crypto/provider.c @@ -0,0 +1,70 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include "internal/provider.h" + +OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name) +{ + OSSL_PROVIDER *prov = NULL; + + /* Find it or create it */ + if ((prov = ossl_provider_find(libctx, name)) == NULL + && (prov = ossl_provider_new(libctx, name, NULL)) == NULL) + return NULL; + + if (!ossl_provider_activate(prov)) { + ossl_provider_free(prov); + return NULL; + } + + return prov; +} + +int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov) +{ + ossl_provider_free(prov); + return 1; +} + +const OSSL_ITEM *OSSL_PROVIDER_get_param_types(OSSL_PROVIDER *prov) +{ + return ossl_provider_get_param_types(prov); +} + +int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, const OSSL_PARAM params[]) +{ + return ossl_provider_get_params(prov, params); +} + +int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *libctx, const char *name, + OSSL_provider_init_fn *init_fn) +{ + OSSL_PROVIDER *prov = NULL; + + if (name == NULL || init_fn == NULL) { + CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + /* Create it */ + if ((prov = ossl_provider_new(libctx, name, init_fn)) == NULL) + return 0; + + /* + * It's safely stored in the internal store at this point, + * free the returned extra reference + */ + ossl_provider_free(prov); + + return 1; +} diff --git a/crypto/provider_core.c b/crypto/provider_core.c new file mode 100644 index 0000000..b3d44f1 --- /dev/null +++ b/crypto/provider_core.c @@ -0,0 +1,418 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include "internal/cryptlib.h" +#include "internal/thread_once.h" +#include "internal/provider.h" +#include "internal/refcount.h" + +/*- + * Provider Object structure + * ========================= + */ + +struct provider_store_st; /* Forward declaration */ + +struct ossl_provider_st { + /* Flag bits */ + unsigned int flag_initialized:1; + + /* OpenSSL library side data */ + CRYPTO_REF_COUNT refcnt; +#ifndef HAVE_ATOMICS + CRYPTO_RWLOCK refcnt_lock; /* For the ref counter */ +#endif + char *name; + DSO *module; + OSSL_provider_init_fn *init_function; + + /* Provider side functions */ + OSSL_provider_teardown_fn *teardown; + OSSL_provider_get_param_types_fn *get_param_types; + OSSL_provider_get_params_fn *get_params; +}; +DEFINE_STACK_OF(OSSL_PROVIDER) + +static int ossl_provider_cmp(const OSSL_PROVIDER * const *a, + const OSSL_PROVIDER * const *b) +{ + return strcmp((*a)->name, (*b)->name); +} + +/*- + * Provider Object store + * ===================== + * + * The Provider Object store is a library context object, and therefore needs + * an index. + */ + +struct provider_store_st { + STACK_OF(OSSL_PROVIDER) *providers; + CRYPTO_RWLOCK *lock; +}; +static int provider_store_index = -1; + +static void provider_store_free(void *vstore) +{ + struct provider_store_st *store = vstore; + + if (store == NULL) + return; + sk_OSSL_PROVIDER_pop_free(store->providers, ossl_provider_free); + CRYPTO_THREAD_lock_free(store->lock); + OPENSSL_free(store); +} + +static void *provider_store_new(void) +{ + struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store)); + + if (store == NULL + || (store->providers = sk_OSSL_PROVIDER_new(ossl_provider_cmp)) == NULL + || (store->lock = CRYPTO_THREAD_lock_new()) == NULL) { + provider_store_free(store); + store = NULL; + } + return store; +} + +static const OPENSSL_CTX_METHOD provider_store_method = { + provider_store_new, + provider_store_free, +}; + +static CRYPTO_ONCE provider_store_init_flag = CRYPTO_ONCE_STATIC_INIT; +DEFINE_RUN_ONCE_STATIC(do_provider_store_init) +{ + return OPENSSL_init_crypto(0, NULL) + && (provider_store_index = + openssl_ctx_new_index(&provider_store_method)) != -1; +} + + +static struct provider_store_st *get_provider_store(OPENSSL_CTX *libctx) +{ + struct provider_store_st *store = NULL; + + if (!RUN_ONCE(&provider_store_init_flag, do_provider_store_init)) + return NULL; + + store = openssl_ctx_get_data(libctx, provider_store_index); + if (store == NULL) + CRYPTOerr(CRYPTO_F_GET_PROVIDER_STORE, ERR_R_INTERNAL_ERROR); + return store; +} + +/*- + * Provider Object methods + * ======================= + */ + +int ossl_provider_upref(OSSL_PROVIDER *prov) +{ + int ref = 0; + +#ifndef HAVE_ATOMICS + CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock); +#else + CRYPTO_UP_REF(&prov->refcnt, &ref, NULL); +#endif + return ref; +} + +/* Finder, constructor and destructor */ +OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name) +{ + struct provider_store_st *store = NULL; + OSSL_PROVIDER *prov = NULL; + + if ((store = get_provider_store(libctx)) != NULL) { + OSSL_PROVIDER tmpl = { 0, }; + int i; + + tmpl.name = (char *)name; + CRYPTO_THREAD_write_lock(store->lock); + if ((i = sk_OSSL_PROVIDER_find(store->providers, &tmpl)) == -1 + || (prov = sk_OSSL_PROVIDER_value(store->providers, i)) == NULL + || !ossl_provider_upref(prov)) + prov = NULL; + CRYPTO_THREAD_unlock(store->lock); + } + + return prov; +} + +OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, + OSSL_provider_init_fn *init_function) +{ + struct provider_store_st *store = NULL; + OSSL_PROVIDER *prov = NULL; + + if ((store = get_provider_store(libctx)) == NULL) + return NULL; + + if ((prov = ossl_provider_find(libctx, name)) != NULL) { /* refcount +1 */ + ossl_provider_free(prov); /* refcount -1 */ + CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, + CRYPTO_R_PROVIDER_ALREADY_EXISTS); + ERR_add_error_data(2, "name=", name); + return NULL; + } + + if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL + || !ossl_provider_upref(prov) /* +1 One reference to be returned */ + || (prov->name = OPENSSL_strdup(name)) == NULL) { + ossl_provider_free(prov); + CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, ERR_R_MALLOC_FAILURE); + return NULL; + } + + prov->init_function = init_function; + + CRYPTO_THREAD_write_lock(store->lock); + if (!ossl_provider_upref(prov)) { /* +1 One reference for the store */ + ossl_provider_free(prov); /* -1 Reference that was to be returned */ + prov = NULL; + } else if (sk_OSSL_PROVIDER_push(store->providers, prov) == 0) { + ossl_provider_free(prov); /* -1 Store reference */ + ossl_provider_free(prov); /* -1 Reference that was to be returned */ + prov = NULL; + } + CRYPTO_THREAD_unlock(store->lock); + + if (prov == NULL) + CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_NEW, ERR_R_MALLOC_FAILURE); + + /* + * At this point, the provider is only partially "loaded". To be + * fully "loaded", ossl_provider_activate() must also be called. + */ + + return prov; +} + +void ossl_provider_free(OSSL_PROVIDER *prov) +{ + if (prov != NULL) { + int ref = 0; + +#ifndef HAVE_ATOMICS + CRYPTO_DOWN_REF(&prov->refcnt, &ref, provider_lock); +#else + CRYPTO_DOWN_REF(&prov->refcnt, &ref, NULL); +#endif + + /* + * When the refcount drops down to one, there is only one reference, + * the store. + * When that happens, the provider is inactivated. + */ + if (ref == 1 && prov->flag_initialized) { + if (prov->teardown != NULL) + prov->teardown(); + prov->flag_initialized = 0; + } + + /* + * When the refcount drops to zero, it has been taken out of + * the store. All we have to do here is clean it out. + */ + if (ref == 0) { + DSO_free(prov->module); + OPENSSL_free(prov->name); + OPENSSL_free(prov); + } + } +} + +/* + * Provider activation. + * + * What "activation" means depends on the provider form; for built in + * providers (in the library or the application alike), the provider + * can already be considered to be loaded, all that's needed is to + * initialize it. However, for dynamically loadable provider modules, + * we must first load that module. + * + * Built in modules are distinguished from dynamically loaded modules + * with an already assigned init function. + */ +static const OSSL_DISPATCH *core_dispatch; /* Define further down */ + +int ossl_provider_activate(OSSL_PROVIDER *prov) +{ + const OSSL_DISPATCH *provider_dispatch = NULL; + + if (prov->flag_initialized) + return 1; + + /* + * If the init function isn't set, it indicates that this provider is + * a loadable module. + */ + if (prov->init_function == NULL) { + if (prov->module == NULL) { + char *platform_module_name = NULL; + char *module_path = NULL; + const char *load_dir = ossl_safe_getenv("OPENSSL_MODULES"); + + if ((prov->module = DSO_new()) == NULL) { + /* DSO_new() generates an error already */ + return 0; + } + + if (load_dir == NULL) + load_dir = MODULESDIR; + + DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS, + DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL); + if ((platform_module_name = + DSO_convert_filename(prov->module, prov->name)) == NULL + || (module_path = + DSO_merge(prov->module, platform_module_name, + load_dir)) == NULL + || DSO_load(prov->module, module_path, NULL, + DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == NULL) { + DSO_free(prov->module); + prov->module = NULL; + } + + OPENSSL_free(platform_module_name); + OPENSSL_free(module_path); + } + + if (prov->module != NULL) + prov->init_function = (OSSL_provider_init_fn *) + DSO_bind_func(prov->module, "OSSL_provider_init"); + } + + if (prov->init_function == NULL + || !prov->init_function(prov, core_dispatch, &provider_dispatch)) { + CRYPTOerr(CRYPTO_F_OSSL_PROVIDER_ACTIVATE, ERR_R_INIT_FAIL); + ERR_add_error_data(2, "name=", prov->name); + DSO_free(prov->module); + prov->module = NULL; + return 0; + } + + for (; provider_dispatch->function_id != 0; provider_dispatch++) { + switch (provider_dispatch->function_id) { + case OSSL_FUNC_PROVIDER_TEARDOWN: + prov->teardown = + OSSL_get_provider_teardown(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_GET_PARAM_TYPES: + prov->get_param_types = + OSSL_get_provider_get_param_types(provider_dispatch); + break; + case OSSL_FUNC_PROVIDER_GET_PARAMS: + prov->get_params = + OSSL_get_provider_get_params(provider_dispatch); + break; + } + } + + /* With this flag set, this provider has become fully "loaded". */ + prov->flag_initialized = 1; + + return 1; +} + +/* Getters of Provider Object data */ +const char *ossl_provider_name(OSSL_PROVIDER *prov) +{ + return prov->name; +} + +const DSO *ossl_provider_dso(OSSL_PROVIDER *prov) +{ + return prov->module; +} + +const char *ossl_provider_module_name(OSSL_PROVIDER *prov) +{ + return DSO_get_filename(prov->module); +} + +const char *ossl_provider_module_path(OSSL_PROVIDER *prov) +{ + /* FIXME: Ensure it's a full path */ + return DSO_get_filename(prov->module); +} + +/* Wrappers around calls to the provider */ +void ossl_provider_teardown(const OSSL_PROVIDER *prov) +{ + if (prov->teardown != NULL) + prov->teardown(); +} + +const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov) +{ + return prov->get_param_types == NULL ? NULL : prov->get_param_types(prov); +} + +int ossl_provider_get_params(const OSSL_PROVIDER *prov, + const OSSL_PARAM params[]) +{ + return prov->get_params == NULL ? 0 : prov->get_params(prov, params); +} + +/*- + * Core functions for the provider + * =============================== + * + * This is the set of functions that the core makes available to the provider + */ + +/* + * This returns a list of Provider Object parameters with their types, for + * discovery. We do not expect that many providers will use this, but one + * never knows. + */ +static const OSSL_ITEM param_types[] = { + { OSSL_PARAM_UTF8_STRING_PTR, "openssl-version" }, + { OSSL_PARAM_UTF8_STRING_PTR, "provider-name" }, + { 0, NULL } +}; + +static const OSSL_ITEM *core_get_param_types(const OSSL_PROVIDER *prov) +{ + return param_types; +} + +static int core_get_params(const OSSL_PROVIDER *prov, const OSSL_PARAM params[]) +{ + int i; + + for (i = 0; params[i].key != NULL; i++) { + if (strcmp(params[i].key, "openssl-version") == 0) { + *(void **)params[i].buffer = OPENSSL_VERSION_STR; + if (params[i].return_size) + *params[i].return_size = sizeof(OPENSSL_VERSION_STR); + } else if (strcmp(params[i].key, "provider-name") == 0) { + *(void **)params[i].buffer = prov->name; + if (params[i].return_size) + *params[i].return_size = strlen(prov->name) + 1; + } + } + + return 1; +} + +static const OSSL_DISPATCH core_dispatch_[] = { + { OSSL_FUNC_CORE_GET_PARAM_TYPES, (void (*)(void))core_get_param_types }, + { OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params }, + { 0, NULL } +}; +static const OSSL_DISPATCH *core_dispatch = core_dispatch_; diff --git a/doc/internal/man3/ossl_provider_new.pod b/doc/internal/man3/ossl_provider_new.pod new file mode 100644 index 0000000..79964d6 --- /dev/null +++ b/doc/internal/man3/ossl_provider_new.pod @@ -0,0 +1,196 @@ +=pod + +=head1 NAME + +ossl_provider_find, ossl_provider_new, ossl_provider_upref, +ossl_provider_free, ossl_provider_add_module_location, +ossl_provider_activate, ossl_provider_name, ossl_provider_dso, +ossl_provider_module_name, ossl_provider_module_path, +ossl_provider_teardown, ossl_provider_get_param_types, +ossl_provider_get_params - internal provider routines + +=head1 SYNOPSIS + + #include "internal/provider.h" + + OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name); + OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, + ossl_provider_init_fn *init_function); + int ossl_provider_upref(OSSL_PROVIDER *prov); + void ossl_provider_free(OSSL_PROVIDER *prov); + + /* Setters */ + int ossl_provider_add_module_location(OSSL_PROVIDER *prov, const char *loc); + + /* Load and initialize the Provider */ + int ossl_provider_activate(OSSL_PROVIDER *prov); + + /* Getters for other library functions */ + const char *ossl_provider_name(OSSL_PROVIDER *prov); + const DSO *ossl_provider_dso(OSSL_PROVIDER *prov); + const char *ossl_provider_module_name(OSSL_PROVIDER *prov); + const char *ossl_provider_module_path(OSSL_PROVIDER *prov); + + /* Thin wrappers around calls to the provider */ + void ossl_provider_teardown(const OSSL_PROVIDER *prov); + const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov); + int ossl_provider_get_params(const OSSL_PROVIDER *prov, + const OSSL_PARAM params[]); + +=head1 DESCRIPTION + +C is a type that holds all the necessary information +to handle a provider, regardless of if it's built in to the +application or the OpenSSL libraries, or if it's a loadable provider +module. +Instances of this type are commonly refered to as Is. + +A I is always stored in a set of Is +in the library context. + +Is are reference counted. + +Is are initially inactive, i.e. they are only +recorded in the store, but are not used. +They are activated with the first call to ossl_provider_activate(), +and are inactivated when ossl_provider_free() has been called as many +times as ossl_provider_activate() has. + +=head2 Functions + +ossl_provider_find() finds an existing I in the +I store by C. +The I it finds gets it's reference count +incremented. + +ossl_provider_new() creates a new I and stores it in +the I store, unless there already is one there with +the same name. +The reference counter of a newly created I will +always be 2; one for being added to the store, and one for the +returned reference. +To indicate a built-in provider, the C argument must +point at the provider initialization function for that provider. + +ossl_provider_free() decrements a I's reference +counter; if it drops to one, the I will be +inactivated (it's teardown function is called) but kept in the store; +if it drops down to zero, the associated module will be unloaded if +one was loaded, and the I will be freed. + +ossl_provider_add_module_location() adds a location to look for a +provider module. + +ossl_provider_activate() "activates" the provider for the given +I. +What "activates" means depends on what type of I it +is: + +=over 4 + +=item * + +If an initialization function was given with ossl_provider_new(), that +function will get called. + +=item * + +If no intialization function was given with ossl_provider_new(), a +loadable module with the C that was given to ossl_provider_new() +will be located and loaded, then the symbol C will +be located in that module, and called. + +=back + +ossl_provider_name() returns the name that was given with +ossl_provider_new(). + +ossl_provider_dso() returns a reference to the module, for providers +that come in the form of loadable modules. + +ossl_provider_module_name() returns the file name of the module, for +providers that come in the form of loadable modules. + +ossl_provider_module_path() returns the full path of the module file, +for providers that come in the form of loadable modules. + +ossl_provider_teardown() calls the provider's C function, if +the provider has one. + +ossl_provider_get_param_types() calls the provider's C +function, if the provider has one. +It should return an array of C to describe all the +parameters that the provider has for the I. + +ossl_provider_get_params() calls the provider's parameter request +responder. +It should treat the given C array as described in +L. + +=head1 NOTES + +Locating a provider module happens as follows: + +=over 4 + +=item 1. + +Look in each directory given by ossl_provider_add_module_location(). + +=item 2. + +Look in the directory given by the environment variable +B. + +=item 3. + +Look in the directory given by the OpenSSL built in macro +B. + +=back + +=head1 RETURN VALUES + +ossl_provider_find() and ossl_provider_new() return a pointer to a +I (C) on success, or B on error. + +ossl_provider_upref() returns the value of the reference counter after +it has been incremented. + +ossl_provider_free() doesn't return any value. + +ossl_provider_add_module_location() and ossl_provider_activate() +return 1 on success, or 0 on error. + +ossl_provider_name(), ossl_provider_dso(), +ossl_provider_module_name(), and ossl_provider_module_path() return a +pointer to their respective data if it's available, otherwise B +is returned. + +ossl_provider_teardown() doesnt't return any value. + +ossl_provider_get_param_types() returns a pointer to an C +array if this function is available in the provider, otherwise +B. + +ossl_provider_get_params() returns 1 on success, or 0 on error. +If this function isn't available in the provider, 0 is returned. + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +The functions described here were all added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_PROVIDER.pod b/doc/man3/OSSL_PROVIDER.pod new file mode 100644 index 0000000..e365366 --- /dev/null +++ b/doc/man3/OSSL_PROVIDER.pod @@ -0,0 +1,112 @@ +=pod + +=head1 NAME + +OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_unload, +OSSL_PROVIDER_get_param_types, OSSL_PROVIDER_get_params, +OSSL_PROVIDER_add_builtin - provider routines + +=head1 SYNOPSIS + + #include + + typedef struct ossl_provider_st OSSL_PROVIDER; + + OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name); + int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov); + + const OSSL_ITEM *OSSL_PROVIDER_get_param_types(OSSL_PROVIDER *prov); + int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, const OSSL_PARAM params[]); + + int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *, const char *name, + ossl_provider_init_fn *init_fn); + +=head1 DESCRIPTION + +B is a type that holds internal information about +implementation providers (see L for information on what a +provider is). +A provider can be built in to the application or the OpenSSL +libraries, or can be a loadable module. +The functions described here handle both forms. + +=head2 Functions + +OSSL_PROVIDER_add_builtin() is used to add a built in provider to +B store in the given library context, by associating a +provider name with a provider initialization function. +This name can then be used with OSSL_PROVIDER_load(). + +OSSL_PROVIDER_load() loads and initializes a provider. +This may simply initialize a provider that was previously added with +OSSL_PROVIDER_add_builtin() and run its given initialization function, +or load a provider module with the given name and run its provider +entry point, C. + +OSSL_PROVIDER_unload() unloads the given provider. +For a provider added with OSSL_PROVIDER_add_builtin(), this simply +runs its teardown function. + +OSSL_PROVIDER_get_param_types() is used to get a provider parameter +descriptor set as an B array. +Each element is a tuple of an B parameter type and a name +in form of a C string. +See L for more information on B and +parameter types. + +OSSL_PROVIDER_get_params() is used to get provider parameter values. +The caller must prepare the B array before calling this +function, and the variables acting as buffers for this parameter array +should be filled with data when it returns successfully. + +=head1 RETURN VALUES + +OSSL_PROVIDER_add() returns 1 on success, or 0 on error. + +OSSL_PROVIDER_load() returns a pointer to a provider object on +success, or B on error. + +OSSL_PROVIDER_unload() returns 1 on success, or 0 on error. + +OSSL_PROVIDER_get_param_types() returns a pointer to a constant array +of B, or NULL if none is provided. + +OSSL_PROVIDER_get_params() returns 1 on success, or 0 on error. + +=head1 EXAMPLES + +This demonstrates how to load the provider module "foo" and ask for +its build number. + + OSSL_PROVIDER *prov = NULL; + const char *build = NULL; + size_t built_l = 0; + const OSSL_PARAM request[] = { + { "build", OSSL_PARAM_UTF8_STRING_PTR, &build, 0, &build_l }, + { NULL, 0, NULL, 0, NULL } + }; + + if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL + && OSSL_PROVIDER_get_params(prov, request)) + printf("Provider 'foo' build %s\n", build); + else + ERR_print_errors_fp(stderr); + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +The type and functions described here were added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/include/internal/provider.h b/include/internal/provider.h new file mode 100644 index 0000000..44d1d70 --- /dev/null +++ b/include/internal/provider.h @@ -0,0 +1,61 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_INTERNAL_PROVIDER_H +# define OSSL_INTERNAL_PROVIDER_H + +# include +# include "internal/dso.h" +# include "internal/symhacks.h" + +# ifdef __cplusplus +extern "C" { +# endif + +/* + * namespaces: + * + * ossl_provider_ Provider Object internal API + * OSSL_PROVIDER Provider Object + */ + +/* Provider Object finder, constructor and destructor */ +OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name); +OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, + OSSL_provider_init_fn *init_function); +int ossl_provider_upref(OSSL_PROVIDER *prov); +void ossl_provider_free(OSSL_PROVIDER *prov); + +/* Setters */ +int ossl_provider_add_module_location(OSSL_PROVIDER *prov, const char *loc); + +/* + * Activate the Provider + * If the Provider is a module, the module will be loaded + * Inactivation is done by freeing the Provider + */ +int ossl_provider_activate(OSSL_PROVIDER *prov); + +/* Getters for other library functions */ +const char *ossl_provider_name(OSSL_PROVIDER *prov); +const DSO *ossl_provider_dso(OSSL_PROVIDER *prov); +const char *ossl_provider_module_name(OSSL_PROVIDER *prov); +const char *ossl_provider_module_path(OSSL_PROVIDER *prov); + +/* Thin wrappers around calls to the provider */ +void ossl_provider_teardown(const OSSL_PROVIDER *prov); +const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov); +int ossl_provider_get_params(const OSSL_PROVIDER *prov, + const OSSL_PARAM params[]); + +# ifdef __cplusplus +} +# endif + +#endif diff --git a/include/internal/symhacks.h b/include/internal/symhacks.h new file mode 100644 index 0000000..2b09604 --- /dev/null +++ b/include/internal/symhacks.h @@ -0,0 +1,26 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_INTERNAL_SYMHACKS_H +# define OSSL_INTERNAL_SYMHACKS_H + +# include + +# if defined(OPENSSL_SYS_VMS) + +/* ossl_provider_get_param_types vs OSSL_PROVIDER_get_param_types */ +# undef ossl_provider_get_param_types +# define ossl_provider_get_param_types ossl_int_prov_get_param_types +/* ossl_provider_get_params vs OSSL_PROVIDER_get_params */ +# undef ossl_provider_get_params +# define ossl_provider_get_params ossl_int_prov_get_params + +# endif + +#endif /* ! defined HEADER_VMS_IDHACKS_H */ diff --git a/include/openssl/core.h b/include/openssl/core.h index 98b58be..15e8843 100644 --- a/include/openssl/core.h +++ b/include/openssl/core.h @@ -136,6 +136,26 @@ struct ossl_param_st { # define OSSL_PARAM_OCTET_STRING_PTR \ (OSSL_PARAM_OCTET_STRING|OSSL_PARAM_POINTER_FLAG) +/*- + * Provider entry point + * -------------------- + * + * This function is expected to be present in any dynamically loadable + * provider module. By definition, if this function doesn't exist in a + * module, that module is not an OpenSSL provider module. + */ +/*- + * |provider| pointer to opaque type OSSL_PROVIDER. This can be used + * together with some functions passed via |in| to query data. + * |in| is the array of functions that the Core passes to the provider. + * |out| will be the array of base functions that the provider passes + * back to the Core. + */ +typedef int (OSSL_provider_init_fn)(const OSSL_PROVIDER *provider, + const OSSL_DISPATCH *in, + const OSSL_DISPATCH **out); +extern OSSL_provider_init_fn OSSL_provider_init; + # ifdef __cplusplus } # endif diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h new file mode 100644 index 0000000..cd10938 --- /dev/null +++ b/include/openssl/core_numbers.h @@ -0,0 +1,76 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_CORE_NUMBERS_H +# define OSSL_CORE_NUMBERS_H + +# include + +# ifdef __cplusplus +extern "C" { +# endif + +/*- + * Identities + * ---------- + * + * All series start with 1, to allow 0 to be an array terminator. + * For any FUNC identity, we also provide a function signature typedef + * and a static inline function to extract a function pointer from a + * OSSL_DISPATCH element in a type safe manner. + * + * Names: + * for any function base name 'foo' (uppercase form 'FOO'), we will have + * the following: + * - a macro for the identity with the name OSSL_FUNC_'FOO' or derivates + * thereof (to be specified further down) + * - a function signature typedef with the name OSSL_'foo'_fn + * - a function pointer extractor function with the name OSSL_'foo' + */ + +/* Helper macro to create the function signature typedef and the extractor */ +#define OSSL_CORE_MAKE_FUNC(type,name,args) \ + typedef type (OSSL_##name##_fn)args; \ + static ossl_inline \ + OSSL_##name##_fn *OSSL_get_##name(const OSSL_DISPATCH *opf) \ + { \ + return (OSSL_##name##_fn *)opf->function; \ + } + +/* + * Core function identities, for the two OSSL_DISPATCH tables being passed + * in the OSSL_provider_init call. + * + * 0 serves as a marker for the end of the OSSL_DISPATCH array, and must + * therefore NEVER be used as a function identity. + */ +/* Functions provided by the Core to the provider, reserved numbers 1-1023 */ +# define OSSL_FUNC_CORE_GET_PARAM_TYPES 1 +OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *, + core_get_param_types,(const OSSL_PROVIDER *prov)) +# define OSSL_FUNC_CORE_GET_PARAMS 2 +OSSL_CORE_MAKE_FUNC(int,core_get_params,(const OSSL_PROVIDER *prov, + const OSSL_PARAM params[])) + +/* Functions provided by the provider to the Core, reserved numbers 1024-1535 */ +# define OSSL_FUNC_PROVIDER_TEARDOWN 1024 +OSSL_CORE_MAKE_FUNC(void,provider_teardown,(void)) +# define OSSL_FUNC_PROVIDER_GET_PARAM_TYPES 1025 +OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *, + provider_get_param_types,(const OSSL_PROVIDER *prov)) +# define OSSL_FUNC_PROVIDER_GET_PARAMS 1026 +OSSL_CORE_MAKE_FUNC(int,provider_get_params,(const OSSL_PROVIDER *prov, + const OSSL_PARAM params[])) + + +# ifdef __cplusplus +} +# endif + +#endif diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h index f07d07e..c27f05c 100644 --- a/include/openssl/cryptoerr.h +++ b/include/openssl/cryptoerr.h @@ -34,6 +34,7 @@ int ERR_load_CRYPTO_strings(void); # define CRYPTO_F_CRYPTO_SET_EX_DATA 102 # define CRYPTO_F_FIPS_MODE_SET 109 # define CRYPTO_F_GET_AND_LOCK 113 +# define CRYPTO_F_GET_PROVIDER_STORE 133 # define CRYPTO_F_OPENSSL_ATEXIT 114 # define CRYPTO_F_OPENSSL_BUF2HEXSTR 117 # define CRYPTO_F_OPENSSL_FOPEN 119 @@ -42,6 +43,9 @@ int ERR_load_CRYPTO_strings(void); # define CRYPTO_F_OPENSSL_LH_NEW 126 # define CRYPTO_F_OPENSSL_SK_DEEP_COPY 127 # define CRYPTO_F_OPENSSL_SK_DUP 128 +# define CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN 132 +# define CRYPTO_F_OSSL_PROVIDER_ACTIVATE 130 +# define CRYPTO_F_OSSL_PROVIDER_NEW 131 # define CRYPTO_F_PKEY_HMAC_INIT 123 # define CRYPTO_F_PKEY_POLY1305_INIT 124 # define CRYPTO_F_PKEY_SIPHASH_INIT 125 @@ -53,5 +57,6 @@ int ERR_load_CRYPTO_strings(void); # define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 # define CRYPTO_R_ILLEGAL_HEX_DIGIT 102 # define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103 +# define CRYPTO_R_PROVIDER_ALREADY_EXISTS 104 #endif diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h index 9b97e3d..07e5f02 100644 --- a/include/openssl/ossl_typ.h +++ b/include/openssl/ossl_typ.h @@ -18,6 +18,8 @@ extern "C" { # include +typedef struct ossl_provider_st OSSL_PROVIDER; /* Provider Object */ + # ifdef NO_ASN1_TYPEDEFS # define ASN1_INTEGER ASN1_STRING # define ASN1_ENUMERATED ASN1_STRING diff --git a/include/openssl/provider.h b/include/openssl/provider.h new file mode 100644 index 0000000..7dc5b8a --- /dev/null +++ b/include/openssl/provider.h @@ -0,0 +1,34 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_PROVIDER_H +# define OSSL_PROVIDER_H + +# include + +# ifdef __cplusplus +extern "C" { +# endif + +/* Load and unload a provider */ +OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name); +int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov); + +const OSSL_ITEM *OSSL_PROVIDER_get_param_types(OSSL_PROVIDER *prov); +int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, const OSSL_PARAM params[]); + +/* Add a built in providers */ +int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *, const char *name, + OSSL_provider_init_fn *init_fn); + +# ifdef __cplusplus +} +# endif + +#endif diff --git a/test/build.info b/test/build.info index 4dd400f..f7ec8a2 100644 --- a/test/build.info +++ b/test/build.info @@ -578,6 +578,29 @@ IF[{- !$disabled{tests} -}] SOURCE[context_internal_test]=context_internal_test.c INCLUDE[context_internal_test]=.. ../include ../apps/include DEPEND[context_internal_test]=../libcrypto.a libtestutil.a + + PROGRAMS{noinst}=provider_internal_test + DEFINE[provider_internal_test]=PROVIDER_INIT_FUNCTION_NAME=p_test_init + SOURCE[provider_internal_test]=provider_internal_test.c p_test.c + INCLUDE[provider_internal_test]=../include ../apps/include + DEPEND[provider_internal_test]=../libcrypto.a libtestutil.a + PROGRAMS{noinst}=provider_test + DEFINE[provider_test]=PROVIDER_INIT_FUNCTION_NAME=p_test_init + SOURCE[provider_test]=provider_test.c p_test.c + INCLUDE[provider_test]=../include ../apps/include + DEPEND[provider_test]=../libcrypto.a libtestutil.a + IF[{- !$disabled{shared} -}] + MODULES{noinst}=p_test + SOURCE[p_test]=p_test.c + INCLUDE[p_test]=../include + IF[{- defined $target{shared_defflag} -}] + SOURCE[p_test]=p_test.ld + GENERATE[p_test.ld]=../util/providers.num + ENDIF + ELSE + DEFINE[provider_test]=OPENSSL_NO_SHARED + DEFINE[provider_internal_test]=OPENSSL_NO_SHARED + ENDIF ENDIF {- diff --git a/test/p_test.c b/test/p_test.c new file mode 100644 index 0000000..6dc0410 --- /dev/null +++ b/test/p_test.c @@ -0,0 +1,110 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This is a very simple provider that does absolutely nothing except respond + * to provider global parameter requests. It does this by simply echoing back + * a parameter request it makes to the loading library. + */ + +#include +#include + +/* + * When built as an object file to link the application with, we get the + * init function name through the macro PROVIDER_INIT_FUNCTION_NAME. If + * not defined, we use the standard init function name for the shared + * object form. + */ +#ifdef PROVIDER_INIT_FUNCTION_NAME +# define OSSL_provider_init PROVIDER_INIT_FUNCTION_NAME +#endif + +#include +#include + +static OSSL_core_get_param_types_fn *c_get_param_types = NULL; +static OSSL_core_get_params_fn *c_get_params = NULL; + +/* Tell the core what params we provide and what type they are */ +static const OSSL_ITEM p_param_types[] = { + { OSSL_PARAM_UTF8_STRING, "greeting" }, + { 0, NULL } +}; + +static const OSSL_ITEM *p_get_param_types(const OSSL_PROVIDER *_) +{ + return p_param_types; +} + +static int p_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) +{ + const OSSL_PARAM *p = params; + int ok = 1; + + for (; ok && p->key != NULL; p++) { + if (strcmp(p->key, "greeting") == 0) { + static char *opensslv = NULL; + static char *provname = NULL; + static OSSL_PARAM counter_request[] = { + { "openssl-version", OSSL_PARAM_UTF8_STRING_PTR, + &opensslv, sizeof(&opensslv), NULL }, + { "provider-name", OSSL_PARAM_UTF8_STRING_PTR, + &provname, sizeof(&provname), NULL}, + { NULL, 0, NULL, 0, NULL } + }; + char buf[256]; + size_t buf_l; + + if (c_get_params(prov, counter_request)) { + const char *versionp = *(void **)counter_request[0].buffer; + const char *namep = *(void **)counter_request[1].buffer; + sprintf(buf, "Hello OpenSSL %.20s, greetings from %s!", + versionp, namep); + } else { + sprintf(buf, "Howdy stranger..."); + } + + *p->return_size = buf_l = strlen(buf) + 1; + if (p->buffer_size >= buf_l) + strncpy(p->buffer, buf, buf_l); + else + ok = 0; + } + } + return ok; +} + +static const OSSL_DISPATCH p_test_table[] = { + { OSSL_FUNC_PROVIDER_GET_PARAM_TYPES, (void (*)(void))p_get_param_types }, + { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))p_get_params }, + { 0, NULL } +}; + +int OSSL_provider_init(const OSSL_PROVIDER *provider, + const OSSL_DISPATCH *in, + const OSSL_DISPATCH **out) +{ + for (; in->function_id != 0; in++) { + switch (in->function_id) { + case OSSL_FUNC_CORE_GET_PARAM_TYPES: + c_get_param_types = OSSL_get_core_get_param_types(in); + break; + case OSSL_FUNC_CORE_GET_PARAMS: + c_get_params = OSSL_get_core_get_params(in); + break; + default: + /* Just ignore anything we don't understand */ + break; + } + } + + *out = p_test_table; + return 1; +} diff --git a/test/provider_internal_test.c b/test/provider_internal_test.c new file mode 100644 index 0000000..c423808 --- /dev/null +++ b/test/provider_internal_test.c @@ -0,0 +1,79 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "internal/provider.h" +#include "testutil.h" + +extern OSSL_provider_init_fn PROVIDER_INIT_FUNCTION_NAME; + +static char buf[256]; +static size_t buf_l = 0; +static OSSL_PARAM greeting_request[] = { + { "greeting", OSSL_PARAM_UTF8_STRING, buf, sizeof(buf), &buf_l }, + { NULL, 0, NULL, 0, NULL } +}; + +static int test_provider(OSSL_PROVIDER *prov) +{ + const char *name = NULL; + const char *greeting = NULL; + char expected_greeting[256]; + int ret = 0; + + if (!TEST_ptr(name = ossl_provider_name(prov))) + return 0; + + snprintf(expected_greeting, sizeof(expected_greeting), + "Hello OpenSSL %.20s, greetings from %s!", + OPENSSL_VERSION_STR, name); + + ret = + TEST_true(ossl_provider_activate(prov)) + && TEST_true(ossl_provider_get_params(prov, greeting_request)) + && TEST_ptr(greeting = greeting_request[0].buffer) + && TEST_size_t_gt(greeting_request[0].buffer_size, 0) + && TEST_str_eq(greeting, expected_greeting); + + ossl_provider_free(prov); + return ret; +} + +static int test_builtin_provider(void) +{ + const char *name = "p_test_builtin"; + OSSL_PROVIDER *prov = NULL; + + return + TEST_ptr(prov = + ossl_provider_new(NULL, name, PROVIDER_INIT_FUNCTION_NAME)) + && test_provider(prov); +} + +#ifndef OPENSSL_NO_SHARED +static int test_loaded_provider(void) +{ + const char *name = "p_test"; + OSSL_PROVIDER *prov = NULL; + + return + TEST_ptr(prov = ossl_provider_new(NULL, name, NULL)) + && test_provider(prov); +} +#endif + +int setup_tests(void) +{ + ADD_TEST(test_builtin_provider); +#ifndef OPENSSL_NO_SHARED + ADD_TEST(test_loaded_provider); +#endif + return 1; +} + diff --git a/test/provider_test.c b/test/provider_test.c new file mode 100644 index 0000000..738cd7b --- /dev/null +++ b/test/provider_test.c @@ -0,0 +1,69 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "testutil.h" + +extern OSSL_provider_init_fn PROVIDER_INIT_FUNCTION_NAME; + +static char buf[256]; +static size_t buf_l = 0; +static OSSL_PARAM greeting_request[] = { + { "greeting", OSSL_PARAM_UTF8_STRING, buf, sizeof(buf), &buf_l }, + { NULL, 0, NULL, 0, NULL } +}; + +static int test_provider(const char *name) +{ + OSSL_PROVIDER *prov = NULL; + const char *greeting = NULL; + char expected_greeting[256]; + + snprintf(expected_greeting, sizeof(expected_greeting), + "Hello OpenSSL %.20s, greetings from %s!", + OPENSSL_VERSION_STR, name); + + return + TEST_ptr(prov = OSSL_PROVIDER_load(NULL, name)) + && TEST_true(OSSL_PROVIDER_get_params(prov, greeting_request)) + && TEST_ptr(greeting = greeting_request[0].buffer) + && TEST_size_t_gt(greeting_request[0].buffer_size, 0) + && TEST_str_eq(greeting, expected_greeting) + && TEST_true(OSSL_PROVIDER_unload(prov)); +} + +static int test_builtin_provider(void) +{ + const char *name = "p_test_builtin"; + + return + TEST_true(OSSL_PROVIDER_add_builtin(NULL, name, + PROVIDER_INIT_FUNCTION_NAME)) + && test_provider(name); +} + +#ifndef OPENSSL_NO_SHARED +static int test_loaded_provider(void) +{ + const char *name = "p_test"; + + return test_provider(name); +} +#endif + +int setup_tests(void) +{ + ADD_TEST(test_builtin_provider); +#ifndef OPENSSL_NO_SHARED + ADD_TEST(test_loaded_provider); +#endif + return 1; +} + diff --git a/test/recipes/02-test_internal_provider.t b/test/recipes/02-test_internal_provider.t new file mode 100644 index 0000000..8275eb2 --- /dev/null +++ b/test/recipes/02-test_internal_provider.t @@ -0,0 +1,18 @@ +#! /usr/bin/env perl +# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw(:DEFAULT bldtop_dir); +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_provider"); + +$ENV{"OPENSSL_MODULES"} = bldtop_dir("test"); + +simple_test("test_internal_provider", "provider_internal_test"); diff --git a/test/recipes/04-test_provider.t b/test/recipes/04-test_provider.t new file mode 100644 index 0000000..9195a42 --- /dev/null +++ b/test/recipes/04-test_provider.t @@ -0,0 +1,18 @@ +#! /usr/bin/env perl +# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw(:DEFAULT bldtop_dir); +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_provider"); + +$ENV{"OPENSSL_MODULES"} = bldtop_dir("test"); + +simple_test("test_provider", "provider_test"); diff --git a/util/libcrypto.num b/util/libcrypto.num index cb0cb22..4243593 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4655,3 +4655,8 @@ OSSL_trace_set_callback 4610 3_0_0 EXIST::FUNCTION: OSSL_trace_enabled 4611 3_0_0 EXIST::FUNCTION: OSSL_trace_begin 4612 3_0_0 EXIST::FUNCTION: OSSL_trace_end 4613 3_0_0 EXIST::FUNCTION: +OSSL_PROVIDER_load 4614 3_0_0 EXIST::FUNCTION: +OSSL_PROVIDER_unload 4615 3_0_0 EXIST::FUNCTION: +OSSL_PROVIDER_add_builtin 4616 3_0_0 EXIST::FUNCTION: +OSSL_PROVIDER_get_param_types 4617 3_0_0 EXIST::FUNCTION: +OSSL_PROVIDER_get_params 4618 3_0_0 EXIST::FUNCTION: diff --git a/util/perl/OpenSSL/ParseC.pm b/util/perl/OpenSSL/ParseC.pm index 7a13930..59b08e8 100644 --- a/util/perl/OpenSSL/ParseC.pm +++ b/util/perl/OpenSSL/ParseC.pm @@ -578,6 +578,15 @@ my @chandlers = ( { regexp => qr/extern "C" (.*;)/, massager => sub { return ($1); }, }, + # any other extern is just ignored + { regexp => qr/^\s* # Any spaces before + extern # The keyword we look for + \b # word to non-word boundary + .* # Anything after + ; + /x, + massager => sub { return (); }, + }, # union, struct and enum definitions # Because this one might appear a little everywhere within type # definitions, we take it out and replace it with just diff --git a/util/private.num b/util/private.num index ad1865f..cb1997a 100644 --- a/util/private.num +++ b/util/private.num @@ -33,6 +33,7 @@ OPENSSL_Applink external OPENSSL_CTX datatype NAMING_AUTHORITY datatype OSSL_PARAM datatype +OSSL_PROVIDER datatype OSSL_STORE_CTX datatype OSSL_STORE_INFO datatype OSSL_STORE_LOADER datatype diff --git a/util/providers.num b/util/providers.num new file mode 100644 index 0000000..4e2fa81 --- /dev/null +++ b/util/providers.num @@ -0,0 +1 @@ +OSSL_provider_init 1 * EXIST::FUNCTION: From no-reply at appveyor.com Mon Mar 11 19:44:38 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Mar 2019 19:44:38 +0000 Subject: Build failed: openssl master.23360 Message-ID: <20190311194438.1.6BAACD7B1FC2EC87@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 11 19:50:44 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Mar 2019 19:50:44 +0000 Subject: Build completed: openssl master.23361 Message-ID: <20190311195044.1.20DA590C6984603E@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Mon Mar 11 20:22:35 2019 From: levitte at openssl.org (Richard Levitte) Date: Mon, 11 Mar 2019 20:22:35 +0000 Subject: [openssl] master update Message-ID: <1552335755.359598.6324.nullmailer@dev.openssl.org> The branch master has been updated via d1229190bfbb19439589557e4d65f9bccab09b2d (commit) from c453283421299b7f8e0db6d6069c68369294a9f7 (commit) - Log ----------------------------------------------------------------- commit d1229190bfbb19439589557e4d65f9bccab09b2d Author: Patrick Steuer Date: Mon Feb 25 18:55:04 2019 +0100 s390x assembly pack: import chacha from cryptogams repo featuring 6x"horizontal" code path which is up to 25% faster than present 4x"vertical" for larger blocks. Signed-off-by: Patrick Steuer Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8287) ----------------------------------------------------------------------- Summary of changes: crypto/chacha/asm/chacha-s390x.pl | 1006 ++++++++++++++++++++++++++----------- 1 file changed, 719 insertions(+), 287 deletions(-) diff --git a/crypto/chacha/asm/chacha-s390x.pl b/crypto/chacha/asm/chacha-s390x.pl index abf7283..51efe64 100755 --- a/crypto/chacha/asm/chacha-s390x.pl +++ b/crypto/chacha/asm/chacha-s390x.pl @@ -23,11 +23,20 @@ # # August 2018 # -# Add vx code path. +# Add vx code path: 4x"vertical". # # Copyright IBM Corp. 2018 # Author: Patrick Steuer +# +# February 2019 +# +# Add 6x"horizontal" VX implementation. It's ~25% faster than IBM's +# 4x"vertical" submission [on z13] and >3 faster than scalar code. +# But to harness overheads revert to transliteration of VSX code path +# from chacha-ppc module, which is also 4x"vertical", to handle inputs +# not longer than 256 bytes. + use strict; use FindBin qw($Bin); use lib "$Bin/../.."; @@ -50,11 +59,9 @@ while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {} my $sp="%r15"; my $stdframe=16*$SIZE_T+4*8; +sub ROUND { my @x=map("%r$_",(0..7,"x","x","x","x",(10..13))); my @t=map("%r$_",(8,9)); -my @v=map("%v$_",(16..31)); - -sub ROUND { my ($a0,$b0,$c0,$d0)=@_; my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); @@ -143,63 +150,92 @@ my ($xc,$xc_)=map("$_", at t); rll (@x[$b3], at x[$b3],7); } -sub VX_ROUND { +sub VX_lane_ROUND { my ($a0,$b0,$c0,$d0)=@_; my ($a1,$b1,$c1,$d1)=map(($_&~3)+(($_+1)&3),($a0,$b0,$c0,$d0)); my ($a2,$b2,$c2,$d2)=map(($_&~3)+(($_+1)&3),($a1,$b1,$c1,$d1)); my ($a3,$b3,$c3,$d3)=map(($_&~3)+(($_+1)&3),($a2,$b2,$c2,$d2)); +my @x=map("%v$_",(0..15)); + + vaf (@x[$a0], at x[$a0], at x[$b0]); # Q1 + vx (@x[$d0], at x[$d0], at x[$a0]); + verllf (@x[$d0], at x[$d0],16); + vaf (@x[$a1], at x[$a1], at x[$b1]); # Q2 + vx (@x[$d1], at x[$d1], at x[$a1]); + verllf (@x[$d1], at x[$d1],16); + vaf (@x[$a2], at x[$a2], at x[$b2]); # Q3 + vx (@x[$d2], at x[$d2], at x[$a2]); + verllf (@x[$d2], at x[$d2],16); + vaf (@x[$a3], at x[$a3], at x[$b3]); # Q4 + vx (@x[$d3], at x[$d3], at x[$a3]); + verllf (@x[$d3], at x[$d3],16); + + vaf (@x[$c0], at x[$c0], at x[$d0]); + vx (@x[$b0], at x[$b0], at x[$c0]); + verllf (@x[$b0], at x[$b0],12); + vaf (@x[$c1], at x[$c1], at x[$d1]); + vx (@x[$b1], at x[$b1], at x[$c1]); + verllf (@x[$b1], at x[$b1],12); + vaf (@x[$c2], at x[$c2], at x[$d2]); + vx (@x[$b2], at x[$b2], at x[$c2]); + verllf (@x[$b2], at x[$b2],12); + vaf (@x[$c3], at x[$c3], at x[$d3]); + vx (@x[$b3], at x[$b3], at x[$c3]); + verllf (@x[$b3], at x[$b3],12); + + vaf (@x[$a0], at x[$a0], at x[$b0]); + vx (@x[$d0], at x[$d0], at x[$a0]); + verllf (@x[$d0], at x[$d0],8); + vaf (@x[$a1], at x[$a1], at x[$b1]); + vx (@x[$d1], at x[$d1], at x[$a1]); + verllf (@x[$d1], at x[$d1],8); + vaf (@x[$a2], at x[$a2], at x[$b2]); + vx (@x[$d2], at x[$d2], at x[$a2]); + verllf (@x[$d2], at x[$d2],8); + vaf (@x[$a3], at x[$a3], at x[$b3]); + vx (@x[$d3], at x[$d3], at x[$a3]); + verllf (@x[$d3], at x[$d3],8); + + vaf (@x[$c0], at x[$c0], at x[$d0]); + vx (@x[$b0], at x[$b0], at x[$c0]); + verllf (@x[$b0], at x[$b0],7); + vaf (@x[$c1], at x[$c1], at x[$d1]); + vx (@x[$b1], at x[$b1], at x[$c1]); + verllf (@x[$b1], at x[$b1],7); + vaf (@x[$c2], at x[$c2], at x[$d2]); + vx (@x[$b2], at x[$b2], at x[$c2]); + verllf (@x[$b2], at x[$b2],7); + vaf (@x[$c3], at x[$c3], at x[$d3]); + vx (@x[$b3], at x[$b3], at x[$c3]); + verllf (@x[$b3], at x[$b3],7); +} - vaf (@v[$a0], at v[$a0], at v[$b0]); - vaf (@v[$a1], at v[$a1], at v[$b1]); - vaf (@v[$a2], at v[$a2], at v[$b2]); - vaf (@v[$a3], at v[$a3], at v[$b3]); - vx (@v[$d0], at v[$d0], at v[$a0]); - vx (@v[$d1], at v[$d1], at v[$a1]); - vx (@v[$d2], at v[$d2], at v[$a2]); - vx (@v[$d3], at v[$d3], at v[$a3]); - verllf (@v[$d0], at v[$d0],16); - verllf (@v[$d1], at v[$d1],16); - verllf (@v[$d2], at v[$d2],16); - verllf (@v[$d3], at v[$d3],16); - - vaf (@v[$c0], at v[$c0], at v[$d0]); - vaf (@v[$c1], at v[$c1], at v[$d1]); - vaf (@v[$c2], at v[$c2], at v[$d2]); - vaf (@v[$c3], at v[$c3], at v[$d3]); - vx (@v[$b0], at v[$b0], at v[$c0]); - vx (@v[$b1], at v[$b1], at v[$c1]); - vx (@v[$b2], at v[$b2], at v[$c2]); - vx (@v[$b3], at v[$b3], at v[$c3]); - verllf (@v[$b0], at v[$b0],12); - verllf (@v[$b1], at v[$b1],12); - verllf (@v[$b2], at v[$b2],12); - verllf (@v[$b3], at v[$b3],12); - - vaf (@v[$a0], at v[$a0], at v[$b0]); - vaf (@v[$a1], at v[$a1], at v[$b1]); - vaf (@v[$a2], at v[$a2], at v[$b2]); - vaf (@v[$a3], at v[$a3], at v[$b3]); - vx (@v[$d0], at v[$d0], at v[$a0]); - vx (@v[$d1], at v[$d1], at v[$a1]); - vx (@v[$d2], at v[$d2], at v[$a2]); - vx (@v[$d3], at v[$d3], at v[$a3]); - verllf (@v[$d0], at v[$d0],8); - verllf (@v[$d1], at v[$d1],8); - verllf (@v[$d2], at v[$d2],8); - verllf (@v[$d3], at v[$d3],8); - - vaf (@v[$c0], at v[$c0], at v[$d0]); - vaf (@v[$c1], at v[$c1], at v[$d1]); - vaf (@v[$c2], at v[$c2], at v[$d2]); - vaf (@v[$c3], at v[$c3], at v[$d3]); - vx (@v[$b0], at v[$b0], at v[$c0]); - vx (@v[$b1], at v[$b1], at v[$c1]); - vx (@v[$b2], at v[$b2], at v[$c2]); - vx (@v[$b3], at v[$b3], at v[$c3]); - verllf (@v[$b0], at v[$b0],7); - verllf (@v[$b1], at v[$b1],7); - verllf (@v[$b2], at v[$b2],7); - verllf (@v[$b3], at v[$b3],7); +sub VX_ROUND { +my @a=@_[0..5]; +my @b=@_[6..11]; +my @c=@_[12..17]; +my @d=@_[18..23]; +my $odd=@_[24]; + + vaf (@a[$_], at a[$_], at b[$_]) for (0..5); + vx (@d[$_], at d[$_], at a[$_]) for (0..5); + verllf (@d[$_], at d[$_],16) for (0..5); + + vaf (@c[$_], at c[$_], at d[$_]) for (0..5); + vx (@b[$_], at b[$_], at c[$_]) for (0..5); + verllf (@b[$_], at b[$_],12) for (0..5); + + vaf (@a[$_], at a[$_], at b[$_]) for (0..5); + vx (@d[$_], at d[$_], at a[$_]) for (0..5); + verllf (@d[$_], at d[$_],8) for (0..5); + + vaf (@c[$_], at c[$_], at d[$_]) for (0..5); + vx (@b[$_], at b[$_], at c[$_]) for (0..5); + verllf (@b[$_], at b[$_],7) for (0..5); + + vsldb (@c[$_], at c[$_], at c[$_],8) for (0..5); + vsldb (@b[$_], at b[$_], at b[$_],$odd?12:4) for (0..5); + vsldb (@d[$_], at d[$_], at d[$_],$odd?4:12) for (0..5); } PERLASM_BEGIN($output); @@ -210,13 +246,11 @@ TEXT (); ################ # void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, size_t len, # const unsigned int key[8], const unsigned int counter[4]) -{ my ($out,$inp,$len,$key,$counter)=map("%r$_",(2..6)); - -# VX CODE PATH { -my $off=$z*8*16+8; # offset(initial state) -my $frame=$stdframe+4*16+$off; +my $frame=$stdframe+4*20; +my @x=map("%r$_",(0..7,"x","x","x","x",(10..13))); +my @t=map("%r$_",(8,9)); GLOBL ("ChaCha20_ctr32"); TYPE ("ChaCha20_ctr32","\@function"); @@ -225,230 +259,16 @@ LABEL ("ChaCha20_ctr32"); larl ("%r1","OPENSSL_s390xcap_P"); lghi ("%r0",64); +&{$z? \<gr:\<r} ($len,$len); # len==0? + bzr ("%r14"); + lg ("%r1","S390X_STFLE+16(%r1)"); &{$z? \&clgr:\&clr} ($len,"%r0"); - jle ("_s390x_chacha_novx"); - - lg ("%r0","S390X_STFLE+16(%r1)"); - tmhh ("%r0",0x4000); # check for vector facility - jz ("_s390x_chacha_novx"); - -if (!$z) { - llgfr ($len,$len); - std ("%f4","16*$SIZE_T+2*8($sp)"); - std ("%f6","16*$SIZE_T+3*8($sp)"); -} -&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); + jle (".Lshort"); - lghi ("%r1",-$frame); - lgr ("%r0",$sp); - la ($sp,"0(%r1,$sp)"); # allocate stack frame + tmhh ("%r1",0x4000); # check for vx bit + jnz (".LChaCha20_ctr32_vx"); - larl ("%r7",".Lsigma"); -&{$z? \&stg:\&st} ("%r0","0($sp)"); # backchain - - vstm ("%v8","%v15","8($sp)") if ($z); - - vlm ("%v1","%v2","0($key)"); # load key - vl ("%v0","0(%r7)"); # load sigma constant - vl ("%v3","0($counter)"); # load iv (counter||nonce) - l ("%r0","0($counter)"); # load counter - vstm ("%v0","%v3","$off($sp)"); # copy initial state to stack - - srlg ("%r1",$len,8); - ltgr ("%r1","%r1"); - jz (".Lvx_4x_done"); - -ALIGN (16); # process 4 64-byte blocks -LABEL (".Lvx_4x"); - vlrepf ("%v$_",($_*4)."+$off($sp)") for (0..15); # load initial - # state - vl ("%v31","16(%r7)"); - vaf ("%v12","%v12","%v31"); # increment counter - - vlr (@v[$_],"%v$_") for (0..15); # copy initial state - - lhi ("%r6",10); - j (".Loop_vx_4x"); - -ALIGN (16); -LABEL (".Loop_vx_4x"); - VX_ROUND( 0, 4, 8,12); # column round - VX_ROUND( 0, 5,10,15); # diagonal round - brct ("%r6",".Loop_vx_4x"); - - vaf (@v[$_], at v[$_],"%v$_") for (0..15); # state += initial - # state (mod 32) - vlm ("%v6","%v7","32(%r7)"); # load vperm operands - -for (0..3) { # blocks 1,2 - vmrhf ("%v0", at v[$_*4+0], at v[$_*4+1]); # ks = serialize(state) - vmrhf ("%v1", at v[$_*4+2], at v[$_*4+3]); - vperm ("%v".($_+ 8),"%v0","%v1","%v6"); - vperm ("%v".($_+12),"%v0","%v1","%v7"); -} - vlm ("%v0","%v7","0($inp)"); # load in - vx ("%v$_","%v$_","%v".($_+8)) for (0..7); # out = in ^ ks - vstm ("%v0","%v7","0($out)"); # store out - - vlm ("%v6","%v7","32(%r7)"); # restore vperm operands - -for (0..3) { # blocks 2,3 - vmrlf ("%v0", at v[$_*4+0], at v[$_*4+1]); # ks = serialize(state) - vmrlf ("%v1", at v[$_*4+2], at v[$_*4+3]); - vperm ("%v".($_+ 8),"%v0","%v1","%v6"); - vperm ("%v".($_+12),"%v0","%v1","%v7"); -} - vlm ("%v0","%v7","128($inp)"); # load in - vx ("%v$_","%v$_","%v".($_+8)) for (0..7); # out = in ^ ks - vstm ("%v0","%v7","128($out)"); # store out - - ahi ("%r0",4); - st ("%r0","48+$off($sp)"); # update initial state - - la ($inp,"256($inp)"); - la ($out,"256($out)"); - brctg ("%r1",".Lvx_4x"); - -ALIGN (16); -LABEL (".Lvx_4x_done"); - lghi ("%r1",0xff); - ngr ($len,"%r1"); - jnz (".Lvx_rem"); - -ALIGN (16); -LABEL (".Lvx_done"); - vzero ("%v$_") for (16..31); # wipe ks and key copy - vstm ("%v16","%v17","16+$off($sp)"); - vlm ("%v8","%v15","8($sp)") if ($z); - - la ($sp,"$frame($sp)"); -&{$z? \&lmg:\&lm} ("%r6","%r7","6*$SIZE_T($sp)"); - -if (!$z) { - ld ("%f4","16*$SIZE_T+2*8($sp)"); - ld ("%f6","16*$SIZE_T+3*8($sp)"); - vzero ("%v$_") for (8..15); -} - br ("%r14"); -ALIGN (16); -LABEL (".Lvx_rem"); - lhi ("%r0",64); - - sr ($len,"%r0"); - brc (2,".Lvx_rem_g64"); # cc==2? - - lghi ("%r1",-$stdframe); - - la ($counter,"48+$off($sp)"); # load updated iv - ar ($len,"%r0"); # restore len - - lgr ("%r7",$counter); -&{$z? \&stg:\&st} ("%r14","14*$SIZE_T+$frame($sp)"); - la ($sp,"0(%r1,$sp)"); - - bras ("%r14","_s390x_chacha_novx"); - - la ($sp,"$stdframe($sp)"); -&{$z? \&lg:\&l} ("%r14","14*$SIZE_T+$frame($sp)"); - lgr ($counter,"%r7"); - j (".Lvx_done"); - -ALIGN (16); -LABEL (".Lvx_rem_g64"); - vlrepf ("%v$_",($_*4)."+$off($sp)") for (0..15); # load initial - # state - vl ("%v31","16(%r7)"); - vaf ("%v12","%v12","%v31"); # increment counter - - vlr (@v[$_],"%v$_") for (0..15); # state = initial state - - lhi ("%r6",10); - j (".Loop_vx_rem"); - -ALIGN (16); -LABEL (".Loop_vx_rem"); - VX_ROUND( 0, 4, 8,12); # column round - VX_ROUND( 0, 5,10,15); # diagonal round - brct ("%r6",".Loop_vx_rem"); - - vaf (@v[$_], at v[$_],"%v$_") for (0..15); # state += initial - # state (mod 32) - vlm ("%v6","%v7","32(%r7)"); # load vperm operands - -for (0..3) { # blocks 1,2 - vmrhf ("%v0", at v[$_*4+0], at v[$_*4+1]); # ks = serialize(state) - vmrhf ("%v1", at v[$_*4+2], at v[$_*4+3]); - vperm ("%v".($_+8),"%v0","%v1","%v6"); - vperm ("%v".($_+12),"%v0","%v1","%v7"); -} - vlm ("%v0","%v3","0($inp)"); # load in - vx ("%v$_","%v$_","%v".($_+8)) for (0..3); # out = in ^ ks - vstm ("%v0","%v3","0($out)"); # store out - - la ($inp,"64($inp)"); - la ($out,"64($out)"); - - sr ($len,"%r0"); - brc (4,".Lvx_tail"); # cc==4? - - vlm ("%v0","%v3","0($inp)"); # load in - vx ("%v$_","%v$_","%v".($_+12)) for (0..3); # out = in ^ ks - vstm ("%v0","%v3","0($out)"); # store out - jz (".Lvx_done"); - -for (0..3) { # blocks 3,4 - vmrlf ("%v0", at v[$_*4+0], at v[$_*4+1]); # ks = serialize(state) - vmrlf ("%v1", at v[$_*4+2], at v[$_*4+3]); - vperm ("%v".($_+12),"%v0","%v1","%v6"); - vperm ("%v".($_+8),"%v0","%v1","%v7"); -} - la ($inp,"64($inp)"); - la ($out,"64($out)"); - - sr ($len,"%r0"); - brc (4,".Lvx_tail"); # cc==4? - - vlm ("%v0","%v3","0($inp)"); # load in - vx ("%v$_","%v$_","%v".($_+12)) for (0..3); # out = in ^ ks - vstm ("%v0","%v3","0($out)"); # store out - jz (".Lvx_done"); - - la ($inp,"64($inp)"); - la ($out,"64($out)"); - - sr ($len,"%r0"); - vlr ("%v".($_+4),"%v$_") for (8..11); - j (".Lvx_tail"); - -ALIGN (16); -LABEL (".Lvx_tail"); - ar ($len,"%r0"); # restore $len - ahi ($len,-1); - - lhi ("%r0",16); -for (0..2) { - vll ("%v0",$len,($_*16)."($inp)"); - vx ("%v0","%v0","%v".($_+12)); - vstl ("%v0",$len,($_*16)."($out)"); - sr ($len,"%r0"); - brc (4,".Lvx_done"); # cc==4? -} - vll ("%v0",$len,"3*16($inp)"); - vx ("%v0","%v0","%v15"); - vstl ("%v0",$len,"3*16($out)"); - j (".Lvx_done"); -SIZE ("ChaCha20_ctr32",".-ChaCha20_ctr32"); -} - -# NOVX CODE PATH -{ -my $frame=$stdframe+4*20; - -TYPE ("_s390x_chacha_novx","\@function"); -ALIGN (32); -LABEL ("_s390x_chacha_novx"); -&{$z? \<gr:\<r} ($len,$len); # $len==0? - bzr ("%r14"); +LABEL (".Lshort"); &{$z? \&aghi:\&ahi} ($len,-64); &{$z? \&lghi:\&lhi} ("%r1",-$frame); &{$z? \&stmg:\&stm} ("%r6","%r15","6*$SIZE_T($sp)"); @@ -607,17 +427,629 @@ LABEL (".Loop_tail"); brct (@t[1],".Loop_tail"); j (".Ldone"); -SIZE ("_s390x_chacha_novx",".-_s390x_chacha_novx"); +SIZE ("ChaCha20_ctr32",".-ChaCha20_ctr32"); +} + +######################################################################## +# 4x"vertical" layout minimizes amount of instructions, but pipeline +# runs underutilized [because of vector instructions' high latency]. +# On the other hand minimum amount of data it takes to fully utilize +# the pipeline is higher, so that effectively, short inputs would be +# processed slower. Hence this code path targeting <=256 bytes lengths. +# +{ +my ($xa0,$xa1,$xa2,$xa3, $xb0,$xb1,$xb2,$xb3, + $xc0,$xc1,$xc2,$xc3, $xd0,$xd1,$xd2,$xd3)=map("%v$_",(0..15)); +my @K=map("%v$_",(16..19)); +my $CTR="%v26"; +my ($xt0,$xt1,$xt2,$xt3)=map("%v$_",(27..30)); +my $beperm="%v31"; +my ($x00,$x10,$x20,$x30)=(0,map("r$_",(8..10))); +my $FRAME=$stdframe+4*16; + +ALIGN (32); +LABEL ("ChaCha20_ctr32_4x"); +LABEL (".LChaCha20_ctr32_4x"); +&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); +if (!$z) { + std ("%f4","16*$SIZE_T+2*8($sp)"); + std ("%f6","16*$SIZE_T+3*8($sp)"); +} +&{$z? \&lghi:\&lhi} ("%r1",-$FRAME); + lgr ("%r0",$sp); + la ($sp,"0(%r1,$sp)"); +&{$z? \&stg:\&st} ("%r0","0($sp)"); # back-chain +if ($z) { + std ("%f8","$stdframe+8*0($sp)"); + std ("%f9","$stdframe+8*1($sp)"); + std ("%f10","$stdframe+8*2($sp)"); + std ("%f11","$stdframe+8*3($sp)"); + std ("%f12","$stdframe+8*4($sp)"); + std ("%f13","$stdframe+8*5($sp)"); + std ("%f14","$stdframe+8*6($sp)"); + std ("%f15","$stdframe+8*7($sp)"); +} + larl ("%r7",".Lsigma"); + lhi ("%r0",10); + lhi ("%r1",0); + + vl (@K[0],"0(%r7)"); # load sigma + vl (@K[1],"0($key)"); # load key + vl (@K[2],"16($key)"); + vl (@K[3],"0($counter)"); # load counter + + vl ($beperm,"0x40(%r7)"); + vl ($xt1,"0x50(%r7)"); + vrepf ($CTR, at K[3],0); + vlvgf (@K[3],"%r1",0); # clear @K[3].word[0] + vaf ($CTR,$CTR,$xt1); + +#LABEL (".Loop_outer_4x"); + vlm ($xa0,$xa3,"0x60(%r7)"); # load [smashed] sigma + + vrepf ($xb0, at K[1],0); # smash the key + vrepf ($xb1, at K[1],1); + vrepf ($xb2, at K[1],2); + vrepf ($xb3, at K[1],3); + + vrepf ($xc0, at K[2],0); + vrepf ($xc1, at K[2],1); + vrepf ($xc2, at K[2],2); + vrepf ($xc3, at K[2],3); + + vlr ($xd0,$CTR); + vrepf ($xd1, at K[3],1); + vrepf ($xd2, at K[3],2); + vrepf ($xd3, at K[3],3); + +LABEL (".Loop_4x"); + VX_lane_ROUND(0, 4, 8,12); + VX_lane_ROUND(0, 5,10,15); + brct ("%r0",".Loop_4x"); + + vaf ($xd0,$xd0,$CTR); + + vmrhf ($xt0,$xa0,$xa1); # transpose data + vmrhf ($xt1,$xa2,$xa3); + vmrlf ($xt2,$xa0,$xa1); + vmrlf ($xt3,$xa2,$xa3); + vpdi ($xa0,$xt0,$xt1,0b0000); + vpdi ($xa1,$xt0,$xt1,0b0101); + vpdi ($xa2,$xt2,$xt3,0b0000); + vpdi ($xa3,$xt2,$xt3,0b0101); + + vmrhf ($xt0,$xb0,$xb1); + vmrhf ($xt1,$xb2,$xb3); + vmrlf ($xt2,$xb0,$xb1); + vmrlf ($xt3,$xb2,$xb3); + vpdi ($xb0,$xt0,$xt1,0b0000); + vpdi ($xb1,$xt0,$xt1,0b0101); + vpdi ($xb2,$xt2,$xt3,0b0000); + vpdi ($xb3,$xt2,$xt3,0b0101); + + vmrhf ($xt0,$xc0,$xc1); + vmrhf ($xt1,$xc2,$xc3); + vmrlf ($xt2,$xc0,$xc1); + vmrlf ($xt3,$xc2,$xc3); + vpdi ($xc0,$xt0,$xt1,0b0000); + vpdi ($xc1,$xt0,$xt1,0b0101); + vpdi ($xc2,$xt2,$xt3,0b0000); + vpdi ($xc3,$xt2,$xt3,0b0101); + + vmrhf ($xt0,$xd0,$xd1); + vmrhf ($xt1,$xd2,$xd3); + vmrlf ($xt2,$xd0,$xd1); + vmrlf ($xt3,$xd2,$xd3); + vpdi ($xd0,$xt0,$xt1,0b0000); + vpdi ($xd1,$xt0,$xt1,0b0101); + vpdi ($xd2,$xt2,$xt3,0b0000); + vpdi ($xd3,$xt2,$xt3,0b0101); + + #vrepif ($xt0,4); + #vaf ($CTR,$CTR,$xt0); # next counter value + + vaf ($xa0,$xa0, at K[0]); + vaf ($xb0,$xb0, at K[1]); + vaf ($xc0,$xc0, at K[2]); + vaf ($xd0,$xd0, at K[3]); + + vperm ($xa0,$xa0,$xa0,$beperm); + vperm ($xb0,$xb0,$xb0,$beperm); + vperm ($xc0,$xc0,$xc0,$beperm); + vperm ($xd0,$xd0,$xd0,$beperm); + + #&{$z? \&clgfi:\&clfi} ($len,0x40); + #jl (".Ltail_4x"); + + vlm ($xt0,$xt3,"0($inp)"); + + vx ($xt0,$xt0,$xa0); + vx ($xt1,$xt1,$xb0); + vx ($xt2,$xt2,$xc0); + vx ($xt3,$xt3,$xd0); + + vstm ($xt0,$xt3,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + #je (".Ldone_4x"); + + vaf ($xa0,$xa1, at K[0]); + vaf ($xb0,$xb1, at K[1]); + vaf ($xc0,$xc1, at K[2]); + vaf ($xd0,$xd1, at K[3]); + + vperm ($xa0,$xa0,$xa0,$beperm); + vperm ($xb0,$xb0,$xb0,$beperm); + vperm ($xc0,$xc0,$xc0,$beperm); + vperm ($xd0,$xd0,$xd0,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_4x"); + + vlm ($xt0,$xt3,"0($inp)"); + + vx ($xt0,$xt0,$xa0); + vx ($xt1,$xt1,$xb0); + vx ($xt2,$xt2,$xc0); + vx ($xt3,$xt3,$xd0); + + vstm ($xt0,$xt3,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_4x"); + + vaf ($xa0,$xa2, at K[0]); + vaf ($xb0,$xb2, at K[1]); + vaf ($xc0,$xc2, at K[2]); + vaf ($xd0,$xd2, at K[3]); + + vperm ($xa0,$xa0,$xa0,$beperm); + vperm ($xb0,$xb0,$xb0,$beperm); + vperm ($xc0,$xc0,$xc0,$beperm); + vperm ($xd0,$xd0,$xd0,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_4x"); + + vlm ($xt0,$xt3,"0($inp)"); + + vx ($xt0,$xt0,$xa0); + vx ($xt1,$xt1,$xb0); + vx ($xt2,$xt2,$xc0); + vx ($xt3,$xt3,$xd0); + + vstm ($xt0,$xt3,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_4x"); + + vaf ($xa0,$xa3, at K[0]); + vaf ($xb0,$xb3, at K[1]); + vaf ($xc0,$xc3, at K[2]); + vaf ($xd0,$xd3, at K[3]); + + vperm ($xa0,$xa0,$xa0,$beperm); + vperm ($xb0,$xb0,$xb0,$beperm); + vperm ($xc0,$xc0,$xc0,$beperm); + vperm ($xd0,$xd0,$xd0,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_4x"); + + vlm ($xt0,$xt3,"0($inp)"); + + vx ($xt0,$xt0,$xa0); + vx ($xt1,$xt1,$xb0); + vx ($xt2,$xt2,$xc0); + vx ($xt3,$xt3,$xd0); + + vstm ($xt0,$xt3,"0($out)"); + + #la $inp,0x40($inp)); + #la $out,0x40($out)); + #lhi %r0,10); + #&{$z? \&aghi:\&ahi} $len,-0x40); + #jne .Loop_outer_4x); + +LABEL (".Ldone_4x"); +if (!$z) { + ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); + ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); +} else { + ld ("%f8","$stdframe+8*0($sp)"); + ld ("%f9","$stdframe+8*1($sp)"); + ld ("%f10","$stdframe+8*2($sp)"); + ld ("%f11","$stdframe+8*3($sp)"); + ld ("%f12","$stdframe+8*4($sp)"); + ld ("%f13","$stdframe+8*5($sp)"); + ld ("%f14","$stdframe+8*6($sp)"); + ld ("%f15","$stdframe+8*7($sp)"); +} +&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); + la ($sp,"$FRAME($sp)"); + br ("%r14"); + +ALIGN (16); +LABEL (".Ltail_4x"); +if (!$z) { + vlr ($xt0,$xb0); + ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); + ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); + + vst ($xa0,"$stdframe+0x00($sp)"); + vst ($xt0,"$stdframe+0x10($sp)"); + vst ($xc0,"$stdframe+0x20($sp)"); + vst ($xd0,"$stdframe+0x30($sp)"); +} else { + vlr ($xt0,$xc0); + ld ("%f8","$stdframe+8*0($sp)"); + ld ("%f9","$stdframe+8*1($sp)"); + ld ("%f10","$stdframe+8*2($sp)"); + ld ("%f11","$stdframe+8*3($sp)"); + vlr ($xt1,$xd0); + ld ("%f12","$stdframe+8*4($sp)"); + ld ("%f13","$stdframe+8*5($sp)"); + ld ("%f14","$stdframe+8*6($sp)"); + ld ("%f15","$stdframe+8*7($sp)"); + + vst ($xa0,"$stdframe+0x00($sp)"); + vst ($xb0,"$stdframe+0x10($sp)"); + vst ($xt0,"$stdframe+0x20($sp)"); + vst ($xt1,"$stdframe+0x30($sp)"); } + lghi ("%r1",0); + +LABEL (".Loop_tail_4x"); + llgc ("%r5","0(%r1,$inp)"); + llgc ("%r6","$stdframe(%r1,$sp)"); + xr ("%r6","%r5"); + stc ("%r6","0(%r1,$out)"); + la ("%r1","1(%r1)"); + brct ($len,".Loop_tail_4x"); + +&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); + la ($sp,"$FRAME($sp)"); + br ("%r14"); +SIZE ("ChaCha20_ctr32_4x",".-ChaCha20_ctr32_4x"); +} + +######################################################################## +# 6x"horizontal" layout is optimal fit for the platform in its current +# shape, more specifically for given vector instructions' latency. Well, +# computational part of 8x"vertical" would be faster, but it consumes +# all registers and dealing with that will diminish the return... +# +{ +my ($a0,$b0,$c0,$d0, $a1,$b1,$c1,$d1, + $a2,$b2,$c2,$d2, $a3,$b3,$c3,$d3, + $a4,$b4,$c4,$d4, $a5,$b5,$c5,$d5)=map("%v$_",(0..23)); +my @K=map("%v$_",(27,24..26)); +my ($t0,$t1,$t2,$t3)=map("%v$_",27..30); +my $beperm="%v31"; +my $FRAME=$stdframe + 4*16; + +GLOBL ("ChaCha20_ctr32_vx"); +ALIGN (32); +LABEL ("ChaCha20_ctr32_vx"); +LABEL (".LChaCha20_ctr32_vx"); +&{$z? \&clgfi:\&clfi} ($len,256); + jle (".LChaCha20_ctr32_4x"); +&{$z? \&stmg:\&stm} ("%r6","%r7","6*$SIZE_T($sp)"); +if (!$z) { + std ("%f4","16*$SIZE_T+2*8($sp)"); + std ("%f6","16*$SIZE_T+3*8($sp)"); +} +&{$z? \&lghi:\&lhi} ("%r1",-$FRAME); + lgr ("%r0",$sp); + la ($sp,"0(%r1,$sp)"); +&{$z? \&stg:\&st} ("%r0","0($sp)"); # back-chain +if ($z) { + std ("%f8","$FRAME-8*8($sp)"); + std ("%f9","$FRAME-8*7($sp)"); + std ("%f10","$FRAME-8*6($sp)"); + std ("%f11","$FRAME-8*5($sp)"); + std ("%f12","$FRAME-8*4($sp)"); + std ("%f13","$FRAME-8*3($sp)"); + std ("%f14","$FRAME-8*2($sp)"); + std ("%f15","$FRAME-8*1($sp)"); +} + larl ("%r7",".Lsigma"); + lhi ("%r0",10); + + vlm (@K[1], at K[2],"0($key)"); # load key + vl (@K[3],"0($counter)"); # load counter + + vlm (@K[0],"$beperm","0(%r7)"); # load sigma, increments, ... + +LABEL (".Loop_outer_vx"); + vlr ($a0, at K[0]); + vlr ($b0, at K[1]); + vlr ($a1, at K[0]); + vlr ($b1, at K[1]); + vlr ($a2, at K[0]); + vlr ($b2, at K[1]); + vlr ($a3, at K[0]); + vlr ($b3, at K[1]); + vlr ($a4, at K[0]); + vlr ($b4, at K[1]); + vlr ($a5, at K[0]); + vlr ($b5, at K[1]); + + vlr ($d0, at K[3]); + vaf ($d1, at K[3],$t1); # K[3]+1 + vaf ($d2, at K[3],$t2); # K[3]+2 + vaf ($d3, at K[3],$t3); # K[3]+3 + vaf ($d4,$d2,$t2); # K[3]+4 + vaf ($d5,$d2,$t3); # K[3]+5 + + vlr ($c0, at K[2]); + vlr ($c1, at K[2]); + vlr ($c2, at K[2]); + vlr ($c3, at K[2]); + vlr ($c4, at K[2]); + vlr ($c5, at K[2]); + + vlr ($t1,$d1); + vlr ($t2,$d2); + vlr ($t3,$d3); + +ALIGN (4); +LABEL (".Loop_vx"); + + VX_ROUND($a0,$a1,$a2,$a3,$a4,$a5, + $b0,$b1,$b2,$b3,$b4,$b5, + $c0,$c1,$c2,$c3,$c4,$c5, + $d0,$d1,$d2,$d3,$d4,$d5, + 0); + + VX_ROUND($a0,$a1,$a2,$a3,$a4,$a5, + $b0,$b1,$b2,$b3,$b4,$b5, + $c0,$c1,$c2,$c3,$c4,$c5, + $d0,$d1,$d2,$d3,$d4,$d5, + 1); + + brct ("%r0",".Loop_vx"); + + vaf ($a0,$a0, at K[0]); + vaf ($b0,$b0, at K[1]); + vaf ($c0,$c0, at K[2]); + vaf ($d0,$d0, at K[3]); + vaf ($a1,$a1, at K[0]); + vaf ($d1,$d1,$t1); # +K[3]+1 + + vperm ($a0,$a0,$a0,$beperm); + vperm ($b0,$b0,$b0,$beperm); + vperm ($c0,$c0,$c0,$beperm); + vperm ($d0,$d0,$d0,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_vx"); + + vaf ($d2,$d2,$t2); # +K[3]+2 + vaf ($d3,$d3,$t3); # +K[3]+3 + vlm ($t0,$t3,"0($inp)"); + + vx ($a0,$a0,$t0); + vx ($b0,$b0,$t1); + vx ($c0,$c0,$t2); + vx ($d0,$d0,$t3); + + vlm (@K[0],$t3,"0(%r7)"); # re-load sigma and increments + + vstm ($a0,$d0,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_vx"); + + vaf ($b1,$b1, at K[1]); + vaf ($c1,$c1, at K[2]); + + vperm ($a0,$a1,$a1,$beperm); + vperm ($b0,$b1,$b1,$beperm); + vperm ($c0,$c1,$c1,$beperm); + vperm ($d0,$d1,$d1,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_vx"); + + vlm ($a1,$d1,"0($inp)"); + + vx ($a0,$a0,$a1); + vx ($b0,$b0,$b1); + vx ($c0,$c0,$c1); + vx ($d0,$d0,$d1); + + vstm ($a0,$d0,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_vx"); + + vaf ($a2,$a2, at K[0]); + vaf ($b2,$b2, at K[1]); + vaf ($c2,$c2, at K[2]); + + vperm ($a0,$a2,$a2,$beperm); + vperm ($b0,$b2,$b2,$beperm); + vperm ($c0,$c2,$c2,$beperm); + vperm ($d0,$d2,$d2,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_vx"); + + vlm ($a1,$d1,"0($inp)"); + + vx ($a0,$a0,$a1); + vx ($b0,$b0,$b1); + vx ($c0,$c0,$c1); + vx ($d0,$d0,$d1); + + vstm ($a0,$d0,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_vx"); + + vaf ($a3,$a3, at K[0]); + vaf ($b3,$b3, at K[1]); + vaf ($c3,$c3, at K[2]); + vaf ($d2, at K[3],$t3); # K[3]+3 + + vperm ($a0,$a3,$a3,$beperm); + vperm ($b0,$b3,$b3,$beperm); + vperm ($c0,$c3,$c3,$beperm); + vperm ($d0,$d3,$d3,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_vx"); + + vaf ($d3,$d2,$t1); # K[3]+4 + vlm ($a1,$d1,"0($inp)"); + + vx ($a0,$a0,$a1); + vx ($b0,$b0,$b1); + vx ($c0,$c0,$c1); + vx ($d0,$d0,$d1); + + vstm ($a0,$d0,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_vx"); + + vaf ($a4,$a4, at K[0]); + vaf ($b4,$b4, at K[1]); + vaf ($c4,$c4, at K[2]); + vaf ($d4,$d4,$d3); # +K[3]+4 + vaf ($d3,$d3,$t1); # K[3]+5 + vaf (@K[3],$d2,$t3); # K[3]+=6 + + vperm ($a0,$a4,$a4,$beperm); + vperm ($b0,$b4,$b4,$beperm); + vperm ($c0,$c4,$c4,$beperm); + vperm ($d0,$d4,$d4,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_vx"); + + vlm ($a1,$d1,"0($inp)"); + + vx ($a0,$a0,$a1); + vx ($b0,$b0,$b1); + vx ($c0,$c0,$c1); + vx ($d0,$d0,$d1); + + vstm ($a0,$d0,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); +&{$z? \&aghi:\&ahi} ($len,-0x40); + je (".Ldone_vx"); + + vaf ($a5,$a5, at K[0]); + vaf ($b5,$b5, at K[1]); + vaf ($c5,$c5, at K[2]); + vaf ($d5,$d5,$d3); # +K[3]+5 + + vperm ($a0,$a5,$a5,$beperm); + vperm ($b0,$b5,$b5,$beperm); + vperm ($c0,$c5,$c5,$beperm); + vperm ($d0,$d5,$d5,$beperm); + +&{$z? \&clgfi:\&clfi} ($len,0x40); + jl (".Ltail_vx"); + + vlm ($a1,$d1,"0($inp)"); + + vx ($a0,$a0,$a1); + vx ($b0,$b0,$b1); + vx ($c0,$c0,$c1); + vx ($d0,$d0,$d1); + + vstm ($a0,$d0,"0($out)"); + + la ($inp,"0x40($inp)"); + la ($out,"0x40($out)"); + lhi ("%r0",10); +&{$z? \&aghi:\&ahi} ($len,-0x40); + jne (".Loop_outer_vx"); + +LABEL (".Ldone_vx"); +if (!$z) { + ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); + ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); +} else { + ld ("%f8","$FRAME-8*8($sp)"); + ld ("%f9","$FRAME-8*7($sp)"); + ld ("%f10","$FRAME-8*6($sp)"); + ld ("%f11","$FRAME-8*5($sp)"); + ld ("%f12","$FRAME-8*4($sp)"); + ld ("%f13","$FRAME-8*3($sp)"); + ld ("%f14","$FRAME-8*2($sp)"); + ld ("%f15","$FRAME-8*1($sp)"); +} +&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); + la ($sp,"$FRAME($sp)"); + br ("%r14"); + +ALIGN (16); +LABEL (".Ltail_vx"); +if (!$z) { + ld ("%f4","$FRAME+16*$SIZE_T+2*8($sp)"); + ld ("%f6","$FRAME+16*$SIZE_T+3*8($sp)"); +} else { + ld ("%f8","$FRAME-8*8($sp)"); + ld ("%f9","$FRAME-8*7($sp)"); + ld ("%f10","$FRAME-8*6($sp)"); + ld ("%f11","$FRAME-8*5($sp)"); + ld ("%f12","$FRAME-8*4($sp)"); + ld ("%f13","$FRAME-8*3($sp)"); + ld ("%f14","$FRAME-8*2($sp)"); + ld ("%f15","$FRAME-8*1($sp)"); +} + vstm ($a0,$d0,"$stdframe($sp)"); + lghi ("%r1",0); + +LABEL (".Loop_tail_vx"); + llgc ("%r5","0(%r1,$inp)"); + llgc ("%r6","$stdframe(%r1,$sp)"); + xr ("%r6","%r5"); + stc ("%r6","0(%r1,$out)"); + la ("%r1","1(%r1)"); + brct ($len,".Loop_tail_vx"); + +&{$z? \&lmg:\&lm} ("%r6","%r7","$FRAME+6*$SIZE_T($sp)"); + la ($sp,"$FRAME($sp)"); + br ("%r14"); +SIZE ("ChaCha20_ctr32_vx",".-ChaCha20_ctr32_vx"); } ################ -ALIGN (64); +ALIGN (32); LABEL (".Lsigma"); LONG (0x61707865,0x3320646e,0x79622d32,0x6b206574); # endian-neutral sigma -LONG (0x00000000,0x00000001,0x00000002,0x00000003); # vaf counter increment -LONG (0x03020100,0x07060504,0x13121110,0x17161514); # vperm serialization -LONG (0x0b0a0908,0x0f0e0d0c,0x1b1a1918,0x1f1e1d1c); # vperm serialization +LONG (1,0,0,0); +LONG (2,0,0,0); +LONG (3,0,0,0); +LONG (0x03020100,0x07060504,0x0b0a0908,0x0f0e0d0c); # byte swap + +LONG (0,1,2,3); +LONG (0x61707865,0x61707865,0x61707865,0x61707865); # smashed sigma +LONG (0x3320646e,0x3320646e,0x3320646e,0x3320646e); +LONG (0x79622d32,0x79622d32,0x79622d32,0x79622d32); +LONG (0x6b206574,0x6b206574,0x6b206574,0x6b206574); + ASCIZ ("\"ChaCha20 for s390x, CRYPTOGAMS by \""); ALIGN (4); From no-reply at appveyor.com Mon Mar 11 20:29:43 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Mar 2019 20:29:43 +0000 Subject: Build failed: openssl master.23365 Message-ID: <20190311202943.1.DC24CE050BCC6286@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Mar 11 20:58:03 2019 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 11 Mar 2019 20:58:03 +0000 Subject: Build completed: openssl master.23366 Message-ID: <20190311205803.1.5A3D4F0CF87ADFDE@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Mar 12 00:05:11 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 12 Mar 2019 00:05:11 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-cmac Message-ID: <1552349111.003923.30674.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cmac Commit log since last time: d1229190bf s390x assembly pack: import chacha from cryptogams repo c453283421 Add documentation 021a655277 Add provider tests 16c2f1bdb5 Add provider module infrastructure 3374dc03ed Replumbing: New public API to load or add providers 4c2883a9bf Replumbing: Add the Provider Object, type OSSL_PROVIDER 3f4e8d6604 Replumbing: Add MODULESDIR macro and OPENSSL_MODULES environment variable 98f29466dc fix truncation of integers on 32bit AIX 2a6a56073c Add regenerated header files b53c4fe3f9 util/mkerr.pl: Add an inclusion of symhacks.h in all error files 4d768e966f openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) 1b1ff9b94d sha/asm/keccak1600-ppc64.pl: up 10% performance improvement. Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_mac.t (Wstat: 512 Tests: 10 Failed: 1) Failed test: 3 Non-zero exit status: 2 Parse errors: Bad plan. You planned 18 tests but ran 10. Files=164, Tests=1474, 248 wallclock secs ( 2.70 usr 0.37 sys + 224.98 cusr 11.65 csys = 239.70 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-cmac' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Mar 12 01:25:53 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 12 Mar 2019 01:25:53 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso Message-ID: <1552353953.155820.18138.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: d1229190bf s390x assembly pack: import chacha from cryptogams repo c453283421 Add documentation 021a655277 Add provider tests 16c2f1bdb5 Add provider module infrastructure 3374dc03ed Replumbing: New public API to load or add providers 4c2883a9bf Replumbing: Add the Provider Object, type OSSL_PROVIDER 3f4e8d6604 Replumbing: Add MODULESDIR macro and OPENSSL_MODULES environment variable 98f29466dc fix truncation of integers on 32bit AIX 2a6a56073c Add regenerated header files b53c4fe3f9 util/mkerr.pl: Add an inclusion of symhacks.h in all error files 4d768e966f openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) 1b1ff9b94d sha/asm/keccak1600-ppc64.pl: up 10% performance improvement. Build log ended with (last 100 lines): ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t ................ skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t ............ skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t ............. skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .............. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ............... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ........... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ............... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t ............. skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t ............. skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .............. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t ................ skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .............. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .............. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t ................. skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t ............ skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t ................. skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t ................. skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ skipped: Test only supported in a dso build ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/02-test_internal_provider.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/04-test_provider.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=164, Tests=1287, 229 wallclock secs ( 0.83 usr 0.27 sys + 214.17 cusr 9.61 csys = 224.88 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dso' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Mar 12 07:54:25 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 12 Mar 2019 07:54:25 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-poly1305 Message-ID: <1552377265.820874.24190.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-poly1305 Commit log since last time: d1229190bf s390x assembly pack: import chacha from cryptogams repo c453283421 Add documentation 021a655277 Add provider tests 16c2f1bdb5 Add provider module infrastructure 3374dc03ed Replumbing: New public API to load or add providers 4c2883a9bf Replumbing: Add the Provider Object, type OSSL_PROVIDER 3f4e8d6604 Replumbing: Add MODULESDIR macro and OPENSSL_MODULES environment variable 98f29466dc fix truncation of integers on 32bit AIX 2a6a56073c Add regenerated header files b53c4fe3f9 util/mkerr.pl: Add an inclusion of symhacks.h in all error files 4d768e966f openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) 1b1ff9b94d sha/asm/keccak1600-ppc64.pl: up 10% performance improvement. Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_mac.t (Wstat: 512 Tests: 11 Failed: 1) Failed test: 4 Non-zero exit status: 2 Parse errors: Bad plan. You planned 18 tests but ran 11. Files=164, Tests=1475, 249 wallclock secs ( 2.70 usr 0.31 sys + 225.88 cusr 11.62 csys = 240.51 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-poly1305' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From matt at openssl.org Tue Mar 12 12:07:39 2019 From: matt at openssl.org (Matt Caswell) Date: Tue, 12 Mar 2019 12:07:39 +0000 Subject: [openssl] master update Message-ID: <1552392459.258009.3619.nullmailer@dev.openssl.org> The branch master has been updated via eef721b0d02c41cb5cebef33a9911db25523724a (commit) via 8240d5fa6535fb20e24fbe7eadbb3d6452a8d305 (commit) from d1229190bfbb19439589557e4d65f9bccab09b2d (commit) - Log ----------------------------------------------------------------- commit eef721b0d02c41cb5cebef33a9911db25523724a Author: Shane Lontis Date: Tue Mar 12 15:11:19 2019 +1000 added generated files Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/6652) commit 8240d5fa6535fb20e24fbe7eadbb3d6452a8d305 Author: Shane Lontis Date: Thu Jul 5 09:28:51 2018 +1000 FIPS 186-4 RSA Generation & Validation Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/6652) ----------------------------------------------------------------------- Summary of changes: crypto/bn/bn_prime.c | 271 ++++++--- crypto/bn/bn_rsa_fips186_4.c | 346 +++++++++++ crypto/bn/build.info | 3 +- crypto/err/openssl.txt | 14 +- crypto/include/internal/bn_int.h | 27 + crypto/rsa/build.info | 3 +- crypto/rsa/rsa_chk.c | 14 + crypto/rsa/rsa_err.c | 21 +- crypto/rsa/rsa_gen.c | 9 +- crypto/rsa/rsa_lib.c | 2 +- crypto/rsa/rsa_locl.h | 38 ++ crypto/rsa/rsa_sp800_56b_check.c | 386 +++++++++++++ crypto/rsa/rsa_sp800_56b_gen.c | 362 ++++++++++++ include/openssl/rsaerr.h | 12 + test/bn_internal_test.c | 103 ++++ test/build.info | 12 +- ...90-test_bio_memleak.t => 03-test_internal_bn.t} | 11 +- ..._memleak.t => 03-test_internal_rsa_sp800_56b.t} | 11 +- test/rsa_sp800_56b_test.c | 634 +++++++++++++++++++++ test/rsa_test.c | 2 + 20 files changed, 2188 insertions(+), 93 deletions(-) create mode 100644 crypto/bn/bn_rsa_fips186_4.c create mode 100644 crypto/rsa/rsa_sp800_56b_check.c create mode 100644 crypto/rsa/rsa_sp800_56b_gen.c create mode 100644 test/bn_internal_test.c copy test/recipes/{90-test_bio_memleak.t => 03-test_internal_bn.t} (55%) copy test/recipes/{90-test_bio_memleak.t => 03-test_internal_rsa_sp800_56b.t} (53%) create mode 100644 test/rsa_sp800_56b_test.c diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index c4ab869..7a87b97 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -19,14 +19,49 @@ */ #include "bn_prime.h" -static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, - const BIGNUM *a1_odd, int k, BN_CTX *ctx, - BN_MONT_CTX *mont); static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods); static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); +#if BN_BITS2 == 64 +# define BN_DEF(lo, hi) (BN_ULONG)hi<<32|lo +#else +# define BN_DEF(lo, hi) lo, hi +#endif + +/* + * See SP800 89 5.3.3 (Step f) + * The product of the set of primes ranging from 3 to 751 + * Generated using process in test/bn_internal_test.c test_bn_small_factors(). + * This includes 751 (which is not currently included in SP 800-89). + */ +static const BN_ULONG small_prime_factors[] = { + BN_DEF(0x3ef4e3e1, 0xc4309333), BN_DEF(0xcd2d655f, 0x71161eb6), + BN_DEF(0x0bf94862, 0x95e2238c), BN_DEF(0x24f7912b, 0x3eb233d3), + BN_DEF(0xbf26c483, 0x6b55514b), BN_DEF(0x5a144871, 0x0a84d817), + BN_DEF(0x9b82210a, 0x77d12fee), BN_DEF(0x97f050b3, 0xdb5b93c2), + BN_DEF(0x4d6c026b, 0x4acad6b9), BN_DEF(0x54aec893, 0xeb7751f3), + BN_DEF(0x36bc85c4, 0xdba53368), BN_DEF(0x7f5ec78e, 0xd85a1b28), + BN_DEF(0x6b322244, 0x2eb072d8), BN_DEF(0x5e2b3aea, 0xbba51112), + BN_DEF(0x0e2486bf, 0x36ed1a6c), BN_DEF(0xec0c5727, 0x5f270460), + (BN_ULONG)0x000017b1 +}; + +#define BN_SMALL_PRIME_FACTORS_TOP OSSL_NELEM(small_prime_factors) +static const BIGNUM _bignum_small_prime_factors = { + (BN_ULONG *)small_prime_factors, + BN_SMALL_PRIME_FACTORS_TOP, + BN_SMALL_PRIME_FACTORS_TOP, + 0, + BN_FLG_STATIC_DATA +}; + +const BIGNUM *bn_get0_small_factors(void) +{ + return &_bignum_small_prime_factors; +} + int BN_GENCB_call(BN_GENCB *cb, int a, int b) { /* No callback means continue */ @@ -148,127 +183,199 @@ int BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb); } -int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, +/* See FIPS 186-4 C.3.1 Miller Rabin Probabilistic Primality Test. */ +int BN_is_prime_fasttest_ex(const BIGNUM *w, int checks, BN_CTX *ctx_passed, int do_trial_division, BN_GENCB *cb) { - int i, j, ret = -1; - int k; + int i, status, ret = -1; BN_CTX *ctx = NULL; - BIGNUM *A1, *A1_odd, *A3, *check; /* taken from ctx */ - BN_MONT_CTX *mont = NULL; - /* Take care of the really small primes 2 & 3 */ - if (BN_is_word(a, 2) || BN_is_word(a, 3)) - return 1; - - /* Check odd and bigger than 1 */ - if (!BN_is_odd(a) || BN_cmp(a, BN_value_one()) <= 0) + /* w must be bigger than 1 */ + if (BN_cmp(w, BN_value_one()) <= 0) return 0; - if (checks == BN_prime_checks) - checks = BN_prime_checks_for_size(BN_num_bits(a)); + /* w must be odd */ + if (BN_is_odd(w)) { + /* Take care of the really small prime 3 */ + if (BN_is_word(w, 3)) + return 1; + } else { + /* 2 is the only even prime */ + return BN_is_word(w, 2); + } /* first look for small factors */ if (do_trial_division) { for (i = 1; i < NUMPRIMES; i++) { - BN_ULONG mod = BN_mod_word(a, primes[i]); + BN_ULONG mod = BN_mod_word(w, primes[i]); if (mod == (BN_ULONG)-1) - goto err; + return -1; if (mod == 0) - return BN_is_word(a, primes[i]); + return BN_is_word(w, primes[i]); } if (!BN_GENCB_call(cb, 1, -1)) - goto err; + return -1; } - if (ctx_passed != NULL) ctx = ctx_passed; else if ((ctx = BN_CTX_new()) == NULL) goto err; - BN_CTX_start(ctx); - A1 = BN_CTX_get(ctx); - A3 = BN_CTX_get(ctx); - A1_odd = BN_CTX_get(ctx); - check = BN_CTX_get(ctx); - if (check == NULL) + ret = bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status); + if (!ret) goto err; + ret = (status == BN_PRIMETEST_PROBABLY_PRIME); +err: + if (ctx_passed == NULL) + BN_CTX_free(ctx); + return ret; +} + +/* + * Refer to FIPS 186-4 C.3.2 Enhanced Miller-Rabin Probabilistic Primality Test. + * OR C.3.1 Miller-Rabin Probabilistic Primality Test (if enhanced is zero). + * The Step numbers listed in the code refer to the enhanced case. + * + * if enhanced is set, then status returns one of the following: + * BN_PRIMETEST_PROBABLY_PRIME + * BN_PRIMETEST_COMPOSITE_WITH_FACTOR + * BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME + * if enhanced is zero, then status returns either + * BN_PRIMETEST_PROBABLY_PRIME or + * BN_PRIMETEST_COMPOSITE + * + * returns 0 if there was an error, otherwise it returns 1. + */ +int bn_miller_rabin_is_prime(const BIGNUM *w, int iterations, BN_CTX *ctx, + BN_GENCB *cb, int enhanced, int *status) +{ + int i, j, a, ret = 0; + BIGNUM *g, *w1, *w3, *x, *m, *z, *b; + BN_MONT_CTX *mont = NULL; - /* compute A1 := a - 1 */ - if (!BN_copy(A1, a) || !BN_sub_word(A1, 1)) + /* w must be odd */ + if (!BN_is_odd(w)) + return 0; + + BN_CTX_start(ctx); + g = BN_CTX_get(ctx); + w1 = BN_CTX_get(ctx); + w3 = BN_CTX_get(ctx); + x = BN_CTX_get(ctx); + m = BN_CTX_get(ctx); + z = BN_CTX_get(ctx); + b = BN_CTX_get(ctx); + + if (!(b != NULL + /* w1 := w - 1 */ + && BN_copy(w1, w) + && BN_sub_word(w1, 1) + /* w3 := w - 3 */ + && BN_copy(w3, w) + && BN_sub_word(w3, 3))) goto err; - /* compute A3 := a - 3 */ - if (!BN_copy(A3, a) || !BN_sub_word(A3, 3)) + + /* check w is larger than 3, otherwise the random b will be too small */ + if (BN_is_zero(w3) || BN_is_negative(w3)) goto err; - /* write A1 as A1_odd * 2^k */ - k = 1; - while (!BN_is_bit_set(A1, k)) - k++; - if (!BN_rshift(A1_odd, A1, k)) + /* (Step 1) Calculate largest integer 'a' such that 2^a divides w-1 */ + a = 1; + while (!BN_is_bit_set(w1, a)) + a++; + /* (Step 2) m = (w-1) / 2^a */ + if (!BN_rshift(m, w1, a)) goto err; /* Montgomery setup for computations mod a */ mont = BN_MONT_CTX_new(); - if (mont == NULL) - goto err; - if (!BN_MONT_CTX_set(mont, a, ctx)) + if (mont == NULL || !BN_MONT_CTX_set(mont, w, ctx)) goto err; - for (i = 0; i < checks; i++) { - /* 1 < check < a-1 */ - if (!BN_priv_rand_range(check, A3) || !BN_add_word(check, 2)) - goto err; + if (iterations == BN_prime_checks) + iterations = BN_prime_checks_for_size(BN_num_bits(w)); - j = witness(check, a, A1, A1_odd, k, ctx, mont); - if (j == -1) + /* (Step 4) */ + for (i = 0; i < iterations; ++i) { + /* (Step 4.1) obtain a Random string of bits b where 1 < b < w-1 */ + if (!BN_priv_rand_range(b, w3) || !BN_add_word(b, 2)) /* 1 < b < w-1 */ goto err; - if (j) { - ret = 0; + + if (enhanced) { + /* (Step 4.3) */ + if (!BN_gcd(g, b, w, ctx)) + goto err; + /* (Step 4.4) */ + if (!BN_is_one(g)) { + *status = BN_PRIMETEST_COMPOSITE_WITH_FACTOR; + ret = 1; + goto err; + } + } + /* (Step 4.5) z = b^m mod w */ + if (!BN_mod_exp_mont(z, b, m, w, ctx, mont)) goto err; + /* (Step 4.6) if (z = 1 or z = w-1) */ + if (BN_is_one(z) || BN_cmp(z, w1) == 0) + goto outer_loop; + /* (Step 4.7) for j = 1 to a-1 */ + for (j = 1; j < a ; ++j) { + /* (Step 4.7.1 - 4.7.2) x = z. z = x^2 mod w */ + if (!BN_copy(x, z) || !BN_mod_mul(z, x, x, w, ctx)) + goto err; + /* (Step 4.7.3) */ + if (BN_cmp(z, w1) == 0) + goto outer_loop; + /* (Step 4.7.4) */ + if (BN_is_one(z)) + goto composite; } if (!BN_GENCB_call(cb, 1, i)) goto err; + /* At this point z = b^((w-1)/2) mod w */ + /* (Steps 4.8 - 4.9) x = z, z = x^2 mod w */ + if (!BN_copy(x, z) || !BN_mod_mul(z, x, x, w, ctx)) + goto err; + /* (Step 4.10) */ + if (BN_is_one(z)) + goto composite; + /* (Step 4.11) x = b^(w-1) mod w */ + if (!BN_copy(x, z)) + goto err; +composite: + if (enhanced) { + /* (Step 4.1.2) g = GCD(x-1, w) */ + if (!BN_sub_word(x, 1) || !BN_gcd(g, x, w, ctx)) + goto err; + /* (Steps 4.1.3 - 4.1.4) */ + if (BN_is_one(g)) + *status = BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME; + else + *status = BN_PRIMETEST_COMPOSITE_WITH_FACTOR; + } else { + *status = BN_PRIMETEST_COMPOSITE; + } + ret = 1; + goto err; +outer_loop: ; + /* (Step 4.1.5) */ } + /* (Step 5) */ + *status = BN_PRIMETEST_PROBABLY_PRIME; ret = 1; - err: - if (ctx != NULL) { - BN_CTX_end(ctx); - if (ctx_passed == NULL) - BN_CTX_free(ctx); - } +err: + BN_clear(g); + BN_clear(w1); + BN_clear(w3); + BN_clear(x); + BN_clear(m); + BN_clear(z); + BN_clear(b); + BN_CTX_end(ctx); BN_MONT_CTX_free(mont); - return ret; } -static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, - const BIGNUM *a1_odd, int k, BN_CTX *ctx, - BN_MONT_CTX *mont) -{ - if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */ - return -1; - if (BN_is_one(w)) - return 0; /* probably prime */ - if (BN_cmp(w, a1) == 0) - return 0; /* w == -1 (mod a), 'a' is probably prime */ - while (--k) { - if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */ - return -1; - if (BN_is_one(w)) - return 1; /* 'a' is composite, otherwise a previous 'w' - * would have been == -1 (mod 'a') */ - if (BN_cmp(w, a1) == 0) - return 0; /* w == -1 (mod a), 'a' is probably prime */ - } - /* - * If we get here, 'w' is the (a-1)/2-th power of the original 'w', and - * it is neither -1 nor +1 -- so 'a' cannot be prime - */ - bn_check_top(w); - return 1; -} - static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods) { int i; diff --git a/crypto/bn/bn_rsa_fips186_4.c b/crypto/bn/bn_rsa_fips186_4.c new file mode 100644 index 0000000..261669d --- /dev/null +++ b/crypto/bn/bn_rsa_fips186_4.c @@ -0,0 +1,346 @@ +/* + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * According to NIST SP800-131A "Transitioning the use of cryptographic + * algorithms and key lengths" Generation of 1024 bit RSA keys are no longer + * allowed for signatures (Table 2) or key transport (Table 5). In the code + * below any attempt to generate 1024 bit RSA keys will result in an error (Note + * that digital signature verification can still use deprecated 1024 bit keys). + * + * Also see FIPS1402IG A.14 + * FIPS 186-4 relies on the use of the auxiliary primes p1, p2, q1 and q2 that + * must be generated before the module generates the RSA primes p and q. + * Table B.1 in FIPS 186-4 specifies, for RSA modulus lengths of 2048 and + * 3072 bits only, the min/max total length of the auxiliary primes. + * When implementing the RSA signature generation algorithm + * with other approved RSA modulus sizes, the vendor shall use the limitations + * from Table B.1 that apply to the longest RSA modulus shown in Table B.1 of + * FIPS 186-4 whose length does not exceed that of the implementation's RSA + * modulus. In particular, when generating the primes for the 4096-bit RSA + * modulus the limitations stated for the 3072-bit modulus shall apply. + */ +#include +#include +#include "bn_lcl.h" +#include "internal/bn_int.h" + +/* + * FIPS 186-4 Table B.1. "Min length of auxiliary primes p1, p2, q1, q2". + * + * Params: + * nbits The key size in bits. + * Returns: + * The minimum size of the auxiliary primes or 0 if nbits is invalid. + */ +static int bn_rsa_fips186_4_aux_prime_min_size(int nbits) +{ + if (nbits >= 3072) + return 171; + if (nbits == 2048) + return 141; + return 0; +} + +/* + * FIPS 186-4 Table B.1 "Maximum length of len(p1) + len(p2) and + * len(q1) + len(q2) for p,q Probable Primes". + * + * Params: + * nbits The key size in bits. + * Returns: + * The maximum length or 0 if nbits is invalid. + */ +static int bn_rsa_fips186_4_aux_prime_max_sum_size_for_prob_primes(int nbits) +{ + if (nbits >= 3072) + return 1518; + if (nbits == 2048) + return 1007; + return 0; +} + +/* + * FIPS 186-4 Table C.3 for error probability of 2^-100 + * Minimum number of Miller Rabin Rounds for p1, p2, q1 & q2. + * + * Params: + * aux_prime_bits The auxiliary prime size in bits. + * Returns: + * The minimum number of Miller Rabin Rounds for an auxiliary prime, or + * 0 if aux_prime_bits is invalid. + */ +static int bn_rsa_fips186_4_aux_prime_MR_min_checks(int aux_prime_bits) +{ + if (aux_prime_bits > 170) + return 27; + if (aux_prime_bits > 140) + return 32; + return 0; /* Error case */ +} + +/* + * FIPS 186-4 Table C.3 for error probability of 2^-100 + * Minimum number of Miller Rabin Rounds for p, q. + * + * Params: + * nbits The key size in bits. + * Returns: + * The minimum number of Miller Rabin Rounds required, + * or 0 if nbits is invalid. + */ +int bn_rsa_fips186_4_prime_MR_min_checks(int nbits) +{ + if (nbits >= 3072) /* > 170 */ + return 3; + if (nbits == 2048) /* > 140 */ + return 4; + return 0; /* Error case */ +} + +/* + * Find the first odd integer that is a probable prime. + * + * See section FIPS 186-4 B.3.6 (Steps 4.2/5.2). + * + * Params: + * Xp1 The passed in starting point to find a probably prime. + * p1 The returned probable prime (first odd integer >= Xp1) + * ctx A BN_CTX object. + * cb An optional BIGNUM callback. + * Returns: 1 on success otherwise it returns 0. + */ +static int bn_rsa_fips186_4_find_aux_prob_prime(const BIGNUM *Xp1, + BIGNUM *p1, BN_CTX *ctx, + BN_GENCB *cb) +{ + int ret = 0; + int i = 0; + int checks = bn_rsa_fips186_4_aux_prime_MR_min_checks(BN_num_bits(Xp1)); + + if (checks == 0 || BN_copy(p1, Xp1) == NULL) + return 0; + + /* Find the first odd number >= Xp1 that is probably prime */ + for(;;) { + i++; + BN_GENCB_call(cb, 0, i); + /* MR test with trial division */ + if (BN_is_prime_fasttest_ex(p1, checks, ctx, 1, cb)) + break; + /* Get next odd number */ + if (!BN_add_word(p1, 2)) + goto err; + } + BN_GENCB_call(cb, 2, i); + ret = 1; +err: + return ret; +} + +/* + * Generate a probable prime (p or q). + * + * See FIPS 186-4 B.3.6 (Steps 4 & 5) + * + * Params: + * p The returned probable prime. + * Xpout An optionally returned random number used during generation of p. + * p1, p2 The returned auxiliary primes. If NULL they are not returned. + * Xp An optional passed in value (that is random number used during + * generation of p). + * Xp1, Xp2 Optional passed in values that are normally generated + * internally. Used to find p1, p2. + * nlen The bit length of the modulus (the key size). + * e The public exponent. + * ctx A BN_CTX object. + * cb An optional BIGNUM callback. + * Returns: 1 on success otherwise it returns 0. + */ +int bn_rsa_fips186_4_gen_prob_primes(BIGNUM *p, BIGNUM *Xpout, + BIGNUM *p1, BIGNUM *p2, + const BIGNUM *Xp, const BIGNUM *Xp1, + const BIGNUM *Xp2, int nlen, + const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) +{ + int ret = 0; + BIGNUM *p1i = NULL, *p2i = NULL, *Xp1i = NULL, *Xp2i = NULL; + int bitlen; + + if (p == NULL || Xpout == NULL) + return 0; + + BN_CTX_start(ctx); + + p1i = (p1 != NULL) ? p1 : BN_CTX_get(ctx); + p2i = (p2 != NULL) ? p2 : BN_CTX_get(ctx); + Xp1i = (Xp1 != NULL) ? (BIGNUM *)Xp1 : BN_CTX_get(ctx); + Xp2i = (Xp2 != NULL) ? (BIGNUM *)Xp2 : BN_CTX_get(ctx); + if (p1i == NULL || p2i == NULL || Xp1i == NULL || Xp2i == NULL) + goto err; + + bitlen = bn_rsa_fips186_4_aux_prime_min_size(nlen); + if (bitlen == 0) + goto err; + + /* (Steps 4.1/5.1): Randomly generate Xp1 if it is not passed in */ + if (Xp1 == NULL) { + /* Set the top and bottom bits to make it odd and the correct size */ + if (!BN_priv_rand(Xp1i, bitlen, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) + goto err; + } + /* (Steps 4.1/5.1): Randomly generate Xp2 if it is not passed in */ + if (Xp2 == NULL) { + /* Set the top and bottom bits to make it odd and the correct size */ + if (!BN_priv_rand(Xp2i, bitlen, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD)) + goto err; + } + + /* (Steps 4.2/5.2) - find first auxiliary probable primes */ + if (!bn_rsa_fips186_4_find_aux_prob_prime(Xp1i, p1i, ctx, cb) + || !bn_rsa_fips186_4_find_aux_prob_prime(Xp2i, p2i, ctx, cb)) + goto err; + /* (Table B.1) auxiliary prime Max length check */ + if ((BN_num_bits(p1i) + BN_num_bits(p2i)) >= + bn_rsa_fips186_4_aux_prime_max_sum_size_for_prob_primes(nlen)) + goto err; + /* (Steps 4.3/5.3) - generate prime */ + if (!bn_rsa_fips186_4_derive_prime(p, Xpout, Xp, p1i, p2i, nlen, e, ctx, cb)) + goto err; + ret = 1; +err: + /* Zeroize any internally generated values that are not returned */ + if (p1 == NULL) + BN_clear(p1i); + if (p2 == NULL) + BN_clear(p2i); + if (Xp1 == NULL) + BN_clear(Xp1i); + if (Xp2 == NULL) + BN_clear(Xp2i); + BN_CTX_end(ctx); + return ret; +} + +/* + * Constructs a probable prime (a candidate for p or q) using 2 auxiliary + * prime numbers and the Chinese Remainder Theorem. + * + * See FIPS 186-4 C.9 "Compute a Probable Prime Factor Based on Auxiliary + * Primes". Used by FIPS 186-4 B.3.6 Section (4.3) for p and Section (5.3) for q. + * + * Params: + * Y The returned prime factor (private_prime_factor) of the modulus n. + * X The returned random number used during generation of the prime factor. + * Xin An optional passed in value for X used for testing purposes. + * r1 An auxiliary prime. + * r2 An auxiliary prime. + * nlen The desired length of n (the RSA modulus). + * e The public exponent. + * ctx A BN_CTX object. + * cb An optional BIGNUM callback object. + * Returns: 1 on success otherwise it returns 0. + * Assumptions: + * Y, X, r1, r2, e are not NULL. + */ +int bn_rsa_fips186_4_derive_prime(BIGNUM *Y, BIGNUM *X, const BIGNUM *Xin, + const BIGNUM *r1, const BIGNUM *r2, int nlen, + const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) +{ + int ret = 0; + int i, imax; + int bits = nlen >> 1; + int checks = bn_rsa_fips186_4_prime_MR_min_checks(nlen); + BIGNUM *tmp, *R, *r1r2x2, *y1, *r1x2; + + if (checks == 0) + return 0; + BN_CTX_start(ctx); + + R = BN_CTX_get(ctx); + tmp = BN_CTX_get(ctx); + r1r2x2 = BN_CTX_get(ctx); + y1 = BN_CTX_get(ctx); + r1x2 = BN_CTX_get(ctx); + if (r1x2 == NULL) + goto err; + + if (Xin != NULL && BN_copy(X, Xin) == NULL) + goto err; + + if (!(BN_lshift1(r1x2, r1) + /* (Step 1) GCD(2r1, r2) = 1 */ + && BN_gcd(tmp, r1x2, r2, ctx) + && BN_is_one(tmp) + /* (Step 2) R = ((r2^-1 mod 2r1) * r2) - ((2r1^-1 mod r2)*2r1) */ + && BN_mod_inverse(R, r2, r1x2, ctx) + && BN_mul(R, R, r2, ctx) /* R = (r2^-1 mod 2r1) * r2 */ + && BN_mod_inverse(tmp, r1x2, r2, ctx) + && BN_mul(tmp, tmp, r1x2, ctx) /* tmp = (2r1^-1 mod r2)*2r1 */ + && BN_sub(R, R, tmp) + /* Calculate 2r1r2 */ + && BN_mul(r1r2x2, r1x2, r2, ctx))) + goto err; + /* Make positive by adding the modulus */ + if (BN_is_negative(R) && !BN_add(R, R, r1r2x2)) + goto err; + + imax = 5 * bits; /* max = 5/2 * nbits */ + for (;;) { + if (Xin == NULL) { + /* + * (Step 3) Choose Random X such that + * sqrt(2) * 2^(nlen/2-1) < Random X < (2^(nlen/2)) - 1. + * + * For the lower bound: + * sqrt(2) * 2^(nlen/2 - 1) == sqrt(2)/2 * 2^(nlen/2) + * where sqrt(2)/2 = 0.70710678.. = 0.B504FC33F9DE... + * so largest number will have B5... as the top byte + * Setting the top 2 bits gives 0xC0. + */ + if (!BN_priv_rand(X, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY)) + goto end; + } + /* (Step 4) Y = X + ((R - X) mod 2r1r2) */ + if (!BN_mod_sub(Y, R, X, r1r2x2, ctx) || !BN_add(Y, Y, X)) + goto err; + /* (Step 5) */ + i = 0; + for (;;) { + /* (Step 6) */ + if (BN_num_bits(Y) > bits) { + if (Xin == NULL) + break; /* Randomly Generated X so Go back to Step 3 */ + else + goto err; /* X is not random so it will always fail */ + } + BN_GENCB_call(cb, 0, 2); + + /* (Step 7) If GCD(Y-1) == 1 & Y is probably prime then return Y */ + if (BN_copy(y1, Y) == NULL + || !BN_sub_word(y1, 1) + || !BN_gcd(tmp, y1, e, ctx)) + goto err; + if (BN_is_one(tmp) + && BN_is_prime_fasttest_ex(Y, checks, ctx, 1, cb)) + goto end; + /* (Step 8-10) */ + if (++i >= imax || !BN_add(Y, Y, r1r2x2)) + goto err; + } + } +end: + ret = 1; + BN_GENCB_call(cb, 3, 0); +err: + BN_clear(y1); + BN_CTX_end(ctx); + return ret; +} diff --git a/crypto/bn/build.info b/crypto/bn/build.info index a463edd..7e34ce4 100644 --- a/crypto/bn/build.info +++ b/crypto/bn/build.info @@ -5,7 +5,8 @@ SOURCE[../../libcrypto]=\ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c \ {- $target{bn_asm_src} -} \ bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ - bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c + bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c \ + bn_rsa_fips186_4.c INCLUDE[../../libcrypto]=../../crypto/include INCLUDE[bn_exp.o]=.. diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 3b3f761..8ae11ca 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -368,8 +368,8 @@ CRYPTO_F_OPENSSL_INIT_CRYPTO:116:OPENSSL_init_crypto CRYPTO_F_OPENSSL_LH_NEW:126:OPENSSL_LH_new CRYPTO_F_OPENSSL_SK_DEEP_COPY:127:OPENSSL_sk_deep_copy CRYPTO_F_OPENSSL_SK_DUP:128:OPENSSL_sk_dup -CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN:132:OSSL_PROVIDER_add_builtin CRYPTO_F_OSSL_PROVIDER_ACTIVATE:130:ossl_provider_activate +CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN:132:OSSL_PROVIDER_add_builtin CRYPTO_F_OSSL_PROVIDER_NEW:131:ossl_provider_new CRYPTO_F_PKEY_HMAC_INIT:123:pkey_hmac_init CRYPTO_F_PKEY_POLY1305_INIT:124:pkey_poly1305_init @@ -1101,6 +1101,7 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify +RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES:168:rsa_fips186_4_gen_prob_primes RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify RSA_F_RSA_METH_DUP:161:RSA_meth_dup RSA_F_RSA_METH_NEW:162:RSA_meth_new @@ -1144,6 +1145,10 @@ RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding RSA_F_RSA_SIGN:117:RSA_sign RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING +RSA_F_RSA_SP800_56B_CHECK_KEYPAIR:169:rsa_sp800_56b_check_keypair +RSA_F_RSA_SP800_56B_CHECK_PUBLIC:170:rsa_sp800_56b_check_public +RSA_F_RSA_SP800_56B_PAIRWISE_TEST:171:rsa_sp800_56b_pairwise_test +RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH:172:rsa_sp800_56b_validate_strength RSA_F_RSA_VERIFY:119:RSA_verify RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1 @@ -2591,16 +2596,21 @@ RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE:144:\ RSA_R_INVALID_DIGEST:157:invalid digest RSA_R_INVALID_DIGEST_LENGTH:143:invalid digest length RSA_R_INVALID_HEADER:137:invalid header +RSA_R_INVALID_KEYPAIR:171:invalid keypair +RSA_R_INVALID_KEY_LENGTH:173:invalid key length RSA_R_INVALID_LABEL:160:invalid label RSA_R_INVALID_MESSAGE_LENGTH:131:invalid message length RSA_R_INVALID_MGF1_MD:156:invalid mgf1 md +RSA_R_INVALID_MODULUS:174:invalid modulus RSA_R_INVALID_MULTI_PRIME_KEY:167:invalid multi prime key RSA_R_INVALID_OAEP_PARAMETERS:161:invalid oaep parameters RSA_R_INVALID_PADDING:138:invalid padding RSA_R_INVALID_PADDING_MODE:141:invalid padding mode RSA_R_INVALID_PSS_PARAMETERS:149:invalid pss parameters RSA_R_INVALID_PSS_SALTLEN:146:invalid pss saltlen +RSA_R_INVALID_REQUEST:175:invalid request RSA_R_INVALID_SALT_LENGTH:150:invalid salt length +RSA_R_INVALID_STRENGTH:176:invalid strength RSA_R_INVALID_TRAILER:139:invalid trailer RSA_R_INVALID_X931_DIGEST:142:invalid x931 digest RSA_R_IQMP_NOT_INVERSE_OF_Q:126:iqmp not inverse of q @@ -2620,8 +2630,10 @@ RSA_R_OAEP_DECODING_ERROR:121:oaep decoding error RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:148:\ operation not supported for this keytype RSA_R_PADDING_CHECK_FAILED:114:padding check failed +RSA_R_PAIRWISE_TEST_FAILURE:177:pairwise test failure RSA_R_PKCS_DECODING_ERROR:159:pkcs decoding error RSA_R_PSS_SALTLEN_TOO_SMALL:164:pss saltlen too small +RSA_R_PUB_EXPONENT_OUT_OF_RANGE:178:pub exponent out of range RSA_R_P_NOT_PRIME:128:p not prime RSA_R_Q_NOT_PRIME:129:q not prime RSA_R_RSA_OPERATIONS_NOT_SUPPORTED:130:rsa operations not supported diff --git a/crypto/include/internal/bn_int.h b/crypto/include/internal/bn_int.h index 66e34ec..514eaee 100644 --- a/crypto/include/internal/bn_int.h +++ b/crypto/include/internal/bn_int.h @@ -87,4 +87,31 @@ int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n); int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); +#define BN_PRIMETEST_COMPOSITE 0 +#define BN_PRIMETEST_COMPOSITE_WITH_FACTOR 1 +#define BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME 2 +#define BN_PRIMETEST_PROBABLY_PRIME 3 + +int bn_miller_rabin_is_prime(const BIGNUM *w, int iterations, BN_CTX *ctx, + BN_GENCB *cb, int enhanced, int *status); + +const BIGNUM *bn_get0_small_factors(void); + +int bn_rsa_fips186_4_prime_MR_min_checks(int nbits); + +int bn_rsa_fips186_4_gen_prob_primes(BIGNUM *p, BIGNUM *Xpout, + BIGNUM *p1, BIGNUM *p2, + const BIGNUM *Xp, const BIGNUM *Xp1, + const BIGNUM *Xp2, int nlen, + const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb); + +int bn_rsa_fips186_4_derive_prime(BIGNUM *Y, BIGNUM *X, const BIGNUM *Xin, + const BIGNUM *r1, const BIGNUM *r2, int nlen, + const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); + +#ifdef __cplusplus +} +#endif + #endif diff --git a/crypto/rsa/build.info b/crypto/rsa/build.info index 87f9249..7086417 100644 --- a/crypto/rsa/build.info +++ b/crypto/rsa/build.info @@ -3,4 +3,5 @@ SOURCE[../../libcrypto]=\ rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c \ rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \ - rsa_pmeth.c rsa_crpt.c rsa_x931g.c rsa_meth.c rsa_mp.c + rsa_pmeth.c rsa_crpt.c rsa_x931g.c rsa_meth.c rsa_mp.c \ + rsa_sp800_56b_gen.c rsa_sp800_56b_check.c diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 805f998..4f65dfa 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -16,8 +16,21 @@ int RSA_check_key(const RSA *key) return RSA_check_key_ex(key, NULL); } +/* + * NOTE: Key validation requires separate checks to be able to be accessed + * individually. These should be visible from the PKEY API.. + * See rsa_sp800_56b_check_public, rsa_sp800_56b_check_private and + * rsa_sp800_56b_check_keypair. + */ int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) { +#ifdef FIPS_MODE + if (!(rsa_sp800_56b_check_public(key) + && rsa_sp800_56b_check_private(key) + && rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)) + return 0; + +#else BIGNUM *i, *j, *k, *l, *m; BN_CTX *ctx; int ret = 1, ex_primes = 0, idx; @@ -225,4 +238,5 @@ int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) BN_free(m); BN_CTX_free(ctx); return ret; +#endif /* FIPS_MODE */ } diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index 24eaaf8..936413d 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -32,6 +32,8 @@ static const ERR_STRING_DATA RSA_str_functs[] = { {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, 0), + "rsa_fips186_4_gen_prob_primes"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_DUP, 0), "RSA_meth_dup"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_NEW, 0), "RSA_meth_new"}, @@ -97,6 +99,14 @@ static const ERR_STRING_DATA RSA_str_functs[] = { {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0), "RSA_sign_ASN1_OCTET_STRING"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, 0), + "rsa_sp800_56b_check_keypair"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SP800_56B_CHECK_PUBLIC, 0), + "rsa_sp800_56b_check_public"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SP800_56B_PAIRWISE_TEST, 0), + "rsa_sp800_56b_pairwise_test"}, + {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, 0), + "rsa_sp800_56b_validate_strength"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY, 0), "RSA_verify"}, {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, 0), "RSA_verify_ASN1_OCTET_STRING"}, @@ -146,10 +156,13 @@ static const ERR_STRING_DATA RSA_str_reasons[] = { {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_HEADER), "invalid header"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_KEYPAIR), "invalid keypair"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_KEY_LENGTH), "invalid key length"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_LABEL), "invalid label"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_MODULUS), "invalid modulus"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_MULTI_PRIME_KEY), "invalid multi prime key"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_OAEP_PARAMETERS), @@ -161,8 +174,10 @@ static const ERR_STRING_DATA RSA_str_reasons[] = { "invalid pss parameters"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PSS_SALTLEN), "invalid pss saltlen"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_REQUEST), "invalid request"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_SALT_LENGTH), "invalid salt length"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_STRENGTH), "invalid strength"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_TRAILER), "invalid trailer"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_X931_DIGEST), "invalid x931 digest"}, @@ -193,10 +208,14 @@ static const ERR_STRING_DATA RSA_str_reasons[] = { "operation not supported for this keytype"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED), "padding check failed"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PAIRWISE_TEST_FAILURE), + "pairwise test failure"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PKCS_DECODING_ERROR), "pkcs decoding error"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PSS_SALTLEN_TOO_SMALL), "pss saltlen too small"}, + {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE), + "pub exponent out of range"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_P_NOT_PRIME), "p not prime"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_Q_NOT_PRIME), "q not prime"}, {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED), diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 1d38ec9..4bfe3c3 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -41,6 +41,7 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb) { +#ifndef FIPS_MODE /* multi-prime is only supported with the builtin key generation */ if (rsa->meth->rsa_multi_prime_keygen != NULL) { return rsa->meth->rsa_multi_prime_keygen(rsa, bits, primes, @@ -57,13 +58,18 @@ int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, else return 0; } - +#endif /* FIPS_MODE */ return rsa_builtin_keygen(rsa, bits, primes, e_value, cb); } static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb) { +#ifdef FIPS_MODE + if (primes != 2) + return 0; + return rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); +#else BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *tmp, *prime; int ok = -1, n = 0, bitsr[RSA_MAX_PRIME_NUM], bitse = 0; int i = 0, quo = 0, rmd = 0, adj = 0, retries = 0; @@ -391,4 +397,5 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_CTX_end(ctx); BN_CTX_free(ctx); return ok; +#endif /* FIPS_MODE */ } diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 0848936..f337a0d 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -253,7 +253,7 @@ static uint32_t ilog_e(uint64_t v) * \cdot(log_e(nBits \cdot log_e(2))^{2/3} - 4.69}{log_e(2)} * The two cube roots are merged together here. */ -static uint16_t rsa_compute_security_bits(int n) +uint16_t rsa_compute_security_bits(int n) { uint64_t x; uint32_t lx; diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h index 44a2a2d..5dcd6ea 100644 --- a/crypto/rsa/rsa_locl.h +++ b/crypto/rsa/rsa_locl.h @@ -7,6 +7,9 @@ * https://www.openssl.org/source/license.html */ +#ifndef RSA_LOCAL_HEADER_H +#define RSA_LOCAL_HEADER_H + #include #include "internal/refcount.h" @@ -130,3 +133,38 @@ void rsa_multip_info_free(RSA_PRIME_INFO *pinfo); RSA_PRIME_INFO *rsa_multip_info_new(void); int rsa_multip_calc_product(RSA *rsa); int rsa_multip_cap(int bits); + +uint16_t rsa_compute_security_bits(int n); + +int rsa_sp800_56b_validate_strength(int nbits, int strength); +int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, + int nbits); +int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1); + +int rsa_check_public_exponent(const BIGNUM *e); +int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); +int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); +int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); +int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); + +int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); +int rsa_sp800_56b_check_public(const RSA *rsa); +int rsa_sp800_56b_check_private(const RSA *rsa); +int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits); +int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb); + +int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx); +int rsa_fips186_4_gen_prob_primes(RSA *rsa, BIGNUM *p1, BIGNUM *p2, + BIGNUM *Xpout, const BIGNUM *Xp, + const BIGNUM *Xp1, const BIGNUM *Xp2, + BIGNUM *q1, BIGNUM *q2, BIGNUM *Xqout, + const BIGNUM *Xq, const BIGNUM *Xq1, + const BIGNUM *Xq2, int nbits, + const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); + +#endif /* RSA_LOCAL_HEADER_H */ diff --git a/crypto/rsa/rsa_sp800_56b_check.c b/crypto/rsa/rsa_sp800_56b_check.c new file mode 100644 index 0000000..10e264e --- /dev/null +++ b/crypto/rsa/rsa_sp800_56b_check.c @@ -0,0 +1,386 @@ +/* + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "internal/bn_int.h" +#include "rsa_locl.h" + +/* + * Part of the RSA keypair test. + * Check the Chinese Remainder Theorem components are valid. + * + * See SP800-5bBr1 + * 6.4.1.2.3: rsakpv1-crt Step 7 + * 6.4.1.3.3: rsakpv2-crt Step 7 + */ +int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) +{ + int ret = 0; + BIGNUM *r = NULL, *p1 = NULL, *q1 = NULL; + + /* check if only some of the crt components are set */ + if (rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL) { + if (rsa->dmp1 != NULL || rsa->dmq1 != NULL || rsa->iqmp != NULL) + return 0; + return 1; /* return ok if all components are NULL */ + } + + BN_CTX_start(ctx); + r = BN_CTX_get(ctx); + p1 = BN_CTX_get(ctx); + q1 = BN_CTX_get(ctx); + ret = (q1 != NULL) + /* p1 = p -1 */ + && (BN_copy(p1, rsa->p) != NULL) + && BN_sub_word(p1, 1) + /* q1 = q - 1 */ + && (BN_copy(q1, rsa->q) != NULL) + && BN_sub_word(q1, 1) + /* (a) 1 < dP < (p ? 1). */ + && (BN_cmp(rsa->dmp1, BN_value_one()) > 0) + && (BN_cmp(rsa->dmp1, p1) < 0) + /* (b) 1 < dQ < (q - 1). */ + && (BN_cmp(rsa->dmq1, BN_value_one()) > 0) + && (BN_cmp(rsa->dmq1, q1) < 0) + /* (c) 1 < qInv < p */ + && (BN_cmp(rsa->iqmp, BN_value_one()) > 0) + && (BN_cmp(rsa->iqmp, rsa->p) < 0) + /* (d) 1 = (dP . e) mod (p - 1)*/ + && BN_mod_mul(r, rsa->dmp1, rsa->e, p1, ctx) + && BN_is_one(r) + /* (e) 1 = (dQ . e) mod (q - 1) */ + && BN_mod_mul(r, rsa->dmq1, rsa->e, q1, ctx) + && BN_is_one(r) + /* (f) 1 = (qInv . q) mod p */ + && BN_mod_mul(r, rsa->iqmp, rsa->q, rsa->p, ctx) + && BN_is_one(r); + BN_clear(p1); + BN_clear(q1); + BN_CTX_end(ctx); + return ret; +} + +/* + * Part of the RSA keypair test. + * Check that (?2)(2^(nbits/2 - 1) <= p <= 2^(nbits/2) - 1 + * + * See SP800-5bBr1 6.4.1.2.1 Part 5 (c) & (g) - used for both p and q. + * + * (?2)(2^(nbits/2 - 1) = (?2/2)(2^(nbits/2)) + * ?2/2 = 0.707106781186547524400 = 0.B504F333F9DE6484597D8 + * 0.B504F334 gives an approximation to 11 decimal places. + * The range is then from + * 0xB504F334_0000.......................000 to + * 0xFFFFFFFF_FFFF.......................FFF + */ +int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx) +{ + int ret = 0; + BIGNUM *tmp, *low; + + nbits >>= 1; + + /* Upper bound check */ + if (BN_num_bits(p) != nbits) + return 0; + + BN_CTX_start(ctx); + tmp = BN_CTX_get(ctx); + low = BN_CTX_get(ctx); + + /* set low = (?2)(2^(nbits/2 - 1) */ + if (low == NULL || !BN_set_word(tmp, 0xB504F334)) + goto err; + + if (nbits >= 32) { + if (!BN_lshift(low, tmp, nbits - 32)) + goto err; + } else if (!BN_rshift(low, tmp, 32 - nbits)) { + goto err; + } + if (BN_cmp(p, low) < 0) + goto err; + ret = 1; +err: + BN_CTX_end(ctx); + return ret; +} + +/* + * Part of the RSA keypair test. + * Check the prime factor (for either p or q) + * i.e: p is prime AND GCD(p - 1, e) = 1 + * + * See SP800-5bBr1 6.4.1.2.3 Step 5 (a to d) & (e to h). + */ +int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) +{ + int checks = bn_rsa_fips186_4_prime_MR_min_checks(nbits); + int ret = 0; + BIGNUM *p1 = NULL, *gcd = NULL; + + /* (Steps 5 a-b) prime test */ + if (BN_is_prime_fasttest_ex(p, checks, ctx, 1, NULL) != 1 + /* (Step 5c) (?2)(2^(nbits/2 - 1) <= p <= 2^(nbits/2 - 1) */ + || rsa_check_prime_factor_range(p, nbits, ctx) != 1) + return 0; + + BN_CTX_start(ctx); + p1 = BN_CTX_get(ctx); + gcd = BN_CTX_get(ctx); + ret = (gcd != NULL) + /* (Step 5d) GCD(p-1, e) = 1 */ + && (BN_copy(p1, p) != NULL) + && BN_sub_word(p1, 1) + && BN_gcd(gcd, p1, e, ctx) + && BN_is_one(gcd); + + BN_clear(p1); + BN_CTX_end(ctx); + return ret; +} + +/* + * See SP800-56Br1 6.4.1.2.3 Part 6(a-b) Check the private exponent d + * satisfies: + * (Step 6a) 2^(nBit/2) < d < LCM(p?1, q?1). + * (Step 6b) 1 = (d*e) mod LCM(p?1, q?1) + */ +int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) +{ + int ret; + BIGNUM *r, *p1, *q1, *lcm, *p1q1, *gcd; + + /* (Step 6a) 2^(nbits/2) < d */ + if (BN_num_bits(rsa->d) <= (nbits >> 1)) + return 0; + + BN_CTX_start(ctx); + r = BN_CTX_get(ctx); + p1 = BN_CTX_get(ctx); + q1 = BN_CTX_get(ctx); + lcm = BN_CTX_get(ctx); + p1q1 = BN_CTX_get(ctx); + gcd = BN_CTX_get(ctx); + ret = (gcd != NULL + /* LCM(p - 1, q - 1) */ + && (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) == 1) + /* (Step 6a) d < LCM(p - 1, q - 1) */ + && (BN_cmp(rsa->d, lcm) < 0) + /* (Step 6b) 1 = (e . d) mod LCM(p - 1, q - 1) */ + && BN_mod_mul(r, rsa->e, rsa->d, lcm, ctx) + && BN_is_one(r)); + + BN_clear(p1); + BN_clear(q1); + BN_clear(lcm); + BN_clear(gcd); + BN_CTX_end(ctx); + return ret; +} + +/* Check exponent is odd, and has a bitlen ranging from [17..256] */ +int rsa_check_public_exponent(const BIGNUM *e) +{ + int bitlen = BN_num_bits(e); + + return (BN_is_odd(e) && bitlen > 16 && bitlen < 257); +} + +/* + * SP800-56Br1 6.4.1.2.1 (Step 5i): |p - q| > 2^(nbits/2 - 100) + * i.e- numbits(p-q-1) > (nbits/2 -100) + */ +int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, + int nbits) +{ + int bitlen = (nbits >> 1) - 100; + + if (!BN_sub(diff, p, q)) + return -1; + BN_set_negative(diff, 0); + + if (BN_is_zero(diff)) + return 0; + + if (!BN_sub_word(diff, 1)) + return -1; + return (BN_num_bits(diff) > bitlen); +} + +/* return LCM(p-1, q-1) */ +int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1) +{ + return BN_sub(p1, p, BN_value_one()) /* p-1 */ + && BN_sub(q1, q, BN_value_one()) /* q-1 */ + && BN_mul(p1q1, p1, q1, ctx) /* (p-1)(q-1) */ + && BN_gcd(gcd, p1, q1, ctx) + && BN_div(lcm, NULL, p1q1, gcd, ctx); /* LCM((p-1, q-1)) */ +} + +/* + * SP800-56Br1 6.4.2.2 Partial Public Key Validation for RSA refers to + * SP800-89 5.3.3 (Explicit) Partial Public Key Validation for RSA + * caveat is that the modulus must be as specified in SP800-56Br1 + */ +int rsa_sp800_56b_check_public(const RSA *rsa) +{ + int ret = 0, nbits, iterations, status; + BN_CTX *ctx = NULL; + BIGNUM *gcd = NULL; + + if (rsa->n == NULL || rsa->e == NULL) + return 0; + + /* + * (Step a): modulus must be 2048 or 3072 (caveat from SP800-56Br1) + * NOTE: changed to allow keys >= 2048 + */ + nbits = BN_num_bits(rsa->n); + if (!rsa_sp800_56b_validate_strength(nbits, -1)) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_KEY_LENGTH); + return 0; + } + if (!BN_is_odd(rsa->n)) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + return 0; + } + + /* (Steps b-c): 2^16 < e < 2^256, n and e must be odd */ + if (!rsa_check_public_exponent(rsa->e)) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, + RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + return 0; + } + + ctx = BN_CTX_new(); + gcd = BN_new(); + if (ctx == NULL || gcd == NULL) + goto err; + + iterations = bn_rsa_fips186_4_prime_MR_min_checks(nbits); + /* (Steps d-f): + * The modulus is composite, but not a power of a prime. + * The modulus has no factors smaller than 752. + */ + if (!BN_gcd(gcd, rsa->n, bn_get0_small_factors(), ctx) || !BN_is_one(gcd)) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + goto err; + } + + ret = bn_miller_rabin_is_prime(rsa->n, iterations, ctx, NULL, 1, &status); + if (ret != 1 || status != BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + ret = 0; + goto err; + } + + ret = 1; +err: + BN_free(gcd); + BN_CTX_free(ctx); + return ret; +} + +/* + * Perform validation of the RSA private key to check that 0 < D < N. + */ +int rsa_sp800_56b_check_private(const RSA *rsa) +{ + if (rsa->d == NULL || rsa->n == NULL) + return 0; + return BN_cmp(rsa->d, BN_value_one()) >= 0 && BN_cmp(rsa->d, rsa->n) < 0; +} + +/* + * RSA key pair validation. + * + * SP800-56Br1. + * 6.4.1.2 "RSAKPV1 Family: RSA Key - Pair Validation with a Fixed Exponent" + * 6.4.1.3 "RSAKPV2 Family: RSA Key - Pair Validation with a Random Exponent" + * + * It uses: + * 6.4.1.2.3 "rsakpv1 - crt" + * 6.4.1.3.3 "rsakpv2 - crt" + */ +int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits) +{ + int ret = 0; + BN_CTX *ctx = NULL; + BIGNUM *r = NULL; + + if (rsa->p == NULL + || rsa->q == NULL + || rsa->e == NULL + || rsa->d == NULL + || rsa->n == NULL) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + return 0; + } + /* (Step 1): Check Ranges */ + if (!rsa_sp800_56b_validate_strength(nbits, strength)) + return 0; + + /* If the exponent is known */ + if (efixed != NULL) { + /* (2): Check fixed exponent matches public exponent. */ + if (BN_cmp(efixed, rsa->e) != 0) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + return 0; + } + } + /* (Step 1.c): e is odd integer 65537 <= e < 2^256 */ + if (!rsa_check_public_exponent(rsa->e)) { + /* exponent out of range */ + RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, + RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + return 0; + } + /* (Step 3.b): check the modulus */ + if (nbits != BN_num_bits(rsa->n)) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR); + return 0; + } + + ctx = BN_CTX_new(); + if (ctx == NULL) + return 0; + + BN_CTX_start(ctx); + r = BN_CTX_get(ctx); + if (r == NULL || !BN_mul(r, rsa->p, rsa->q, ctx)) + goto err; + /* (Step 4.c): Check n = pq */ + if (BN_cmp(rsa->n, r) != 0) { + RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + goto err; + } + + /* (Step 5): check prime factors p & q */ + ret = rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx) + && rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx) + && (rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0) + /* (Step 6): Check the private exponent d */ + && rsa_check_private_exponent(rsa, nbits, ctx) + /* 6.4.1.2.3 (Step 7): Check the CRT components */ + && rsa_check_crt_components(rsa, ctx); + if (ret != 1) + RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR); + +err: + BN_clear(r); + BN_CTX_end(ctx); + BN_CTX_free(ctx); + return ret; +} diff --git a/crypto/rsa/rsa_sp800_56b_gen.c b/crypto/rsa/rsa_sp800_56b_gen.c new file mode 100644 index 0000000..221136b --- /dev/null +++ b/crypto/rsa/rsa_sp800_56b_gen.c @@ -0,0 +1,362 @@ +/* + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "internal/bn_int.h" +#include "rsa_locl.h" + +#define RSA_FIPS1864_MIN_KEYGEN_KEYSIZE 2048 +#define RSA_FIPS1864_MIN_KEYGEN_STRENGTH 112 +#define RSA_FIPS1864_MAX_KEYGEN_STRENGTH 256 + +/* + * Generate probable primes 'p' & 'q'. See FIPS 186-4 Section B.3.6 + * "Generation of Probable Primes with Conditions Based on Auxiliary Probable + * Primes". + * + * Params: + * rsa Object used to store primes p & q. + * p1, p2 The returned auxiliary primes for p. If NULL they are not returned. + * Xpout An optionally returned random number used during generation of p. + * Xp An optional passed in value (that is random number used during + * generation of p). + * Xp1, Xp2 Optionally passed in randomly generated numbers from which + * auxiliary primes p1 & p2 are calculated. If NULL these values + * are generated internally. + * q1, q2 The returned auxiliary primes for q. If NULL they are not returned. + * Xqout An optionally returned random number used during generation of q. + * Xq An optional passed in value (that is random number used during + * generation of q). + * Xq1, Xq2 Optionally passed in randomly generated numbers from which + * auxiliary primes q1 & q2 are calculated. If NULL these values + * are generated internally. + * nbits The key size in bits (The size of the modulus n). + * e The public exponent. + * ctx A BN_CTX object. + * cb An optional BIGNUM callback. + * Returns: 1 if successful, or 0 otherwise. + * Notes: + * p1, p2, q1, q2, Xpout, Xqout are returned if they are not NULL. + * Xp, Xp1, Xp2, Xq, Xq1, Xq2 are optionally passed in. + * (Required for CAVS testing). + */ +int rsa_fips186_4_gen_prob_primes(RSA *rsa, BIGNUM *p1, BIGNUM *p2, + BIGNUM *Xpout, const BIGNUM *Xp, + const BIGNUM *Xp1, const BIGNUM *Xp2, + BIGNUM *q1, BIGNUM *q2, BIGNUM *Xqout, + const BIGNUM *Xq, const BIGNUM *Xq1, + const BIGNUM *Xq2, int nbits, + const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) +{ + int ret = 0, ok; + BIGNUM *Xpo = NULL, *Xqo = NULL, *tmp = NULL; + + /* (Step 1) Check key length + * NOTE: SP800-131A Rev1 Disallows key lengths of < 2048 bits for RSA + * Signature Generation and Key Agree/Transport. + */ + if (nbits < RSA_FIPS1864_MIN_KEYGEN_KEYSIZE) { + RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, RSA_R_INVALID_KEY_LENGTH); + return 0; + } + + if (!rsa_check_public_exponent(e)) { + RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, + RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + goto err; + } + + /* (Step 3) Determine strength and check rand generator strength is ok - + * this step is redundant because the generator always returns a higher + * strength than is required. + */ + + BN_CTX_start(ctx); + tmp = BN_CTX_get(ctx); + Xpo = (Xpout != NULL) ? Xpout : BN_CTX_get(ctx); + Xqo = (Xqout != NULL) ? Xqout : BN_CTX_get(ctx); + if (tmp == NULL || Xpo == NULL || Xqo == NULL) + goto err; + + if (rsa->p == NULL) + rsa->p = BN_secure_new(); + if (rsa->q == NULL) + rsa->q = BN_secure_new(); + if (rsa->p == NULL || rsa->q == NULL) + goto err; + + /* (Step 4) Generate p, Xp */ + if (!bn_rsa_fips186_4_gen_prob_primes(rsa->p, Xpo, p1, p2, Xp, Xp1, Xp2, + nbits, e, ctx, cb)) + goto err; + for(;;) { + /* (Step 5) Generate q, Xq*/ + if (!bn_rsa_fips186_4_gen_prob_primes(rsa->q, Xqo, q1, q2, Xq, Xq1, + Xq2, nbits, e, ctx, cb)) + goto err; + + /* (Step 6) |Xp - Xq| > 2^(nbitlen/2 - 100) */ + ok = rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits); + if (ok < 0) + goto err; + if (ok == 0) + continue; + + /* (Step 6) |p - q| > 2^(nbitlen/2 - 100) */ + ok = rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits); + if (ok < 0) + goto err; + if (ok == 0) + continue; + break; /* successfully finished */ + } + ret = 1; +err: + /* Zeroize any internally generated values that are not returned */ + if (Xpo != Xpout) + BN_clear(Xpo); + if (Xqo != Xqout) + BN_clear(Xqo); + BN_clear(tmp); + + BN_CTX_end(ctx); + return ret; +} + +/* + * Validates the RSA key size based on the target strength. + * See SP800-56Br1 6.3.1.1 (Steps 1a-1b) + * + * Params: + * nbits The key size in bits. + * strength The target strength in bits. -1 means the target + * strength is unknown. + * Returns: 1 if the key size matches the target strength, or 0 otherwise. + */ +int rsa_sp800_56b_validate_strength(int nbits, int strength) +{ + int s = (int)rsa_compute_security_bits(nbits); + + if (s < RSA_FIPS1864_MIN_KEYGEN_STRENGTH + || s > RSA_FIPS1864_MAX_KEYGEN_STRENGTH) { + RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_MODULUS); + return 0; + } + if (strength != -1 && s != strength) { + RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_STRENGTH); + return 0; + } + return 1; +} + +/* + * + * Using p & q, calculate other required parameters such as n, d. + * as well as the CRT parameters dP, dQ, qInv. + * + * See SP800-56Br1 + * 6.3.1.1 rsakpg1 - basic (Steps 3-4) + * 6.3.1.3 rsakpg1 - crt (Step 5) + * + * Params: + * rsa An rsa object. + * nbits The key size. + * e The public exponent. + * ctx A BN_CTX object. + * Notes: + * There is a small chance that the generated d will be too small. + * Returns: -1 = error, + * 0 = d is too small, + * 1 = success. + */ +int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx) +{ + int ret = -1; + BIGNUM *p1, *q1, *lcm, *p1q1, *gcd; + + BN_CTX_start(ctx); + p1 = BN_CTX_get(ctx); + q1 = BN_CTX_get(ctx); + lcm = BN_CTX_get(ctx); + p1q1 = BN_CTX_get(ctx); + gcd = BN_CTX_get(ctx); + if (gcd == NULL) + goto err; + + /* LCM((p-1, q-1)) */ + if (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1) + goto err; + + /* copy e */ + BN_free(rsa->e); + rsa->e = BN_dup(e); + if (rsa->e == NULL) + goto err; + + BN_clear_free(rsa->d); + /* (Step 3) d = (e^-1) mod (LCM(p-1, q-1)) */ + rsa->d = BN_secure_new(); + if (rsa->d == NULL || BN_mod_inverse(rsa->d, e, lcm, ctx) == NULL) + goto err; + + /* (Step 3) return an error if d is too small */ + if (BN_num_bits(rsa->d) <= (nbits >> 1)) { + ret = 0; + goto err; + } + + /* (Step 4) n = pq */ + if (rsa->n == NULL) + rsa->n = BN_new(); + if (rsa->n == NULL || !BN_mul(rsa->n, rsa->p, rsa->q, ctx)) + goto err; + + /* (Step 5a) dP = d mod (p-1) */ + if (rsa->dmp1 == NULL) + rsa->dmp1 = BN_new(); + if (rsa->dmp1 == NULL || !BN_mod(rsa->dmp1, rsa->d, p1, ctx)) + goto err; + + /* (Step 5b) dQ = d mod (q-1) */ + if (rsa->dmq1 == NULL) + rsa->dmq1 = BN_secure_new(); + if (rsa->dmq1 == NULL || !BN_mod(rsa->dmq1, rsa->d, q1, ctx)) + goto err; + + /* (Step 5c) qInv = (inverse of q) mod p */ + BN_free(rsa->iqmp); + rsa->iqmp = BN_secure_new(); + if (rsa->iqmp == NULL + || BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx) == NULL) + goto err; + + ret = 1; +err: + if (ret != 1) { + BN_free(rsa->e); + rsa->e = NULL; + BN_free(rsa->d); + rsa->d = NULL; + BN_free(rsa->n); + rsa->n = NULL; + BN_free(rsa->iqmp); + rsa->iqmp = NULL; + BN_free(rsa->dmq1); + rsa->dmq1 = NULL; + BN_free(rsa->dmp1); + rsa->dmp1 = NULL; + } + BN_clear(p1); + BN_clear(q1); + BN_clear(lcm); + BN_clear(p1q1); + BN_clear(gcd); + + BN_CTX_end(ctx); + return ret; +} + +/* + * Generate a SP800-56B RSA key. + * + * See SP800-56Br1 6.3.1 "RSA Key-Pair Generation with a Fixed Public Exponent" + * 6.3.1.1 rsakpg1 - basic + * 6.3.1.3 rsakpg1 - crt + * + * See also FIPS 186-4 Section B.3.6 + * "Generation of Probable Primes with Conditions Based on Auxiliary + * Probable Primes." + * + * Params: + * rsa The rsa object. + * nbits The intended key size in bits. + * efixed The public exponent. If NULL a default of 65537 is used. + * cb An optional BIGNUM callback. + * Returns: 1 if successfully generated otherwise it returns 0. + */ +int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb) +{ + int ret = 0; + int ok; + BN_CTX *ctx = NULL; + BIGNUM *e = NULL; + + /* (Steps 1a-1b) : Currently ignores the strength check */ + if (!rsa_sp800_56b_validate_strength(nbits, -1)) + return 0; + + ctx = BN_CTX_new(); + if (ctx == NULL) + return 0; + + /* Set default if e is not passed in */ + if (efixed == NULL) { + e = BN_new(); + if (e == NULL || !BN_set_word(e, 65537)) + goto err; + } else { + e = (BIGNUM *)efixed; + } + /* (Step 1c) fixed exponent is checked later . */ + + for (;;) { + /* (Step 2) Generate prime factors */ + if (!rsa_fips186_4_gen_prob_primes(rsa, NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, NULL, NULL, + NULL, nbits, e, ctx, cb)) + goto err; + /* (Steps 3-5) Compute params d, n, dP, dQ, qInv */ + ok = rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx); + if (ok < 0) + goto err; + if (ok > 0) + break; + /* Gets here if computed d is too small - so try again */ + } + + /* (Step 6) Do pairwise test - optional validity test has been omitted */ + ret = rsa_sp800_56b_pairwise_test(rsa, ctx); +err: + if (efixed == NULL) + BN_free(e); + BN_CTX_free(ctx); + return ret; +} + +/* + * See SP800-56Br1 6.3.1.3 (Step 6) Perform a pair-wise consistency test by + * verifying that: k = (k^e)^d mod n for some integer k where 1 < k < n-1. + * + * Returns 1 if the RSA key passes the pairwise test or 0 it it fails. + */ +int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) +{ + int ret = 0; + BIGNUM *k, *tmp; + + BN_CTX_start(ctx); + tmp = BN_CTX_get(ctx); + k = BN_CTX_get(ctx); + if (k == NULL) + goto err; + + ret = (BN_set_word(k, 2) + && BN_mod_exp(tmp, k, rsa->e, rsa->n, ctx) + && BN_mod_exp(tmp, tmp, rsa->d, rsa->n, ctx) + && BN_cmp(k, tmp) == 0); + if (ret == 0) + RSAerr(RSA_F_RSA_SP800_56B_PAIRWISE_TEST, RSA_R_PAIRWISE_TEST_FAILURE); +err: + BN_CTX_end(ctx); + return ret; +} diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h index 7253b12..0c38100 100644 --- a/include/openssl/rsaerr.h +++ b/include/openssl/rsaerr.h @@ -39,6 +39,7 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_CHECK_KEY_EX 160 # define RSA_F_RSA_CMS_DECRYPT 159 # define RSA_F_RSA_CMS_VERIFY 158 +# define RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES 168 # define RSA_F_RSA_ITEM_VERIFY 148 # define RSA_F_RSA_METH_DUP 161 # define RSA_F_RSA_METH_NEW 162 @@ -82,6 +83,10 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_SETUP_BLINDING 136 # define RSA_F_RSA_SIGN 117 # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 +# define RSA_F_RSA_SP800_56B_CHECK_KEYPAIR 169 +# define RSA_F_RSA_SP800_56B_CHECK_PUBLIC 170 +# define RSA_F_RSA_SP800_56B_PAIRWISE_TEST 171 +# define RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH 172 # define RSA_F_RSA_VERIFY 119 # define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 # define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 126 @@ -114,16 +119,21 @@ int ERR_load_RSA_strings(void); # define RSA_R_INVALID_DIGEST 157 # define RSA_R_INVALID_DIGEST_LENGTH 143 # define RSA_R_INVALID_HEADER 137 +# define RSA_R_INVALID_KEYPAIR 171 +# define RSA_R_INVALID_KEY_LENGTH 173 # define RSA_R_INVALID_LABEL 160 # define RSA_R_INVALID_MESSAGE_LENGTH 131 # define RSA_R_INVALID_MGF1_MD 156 +# define RSA_R_INVALID_MODULUS 174 # define RSA_R_INVALID_MULTI_PRIME_KEY 167 # define RSA_R_INVALID_OAEP_PARAMETERS 161 # define RSA_R_INVALID_PADDING 138 # define RSA_R_INVALID_PADDING_MODE 141 # define RSA_R_INVALID_PSS_PARAMETERS 149 # define RSA_R_INVALID_PSS_SALTLEN 146 +# define RSA_R_INVALID_REQUEST 175 # define RSA_R_INVALID_SALT_LENGTH 150 +# define RSA_R_INVALID_STRENGTH 176 # define RSA_R_INVALID_TRAILER 139 # define RSA_R_INVALID_X931_DIGEST 142 # define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 @@ -142,8 +152,10 @@ int ERR_load_RSA_strings(void); # define RSA_R_OAEP_DECODING_ERROR 121 # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 # define RSA_R_PADDING_CHECK_FAILED 114 +# define RSA_R_PAIRWISE_TEST_FAILURE 177 # define RSA_R_PKCS_DECODING_ERROR 159 # define RSA_R_PSS_SALTLEN_TOO_SMALL 164 +# define RSA_R_PUB_EXPONENT_OUT_OF_RANGE 178 # define RSA_R_P_NOT_PRIME 128 # define RSA_R_Q_NOT_PRIME 129 # define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 diff --git a/test/bn_internal_test.c b/test/bn_internal_test.c new file mode 100644 index 0000000..eabeaf8 --- /dev/null +++ b/test/bn_internal_test.c @@ -0,0 +1,103 @@ +/* + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include "internal/nelem.h" +#include "internal/numbers.h" +#include "testutil.h" +#include "bn_prime.h" +#include "internal/bn_int.h" + +static BN_CTX *ctx; + +static int test_is_prime_enhanced(void) +{ + int ret; + int status = 0; + BIGNUM *bn = NULL; + + ret = TEST_ptr(bn = BN_new()) + /* test passing a prime returns the correct status */ + && TEST_true(BN_set_word(bn, 11)) + /* return extra parameters related to composite */ + && TEST_true(bn_miller_rabin_is_prime(bn, 10, ctx, NULL, 1, &status)) + && TEST_int_eq(status, BN_PRIMETEST_PROBABLY_PRIME); + BN_free(bn); + return ret; +} + +static int composites[] = { + 9, 21, 77, 81, 265 +}; + +static int test_is_composite_enhanced(int id) +{ + int ret; + int status = 0; + BIGNUM *bn = NULL; + + ret = TEST_ptr(bn = BN_new()) + /* negative tests for different composite numbers */ + && TEST_true(BN_set_word(bn, composites[id])) + && TEST_true(bn_miller_rabin_is_prime(bn, 10, ctx, NULL, 1, &status)) + && TEST_int_ne(status, BN_PRIMETEST_PROBABLY_PRIME); + + BN_free(bn); + return ret; +} + +/* Test that multiplying all the small primes from 3 to 751 equals a constant. + * This test is mainly used to test that both 32 and 64 bit are correct. + */ +static int test_bn_small_factors(void) +{ + int ret = 0, i; + BIGNUM *b = NULL; + + if (!(TEST_ptr(b = BN_new()) && TEST_true(BN_set_word(b, 3)))) + goto err; + + for (i = 1; i < NUMPRIMES; i++) { + prime_t p = primes[i]; + if (p > 3 && p <= 751) + BN_mul_word(b, p); + if (p > 751) + break; + } + ret = TEST_BN_eq(bn_get0_small_factors(), b); +err: + BN_free(b); + return ret; +} + +int setup_tests(void) +{ + if (!TEST_ptr(ctx = BN_CTX_new())) + return 0; + + ADD_TEST(test_is_prime_enhanced); + ADD_ALL_TESTS(test_is_composite_enhanced, (int)OSSL_NELEM(composites)); + ADD_TEST(test_bn_small_factors); + + return 1; +} + +void cleanup_tests(void) +{ + BN_CTX_free(ctx); +} + diff --git a/test/build.info b/test/build.info index f7ec8a2..9c721a5 100644 --- a/test/build.info +++ b/test/build.info @@ -445,7 +445,9 @@ IF[{- !$disabled{tests} -}] IF[1] PROGRAMS{noinst}=asn1_internal_test modes_internal_test x509_internal_test \ tls13encryptiontest wpackettest ctype_internal_test \ - rdrand_sanitytest property_test + rdrand_sanitytest property_test \ + rsa_sp800_56b_test bn_internal_test + IF[{- !$disabled{poly1305} -}] PROGRAMS{noinst}=poly1305_internal_test ENDIF @@ -528,6 +530,14 @@ IF[{- !$disabled{tests} -}] SOURCE[rdrand_sanitytest]=rdrand_sanitytest.c INCLUDE[rdrand_sanitytest]=../include ../apps/include DEPEND[rdrand_sanitytest]=../libcrypto.a libtestutil.a + + SOURCE[rsa_sp800_56b_test]=rsa_sp800_56b_test.c + INCLUDE[rsa_sp800_56b_test]=.. ../include ../crypto/include ../crypto/rsa ../apps/include + DEPEND[rsa_sp800_56b_test]=../libcrypto.a libtestutil.a + + SOURCE[bn_internal_test]=bn_internal_test.c + INCLUDE[bn_internal_test]=.. ../include ../crypto/include ../crypto/bn ../apps/include + DEPEND[bn_internal_test]=../libcrypto.a libtestutil.a ENDIF IF[{- !$disabled{mdc2} -}] diff --git a/test/recipes/90-test_bio_memleak.t b/test/recipes/03-test_internal_bn.t similarity index 55% copy from test/recipes/90-test_bio_memleak.t copy to test/recipes/03-test_internal_bn.t index 93f7f92..8aed18a 100644 --- a/test/recipes/90-test_bio_memleak.t +++ b/test/recipes/03-test_internal_bn.t @@ -6,7 +6,14 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html - +use strict; +use OpenSSL::Test; # get 'plan' use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_bn"); + +plan skip_all => "This test is unsupported in a shared library build on Windows" + if $^O eq 'MSWin32' && !disabled("shared"); -simple_test("test_bio_memleak", "bio_memleak_test"); +simple_test("test_internal_bn", "bn_internal_test"); diff --git a/test/recipes/90-test_bio_memleak.t b/test/recipes/03-test_internal_rsa_sp800_56b.t similarity index 53% copy from test/recipes/90-test_bio_memleak.t copy to test/recipes/03-test_internal_rsa_sp800_56b.t index 93f7f92..2f5e003 100644 --- a/test/recipes/90-test_bio_memleak.t +++ b/test/recipes/03-test_internal_rsa_sp800_56b.t @@ -6,7 +6,14 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html - +use strict; +use OpenSSL::Test; # get 'plan' use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_rsa_sp800_56b"); + +plan skip_all => "This test is unsupported in a shared library build on Windows" + if $^O eq 'MSWin32' && !disabled("shared"); -simple_test("test_bio_memleak", "bio_memleak_test"); +simple_test("test_internal_rsa_sp800_56b", "rsa_sp800_56b_test"); diff --git a/test/rsa_sp800_56b_test.c b/test/rsa_sp800_56b_test.c new file mode 100644 index 0000000..a64f9f2 --- /dev/null +++ b/test/rsa_sp800_56b_test.c @@ -0,0 +1,634 @@ +/* + * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +#include "internal/nelem.h" + +#include +#include +#include +#include + +#include "testutil.h" + +#ifdef OPENSSL_NO_RSA +int setup_tests(void) +{ + /* No tests */ + return 1; +} +#else +# include "rsa_locl.h" +# include + +/* taken from RSA2 cavs data */ +static const unsigned char cav_e[] = { + 0x01,0x00,0x01 +}; +static const unsigned char cav_Xp[] = { + 0xcf,0x72,0x1b,0x9a,0xfd,0x0d,0x22,0x1a,0x74,0x50,0x97,0x22,0x76,0xd8,0xc0, + 0xc2,0xfd,0x08,0x81,0x05,0xdd,0x18,0x21,0x99,0x96,0xd6,0x5c,0x79,0xe3,0x02, + 0x81,0xd7,0x0e,0x3f,0x3b,0x34,0xda,0x61,0xc9,0x2d,0x84,0x86,0x62,0x1e,0x3d, + 0x5d,0xbf,0x92,0x2e,0xcd,0x35,0x3d,0x6e,0xb9,0x59,0x16,0xc9,0x82,0x50,0x41, + 0x30,0x45,0x67,0xaa,0xb7,0xbe,0xec,0xea,0x4b,0x9e,0xa0,0xc3,0x05,0xb3,0x88, + 0xd4,0x4c,0xac,0xeb,0xe4,0x03,0xc6,0xca,0xcb,0xd9,0xd3,0x4e,0xf6,0x7f,0x2c, + 0x27,0x1e,0x08,0x6c,0xc2,0xd6,0x45,0x1f,0x84,0xe4,0x3c,0x97,0x19,0xde,0xb8, + 0x55,0xaf,0x0e,0xcf,0x9e,0xb0,0x9c,0x20,0xd3,0x1f,0xa8,0xd7,0x52,0xc2,0x95, + 0x1c,0x80,0x15,0x42,0x4d,0x4f,0x19,0x16 +}; +static const unsigned char cav_Xp1[] = { + 0xac,0x5f,0x7f,0x6e,0x33,0x3e,0x97,0x3a,0xb3,0x17,0x44,0xa9,0x0f,0x7a,0x54, + 0x70,0x27,0x06,0x93,0xd5,0x49,0xde,0x91,0x83,0xbc,0x8a,0x7b,0x95 +}; +static const unsigned char cav_Xp2[] = { + 0x0b,0xf6,0xe8,0x79,0x5a,0x81,0xae,0x90,0x1d,0xa4,0x38,0x74,0x9c,0x0e,0x6f, + 0xe0,0x03,0xcf,0xc4,0x53,0x16,0x32,0x17,0xf7,0x09,0x5f,0xd9 +}; +static const unsigned char cav_Xq[] = { + 0xfe,0xab,0xf2,0x7c,0x16,0x4a,0xf0,0x8d,0x31,0xc6,0x0a,0x82,0xe2,0xae,0xbb, + 0x03,0x7e,0x7b,0x20,0x4e,0x64,0xb0,0x16,0xad,0x3c,0x01,0x1a,0xd3,0x54,0xbf, + 0x2b,0xa4,0x02,0x9e,0xc3,0x0d,0x60,0x3d,0x1f,0xb9,0xc0,0x0d,0xe6,0x97,0x68, + 0xbb,0x8c,0x81,0xd5,0xc1,0x54,0x96,0x0f,0x99,0xf0,0xa8,0xa2,0xf3,0xc6,0x8e, + 0xec,0xbc,0x31,0x17,0x70,0x98,0x24,0xa3,0x36,0x51,0xa8,0x54,0xbd,0x9a,0x89, + 0x99,0x6e,0x57,0x5e,0xd0,0x39,0x86,0xc3,0xa3,0x1b,0xc7,0xcf,0xc4,0x4f,0x47, + 0x25,0x9e,0x2c,0x79,0xe1,0x2c,0xcc,0xe4,0x63,0xf4,0x02,0x84,0xf8,0xf6,0xa1, + 0x5c,0x93,0x14,0xf2,0x68,0x5f,0x3a,0x90,0x2f,0x4e,0x5e,0xf9,0x16,0x05,0xcf, + 0x21,0x63,0xca,0xfa,0xb0,0x08,0x02,0xc0 +}; +static const unsigned char cav_Xq1[] = { + 0x9b,0x02,0xd4,0xba,0xf0,0xaa,0x14,0x99,0x6d,0xc0,0xb7,0xa5,0xe1,0xd3,0x70, + 0xb6,0x5a,0xa2,0x9b,0x59,0xd5,0x8c,0x1e,0x9f,0x3f,0x9a,0xde,0xeb,0x9e,0x9c, + 0x61,0xd6,0x5a,0xe1 +}; +static const unsigned char cav_Xq2[] = { + 0x06,0x81,0x53,0xfd,0xa8,0x7b,0xa3,0x85,0x90,0x15,0x2c,0x97,0xb2,0xa0,0x17, + 0x48,0xb0,0x7f,0x0a,0x01,0x6d +}; +/* expected values */ +static const unsigned char cav_p1[] = { + 0xac,0x5f,0x7f,0x6e,0x33,0x3e,0x97,0x3a,0xb3,0x17,0x44,0xa9,0x0f,0x7a,0x54, + 0x70,0x27,0x06,0x93,0xd5,0x49,0xde,0x91,0x83,0xbc,0x8a,0x7b,0xc3 +}; +static const unsigned char cav_p2[] = { + 0x0b,0xf6,0xe8,0x79,0x5a,0x81,0xae,0x90,0x1d,0xa4,0x38,0x74,0x9c,0x0e,0x6f, + 0xe0,0x03,0xcf,0xc4,0x53,0x16,0x32,0x17,0xf7,0x09,0x5f,0xd9 +}; +static const unsigned char cav_q1[] = { + 0x9b,0x02,0xd4,0xba,0xf0,0xaa,0x14,0x99,0x6d,0xc0,0xb7,0xa5,0xe1,0xd3,0x70, + 0xb6,0x5a,0xa2,0x9b,0x59,0xd5,0x8c,0x1e,0x9f,0x3f,0x9a,0xde,0xeb,0x9e,0x9c, + 0x61,0xd6,0x5d,0x47 +}; +static const unsigned char cav_q2[] = { + 0x06,0x81,0x53,0xfd,0xa8,0x7b,0xa3,0x85,0x90,0x15,0x2c,0x97,0xb2,0xa0,0x17, + 0x48,0xb0,0x7f,0x0a,0x01,0x8f +}; +static const unsigned char cav_p[] = { + 0xcf,0x72,0x1b,0x9a,0xfd,0x0d,0x22,0x1a,0x74,0x50,0x97,0x22,0x76,0xd8,0xc0, + 0xc2,0xfd,0x08,0x81,0x05,0xdd,0x18,0x21,0x99,0x96,0xd6,0x5c,0x79,0xe3,0x02, + 0x81,0xd7,0x0e,0x3f,0x3b,0x34,0xda,0x61,0xc9,0x2d,0x84,0x86,0x62,0x1e,0x3d, + 0x5d,0xbf,0x92,0x2e,0xcd,0x35,0x3d,0x6e,0xb9,0x59,0x16,0xc9,0x82,0x50,0x41, + 0x30,0x45,0x67,0xaa,0xb7,0xbe,0xec,0xea,0x4b,0x9e,0xa0,0xc3,0x05,0xbc,0x4c, + 0x01,0xa5,0x4b,0xbd,0xa4,0x20,0xb5,0x20,0xd5,0x59,0x6f,0x82,0x5c,0x8f,0x4f, + 0xe0,0x3a,0x4e,0x7e,0xfe,0x44,0xf3,0x3c,0xc0,0x0e,0x14,0x2b,0x32,0xe6,0x28, + 0x8b,0x63,0x87,0x00,0xc3,0x53,0x4a,0x5b,0x71,0x7a,0x5b,0x28,0x40,0xc4,0x18, + 0xb6,0x77,0x0b,0xab,0x59,0xa4,0x96,0x7d +}; +static const unsigned char cav_q[] = { + 0xfe,0xab,0xf2,0x7c,0x16,0x4a,0xf0,0x8d,0x31,0xc6,0x0a,0x82,0xe2,0xae,0xbb, + 0x03,0x7e,0x7b,0x20,0x4e,0x64,0xb0,0x16,0xad,0x3c,0x01,0x1a,0xd3,0x54,0xbf, + 0x2b,0xa4,0x02,0x9e,0xc3,0x0d,0x60,0x3d,0x1f,0xb9,0xc0,0x0d,0xe6,0x97,0x68, + 0xbb,0x8c,0x81,0xd5,0xc1,0x54,0x96,0x0f,0x99,0xf0,0xa8,0xa2,0xf3,0xc6,0x8e, + 0xec,0xbc,0x31,0x17,0x70,0x98,0x24,0xa3,0x36,0x51,0xa8,0x54,0xc4,0x44,0xdd, + 0xf7,0x7e,0xda,0x47,0x4a,0x67,0x44,0x5d,0x4e,0x75,0xf0,0x4d,0x00,0x68,0xe1, + 0x4a,0xec,0x1f,0x45,0xf9,0xe6,0xca,0x38,0x95,0x48,0x6f,0xdc,0x9d,0x1b,0xa3, + 0x4b,0xfd,0x08,0x4b,0x54,0xcd,0xeb,0x3d,0xef,0x33,0x11,0x6e,0xce,0xe4,0x5d, + 0xef,0xa9,0x58,0x5c,0x87,0x4d,0xc8,0xcf +}; +static const unsigned char cav_n[] = { + 0xce,0x5e,0x8d,0x1a,0xa3,0x08,0x7a,0x2d,0xb4,0x49,0x48,0xf0,0x06,0xb6,0xfe, + 0xba,0x2f,0x39,0x7c,0x7b,0xe0,0x5d,0x09,0x2d,0x57,0x4e,0x54,0x60,0x9c,0xe5, + 0x08,0x4b,0xe1,0x1a,0x73,0xc1,0x5e,0x2f,0xb6,0x46,0xd7,0x81,0xca,0xbc,0x98, + 0xd2,0xf9,0xef,0x1c,0x92,0x8c,0x8d,0x99,0x85,0x28,0x52,0xd6,0xd5,0xab,0x70, + 0x7e,0x9e,0xa9,0x87,0x82,0xc8,0x95,0x64,0xeb,0xf0,0x6c,0x0f,0x3f,0xe9,0x02, + 0x29,0x2e,0x6d,0xa1,0xec,0xbf,0xdc,0x23,0xdf,0x82,0x4f,0xab,0x39,0x8d,0xcc, + 0xac,0x21,0x51,0x14,0xf8,0xef,0xec,0x73,0x80,0x86,0xa3,0xcf,0x8f,0xd5,0xcf, + 0x22,0x1f,0xcc,0x23,0x2f,0xba,0xcb,0xf6,0x17,0xcd,0x3a,0x1f,0xd9,0x84,0xb9, + 0x88,0xa7,0x78,0x0f,0xaa,0xc9,0x04,0x01,0x20,0x72,0x5d,0x2a,0xfe,0x5b,0xdd, + 0x16,0x5a,0xed,0x83,0x02,0x96,0x39,0x46,0x37,0x30,0xc1,0x0d,0x87,0xc2,0xc8, + 0x33,0x38,0xed,0x35,0x72,0xe5,0x29,0xf8,0x1f,0x23,0x60,0xe1,0x2a,0x5b,0x1d, + 0x6b,0x53,0x3f,0x07,0xc4,0xd9,0xbb,0x04,0x0c,0x5c,0x3f,0x0b,0xc4,0xd4,0x61, + 0x96,0x94,0xf1,0x0f,0x4a,0x49,0xac,0xde,0xd2,0xe8,0x42,0xb3,0x4a,0x0b,0x64, + 0x7a,0x32,0x5f,0x2b,0x5b,0x0f,0x8b,0x8b,0xe0,0x33,0x23,0x34,0x64,0xf8,0xb5, + 0x7f,0x69,0x60,0xb8,0x71,0xe9,0xff,0x92,0x42,0xb1,0xf7,0x23,0xa8,0xa7,0x92, + 0x04,0x3d,0x6b,0xff,0xf7,0xab,0xbb,0x14,0x1f,0x4c,0x10,0x97,0xd5,0x6b,0x71, + 0x12,0xfd,0x93,0xa0,0x4a,0x3b,0x75,0x72,0x40,0x96,0x1c,0x5f,0x40,0x40,0x57, + 0x13 +}; +static const unsigned char cav_d[] = { + 0x47,0x47,0x49,0x1d,0x66,0x2a,0x4b,0x68,0xf5,0xd8,0x4a,0x24,0xfd,0x6c,0xbf, + 0x56,0xb7,0x70,0xf7,0x9a,0x21,0xc8,0x80,0x9e,0xf4,0x84,0xcd,0x88,0x01,0x28, + 0xea,0x50,0xab,0x13,0x63,0xdf,0xea,0x14,0x38,0xb5,0x07,0x42,0x81,0x2f,0xda, + 0xe9,0x24,0x02,0x7e,0xaf,0xef,0x74,0x09,0x0e,0x80,0xfa,0xfb,0xd1,0x19,0x41, + 0xe5,0xba,0x0f,0x7c,0x0a,0xa4,0x15,0x55,0xa2,0x58,0x8c,0x3a,0x48,0x2c,0xc6, + 0xde,0x4a,0x76,0xfb,0x72,0xb6,0x61,0xe6,0xd2,0x10,0x44,0x4c,0x33,0xb8,0xd2, + 0x74,0xb1,0x9d,0x3b,0xcd,0x2f,0xb1,0x4f,0xc3,0x98,0xbd,0x83,0xb7,0x7e,0x75, + 0xe8,0xa7,0x6a,0xee,0xcc,0x51,0x8c,0x99,0x17,0x67,0x7f,0x27,0xf9,0x0d,0x6a, + 0xb7,0xd4,0x80,0x17,0x89,0x39,0x9c,0xf3,0xd7,0x0f,0xdf,0xb0,0x55,0x80,0x1d, + 0xaf,0x57,0x2e,0xd0,0xf0,0x4f,0x42,0x69,0x55,0xbc,0x83,0xd6,0x97,0x83,0x7a, + 0xe6,0xc6,0x30,0x6d,0x3d,0xb5,0x21,0xa7,0xc4,0x62,0x0a,0x20,0xce,0x5e,0x5a, + 0x17,0x98,0xb3,0x6f,0x6b,0x9a,0xeb,0x6b,0xa3,0xc4,0x75,0xd8,0x2b,0xdc,0x5c, + 0x6f,0xec,0x5d,0x49,0xac,0xa8,0xa4,0x2f,0xb8,0x8c,0x4f,0x2e,0x46,0x21,0xee, + 0x72,0x6a,0x0e,0x22,0x80,0x71,0xc8,0x76,0x40,0x44,0x61,0x16,0xbf,0xa5,0xf8, + 0x89,0xc7,0xe9,0x87,0xdf,0xbd,0x2e,0x4b,0x4e,0xc2,0x97,0x53,0xe9,0x49,0x1c, + 0x05,0xb0,0x0b,0x9b,0x9f,0x21,0x19,0x41,0xe9,0xf5,0x61,0xd7,0x33,0x2e,0x2c, + 0x94,0xb8,0xa8,0x9a,0x3a,0xcc,0x6a,0x24,0x8d,0x19,0x13,0xee,0xb9,0xb0,0x48, + 0x61 +}; + +/* helper function */ +static BIGNUM *bn_load_new(const unsigned char *data, int sz) +{ + BIGNUM *ret = BN_new(); + if (ret != NULL) + BN_bin2bn(data, sz, ret); + return ret; +} + +/* helper function */ +static BIGNUM *bn_load(BN_CTX *ctx, const unsigned char *data, int sz) +{ + BIGNUM *ret = BN_CTX_get(ctx); + if (ret != NULL) + BN_bin2bn(data, sz, ret); + return ret; +} + +static int test_check_public_exponent(void) +{ + int ret = 0; + BIGNUM *e = NULL; + + ret = TEST_ptr(e = BN_new()) + /* e is too small */ + && TEST_true(BN_set_word(e, 65535)) + && TEST_false(rsa_check_public_exponent(e)) + /* e is even will fail */ + && TEST_true(BN_set_word(e, 65536)) + && TEST_false(rsa_check_public_exponent(e)) + /* e is ok */ + && TEST_true(BN_set_word(e, 65537)) + && TEST_true(rsa_check_public_exponent(e)) + /* e = 2^256 is too big */ + && TEST_true(BN_lshift(e, BN_value_one(), 256)) + && TEST_false(rsa_check_public_exponent(e)) + /* e = 2^256-1 is odd and in range */ + && TEST_true(BN_sub(e, e, BN_value_one())) + && TEST_true(rsa_check_public_exponent(e)); + BN_free(e); + return ret; +} + +static int test_check_prime_factor_range(void) +{ + int ret = 0; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL; + BIGNUM *bn_p1 = NULL, *bn_p2 = NULL, *bn_p3 = NULL, *bn_p4 = NULL; + /* Some range checks that are larger than 32 bits */ + static const unsigned char p1[] = { 0x0B, 0x50, 0x4F, 0x33, 0x3F }; + static const unsigned char p2[] = { 0x10, 0x00, 0x00, 0x00, 0x00 }; + static const unsigned char p3[] = { 0x0B, 0x50, 0x4F, 0x33, 0x40 }; + static const unsigned char p4[] = { 0x0F, 0xFF, 0xFF, 0xFF, 0xFF }; + + /* (?2)(2^(nbits/2 - 1) <= p <= 2^(nbits/2) - 1 + * For 8 bits: 0xB.504F <= p <= 0xF + * for 72 bits: 0xB504F333F. <= p <= 0xF_FFFF_FFFF + */ + ret = TEST_ptr(p = BN_new()) + && TEST_ptr(bn_p1 = bn_load_new(p1, sizeof(p1))) + && TEST_ptr(bn_p2 = bn_load_new(p2, sizeof(p2))) + && TEST_ptr(bn_p3 = bn_load_new(p3, sizeof(p3))) + && TEST_ptr(bn_p4 = bn_load_new(p4, sizeof(p4))) + && TEST_ptr(ctx = BN_CTX_new()) + && TEST_true(BN_set_word(p, 0xA)) + && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_true(BN_set_word(p, 0x10)) + && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_true(BN_set_word(p, 0xB)) + && TEST_true(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_true(BN_set_word(p, 0xF)) + && TEST_true(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(rsa_check_prime_factor_range(bn_p1, 72, ctx)) + && TEST_false(rsa_check_prime_factor_range(bn_p2, 72, ctx)) + && TEST_true(rsa_check_prime_factor_range(bn_p3, 72, ctx)) + && TEST_true(rsa_check_prime_factor_range(bn_p4, 72, ctx)); + + BN_free(bn_p4); + BN_free(bn_p3); + BN_free(bn_p2); + BN_free(bn_p1); + BN_free(p); + BN_CTX_free(ctx); + return ret; +} + +static int test_check_prime_factor(void) +{ + int ret = 0; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *e = NULL; + BIGNUM *bn_p1 = NULL, *bn_p2 = NULL, *bn_p3 = NULL; + + /* Some range checks that are larger than 32 bits */ + static const unsigned char p1[] = { 0x0B, 0x50, 0x4f, 0x33, 0x73 }; + static const unsigned char p2[] = { 0x0B, 0x50, 0x4f, 0x33, 0x75 }; + static const unsigned char p3[] = { 0x0F, 0x50, 0x00, 0x03, 0x75 }; + + ret = TEST_ptr(p = BN_new()) + && TEST_ptr(bn_p1 = bn_load_new(p1, sizeof(p1))) + && TEST_ptr(bn_p2 = bn_load_new(p2, sizeof(p2))) + && TEST_ptr(bn_p3 = bn_load_new(p3, sizeof(p3))) + && TEST_ptr(e = BN_new()) + && TEST_ptr(ctx = BN_CTX_new()) + /* Fails the prime test */ + && TEST_true(BN_set_word(e, 0x1)) + && TEST_false(rsa_check_prime_factor(bn_p1, e, 72, ctx)) + /* p is prime and in range and gcd(p-1, e) = 1 */ + && TEST_true(rsa_check_prime_factor(bn_p2, e, 72, ctx)) + /* gcd(p-1,e) = 1 test fails */ + && TEST_true(BN_set_word(e, 0x2)) + && TEST_false(rsa_check_prime_factor(p, e, 72, ctx)) + /* p fails the range check */ + && TEST_true(BN_set_word(e, 0x1)) + && TEST_false(rsa_check_prime_factor(bn_p3, e, 72, ctx)); + + BN_free(bn_p3); + BN_free(bn_p2); + BN_free(bn_p1); + BN_free(e); + BN_free(p); + BN_CTX_free(ctx); + return ret; +} + +static int test_check_private_exponent(void) +{ + int ret = 0; + RSA *key = NULL; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *q = NULL, *e = NULL, *d = NULL, *n = NULL; + + ret = TEST_ptr(key = RSA_new()) + && TEST_ptr(ctx = BN_CTX_new()) + && TEST_ptr(p = BN_new()) + && TEST_ptr(q = BN_new()) + && TEST_ptr(e = BN_new()) + && TEST_ptr(d = BN_new()) + && TEST_ptr(n = BN_new()) + /* lcm(15-1,17-1) = 14*16 / 2 = 112 */ + && TEST_true(BN_set_word(p, 15)) + && TEST_true(BN_set_word(q, 17)) + && TEST_true(BN_set_word(e, 5)) + && TEST_true(BN_set_word(d, 157)) + && TEST_true(BN_set_word(n, 15*17)) + && TEST_true(RSA_set0_factors(key, p, q)) + && TEST_true(RSA_set0_key(key, n, e, d)) + /* fails since d >= lcm(p-1, q-1) */ + && TEST_false(rsa_check_private_exponent(key, 8, ctx)) + && TEST_true(BN_set_word(d, 45)) + /* d is correct size and 1 = e.d mod lcm(p-1, q-1) */ + && TEST_true(rsa_check_private_exponent(key, 8, ctx)) + /* d is too small compared to nbits */ + && TEST_false(rsa_check_private_exponent(key, 16, ctx)) + /* d is too small compared to nbits */ + && TEST_true(BN_set_word(d, 16)) + && TEST_false(rsa_check_private_exponent(key, 8, ctx)) + /* fail if 1 != e.d mod lcm(p-1, q-1) */ + && TEST_true(BN_set_word(d, 46)) + && TEST_false(rsa_check_private_exponent(key, 8, ctx)); + + RSA_free(key); + BN_CTX_free(ctx); + return ret; +} + +static int test_check_crt_components(void) +{ + const int P = 15; + const int Q = 17; + const int E = 5; + const int N = P*Q; + const int DP = 3; + const int DQ = 13; + const int QINV = 8; + + int ret = 0; + RSA *key = NULL; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *q = NULL, *e = NULL; + + ret = TEST_ptr(key = RSA_new()) + && TEST_ptr(ctx = BN_CTX_new()) + && TEST_ptr(p = BN_new()) + && TEST_ptr(q = BN_new()) + && TEST_ptr(e = BN_new()) + && TEST_true(BN_set_word(p, P)) + && TEST_true(BN_set_word(q, Q)) + && TEST_true(BN_set_word(e, E)) + && TEST_true(RSA_set0_factors(key, p, q)) + && TEST_true(rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx)) + && TEST_BN_eq_word(key->n, N) + && TEST_BN_eq_word(key->dmp1, DP) + && TEST_BN_eq_word(key->dmq1, DQ) + && TEST_BN_eq_word(key->iqmp, QINV) + && TEST_true(rsa_check_crt_components(key, ctx)) + /* (a) 1 < dP < (p ? 1). */ + && TEST_true(BN_set_word(key->dmp1, 1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->dmp1, P-1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->dmp1, DP)) + /* (b) 1 < dQ < (q - 1). */ + && TEST_true(BN_set_word(key->dmq1, 1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->dmq1, Q-1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->dmq1, DQ)) + /* (c) 1 < qInv < p */ + && TEST_true(BN_set_word(key->iqmp, 1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->iqmp, P)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->iqmp, QINV)) + /* (d) 1 = (dP . e) mod (p - 1)*/ + && TEST_true(BN_set_word(key->dmp1, DP+1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->dmp1, DP)) + /* (e) 1 = (dQ . e) mod (q - 1) */ + && TEST_true(BN_set_word(key->dmq1, DQ-1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->dmq1, DQ)) + /* (f) 1 = (qInv . q) mod p */ + && TEST_true(BN_set_word(key->iqmp, QINV+1)) + && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_true(BN_set_word(key->iqmp, QINV)) + /* check defaults are still valid */ + && TEST_true(rsa_check_crt_components(key, ctx)); + + BN_free(e); + RSA_free(key); + BN_CTX_free(ctx); + return ret; +} + +static int test_pq_diff(void) +{ + int ret = 0; + BIGNUM *tmp = NULL, *p = NULL, *q = NULL; + + ret = TEST_ptr(tmp = BN_new()) + && TEST_ptr(p = BN_new()) + && TEST_ptr(q = BN_new()) + /* |1-(2+1)| > 2^1 */ + && TEST_true(BN_set_word(p, 1)) + && TEST_true(BN_set_word(q, 1+2)) + && TEST_false(rsa_check_pminusq_diff(tmp, p, q, 202)) + /* Check |p - q| > 2^(nbits/2 - 100) */ + && TEST_true(BN_set_word(q, 1+3)) + && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202)) + && TEST_true(BN_set_word(p, 1+3)) + && TEST_true(BN_set_word(q, 1)) + && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202)); + BN_free(p); + BN_free(q); + BN_free(tmp); + return ret; +} + +static int test_invalid_keypair(void) +{ + int ret = 0; + RSA *key = NULL; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *q = NULL, *n = NULL, *e = NULL, *d = NULL; + + ret = TEST_ptr(key = RSA_new()) + && TEST_ptr(ctx = BN_CTX_new()) + /* NULL parameters */ + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + /* load key */ + && TEST_ptr(p = bn_load_new(cav_p, sizeof(cav_p))) + && TEST_ptr(q = bn_load_new(cav_q, sizeof(cav_q))) + && TEST_ptr(e = bn_load_new(cav_e, sizeof(cav_e))) + && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) + && TEST_ptr(d = bn_load_new(cav_d, sizeof(cav_d))) + && TEST_true(RSA_set0_key(key, n, e, d)) + && TEST_true(RSA_set0_factors(key, p, q)) + + /* bad strength/key size */ + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 100, 2048)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 112, 1024)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 128, 2048)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 140, 3072)) + /* mismatching exponent */ + && TEST_false(rsa_sp800_56b_check_keypair(key, BN_value_one(), -1, + 2048)) + /* bad exponent */ + && TEST_true(BN_add_word(e, 1)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, + 2048)) + && TEST_true(BN_sub_word(e, 1)) + + /* mismatch between bits and modulus */ + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 3072)) + && TEST_true(rsa_sp800_56b_check_keypair(key, e, 112, 2048)) + /* check n == pq failure */ + && TEST_true(BN_add_word(n, 1)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_true(BN_sub_word(n, 1)) + /* check p */ + && TEST_true(BN_sub_word(p, 2)) + && TEST_true(BN_mul(n, p, q, ctx)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_true(BN_add_word(p, 2)) + && TEST_true(BN_mul(n, p, q, ctx)) + /* check q */ + && TEST_true(BN_sub_word(q, 2)) + && TEST_true(BN_mul(n, p, q, ctx)) + && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_true(BN_add_word(q, 2)) + && TEST_true(BN_mul(n, p, q, ctx)); + + RSA_free(key); + BN_CTX_free(ctx); + return ret; +} + +static int test_fips1864_keygen_kat(void) +{ + int ret = 0; + RSA *key = NULL; + BN_CTX *ctx = NULL; + BIGNUM *e, *Xp, *Xp1, *Xp2, *Xq, *Xq1, *Xq2; + BIGNUM *p1, *p2, *q1, *q2; + BIGNUM *p1_exp, *p2_exp, *q1_exp, *q2_exp; + BIGNUM *p_exp, *q_exp, *n_exp, *d_exp; + const BIGNUM *p, *q, *n, *d, *e2; + + if (!(TEST_ptr(key = RSA_new()) && TEST_ptr(ctx = BN_CTX_new()))) + goto err; + BN_CTX_start(ctx); + + e = bn_load(ctx, cav_e, sizeof(cav_e)); + Xp = bn_load(ctx, cav_Xp, sizeof(cav_Xp)); + Xp1 = bn_load(ctx, cav_Xp1, sizeof(cav_Xp1)); + Xp2 = bn_load(ctx, cav_Xp2, sizeof(cav_Xp2)); + Xq = bn_load(ctx, cav_Xq, sizeof(cav_Xq)); + Xq1 = bn_load(ctx, cav_Xq1, sizeof(cav_Xq1)); + Xq2 = bn_load(ctx, cav_Xq2, sizeof(cav_Xq2)); + p1_exp = bn_load(ctx, cav_p1, sizeof(cav_p1)); + p2_exp = bn_load(ctx, cav_p2, sizeof(cav_p2)); + q1_exp = bn_load(ctx, cav_q1, sizeof(cav_q1)); + q2_exp = bn_load(ctx, cav_q2, sizeof(cav_q2)); + p_exp = bn_load(ctx, cav_p, sizeof(cav_p)); + q_exp = bn_load(ctx, cav_q, sizeof(cav_q)); + n_exp = bn_load(ctx, cav_n, sizeof(cav_n)); + d_exp = bn_load(ctx, cav_d, sizeof(cav_d)); + p1 = BN_CTX_get(ctx); + p2 = BN_CTX_get(ctx); + q1 = BN_CTX_get(ctx); + q2 = BN_CTX_get(ctx); + ret = TEST_ptr(q2) + && TEST_true(rsa_fips186_4_gen_prob_primes(key, p1, p2, NULL, Xp, Xp1, + Xp2, q1, q2, NULL, Xq, Xq1, + Xq2, 2048, e, ctx, NULL)) + && TEST_true(rsa_sp800_56b_derive_params_from_pq(key, 2048, e, ctx)) + && TEST_BN_eq(p1_exp, p1) + && TEST_BN_eq(p2_exp, p2) + && TEST_BN_eq(q1_exp, q1) + && TEST_BN_eq(q2_exp, q2); + if (!ret) + goto err; + + RSA_get0_key(key, &n, &e2, &d); + RSA_get0_factors(key, &p, &q); + ret = TEST_BN_eq(e, e2) + && TEST_BN_eq(p_exp, p) + && TEST_BN_eq(q_exp, q) + && TEST_BN_eq(n_exp, n) + && TEST_BN_eq(d_exp, d); +err: + RSA_free(key); + BN_CTX_end(ctx); + BN_CTX_free(ctx); + return ret; +} + + +static int keygen_size[] = +{ + 2048, 3072 +}; + +static int test_sp80056b_keygen(int id) +{ + RSA *key = NULL; + int ret; + int sz = keygen_size[id]; + + ret = TEST_ptr(key = RSA_new()) + && TEST_true(rsa_sp800_56b_generate_key(key, sz, NULL, NULL)) + && TEST_true(rsa_sp800_56b_check_public(key)) + && TEST_true(rsa_sp800_56b_check_private(key)) + && TEST_true(rsa_sp800_56b_check_keypair(key, NULL, -1, sz)); + + RSA_free(key); + return ret; +} + +static int test_check_private_key(void) +{ + int ret = 0; + BIGNUM *n = NULL, *d = NULL, *e = NULL; + RSA *key = NULL; + + ret = TEST_ptr(key = RSA_new()) + /* check NULL pointers fail */ + && TEST_false(rsa_sp800_56b_check_private(key)) + /* load private key */ + && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) + && TEST_ptr(d = bn_load_new(cav_d, sizeof(cav_d))) + && TEST_ptr(e = bn_load_new(cav_e, sizeof(cav_e))) + && TEST_true(RSA_set0_key(key, n, e, d)) + /* check d is in range */ + && TEST_true(rsa_sp800_56b_check_private(key)) + /* check d is too low */ + && TEST_true(BN_set_word(d, 0)) + && TEST_false(rsa_sp800_56b_check_private(key)) + /* check d is too high */ + && TEST_ptr(BN_copy(d, n)) + && TEST_false(rsa_sp800_56b_check_private(key)); + + RSA_free(key); + return ret; +} + +static int test_check_public_key(void) +{ + int ret = 0; + BIGNUM *n = NULL, *e = NULL; + RSA *key = NULL; + + ret = TEST_ptr(key = RSA_new()) + /* check NULL pointers fail */ + && TEST_false(rsa_sp800_56b_check_public(key)) + /* load public key */ + && TEST_ptr(e = bn_load_new(cav_e, sizeof(cav_e))) + && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) + && TEST_true(RSA_set0_key(key, n, e, NULL)) + /* check public key is valid */ + && TEST_true(rsa_sp800_56b_check_public(key)) + /* check fail if n is even */ + && TEST_true(BN_add_word(n, 1)) + && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_true(BN_sub_word(n, 1)) + /* check fail if n is wrong number of bits */ + && TEST_true(BN_lshift1(n, n)) + && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_true(BN_rshift1(n, n)) + /* test odd exponent fails */ + && TEST_true(BN_add_word(e, 1)) + && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_true(BN_sub_word(e, 1)) + /* modulus fails composite check */ + && TEST_true(BN_add_word(n, 2)) + && TEST_false(rsa_sp800_56b_check_public(key)); + + RSA_free(key); + return ret; +} + +int setup_tests(void) +{ + ADD_TEST(test_check_public_exponent); + ADD_TEST(test_check_prime_factor_range); + ADD_TEST(test_check_prime_factor); + ADD_TEST(test_check_private_exponent); + ADD_TEST(test_check_crt_components); + ADD_TEST(test_check_private_key); + ADD_TEST(test_check_public_key); + ADD_TEST(test_invalid_keypair); + ADD_TEST(test_pq_diff); + ADD_TEST(test_fips1864_keygen_kat); + ADD_ALL_TESTS(test_sp80056b_keygen, (int)OSSL_NELEM(keygen_size)); + return 1; +} +#endif diff --git a/test/rsa_test.c b/test/rsa_test.c index b351ceb..084f533 100644 --- a/test/rsa_test.c +++ b/test/rsa_test.c @@ -42,6 +42,8 @@ int setup_tests(void) BN_bin2bn(dmp1, sizeof(dmp1)-1, NULL), \ BN_bin2bn(dmq1, sizeof(dmq1)-1, NULL), \ BN_bin2bn(iqmp, sizeof(iqmp)-1, NULL)); \ + if (c == NULL) \ + return 0; \ memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ return sizeof(ctext_ex) - 1; From no-reply at appveyor.com Tue Mar 12 12:11:55 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 12:11:55 +0000 Subject: Build failed: openssl master.23382 Message-ID: <20190312121155.1.38F72EA850A76E96@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Tue Mar 12 12:30:47 2019 From: matt at openssl.org (Matt Caswell) Date: Tue, 12 Mar 2019 12:30:47 +0000 Subject: [openssl] master update Message-ID: <1552393847.619353.21341.nullmailer@dev.openssl.org> The branch master has been updated via a61b7f2fa6de3bf8d5b1436e66c52d6bf7150ae4 (commit) via 2a3b52eacd098a74157f5d4cbbb34ad8f863f04e (commit) from eef721b0d02c41cb5cebef33a9911db25523724a (commit) - Log ----------------------------------------------------------------- commit a61b7f2fa6de3bf8d5b1436e66c52d6bf7150ae4 Author: David von Oheimb Date: Fri Nov 16 14:05:31 2018 +0100 2nd chunk: CRMF code (crypto/crmf/, ) and its integration in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7646) commit 2a3b52eacd098a74157f5d4cbbb34ad8f863f04e Author: David von Oheimb Date: Wed Oct 17 15:51:19 2018 +0200 Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712) CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI. Adds extensive man pages and tests. Integration into build scripts. Incremental pull request based on OpenSSL commit 1362190b1b78 of 2018-09-26 1st chunk: CRMF API (include/openssl/crmf.h) and its documentation (reviewed) Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7328) ----------------------------------------------------------------------- Summary of changes: Configure | 1 + crypto/build.info | 2 +- crypto/crmf/build.info | 2 + crypto/crmf/crmf_asn.c | 240 ++++++++ crypto/crmf/crmf_err.c | 104 ++++ crypto/crmf/crmf_int.h | 394 ++++++++++++ crypto/crmf/crmf_lib.c | 753 +++++++++++++++++++++++ crypto/crmf/crmf_pbm.c | 231 +++++++ crypto/err/err.c | 1 + crypto/err/err_all.c | 4 + crypto/err/openssl.ec | 1 + crypto/err/openssl.txt | 41 ++ doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod | 66 ++ doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod | 106 ++++ doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod | 49 ++ doc/man3/OSSL_CRMF_MSG_set_validity.pod | 105 ++++ doc/man3/OSSL_CRMF_pbmp_new.pod | 78 +++ doc/man3/X509_dup.pod | 14 + include/openssl/crmf.h | 137 +++++ include/openssl/crmferr.h | 69 +++ include/openssl/err.h | 2 + util/libcrypto.num | 82 +++ 22 files changed, 2481 insertions(+), 1 deletion(-) create mode 100644 crypto/crmf/build.info create mode 100644 crypto/crmf/crmf_asn.c create mode 100644 crypto/crmf/crmf_err.c create mode 100644 crypto/crmf/crmf_int.h create mode 100644 crypto/crmf/crmf_lib.c create mode 100644 crypto/crmf/crmf_pbm.c create mode 100644 doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod create mode 100644 doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod create mode 100644 doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod create mode 100644 doc/man3/OSSL_CRMF_MSG_set_validity.pod create mode 100644 doc/man3/OSSL_CRMF_pbmp_new.pod create mode 100644 include/openssl/crmf.h create mode 100644 include/openssl/crmferr.h diff --git a/Configure b/Configure index b2410a2..8818d58 100755 --- a/Configure +++ b/Configure @@ -349,6 +349,7 @@ my @disablables = ( "cmac", "cms", "comp", + "crmf", "crypto-mdebug", "crypto-mdebug-backtrace", "ct", diff --git a/crypto/build.info b/crypto/build.info index 0cca6ab..a1ccad4 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -5,7 +5,7 @@ SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 x509v3 conf \ md2 md4 md5 sha mdc2 gmac hmac ripemd whrlpool poly1305 blake2 \ siphash sm3 des aes rc2 rc4 rc5 idea aria bf cast camellia \ seed sm4 chacha modes bn ec rsa dsa dh sm2 dso engine \ - err comp ocsp cms ts srp cmac ct async kmac ess + err comp ocsp cms ts srp cmac ct async kmac ess crmf LIBS=../libcrypto # The Core diff --git a/crypto/crmf/build.info b/crypto/crmf/build.info new file mode 100644 index 0000000..7cfa8ec --- /dev/null +++ b/crypto/crmf/build.info @@ -0,0 +1,2 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=crmf_asn.c crmf_err.c crmf_lib.c crmf_pbm.c diff --git a/crypto/crmf/crmf_asn.c b/crypto/crmf/crmf_asn.c new file mode 100644 index 0000000..d0ab6e9 --- /dev/null +++ b/crypto/crmf/crmf_asn.c @@ -0,0 +1,240 @@ +/*- + * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright Nokia 2007-2018 + * Copyright Siemens AG 2015-2018 + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + * + * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. + */ + +#include + +#include "crmf_int.h" + +/* explicit #includes not strictly needed since implied by the above: */ +#include + +ASN1_SEQUENCE(OSSL_CRMF_PRIVATEKEYINFO) = { + ASN1_SIMPLE(OSSL_CRMF_PRIVATEKEYINFO, version, ASN1_INTEGER), + ASN1_SIMPLE(OSSL_CRMF_PRIVATEKEYINFO, privateKeyAlgorithm, X509_ALGOR), + ASN1_SIMPLE(OSSL_CRMF_PRIVATEKEYINFO, privateKey, ASN1_OCTET_STRING), + ASN1_IMP_SET_OF_OPT(OSSL_CRMF_PRIVATEKEYINFO, attributes, X509_ATTRIBUTE, 0) +} ASN1_SEQUENCE_END(OSSL_CRMF_PRIVATEKEYINFO) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PRIVATEKEYINFO) + + +ASN1_CHOICE(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) = { + ASN1_SIMPLE(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER, value.string, ASN1_UTF8STRING), + ASN1_SIMPLE(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER, value.generalName, GENERAL_NAME) +} ASN1_CHOICE_END(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) + + +ASN1_SEQUENCE(OSSL_CRMF_ENCKEYWITHID) = { + ASN1_SIMPLE(OSSL_CRMF_ENCKEYWITHID, privateKey, OSSL_CRMF_PRIVATEKEYINFO), + ASN1_OPT(OSSL_CRMF_ENCKEYWITHID, identifier, + OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) +} ASN1_SEQUENCE_END(OSSL_CRMF_ENCKEYWITHID) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID) + + +ASN1_SEQUENCE(OSSL_CRMF_CERTID) = { + ASN1_SIMPLE(OSSL_CRMF_CERTID, issuer, GENERAL_NAME), + ASN1_SIMPLE(OSSL_CRMF_CERTID, serialNumber, ASN1_INTEGER) +} ASN1_SEQUENCE_END(OSSL_CRMF_CERTID) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) +IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID) + + +ASN1_SEQUENCE(OSSL_CRMF_ENCRYPTEDVALUE) = { + ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, intendedAlg, X509_ALGOR, 0), + ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, symmAlg, X509_ALGOR, 1), + ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, encSymmKey, ASN1_BIT_STRING, 2), + ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, keyAlg, X509_ALGOR, 3), + ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, valueHint, ASN1_OCTET_STRING, 4), + ASN1_SIMPLE(OSSL_CRMF_ENCRYPTEDVALUE, encValue, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END(OSSL_CRMF_ENCRYPTEDVALUE) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) + +ASN1_SEQUENCE(OSSL_CRMF_SINGLEPUBINFO) = { + ASN1_SIMPLE(OSSL_CRMF_SINGLEPUBINFO, pubMethod, ASN1_INTEGER), + ASN1_SIMPLE(OSSL_CRMF_SINGLEPUBINFO, pubLocation, GENERAL_NAME) +} ASN1_SEQUENCE_END(OSSL_CRMF_SINGLEPUBINFO) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) + + +ASN1_SEQUENCE(OSSL_CRMF_PKIPUBLICATIONINFO) = { + ASN1_SIMPLE(OSSL_CRMF_PKIPUBLICATIONINFO, action, ASN1_INTEGER), + ASN1_SEQUENCE_OF_OPT(OSSL_CRMF_PKIPUBLICATIONINFO, pubInfos, + OSSL_CRMF_SINGLEPUBINFO) +} ASN1_SEQUENCE_END(OSSL_CRMF_PKIPUBLICATIONINFO) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) +IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_PKIPUBLICATIONINFO) + + +ASN1_SEQUENCE(OSSL_CRMF_PKMACVALUE) = { + ASN1_SIMPLE(OSSL_CRMF_PKMACVALUE, algId, X509_ALGOR), + ASN1_SIMPLE(OSSL_CRMF_PKMACVALUE, value, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END(OSSL_CRMF_PKMACVALUE) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE) + + +ASN1_CHOICE(OSSL_CRMF_POPOPRIVKEY) = { + ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.thisMessage, ASN1_BIT_STRING, 0), + ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.subsequentMessage, ASN1_INTEGER, 1), + ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.dhMAC, ASN1_BIT_STRING, 2), + ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.agreeMAC, OSSL_CRMF_PKMACVALUE, 3), + /* + * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be somehow + * taken from crypto/cms which exists now - this is not used anywhere so far + */ + ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.encryptedKey, ASN1_NULL, 4), +} ASN1_CHOICE_END(OSSL_CRMF_POPOPRIVKEY) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY) + + +ASN1_SEQUENCE(OSSL_CRMF_PBMPARAMETER) = { + ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, salt, ASN1_OCTET_STRING), + ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, owf, X509_ALGOR), + ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, iterationCount, ASN1_INTEGER), + ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, mac, X509_ALGOR) +} ASN1_SEQUENCE_END(OSSL_CRMF_PBMPARAMETER) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) + + +ASN1_CHOICE(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) = { + ASN1_EXP(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO, value.sender, + GENERAL_NAME, 0), + ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO, value.publicKeyMAC, + OSSL_CRMF_PKMACVALUE) +} ASN1_CHOICE_END(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) + + +ASN1_SEQUENCE(OSSL_CRMF_POPOSIGNINGKEYINPUT) = { + ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEYINPUT, authInfo, + OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO), + ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEYINPUT, publicKey, X509_PUBKEY) +} ASN1_SEQUENCE_END(OSSL_CRMF_POPOSIGNINGKEYINPUT) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT) + + +ASN1_SEQUENCE(OSSL_CRMF_POPOSIGNINGKEY) = { + ASN1_IMP_OPT(OSSL_CRMF_POPOSIGNINGKEY, poposkInput, + OSSL_CRMF_POPOSIGNINGKEYINPUT, 0), + ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEY, algorithmIdentifier, X509_ALGOR), + ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEY, signature, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END(OSSL_CRMF_POPOSIGNINGKEY) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEY) + + +ASN1_CHOICE(OSSL_CRMF_POPO) = { + ASN1_IMP(OSSL_CRMF_POPO, value.raVerified, ASN1_NULL, 0), + ASN1_IMP(OSSL_CRMF_POPO, value.signature, OSSL_CRMF_POPOSIGNINGKEY, 1), + ASN1_EXP(OSSL_CRMF_POPO, value.keyEncipherment, OSSL_CRMF_POPOPRIVKEY, 2), + ASN1_EXP(OSSL_CRMF_POPO, value.keyAgreement, OSSL_CRMF_POPOPRIVKEY, 3) +} ASN1_CHOICE_END(OSSL_CRMF_POPO) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPO) + + +ASN1_ADB_TEMPLATE(attributetypeandvalue_default) = ASN1_OPT( + OSSL_CRMF_ATTRIBUTETYPEANDVALUE, value.other, ASN1_ANY); +ASN1_ADB(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) = { + ADB_ENTRY(NID_id_regCtrl_regToken, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.regToken, ASN1_UTF8STRING)), + ADB_ENTRY(NID_id_regCtrl_authenticator, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.authenticator, ASN1_UTF8STRING)), + ADB_ENTRY(NID_id_regCtrl_pkiPublicationInfo, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.pkiPublicationInfo, + OSSL_CRMF_PKIPUBLICATIONINFO)), + ADB_ENTRY(NID_id_regCtrl_oldCertID, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.oldCertID, OSSL_CRMF_CERTID)), + ADB_ENTRY(NID_id_regCtrl_protocolEncrKey, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.protocolEncrKey, X509_PUBKEY)), + ADB_ENTRY(NID_id_regInfo_utf8Pairs, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.utf8Pairs, ASN1_UTF8STRING)), + ADB_ENTRY(NID_id_regInfo_certReq, + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, + value.certReq, OSSL_CRMF_CERTREQUEST)), +} ASN1_ADB_END(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, 0, type, 0, + &attributetypeandvalue_default_tt, NULL); + + +ASN1_SEQUENCE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) = { + ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, type, ASN1_OBJECT), + ASN1_ADB_OBJECT(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) +} ASN1_SEQUENCE_END(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) + +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) +IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) + + +ASN1_SEQUENCE(OSSL_CRMF_OPTIONALVALIDITY) = { + ASN1_EXP_OPT(OSSL_CRMF_OPTIONALVALIDITY, notBefore, ASN1_TIME, 0), + ASN1_EXP_OPT(OSSL_CRMF_OPTIONALVALIDITY, notAfter, ASN1_TIME, 1) +} ASN1_SEQUENCE_END(OSSL_CRMF_OPTIONALVALIDITY) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY) + + +ASN1_SEQUENCE(OSSL_CRMF_CERTTEMPLATE) = { + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, version, ASN1_INTEGER, 0), + /* + * serialNumber MUST be omitted. This field is assigned by the CA + * during certificate creation. + */ + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, serialNumber, ASN1_INTEGER, 1), + /* + * signingAlg MUST be omitted. This field is assigned by the CA + * during certificate creation. + */ + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, signingAlg, X509_ALGOR, 2), + ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, issuer, X509_NAME, 3), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, validity, + OSSL_CRMF_OPTIONALVALIDITY, 4), + ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, subject, X509_NAME, 5), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, publicKey, X509_PUBKEY, 6), + /* issuerUID is deprecated in version 2 */ + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, issuerUID, ASN1_BIT_STRING, 7), + /* subjectUID is deprecated in version 2 */ + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, subjectUID, ASN1_BIT_STRING, 8), + ASN1_IMP_SEQUENCE_OF_OPT(OSSL_CRMF_CERTTEMPLATE, extensions, + X509_EXTENSION, 9), +} ASN1_SEQUENCE_END(OSSL_CRMF_CERTTEMPLATE) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) + + +ASN1_SEQUENCE(OSSL_CRMF_CERTREQUEST) = { + ASN1_SIMPLE(OSSL_CRMF_CERTREQUEST, certReqId, ASN1_INTEGER), + ASN1_SIMPLE(OSSL_CRMF_CERTREQUEST, certTemplate, OSSL_CRMF_CERTTEMPLATE), + ASN1_SEQUENCE_OF_OPT(OSSL_CRMF_CERTREQUEST, controls, + OSSL_CRMF_ATTRIBUTETYPEANDVALUE) +} ASN1_SEQUENCE_END(OSSL_CRMF_CERTREQUEST) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST) +IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST) + + +ASN1_SEQUENCE(OSSL_CRMF_MSG) = { + ASN1_SIMPLE(OSSL_CRMF_MSG, certReq, OSSL_CRMF_CERTREQUEST), + ASN1_OPT(OSSL_CRMF_MSG, popo, OSSL_CRMF_POPO), + ASN1_SEQUENCE_OF_OPT(OSSL_CRMF_MSG, regInfo, + OSSL_CRMF_ATTRIBUTETYPEANDVALUE) +} ASN1_SEQUENCE_END(OSSL_CRMF_MSG) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_MSG) + + +ASN1_ITEM_TEMPLATE(OSSL_CRMF_MSGS) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, + OSSL_CRMF_MSGS, OSSL_CRMF_MSG) + ASN1_ITEM_TEMPLATE_END(OSSL_CRMF_MSGS) +IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) + diff --git a/crypto/crmf/crmf_err.c b/crypto/crmf/crmf_err.c new file mode 100644 index 0000000..f3405b1 --- /dev/null +++ b/crypto/crmf/crmf_err.c @@ -0,0 +1,104 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +#ifndef OPENSSL_NO_ERR + +static const ERR_STRING_DATA CRMF_str_functs[] = { + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_CRMF_POPOSIGNINGKEY_INIT, 0), + "CRMF_poposigningkey_init"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_CERTID_GEN, 0), + "OSSL_CRMF_CERTID_gen"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, 0), + "OSSL_CRMF_CERTTEMPLATE_fill"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, 0), + "OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, 0), + "OSSL_CRMF_MSGS_verify_popo"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, 0), + "OSSL_CRMF_MSG_create_popo"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_GET0_TMPL, 0), + "OSSL_CRMF_MSG_get0_tmpl"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, 0), + "OSSL_CRMF_MSG_get_certReqId"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO, 0), + "OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, 0), + "OSSL_CRMF_MSG_push0_extension"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, 0), + "OSSL_CRMF_MSG_push0_regCtrl"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, 0), + "OSSL_CRMF_MSG_push0_regInfo"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS, 0), + "OSSL_CRMF_MSG_set0_extensions"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO, 0), + "OSSL_CRMF_MSG_set0_SinglePubInfo"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID, 0), + "OSSL_CRMF_MSG_set_certReqId"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION, 0), + "OSSL_CRMF_MSG_set_PKIPublicationInfo_action"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY, 0), + "OSSL_CRMF_MSG_set_validity"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_PBMP_NEW, 0), + "OSSL_CRMF_pbmp_new"}, + {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_PBM_NEW, 0), "OSSL_CRMF_pbm_new"}, + {0, NULL} +}; + +static const ERR_STRING_DATA CRMF_str_reasons[] = { + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_BAD_PBM_ITERATIONCOUNT), + "bad pbm iterationcount"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_CRMFERROR), "crmferror"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR), "error"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECODING_CERTIFICATE), + "error decoding certificate"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECRYPTING_CERTIFICATE), + "error decrypting certificate"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY), + "error decrypting symmetric key"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_FAILURE_OBTAINING_RANDOM), + "failure obtaining random"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ITERATIONCOUNT_BELOW_100), + "iterationcount below 100"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_MALFORMED_IV), "malformed iv"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_NULL_ARGUMENT), "null argument"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_SETTING_MAC_ALGOR_FAILURE), + "setting mac algor failure"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_SETTING_OWF_ALGOR_FAILURE), + "setting owf algor failure"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_ALGORITHM), + "unsupported algorithm"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY), + "unsupported alg for popsigningkey"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_CIPHER), + "unsupported cipher"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO), + "unsupported method for creating popo"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_POPO_METHOD), + "unsupported popo method"}, + {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_POPO_NOT_ACCEPTED), + "unsupported popo not accepted"}, + {0, NULL} +}; + +#endif + +int ERR_load_CRMF_strings(void) +{ +#ifndef OPENSSL_NO_ERR + if (ERR_func_error_string(CRMF_str_functs[0].error) == NULL) { + ERR_load_strings_const(CRMF_str_functs); + ERR_load_strings_const(CRMF_str_reasons); + } +#endif + return 1; +} diff --git a/crypto/crmf/crmf_int.h b/crypto/crmf/crmf_int.h new file mode 100644 index 0000000..db1547b --- /dev/null +++ b/crypto/crmf/crmf_int.h @@ -0,0 +1,394 @@ +/*- + * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright Nokia 2007-2018 + * Copyright Siemens AG 2015-2018 + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + * + * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. + */ + +#ifndef OSSL_HEADER_CRMF_INT_H +# define OSSL_HEADER_CRMF_INT_H + +# include +# include + +/* explicit #includes not strictly needed since implied by the above: */ +# include +# include +# include +# include + +/*- + * EncryptedValue ::= SEQUENCE { + * intendedAlg [0] AlgorithmIdentifier OPTIONAL, + * -- the intended algorithm for which the value will be used + * symmAlg [1] AlgorithmIdentifier OPTIONAL, + * -- the symmetric algorithm used to encrypt the value + * encSymmKey [2] BIT STRING OPTIONAL, + * -- the (encrypted) symmetric key used to encrypt the value + * keyAlg [3] AlgorithmIdentifier OPTIONAL, + * -- algorithm used to encrypt the symmetric key + * valueHint [4] OCTET STRING OPTIONAL, + * -- a brief description or identifier of the encValue content + * -- (may be meaningful only to the sending entity, and + * -- used only if EncryptedValue might be re-examined + * -- by the sending entity in the future) + * encValue BIT STRING + * -- the encrypted value itself + * } + */ +struct OSSL_crmf_encryptedvalue_st { + X509_ALGOR *intendedAlg; /* 0 */ + X509_ALGOR *symmAlg; /* 1 */ + ASN1_BIT_STRING *encSymmKey; /* 2 */ + X509_ALGOR *keyAlg; /* 3 */ + ASN1_OCTET_STRING *valueHint; /* 4 */ + ASN1_BIT_STRING *encValue; +} /* OSSL_CRMF_ENCRYPTEDVALUE */; + +/*- + * Attributes ::= SET OF Attribute + * => X509_ATTRIBUTE + * + * PrivateKeyInfo ::= SEQUENCE { + * version INTEGER, + * privateKeyAlgorithm AlgorithmIdentifier, + * privateKey OCTET STRING, + * attributes [0] IMPLICIT Attributes OPTIONAL + * } + */ +typedef struct OSSL_crmf_privatekeyinfo_st { + ASN1_INTEGER *version; + X509_ALGOR *privateKeyAlgorithm; + ASN1_OCTET_STRING *privateKey; + STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ +} OSSL_CRMF_PRIVATEKEYINFO; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PRIVATEKEYINFO) + +/*- + * section 4.2.1 Private Key Info Content Type + * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} + * + * EncKeyWithID ::= SEQUENCE { + * privateKey PrivateKeyInfo, + * identifier CHOICE { + * string UTF8String, + * generalName GeneralName + * } OPTIONAL + * } + */ +typedef struct OSSL_crmf_enckeywithid_identifier_st { + int type; + union { + ASN1_UTF8STRING *string; + GENERAL_NAME *generalName; + } value; +} OSSL_CRMF_ENCKEYWITHID_IDENTIFIER; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) + +typedef struct OSSL_crmf_enckeywithid_st { + OSSL_CRMF_PRIVATEKEYINFO *privateKey; + /* [0] */ + OSSL_CRMF_ENCKEYWITHID_IDENTIFIER *identifier; +} OSSL_CRMF_ENCKEYWITHID; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID) + +/*- + * CertId ::= SEQUENCE { + * issuer GeneralName, + * serialNumber INTEGER + * } + */ +struct OSSL_crmf_certid_st { + GENERAL_NAME *issuer; + ASN1_INTEGER *serialNumber; +} /* OSSL_CRMF_CERTID */; +DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID) + +/*- + * SinglePubInfo ::= SEQUENCE { + * pubMethod INTEGER { + * dontCare (0), + * x500 (1), + * web (2), + * ldap (3) }, + * pubLocation GeneralName OPTIONAL + * } + */ +struct OSSL_crmf_singlepubinfo_st { + ASN1_INTEGER *pubMethod; + GENERAL_NAME *pubLocation; +} /* OSSL_CRMF_SINGLEPUBINFO */; +DEFINE_STACK_OF(OSSL_CRMF_SINGLEPUBINFO) +typedef STACK_OF(OSSL_CRMF_SINGLEPUBINFO) OSSL_CRMF_PUBINFOS; + + +/*- + * PKIPublicationInfo ::= SEQUENCE { + * action INTEGER { + * dontPublish (0), + * pleasePublish (1) }, + * pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL + * -- pubInfos MUST NOT be present if action is "dontPublish" + * -- (if action is "pleasePublish" and pubInfos is omitted, + * -- "dontCare" is assumed) + * } + */ +struct OSSL_crmf_pkipublicationinfo_st { + ASN1_INTEGER *action; + OSSL_CRMF_PUBINFOS *pubInfos; +} /* OSSL_CRMF_PKIPUBLICATIONINFO */; +DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_PKIPUBLICATIONINFO) + +/*- + * PKMACValue ::= SEQUENCE { + * algId AlgorithmIdentifier, + * -- algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13} + * -- parameter value is PBMParameter + * value BIT STRING + * } + */ +typedef struct OSSL_crmf_pkmacvalue_st { + X509_ALGOR *algId; + ASN1_BIT_STRING *value; +} OSSL_CRMF_PKMACVALUE; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE) + +/*- + * SubsequentMessage ::= INTEGER { + * encrCert (0), + * -- requests that resulting certificate be encrypted for the + * -- end entity (following which, POP will be proven in a + * -- confirmation message) + * challengeResp (1) + * -- requests that CA engage in challenge-response exchange with + * -- end entity in order to prove private key possession + * } + * + * POPOPrivKey ::= CHOICE { + * thisMessage [0] BIT STRING, -- Deprecated + * -- possession is proven in this message (which contains the private + * -- key itself (encrypted for the CA)) + * subsequentMessage [1] SubsequentMessage, + * -- possession will be proven in a subsequent message + * dhMAC [2] BIT STRING, -- Deprecated + * agreeMAC [3] PKMACValue, + * encryptedKey [4] EnvelopedData + * } + */ + +typedef struct OSSL_crmf_popoprivkey_st { + int type; + union { + ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */ + ASN1_INTEGER *subsequentMessage; /* 1 */ + ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */ + OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */ + /* + * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be + * somehow taken from crypto/cms which exists now + * - this is not used anywhere so far + */ + ASN1_NULL *encryptedKey; /* 4 */ + } value; +} OSSL_CRMF_POPOPRIVKEY; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY) + +/*- + * PBMParameter ::= SEQUENCE { + * salt OCTET STRING, + * owf AlgorithmIdentifier, + * -- AlgId for a One-Way Function (SHA-1 recommended) + * iterationCount INTEGER, + * -- number of times the OWF is applied + * mac AlgorithmIdentifier + * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], + * -- or HMAC [HMAC, RFC2202]) + * } + */ +struct OSSL_crmf_pbmparameter_st { + ASN1_OCTET_STRING *salt; + X509_ALGOR *owf; + ASN1_INTEGER *iterationCount; + X509_ALGOR *mac; +} /* OSSL_CRMF_PBMPARAMETER */; +#define OSSL_CRMF_PBM_MAX_ITERATION_COUNT 100000 /* if too large allows DoS */ + +/*- + * POPOSigningKeyInput ::= SEQUENCE { + * authInfo CHOICE { + * sender [0] GeneralName, + * -- used only if an authenticated identity has been + * -- established for the sender (e.g., a DN from a + * -- previously-issued and currently-valid certificate) + * publicKeyMAC PKMACValue }, + * -- used if no authenticated GeneralName currently exists for + * -- the sender; publicKeyMAC contains a password-based MAC + * -- on the DER-encoded value of publicKey + * publicKey SubjectPublicKeyInfo -- from CertTemplate + * } +*/ +typedef struct OSSL_crmf_poposigningkeyinput_authinfo_st { + int type; + union { + /* 0 */ GENERAL_NAME *sender; + /* 1 */ OSSL_CRMF_PKMACVALUE *publicKeyMAC; + } value; +} OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) + +typedef struct OSSL_crmf_poposigningkeyinput_st { + OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO *authInfo; + X509_PUBKEY *publicKey; +} OSSL_CRMF_POPOSIGNINGKEYINPUT; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT) + +/*- + * POPOSigningKey ::= SEQUENCE { + * poposkInput [0] POPOSigningKeyInput OPTIONAL, + * algorithmIdentifier AlgorithmIdentifier, + * signature BIT STRING + * } + */ +struct OSSL_crmf_poposigningkey_st { + OSSL_CRMF_POPOSIGNINGKEYINPUT *poposkInput; + X509_ALGOR *algorithmIdentifier; + ASN1_BIT_STRING *signature; +} /* OSSL_CRMF_POPOSIGNINGKEY */; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEY) + +/*- + * ProofOfPossession ::= CHOICE { + * raVerified [0] NULL, + * -- used if the RA has already verified that the requester is in + * -- possession of the private key + * signature [1] POPOSigningKey, + * keyEncipherment [2] POPOPrivKey, + * keyAgreement [3] POPOPrivKey + * } + */ +typedef struct OSSL_crmf_popo_st { + int type; + union { + ASN1_NULL *raVerified; /* 0 */ + OSSL_CRMF_POPOSIGNINGKEY *signature; /* 1 */ + OSSL_CRMF_POPOPRIVKEY *keyEncipherment; /* 2 */ + OSSL_CRMF_POPOPRIVKEY *keyAgreement; /* 3 */ + } value; +} OSSL_CRMF_POPO; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPO) + +/*- + * OptionalValidity ::= SEQUENCE { + * notBefore [0] Time OPTIONAL, + * notAfter [1] Time OPTIONAL -- at least one MUST be present + * } + */ +struct OSSL_crmf_optionalvalidity_st { + /* 0 */ ASN1_TIME *notBefore; + /* 1 */ ASN1_TIME *notAfter; +} /* OSSL_CRMF_OPTIONALVALIDITY */; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY) + +/*- + * CertTemplate ::= SEQUENCE { + * version [0] Version OPTIONAL, + * serialNumber [1] INTEGER OPTIONAL, + * signingAlg [2] AlgorithmIdentifier OPTIONAL, + * issuer [3] Name OPTIONAL, + * validity [4] OptionalValidity OPTIONAL, + * subject [5] Name OPTIONAL, + * publicKey [6] SubjectPublicKeyInfo OPTIONAL, + * issuerUID [7] UniqueIdentifier OPTIONAL, + * subjectUID [8] UniqueIdentifier OPTIONAL, + * extensions [9] Extensions OPTIONAL + * } + */ +struct OSSL_crmf_certtemplate_st { + ASN1_INTEGER *version; /* 0 */ + ASN1_INTEGER *serialNumber; /* 1 */ /* serialNumber MUST be omitted */ + /* This field is assigned by the CA during certificate creation */ + X509_ALGOR *signingAlg; /* 2 */ /* signingAlg MUST be omitted */ + /* This field is assigned by the CA during certificate creation */ + X509_NAME *issuer; /* 3 */ + OSSL_CRMF_OPTIONALVALIDITY *validity; /* 4 */ + X509_NAME *subject; /* 5 */ + X509_PUBKEY *publicKey; /* 6 */ + ASN1_BIT_STRING *issuerUID; /* 7 */ /* deprecated in version 2 */ + /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */ + ASN1_BIT_STRING *subjectUID; /* 8 */ /* deprecated in version 2 */ + /* Could be X509_EXTENSION*S*, but that's only cosmetic */ + STACK_OF(X509_EXTENSION) *extensions; /* 9 */ +} /* OSSL_CRMF_CERTTEMPLATE */; + +/*- + * CertRequest ::= SEQUENCE { + * certReqId INTEGER, -- ID for matching request and reply + * certTemplate CertTemplate, -- Selected fields of cert to be issued + * controls Controls OPTIONAL -- Attributes affecting issuance + * } + */ +struct OSSL_crmf_certrequest_st { + ASN1_INTEGER *certReqId; + OSSL_CRMF_CERTTEMPLATE *certTemplate; + /* TODO: make OSSL_CRMF_CONTROLS out of that - but only cosmetical */ + STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *controls; +} /* OSSL_CRMF_CERTREQUEST */; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST) +DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST) + +/* TODO: isn't there a better way to have this for ANY type? */ +struct OSSL_crmf_attributetypeandvalue_st { + ASN1_OBJECT *type; + union { + /* NID_id_regCtrl_regToken */ + ASN1_UTF8STRING *regToken; + + /* NID_id_regCtrl_authenticator */ + ASN1_UTF8STRING *authenticator; + + /* NID_id_regCtrl_pkiPublicationInfo */ + OSSL_CRMF_PKIPUBLICATIONINFO *pkiPublicationInfo; + + /* NID_id_regCtrl_oldCertID */ + OSSL_CRMF_CERTID *oldCertID; + + /* NID_id_regCtrl_protocolEncrKey */ + X509_PUBKEY *protocolEncrKey; + + /* NID_id_regInfo_utf8Pairs */ + ASN1_UTF8STRING *utf8Pairs; + + /* NID_id_regInfo_certReq */ + OSSL_CRMF_CERTREQUEST *certReq; + + ASN1_TYPE *other; + } value; +} /* OSSL_CRMF_ATTRIBUTETYPEANDVALUE */; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) +DEFINE_STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) +DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) + +/*- + * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg + * CertReqMsg ::= SEQUENCE { + * certReq CertRequest, + * popo ProofOfPossession OPTIONAL, + * -- content depends upon key type + * regInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL + * } + */ +struct OSSL_crmf_msg_st { + OSSL_CRMF_CERTREQUEST *certReq; + /* 0 */ + OSSL_CRMF_POPO *popo; + /* 1 */ + STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *regInfo; +} /* OSSL_CRMF_MSG */; +/* DEFINE_STACK_OF(OSSL_CRMF_MSG) */ +#endif diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c new file mode 100644 index 0000000..49deca7 --- /dev/null +++ b/crypto/crmf/crmf_lib.c @@ -0,0 +1,753 @@ +/*- + * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright Nokia 2007-2018 + * Copyright Siemens AG 2015-2018 + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + * + * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. + */ + +/* + * This file contains the functions that handle the individual items inside + * the CRMF structures + */ + +/* + * NAMING + * + * The 0 functions use the supplied structure pointer directly in the parent and + * it will be freed up when the parent is freed. + * + * The 1 functions use a copy of the supplied structure pointer (or in some + * cases increases its link count) in the parent and so both should be freed up. + */ + +#include + +#include "crmf_int.h" + +/* explicit #includes not strictly needed since implied by the above: */ +#include +#include +#include + +/*- + * atyp = Attribute Type + * valt = Value Type + * ctrlinf = "regCtrl" or "regInfo" + */ +#define IMPLEMENT_CRMF_CTRL_FUNC(atyp, valt, ctrlinf) \ +int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg, \ + const valt *in) \ +{ \ + OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \ + \ + if (msg == NULL || in == NULL) \ + goto err; \ + if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL) \ + goto err; \ + if ((atav->type = OBJ_nid2obj(NID_id_##ctrlinf##_##atyp)) == NULL) \ + goto err; \ + if ((atav->value.atyp = valt##_dup(in)) == NULL) \ + goto err; \ + if (!OSSL_CRMF_MSG_push0_##ctrlinf(msg, atav)) \ + goto err; \ + return 1; \ + err: \ + OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(atav); \ + return 0; \ +} + + +/*- + * Pushes the given control attribute into the controls stack of a CertRequest + * (section 6) + * returns 1 on success, 0 on error + */ +static int OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG *crm, + OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ctrl) +{ + int new = 0; + + if (crm == NULL || crm->certReq == NULL || ctrl == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (crm->certReq->controls == NULL) { + crm->certReq->controls = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null(); + if (crm->certReq->controls == NULL) + goto oom; + new = 1; + } + if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->certReq->controls, ctrl)) + goto oom; + + return 1; + oom: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, ERR_R_MALLOC_FAILURE); + + if (new != 0) { + sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(crm->certReq->controls); + crm->certReq->controls = NULL; + } + return 0; +} + + /* id-regCtrl-regToken Control (section 6.1) */ +IMPLEMENT_CRMF_CTRL_FUNC(regToken, ASN1_STRING, regCtrl) + + /* id-regCtrl-authenticator Control (section 6.2) */ +#define ASN1_UTF8STRING_dup ASN1_STRING_dup +IMPLEMENT_CRMF_CTRL_FUNC(authenticator, ASN1_UTF8STRING, regCtrl) + +int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, + int method, GENERAL_NAME *nm) +{ + if (spi == NULL + || method < OSSL_CRMF_PUB_METHOD_DONTCARE + || method > OSSL_CRMF_PUB_METHOD_LDAP) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO, + ERR_R_PASSED_INVALID_ARGUMENT); + return 0; + } + + if (!ASN1_INTEGER_set(spi->pubMethod, method)) + return 0; + GENERAL_NAME_free(spi->pubLocation); + spi->pubLocation = nm; + return 1; +} + +int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo( + OSSL_CRMF_PKIPUBLICATIONINFO *pi, + OSSL_CRMF_SINGLEPUBINFO *spi) +{ + if (pi == NULL || spi == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO, + CRMF_R_NULL_ARGUMENT); + return 0; + } + if (pi->pubInfos == NULL) + pi->pubInfos = sk_OSSL_CRMF_SINGLEPUBINFO_new_null(); + if (pi->pubInfos == NULL) + goto oom; + + if (!sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi)) + goto oom; + return 1; + + oom: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO, + ERR_R_MALLOC_FAILURE); + return 0; +} + +int OSSL_CRMF_MSG_set_PKIPublicationInfo_action( + OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action) +{ + if (pi == NULL + || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH + || action > OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION, + ERR_R_PASSED_INVALID_ARGUMENT); + return 0; + } + + return ASN1_INTEGER_set(pi->action, action); +} + + /* id-regCtrl-pkiPublicationInfo Control (section 6.3) */ +IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo, OSSL_CRMF_PKIPUBLICATIONINFO, + regCtrl) + + /* id-regCtrl-oldCertID Control (section 6.5) from the given */ +IMPLEMENT_CRMF_CTRL_FUNC(oldCertID, OSSL_CRMF_CERTID, regCtrl) + +OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, + const ASN1_INTEGER *serial) +{ + OSSL_CRMF_CERTID *cid = NULL; + + if (issuer == NULL || serial == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_CERTID_GEN, CRMF_R_NULL_ARGUMENT); + return NULL; + } + + if ((cid = OSSL_CRMF_CERTID_new()) == NULL) + goto oom; + + if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer)) + goto oom; + cid->issuer->type = GEN_DIRNAME; + + ASN1_INTEGER_free(cid->serialNumber); + if ((cid->serialNumber = ASN1_INTEGER_dup(serial)) == NULL) + goto oom; + + return cid; + + oom: + CRMFerr(CRMF_F_OSSL_CRMF_CERTID_GEN, ERR_R_MALLOC_FAILURE); + OSSL_CRMF_CERTID_free(cid); + return NULL; +} + + /* + * id-regCtrl-protocolEncrKey Control (section 6.6) + * + * For some reason X509_PUBKEY_dup() is not implemented in OpenSSL X509 + * TODO: check whether that should go elsewhere + */ +static IMPLEMENT_ASN1_DUP_FUNCTION(X509_PUBKEY) +IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey, X509_PUBKEY, regCtrl) + +/*- + * Pushes the attribute given in regInfo in to the CertReqMsg->regInfo stack. + * (section 7) + * returns 1 on success, 0 on error + */ +static int OSSL_CRMF_MSG_push0_regInfo(OSSL_CRMF_MSG *crm, + OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ri) +{ + STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *info = NULL; + + if (crm == NULL || ri == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (crm->regInfo == NULL) + crm->regInfo = info = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null(); + if (crm->regInfo == NULL) + goto oom; + if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->regInfo, ri)) + goto oom; + return 1; + + oom: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, ERR_R_MALLOC_FAILURE); + if (info != NULL) + crm->regInfo = NULL; + sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(info); + return 0; +} + +/* id-regInfo-utf8Pairs to regInfo (section 7.1) */ +IMPLEMENT_CRMF_CTRL_FUNC(utf8Pairs, ASN1_UTF8STRING, regInfo) + +/* id-regInfo-certReq to regInfo (section 7.2) */ +IMPLEMENT_CRMF_CTRL_FUNC(certReq, OSSL_CRMF_CERTREQUEST, regInfo) + + +/* retrieves the certificate template of crm */ +OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm) +{ + if (crm == NULL || crm->certReq == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET0_TMPL, CRMF_R_NULL_ARGUMENT); + return NULL; + } + return crm->certReq->certTemplate; +} + + +int OSSL_CRMF_MSG_set_validity(OSSL_CRMF_MSG *crm, time_t from, time_t to) +{ + OSSL_CRMF_OPTIONALVALIDITY *vld = NULL; + ASN1_TIME *from_asn = NULL; + ASN1_TIME *to_asn = NULL; + OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm); + + if (tmpl == NULL) { /* also crm == NULL implies this */ + CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (from != 0 && ((from_asn = ASN1_TIME_set(NULL, from)) == NULL)) + goto oom; + if (to != 0 && ((to_asn = ASN1_TIME_set(NULL, to)) == NULL)) + goto oom; + if ((vld = OSSL_CRMF_OPTIONALVALIDITY_new()) == NULL) + goto oom; + + vld->notBefore = from_asn; + vld->notAfter = to_asn; + + tmpl->validity = vld; + + return 1; + oom: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY, ERR_R_MALLOC_FAILURE); + ASN1_TIME_free(from_asn); + ASN1_TIME_free(to_asn); + return 0; +} + + +int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid) +{ + if (crm == NULL || crm->certReq == NULL || crm->certReq->certReqId == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID, CRMF_R_NULL_ARGUMENT); + return 0; + } + + return ASN1_INTEGER_set(crm->certReq->certReqId, rid); +} + +/* get ASN.1 encoded integer, return -1 on error */ +static int crmf_asn1_get_int(int func, const ASN1_INTEGER *a) +{ + int64_t res; + + if (!ASN1_INTEGER_get_int64(&res, a)) { + CRMFerr(func, ASN1_R_INVALID_NUMBER); + return -1; + } + if (res < INT_MIN) { + CRMFerr(func, ASN1_R_TOO_SMALL); + return -1; + } + if (res > INT_MAX) { + CRMFerr(func, ASN1_R_TOO_LARGE); + return -1; + } + return (int)res; +} + +int OSSL_CRMF_MSG_get_certReqId(OSSL_CRMF_MSG *crm) +{ + if (crm == NULL || /* not really needed: */ crm->certReq == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, CRMF_R_NULL_ARGUMENT); + return -1; + } + return crmf_asn1_get_int(CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, + crm->certReq->certReqId); +} + + +int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, + X509_EXTENSIONS *exts) +{ + OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm); + + if (tmpl == NULL) { /* also crm == NULL implies this */ + CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (sk_X509_EXTENSION_num(exts) == 0) { + sk_X509_EXTENSION_free(exts); + exts = NULL; /* do not include empty extensions list */ + } + + sk_X509_EXTENSION_pop_free(tmpl->extensions, X509_EXTENSION_free); + tmpl->extensions = exts; + return 1; +} + + +int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, + const X509_EXTENSION *ext) +{ + int new = 0; + OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm); + + if (tmpl == NULL || ext == NULL) { /* also crm == NULL implies this */ + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (tmpl->extensions == NULL) { + if ((tmpl->extensions = sk_X509_EXTENSION_new_null()) == NULL) + goto oom; + new = 1; + } + + if (!sk_X509_EXTENSION_push(tmpl->extensions, (X509_EXTENSION *)ext)) + goto oom; + return 1; + oom: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, ERR_R_MALLOC_FAILURE); + + if (new != 0) { + sk_X509_EXTENSION_free(tmpl->extensions); + tmpl->extensions = NULL; + } + return 0; +} + +/* TODO: support cases 1+2 (besides case 3) defined in RFC 4211, section 4.1. */ +static int CRMF_poposigningkey_init(OSSL_CRMF_POPOSIGNINGKEY *ps, + OSSL_CRMF_CERTREQUEST *cr, + EVP_PKEY *pkey, int dgst) +{ + int len; + size_t crlen; + size_t siglen; + unsigned char *crder = NULL, *sig = NULL; + int alg_nid = 0; + int md_nid = 0; + const EVP_MD *alg = NULL; + EVP_MD_CTX *ctx = NULL; + int ret = 0; + + if (ps == NULL || cr == NULL || pkey == NULL) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_NULL_ARGUMENT); + return 0; + } + + /* OpenSSL defaults all bit strings to be encoded as ASN.1 NamedBitList */ + ps->signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); + ps->signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; + + len = i2d_OSSL_CRMF_CERTREQUEST(cr, &crder); + if (len < 0 || crder == NULL) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_ERROR); + goto err; + } + crlen = (size_t)len; + + if (!OBJ_find_sigid_by_algs(&alg_nid, dgst, EVP_PKEY_id(pkey))) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, + CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY); + goto err; + } + if (!OBJ_find_sigid_algs(alg_nid, &md_nid, NULL) + || (alg = EVP_get_digestbynid(md_nid)) == NULL) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, + CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY); + goto err; + } + if (!X509_ALGOR_set0(ps->algorithmIdentifier, OBJ_nid2obj(alg_nid), + V_ASN1_NULL, NULL) + || (ctx = EVP_MD_CTX_new()) == NULL + || EVP_DigestSignInit(ctx, NULL, alg, NULL, pkey) <= 0 + || EVP_DigestSignUpdate(ctx, crder, crlen) <= 0 + || EVP_DigestSignFinal(ctx, NULL, &siglen) <= 0) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_ERROR); + goto err; + } + if ((sig = OPENSSL_malloc(siglen)) == NULL) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, ERR_R_MALLOC_FAILURE); + goto err; + } + if (EVP_DigestSignFinal(ctx, sig, &siglen) <= 0 + || !ASN1_BIT_STRING_set(ps->signature, sig, siglen)) { + CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_ERROR); + goto err; + } + ret = 1; + + err: + OPENSSL_free(crder); + EVP_MD_CTX_free(ctx); + OPENSSL_free(sig); + return ret; +} + + +int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, + int dgst, int ppmtd) +{ + OSSL_CRMF_POPO *pp = NULL; + ASN1_INTEGER *tag = NULL; + + if (crm == NULL || (ppmtd == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) { + CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, CRMF_R_NULL_ARGUMENT); + return 0; + } + + if (ppmtd == OSSL_CRMF_POPO_NONE) + goto end; + if ((pp = OSSL_CRMF_POPO_new()) == NULL) + goto oom; + pp->type = ppmtd; + + switch (ppmtd) { + case OSSL_CRMF_POPO_RAVERIFIED: + if ((pp->value.raVerified = ASN1_NULL_new()) == NULL) + goto oom; + break; + + case OSSL_CRMF_POPO_SIGNATURE: + { + OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new(); + if (ps == NULL + || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)){ + OSSL_CRMF_POPOSIGNINGKEY_free(ps); + goto err; + } + pp->value.signature = ps; + } + break; + + case OSSL_CRMF_POPO_KEYENC: + if ((pp->value.keyEncipherment = OSSL_CRMF_POPOPRIVKEY_new()) == NULL) + goto oom; + tag = ASN1_INTEGER_new(); + pp->value.keyEncipherment->type = + OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE; + pp->value.keyEncipherment->value.subsequentMessage = tag; + if (tag == NULL + || !ASN1_INTEGER_set(tag, OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT)) + goto oom; + break; + + default: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, + CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO); + goto err; + } + + end: + OSSL_CRMF_POPO_free(crm->popo); + crm->popo = pp; + + return 1; + oom: + CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, ERR_R_MALLOC_FAILURE); + err: + OSSL_CRMF_POPO_free(pp); + return 0; +} + +/* returns 0 for equal, -1 for a < b or error on a, 1 for a > b or error on b */ +static int X509_PUBKEY_cmp(X509_PUBKEY *a, X509_PUBKEY *b) +{ + X509_ALGOR *algA = NULL, *algB = NULL; + int res = 0; + + if (a == b) + return 0; + if (a == NULL || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algA, a) + || algA == NULL) + return -1; + if (b == NULL || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &algB, b) + || algB == NULL) + return 1; + if ((res = X509_ALGOR_cmp(algA, algB)) != 0) + return res; + return EVP_PKEY_cmp(X509_PUBKEY_get0(a), X509_PUBKEY_get0(b)); +} + +/* verifies the Proof-of-Possession of the request with the given rid in reqs */ +int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, + int rid, int acceptRAVerified) +{ + OSSL_CRMF_MSG *req = NULL; + X509_PUBKEY *pubkey = NULL; + OSSL_CRMF_POPOSIGNINGKEY *sig = NULL; + + if (reqs == NULL + || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL + || req->popo == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, + CRMF_R_NULL_ARGUMENT); + return 0; + } + + switch (req->popo->type) { + case OSSL_CRMF_POPO_RAVERIFIED: + if (acceptRAVerified) + return 1; + break; + case OSSL_CRMF_POPO_SIGNATURE: + pubkey = req->certReq->certTemplate->publicKey; + sig = req->popo->value.signature; + if (sig->poposkInput != NULL) { + /* + * According to RFC 4211: publicKey contains a copy of + * the public key from the certificate template. This MUST be + * exactly the same value as contained in the certificate template. + */ + if (pubkey == NULL + || sig->poposkInput->publicKey == NULL + || X509_PUBKEY_cmp(pubkey, sig->poposkInput->publicKey) + || ASN1_item_verify( + ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT), + sig->algorithmIdentifier, sig->signature, + sig->poposkInput, X509_PUBKEY_get0(pubkey)) < 1) + break; + } else { + if (pubkey == NULL + || req->certReq->certTemplate->subject == NULL + || ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST), + sig->algorithmIdentifier, sig->signature, + req->certReq, + X509_PUBKEY_get0(pubkey)) < 1) + break; + } + return 1; + case OSSL_CRMF_POPO_KEYENC: + /* + * TODO: when OSSL_CMP_certrep_new() supports encrypted certs, + * return 1 if the type of req->popo->value.keyEncipherment + * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and + * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT + */ + case OSSL_CRMF_POPO_KEYAGREE: + default: + CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, + CRMF_R_UNSUPPORTED_POPO_METHOD); + return 0; + } + CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, + CRMF_R_UNSUPPORTED_POPO_NOT_ACCEPTED); + return 0; +} + +/* retrieves the serialNumber of the given cert template or NULL on error */ +ASN1_INTEGER *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(OSSL_CRMF_CERTTEMPLATE *tmpl) +{ + return tmpl != NULL ? tmpl->serialNumber : NULL; +} + +/* retrieves the issuer name of the given cert template or NULL on error */ +X509_NAME *OSSL_CRMF_CERTTEMPLATE_get0_issuer(OSSL_CRMF_CERTTEMPLATE *tmpl) +{ + return tmpl != NULL ? tmpl->issuer : NULL; +} + +/* + * fill in certificate template. + * Any value argument that is NULL will leave the respective field unchanged. + */ +int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, + EVP_PKEY *pubkey, + const X509_NAME *subject, + const X509_NAME *issuer, + const ASN1_INTEGER *serial) +{ + if (tmpl == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, CRMF_R_NULL_ARGUMENT); + return 0; + } + if (subject != NULL && !X509_NAME_set(&tmpl->subject, subject)) + goto oom; + if (issuer != NULL && !X509_NAME_set(&tmpl->issuer, issuer)) + goto oom; + if (serial != NULL) { + ASN1_INTEGER_free(tmpl->serialNumber); + if ((tmpl->serialNumber = ASN1_INTEGER_dup(serial)) == NULL) + goto oom; + } + if (pubkey != NULL && !X509_PUBKEY_set(&tmpl->publicKey, pubkey)) + goto oom; + return 1; + + oom: + CRMFerr(CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, ERR_R_MALLOC_FAILURE); + return 0; +} + + +/*- + * Decrypts the certificate in the given encryptedValue + * this is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2 + * + * returns a pointer to the decrypted certificate + * returns NULL on error or if no certificate available + */ +X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(OSSL_CRMF_ENCRYPTEDVALUE *ecert, + EVP_PKEY *pkey) +{ + X509 *cert = NULL; /* decrypted certificate */ + EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */ + unsigned char *ek = NULL; /* decrypted symmetric encryption key */ + const EVP_CIPHER *cipher = NULL; /* used cipher */ + unsigned char *iv = NULL; /* initial vector for symmetric encryption */ + unsigned char *outbuf = NULL; /* decryption output buffer */ + const unsigned char *p = NULL; /* needed for decoding ASN1 */ + int symmAlg = 0; /* NIDs for symmetric algorithm */ + int n, outlen = 0; + EVP_PKEY_CTX *pkctx = NULL; /* private key context */ + + if (ecert == NULL || ecert->symmAlg == NULL || ecert->encSymmKey == NULL + || ecert->encValue == NULL || pkey == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_NULL_ARGUMENT); + return NULL; + } + if ((symmAlg = OBJ_obj2nid(ecert->symmAlg->algorithm)) == 0) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_UNSUPPORTED_CIPHER); + return NULL; + } + + /* first the symmetric key needs to be decrypted */ + pkctx = EVP_PKEY_CTX_new(pkey, NULL); + if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) { + ASN1_BIT_STRING *encKey = ecert->encSymmKey; + size_t eksize = 0; + + if (EVP_PKEY_decrypt(pkctx, NULL, &eksize, encKey->data, encKey->length) + <= 0 + || (ek = OPENSSL_malloc(eksize)) == NULL + || EVP_PKEY_decrypt(pkctx, ek, &eksize, encKey->data, + encKey->length) <= 0) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY); + goto end; + } + } else { + goto oom; + } + + /* select symmetric cipher based on algorithm given in message */ + if ((cipher = EVP_get_cipherbynid(symmAlg)) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_UNSUPPORTED_CIPHER); + goto end; + } + if ((iv = OPENSSL_malloc(EVP_CIPHER_iv_length(cipher))) == NULL) + goto oom; + if (ASN1_TYPE_get_octetstring(ecert->symmAlg->parameter, iv, + EVP_CIPHER_iv_length(cipher)) + != EVP_CIPHER_iv_length(cipher)) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_MALFORMED_IV); + goto end; + } + + /* + * d2i_X509 changes the given pointer, so use p for decoding the message and + * keep the original pointer in outbuf so the memory can be freed later + */ + if ((p = outbuf = OPENSSL_malloc(ecert->encValue->length + + EVP_CIPHER_block_size(cipher))) == NULL + || (evp_ctx = EVP_CIPHER_CTX_new()) == NULL) + goto oom; + EVP_CIPHER_CTX_set_padding(evp_ctx, 0); + + if (!EVP_DecryptInit(evp_ctx, cipher, ek, iv) + || !EVP_DecryptUpdate(evp_ctx, outbuf, &outlen, + ecert->encValue->data, + ecert->encValue->length) + || !EVP_DecryptFinal(evp_ctx, outbuf + outlen, &n)) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_ERROR_DECRYPTING_CERTIFICATE); + goto end; + } + outlen += n; + + /* convert decrypted certificate from DER to internal ASN.1 structure */ + if ((cert = d2i_X509(NULL, &p, outlen)) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, + CRMF_R_ERROR_DECODING_CERTIFICATE); + } + goto end; + + oom: + CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, ERR_R_MALLOC_FAILURE); + end: + EVP_PKEY_CTX_free(pkctx); + OPENSSL_free(outbuf); + EVP_CIPHER_CTX_free(evp_ctx); + OPENSSL_free(ek); + OPENSSL_free(iv); + return cert; +} diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c new file mode 100644 index 0000000..60d06d4 --- /dev/null +++ b/crypto/crmf/crmf_pbm.c @@ -0,0 +1,231 @@ +/*- + * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright Nokia 2007-2018 + * Copyright Siemens AG 2015-2018 + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + * + * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. + */ + + +#include +#include + +#include "crmf_int.h" + +/* explicit #includes not strictly needed since implied by the above: */ +#include +#include +#include +#include + +/*- + * creates and initializes OSSL_CRMF_PBMPARAMETER (section 4.4) + * |slen| SHOULD be > 8 (16 is common) + * |owfnid| e.g., NID_sha256 + * |itercnt| MUST be > 100 (500 is common) + * |macnid| e.g., NID_hmac_sha1 + * returns pointer to OSSL_CRMF_PBMPARAMETER on success, NULL on error + */ +OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, + int itercnt, int macnid) +{ + OSSL_CRMF_PBMPARAMETER *pbm = NULL; + unsigned char *salt = NULL; + + if ((pbm = OSSL_CRMF_PBMPARAMETER_new()) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, ERR_R_MALLOC_FAILURE); + goto err; + } + + /* + * salt contains a randomly generated value used in computing the key + * of the MAC process. The salt SHOULD be at least 8 octets (64 + * bits) long. + */ + if ((salt = OPENSSL_malloc(slen)) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, ERR_R_MALLOC_FAILURE); + goto err; + } + if (RAND_bytes(salt, (int)slen) <= 0) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_FAILURE_OBTAINING_RANDOM); + goto err; + } + if (!ASN1_OCTET_STRING_set(pbm->salt, salt, (int)slen)) + goto err; + + /* + * owf identifies the hash algorithm and associated parameters used to + * compute the key used in the MAC process. All implementations MUST + * support SHA-1. + */ + if (!X509_ALGOR_set0(pbm->owf, OBJ_nid2obj(owfnid), V_ASN1_UNDEF, NULL)) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_SETTING_OWF_ALGOR_FAILURE); + goto err; + } + + /* + * iterationCount identifies the number of times the hash is applied + * during the key computation process. The iterationCount MUST be a + * minimum of 100. Many people suggest using values as high as 1000 + * iterations as the minimum value. The trade off here is between + * protection of the password from attacks and the time spent by the + * server processing all of the different iterations in deriving + * passwords. Hashing is generally considered a cheap operation but + * this may not be true with all hash functions in the future. + */ + if (itercnt < 100) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_ITERATIONCOUNT_BELOW_100); + goto err; + } + + if (!ASN1_INTEGER_set(pbm->iterationCount, itercnt)) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_CRMFERROR); + goto err; + } + + /* + * mac identifies the algorithm and associated parameters of the MAC + * function to be used. All implementations MUST support HMAC-SHA1 [HMAC]. + * All implementations SHOULD support DES-MAC and Triple-DES-MAC [PKCS11]. + */ + if (!X509_ALGOR_set0(pbm->mac, OBJ_nid2obj(macnid), V_ASN1_UNDEF, NULL)) { + CRMFerr(CRMF_F_OSSL_CRMF_PBMP_NEW, CRMF_R_SETTING_MAC_ALGOR_FAILURE); + goto err; + } + + OPENSSL_free(salt); + return pbm; + err: + OPENSSL_free(salt); + OSSL_CRMF_PBMPARAMETER_free(pbm); + return NULL; +} + +/*- + * calculates the PBM based on the settings of the given OSSL_CRMF_PBMPARAMETER + * |pbmp| identifies the algorithms, salt to use + * |msg| message to apply the PBM for + * |msglen| length of the message + * |sec| key to use + * |seclen| length of the key + * |mac| pointer to the computed mac, will be set on success + * |maclen| if not NULL, will set variable to the length of the mac on success + * returns 1 on success, 0 on error + */ +int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, + const unsigned char *msg, size_t msglen, + const unsigned char *sec, size_t seclen, + unsigned char **mac, size_t *maclen) +{ + int mac_nid, hmac_md_nid = NID_undef; + const EVP_MD *m = NULL; + EVP_MD_CTX *ctx = NULL; + unsigned char basekey[EVP_MAX_MD_SIZE]; + unsigned int bklen = EVP_MAX_MD_SIZE; + int64_t iterations; + unsigned char *mac_res = 0; + int ok = 0; + EVP_MAC_CTX *mctx = NULL; + + if (mac == NULL || pbmp == NULL || pbmp->mac == NULL + || pbmp->mac->algorithm == NULL || msg == NULL || sec == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, CRMF_R_NULL_ARGUMENT); + goto err; + } + if ((mac_res = OPENSSL_malloc(EVP_MAX_MD_SIZE)) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, ERR_R_MALLOC_FAILURE); + goto err; + } + + /* + * owf identifies the hash algorithm and associated parameters used to + * compute the key used in the MAC process. All implementations MUST + * support SHA-1. + */ + if ((m = EVP_get_digestbyobj(pbmp->owf->algorithm)) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, CRMF_R_UNSUPPORTED_ALGORITHM); + goto err; + } + + if ((ctx = EVP_MD_CTX_new()) == NULL) { + CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, ERR_R_MALLOC_FAILURE); + goto err; + } + + /* compute the basekey of the salted secret */ + if (!EVP_DigestInit_ex(ctx, m, NULL)) + goto err; + /* first the secret */ + if (!EVP_DigestUpdate(ctx, sec, seclen)) + goto err; + /* then the salt */ + if (!EVP_DigestUpdate(ctx, pbmp->salt->data, pbmp->salt->length)) + goto err; + if (!EVP_DigestFinal_ex(ctx, basekey, &bklen)) + goto err; + if (!ASN1_INTEGER_get_int64(&iterations, pbmp->iterationCount) + || iterations < 100 /* min from RFC */ + || iterations > OSSL_CRMF_PBM_MAX_ITERATION_COUNT) { + CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, CRMF_R_BAD_PBM_ITERATIONCOUNT); + goto err; + } + + /* the first iteration was already done above */ + while (--iterations > 0) { + if (!EVP_DigestInit_ex(ctx, m, NULL)) + goto err; + if (!EVP_DigestUpdate(ctx, basekey, bklen)) + goto err; + if (!EVP_DigestFinal_ex(ctx, basekey, &bklen)) + goto err; + } + + /* + * mac identifies the algorithm and associated parameters of the MAC + * function to be used. All implementations MUST support HMAC-SHA1 [HMAC]. + * All implementations SHOULD support DES-MAC and Triple-DES-MAC [PKCS11]. + */ + mac_nid = OBJ_obj2nid(pbmp->mac->algorithm); + + if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, mac_nid, NULL, &hmac_md_nid, NULL) + || ((m = EVP_get_digestbynid(hmac_md_nid)) == NULL)) { + CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, CRMF_R_UNSUPPORTED_ALGORITHM); + goto err; + } + + if ((mctx = EVP_MAC_CTX_new(EVP_get_macbyname("HMAC"))) == NULL + || EVP_MAC_ctrl(mctx, EVP_MAC_CTRL_SET_MD, m) <= 0 + || EVP_MAC_ctrl(mctx, EVP_MAC_CTRL_SET_KEY, basekey, bklen) <= 0 + || !EVP_MAC_init(mctx) + || !EVP_MAC_update(mctx, msg, msglen) + || !EVP_MAC_final(mctx, mac_res, maclen)) + goto err; + + ok = 1; + + err: + /* cleanup */ + OPENSSL_cleanse(basekey, bklen); + EVP_MAC_CTX_free(mctx); + EVP_MD_CTX_free(ctx); + + if (ok == 1) { + *mac = mac_res; + return 1; + } + + OPENSSL_free(mac_res); + + if (pbmp != NULL && pbmp->mac != NULL) { + char buf[128]; + + if (OBJ_obj2txt(buf, sizeof(buf), pbmp->mac->algorithm, 0)) + ERR_add_error_data(1, buf); + } + return 0; +} diff --git a/crypto/err/err.c b/crypto/err/err.c index 3aa3dae..63dcfc3 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -58,6 +58,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = { {ERR_PACK(ERR_LIB_UI, 0, 0), "UI routines"}, {ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"}, {ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"}, + {ERR_PACK(ERR_LIB_CRMF, 0, 0), "CRMF routines"}, {ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"}, {ERR_PACK(ERR_LIB_CT, 0, 0), "CT routines"}, {ERR_PACK(ERR_LIB_ASYNC, 0, 0), "ASYNC routines"}, diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index 4bf020c..1166b01 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -34,6 +34,7 @@ #include #include #include +#include #include #include #include @@ -90,6 +91,9 @@ int err_load_crypto_strings_int(void) # ifndef OPENSSL_NO_CMS ERR_load_CMS_strings() == 0 || # endif +# ifndef OPENSSL_NO_CMP + ERR_load_CRMF_strings() == 0 || +# endif # ifndef OPENSSL_NO_CT ERR_load_CT_strings() == 0 || # endif diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 901a847..a204434 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -29,6 +29,7 @@ L UI include/openssl/ui.h crypto/ui/ui_err.c L COMP include/openssl/comp.h crypto/comp/comp_err.c L TS include/openssl/ts.h crypto/ts/ts_err.c L CMS include/openssl/cms.h crypto/cms/cms_err.c +L CRMF include/openssl/crmf.h crypto/crmf/crmf_err.c L CT include/openssl/ct.h crypto/ct/ct_err.c L ASYNC include/openssl/async.h crypto/async/async_err.c L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 8ae11ca..cb58f42 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -348,6 +348,28 @@ CONF_F_NCONF_NEW:111:NCONF_new CONF_F_PROCESS_INCLUDE:116:process_include CONF_F_SSL_MODULE_INIT:123:ssl_module_init CONF_F_STR_COPY:101:str_copy +CRMF_F_CRMF_POPOSIGNINGKEY_INIT:100:CRMF_poposigningkey_init +CRMF_F_OSSL_CRMF_CERTID_GEN:101:OSSL_CRMF_CERTID_gen +CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL:102:OSSL_CRMF_CERTTEMPLATE_fill +CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT:103:\ + OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert +CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO:104:OSSL_CRMF_MSGS_verify_popo +CRMF_F_OSSL_CRMF_MSG_CREATE_POPO:105:OSSL_CRMF_MSG_create_popo +CRMF_F_OSSL_CRMF_MSG_GET0_TMPL:106:OSSL_CRMF_MSG_get0_tmpl +CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID:107:OSSL_CRMF_MSG_get_certReqId +CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO:108:\ + OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo +CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION:109:OSSL_CRMF_MSG_push0_extension +CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL:110:OSSL_CRMF_MSG_push0_regCtrl +CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO:111:OSSL_CRMF_MSG_push0_regInfo +CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS:112:OSSL_CRMF_MSG_set0_extensions +CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO:113:OSSL_CRMF_MSG_set0_SinglePubInfo +CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID:114:OSSL_CRMF_MSG_set_certReqId +CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION:115:\ + OSSL_CRMF_MSG_set_PKIPublicationInfo_action +CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY:116:OSSL_CRMF_MSG_set_validity +CRMF_F_OSSL_CRMF_PBMP_NEW:117:OSSL_CRMF_pbmp_new +CRMF_F_OSSL_CRMF_PBM_NEW:118:OSSL_CRMF_pbm_new CRYPTO_F_CMAC_CTX_NEW:120:CMAC_CTX_new CRYPTO_F_CRYPTO_DUP_EX_DATA:110:CRYPTO_dup_ex_data CRYPTO_F_CRYPTO_FREE_EX_DATA:111:CRYPTO_free_ex_data @@ -2103,6 +2125,25 @@ CONF_R_UNABLE_TO_CREATE_NEW_SECTION:103:unable to create new section CONF_R_UNKNOWN_MODULE_NAME:113:unknown module name CONF_R_VARIABLE_EXPANSION_TOO_LONG:116:variable expansion too long CONF_R_VARIABLE_HAS_NO_VALUE:104:variable has no value +CRMF_R_BAD_PBM_ITERATIONCOUNT:100:bad pbm iterationcount +CRMF_R_MALFORMED_IV:101:malformed iv +CRMF_R_CRMFERROR:102:crmferror +CRMF_R_ERROR:103:error +CRMF_R_ERROR_DECODING_CERTIFICATE:104:error decoding certificate +CRMF_R_ERROR_DECRYPTING_CERTIFICATE:105:error decrypting certificate +CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY:106:error decrypting symmetric key +CRMF_R_FAILURE_OBTAINING_RANDOM:107:failure obtaining random +CRMF_R_ITERATIONCOUNT_BELOW_100:108:iterationcount below 100 +CRMF_R_NULL_ARGUMENT:109:null argument +CRMF_R_SETTING_MAC_ALGOR_FAILURE:110:setting mac algor failure +CRMF_R_SETTING_OWF_ALGOR_FAILURE:111:setting owf algor failure +CRMF_R_UNSUPPORTED_ALGORITHM:112:unsupported algorithm +CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY:113:unsupported alg for popsigningkey +CRMF_R_UNSUPPORTED_CIPHER:114:unsupported cipher +CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO:115:\ + unsupported method for creating popo +CRMF_R_UNSUPPORTED_POPO_METHOD:116:unsupported popo method +CRMF_R_UNSUPPORTED_POPO_NOT_ACCEPTED:117:unsupported popo not accepted CRYPTO_R_FIPS_MODE_NOT_SUPPORTED:101:fips mode not supported CRYPTO_R_ILLEGAL_HEX_DIGIT:102:illegal hex digit CRYPTO_R_ODD_NUMBER_OF_DIGITS:103:odd number of digits diff --git a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod new file mode 100644 index 0000000..fbce702 --- /dev/null +++ b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod @@ -0,0 +1,66 @@ +=pod + +=head1 NAME + +OSSL_CRMF_MSG_get0_tmpl, +OSSL_CRMF_CERTTEMPLATE_get0_serialNumber, +OSSL_CRMF_CERTTEMPLATE_get0_issuer, +OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert, +OSSL_CRMF_MSG_get_certReqId +- functions reading from CRMF CertReqMsg structures + +=head1 SYNOPSIS + + #include + + OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); + ASN1_INTEGER + *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(OSSL_CRMF_CERTTEMPLATE *tmpl); + X509_NAME *OSSL_CRMF_CERTTEMPLATE_get0_issuer(OSSL_CRMF_CERTTEMPLATE *tmpl); + + X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(OSSL_CRMF_ENCRYPTEDVALUE *ecert, + EVP_PKEY *pkey); + + int OSSL_CRMF_MSG_get_certReqId(OSSL_CRMF_MSG *crm); + + +=head1 DESCRIPTION + +OSSL_CRMF_MSG_get0_tmpl() retrieves the certificate template of B. + +OSSL_CRMF_CERTTEMPLATE_get0_serialNumber() retrieves the serialNumber of the +given certificate template B. + +OSSL_CRMF_CERTTEMPLATE_get0_issuer() retrieves the issuer name of the +given certificate template B. + +OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert() decrypts the certificate in the given +encryptedValue B, using the private key B. +This is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2. +The function returns the decrypted certificate as a copy, leaving its ownership +with the caller, who is responsible for freeing it. + +OSSL_CRMF_MSG_get_certReqId() retrieves the certReqId of B. + + +=head1 RETURN VALUES + +OSSL_CRMF_MSG_get_certReqId() returns the certificate request ID as a +non-negative integer or -1 on error. + +All other functions return a pointer with the intended result or NULL on error. + +=head1 SEE ALSO + +B + +=head1 COPYRIGHT + +Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod new file mode 100644 index 0000000..851bd13 --- /dev/null +++ b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod @@ -0,0 +1,106 @@ +=pod + +=head1 NAME + +OSSL_CRMF_MSG_set1_regCtrl_regToken, +OSSL_CRMF_MSG_set1_regCtrl_authenticator, +OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo, +OSSL_CRMF_MSG_set0_SinglePubInfo, +OSSL_CRMF_MSG_set_PKIPublicationInfo_action, +OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo, +OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey, +OSSL_CRMF_MSG_set1_regCtrl_oldCertID, +OSSL_CRMF_CERTID_gen +- functions setting CRMF Registration Controls + +=head1 SYNOPSIS + + #include + + int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, + const ASN1_UTF8STRING *tok); + int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, + const ASN1_UTF8STRING *auth); + int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo( + OSSL_CRMF_PKIPUBLICATIONINFO *pi, + OSSL_CRMF_SINGLEPUBINFO *spi); + int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, + int method, GENERAL_NAME *nm); + int OSSL_CRMF_MSG_set_PKIPublicationInfo_action( + OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action); + int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, + const OSSL_CRMF_PKIPUBLICATIONINFO *pi); + int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, + const X509_PUBKEY *pubkey); + int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, + const OSSL_CRMF_CERTID *cid); + OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, + const ASN1_INTEGER *serial); + +=head1 DESCRIPTION + +OSSL_CRMF_MSG_set1_regCtrl_regToken() sets the regToken control in the given +B copying the given B as value. See RFC 4211, section 6.1. + +OSSL_CRMF_MSG_set1_regCtrl_authenticator() sets the authenticator control in +the given B copying the given B as value. See RFC 4211, section 6.2. + +OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo() pushes the given B +to B. Consumes the B pointer. + +OSSL_CRMF_MSG_set0_SinglePubInfo() sets in the given SinglePubInfo B +the B and publication location, in the form of a GeneralName, B. +The publication location is optional, and therefore B may be NULL. +The function consumes the B pointer if present. +Available methods are: + # define OSSL_CRMF_PUB_METHOD_DONTCARE 0 + # define OSSL_CRMF_PUB_METHOD_X500 1 + # define OSSL_CRMF_PUB_METHOD_WEB 2 + # define OSSL_CRMF_PUB_METHOD_LDAP 3 + +OSSL_CRMF_MSG_set_PKIPublicationInfo_action() sets the action in the given B +using the given B as value. See RFC 4211, section 6.3. +Available actions are: + # define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 + # define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 + +OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo() sets the pkiPublicationInfo +control in the given B copying the given B as value. See RFC 4211, +section 6.3. + +OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey() sets the protocolEncrKey control in +the given B copying the given B as value. See RFC 4211, section 6.6. + +OSSL_CRMF_MSG_set1_regCtrl_oldCertID() sets the oldCertID control in the given +B copying the given B as value. See RFC 4211, section 6.5. + +OSSL_CRMF_CERTID_gen produces an OSSL_CRMF_CERTID_gen structure copying the +given B name and B number. + +=head1 RETURN VALUES + +OSSL_CRMF_CERTID_gen returns a pointer to the resulting structure +or NULL on error. + +All other functions return 1 on success, 0 on error. + +=head1 NOTES + +A function OSSL_CRMF_MSG_set1_regCtrl_pkiArchiveOptions() for setting an +Archive Options Control is not yet implemented due to missing features to +create the needed OSSL_CRMF_PKIARCHIVEOPTINS content. + +=head1 SEE ALSO + +RFC 4211 + +=head1 COPYRIGHT + +Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod new file mode 100644 index 0000000..9e33a4a --- /dev/null +++ b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod @@ -0,0 +1,49 @@ +=pod + +=head1 NAME + +OSSL_CRMF_MSG_set1_regInfo_utf8Pairs, +OSSL_CRMF_MSG_set1_regInfo_certReq +- functions setting CRMF Registration Info + +=head1 SYNOPSIS + + #include + + int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, + const ASN1_UTF8STRING *utf8pairs); + int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, + const OSSL_CRMF_CERTREQUEST *cr); + +=head1 DESCRIPTION + +OSSL_CRMF_MSG_set1_regInfo_utf8Pairs() adds a copy of the given B +value as utf8Pairs regInfo to the given B. See RFC 4211 section 7.1. + +OSSL_CRMF_MSG_set1_regInfo_certReq() adds a copy of the given B value +as certReq regInfo to the given B. See RFC 4211 section 7.2. + +=head1 RETURN VALUES + +All functions return 1 on success, 0 on error. + +=head1 NOTES + +Calling these functions multiple times adds multiple instances of the respective +control to the regInfo structure of the given B. While RFC 4211 expects +multiple utf8Pairs in one regInfo structure, it does not allow multiple certReq. + +=head1 SEE ALSO + +RFC 4211 + +=head1 COPYRIGHT + +Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_CRMF_MSG_set_validity.pod b/doc/man3/OSSL_CRMF_MSG_set_validity.pod new file mode 100644 index 0000000..b6ea32e --- /dev/null +++ b/doc/man3/OSSL_CRMF_MSG_set_validity.pod @@ -0,0 +1,105 @@ +=pod + +=head1 NAME + +OSSL_CRMF_MSG_set_validity, +OSSL_CRMF_MSG_set_certReqId, +OSSL_CRMF_CERTTEMPLATE_fill, +OSSL_CRMF_MSG_set0_extensions, +OSSL_CRMF_MSG_push0_extension, +OSSL_CRMF_MSG_create_popo, +OSSL_CRMF_MSGS_verify_popo +- functions populating and verifying CRMF CertReqMsg structures + +=head1 SYNOPSIS + + #include + + int OSSL_CRMF_MSG_set_validity(OSSL_CRMF_MSG *crm, time_t from, time_t to); + + int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); + + int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, + EVP_PKEY *pubkey, + const X509_NAME *subject, + const X509_NAME *issuer, + const ASN1_INTEGER *serial); + + int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, + X509_EXTENSIONS *exts); + + int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, + const X509_EXTENSION *ext); + + int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, + int dgst, int ppmtd); + + int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, + int rid, int acceptRAVerified); + +=head1 DESCRIPTION + +OSSL_CRMF_MSG_set_validity() sets B as notBefore and B as notAfter +as the validity in the certTemplate of B. + +OSSL_CRMF_MSG_set_certReqId() sets B as the certReqId of B. + +OSSL_CRMF_CERTTEMPLATE_fill() sets those fields of the certTemplate B +for which non-NULL values are provided: B, B, B, +and/or B. +On success the reference counter of the B (if given) is incremented, +while the B, B, and B structures (if given) are copied. + +OSSL_CRMF_MSG_set0_extensions() sets B as the extensions in the +certTemplate of B. Frees any pre-existing ones and consumes B. + +OSSL_CRMF_MSG_push0_extension() pushes the X509 extension B to the +extensions in the certTemplate of B. Consumes B. + +OSSL_CRMF_MSG_create_popo() creates and sets the Proof-of-Possession (POP) +according to the method B for B to B. In case the method is +OSSL_CRMF_POPO_SIGNATURE, POP is calculated using the B. + +B can be one of the following: + +=over 8 + +=item * OSSL_CRMF_POPO_NONE - RFC 4211, section 4, POP field omitted. +CA/RA uses out-of-band method to verify POP. Note that servers may fail in this +case, resulting for instance in HTTP error code 500 (Internal error). + +=item * OSSL_CRMF_POPO_RAVERIFIED - RFC 4211, section 4, explicit indication +that the RA has already verified the POP. + +=item * OSSL_CRMF_POPO_SIGNATURE - RFC 4211, section 4.1, only case 3 supported +so far. + +=item * OSSL_CRMF_POPO_KEYENC - RFC 4211, section 4.2, only indirect method +(subsequentMessage/enccert) supported, +challenge-response exchange (challengeResp) not yet supported. + +=item * OSSL_CRMF_POPO_KEYAGREE - RFC 4211, section 4.3, not yet supported. + +=back + +OSSL_CRMF_MSGS_verify_popo verifies the Proof-of-Possession of the request with +the given B in the list of B. Optionally accepts RAVerified. + +=head1 RETURN VALUES + +All functions return 1 on success, 0 on error. + +=head1 SEE ALSO + +RFC 4211 + +=head1 COPYRIGHT + +Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/OSSL_CRMF_pbmp_new.pod b/doc/man3/OSSL_CRMF_pbmp_new.pod new file mode 100644 index 0000000..a83209b --- /dev/null +++ b/doc/man3/OSSL_CRMF_pbmp_new.pod @@ -0,0 +1,78 @@ +=pod + +=head1 NAME + +OSSL_CRMF_pbm_new, +OSSL_CRMF_pbmp_new +- functions for producing Password-Based MAC (PBM) + +=head1 SYNOPSIS + + #include + + int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, + const unsigned char *msg, size_t msglen, + const unsigned char *sec, size_t seclen, + unsigned char **mac, size_t *maclen); + + OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t saltlen, int owfnid, + int itercnt, int macnid); + +=head1 DESCRIPTION + +OSSL_CRMF_pbm_new() generates a PBM (Password-Based MAC) based on given PBM +parameters B, message B, and secret B, along with the respective +lengths B and B. On success writes the adddress of the newly +allocated MAC via the B reference parameter and writes the length via the +B reference parameter unless it its NULL. + +The iteration count must be at least 100, as stipulated by RFC 4211, and is +limited to at most 100000 to avoid DoS through manipulated or otherwise +malformed input. + +OSSL_CRMF_pbmp_new() initializes and returns a new PBMParameter +structure with a new random salt of given length B, OWF (one-way +function) NID B, iteration count B, and MAC NID B. + +=head1 NOTES + +The algorithms for the OWF (one-way function) and for the MAC (message +authentication code) may be any with a NID defined in B. +As specified by RFC 4210, these should include NID_hmac_sha1. + +RFC 4210 recommends that the salt SHOULD be at least 8 bytes (64 bits) long. + +=head1 RETURN VALUES + +OSSL_CRMF_pbm_new() returns 1 on success, 0 on error. + +OSSL_CRMF_pbmp_new() returns a new and initialized OSSL_CRMF_PBMPARAMETER +structure, or NULL on error. + +=head1 EXAMPLE + + OSSL_CRMF_PBMPARAMETER *pbm = NULL; + unsigned char *msg = "Hello"; + unsigned char *sec = "SeCrEt"; + unsigned char *mac = NULL; + size_t maclen; + + if ((pbm = OSSL_CRMF_pbmp_new(16, NID_sha256, 500, NID_hmac_sha1) == NULL)) + goto err; + if (!OSSL_CRMF_pbm_new(pbm, msg, 5, sec, 6, &mac, &maclen)) + goto err; + +=head1 SEE ALSO + +RFC 4211 section 4.4 + +=head1 COPYRIGHT + +Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/X509_dup.pod b/doc/man3/X509_dup.pod index 8ad7648..2f51e45 100644 --- a/doc/man3/X509_dup.pod +++ b/doc/man3/X509_dup.pod @@ -116,6 +116,20 @@ OCSP_SIGNATURE_free, OCSP_SIGNATURE_new, OCSP_SINGLERESP_free, OCSP_SINGLERESP_new, +OSSL_CRMF_CERTID_free, +OSSL_CRMF_CERTID_new, +OSSL_CRMF_CERTTEMPLATE_free, +OSSL_CRMF_CERTTEMPLATE_new, +OSSL_CRMF_ENCRYPTEDVALUE_free, +OSSL_CRMF_ENCRYPTEDVALUE_new, +OSSL_CRMF_MSG_free, +OSSL_CRMF_MSG_new, +OSSL_CRMF_PBMPARAMETER_free, +OSSL_CRMF_PBMPARAMETER_new, +OSSL_CRMF_PKIPUBLICATIONINFO_free, +OSSL_CRMF_PKIPUBLICATIONINFO_new, +OSSL_CRMF_MSGS_free, +OSSL_CRMF_MSGS_new, OTHERNAME_free, OTHERNAME_new, PBE2PARAM_free, diff --git a/include/openssl/crmf.h b/include/openssl/crmf.h new file mode 100644 index 0000000..b4221a9 --- /dev/null +++ b/include/openssl/crmf.h @@ -0,0 +1,137 @@ +/*- + * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright Nokia 2007-2018 + * Copyright Siemens AG 2015-2018 + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + * + * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb. + */ + +#ifndef OSSL_HEADER_CRMF_H +# define OSSL_HEADER_CRMF_H + +# include + +# ifndef OPENSSL_NO_CMP +# include +# include +# include +# include /* for GENERAL_NAME etc. */ + +/* explicit #includes not strictly needed since implied by the above: */ +# include +# include + +# ifdef __cplusplus +extern "C" { +# endif + +# define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0 +# define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1 +# define OSSL_CRMF_POPOPRIVKEY_DHMAC 2 +# define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3 +# define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4 + +# define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0 +# define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1 + +typedef struct OSSL_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) +typedef struct OSSL_crmf_msg_st OSSL_CRMF_MSG; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG) +DEFINE_STACK_OF(OSSL_CRMF_MSG) +typedef struct OSSL_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE; +typedef struct OSSL_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) +typedef struct OSSL_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY; +typedef struct OSSL_crmf_certrequest_st OSSL_CRMF_CERTREQUEST; +typedef struct OSSL_crmf_certid_st OSSL_CRMF_CERTID; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) +DEFINE_STACK_OF(OSSL_CRMF_CERTID) + +typedef struct OSSL_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) +typedef struct OSSL_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) +typedef struct OSSL_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) +typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS; +DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) + +typedef struct OSSL_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; + +/* crmf_pbm.c */ +OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, + int itercnt, int macnid); +int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, + const unsigned char *msg, size_t msglen, + const unsigned char *sec, size_t seclen, + unsigned char **mac, size_t *maclen); + +/* crmf_lib.c */ +int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, + const ASN1_UTF8STRING *tok); +int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, + const ASN1_UTF8STRING *auth); +int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo( + OSSL_CRMF_PKIPUBLICATIONINFO *pi, + OSSL_CRMF_SINGLEPUBINFO *spi); +# define OSSL_CRMF_PUB_METHOD_DONTCARE 0 +# define OSSL_CRMF_PUB_METHOD_X500 1 +# define OSSL_CRMF_PUB_METHOD_WEB 2 +# define OSSL_CRMF_PUB_METHOD_LDAP 3 +int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, + int method, GENERAL_NAME *nm); +# define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 +# define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 +int OSSL_CRMF_MSG_set_PKIPublicationInfo_action( + OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action); +int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, + const OSSL_CRMF_PKIPUBLICATIONINFO *pi); +int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, + const X509_PUBKEY *pubkey); +int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, + const OSSL_CRMF_CERTID *cid); +OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, + const ASN1_INTEGER *serial); + +int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, + const ASN1_UTF8STRING *utf8pairs); +int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, + const OSSL_CRMF_CERTREQUEST *cr); + +int OSSL_CRMF_MSG_set_validity(OSSL_CRMF_MSG *crm, time_t from, time_t to); +int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); +int OSSL_CRMF_MSG_get_certReqId(OSSL_CRMF_MSG *crm); +int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts); + +int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, const X509_EXTENSION *ext); +# define OSSL_CRMF_POPO_NONE -1 +# define OSSL_CRMF_POPO_RAVERIFIED 0 +# define OSSL_CRMF_POPO_SIGNATURE 1 +# define OSSL_CRMF_POPO_KEYENC 2 +# define OSSL_CRMF_POPO_KEYAGREE 3 +int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, + int dgst, int ppmtd); +int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, + int rid, int acceptRAVerified); +OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); +ASN1_INTEGER *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(OSSL_CRMF_CERTTEMPLATE *t); +X509_NAME *OSSL_CRMF_CERTTEMPLATE_get0_issuer(OSSL_CRMF_CERTTEMPLATE *tmpl); +int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, + EVP_PKEY *pubkey, + const X509_NAME *subject, + const X509_NAME *issuer, + const ASN1_INTEGER *serial); +X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(OSSL_CRMF_ENCRYPTEDVALUE *ecert, + EVP_PKEY *pkey); + +# ifdef __cplusplus +} +# endif +# endif /* !defined OPENSSL_NO_CMP */ +#endif /* !defined OSSL_HEADER_CRMF_H */ diff --git a/include/openssl/crmferr.h b/include/openssl/crmferr.h new file mode 100644 index 0000000..06f90fb --- /dev/null +++ b/include/openssl/crmferr.h @@ -0,0 +1,69 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_CRMFERR_H +# define HEADER_CRMFERR_H + +# include + +# ifndef OPENSSL_NO_CMP + +# ifdef __cplusplus +extern "C" +# endif +int ERR_load_CRMF_strings(void); + +/* + * CRMF function codes. + */ +# define CRMF_F_CRMF_POPOSIGNINGKEY_INIT 100 +# define CRMF_F_OSSL_CRMF_CERTID_GEN 101 +# define CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL 102 +# define CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT 103 +# define CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO 104 +# define CRMF_F_OSSL_CRMF_MSG_CREATE_POPO 105 +# define CRMF_F_OSSL_CRMF_MSG_GET0_TMPL 106 +# define CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID 107 +# define CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO 108 +# define CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION 109 +# define CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL 110 +# define CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO 111 +# define CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS 112 +# define CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO 113 +# define CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID 114 +# define CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION 115 +# define CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY 116 +# define CRMF_F_OSSL_CRMF_PBMP_NEW 117 +# define CRMF_F_OSSL_CRMF_PBM_NEW 118 + +/* + * CRMF reason codes. + */ +# define CRMF_R_BAD_PBM_ITERATIONCOUNT 100 +# define CRMF_R_MALFORMED_IV 101 +# define CRMF_R_CRMFERROR 102 +# define CRMF_R_ERROR 103 +# define CRMF_R_ERROR_DECODING_CERTIFICATE 104 +# define CRMF_R_ERROR_DECRYPTING_CERTIFICATE 105 +# define CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY 106 +# define CRMF_R_FAILURE_OBTAINING_RANDOM 107 +# define CRMF_R_ITERATIONCOUNT_BELOW_100 108 +# define CRMF_R_NULL_ARGUMENT 109 +# define CRMF_R_SETTING_MAC_ALGOR_FAILURE 110 +# define CRMF_R_SETTING_OWF_ALGOR_FAILURE 111 +# define CRMF_R_UNSUPPORTED_ALGORITHM 112 +# define CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY 113 +# define CRMF_R_UNSUPPORTED_CIPHER 114 +# define CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO 115 +# define CRMF_R_UNSUPPORTED_POPO_METHOD 116 +# define CRMF_R_UNSUPPORTED_POPO_NOT_ACCEPTED 117 + +# endif +#endif diff --git a/include/openssl/err.h b/include/openssl/err.h index 0d6956c..fded82c 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -96,6 +96,7 @@ typedef struct err_state_st { # define ERR_LIB_SM2 53 # define ERR_LIB_ESS 54 # define ERR_LIB_PROP 55 +# define ERR_LIB_CRMF 56 # define ERR_LIB_USER 128 @@ -129,6 +130,7 @@ typedef struct err_state_st { # define OSSL_STOREerr(f,r) ERR_PUT_error(ERR_LIB_OSSL_STORE,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) +# define CRMFerr(f,r) ERR_PUT_error(ERR_LIB_CRMF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define CTerr(f,r) ERR_PUT_error(ERR_LIB_CT,(f),(r),OPENSSL_FILE,OPENSSL_LINE) diff --git a/util/libcrypto.num b/util/libcrypto.num index 4243593..974d918 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4660,3 +4660,85 @@ OSSL_PROVIDER_unload 4615 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_add_builtin 4616 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_get_param_types 4617 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_get_params 4618 3_0_0 EXIST::FUNCTION: +d2i_OSSL_CRMF_ENCRYPTEDVALUE 4619 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_ENCRYPTEDVALUE 4620 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_ENCRYPTEDVALUE_free 4621 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_ENCRYPTEDVALUE_new 4622 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_ENCRYPTEDVALUE_it 4623 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_ENCRYPTEDVALUE_it 4624 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_ENCRYPTEDVALUE_it 4624 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_MSG 4625 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_MSG 4626 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_free 4627 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_new 4628 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_it 4629 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_MSG_it 4630 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_MSG_it 4630 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_PBMPARAMETER 4631 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_PBMPARAMETER 4632 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_PBMPARAMETER_free 4633 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_PBMPARAMETER_new 4634 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_PBMPARAMETER_it 4635 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_PBMPARAMETER_it 4636 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_PBMPARAMETER_it 4636 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_CERTID 4637 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_CERTID 4638 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTID_free 4639 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTID_new 4640 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTID_it 4641 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_CERTID_it 4642 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_CERTID_it 4642 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_PKIPUBLICATIONINFO 4643 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_PKIPUBLICATIONINFO 4644 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_PKIPUBLICATIONINFO_free 4645 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_PKIPUBLICATIONINFO_new 4646 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_PKIPUBLICATIONINFO_it 4647 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_PKIPUBLICATIONINFO_it 4648 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_PKIPUBLICATIONINFO_it 4648 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_SINGLEPUBINFO 4649 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_SINGLEPUBINFO 4650 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_SINGLEPUBINFO_free 4651 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_SINGLEPUBINFO_new 4652 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_SINGLEPUBINFO_it 4653 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_SINGLEPUBINFO_it 4654 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_SINGLEPUBINFO_it 4654 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_CERTTEMPLATE 4655 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_CERTTEMPLATE 4656 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTTEMPLATE_free 4657 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTTEMPLATE_new 4658 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTTEMPLATE_it 4659 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_CERTTEMPLATE_it 4660 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_CERTTEMPLATE_it 4660 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +d2i_OSSL_CRMF_MSGS 4661 3_0_0 EXIST::FUNCTION:CMP +i2d_OSSL_CRMF_MSGS 4662 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSGS_free 4663 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSGS_new 4664 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSGS_it 4665 3_0_0 NOEXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_MSGS_it 4666 3_0_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMP +OSSL_CRMF_MSGS_it 4666 3_0_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMP +OSSL_CRMF_pbmp_new 4667 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_pbm_new 4668 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regCtrl_regToken 4669 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regCtrl_authenticator 4670 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo 4671 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set0_SinglePubInfo 4672 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set_PKIPublicationInfo_action 4673 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo 4674 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey 4675 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regCtrl_oldCertID 4676 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTID_gen 4677 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regInfo_utf8Pairs 4678 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set1_regInfo_certReq 4679 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set_validity 4680 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set_certReqId 4681 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_get_certReqId 4682 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_set0_extensions 4683 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_push0_extension 4684 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_create_popo 4685 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSGS_verify_popo 4686 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_MSG_get0_tmpl 4687 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTTEMPLATE_get0_serialNumber 4688 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTTEMPLATE_get0_issuer 4689 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_CERTTEMPLATE_fill 4690 3_0_0 EXIST::FUNCTION:CMP +OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert 4691 3_0_0 EXIST::FUNCTION:CMP +ERR_load_CRMF_strings 4692 3_0_0 EXIST::FUNCTION:CMP From no-reply at appveyor.com Tue Mar 12 12:35:50 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 12:35:50 +0000 Subject: Build failed: openssl master.23383 Message-ID: <20190312123550.1.5F5150EAAC7A7D13@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Tue Mar 12 12:51:09 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 12 Mar 2019 12:51:09 +0000 Subject: Errored: openssl/openssl#23981 (master - a61b7f2) In-Reply-To: Message-ID: <5c87ab3d42d64_43fab8371b4d434975e@33e12c51-3518-4b79-95bc-eb0ab2361847.mail> Build Update for openssl/openssl ------------------------------------- Build: #23981 Status: Errored Duration: 19 mins and 40 secs Commit: a61b7f2 (master) Author: David von Oheimb Message: 2nd chunk: CRMF code (crypto/crmf/, ) and its integration in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7646) View the changeset: https://github.com/openssl/openssl/compare/eef721b0d02c...a61b7f2fa6de View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505196661?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Mar 12 13:39:57 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 12 Mar 2019 13:39:57 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-siphash Message-ID: <1552397997.772441.15877.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-siphash Commit log since last time: d1229190bf s390x assembly pack: import chacha from cryptogams repo c453283421 Add documentation 021a655277 Add provider tests 16c2f1bdb5 Add provider module infrastructure 3374dc03ed Replumbing: New public API to load or add providers 4c2883a9bf Replumbing: Add the Provider Object, type OSSL_PROVIDER 3f4e8d6604 Replumbing: Add MODULESDIR macro and OPENSSL_MODULES environment variable 98f29466dc fix truncation of integers on 32bit AIX 2a6a56073c Add regenerated header files b53c4fe3f9 util/mkerr.pl: Add an inclusion of symhacks.h in all error files 4d768e966f openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) 1b1ff9b94d sha/asm/keccak1600-ppc64.pl: up 10% performance improvement. Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_mac.t (Wstat: 512 Tests: 8 Failed: 1) Failed test: 1 Non-zero exit status: 2 Parse errors: Bad plan. You planned 18 tests but ran 8. Files=164, Tests=1472, 243 wallclock secs ( 2.66 usr 0.37 sys + 220.10 cusr 12.21 csys = 235.34 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-siphash' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Mar 12 14:17:46 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 14:17:46 +0000 Subject: Build completed: openssl master.23384 Message-ID: <20190312141746.1.3325AF36443D2AB9@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Mar 12 18:17:36 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 12 Mar 2019 18:17:36 +0000 Subject: [openssl] master update Message-ID: <1552414657.000645.1243.nullmailer@dev.openssl.org> The branch master has been updated via e2146e120f5bab21dcedfb34741141897f80e1ee (commit) via eabf91cd11e733142b238c24f7ce39974bcfcb70 (commit) via 7ffbd7ca9696ade5274068c29a8e03217f596e57 (commit) via 8c4412ed8fe80a8b92549d7e2db1359012074d65 (commit) from a61b7f2fa6de3bf8d5b1436e66c52d6bf7150ae4 (commit) - Log ----------------------------------------------------------------- commit e2146e120f5bab21dcedfb34741141897f80e1ee Author: Richard Levitte Date: Mon Mar 11 21:49:54 2019 +0100 Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR In unrelated code Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8451) commit eabf91cd11e733142b238c24f7ce39974bcfcb70 Author: Pauli Date: Fri Mar 8 16:33:12 2019 +1000 generated files Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8451) commit 7ffbd7ca9696ade5274068c29a8e03217f596e57 Author: Pauli Date: Fri Feb 22 12:21:33 2019 +1000 OSSL_PARAM helper functions. Provide a number of functions to allow parameters to be set and retrieved in a type safe manner. Functions are provided for many integral types plus double, BIGNUM, UTF8 strings and OCTET strings. All of the integer functions will widen the parameter data as required. This permits a degree of malleability in the parameter definition. For example a type can be changed from a thirty two bit integer to a sixty four bit one without changing application code. Only four and eight byte integral sizes are supported here. A pair of real functions are available for doubles. A pair of functions is available for BIGNUMs. These accept any sized unsigned integer input and convert to/from a BIGNUM. For each OCTET and UTF8 strings, four functions are defined. This provide get and set functionality for string and for pointers to strings. The latter avoiding copies but have other inherent risks. Finally, some utility macros and functions are defined to allow OSSL_PARAM definition arrays to be specified in a simple manner. There are two macro and one function for most types. The exception being BIGNUM, for which there is one macro and one function. Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8451) commit 8c4412ed8fe80a8b92549d7e2db1359012074d65 Author: Richard Levitte Date: Mon Mar 11 21:51:01 2019 +0100 Rename 'buffer' to 'data' in OSSL_PARAM The OSSL_PARAM attribute names |buffer| and |buffer_size| may lead to confusion, as they may make some think that the memory pointed at is an intermediate memory are. This is not generally the case, so we rename |buffer| and |buffer_size| to |data| and |data_size| Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8451) ----------------------------------------------------------------------- Summary of changes: crypto/build.info | 2 +- crypto/params.c | 725 +++++++++++++++++++++ crypto/provider_core.c | 8 +- doc/man3/OSSL_PARAM.pod | 88 +-- doc/man3/OSSL_PARAM_TYPE.pod | 312 +++++++++ include/openssl/core.h | 37 +- include/openssl/params.h | 186 ++++++ test/build.info | 6 +- test/p_test.c | 12 +- test/params_api_test.c | 627 ++++++++++++++++++ test/provider_internal_test.c | 4 +- test/provider_test.c | 4 +- .../{03-test_property.t => 03-test_params_api.t} | 2 +- test/testutil.h | 9 + test/testutil/tests.c | 1 + util/libcrypto.num | 46 ++ util/private.num | 15 + 17 files changed, 2008 insertions(+), 76 deletions(-) create mode 100644 crypto/params.c create mode 100644 doc/man3/OSSL_PARAM_TYPE.pod create mode 100644 include/openssl/params.h create mode 100644 test/params_api_test.c copy test/recipes/{03-test_property.t => 03-test_params_api.t} (89%) diff --git a/crypto/build.info b/crypto/build.info index a1ccad4..6497c2f 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -17,7 +17,7 @@ SOURCE[../libcrypto]=\ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \ threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c context.c sparse_array.c \ - trace.c provider.c \ + trace.c provider.c params.c \ {- $target{cpuid_asm_src} -} {- $target{uplink_aux_src} -} DEPEND[cversion.o]=buildinf.h diff --git a/crypto/params.c b/crypto/params.c new file mode 100644 index 0000000..a53d513 --- /dev/null +++ b/crypto/params.c @@ -0,0 +1,725 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "internal/thread_once.h" + +#define SET_RETURN_SIZE(p, sz) \ + if ((p)->return_size != NULL) \ + *(p)->return_size = (sz) + +const OSSL_PARAM *OSSL_PARAM_locate(const OSSL_PARAM *p, const char *key) +{ + if (p != NULL && key != NULL) + for (; p->key != NULL; p++) + if (strcmp(key, p->key) == 0) + return p; + return NULL; +} + +static OSSL_PARAM ossl_param_construct(const char *key, unsigned int data_type, + void *data, size_t data_size, + size_t *return_size) +{ + OSSL_PARAM res; + + res.key = key; + res.data_type = data_type; + res.data = data; + res.data_size = data_size; + res.return_size = return_size; + return res; +} + +int OSSL_PARAM_get_int(const OSSL_PARAM *p, int *val) +{ + if (val == NULL || p == NULL || p->data_type != OSSL_PARAM_INTEGER) + return 0; + + switch (p->data_size) { + case sizeof(int32_t): + if (sizeof(int) >= sizeof(int32_t)) { + *val = (int)*(const int32_t *)p->data; + return 1; + } + break; + case sizeof(int64_t): + if (sizeof(int) >= sizeof(int64_t)) { + *val = (int)*(const int64_t *)p->data; + return 1; + } + break; + } + return 0; +} + +int OSSL_PARAM_set_int(const OSSL_PARAM *p, int val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(int)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(int32_t): + if (sizeof(int32_t) >= sizeof(int)) { + SET_RETURN_SIZE(p, sizeof(int32_t)); + *(int32_t *)p->data = (int32_t)val; + return 1; + } + break; + case sizeof(int64_t): + if (sizeof(int64_t) >= sizeof(int)) { + SET_RETURN_SIZE(p, sizeof(int64_t)); + *(int64_t *)p->data = (int64_t)val; + return 1; + } + break; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_int(const char *key, int *buf, size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_INTEGER, buf, sizeof(int), + rsize); +} + +int OSSL_PARAM_get_uint(const OSSL_PARAM *p, unsigned int *val) +{ + if (val == NULL + || p == NULL + || (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER)) + return 0; + + switch (p->data_size) { + case sizeof(uint32_t): + if (sizeof(unsigned int) >= sizeof(uint32_t)) { + *val = (unsigned int)*(const uint32_t *)p->data; + return 1; + } + break; + case sizeof(uint64_t): + if (sizeof(unsigned int) >= sizeof(uint64_t)) { + *val = (unsigned int)*(const uint64_t *)p->data; + return 1; + } + break; + } + return 0; +} + +int OSSL_PARAM_set_uint(const OSSL_PARAM *p, unsigned int val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(unsigned int)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(uint32_t): + if (sizeof(uint32_t) >= sizeof(unsigned int)) { + SET_RETURN_SIZE(p, sizeof(uint32_t)); + *(uint32_t *)p->data = (uint32_t)val; + return 1; + } + break; + case sizeof(uint64_t): + if (sizeof(uint64_t) >= sizeof(unsigned int)) { + SET_RETURN_SIZE(p, sizeof(uint64_t)); + *(uint64_t *)p->data = (uint64_t)val; + return 1; + } + break; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_uint(const char *key, unsigned int *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER, buf, + sizeof(unsigned int), rsize); +} + +int OSSL_PARAM_get_long(const OSSL_PARAM *p, long int *val) +{ + if (val == NULL || p == NULL || (p->data_type != OSSL_PARAM_INTEGER)) + return 0; + + switch (p->data_size) { + case sizeof(int32_t): + if (sizeof(long int) >= sizeof(int32_t)) { + *val = (long int)*(const int32_t *)p->data; + return 1; + } break; + case sizeof(int64_t): + if (sizeof(long int) >= sizeof(int64_t)) { + *val = (long int)*(const int64_t *)p->data; + return 1; + } + break; + } + return 0; +} + +int OSSL_PARAM_set_long(const OSSL_PARAM *p, long int val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(long int)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(int32_t): + if (sizeof(int32_t) >= sizeof(long int)) { + SET_RETURN_SIZE(p, sizeof(int32_t)); + *(int32_t *)p->data = (int32_t)val; + return 1; + } + break; + case sizeof(int64_t): + if (sizeof(int64_t) >= sizeof(long int)) { + SET_RETURN_SIZE(p, sizeof(int64_t)); + *(int64_t *)p->data = (int64_t)val; + return 1; + } + break; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_long(const char *key, long int *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_INTEGER, buf, sizeof(long int), + rsize); +} + +int OSSL_PARAM_get_ulong(const OSSL_PARAM *p, unsigned long int *val) +{ + if (val == NULL + || p == NULL + || (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER)) + return 0; + + switch (p->data_size) { + case sizeof(uint32_t): + if (sizeof(unsigned long int) >= sizeof(uint32_t)) { + *val = (unsigned long int)*(const uint32_t *)p->data; + return 1; + } + break; + case sizeof(uint64_t): + if (sizeof(unsigned long int) >= sizeof(uint64_t)) { + *val = (unsigned long int)*(const uint64_t *)p->data; + return 1; + } + break; + } + return 0; +} + +int OSSL_PARAM_set_ulong(const OSSL_PARAM *p, unsigned long int val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(unsigned long int)); /* Minimum exp size */ + switch (p->data_size) { + case sizeof(uint32_t): + if (sizeof(uint32_t) >= sizeof(unsigned long int)) { + SET_RETURN_SIZE(p, sizeof(uint32_t)); + *(uint32_t *)p->data = (uint32_t)val; + return 1; + } + break; + case sizeof(uint64_t): + if (sizeof(uint64_t) >= sizeof(unsigned long int)) { + SET_RETURN_SIZE(p, sizeof(uint64_t)); + *(uint64_t *)p->data = (uint64_t)val; + return 1; + } + break; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_ulong(const char *key, unsigned long int *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER, buf, + sizeof(unsigned long int), rsize); +} + +int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val) +{ + if (val == NULL || p == NULL || (p->data_type != OSSL_PARAM_INTEGER)) + return 0; + + if (p->data_size == sizeof(int32_t)) { + *val = *(const int32_t *)p->data; + return 1; + } + return 0; +} + +int OSSL_PARAM_set_int32(const OSSL_PARAM *p, int32_t val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(int32_t)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(int32_t): + SET_RETURN_SIZE(p, sizeof(int32_t)); + *(int32_t *)p->data = val; + return 1; + case sizeof(int64_t): + SET_RETURN_SIZE(p, sizeof(int64_t)); + *(int64_t *)p->data = (int64_t)val; + return 1; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_int32(const char *key, int32_t *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_INTEGER, buf, + sizeof(int32_t), rsize); +} + +int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val) +{ + if (val == NULL + || p == NULL + || (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER)) + return 0; + + if (p->data_size == sizeof(uint32_t)) { + *val = *(const uint32_t *)p->data; + return 1; + } + return 0; +} + +int OSSL_PARAM_set_uint32(const OSSL_PARAM *p, uint32_t val) +{ + if (p == NULL) return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(uint32_t)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(uint32_t): + SET_RETURN_SIZE(p, sizeof(uint32_t)); + *(uint32_t *)p->data = val; + return 1; + case sizeof(uint64_t): + SET_RETURN_SIZE(p, sizeof(uint64_t)); + *(uint64_t *)p->data = (uint64_t)val; + return 1; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_uint32(const char *key, uint32_t *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER, buf, + sizeof(uint32_t), rsize); +} + +int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val) +{ + if (val == NULL || p == NULL || (p->data_type != OSSL_PARAM_INTEGER)) + return 0; + + switch (p->data_size) { + case sizeof(int32_t): + *val = (int64_t)*(const int32_t *)p->data; + return 1; + case sizeof(int64_t): + *val = *(const int64_t *)p->data; + return 1; + } + return 0; +} + +int OSSL_PARAM_set_int64(const OSSL_PARAM *p, int64_t val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(int64_t)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(int64_t): + SET_RETURN_SIZE(p, sizeof(int64_t)); + *(int64_t *)p->data = val; + return 1; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_int64(const char *key, int64_t *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_INTEGER, buf, sizeof(int64_t), + rsize); +} + +int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val) +{ + if (val == NULL + || p == NULL + || (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER)) + return 0; + + switch (p->data_size) { + case sizeof(uint32_t): + *val = (uint64_t)*(const uint32_t *)p->data; + return 1; + case sizeof(uint64_t): + *val = *(const uint64_t *)p->data; + return 1; + } + return 0; +} + +int OSSL_PARAM_set_uint64(const OSSL_PARAM *p, uint64_t val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(uint64_t)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(uint64_t): + SET_RETURN_SIZE(p, sizeof(uint64_t)); + *(uint64_t *)p->data = val; + return 1; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_uint64(const char *key, uint64_t *buf, + size_t *rsize) { + return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER, buf, + sizeof(uint64_t), rsize); +} + +int OSSL_PARAM_get_size_t(const OSSL_PARAM *p, size_t *val) +{ + if (val == NULL + || p == NULL + || p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + switch (p->data_size) { + case sizeof(uint32_t): + if (sizeof(size_t) >= sizeof(uint32_t)) { + *val = (size_t)*(const uint32_t *)p->data; + return 1; + } + break; + case sizeof(uint64_t): + if (sizeof(size_t) >= sizeof(uint64_t)) { + *val = (size_t)*(const uint64_t *)p->data; + return 1; + } + break; + } + return 0; +} + +int OSSL_PARAM_set_size_t(const OSSL_PARAM *p, size_t val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + SET_RETURN_SIZE(p, sizeof(size_t)); /* Minimum expected size */ + switch (p->data_size) { + case sizeof(uint32_t): + if (sizeof(uint32_t) >= sizeof(size_t)) { + SET_RETURN_SIZE(p, sizeof(uint32_t)); + *(uint32_t *)p->data = (uint32_t)val; + return 1; + } + break; + case sizeof(uint64_t): + SET_RETURN_SIZE(p, sizeof(uint64_t)); + if (sizeof(uint64_t) >= sizeof(size_t)) { + *(uint64_t *)p->data = (uint64_t)val; + return 1; + } + break; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_size_t(const char *key, size_t *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER, buf, + sizeof(size_t), rsize); } + +int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val) +{ + BIGNUM *b; + + if (val == NULL + || p == NULL + || p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + b = BN_native2bn(p->data, (int)p->data_size, *val); + if (b != NULL) { + *val = b; + return 1; + } + return 0; +} + +int OSSL_PARAM_set_BN(const OSSL_PARAM *p, const BIGNUM *val) +{ + size_t bytes; + + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (val == NULL || p->data_type != OSSL_PARAM_UNSIGNED_INTEGER) + return 0; + + bytes = (size_t)BN_num_bytes(val); + SET_RETURN_SIZE(p, bytes); + return p->data_size >= bytes + && BN_bn2nativepad(val, p->data, bytes) >= 0; +} + +OSSL_PARAM OSSL_PARAM_construct_BN(const char *key, unsigned char *buf, + size_t bsize, size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER, + buf, bsize, rsize); +} + +int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val) +{ + if (val == NULL || p == NULL || p->data_type != OSSL_PARAM_REAL) + return 0; + + switch (p->data_size) { + case sizeof(double): + *val = *(const double *)p->data; + return 1; + } + return 0; +} + +int OSSL_PARAM_set_double(const OSSL_PARAM *p, double val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (p->data_type != OSSL_PARAM_REAL) + return 0; + + switch (p->data_size) { + case sizeof(double): + SET_RETURN_SIZE(p, sizeof(double)); + *(double *)p->data = val; + return 1; + } + return 0; +} + +OSSL_PARAM OSSL_PARAM_construct_double(const char *key, double *buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_REAL, buf, sizeof(double), + rsize); +} + +static int get_string_internal(const OSSL_PARAM *p, void **val, size_t max_len, + size_t *used_len, unsigned int type) +{ + size_t sz; + + if (val == NULL || p == NULL || p->data_type != type) + return 0; + + sz = p->data_size; + + if (used_len != NULL) + *used_len = sz; + + if (*val == NULL) { + char *const q = OPENSSL_malloc(sz); + + if (q == NULL) + return 0; + *val = q; + memcpy(q, p->data, sz); + return 1; + } + if (max_len < sz) + return 0; + memcpy(*val, p->data, sz); + return 1; +} + +int OSSL_PARAM_get_utf8_string(const OSSL_PARAM *p, char **val, size_t max_len) +{ + return get_string_internal(p, (void **)val, max_len, NULL, + OSSL_PARAM_UTF8_STRING); +} + +int OSSL_PARAM_get_octet_string(const OSSL_PARAM *p, void **val, size_t max_len, + size_t *used_len) +{ + return get_string_internal(p, val, max_len, used_len, + OSSL_PARAM_OCTET_STRING); +} + +static int set_string_internal(const OSSL_PARAM *p, const void *val, size_t len, + unsigned int type) +{ + SET_RETURN_SIZE(p, len); + if (p->data_type != type || p->data_size < len) + return 0; + + memcpy(p->data, val, len); + return 1; +} + +int OSSL_PARAM_set_utf8_string(const OSSL_PARAM *p, const char *val) +{ + if (p == NULL) + return 0; + + SET_RETURN_SIZE(p, 0); + if (val == NULL) + return 0; + return set_string_internal(p, val, strlen(val) + 1, OSSL_PARAM_UTF8_STRING); +} + +int OSSL_PARAM_set_octet_string(const OSSL_PARAM *p, const void *val, + size_t len) +{ + if (p == NULL) + return 0; + + SET_RETURN_SIZE(p, 0); + if (val == NULL) + return 0; + return set_string_internal(p, val, len, OSSL_PARAM_OCTET_STRING); +} + +OSSL_PARAM OSSL_PARAM_construct_utf8_string(const char *key, char *buf, + size_t bsize, size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UTF8_STRING, buf, bsize, + rsize); +} + +OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf, + size_t bsize, size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_OCTET_STRING, buf, bsize, + rsize); +} + +static int get_ptr_internal(const OSSL_PARAM *p, const void **val, + size_t *used_len, unsigned int type) +{ + if (val == NULL || p == NULL || p->data_type != type) + return 0; + if (used_len != NULL) + *used_len = p->data_size; + *val = *(const void **)p->data; + return 1; +} + +int OSSL_PARAM_get_utf8_ptr(const OSSL_PARAM *p, const char **val) +{ + return get_ptr_internal(p, (const void **)val, NULL, OSSL_PARAM_UTF8_PTR); +} + +int OSSL_PARAM_get_octet_ptr(const OSSL_PARAM *p, const void **val, + size_t *used_len) +{ + return get_ptr_internal(p, val, used_len, OSSL_PARAM_OCTET_PTR); +} + +static int set_ptr_internal(const OSSL_PARAM *p, const void *val, + unsigned int type, size_t len) +{ + SET_RETURN_SIZE(p, len); + if (p->data_type != type) + return 0; + *(const void **)p->data = val; + return 1; +} + +int OSSL_PARAM_set_utf8_ptr(const OSSL_PARAM *p, const char *val) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (val == NULL) + return 0; + return set_ptr_internal(p, val, OSSL_PARAM_UTF8_PTR, strlen(val) + 1); +} + +int OSSL_PARAM_set_octet_ptr(const OSSL_PARAM *p, const void *val, + size_t used_len) +{ + if (p == NULL) + return 0; + SET_RETURN_SIZE(p, 0); + if (val == NULL) + return 0; + return set_ptr_internal(p, val, OSSL_PARAM_OCTET_PTR, used_len); +} + +OSSL_PARAM OSSL_PARAM_construct_utf8_ptr(const char *key, char **buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_UTF8_PTR, buf, 0, rsize); +} + +OSSL_PARAM OSSL_PARAM_construct_octet_ptr(const char *key, void **buf, + size_t *rsize) +{ + return ossl_param_construct(key, OSSL_PARAM_OCTET_PTR, buf, 0, rsize); +} diff --git a/crypto/provider_core.c b/crypto/provider_core.c index b3d44f1..05a6bff 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -381,8 +381,8 @@ int ossl_provider_get_params(const OSSL_PROVIDER *prov, * never knows. */ static const OSSL_ITEM param_types[] = { - { OSSL_PARAM_UTF8_STRING_PTR, "openssl-version" }, - { OSSL_PARAM_UTF8_STRING_PTR, "provider-name" }, + { OSSL_PARAM_UTF8_PTR, "openssl-version" }, + { OSSL_PARAM_UTF8_PTR, "provider-name" }, { 0, NULL } }; @@ -397,11 +397,11 @@ static int core_get_params(const OSSL_PROVIDER *prov, const OSSL_PARAM params[]) for (i = 0; params[i].key != NULL; i++) { if (strcmp(params[i].key, "openssl-version") == 0) { - *(void **)params[i].buffer = OPENSSL_VERSION_STR; + *(void **)params[i].data = OPENSSL_VERSION_STR; if (params[i].return_size) *params[i].return_size = sizeof(OPENSSL_VERSION_STR); } else if (strcmp(params[i].key, "provider-name") == 0) { - *(void **)params[i].buffer = prov->name; + *(void **)params[i].data = prov->name; if (params[i].return_size) *params[i].return_size = strlen(prov->name) + 1; } diff --git a/doc/man3/OSSL_PARAM.pod b/doc/man3/OSSL_PARAM.pod index 9d47486..50089b4 100644 --- a/doc/man3/OSSL_PARAM.pod +++ b/doc/man3/OSSL_PARAM.pod @@ -11,9 +11,9 @@ OSSL_PARAM - a structure to pass or request object parameters typedef struct ossl_param_st OSSL_PARAM; struct ossl_param_st { const char *key; /* the name of the parameter */ - unsigned char data_type; /* declare what kind of content is in buffer */ - void *buffer; /* value being passed in or out */ - size_t buffer_size; /* buffer size */ + unsigned char data_type; /* declare what kind of content is in data */ + void *data; /* value being passed in or out */ + size_t data_size; /* data size */ size_t *return_size; /* OPTIONAL: address to content size */ }; @@ -45,8 +45,8 @@ Request parameters of some object. The caller (the I) sets up the C array and calls some function (the I) that has intimate knowledge about the object, which can take the internal data of the object and -copy (possibly convert) that to the buffers prepared by the -I. +copy (possibly convert) that to the memory prepared by the +I and pointed at with the C C. =back @@ -69,13 +69,13 @@ The C is a value that describes the type and organization of the data. See L below for a description of the types. -=item C +=item C -=item C +=item C -C is a pointer to the memory where the parameter data is (when +C is a pointer to the memory where the parameter data is (when setting parameters) or shall (when requesting parameters) be stored, -and C is its size in bytes. +and C is its size in bytes. The organization of the data depends on the parameter type and flag. =item C @@ -83,9 +83,8 @@ The organization of the data depends on the parameter type and flag. When an array of C is used to request data, the I must set this field to indicate the actual size of the parameter data. -In case the C is too small for the data, the I -must still set this field to indicate the minimum buffer size -required. +In case the C is too small for the data, the I +must still set this field to indicate the minimum data size required. =back @@ -119,8 +118,6 @@ systems. =item C -=for comment It's still debated if we need this or not. - The parameter data is a floating point value in native form. =item C @@ -131,47 +128,50 @@ The parameter data is a printable string. The parameter data is an arbitrary string of bytes. -=back - -Additionally, this flag can be added to any type: +=item C -=over 4 - -=item C +The parameter data is a pointer to a printable string. -With this flag, C doesn't point directly at the data, but at a -pointer that points at the data. +The difference between this and C is that C +doesn't point directly at the data, but to a pointer that points to the data. -This can be used to indicate that constant data is or will be passed, +This is used to indicate that constant data is or will be passed, and there is therefore no need to copy the data that is passed, just the pointer to it. -If an C with this flag set is used to set a parameter, -C must be set to the size of the data, not the size of -the pointer to the data. - -If this C is used in a parameter request, C -is not relevant. -However, the I will set C<*return_size> to the size of the -data (again, not the size of the pointer to the data). +C must be set to the size of the data, not the size of the +pointer to the data. +If this is used in a parameter request, +C is not relevant. However, the I will set +C<*return_size> to the size of the data. -Note that the use of this flag is B and can only be safely +Note that the use of this type is B and can only be safely used for data that remains constant and in a constant location for a long enough duration (such as the life-time of the entity that offers these parameters). -=back +=item C -For convenience, these types are provided: +The parameter data is a pointer to an arbitrary string of bytes. -=over 4 +The difference between this and C is that +C doesn't point directly at the data, but to a pointer that +points to the data. -=item C +This is used to indicate that constant data is or will be passed, and +there is therefore no need to copy the data that is passed, just the +pointer to it. -=item C +C must be set to the size of the data, not the size of the +pointer to the data. +If this is used in a parameter request, +C is not relevant. However, the I will set +C<*return_size> to the size of the data. -These are combinations of C as well as -C with C. +Note that the use of this type is B and can only be safely +used for data that remains constant and in a constant location for a +long enough duration (such as the life-time of the entity that +offers these parameters). =back @@ -197,7 +197,7 @@ enough set of data, that call should succeed. =item * A I must never change the fields of an C, it -may only change the contents of the buffers that C and +may only change the contents of the memory that C and C point at. =item * @@ -213,7 +213,7 @@ C), but this is in no way mandatory. =item * -If a I finds that some buffers are too small for the +If a I finds that some data sizes are too small for the requested data, it must set C<*return_size> for each such C item to the required size, and eventually return an error. @@ -273,10 +273,10 @@ could fill in the parameters like this: for (i = 0; params[i].key != NULL; i++) { if (strcmp(params[i].key, "foo") == 0) { - *(char **)params[i].buffer = "foo value"; + *(char **)params[i].data = "foo value"; *params[i].return_size = 10; /* size of "foo value" */ } else if (strcmp(params[i].key, "bar") == 0) { - memcpy(params[1].buffer, "bar value", 10); + memcpy(params[1].data, "bar value", 10); *params[1].return_size = 10; /* size of "bar value" */ } /* Ignore stuff we don't know */ @@ -284,7 +284,7 @@ could fill in the parameters like this: =head1 SEE ALSO -L +L, L =head1 HISTORY diff --git a/doc/man3/OSSL_PARAM_TYPE.pod b/doc/man3/OSSL_PARAM_TYPE.pod new file mode 100644 index 0000000..c4ca37a --- /dev/null +++ b/doc/man3/OSSL_PARAM_TYPE.pod @@ -0,0 +1,312 @@ +=pod + +=head1 NAME + +OSSL_PARAM_TYPE, OSSL_PARAM_utf8_string, OSSL_PARAM_octet_string, +OSSL_PARAM_utf8_ptr, OSSL_PARAM_octet_ptr, OSSL_PARAM_SIZED_TYPE, +OSSL_PARAM_SIZED_BN, OSSL_PARAM_SIZED_utf8_string, +OSSL_PARAM_SIZED_octet_string, OSSL_PARAM_SIZED_utf8_ptr, +OSSL_PARAM_SIZED_octet_ptr, OSSL_PARAM_END, OSSL_PARAM_construct_TYPE, +OSSL_PARAM_END, +OSSL_PARAM_construct_BN, OSSL_PARAM_construct_utf8_string, +OSSL_PARAM_construct_utf8_ptr, OSSL_PARAM_construct_octet_string, +OSSL_PARAM_construct_octet_ptr, OSSL_PARAM_locate, OSSL_PARAM_get_TYPE, +OSSL_PARAM_set_TYPE, OSSL_PARAM_get_BN, OSSL_PARAM_set_BN, +OSSL_PARAM_get_utf8_string, OSSL_PARAM_set_utf8_string, +OSSL_PARAM_get_octet_string, OSSL_PARAM_set_octet_string, +OSSL_PARAM_get_utf8_ptr, OSSL_PARAM_set_utf8_ptr, OSSL_PARAM_get_octet_ptr, +OSSL_PARAM_set_octet_ptr +- OSSL_PARAM helpers + +=head1 SYNOPSIS + + #include + + #define OSSL_PARAM_TYPE(key, address) + #define OSSL_PARAM_utf8_string(key, address, size) + #define OSSL_PARAM_octet_string(key, address, size) + #define OSSL_PARAM_utf8_ptr(key, address, size) + #define OSSL_PARAM_octet_ptr(key, address, size) + #define OSSL_PARAM_SIZED_TYPE(key, address, return_size) + #define OSSL_PARAM_SIZED_BN(key, address, size, return_size) + #define OSSL_PARAM_SIZED_utf8_string(key, address, size, return_size) + #define OSSL_PARAM_SIZED_octet_string(key, address, size, return_size) + #define OSSL_PARAM_SIZED_utf8_ptr(key, address, size, return_size) + #define OSSL_PARAM_SIZED_octet_ptr(key, address, size, return_size) + #define OSSL_PARAM_END + + OSSL_PARAM OSSL_PARAM_construct_TYPE(const char *key, TYPE *buf, size_t *ret); + OSSL_PARAM OSSL_PARAM_construct_BN(const char *key, unsigned char *buf, + size_t bsize, size_t *rsize); + OSSL_PARAM OSSL_PARAM_construct_utf8_string(const char *key, char *buf, + size_t bsize, size_t *rsize); + OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf, + size_t bsize, size_t *rsize); + OSSL_PARAM OSSL_PARAM_construct_utf8_ptr(const char *key, char **buf, + size_t *rsize); + OSSL_PARAM OSSL_PARAM_construct_octet_ptr(const char *key, void **buf, + size_t *rsize); + + OSSL_PARAM *OSSL_PARAM_locate(OSSL_PARAM *array, const char *key); + + int OSSL_PARAM_get_TYPE(const OSSL_PARAM *p, const char *key, TYPE *val); + int OSSL_PARAM_set_TYPE(const OSSL_PARAM *p, const char *key, TYPE val); + + int OSSL_PARAM_get_BN(const OSSL_PARAM *p, const char *key, BIGNUM **val); + int OSSL_PARAM_set_BN(const OSSL_PARAM *p, const char *key, const BIGNUM *val); + + int OSSL_PARAM_get_utf8_string(const OSSL_PARAM *p, char **val, + size_t max_len); + int OSSL_PARAM_set_utf8_string(const OSSL_PARAM *p, const char *val); + + int OSSL_PARAM_get_octet_string(const OSSL_PARAM *p, void **val, + size_t max_len, size_t *used_len); + int OSSL_PARAM_set_octet_string(const OSSL_PARAM *p, const void *val, + size_t len); + + int OSSL_PARAM_get_utf8_ptr(const OSSL_PARAM *p, char **val); + int OSSL_PARAM_set_utf8_ptr(const OSSL_PARAM *p, char *val); + + int OSSL_PARAM_get_octet_ptr(const OSSL_PARAM *p, void **val, + size_t *used_len); + int OSSL_PARAM_set_octet_ptr(const OSSL_PARAM *p, void *val, size_t used_len); + +=head1 DESCRIPTION + +A collection of utility functions that simplify and add type safety to the +OSSL_PARAM arrays. The following B names are supported: + +=over 1 + +=item * + +double + +=item * + +int + +=item * + +int32 (int32_t) + +=item * + +int64 (int64_t) + +=item * + +long int (long) + +=item * + +size_t + +=item * + +uint32 (uint32_t) + +=item * + +uint64 (uint64_t) + +=item * + +unsigned int (uint) + +=item * + +unsigned long int (ulong) + +=back + +OSSL_PARAM_TYPE() are a series of macros designed to assist initialising an +array of OSSL_PARAM structures. +Each of these macros defines a parameter of the specified B with the +provided B and parameter variable B

. + +OSSL_PARAM_utf8_string(), OSSL_PARAM_octet_string(), OSSL_PARAM_utf8_ptr(), +OSSL_PARAM_octet_ptr() are macros that provide support for defining UTF8 +strings and OCTET strings. +A parameter with name B is defined. +The storage for this parameter is at B
and is of B bytes. + +OSSL_PARAM_SIZED_TYPE() are a second series of macros designed to assist with +the initialisation of OSSL_PARAM structures. +They are similar to the OSSL_PARAM_TYPE() macros but also include a +B argument which contains the address of a size_t variable which +will be populated with the actual size of the parameter upon return from a +OSSL_PARAM_set_TYPE() call. + +OSSL_PARAM_SIZED_BN(), OSSL_PARAM_SIZED_utf8_string(), +OSSL_PARAM_SIZED_octet_string(), OSSL_PARAM_SIZED_utf8_ptr(), +OSSL_PARAM_SIZED_octet_ptr() are macros that provide support for defining large +integers, UTF8 string and OCTET strings in an OSSL_PARAM array. +A parameter with name B is defined. +The storage for this parameter is at B
and is of B bytes. +The size used by the parameter value, in bytes, is written to B. + +OSSL_PARAM_END provides an end of parameter list marker. +This should terminate all OSSL_PARAM arrays. + +OSSL_PARAM_construct_TYPE() are a series of functions that create OSSL_PARAM +records dynamically. +A parameter with name B is created. +The parameter will use storage pointed to by B and return size of B. + +OSSL_PARAM_construct_BN() is a function that constructs a large integer +OSSL_PARAM structure. +A parameter with name B, storage B, size B and return +size B is created. + +OSSL_PARAM_construct_utf8_string() is a function that constructs a UTF8 +string OSSL_PARAM structure. +A parameter with name B, storage B, size B and return +size B is created. + +OSSL_PARAM_construct_octet_string() is a function that constructs an OCTET +string OSSL_PARAM structure. +A parameter with name B, storage B, size B and return +size B is created. + +OSSL_PARAM_construct_utf8_ptr() is a function that constructes a UTF string +pointer OSSL_PARAM structure. +A parameter with name B, storage pointer B<*buf> and return size B +is created. + +OSSL_PARAM_construct_octet_ptr() is a function that constructes an OCTET string +pointer OSSL_PARAM structure. +A parameter with name B, storage pointer B<*buf> and return size B +is created. + +OSSL_PARAM_locate() is a function that searches an B of parameters for +the one matching the B name. + +OSSL_PARAM_get_TYPE() retrieves a value of type B from the parameter B

. +The value is copied to the address B. +Type coercion takes place as discussed in the NOTES section. + +OSSL_PARAM_set_TYPE() stores a value B of type B into the paramter +B

. +Type coercion takes place as discussed in the NOTES section. + +OSSL_PARAM_get_BN() retrieves a BIGNUM from the parameter pointed to by B

. +The BIGNUM referenced by B is updated and is allocated if B<*val> is +B. + +OSSL_PARAM_set_BN() stores the BIGNUM B into the paramater B

. + +OSSL_PARAM_get_utf8_string() retrieves a UTF8 string from the parameter +pointed to by B

. +The string is either stored into B<*val> with a length limit of B or, +in the case when B<*val> is B, memory is allocated for the string and +B is ignored. +If memory is allocated by this function, it must be freed by the caller. + +OSSL_PARAM_set_utf8_string() sets a UTF8 string from the parameter pointed to +by B

to the value referenced by B. + +OSSL_PARAM_get_octet_string() retrieves an OCTET string from the parameter +pointed to by B

. +The OCTETs are either stored into B<*val> with a length limit of B or, +in the case when B<*val> is B, memory is allocated and +B is ignored. +If memory is allocated by this function, it must be freed by the caller. + +OSSL_PARAM_set_octet_string() sets an OCTET string from the parameter +pointed to by B

to the value referenced by B. + +OSSL_PARAM_get_utf8_ptr() retrieves the UTF8 string pointer from the parameter +referenced by B

and stores it in B<*val>. + +OSSL_PARAM_set_utf8_ptr() sets the UTF8 string pointer in the parameter +referenced by B

to the values B. + +OSSL_PARAM_get_octet_ptr() retrieves the OCTET string pointer from the parameter +referenced by B

and stores it in B<*val>. +The length of the OCTET string is stored in B<*used_len>. + +OSSL_PARAM_set_octet_ptr() sets the OCTET string pointer in the parameter +referenced by B

to the values B. +The length of the OCTET string is provided by B. + +=head1 RETURN VALUES + +OSSL_PARAM_construct_TYPE(), OSSL_PARAM_construct_BN(), +OSSL_PARAM_construct_utf8_string(), OSSL_PARAM_construct_octet_string(), +OSSL_PARAM_construct_utf8_ptr() and OSSL_PARAM_construct_octet_ptr() +return a populated OSSL_PARAM structure. + +OSSL_PARAM_locate() returns a pointer to the matching OSSL_PARAM object. +It returns B on error or when no object matching B exists in +the B. + +All other functions return B<1> on success and B<0> on failure. + +=head1 NOTES + +Integral types will be widened and sign extended as required. +Apart from that, the functions must be used appropriately for the +expected type of the parameter. + +=head1 EXAMPLES + +Reusing the examples from L to just show how +C arrays can be handled using the macros and functions +defined herein. + +=head2 Example 1 + +This example is for setting parameters on some object: + + #include + + const char *foo = "some string"; + size_t foo_l = strlen(foo) + 1; + const char bar[] = "some other string"; + const OSSL_PARAM set[] = { + OSSL_PARAM_utf8_ptr("foo", foo, foo_l), + OSSL_PARAM_utf8_string("bar", bar, sizeof(bar)), + OSSL_PARAM_END + }; + +=head2 Example 2 + +This example is for requesting parameters on some object: + + const char *foo = NULL; + size_t foo_l; + char bar[1024]; + size_t bar_l; + const OSSL_PARAM request[] = { + OSSL_PARAM_UTF8_PTR("foo", foo, 0, foo_l), + OSSL_PARAM_UTF8_STRING("bar", bar, sizeof(bar), bar_l), + OSSL_PARAM_END + }; + +A I that receives this array (as C in this example) +could fill in the parameters like this: + + /* const OSSL_PARAM *params */ + + OSSL_PARAM_set_utf8_ptr(OSSL_PARAM_locate(params, "foo"), "foo value"); + OSSL_PARAM_set_utf8_string(OSSL_PARAM_locate(params, "bar"), "bar value"); + +=head1 SEE ALSO + +L, L + +=head1 HISTORY + +These APIs were introduced in OpenSSL 3.0.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/include/openssl/core.h b/include/openssl/core.h index 15e8843..6edcd99 100644 --- a/include/openssl/core.h +++ b/include/openssl/core.h @@ -75,8 +75,8 @@ struct ossl_algorithm_st { struct ossl_param_st { const char *key; /* the name of the parameter */ unsigned int data_type; /* declare what kind of content is in buffer */ - void *buffer; /* value being passed in or out */ - size_t buffer_size; /* buffer size */ + void *data; /* value being passed in or out */ + size_t data_size; /* data size */ size_t *return_size; /* OPTIONAL: address to content size */ }; @@ -111,13 +111,12 @@ struct ossl_param_st { * printed as a hexdump. */ # define OSSL_PARAM_OCTET_STRING 5 - /*- - * Pointer flag + * OSSL_PARAM_UTF8_PTR + * is a pointer to a printable string. Is expteced to be printed as it is. * - * This flag can be added to any type to signify that the buffer - * pointer is set to point at a pointer to the data instead of - * pointing directly at the data. + * The difference between this and OSSL_PARAM_UTF8_STRING is that only pointers + * are manipulated for this type. * * This is more relevant for parameter requests, where the responding * function doesn't need to copy the data to the provided buffer, but @@ -126,15 +125,23 @@ struct ossl_param_st { * WARNING! Using these is FRAGILE, as it assumes that the actual * data and its location are constant. */ -# define OSSL_PARAM_POINTER_FLAG 0x80000000UL - -/* - * Convenience pointer types for strings. +# define OSSL_PARAM_UTF8_PTR 6 +/*- + * OSSL_PARAM_OCTET_PTR + * is a pointer to a string of bytes with no further specification. It is + * expected to be printed as a hexdump. + * + * The difference between this and OSSL_PARAM_OCTET_STRING is that only pointers + * are manipulated for this type. + * + * This is more relevant for parameter requests, where the responding + * function doesn't need to copy the data to the provided buffer, but + * sets the provided buffer to point at the actual data instead. + * + * WARNING! Using these is FRAGILE, as it assumes that the actual + * data and its location are constant. */ -# define OSSL_PARAM_UTF8_STRING_PTR \ - (OSSL_PARAM_UTF8_STRING|OSSL_PARAM_POINTER_FLAG) -# define OSSL_PARAM_OCTET_STRING_PTR \ - (OSSL_PARAM_OCTET_STRING|OSSL_PARAM_POINTER_FLAG) +# define OSSL_PARAM_OCTET_PTR 7 /*- * Provider entry point diff --git a/include/openssl/params.h b/include/openssl/params.h new file mode 100644 index 0000000..10ed28d --- /dev/null +++ b/include/openssl/params.h @@ -0,0 +1,186 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_PARAMS_H +# define HEADER_PARAMS_H + +# include +# include + +# ifdef __cplusplus +extern "C" { +# endif + +# define OSSL_PARAM_END \ + { NULL, 0, NULL, 0, NULL } + +# define OSSL_PARAM_DEFN(key, type, addr, sz, rsz) \ + { (key), (type), (addr), (sz), (rsz) } + +/* Basic parameter types without return sizes */ +# define OSSL_PARAM_int(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int), NULL) +# define OSSL_PARAM_uint(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(unsigned int), NULL) +# define OSSL_PARAM_long(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(long int), \ + NULL) +# define OSSL_PARAM_ulong(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(unsigned long int), NULL) +# define OSSL_PARAM_int32(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int32_t), NULL) +# define OSSL_PARAM_uint32(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(uint32_t), NULL) +# define OSSL_PARAM_int64(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int64_t), NULL) +# define OSSL_PARAM_uint64(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(uint64_t), NULL) +# define OSSL_PARAM_size_t(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), sizeof(size_t), \ + NULL) +# define OSSL_PARAM_double(key, addr) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_REAL, (addr), sizeof(double), NULL) + +# define OSSL_PARAM_utf8_string(key, addr, sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_STRING, (addr), sz, NULL) +# define OSSL_PARAM_octet_string(key, addr, sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_STRING, (addr), sz, NULL) + +# define OSSL_PARAM_utf8_ptr(key, addr, sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_PTR, &(addr), sz, NULL) +# define OSSL_PARAM_octet_ptr(key, addr, sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_PTR, &(addr), sz, NULL) + +/* Basic parameter types including return sizes */ +# define OSSL_PARAM_SIZED_int(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int), &(r_sz)) +# define OSSL_PARAM_SIZED_uint(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(unsigned int), &(r_sz)) +# define OSSL_PARAM_SIZED_long(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(long int), \ + &(r_sz)) +# define OSSL_PARAM_SIZED_ulong(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(unsigned long int), &(r_sz)) +# define OSSL_PARAM_SIZED_int32(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int32_t), &(r_sz)) +# define OSSL_PARAM_SIZED_uint32(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(uint32_t), &(r_sz)) +# define OSSL_PARAM_SIZED_int64(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int64_t), &(r_sz)) +# define OSSL_PARAM_SIZED_uint64(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(uint64_t), &(r_sz)) +# define OSSL_PARAM_SIZED_size_t(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \ + sizeof(size_t), &(r_sz)) +# define OSSL_PARAM_SIZED_double(key, addr, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_REAL, (addr), sizeof(double), &(r_sz)) + +# define OSSL_PARAM_SIZED_BN(key, addr, sz, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), sz, \ + &(r_sz)) + +# define OSSL_PARAM_SIZED_utf8_string(key, addr, sz, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_STRING, (addr), sz, &(r_sz)) +# define OSSL_PARAM_SIZED_octet_string(key, addr, sz, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_STRING, (addr), sz, &(r_sz)) + +# define OSSL_PARAM_SIZED_utf8_ptr(key, addr, sz, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_PTR, &(addr), sz, &(r_sz)) +# define OSSL_PARAM_SIZED_octet_ptr(key, addr, sz, r_sz) \ + OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_PTR, &(addr), sz, &(r_sz)) + +/* Search an OSSL_PARAM array for a matching name */ +const OSSL_PARAM *OSSL_PARAM_locate(const OSSL_PARAM *p, const char *key); + +/* Basic parameter type run-time construction */ +OSSL_PARAM OSSL_PARAM_construct_int(const char *key, int *buf, size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_uint(const char *key, unsigned int *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_long(const char *key, long int *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_ulong(const char *key, unsigned long int *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_int32(const char *key, int32_t *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_uint32(const char *key, uint32_t *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_int64(const char *key, int64_t *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_uint64(const char *key, uint64_t *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_size_t(const char *key, size_t *buf, + size_t *ret); +OSSL_PARAM OSSL_PARAM_construct_BN(const char *key, unsigned char *buf, + size_t bsize, size_t *rsize); +OSSL_PARAM OSSL_PARAM_construct_double(const char *key, double *buf, + size_t *rsize); +OSSL_PARAM OSSL_PARAM_construct_utf8_string(const char *key, char *buf, + size_t bsize, size_t *rsize); +OSSL_PARAM OSSL_PARAM_construct_utf8_ptr(const char *key, char **buf, + size_t *rsize); +OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf, + size_t bsize, size_t *rsize); +OSSL_PARAM OSSL_PARAM_construct_octet_ptr(const char *key, void **buf, + size_t *rsize); + +int OSSL_PARAM_get_int(const OSSL_PARAM *p, int *val); +int OSSL_PARAM_get_uint(const OSSL_PARAM *p, unsigned int *val); +int OSSL_PARAM_get_long(const OSSL_PARAM *p, long int *val); +int OSSL_PARAM_get_ulong(const OSSL_PARAM *p, unsigned long int *val); +int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val); +int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val); +int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val); +int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val); +int OSSL_PARAM_get_size_t(const OSSL_PARAM *p, size_t *val); + +int OSSL_PARAM_set_int(const OSSL_PARAM *p, int val); +int OSSL_PARAM_set_uint(const OSSL_PARAM *p, unsigned int val); +int OSSL_PARAM_set_long(const OSSL_PARAM *p, long int val); +int OSSL_PARAM_set_ulong(const OSSL_PARAM *p, unsigned long int val); +int OSSL_PARAM_set_int32(const OSSL_PARAM *p, int32_t val); +int OSSL_PARAM_set_uint32(const OSSL_PARAM *p, uint32_t val); +int OSSL_PARAM_set_int64(const OSSL_PARAM *p, int64_t val); +int OSSL_PARAM_set_uint64(const OSSL_PARAM *p, uint64_t val); +int OSSL_PARAM_set_size_t(const OSSL_PARAM *p, size_t val); + +int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val); +int OSSL_PARAM_set_double(const OSSL_PARAM *p, double val); + +int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val); +int OSSL_PARAM_set_BN(const OSSL_PARAM *p, const BIGNUM *val); + +int OSSL_PARAM_get_utf8_string(const OSSL_PARAM *p, char **val, size_t max_len); +int OSSL_PARAM_set_utf8_string(const OSSL_PARAM *p, const char *val); + +int OSSL_PARAM_get_octet_string(const OSSL_PARAM *p, void **val, size_t max_len, + size_t *used_len); +int OSSL_PARAM_set_octet_string(const OSSL_PARAM *p, const void *val, + size_t len); + +int OSSL_PARAM_get_utf8_ptr(const OSSL_PARAM *p, const char **val); +int OSSL_PARAM_set_utf8_ptr(const OSSL_PARAM *p, const char *val); + +int OSSL_PARAM_get_octet_ptr(const OSSL_PARAM *p, const void **val, + size_t *used_len); +int OSSL_PARAM_set_octet_ptr(const OSSL_PARAM *p, const void *val, + size_t used_len); + +# ifdef __cplusplus +} +# endif +#endif diff --git a/test/build.info b/test/build.info index 9c721a5..914e5bf 100644 --- a/test/build.info +++ b/test/build.info @@ -34,7 +34,7 @@ IF[{- !$disabled{tests} -}] bftest ssltest_old dsatest dsa_no_digest_size_test exptest rsa_test \ evp_test evp_extra_test igetest v3nametest v3ext \ crltest danetest bad_dtls_test lhash_test sparse_array_test \ - conf_include_test \ + conf_include_test params_api_test \ constant_time_test verify_extra_test clienthellotest \ packettest asynctest secmemtest srptest memleaktest stack_test \ dtlsv1listentest ct_test threadstest afalgtest d2i_test \ @@ -307,6 +307,10 @@ IF[{- !$disabled{tests} -}] INCLUDE[bioprinttest]=../include ../apps/include DEPEND[bioprinttest]=../libcrypto libtestutil.a + SOURCE[params_api_test]=params_api_test.c + INCLUDE[params_api_test]=../include ../apps/include + DEPEND[params_api_test]=../libcrypto libtestutil.a + SOURCE[sslapitest]=sslapitest.c ssltestlib.c INCLUDE[sslapitest]=../include ../apps/include .. DEPEND[sslapitest]=../libcrypto ../libssl libtestutil.a diff --git a/test/p_test.c b/test/p_test.c index 6dc0410..9e1ba8e 100644 --- a/test/p_test.c +++ b/test/p_test.c @@ -53,9 +53,9 @@ static int p_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) static char *opensslv = NULL; static char *provname = NULL; static OSSL_PARAM counter_request[] = { - { "openssl-version", OSSL_PARAM_UTF8_STRING_PTR, + { "openssl-version", OSSL_PARAM_UTF8_PTR, &opensslv, sizeof(&opensslv), NULL }, - { "provider-name", OSSL_PARAM_UTF8_STRING_PTR, + { "provider-name", OSSL_PARAM_UTF8_PTR, &provname, sizeof(&provname), NULL}, { NULL, 0, NULL, 0, NULL } }; @@ -63,8 +63,8 @@ static int p_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) size_t buf_l; if (c_get_params(prov, counter_request)) { - const char *versionp = *(void **)counter_request[0].buffer; - const char *namep = *(void **)counter_request[1].buffer; + const char *versionp = *(void **)counter_request[0].data; + const char *namep = *(void **)counter_request[1].data; sprintf(buf, "Hello OpenSSL %.20s, greetings from %s!", versionp, namep); } else { @@ -72,8 +72,8 @@ static int p_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) } *p->return_size = buf_l = strlen(buf) + 1; - if (p->buffer_size >= buf_l) - strncpy(p->buffer, buf, buf_l); + if (p->data_size >= buf_l) + strncpy(p->data, buf, buf_l); else ok = 0; } diff --git a/test/params_api_test.c b/test/params_api_test.c new file mode 100644 index 0000000..77b8af4 --- /dev/null +++ b/test/params_api_test.c @@ -0,0 +1,627 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "testutil.h" +#include "internal/nelem.h" +#include +#include + +/* The maximum size of the static buffers used to test most things */ +#define MAX_LEN 20 + +static void swap_copy(unsigned char *out, const void *in, size_t len) +{ + size_t j; + + for (j = 0; j < len; j++) + out[j] = ((unsigned char *)in)[len - j - 1]; +} + +static void copy_to_le(unsigned char *out, const void *in, size_t len) +{ +#ifdef B_ENDIAN + swap_copy(out, in, len); +#else + memcpy(out, in, len); +#endif +} + +static void copy_be_to_native(unsigned char *out, const void *in, size_t len) +{ +#ifdef B_ENDIAN + memcpy(out, in, len); +#else + swap_copy(out, in, len); +#endif +} + +static const struct { + size_t len; + unsigned char value[MAX_LEN]; +} raw_values[] = { + { 4, { 0x38, 0x27, 0xbf, 0x3b } }, + { 4, { 0x9f, 0x26, 0x48, 0x22 } }, + { 8, { 0x59, 0xb2, 0x1a, 0xe9, 0x2a, 0xd8, 0x46, 0x40 } }, + { 8, { 0xb4, 0xae, 0xbd, 0xb4, 0xdd, 0x04, 0xb1, 0x4c } }, + { 16, { 0x61, 0xe8, 0x7e, 0x31, 0xe9, 0x33, 0x83, 0x3d, + 0x87, 0x99, 0xc7, 0xd8, 0x5d, 0xa9, 0x8b, 0x42 } }, + { 16, { 0xee, 0x6e, 0x8b, 0xc3, 0xec, 0xcf, 0x37, 0xcc, + 0x89, 0x67, 0xf2, 0x68, 0x33, 0xa0, 0x14, 0xb0 } }, +}; + +static int test_param_type_extra(const OSSL_PARAM *param, unsigned char *cmp, + size_t width) +{ + int32_t i32; + int64_t i64; + size_t s, sz; + unsigned char buf[MAX_LEN]; + const int bit32 = param->data_size == sizeof(int32_t); + const int sizet = bit32 && sizeof(size_t) > sizeof(int32_t); + const int signd = param->data_type == OSSL_PARAM_INTEGER; + + if (signd) { + if ((bit32 && !TEST_true(OSSL_PARAM_get_int32(param, &i32))) + || !TEST_true(OSSL_PARAM_get_int64(param, &i64))) + return 0; + } else { + if ((bit32 + && !TEST_true(OSSL_PARAM_get_uint32(param, (uint32_t *)&i32))) + || !TEST_true(OSSL_PARAM_get_uint64(param, (uint64_t *)&i64)) + || (sizet && !TEST_true(OSSL_PARAM_get_size_t(param, &s)))) + return 0; + } + + /* Check signed types */ + if (bit32) { + copy_to_le(buf, &i32, sizeof(i32)); + sz = sizeof(i32) < width ? sizeof(i32) : width; + if (!TEST_mem_eq(buf, sz, cmp, sz)) + return 0; + } + copy_to_le(buf, &i64, sizeof(i64)); + sz = sizeof(i64) < width ? sizeof(i64) : width; + if (!TEST_mem_eq(buf, sz, cmp, sz)) + return 0; + if (sizet && !signd) { + copy_to_le(buf, &s, sizeof(s)); + sz = sizeof(s) < width ? sizeof(s) : width; + if (!TEST_mem_eq(buf, sz, cmp, sz)) + return 0; + } + + /* Check a widening write if possible */ + if (sizeof(size_t) > width) { + if (signd) { + if (!TEST_true(OSSL_PARAM_set_int32(param, 12345)) + || !TEST_true(OSSL_PARAM_get_int64(param, &i64)) + || !TEST_size_t_eq(i64, 12345)) + return 0; + } else { + if (!TEST_true(OSSL_PARAM_set_uint32(param, 12345)) + || !TEST_true(OSSL_PARAM_get_uint64(param, (uint64_t *)&i64)) + || !TEST_size_t_eq(i64, 12345)) + return 0; + } + } + return 1; +} + +/* + * The test cases for each of the bastic integral types are similar. + * For each type, a param of that type is set and an attempt to read it + * get is made. Finally, the above function is called to verify that + * the params can be read as other types. + * + * All the real work is done via byte buffers which are converted to machine + * byte order and to little endian for comparisons. Narrower values are best + * compared using little endian because their values and positions don't + * change. + */ + +static int test_param_int(int n) +{ + int in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(int)]; + const size_t len = raw_values[n].len >= sizeof(int) ? + sizeof(int) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_int("a", NULL); + + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_int(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_int(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(int)); +} + +static int test_param_long(int n) +{ + long int in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(long int)]; + const size_t len = raw_values[n].len >= sizeof(long int) + ? sizeof(long int) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_long("a", NULL); + + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_long(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_long(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(long int)); +} + +static int test_param_uint(int n) +{ + unsigned int in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(unsigned int)]; + const size_t len = raw_values[n].len >= sizeof(unsigned int) ? sizeof(unsigned int) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_uint("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_uint(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_uint(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(unsigned int)); +} + +static int test_param_ulong(int n) +{ + unsigned long int in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(unsigned long int)]; + const size_t len = raw_values[n].len >= sizeof(unsigned long int) + ? sizeof(unsigned long int) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_ulong("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_ulong(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_ulong(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(unsigned long int)); +} + +static int test_param_int32(int n) +{ + int32_t in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(int32_t)]; + const size_t len = raw_values[n].len >= sizeof(int32_t) + ? sizeof(int32_t) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_int32("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_int32(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_int32(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(int32_t)); +} + +static int test_param_uint32(int n) +{ + uint32_t in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(uint32_t)]; + const size_t len = raw_values[n].len >= sizeof(uint32_t) + ? sizeof(uint32_t) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_uint32("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_uint32(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_uint32(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(uint32_t)); +} + +static int test_param_int64(int n) +{ + int64_t in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(int64_t)]; + const size_t len = raw_values[n].len >= sizeof(int64_t) + ? sizeof(int64_t) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_int64("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_int64(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_int64(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(int64_t)); +} + +static int test_param_uint64(int n) +{ + uint64_t in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(uint64_t)]; + const size_t len = raw_values[n].len >= sizeof(uint64_t) + ? sizeof(uint64_t) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_uint64("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_uint64(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_uint64(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(uint64_t)); +} + +static int test_param_size_t(int n) +{ + size_t in, out; + unsigned char buf[MAX_LEN], le[MAX_LEN], cmp[sizeof(size_t)]; + const size_t len = raw_values[n].len >= sizeof(size_t) + ? sizeof(size_t) : raw_values[n].len; + OSSL_PARAM param = OSSL_PARAM_size_t("a", NULL); + memset(buf, 0, sizeof(buf)); + memset(le, 0, sizeof(le)); + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + memcpy(&in, buf, sizeof(in)); + param.data = &out; + if (!TEST_true(OSSL_PARAM_set_size_t(¶m, in))) + return 0; + copy_to_le(cmp, &out, sizeof(out)); + if (!TEST_mem_eq(cmp, len, le, len)) + return 0; + in = 0; + param.data = buf; + if (!TEST_true(OSSL_PARAM_get_size_t(¶m, &in))) + return 0; + copy_to_le(cmp, &in, sizeof(in)); + if (!TEST_mem_eq(cmp, sizeof(in), le, sizeof(in))) + return 0; + param.data = &out; + return test_param_type_extra(¶m, le, sizeof(size_t)); +} + +static int test_param_bignum(int n) +{ + unsigned char buf[MAX_LEN], bnbuf[MAX_LEN], le[MAX_LEN]; + const size_t len = raw_values[n].len; + size_t bnsize; + BIGNUM *b = NULL, *c = NULL; + OSSL_PARAM param = OSSL_PARAM_DEFN("bn", OSSL_PARAM_UNSIGNED_INTEGER, + NULL, 0, NULL); + int ret = 0; + + param.data = bnbuf; + param.data_size = len; + param.return_size = &bnsize; + + copy_be_to_native(buf, raw_values[n].value, len); + swap_copy(le, raw_values[n].value, len); + if (!TEST_ptr(b = BN_bin2bn(raw_values[n].value, (int)len, NULL))) + goto err; + + if (!TEST_true(OSSL_PARAM_set_BN(¶m, b)) + || !TEST_mem_eq(bnbuf, bnsize, buf, bnsize)) + goto err; + param.data_size = *param.return_size; + if (!TEST_true(OSSL_PARAM_get_BN(¶m, &c)) + || !TEST_BN_eq(b, c)) + goto err; + + ret = 1; +err: + BN_free(b); + BN_free(c); + return ret; +} + +static int test_param_real(void) +{ + double p; + OSSL_PARAM param = OSSL_PARAM_double("r", NULL); + + param.data = &p; + return TEST_true(OSSL_PARAM_set_double(¶m, 3.14159)) + && TEST_double_eq(p, 3.14159); +} + +/* + * The tests are a bit special in that they are trying to do both sides + * of the param passing. This means that the OSSL_PARAM structure needs to + * be updated so that a get call matches size with the corresponding set call. + * This is not a problem in normal usage because the owner of the OSSL_PARAM + * "knows" the size of what it wants to put in and gets the size back via the + * return_size pointer when it needs to get data out. That is, the owner + * does not need to call these APIs since it has direct access. + * + * The result is that the tests need the locate call to return a non-const + * pointer at times. Hence the cast here. + */ +static OSSL_PARAM *locate(OSSL_PARAM *p, const char *name) +{ + return (OSSL_PARAM *)OSSL_PARAM_locate(p, name); +} + +static int test_param_construct(void) +{ + static const char *int_names[] = { + "int", "long", "int32", "int64" + }; + static const char *uint_names[] = { + "uint", "ulong", "uint32", "uint64", "size_t" + }; + static const unsigned char bn_val[16] = { + 0xac, 0x75, 0x22, 0x7d, 0x81, 0x06, 0x7a, 0x23, + 0xa6, 0xed, 0x87, 0xc7, 0xab, 0xf4, 0x73, 0x22 + }; + OSSL_PARAM params[20]; + char buf[100], buf2[100], *bufp, *bufp2; + unsigned char ubuf[100]; + void *vp, *vp2; + OSSL_PARAM *p; + const OSSL_PARAM *cp; + static const OSSL_PARAM pend = OSSL_PARAM_END; + int i, n = 0, ret = 0; + unsigned int u; + long int l; + unsigned long int ul; + int32_t i32; + uint32_t u32; + int64_t i64; + uint64_t u64; + size_t j, k, s, sz; + double d, d2; + BIGNUM *bn = NULL, *bn2 = NULL; + + params[n++] = OSSL_PARAM_construct_int("int", &i, &sz); + params[n++] = OSSL_PARAM_construct_uint("uint", &u, &sz); + params[n++] = OSSL_PARAM_construct_long("long", &l, &sz); + params[n++] = OSSL_PARAM_construct_ulong("ulong", &ul, &sz); + params[n++] = OSSL_PARAM_construct_int32("int32", &i32, &sz); + params[n++] = OSSL_PARAM_construct_int64("int64", &i64, &sz); + params[n++] = OSSL_PARAM_construct_uint32("uint32", &u32, &sz); + params[n++] = OSSL_PARAM_construct_uint64("uint64", &u64, &sz); + params[n++] = OSSL_PARAM_construct_size_t("size_t", &s, &sz); + params[n++] = OSSL_PARAM_construct_double("double", &d, &sz); + params[n++] = OSSL_PARAM_construct_BN("bignum", ubuf, sizeof(ubuf), &sz); + params[n++] = OSSL_PARAM_construct_utf8_string("utf8str", buf, sizeof(buf), + &sz); + params[n++] = OSSL_PARAM_construct_octet_string("octstr", buf, sizeof(buf), + &sz); + params[n++] = OSSL_PARAM_construct_utf8_ptr("utf8ptr", &bufp, &sz); + params[n++] = OSSL_PARAM_construct_octet_ptr("octptr", &vp, &sz); + params[n] = pend; + + /* Search failure */ + if (!TEST_ptr_null(OSSL_PARAM_locate(params, "fnord"))) + goto err; + + /* All signed integral types */ + for (j = 0; j < OSSL_NELEM(int_names); j++) { + if (!TEST_ptr(cp = OSSL_PARAM_locate(params, int_names[j])) + || !TEST_true(OSSL_PARAM_set_int32(cp, (int32_t)(3 + j))) + || !TEST_true(OSSL_PARAM_get_int64(cp, &i64)) + || !TEST_size_t_eq(cp->data_size, sz) + || !TEST_size_t_eq((size_t)i64, 3 + j)) { + TEST_note("iteration %zu var %s", j + 1, int_names[j]); + goto err; + } + } + /* All unsigned integral types */ + for (j = 0; j < OSSL_NELEM(uint_names); j++) { + if (!TEST_ptr(cp = OSSL_PARAM_locate(params, uint_names[j])) + || !TEST_true(OSSL_PARAM_set_uint32(cp, (uint32_t)(3 + j))) + || !TEST_true(OSSL_PARAM_get_uint64(cp, &u64)) + || !TEST_size_t_eq(cp->data_size, sz) + || !TEST_size_t_eq((size_t)u64, 3 + j)) { + TEST_note("iteration %zu var %s", j + 1, uint_names[j]); + goto err; + } + } + /* Real */ + if (!TEST_ptr(cp = OSSL_PARAM_locate(params, "double")) + || !TEST_true(OSSL_PARAM_set_double(cp, 3.14)) + || !TEST_true(OSSL_PARAM_get_double(cp, &d2)) + || !TEST_size_t_eq(sz, sizeof(double)) + || !TEST_double_eq(d, d2)) + goto err; + /* UTF8 string */ + bufp = NULL; + if (!TEST_ptr(cp = OSSL_PARAM_locate(params, "utf8str")) + || !TEST_true(OSSL_PARAM_set_utf8_string(cp, "abcdef")) + || !TEST_size_t_eq(sz, sizeof("abcdef")) + || !TEST_true(OSSL_PARAM_get_utf8_string(cp, &bufp, 0)) + || !TEST_str_eq(bufp, "abcdef")) + goto err; + OPENSSL_free(bufp); + bufp = buf2; + if (!TEST_true(OSSL_PARAM_get_utf8_string(cp, &bufp, sizeof(buf2))) + || !TEST_str_eq(buf2, "abcdef")) + goto err; + /* UTF8 pointer */ + bufp = buf; + sz = 0; + if (!TEST_ptr(cp = OSSL_PARAM_locate(params, "utf8ptr")) + || !TEST_true(OSSL_PARAM_set_utf8_ptr(cp, "tuvwxyz")) + || !TEST_size_t_eq(sz, sizeof("tuvwxyz")) + || !TEST_str_eq(bufp, "tuvwxyz") + || !TEST_true(OSSL_PARAM_get_utf8_ptr(cp, (const char **)&bufp2)) + || !TEST_ptr_eq(bufp2, bufp)) + goto err; + /* OCTET string */ + vp = NULL; + if (!TEST_ptr(p = locate(params, "octstr")) + || !TEST_true(OSSL_PARAM_set_octet_string(p, "abcdefghi", + sizeof("abcdefghi"))) + || !TEST_size_t_eq(sz, sizeof("abcdefghi"))) + goto err; + /* Match the return size to avoid trailing garbage bytes */ + p->data_size = *p->return_size; + if (!TEST_true(OSSL_PARAM_get_octet_string(p, &vp, 0, &s)) + || !TEST_size_t_eq(s, sizeof("abcdefghi")) + || !TEST_mem_eq(vp, sizeof("abcdefghi"), + "abcdefghi", sizeof("abcdefghi"))) + goto err; + OPENSSL_free(vp); + vp = buf2; + if (!TEST_true(OSSL_PARAM_get_octet_string(p, &vp, sizeof(buf2), &s)) + || !TEST_size_t_eq(s, sizeof("abcdefghi")) + || !TEST_mem_eq(vp, sizeof("abcdefghi"), + "abcdefghi", sizeof("abcdefghi"))) + goto err; + /* OCTET pointer */ + vp = &l; + sz = 0; + if (!TEST_ptr(p = locate(params, "octptr")) + || !TEST_true(OSSL_PARAM_set_octet_ptr(p, &ul, sizeof(ul))) + || !TEST_size_t_eq(sz, sizeof(ul)) + || !TEST_ptr_eq(vp, &ul)) + goto err; + /* Match the return size to avoid trailing garbage bytes */ + p->data_size = *p->return_size; + if (!TEST_true(OSSL_PARAM_get_octet_ptr(p, (const void **)&vp2, &k)) + || !TEST_size_t_eq(k, sizeof(ul)) + || !TEST_ptr_eq(vp2, vp)) + goto err; + /* BIGNUM */ + if (!TEST_ptr(p = locate(params, "bignum")) + || !TEST_ptr(bn = BN_lebin2bn(bn_val, (int)sizeof(bn_val), NULL)) + || !TEST_true(OSSL_PARAM_set_BN(p, bn)) + || !TEST_size_t_eq(sz, sizeof(bn_val))) + goto err; + /* Match the return size to avoid trailing garbage bytes */ + p->data_size = *p->return_size; + if(!TEST_true(OSSL_PARAM_get_BN(p, &bn2)) + || !TEST_BN_eq(bn, bn2)) + goto err; + ret = 1; +err: + BN_free(bn); + BN_free(bn2); + return ret; +} + +int setup_tests(void) +{ + ADD_ALL_TESTS(test_param_int, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_long, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_uint, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_ulong, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_int32, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_uint32, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_size_t, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_int64, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_uint64, OSSL_NELEM(raw_values)); + ADD_ALL_TESTS(test_param_bignum, OSSL_NELEM(raw_values)); + ADD_TEST(test_param_real); + ADD_TEST(test_param_construct); + return 1; +} diff --git a/test/provider_internal_test.c b/test/provider_internal_test.c index c423808..8ce382e 100644 --- a/test/provider_internal_test.c +++ b/test/provider_internal_test.c @@ -37,8 +37,8 @@ static int test_provider(OSSL_PROVIDER *prov) ret = TEST_true(ossl_provider_activate(prov)) && TEST_true(ossl_provider_get_params(prov, greeting_request)) - && TEST_ptr(greeting = greeting_request[0].buffer) - && TEST_size_t_gt(greeting_request[0].buffer_size, 0) + && TEST_ptr(greeting = greeting_request[0].data) + && TEST_size_t_gt(greeting_request[0].data_size, 0) && TEST_str_eq(greeting, expected_greeting); ossl_provider_free(prov); diff --git a/test/provider_test.c b/test/provider_test.c index 738cd7b..250eea3 100644 --- a/test/provider_test.c +++ b/test/provider_test.c @@ -33,8 +33,8 @@ static int test_provider(const char *name) return TEST_ptr(prov = OSSL_PROVIDER_load(NULL, name)) && TEST_true(OSSL_PROVIDER_get_params(prov, greeting_request)) - && TEST_ptr(greeting = greeting_request[0].buffer) - && TEST_size_t_gt(greeting_request[0].buffer_size, 0) + && TEST_ptr(greeting = greeting_request[0].data) + && TEST_size_t_gt(greeting_request[0].data_size, 0) && TEST_str_eq(greeting, expected_greeting) && TEST_true(OSSL_PROVIDER_unload(prov)); } diff --git a/test/recipes/03-test_property.t b/test/recipes/03-test_params_api.t similarity index 89% copy from test/recipes/03-test_property.t copy to test/recipes/03-test_params_api.t index 2654215..9e821c9 100644 --- a/test/recipes/03-test_property.t +++ b/test/recipes/03-test_params_api.t @@ -9,4 +9,4 @@ use OpenSSL::Test::Simple; -simple_test("test_property", "property_test"); +simple_test("test_params_api", "params_api_test"); diff --git a/test/testutil.h b/test/testutil.h index ec2f532..7f5db60 100644 --- a/test/testutil.h +++ b/test/testutil.h @@ -255,7 +255,9 @@ DECLARE_COMPARISONS(char, char) DECLARE_COMPARISONS(unsigned char, uchar) DECLARE_COMPARISONS(long, long) DECLARE_COMPARISONS(unsigned long, ulong) +DECLARE_COMPARISONS(double, double) DECLARE_COMPARISONS(time_t, time_t) + /* * Because this comparison uses a printf format specifier that's not * universally known (yet), we provide an option to not have it declared. @@ -406,6 +408,13 @@ void test_perror(const char *s); # define TEST_size_t_gt(a, b) test_size_t_gt(__FILE__, __LINE__, #a, #b, a, b) # define TEST_size_t_ge(a, b) test_size_t_ge(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_double_eq(a, b) test_double_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_double_ne(a, b) test_double_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_double_lt(a, b) test_double_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_double_le(a, b) test_double_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_double_gt(a, b) test_double_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_double_ge(a, b) test_double_ge(__FILE__, __LINE__, #a, #b, a, b) + # define TEST_time_t_eq(a, b) test_time_t_eq(__FILE__, __LINE__, #a, #b, a, b) # define TEST_time_t_ne(a, b) test_time_t_ne(__FILE__, __LINE__, #a, #b, a, b) # define TEST_time_t_lt(a, b) test_time_t_lt(__FILE__, __LINE__, #a, #b, a, b) diff --git a/test/testutil/tests.c b/test/testutil/tests.c index 2ba5b9a..05b0688 100644 --- a/test/testutil/tests.c +++ b/test/testutil/tests.c @@ -213,6 +213,7 @@ DEFINE_COMPARISONS(unsigned char, uchar, "%u") DEFINE_COMPARISONS(long, long, "%ld") DEFINE_COMPARISONS(unsigned long, ulong, "%lu") DEFINE_COMPARISONS(size_t, size_t, "%zu") +DEFINE_COMPARISONS(double, double, "%g") DEFINE_COMPARISON(void *, ptr, eq, ==, "%p") DEFINE_COMPARISON(void *, ptr, ne, !=, "%p") diff --git a/util/libcrypto.num b/util/libcrypto.num index 974d918..df59f29 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4742,3 +4742,49 @@ OSSL_CRMF_CERTTEMPLATE_get0_issuer 4689 3_0_0 EXIST::FUNCTION:CMP OSSL_CRMF_CERTTEMPLATE_fill 4690 3_0_0 EXIST::FUNCTION:CMP OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert 4691 3_0_0 EXIST::FUNCTION:CMP ERR_load_CRMF_strings 4692 3_0_0 EXIST::FUNCTION:CMP +OSSL_PARAM_locate 4693 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_int 4694 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_uint 4695 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_long 4696 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_ulong 4697 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_int32 4698 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_uint32 4699 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_int64 4700 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_uint64 4701 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_size_t 4702 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_BN 4703 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_double 4704 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_utf8_string 4705 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_utf8_ptr 4706 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_octet_string 4707 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_construct_octet_ptr 4708 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_int 4709 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_uint 4710 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_long 4711 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_ulong 4712 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_int32 4713 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_uint32 4714 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_int64 4715 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_uint64 4716 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_size_t 4717 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_int 4718 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_uint 4719 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_long 4720 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_ulong 4721 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_int32 4722 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_uint32 4723 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_int64 4724 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_uint64 4725 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_size_t 4726 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_double 4727 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_double 4728 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_BN 4729 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_BN 4730 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_utf8_string 4731 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_utf8_string 4732 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_octet_string 4733 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_octet_string 4734 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_utf8_ptr 4735 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_utf8_ptr 4736 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_get_octet_ptr 4737 3_0_0 EXIST::FUNCTION: +OSSL_PARAM_set_octet_ptr 4738 3_0_0 EXIST::FUNCTION: diff --git a/util/private.num b/util/private.num index cb1997a..1fbc160 100644 --- a/util/private.num +++ b/util/private.num @@ -323,6 +323,21 @@ OpenSSL_add_all_algorithms define deprecated 1.1.0 OpenSSL_add_all_ciphers define deprecated 1.1.0 OpenSSL_add_all_digests define deprecated 1.1.0 OpenSSL_add_ssl_algorithms define +OSSL_PARAM_utf8_ptr define +OSSL_PARAM_SIZED_BN define +OSSL_PARAM_TYPE generic +OSSL_PARAM_construct_TYPE generic +OSSL_PARAM_octet_string define +OSSL_PARAM_SIZED_octet_ptr define +OSSL_PARAM_utf8_string define +OSSL_PARAM_octet_ptr define +OSSL_PARAM_SIZED_utf8_ptr define +OSSL_PARAM_SIZED_utf8_string define +OSSL_PARAM_SIZED_TYPE generic +OSSL_PARAM_get_TYPE generic +OSSL_PARAM_END define +OSSL_PARAM_set_TYPE generic +OSSL_PARAM_SIZED_octet_string define PEM_FLAG_EAY_COMPATIBLE define PEM_FLAG_ONLY_B64 define PEM_FLAG_SECURE define From no-reply at appveyor.com Tue Mar 12 18:23:54 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 18:23:54 +0000 Subject: Build failed: openssl master.23392 Message-ID: <20190312182354.1.9C2B8A875A62390E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Mar 12 18:48:35 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 18:48:35 +0000 Subject: Build completed: openssl master.23393 Message-ID: <20190312184835.1.E1EEDB2D4EB59361@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Tue Mar 12 18:45:28 2019 From: builds at travis-ci.org (Travis CI) Date: Tue, 12 Mar 2019 18:45:28 +0000 Subject: Passed: openssl/openssl#23990 (master - e2146e1) In-Reply-To: Message-ID: <5c87fe47bee9c_43fef075147a4186223@52217ee3-2907-44fd-8eb8-9fb4b52ef080.mail> Build Update for openssl/openssl ------------------------------------- Build: #23990 Status: Passed Duration: 27 mins and 4 secs Commit: e2146e1 (master) Author: Richard Levitte Message: Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR In unrelated code Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8451) View the changeset: https://github.com/openssl/openssl/compare/a61b7f2fa6de...e2146e120f5b View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505367108?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Mar 12 19:26:28 2019 From: levitte at openssl.org (Richard Levitte) Date: Tue, 12 Mar 2019 19:26:28 +0000 Subject: [openssl] master update Message-ID: <1552418788.177963.9509.nullmailer@dev.openssl.org> The branch master has been updated via 9e11fe0d85c7d8bd2b77076c8b2e93433091e765 (commit) via 099bd33920e775eb75f4daee5f09b24f17bc136d (commit) via 85e2417c0d81cfe97586b74c410ef37595aea72d (commit) from e2146e120f5bab21dcedfb34741141897f80e1ee (commit) - Log ----------------------------------------------------------------- commit 9e11fe0d85c7d8bd2b77076c8b2e93433091e765 Author: Richard Levitte Date: Mon Feb 25 01:59:02 2019 +0100 Replumbing: Add constructor of libcrypto internal method structures This queries the provider for its available functionality (unless a matching method structured is already cached, in which case that's used instead), and creates method structure with the help of a passed constructor. The result is cached if the provider allows it (or if caching is forced). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8340) commit 099bd33920e775eb75f4daee5f09b24f17bc136d Author: Richard Levitte Date: Mon Feb 25 01:57:28 2019 +0100 Replumbing: Add support for the provider query_operation function Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8340) commit 85e2417c0d81cfe97586b74c410ef37595aea72d Author: Richard Levitte Date: Mon Feb 25 01:53:34 2019 +0100 Replumbing: Add an OSSL_PROVIDER iterator with callback Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8340) ----------------------------------------------------------------------- Summary of changes: crypto/build.info | 2 +- crypto/core_fetch.c | 97 ++++++++++++++++++++ crypto/provider_core.c | 37 ++++++++ doc/internal/man3/ossl_method_construct.pod | 133 ++++++++++++++++++++++++++++ doc/internal/man3/ossl_provider_new.pod | 23 ++++- include/internal/core.h | 52 +++++++++++ include/internal/provider.h | 9 ++ include/openssl/core_numbers.h | 4 + 8 files changed, 354 insertions(+), 3 deletions(-) create mode 100644 crypto/core_fetch.c create mode 100644 doc/internal/man3/ossl_method_construct.pod create mode 100644 include/internal/core.h diff --git a/crypto/build.info b/crypto/build.info index 6497c2f..39cd91b 100644 --- a/crypto/build.info +++ b/crypto/build.info @@ -9,7 +9,7 @@ SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 x509v3 conf \ LIBS=../libcrypto # The Core -SOURCE[../libcrypto]=provider_core.c +SOURCE[../libcrypto]=provider_core.c core_fetch.c # Central utilities SOURCE[../libcrypto]=\ diff --git a/crypto/core_fetch.c b/crypto/core_fetch.c new file mode 100644 index 0000000..d2d7766 --- /dev/null +++ b/crypto/core_fetch.c @@ -0,0 +1,97 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#include +#include "internal/cryptlib.h" +#include "internal/core.h" +#include "internal/property.h" +#include "internal/provider.h" + +struct construct_data_st { + OPENSSL_CTX *libctx; + OSSL_METHOD_STORE *store; + int operation_id; + int force_store; + OSSL_METHOD_CONSTRUCT_METHOD *mcm; + void *mcm_data; +}; + +static int ossl_method_construct_this(OSSL_PROVIDER *provider, void *cbdata) +{ + struct construct_data_st *data = cbdata; + int no_store = 0; /* Assume caching is ok */ + const OSSL_ALGORITHM *map = + ossl_provider_query_operation(provider, data->operation_id, &no_store); + + while (map->algorithm_name != NULL) { + const OSSL_ALGORITHM *thismap = map++; + void *method = NULL; + + if ((method = data->mcm->construct(thismap->implementation, provider, + data->mcm_data)) == NULL) + continue; + + if (data->force_store || !no_store) { + /* + * If we haven't been told not to store, + * add to the global store + */ + if (!data->mcm->put(data->libctx, NULL, + thismap->property_definition, + method, data->mcm_data)) { + data->mcm->destruct(method); + continue; + } + } + + if (!data->mcm->put(data->libctx, data->store, + thismap->property_definition, + method, data->mcm_data)) { + data->mcm->destruct(method); + continue; + } + } + + return 1; +} + +void *ossl_method_construct(OPENSSL_CTX *libctx, int operation_id, + const char *name, const char *propquery, + int force_store, + OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data) +{ + void *method = NULL; + + if ((method = mcm->get(libctx, NULL, propquery, mcm_data)) == NULL) { + struct construct_data_st cbdata; + + /* + * We have a temporary store to be able to easily search among new + * items, or items that should find themselves in the global store. + */ + if ((cbdata.store = mcm->alloc_tmp_store()) == NULL) + goto fin; + + cbdata.libctx = libctx; + cbdata.operation_id = operation_id; + cbdata.force_store = force_store; + cbdata.mcm = mcm; + cbdata.mcm_data = mcm_data; + ossl_provider_forall_loaded(libctx, ossl_method_construct_this, + &cbdata); + + method = mcm->get(libctx, cbdata.store, propquery, mcm_data); + mcm->dealloc_tmp_store(cbdata.store); + } + + fin: + return method; +} diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 05a6bff..fb4be55 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -39,6 +39,7 @@ struct ossl_provider_st { OSSL_provider_teardown_fn *teardown; OSSL_provider_get_param_types_fn *get_param_types; OSSL_provider_get_params_fn *get_params; + OSSL_provider_query_operation_fn *query_operation; }; DEFINE_STACK_OF(OSSL_PROVIDER) @@ -319,6 +320,10 @@ int ossl_provider_activate(OSSL_PROVIDER *prov) prov->get_params = OSSL_get_provider_get_params(provider_dispatch); break; + case OSSL_FUNC_PROVIDER_QUERY_OPERATION: + prov->query_operation = + OSSL_get_provider_query_operation(provider_dispatch); + break; } } @@ -328,6 +333,30 @@ int ossl_provider_activate(OSSL_PROVIDER *prov) return 1; } +int ossl_provider_forall_loaded(OPENSSL_CTX *ctx, + int (*cb)(OSSL_PROVIDER *provider, + void *cbdata), + void *cbdata) +{ + int ret = 1; + int i; + struct provider_store_st *store = get_provider_store(ctx); + + if (store != NULL) { + CRYPTO_THREAD_read_lock(store->lock); + for (i = 0; i < sk_OSSL_PROVIDER_num(store->providers); i++) { + OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(store->providers, i); + + if (prov->flag_initialized + && !(ret = cb(prov, cbdata))) + break; + } + CRYPTO_THREAD_unlock(store->lock); + } + + return ret; +} + /* Getters of Provider Object data */ const char *ossl_provider_name(OSSL_PROVIDER *prov) { @@ -368,6 +397,14 @@ int ossl_provider_get_params(const OSSL_PROVIDER *prov, return prov->get_params == NULL ? 0 : prov->get_params(prov, params); } + +const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov, + int operation_id, + int *no_cache) +{ + return prov->query_operation(prov, operation_id, no_cache); +} + /*- * Core functions for the provider * =============================== diff --git a/doc/internal/man3/ossl_method_construct.pod b/doc/internal/man3/ossl_method_construct.pod new file mode 100644 index 0000000..e91cfcd --- /dev/null +++ b/doc/internal/man3/ossl_method_construct.pod @@ -0,0 +1,133 @@ +=pod + +=head1 NAME + +OSSL_METHOD_CONSTRUCT_METHOD, ossl_method_construct +- generic method constructor + +=head1 SYNOPSIS + + #include "internal/core.h" + + struct ossl_method_construct_method_st { + /* Create store */ + void *(*alloc_tmp_store)(void); + /* Remove a store */ + void (*dealloc_tmp_store)(void *store); + /* Get an already existing method from a store */ + void *(*get)(OPENSSL_CTX *libctx, void *store, const char *propquery, + void *data); + /* Store a method in a store */ + int (*put)(OPENSSL_CTX *libctx, void *store, const char *propdef, + void *method, void *data); + /* Construct a new method */ + void *(*construct)(const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov, + void *data); + /* Destruct a method */ + void (*destruct)(void *method); + }; + typedef struct ossl_method_construct_method OSSL_METHOD_CONSTRUCT_METHOD; + + void *ossl_method_construct(OPENSSL_CTX *ctx, int operation_id, + const char *name, const char *properties, + int force_cache, + OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); + +=head1 DESCRIPTION + +All libcrypto sub-systems that want to create their own methods based +on provider dispatch tables need to do so in exactly the same way. +ossl_method_construct() does this while leaving it to the sub-systems +to define more precisely how the methods are created, stored, etc. + +=head2 Functions + +ossl_method_construct() creates a method by asking all available +providers for a dispatch table given an C, an algorithm +C and a set of C, and then calling appropriate +functions given by the sub-system specific method creator through +C and the data in C (which is passed by +ossl_method_construct()). + +=head2 Structures + +A central part of constructing a sub-system specific method is to give +ossl_method_construct a set of functions, all in the +C structure, which holds the following +function pointers: + +=over 4 + +=item alloc_tmp_store() + +Create a temporary method store. +This store is used to temporarily store methods for easier lookup, for +when the provider doesn't want its dispatch table stored in a longer +term cache. + +=item dealloc_tmp_store() + +Remove a temporary store. + +=item get() + +Look up an already existing method from a store. + +The store may be given with C. +B is a valid value and means that a sub-system default store +must be used. +This default store should be stored in the library context C. + +The method to be looked up should be identified with data from C +(which is the C that was passed to ossl_construct_method()) +and the provided property query C. + +=item put() + +Places the C created by the construct() function (see below) +in a store. + +The store may be given with C. +B is a valid value and means that a sub-system default store +must be used. +This default store should be stored in the library context C. + +The method should be associated with the given property definition +C and any identification data given through C (which is +the C that was passed to ossl_construct_method()). + +=item construct() + +Constructs a sub-system method given a dispatch table C. + +The associated I C is passed as well, to make +it possible for the sub-system constructor to keep a reference, which +is recommended. +If such a reference is kept, the I reference counter +must be incremented, using ossl_provider_upref(). + +=item desctruct() + +Destruct the given C. + +=back + +=head1 RETURN VALUES + +ossl_method_construct() returns a constructed method on success, or +B on error. + +=head1 HISTORY + +This functionality was added to OpenSSL 3.0.0. + +=head1 COPYRIGHT + +Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use this +file except in compliance with the License. You can obtain a copy in the file +LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/internal/man3/ossl_provider_new.pod b/doc/internal/man3/ossl_provider_new.pod index 79964d6..7633e0e 100644 --- a/doc/internal/man3/ossl_provider_new.pod +++ b/doc/internal/man3/ossl_provider_new.pod @@ -4,10 +4,12 @@ ossl_provider_find, ossl_provider_new, ossl_provider_upref, ossl_provider_free, ossl_provider_add_module_location, -ossl_provider_activate, ossl_provider_name, ossl_provider_dso, +ossl_provider_activate, ossl_provider_forall_loaded, +ossl_provider_name, ossl_provider_dso, ossl_provider_module_name, ossl_provider_module_path, ossl_provider_teardown, ossl_provider_get_param_types, -ossl_provider_get_params - internal provider routines +ossl_provider_get_params, ossl_provider_query_operation +- internal provider routines =head1 SYNOPSIS @@ -25,6 +27,12 @@ ossl_provider_get_params - internal provider routines /* Load and initialize the Provider */ int ossl_provider_activate(OSSL_PROVIDER *prov); + /* Iterate over all loaded providers */ + int ossl_provider_forall_loaded(OPENSSL_CTX *, + int (*cb)(OSSL_PROVIDER *provider, + void *cbdata), + void *cbdata); + /* Getters for other library functions */ const char *ossl_provider_name(OSSL_PROVIDER *prov); const DSO *ossl_provider_dso(OSSL_PROVIDER *prov); @@ -36,6 +44,9 @@ ossl_provider_get_params - internal provider routines const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov); int ossl_provider_get_params(const OSSL_PROVIDER *prov, const OSSL_PARAM params[]); + const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov, + int operation_id, + int *no_cache); =head1 DESCRIPTION @@ -102,6 +113,9 @@ be located in that module, and called. =back +ossl_provider_forall_loaded() iterates over all the currently +"activated" providers, and calls C for each of them. + ossl_provider_name() returns the name that was given with ossl_provider_new(). @@ -127,6 +141,11 @@ responder. It should treat the given C array as described in L. +ossl_provider_query_operation() calls the provider's +C function, if the provider has one. +It should return an array of C for the given +C. + =head1 NOTES Locating a provider module happens as follows: diff --git a/include/internal/core.h b/include/internal/core.h new file mode 100644 index 0000000..2f0df37 --- /dev/null +++ b/include/internal/core.h @@ -0,0 +1,52 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OSSL_INTERNAL_CORE_H +# define OSSL_INTERNAL_CORE_H + +/* + * namespaces: + * + * ossl_method_ Core Method API + */ + +/* + * construct an arbitrary method from a dispatch table found by looking + * up a match for the < operation_id, name, property > combination. + * constructor and destructor are the constructor and destructor for that + * arbitrary object. + * + * These objects are normally cached, unless the provider says not to cache. + * However, force_cache can be used to force caching whatever the provider + * says (for example, because the application knows better). + */ +typedef struct ossl_method_construct_method_st { + /* Create store */ + void *(*alloc_tmp_store)(void); + /* Remove a store */ + void (*dealloc_tmp_store)(void *store); + /* Get an already existing method from a store */ + void *(*get)(OPENSSL_CTX *libctx, void *store, const char *propquery, + void *data); + /* Store a method in a store */ + int (*put)(OPENSSL_CTX *libctx, void *store, const char *propdef, + void *method, void *data); + /* Construct a new method */ + void *(*construct)(const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov, + void *data); + /* Destruct a method */ + void (*destruct)(void *method); +} OSSL_METHOD_CONSTRUCT_METHOD; + +void *ossl_method_construct(OPENSSL_CTX *ctx, int operation_id, + const char *name, const char *properties, + int force_cache, + OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); + +#endif diff --git a/include/internal/provider.h b/include/internal/provider.h index 44d1d70..ac70fcc 100644 --- a/include/internal/provider.h +++ b/include/internal/provider.h @@ -42,6 +42,12 @@ int ossl_provider_add_module_location(OSSL_PROVIDER *prov, const char *loc); */ int ossl_provider_activate(OSSL_PROVIDER *prov); +/* Iterate over all loaded providers */ +int ossl_provider_forall_loaded(OPENSSL_CTX *, + int (*cb)(OSSL_PROVIDER *provider, + void *cbdata), + void *cbdata); + /* Getters for other library functions */ const char *ossl_provider_name(OSSL_PROVIDER *prov); const DSO *ossl_provider_dso(OSSL_PROVIDER *prov); @@ -53,6 +59,9 @@ void ossl_provider_teardown(const OSSL_PROVIDER *prov); const OSSL_ITEM *ossl_provider_get_param_types(const OSSL_PROVIDER *prov); int ossl_provider_get_params(const OSSL_PROVIDER *prov, const OSSL_PARAM params[]); +const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov, + int operation_id, + int *no_cache); # ifdef __cplusplus } diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h index cd10938..7be2a2b 100644 --- a/include/openssl/core_numbers.h +++ b/include/openssl/core_numbers.h @@ -67,6 +67,10 @@ OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *, # define OSSL_FUNC_PROVIDER_GET_PARAMS 1026 OSSL_CORE_MAKE_FUNC(int,provider_get_params,(const OSSL_PROVIDER *prov, const OSSL_PARAM params[])) +# define OSSL_FUNC_PROVIDER_QUERY_OPERATION 1027 +OSSL_CORE_MAKE_FUNC(const OSSL_ALGORITHM *,provider_query_operation, + (const OSSL_PROVIDER *, int operation_id, + const int *no_store)) # ifdef __cplusplus From no-reply at appveyor.com Tue Mar 12 19:32:02 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 19:32:02 +0000 Subject: Build failed: openssl master.23396 Message-ID: <20190312193202.1.7730DB4D1286D1D4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Mar 12 19:38:26 2019 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 12 Mar 2019 19:38:26 +0000 Subject: Build completed: openssl master.23397 Message-ID: <20190312193826.1.3A255140E4B132C8@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Mar 13 00:07:13 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 13 Mar 2019 00:07:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cmac Message-ID: <1552435633.492137.15340.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cmac Commit log since last time: 9e11fe0d85 Replumbing: Add constructor of libcrypto internal method structures 099bd33920 Replumbing: Add support for the provider query_operation function 85e2417c0d Replumbing: Add an OSSL_PROVIDER iterator with callback e2146e120f Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR eabf91cd11 generated files 7ffbd7ca96 OSSL_PARAM helper functions. 8c4412ed8f Rename 'buffer' to 'data' in OSSL_PARAM a61b7f2fa6 2nd chunk: CRMF code (crypto/crmf/, ) and its integration in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num 2a3b52eacd Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712) eef721b0d0 added generated files 8240d5fa65 FIPS 186-4 RSA Generation & Validation Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_mac.t (Wstat: 512 Tests: 10 Failed: 1) Failed test: 3 Non-zero exit status: 2 Parse errors: Bad plan. You planned 18 tests but ran 10. Files=167, Tests=1477, 251 wallclock secs ( 2.78 usr 0.32 sys + 226.99 cusr 11.57 csys = 241.66 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-cmac' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Mar 13 01:29:35 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 13 Mar 2019 01:29:35 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso Message-ID: <1552440575.806472.5493.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 9e11fe0d85 Replumbing: Add constructor of libcrypto internal method structures 099bd33920 Replumbing: Add support for the provider query_operation function 85e2417c0d Replumbing: Add an OSSL_PROVIDER iterator with callback e2146e120f Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR eabf91cd11 generated files 7ffbd7ca96 OSSL_PARAM helper functions. 8c4412ed8f Rename 'buffer' to 'data' in OSSL_PARAM a61b7f2fa6 2nd chunk: CRMF code (crypto/crmf/, ) and its integration in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num 2a3b52eacd Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712) eef721b0d0 added generated files 8240d5fa65 FIPS 186-4 RSA Generation & Validation Build log ended with (last 100 lines): ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t ................ skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t ............ skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t ............. skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .............. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ............... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ........... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ............... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t ............. skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t ............. skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .............. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t ................ skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .............. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .............. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t ................. skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t ............ skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t ................. skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t ................. skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ skipped: Test only supported in a dso build ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/02-test_internal_provider.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 ../../openssl/test/recipes/04-test_provider.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=167, Tests=1290, 234 wallclock secs ( 0.80 usr 0.31 sys + 220.03 cusr 10.01 csys = 231.15 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dso' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From yang.yang at baishancloud.com Wed Mar 13 07:54:13 2019 From: yang.yang at baishancloud.com (yang.yang at baishancloud.com) Date: Wed, 13 Mar 2019 07:54:13 +0000 Subject: [openssl] master update Message-ID: <1552463653.568134.7553.nullmailer@dev.openssl.org> The branch master has been updated via 8267becb8b2e3b5ec4d46e3df5656b747930be79 (commit) from 9e11fe0d85c7d8bd2b77076c8b2e93433091e765 (commit) - Log ----------------------------------------------------------------- commit 8267becb8b2e3b5ec4d46e3df5656b747930be79 Author: ?? Date: Fri Oct 26 21:34:08 2018 +0800 Support SM2 certificate verification Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/8321) ----------------------------------------------------------------------- Summary of changes: apps/verify.c | 45 +++++++++++++-- crypto/asn1/a_verify.c | 3 +- crypto/err/openssl.txt | 2 + crypto/include/internal/x509_int.h | 5 +- crypto/objects/obj_dat.h | 15 +++-- crypto/objects/obj_mac.num | 1 + crypto/objects/obj_xref.h | 2 + crypto/objects/obj_xref.txt | 2 + crypto/objects/objects.txt | 2 + crypto/sm2/sm2_pmeth.c | 4 ++ crypto/x509/x509_err.c | 4 +- crypto/x509/x_all.c | 110 +++++++++++++++++++++++++++++++++++++ crypto/x509/x_x509.c | 12 ++++ fuzz/oids.txt | 1 + include/openssl/obj_mac.h | 5 ++ include/openssl/x509.h | 3 + include/openssl/x509err.h | 2 + util/libcrypto.num | 2 + 18 files changed, 206 insertions(+), 14 deletions(-) diff --git a/apps/verify.c b/apps/verify.c index 2f66912..fcd10dd 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -21,7 +21,8 @@ static int cb(int ok, X509_STORE_CTX *ctx); static int check(X509_STORE *ctx, const char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, - STACK_OF(X509_CRL) *crls, int show_chain); + STACK_OF(X509_CRL) *crls, int show_chain, + unsigned char *sm2id, size_t sm2idlen); static int v_verbose = 0, vflags = 0; typedef enum OPTION_choice { @@ -29,7 +30,7 @@ typedef enum OPTION_choice { OPT_ENGINE, OPT_CAPATH, OPT_CAFILE, OPT_NOCAPATH, OPT_NOCAFILE, OPT_UNTRUSTED, OPT_TRUSTED, OPT_CRLFILE, OPT_CRL_DOWNLOAD, OPT_SHOW_CHAIN, OPT_V_ENUM, OPT_NAMEOPT, - OPT_VERBOSE + OPT_VERBOSE, OPT_SM2ID, OPT_SM2HEXID } OPTION_CHOICE; const OPTIONS verify_options[] = { @@ -57,6 +58,12 @@ const OPTIONS verify_options[] = { #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, #endif +#ifndef OPENSSL_NO_SM2 + {"sm2-id", OPT_SM2ID, 's', + "Specify an ID string to verify an SM2 certificate"}, + {"sm2-hex-id", OPT_SM2HEXID, 's', + "Specify a hex ID string to verify an SM2 certificate"}, +#endif {NULL} }; @@ -71,6 +78,8 @@ int verify_main(int argc, char **argv) int noCApath = 0, noCAfile = 0; int vpmtouched = 0, crl_download = 0, show_chain = 0, i = 0, ret = 1; OPTION_CHOICE o; + unsigned char *sm2_id = NULL; + size_t sm2_idlen = 0; if ((vpm = X509_VERIFY_PARAM_new()) == NULL) goto end; @@ -158,6 +167,19 @@ int verify_main(int argc, char **argv) case OPT_VERBOSE: v_verbose = 1; break; + case OPT_SM2ID: + /* we assume the input is not a hex string */ + sm2_id = (unsigned char *)opt_arg(); + sm2_idlen = strlen((const char *)sm2_id); + break; + case OPT_SM2HEXID: + /* try to parse the input as hex string first */ + sm2_id = OPENSSL_hexstr2buf(opt_arg(), (long *)&sm2_idlen); + if (sm2_id == NULL) { + BIO_printf(bio_err, "Invalid hex string input\n"); + goto end; + } + break; } } argc = opt_num_rest(); @@ -183,12 +205,13 @@ int verify_main(int argc, char **argv) ret = 0; if (argc < 1) { - if (check(store, NULL, untrusted, trusted, crls, show_chain) != 1) + if (check(store, NULL, untrusted, trusted, crls, show_chain, + sm2_id, sm2_idlen) != 1) ret = -1; } else { for (i = 0; i < argc; i++) if (check(store, argv[i], untrusted, trusted, crls, - show_chain) != 1) + show_chain, sm2_id, sm2_idlen) != 1) ret = -1; } @@ -204,7 +227,8 @@ int verify_main(int argc, char **argv) static int check(X509_STORE *ctx, const char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, - STACK_OF(X509_CRL) *crls, int show_chain) + STACK_OF(X509_CRL) *crls, int show_chain, + unsigned char *sm2id, size_t sm2idlen) { X509 *x = NULL; int i = 0, ret = 0; @@ -216,6 +240,17 @@ static int check(X509_STORE *ctx, const char *file, if (x == NULL) goto end; + if (sm2id != NULL) { +#ifndef OPENSSL_NO_SM2 + ASN1_OCTET_STRING v; + + v.data = sm2id; + v.length = sm2idlen; + + X509_set_sm2_id(x, &v); +#endif + } + csc = X509_STORE_CTX_new(); if (csc == NULL) { printf("error %s: X.509 store context allocation failed\n", diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 1f24583..d26c523 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -94,7 +94,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, int mdnid, pknid; size_t inll = 0; - if (!pkey) { + if (pkey == NULL) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); return -1; } @@ -150,7 +150,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ret = 0; goto err; } - } inl = ASN1_item_i2d(asn, &buf_in, it); diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index cb58f42..7c915d4 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1834,8 +1834,10 @@ X509_F_X509_STORE_NEW:158:X509_STORE_new X509_F_X509_TO_X509_REQ:126:X509_to_X509_REQ X509_F_X509_TRUST_ADD:133:X509_TRUST_add X509_F_X509_TRUST_SET:141:X509_TRUST_set +X509_F_X509_VERIFY:161:X509_verify X509_F_X509_VERIFY_CERT:127:X509_verify_cert X509_F_X509_VERIFY_PARAM_NEW:159:X509_VERIFY_PARAM_new +X509_F_X509_VERIFY_SM2:162:x509_verify_sm2 #Reason codes ASN1_R_ADDING_OBJECT:171:adding object diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index 82d7bbf..93f923e 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -175,7 +175,7 @@ struct x509_st { STACK_OF(DIST_POINT) *crldp; STACK_OF(GENERAL_NAME) *altname; NAME_CONSTRAINTS *nc; -#ifndef OPENSSL_NO_RFC3779 +# ifndef OPENSSL_NO_RFC3779 STACK_OF(IPAddressFamily) *rfc3779_addr; struct ASIdentifiers_st *rfc3779_asid; # endif @@ -183,6 +183,9 @@ struct x509_st { X509_CERT_AUX *aux; CRYPTO_RWLOCK *lock; volatile int ex_cached; +# ifndef OPENSSL_NO_SM2 + ASN1_OCTET_STRING sm2_id; +# endif } /* X509 */ ; /* diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index e7c59d6..913e107 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[7767] = { +static const unsigned char so[7775] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1077,9 +1077,10 @@ static const unsigned char so[7767] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0C, /* [ 7745] OBJ_hmacWithSHA512_224 */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D, /* [ 7753] OBJ_hmacWithSHA512_256 */ 0x28,0xCC,0x45,0x03,0x04, /* [ 7761] OBJ_gmac */ + 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75, /* [ 7766] OBJ_SM2_with_SM3 */ }; -#define NUM_NID 1204 +#define NUM_NID 1205 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2285,9 +2286,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"BLAKE2BMAC", "blake2bmac", NID_blake2bmac}, {"BLAKE2SMAC", "blake2smac", NID_blake2smac}, {"SSHKDF", "sshkdf", NID_sshkdf}, + {"SM2-SM3", "SM2-with-SM3", NID_SM2_with_SM3, 8, &so[7766]}, }; -#define NUM_SN 1195 +#define NUM_SN 1196 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2561,6 +2563,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1100, /* "SHAKE128" */ 1101, /* "SHAKE256" */ 1172, /* "SM2" */ + 1204, /* "SM2-SM3" */ 1143, /* "SM3" */ 1134, /* "SM4-CBC" */ 1137, /* "SM4-CFB" */ @@ -3486,7 +3489,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1093, /* "x509ExtAdmission" */ }; -#define NUM_LN 1195 +#define NUM_LN 1196 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3642,6 +3645,7 @@ static const unsigned int ln_objs[NUM_LN] = { 1119, /* "RSA-SHA3-512" */ 188, /* "S/MIME" */ 167, /* "S/MIME Capabilities" */ + 1204, /* "SM2-with-SM3" */ 1006, /* "SNILS" */ 387, /* "SNMPv2" */ 1025, /* "SSH Client" */ @@ -4685,7 +4689,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1072 +#define NUM_OBJ 1073 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5155,6 +5159,7 @@ static const unsigned int obj_objs[NUM_OBJ] = { 1139, /* OBJ_sm4_ctr 1 2 156 10197 1 104 7 */ 1172, /* OBJ_sm2 1 2 156 10197 1 301 */ 1143, /* OBJ_sm3 1 2 156 10197 1 401 */ + 1204, /* OBJ_SM2_with_SM3 1 2 156 10197 1 501 */ 1144, /* OBJ_sm3WithRSAEncryption 1 2 156 10197 1 504 */ 776, /* OBJ_seed_ecb 1 2 410 200004 1 3 */ 777, /* OBJ_seed_cbc 1 2 410 200004 1 4 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 623e7e8..cfd06d4 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1201,3 +1201,4 @@ aes_256_siv 1200 blake2bmac 1201 blake2smac 1202 sshkdf 1203 +SM2_with_SM3 1204 diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index 1c2a063..2a02a93 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -79,6 +79,7 @@ static const nid_triple sigoid_srt[] = { {NID_RSA_SHA3_256, NID_sha3_256, NID_rsaEncryption}, {NID_RSA_SHA3_384, NID_sha3_384, NID_rsaEncryption}, {NID_RSA_SHA3_512, NID_sha3_512, NID_rsaEncryption}, + {NID_SM2_with_SM3, NID_sm3, NID_sm2}, }; static const nid_triple *const sigoid_srt_xref[] = { @@ -125,4 +126,5 @@ static const nid_triple *const sigoid_srt_xref[] = { &sigoid_srt[45], &sigoid_srt[46], &sigoid_srt[47], + &sigoid_srt[48], }; diff --git a/crypto/objects/obj_xref.txt b/crypto/objects/obj_xref.txt index ca3e744..f3dd8ed 100644 --- a/crypto/objects/obj_xref.txt +++ b/crypto/objects/obj_xref.txt @@ -64,3 +64,5 @@ dhSinglePass_cofactorDH_sha224kdf_scheme sha224 dh_cofactor_kdf dhSinglePass_cofactorDH_sha256kdf_scheme sha256 dh_cofactor_kdf dhSinglePass_cofactorDH_sha384kdf_scheme sha384 dh_cofactor_kdf dhSinglePass_cofactorDH_sha512kdf_scheme sha512 dh_cofactor_kdf + +SM2_with_SM3 sm3 sm2 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index cb0b99c..78ebff6 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -394,6 +394,8 @@ sm-scheme 301 : SM2 : sm2 sm-scheme 401 : SM3 : sm3 sm-scheme 504 : RSA-SM3 : sm3WithRSAEncryption +sm-scheme 501 : SM2-SM3 : SM2-with-SM3 + # From RFC4231 rsadsi 2 8 : : hmacWithSHA224 rsadsi 2 9 : : hmacWithSHA256 diff --git a/crypto/sm2/sm2_pmeth.c b/crypto/sm2/sm2_pmeth.c index fecdc28..8c81ca3 100644 --- a/crypto/sm2/sm2_pmeth.c +++ b/crypto/sm2/sm2_pmeth.c @@ -220,6 +220,10 @@ static int pkey_sm2_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) *(size_t *)p2 = smctx->id_len; return 1; + case EVP_PKEY_CTRL_DIGESTINIT: + /* nothing to be inited, this is to suppress the error... */ + return 1; + default: return -2; } diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c index 1c753f5..fbd2cf8 100644 --- a/crypto/x509/x509_err.c +++ b/crypto/x509/x509_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -104,9 +104,11 @@ static const ERR_STRING_DATA X509_str_functs[] = { {ERR_PACK(ERR_LIB_X509, X509_F_X509_TO_X509_REQ, 0), "X509_to_X509_REQ"}, {ERR_PACK(ERR_LIB_X509, X509_F_X509_TRUST_ADD, 0), "X509_TRUST_add"}, {ERR_PACK(ERR_LIB_X509, X509_F_X509_TRUST_SET, 0), "X509_TRUST_set"}, + {ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY, 0), "X509_verify"}, {ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY_CERT, 0), "X509_verify_cert"}, {ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY_PARAM_NEW, 0), "X509_VERIFY_PARAM_new"}, + {ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY_SM2, 0), "x509_verify_sm2"}, {0, NULL} }; diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index dca138c..afcf0b7 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -19,10 +19,120 @@ #include #include +#ifndef OPENSSL_NO_SM2 + +# include "internal/asn1_int.h" +# include "internal/evp_int.h" + +static int x509_verify_sm2(X509 *x, EVP_PKEY *pkey, int mdnid, int pknid) +{ + EVP_MD_CTX *ctx = NULL; + unsigned char *buf_in = NULL; + int ret = -1, inl = 0; + size_t inll = 0; + EVP_PKEY_CTX *pctx = NULL; + const EVP_MD *type = EVP_get_digestbynid(mdnid); + + if (type == NULL) { + X509err(X509_F_X509_VERIFY_SM2, + ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + goto err; + } + + if (pkey == NULL) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_PASSED_NULL_PARAMETER); + return -1; + } + + if (x->signature.type == V_ASN1_BIT_STRING && x->signature.flags & 0x7) { + X509err(X509_F_X509_VERIFY_SM2, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); + return -1; + } + + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_MALLOC_FAILURE); + goto err; + } + + /* Check public key OID matches public key type */ + if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) { + X509err(X509_F_X509_VERIFY_SM2, ASN1_R_WRONG_PUBLIC_KEY_TYPE); + goto err; + } + + if (!EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_EVP_LIB); + ret = 0; + goto err; + } + pctx = EVP_PKEY_CTX_new(pkey, NULL); + if (pctx == NULL) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_EVP_LIB); + ret = 0; + goto err; + } + if (EVP_PKEY_CTX_set1_id(pctx, x->sm2_id.data, x->sm2_id.length) != 1) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_EVP_LIB); + ret = 0; + goto err; + } + EVP_MD_CTX_set_pkey_ctx(ctx, pctx); + + if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_EVP_LIB); + ret = 0; + goto err; + } + + inl = ASN1_item_i2d((ASN1_VALUE *)&x->cert_info, &buf_in, + ASN1_ITEM_rptr(X509_CINF)); + if (inl <= 0) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_INTERNAL_ERROR); + goto err; + } + if (buf_in == NULL) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_MALLOC_FAILURE); + goto err; + } + inll = inl; + + ret = EVP_DigestVerify(ctx, x->signature.data, + (size_t)x->signature.length, buf_in, inl); + if (ret <= 0) { + X509err(X509_F_X509_VERIFY_SM2, ERR_R_EVP_LIB); + goto err; + } + ret = 1; + err: + OPENSSL_clear_free(buf_in, inll); + EVP_MD_CTX_free(ctx); + EVP_PKEY_CTX_free(pctx); + return ret; +} +#endif + int X509_verify(X509 *a, EVP_PKEY *r) { +#ifndef OPENSSL_NO_SM2 + int mdnid, pknid; +#endif + if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature)) return 0; + +#ifndef OPENSSL_NO_SM2 + /* Convert signature OID into digest and public key OIDs */ + if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->sig_alg.algorithm), + &mdnid, &pknid)) { + X509err(X509_F_X509_VERIFY, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); + return 0; + } + + if (pknid == NID_sm2) + return x509_verify_sm2(a, r, mdnid, pknid); +#endif + return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg, &a->signature, &a->cert_info, r)); } diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 54d015b..901a3e6 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -244,3 +244,15 @@ int X509_get_signature_nid(const X509 *x) { return OBJ_obj2nid(x->sig_alg.algorithm); } + +#ifndef OPENSSL_NO_SM2 +void X509_set_sm2_id(X509 *x, ASN1_OCTET_STRING *sm2_id) +{ + x->sm2_id = *sm2_id; +} + +ASN1_OCTET_STRING *X509_get0_sm2_id(X509 *x) +{ + return &x->sm2_id; +} +#endif diff --git a/fuzz/oids.txt b/fuzz/oids.txt index 79a68fc..3bb9cb5 100644 --- a/fuzz/oids.txt +++ b/fuzz/oids.txt @@ -1064,3 +1064,4 @@ OBJ_id_tc26_gost_3410_2012_256_paramSetD="\x2A\x85\x03\x07\x01\x02\x01\x01\x04" OBJ_hmacWithSHA512_224="\x2A\x86\x48\x86\xF7\x0D\x02\x0C" OBJ_hmacWithSHA512_256="\x2A\x86\x48\x86\xF7\x0D\x02\x0D" OBJ_gmac="\x28\xCC\x45\x03\x04" +OBJ_SM2_with_SM3="\x2A\x81\x1C\xCF\x55\x01\x83\x75" diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 80353ad..c8cb5ce 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -1200,6 +1200,11 @@ #define NID_sm3WithRSAEncryption 1144 #define OBJ_sm3WithRSAEncryption OBJ_sm_scheme,504L +#define SN_SM2_with_SM3 "SM2-SM3" +#define LN_SM2_with_SM3 "SM2-with-SM3" +#define NID_SM2_with_SM3 1204 +#define OBJ_SM2_with_SM3 OBJ_sm_scheme,501L + #define LN_hmacWithSHA224 "hmacWithSHA224" #define NID_hmacWithSHA224 798 #define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L diff --git a/include/openssl/x509.h b/include/openssl/x509.h index bf127c0..ace3fb0 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -566,6 +566,9 @@ void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x); int X509_get_signature_nid(const X509 *x); +void X509_set_sm2_id(X509 *x, ASN1_OCTET_STRING *sm2_id); +ASN1_OCTET_STRING *X509_get0_sm2_id(X509 *x); + int X509_trusted(const X509 *x); int X509_alias_set1(X509 *x, const unsigned char *name, int len); int X509_keyid_set1(X509 *x, const unsigned char *id, int len); diff --git a/include/openssl/x509err.h b/include/openssl/x509err.h index 64361dc..78d1c89 100644 --- a/include/openssl/x509err.h +++ b/include/openssl/x509err.h @@ -82,8 +82,10 @@ int ERR_load_X509_strings(void); # define X509_F_X509_TO_X509_REQ 126 # define X509_F_X509_TRUST_ADD 133 # define X509_F_X509_TRUST_SET 141 +# define X509_F_X509_VERIFY 161 # define X509_F_X509_VERIFY_CERT 127 # define X509_F_X509_VERIFY_PARAM_NEW 159 +# define X509_F_X509_VERIFY_SM2 162 /* * X509 reason codes. diff --git a/util/libcrypto.num b/util/libcrypto.num index df59f29..817c8bb 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4788,3 +4788,5 @@ OSSL_PARAM_get_utf8_ptr 4735 3_0_0 EXIST::FUNCTION: OSSL_PARAM_set_utf8_ptr 4736 3_0_0 EXIST::FUNCTION: OSSL_PARAM_get_octet_ptr 4737 3_0_0 EXIST::FUNCTION: OSSL_PARAM_set_octet_ptr 4738 3_0_0 EXIST::FUNCTION: +X509_set_sm2_id 4739 3_0_0 EXIST::FUNCTION: +X509_get0_sm2_id 4740 3_0_0 EXIST::FUNCTION: From no-reply at appveyor.com Wed Mar 13 07:58:06 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 07:58:06 +0000 Subject: Build failed: openssl master.23402 Message-ID: <20190313075806.1.F8FDEF5CF5A1CCA9@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Mar 13 08:07:02 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 13 Mar 2019 08:07:02 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-poly1305 Message-ID: <1552464422.300855.23126.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-poly1305 Commit log since last time: 9e11fe0d85 Replumbing: Add constructor of libcrypto internal method structures 099bd33920 Replumbing: Add support for the provider query_operation function 85e2417c0d Replumbing: Add an OSSL_PROVIDER iterator with callback e2146e120f Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR eabf91cd11 generated files 7ffbd7ca96 OSSL_PARAM helper functions. 8c4412ed8f Rename 'buffer' to 'data' in OSSL_PARAM a61b7f2fa6 2nd chunk: CRMF code (crypto/crmf/, ) and its integration in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num 2a3b52eacd Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712) eef721b0d0 added generated files 8240d5fa65 FIPS 186-4 RSA Generation & Validation Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_mac.t (Wstat: 512 Tests: 11 Failed: 1) Failed test: 4 Non-zero exit status: 2 Parse errors: Bad plan. You planned 18 tests but ran 11. Files=167, Tests=1478, 244 wallclock secs ( 2.64 usr 0.42 sys + 224.69 cusr 10.99 csys = 238.74 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-poly1305' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Mar 13 08:09:53 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 08:09:53 +0000 Subject: Build completed: openssl master.23403 Message-ID: <20190313080953.1.86B986BFFF62B1D9@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Wed Mar 13 09:56:25 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 13 Mar 2019 09:56:25 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1552470985.417625.2626.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via cd61ad38b54d22a3d17db9d679c24d9a602cb5d8 (commit) from 191570d0b94c88fa95b3c223456863448d697fce (commit) - Log ----------------------------------------------------------------- commit cd61ad38b54d22a3d17db9d679c24d9a602cb5d8 Author: Matt Caswell Date: Tue Mar 12 10:21:39 2019 +0000 Fix memory leaks in pkread.c demo file Also make various changes to bring the file into line with current coding style. Fixes #8456 Reviewed-by: Paul Dale Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/8457) (cherry picked from commit 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551) ----------------------------------------------------------------------- Summary of changes: demos/pkcs12/pkread.c | 46 +++++++++++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 19 deletions(-) diff --git a/demos/pkcs12/pkread.c b/demos/pkcs12/pkread.c index 3f7913b..32a899f 100644 --- a/demos/pkcs12/pkread.c +++ b/demos/pkcs12/pkread.c @@ -17,7 +17,7 @@ static char *find_friendly_name(PKCS12 *p12) { - STACK_OF(PKCS7) *safes = PKCS12_unpack_authsafes(p12); + STACK_OF(PKCS7) *safes; int n, m; char *name = NULL; PKCS7 *safe; @@ -48,56 +48,64 @@ static char *find_friendly_name(PKCS12 *p12) int main(int argc, char **argv) { FILE *fp; - EVP_PKEY *pkey; - X509 *cert; + EVP_PKEY *pkey = NULL; + X509 *cert = NULL; STACK_OF(X509) *ca = NULL; - PKCS12 *p12; - const char *name; - int i; + PKCS12 *p12 = NULL; + char *name = NULL; + int i, ret = EXIT_FAILURE; if (argc != 4) { fprintf(stderr, "Usage: pkread p12file password opfile\n"); - exit(1); + exit(EXIT_FAILURE); } - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); + if ((fp = fopen(argv[1], "rb")) == NULL) { fprintf(stderr, "Error opening file %s\n", argv[1]); - exit(1); + exit(EXIT_FAILURE); } p12 = d2i_PKCS12_fp(fp, NULL); fclose(fp); - if (!p12) { + if (p12 == NULL) { fprintf(stderr, "Error reading PKCS#12 file\n"); ERR_print_errors_fp(stderr); - exit(1); + goto err; } if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) { fprintf(stderr, "Error parsing PKCS#12 file\n"); ERR_print_errors_fp(stderr); - exit(1); + goto err; } name = find_friendly_name(p12); PKCS12_free(p12); if ((fp = fopen(argv[3], "w")) == NULL) { fprintf(stderr, "Error opening file %s\n", argv[1]); - exit(1); + goto err; } - if (name) + if (name != NULL) fprintf(fp, "***Friendly Name***\n%s\n", name); - if (pkey) { + if (pkey != NULL) { fprintf(fp, "***Private Key***\n"); PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL); } - if (cert) { + if (cert != NULL) { fprintf(fp, "***User Certificate***\n"); PEM_write_X509_AUX(fp, cert); } - if (ca && sk_X509_num(ca)) { + if (ca != NULL && sk_X509_num(ca) > 0) { fprintf(fp, "***Other Certificates***\n"); for (i = 0; i < sk_X509_num(ca); i++) PEM_write_X509_AUX(fp, sk_X509_value(ca, i)); } fclose(fp); - return 0; + + ret = EXIT_SUCCESS; + + err: + OPENSSL_free(name); + X509_free(cert); + EVP_PKEY_free(pkey); + sk_X509_pop_free(ca, X509_free); + + return ret; } From matt at openssl.org Wed Mar 13 09:56:33 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 13 Mar 2019 09:56:33 +0000 Subject: [openssl] master update Message-ID: <1552470993.310488.3521.nullmailer@dev.openssl.org> The branch master has been updated via 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551 (commit) from 8267becb8b2e3b5ec4d46e3df5656b747930be79 (commit) - Log ----------------------------------------------------------------- commit 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551 Author: Matt Caswell Date: Tue Mar 12 10:21:39 2019 +0000 Fix memory leaks in pkread.c demo file Also make various changes to bring the file into line with current coding style. Fixes #8456 Reviewed-by: Paul Dale Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/8457) ----------------------------------------------------------------------- Summary of changes: demos/pkcs12/pkread.c | 46 +++++++++++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 19 deletions(-) diff --git a/demos/pkcs12/pkread.c b/demos/pkcs12/pkread.c index 992b42c..33fba5d 100644 --- a/demos/pkcs12/pkread.c +++ b/demos/pkcs12/pkread.c @@ -17,7 +17,7 @@ static char *find_friendly_name(PKCS12 *p12) { - STACK_OF(PKCS7) *safes = PKCS12_unpack_authsafes(p12); + STACK_OF(PKCS7) *safes; int n, m; char *name = NULL; PKCS7 *safe; @@ -48,56 +48,64 @@ static char *find_friendly_name(PKCS12 *p12) int main(int argc, char **argv) { FILE *fp; - EVP_PKEY *pkey; - X509 *cert; + EVP_PKEY *pkey = NULL; + X509 *cert = NULL; STACK_OF(X509) *ca = NULL; - PKCS12 *p12; - const char *name; - int i; + PKCS12 *p12 = NULL; + char *name = NULL; + int i, ret = EXIT_FAILURE; if (argc != 4) { fprintf(stderr, "Usage: pkread p12file password opfile\n"); - exit(1); + exit(EXIT_FAILURE); } - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); + if ((fp = fopen(argv[1], "rb")) == NULL) { fprintf(stderr, "Error opening file %s\n", argv[1]); - exit(1); + exit(EXIT_FAILURE); } p12 = d2i_PKCS12_fp(fp, NULL); fclose(fp); - if (!p12) { + if (p12 == NULL) { fprintf(stderr, "Error reading PKCS#12 file\n"); ERR_print_errors_fp(stderr); - exit(1); + goto err; } if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) { fprintf(stderr, "Error parsing PKCS#12 file\n"); ERR_print_errors_fp(stderr); - exit(1); + goto err; } name = find_friendly_name(p12); PKCS12_free(p12); if ((fp = fopen(argv[3], "w")) == NULL) { fprintf(stderr, "Error opening file %s\n", argv[1]); - exit(1); + goto err; } - if (name) + if (name != NULL) fprintf(fp, "***Friendly Name***\n%s\n", name); - if (pkey) { + if (pkey != NULL) { fprintf(fp, "***Private Key***\n"); PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL); } - if (cert) { + if (cert != NULL) { fprintf(fp, "***User Certificate***\n"); PEM_write_X509_AUX(fp, cert); } - if (ca && sk_X509_num(ca)) { + if (ca != NULL && sk_X509_num(ca) > 0) { fprintf(fp, "***Other Certificates***\n"); for (i = 0; i < sk_X509_num(ca); i++) PEM_write_X509_AUX(fp, sk_X509_value(ca, i)); } fclose(fp); - return 0; + + ret = EXIT_SUCCESS; + + err: + OPENSSL_free(name); + X509_free(cert); + EVP_PKEY_free(pkey); + sk_X509_pop_free(ca, X509_free); + + return ret; } From matt at openssl.org Wed Mar 13 10:03:19 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 13 Mar 2019 10:03:19 +0000 Subject: [openssl] master update Message-ID: <1552471399.460109.9681.nullmailer@dev.openssl.org> The branch master has been updated via 5810bbd8c71003d7644fe802ff233a0d2a7f6778 (commit) from 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551 (commit) - Log ----------------------------------------------------------------- commit 5810bbd8c71003d7644fe802ff233a0d2a7f6778 Author: Matt Caswell Date: Tue Mar 12 10:53:37 2019 +0000 Fix various no-* options no-cmac, no-poly1305 and no-siphash all caused the new test_mac to fail. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8458) ----------------------------------------------------------------------- Summary of changes: test/recipes/20-test_mac.t | 56 ++++++++++++++++++++++++++++++---------------- 1 file changed, 37 insertions(+), 19 deletions(-) diff --git a/test/recipes/20-test_mac.t b/test/recipes/20-test_mac.t index 963c3d7..6a2c094 100644 --- a/test/recipes/20-test_mac.t +++ b/test/recipes/20-test_mac.t @@ -17,26 +17,11 @@ use Storable qw(dclone); setup("test_mac"); my @mac_tests = ( - { cmd => [qw{openssl mac -macopt hexkey:000102030405060708090A0B0C0D0E0F}], - type => 'SipHash', - input => '00', - expected => 'da87c1d86b99af44347659119b22fc45', - desc => 'SipHash No input' }, { cmd => [qw{openssl mac -macopt digest:SHA1 -macopt hexkey:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F}], type => 'HMAC', input => unpack("H*", "Sample message for keylen=blocklen"), expected => '5FD596EE78D5553C8FF4E72D266DFD192366DA29', desc => 'HMAC SHA1' }, - { cmd => [qw{openssl mac -macopt cipher:AES-256-CBC -macopt hexkey:0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1}], - type => 'CMAC', - input => '498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F', - expected => 'F62C46329B41085625669BAF51DEA66A', - desc => 'CMAC AES-256-CBC' }, - { cmd => [qw{openssl mac -macopt hexkey:02000000000000000000000000000000ffffffffffffffffffffffffffffffff}], - type => 'Poly1305', - input => '02000000000000000000000000000000', - expected => '03000000000000000000000000000000', - desc => 'Poly1305 (wrap 2^128)' }, { cmd => [qw{openssl mac -macopt cipher:AES-256-GCM -macopt hexkey:4C973DBC7364621674F8B5B89E5C15511FCED9216490FB1C1A2CAA0FFE0407E5 -macopt hexiv:7AE8E2CA4EC500012E58495C}], type => 'GMAC', input => '68F2E77696CE7AE8E2CA4EC588E541002E58495C08000F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D0007', @@ -59,12 +44,35 @@ my @mac_tests = ( desc => 'KMAC256 with xof len of 64' }, ); -my @mac_fail_tests = ( - { cmd => [qw{openssl mac}], +my @siphash_tests = ( + { cmd => [qw{openssl mac -macopt hexkey:000102030405060708090A0B0C0D0E0F}], type => 'SipHash', input => '00', - err => '', - desc => 'SipHash Fail no key' }, + expected => 'da87c1d86b99af44347659119b22fc45', + desc => 'SipHash No input' } +); + +my @cmac_tests = ( + { cmd => [qw{openssl mac -macopt cipher:AES-256-CBC -macopt hexkey:0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1}], + type => 'CMAC', + input => '498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F', + expected => 'F62C46329B41085625669BAF51DEA66A', + desc => 'CMAC AES-256-CBC' } +); + +my @poly1305_tests = ( + { cmd => [qw{openssl mac -macopt hexkey:02000000000000000000000000000000ffffffffffffffffffffffffffffffff}], + type => 'Poly1305', + input => '02000000000000000000000000000000', + expected => '03000000000000000000000000000000', + desc => 'Poly1305 (wrap 2^128)' }, +); + +push @mac_tests, @siphash_tests unless disabled("siphash"); +push @mac_tests, @cmac_tests unless disabled("cmac"); +push @mac_tests, @poly1305_tests unless disabled("poly1305"); + +my @mac_fail_tests = ( { cmd => [qw{openssl mac}], type => 'KMAC128', input => '00', @@ -72,6 +80,16 @@ my @mac_fail_tests = ( desc => 'KMAC128 Fail no key' }, ); +my @siphash_fail_tests = ( + { cmd => [qw{openssl mac}], + type => 'SipHash', + input => '00', + err => '', + desc => 'SipHash Fail no key' }, +); + +push @mac_fail_tests, @siphash_fail_tests unless disabled("siphash"); + plan tests => (scalar @mac_tests * 2) + scalar @mac_fail_tests; foreach (@mac_tests) { From matt at openssl.org Wed Mar 13 10:08:39 2019 From: matt at openssl.org (Matt Caswell) Date: Wed, 13 Mar 2019 10:08:39 +0000 Subject: [openssl] master update Message-ID: <1552471719.545819.13980.nullmailer@dev.openssl.org> The branch master has been updated via 80889e41a72ea2520959505537f38343958b761a (commit) from 5810bbd8c71003d7644fe802ff233a0d2a7f6778 (commit) - Log ----------------------------------------------------------------- commit 80889e41a72ea2520959505537f38343958b761a Author: Matt Caswell Date: Tue Mar 12 11:36:08 2019 +0000 Fix no-dso Don't try to load external provider modules in tests if we don't have DSO capability Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8459) ----------------------------------------------------------------------- Summary of changes: test/provider_internal_test.c | 9 +++++++-- test/provider_test.c | 12 +++++++++--- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/test/provider_internal_test.c b/test/provider_internal_test.c index 8ce382e..ca554b8 100644 --- a/test/provider_internal_test.c +++ b/test/provider_internal_test.c @@ -11,6 +11,11 @@ #include "internal/provider.h" #include "testutil.h" +#if !defined(DSO_VMS) && !defined(DSO_DLCFN) && !defined(DSO_DL) \ + && !defined(DSO_WIN32) && !defined(DSO_DLFCN) +# define OPENSSL_NO_DSO +#endif + extern OSSL_provider_init_fn PROVIDER_INIT_FUNCTION_NAME; static char buf[256]; @@ -56,7 +61,7 @@ static int test_builtin_provider(void) && test_provider(prov); } -#ifndef OPENSSL_NO_SHARED +#ifndef OPENSSL_NO_DSO static int test_loaded_provider(void) { const char *name = "p_test"; @@ -71,7 +76,7 @@ static int test_loaded_provider(void) int setup_tests(void) { ADD_TEST(test_builtin_provider); -#ifndef OPENSSL_NO_SHARED +#ifndef OPENSSL_NO_DSO ADD_TEST(test_loaded_provider); #endif return 1; diff --git a/test/provider_test.c b/test/provider_test.c index 250eea3..eefafcf 100644 --- a/test/provider_test.c +++ b/test/provider_test.c @@ -11,6 +11,12 @@ #include #include "testutil.h" +#if !defined(DSO_VMS) && !defined(DSO_DLCFN) && !defined(DSO_DL) \ + && !defined(DSO_WIN32) && !defined(DSO_DLFCN) +# define OPENSSL_NO_DSO +#endif + + extern OSSL_provider_init_fn PROVIDER_INIT_FUNCTION_NAME; static char buf[256]; @@ -45,11 +51,11 @@ static int test_builtin_provider(void) return TEST_true(OSSL_PROVIDER_add_builtin(NULL, name, - PROVIDER_INIT_FUNCTION_NAME)) + PROVIDER_INIT_FUNCTION_NAME)) && test_provider(name); } -#ifndef OPENSSL_NO_SHARED +#ifndef OPENSSL_NO_DSO static int test_loaded_provider(void) { const char *name = "p_test"; @@ -61,7 +67,7 @@ static int test_loaded_provider(void) int setup_tests(void) { ADD_TEST(test_builtin_provider); -#ifndef OPENSSL_NO_SHARED +#ifndef OPENSSL_NO_DSO ADD_TEST(test_loaded_provider); #endif return 1; From builds at travis-ci.org Wed Mar 13 10:13:37 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 13 Mar 2019 10:13:37 +0000 Subject: Still Failing: openssl/openssl#24005 (OpenSSL_1_1_1-stable - cd61ad3) In-Reply-To: Message-ID: <5c88d7d0e12c2_43ffdc531bb10910a2@ee6ac89a-c5dd-4121-96ad-06dfab13c916.mail> Build Update for openssl/openssl ------------------------------------- Build: #24005 Status: Still Failing Duration: 16 mins and 33 secs Commit: cd61ad3 (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Fix memory leaks in pkread.c demo file Also make various changes to bring the file into line with current coding style. Fixes #8456 Reviewed-by: Paul Dale Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/8457) (cherry picked from commit 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551) View the changeset: https://github.com/openssl/openssl/compare/191570d0b94c...cd61ad38b54d View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505671963?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Wed Mar 13 10:32:37 2019 From: levitte at openssl.org (Richard Levitte) Date: Wed, 13 Mar 2019 10:32:37 +0000 Subject: [openssl] master update Message-ID: <1552473157.635052.31331.nullmailer@dev.openssl.org> The branch master has been updated via fff684168c7923aa85e6b4381d71d933396e32b0 (commit) via bc1e0be70927c59b387aa26fbb4acf280001b904 (commit) via 9ad41d246f43d410ab4805e09786a88d56371908 (commit) from 80889e41a72ea2520959505537f38343958b761a (commit) - Log ----------------------------------------------------------------- commit fff684168c7923aa85e6b4381d71d933396e32b0 Author: Richard Levitte Date: Fri Mar 8 09:54:04 2019 +0100 test/params_test.c: Add run-time constructed OSSL_PARAM variant Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8396) commit bc1e0be70927c59b387aa26fbb4acf280001b904 Author: Richard Levitte Date: Mon Mar 4 20:34:51 2019 +0100 test/params_test.c: Add API test case, and mixed methods Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8396) commit 9ad41d246f43d410ab4805e09786a88d56371908 Author: Richard Levitte Date: Mon Mar 4 17:22:45 2019 +0100 test/params_test.c: Add "real world" parameter testing test/params_test.c is a program that tries to mimic how a provider and an application would or could handle OSSL_PARAM arrays. For the moment, this program tests a very raw way of handling OSSL_PARAM arrays. It is, however, written in a way that will hopefully make it possible to extend with other methods as APIs arise, and to set up test cases where a "provider" handles the array one way while the "application" handles it another way. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8396) ----------------------------------------------------------------------- Summary of changes: test/build.info | 7 +- test/params_test.c | 549 +++++++++++++++++++++ .../recipes/{30-test_aesgcm.t => 04-test_params.t} | 7 +- 3 files changed, 560 insertions(+), 3 deletions(-) create mode 100644 test/params_test.c copy test/recipes/{30-test_aesgcm.t => 04-test_params.t} (79%) diff --git a/test/build.info b/test/build.info index 914e5bf..13d6630 100644 --- a/test/build.info +++ b/test/build.info @@ -50,7 +50,7 @@ IF[{- !$disabled{tests} -}] time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \ servername_test ocspapitest rsa_mp_test fatalerrtest tls13ccstest \ sysdefaulttest errtest gosttest \ - context_internal_test aesgcmtest + context_internal_test aesgcmtest params_test SOURCE[versions]=versions.c INCLUDE[versions]=../include ../apps/include @@ -615,6 +615,11 @@ IF[{- !$disabled{tests} -}] DEFINE[provider_test]=OPENSSL_NO_SHARED DEFINE[provider_internal_test]=OPENSSL_NO_SHARED ENDIF + + PROGRAMS{noinst}=params_test + SOURCE[params_test]=params_test.c + INCLUDE[params_test]=.. ../include ../apps/include + DEPEND[params_test]=../libcrypto.a libtestutil.a ENDIF {- diff --git a/test/params_test.c b/test/params_test.c new file mode 100644 index 0000000..09b6c50 --- /dev/null +++ b/test/params_test.c @@ -0,0 +1,549 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +/* + * This program tests the use of OSSL_PARAM, currently in raw form. + */ + +#include +#include +#include +#include +#include "internal/nelem.h" +#include "testutil.h" + +/*- + * PROVIDER SECTION + * ================ + * + * Even though it's not necessarily ONLY providers doing this part, + * they are naturally going to be the most common users of + * set_params and get_params functions. + */ + +/* + * In real use cases, setters and getters would take an object with + * which the parameters are associated. This structure is a cheap + * simulation. + */ +struct object_st { + /* + * Documented as a native integer, of the size given by sizeof(int). + * Assumed data type OSSL_PARAM_INTEGER + */ + int p1; + /* + * Documented as a native double, of the size given by sizeof(double). + * Assumed data type OSSL_PARAM_REAL + */ + double p2; + /* + * Documented as an arbitrarly large unsigned integer. + * The data size must be large enough to accomodate. + * Assumed data type OSSL_PARAM_UNSIGNED_INTEGER + */ + BIGNUM *p3; + /* + * Documented as a C string. + * The data size must be large enough to accomodate. + * Assumed data type OSSL_PARAM_UTF8_STRING + */ + char *p4; + size_t p4_l; + /* + * Documented as a C string. + * Assumed data type OSSL_PARAM_UTF8_STRING + */ + char p5[256]; + size_t p5_l; + /* + * Documented as a pointer to a constant C string. + * Assumed data type OSSL_PARAM_UTF8_PTR + */ + const char *p6; + size_t p6_l; +}; + +#define p1_init 42 /* The ultimate answer */ +#define p2_init 6.283 /* Magic number */ +/* Stolen from evp_data, BLAKE2s256 test */ +#define p3_init \ + "4142434445464748494a4b4c4d4e4f50" \ + "5152535455565758595a616263646566" \ + "6768696a6b6c6d6e6f70717273747576" \ + "7778797a30313233343536373839" +#define p4_init "BLAKE2s256" /* Random string */ +#define p5_init "Hellow World" /* Random string */ +#define p6_init OPENSSL_FULL_VERSION_STR /* Static string */ + +static void cleanup_object(void *vobj) +{ + struct object_st *obj = vobj; + + BN_free(obj->p3); + obj->p3 = NULL; + OPENSSL_free(obj->p4); + obj->p4 = NULL; + OPENSSL_free(obj); +} + +static void *init_object(void) +{ + struct object_st *obj = OPENSSL_zalloc(sizeof(*obj)); + + obj->p1 = p1_init; + obj->p2 = p2_init; + if (!TEST_true(BN_hex2bn(&obj->p3, p3_init))) + goto fail; + if (!TEST_ptr(obj->p4 = OPENSSL_strdup(p4_init))) + goto fail; + strcpy(obj->p5, p5_init); + obj->p6 = p6_init; + + return obj; + fail: + cleanup_object(obj); + obj = NULL; + + return NULL; +} + +/* + * RAW provider, which handles the parameters in a very raw manner, + * with no fancy API and very minimal checking. The application that + * calls these to set or request parameters MUST get its OSSL_PARAM + * array right. + */ + +static int raw_set_params(void *vobj, const OSSL_PARAM *params) +{ + struct object_st *obj = vobj; + + for (; params->key != NULL; params++) + if (strcmp(params->key, "p1") == 0) { + obj->p1 = *(int *)params->data; + } else if (strcmp(params->key, "p2") == 0) { + obj->p2 = *(double *)params->data; + } else if (strcmp(params->key, "p3") == 0) { + BN_free(obj->p3); + if (!TEST_ptr(obj->p3 = BN_native2bn(params->data, + params->data_size, NULL))) + return 0; + } else if (strcmp(params->key, "p4") == 0) { + OPENSSL_free(obj->p4); + if (!TEST_ptr(obj->p4 = OPENSSL_strndup(params->data, + params->data_size))) + return 0; + } else if (strcmp(params->key, "p5") == 0) { + strncpy(obj->p5, params->data, params->data_size); + } else if (strcmp(params->key, "p6") == 0) { + obj->p6 = *(const char **)params->data; + } + + return 1; +} + +static int raw_get_params(void *vobj, const OSSL_PARAM *params) +{ + struct object_st *obj = vobj; + + for (; params->key != NULL; params++) + if (strcmp(params->key, "p1") == 0) { + if (params->return_size != NULL) + *params->return_size = sizeof(obj->p1); + *(int *)params->data = obj->p1; + } else if (strcmp(params->key, "p2") == 0) { + if (params->return_size != NULL) + *params->return_size = sizeof(obj->p2); + *(double *)params->data = obj->p2; + } else if (strcmp(params->key, "p3") == 0) { + size_t bytes = BN_num_bytes(obj->p3); + + if (params->return_size != NULL) + *params->return_size = bytes; + if (!TEST_size_t_ge(params->data_size, bytes)) + return 0; + BN_bn2nativepad(obj->p3, params->data, bytes); + } else if (strcmp(params->key, "p4") == 0) { + size_t bytes = strlen(obj->p4) + 1; + + if (params->return_size != NULL) + *params->return_size = bytes; + if (!TEST_size_t_ge(params->data_size, bytes)) + return 0; + strcpy(params->data, obj->p4); + } else if (strcmp(params->key, "p5") == 0) { + size_t bytes = strlen(obj->p5) + 1; + + if (params->return_size != NULL) + *params->return_size = bytes; + if (!TEST_size_t_ge(params->data_size, bytes)) + return 0; + strcpy(params->data, obj->p5); + } else if (strcmp(params->key, "p6") == 0) { + /* + * We COULD also use OPENSSL_FULL_VERSION_STR directly and + * use sizeof(OPENSSL_FULL_VERSION_STR) instead of calling + * strlen(). + * The caller wouldn't know the difference. + */ + size_t bytes = strlen(obj->p6) + 1; + + if (params->return_size != NULL) + *params->return_size = bytes; + *(const char **)params->data = obj->p6; + } + + return 1; +} + +/* + * API provider, which handles the parameters using the API from params.h + */ + +static int api_set_params(void *vobj, const OSSL_PARAM *params) +{ + struct object_st *obj = vobj; + const OSSL_PARAM *p = NULL; + + if ((p = OSSL_PARAM_locate(params, "p1")) != NULL + && !TEST_true(OSSL_PARAM_get_int(p, &obj->p1))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p2")) != NULL + && !TEST_true(OSSL_PARAM_get_double(p, &obj->p2))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p3")) != NULL + && !TEST_true(OSSL_PARAM_get_BN(p, &obj->p3))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p4")) != NULL) { + OPENSSL_free(obj->p4); + obj->p4 = NULL; + /* If the value pointer is NULL, we get it automatically allocated */ + if (!TEST_true(OSSL_PARAM_get_utf8_string(p, &obj->p4, 0))) + return 0; + } + if ((p = OSSL_PARAM_locate(params, "p5")) != NULL) { + char *p5_ptr = obj->p5; + if (!TEST_true(OSSL_PARAM_get_utf8_string(p, &p5_ptr, sizeof(obj->p5)))) + return 0; + } + if ((p = OSSL_PARAM_locate(params, "p6")) != NULL + && !TEST_true(OSSL_PARAM_get_utf8_ptr(p, &obj->p6))) + return 0; + + return 1; +} + +static int api_get_params(void *vobj, const OSSL_PARAM *params) +{ + struct object_st *obj = vobj; + const OSSL_PARAM *p = NULL; + + if ((p = OSSL_PARAM_locate(params, "p1")) != NULL + && !TEST_true(OSSL_PARAM_set_int(p, obj->p1))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p2")) != NULL + && !TEST_true(OSSL_PARAM_set_double(p, obj->p2))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p3")) != NULL + && !TEST_true(OSSL_PARAM_set_BN(p, obj->p3))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p4")) != NULL + && !TEST_true(OSSL_PARAM_set_utf8_string(p, obj->p4))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p5")) != NULL + && !TEST_true(OSSL_PARAM_set_utf8_string(p, obj->p5))) + return 0; + if ((p = OSSL_PARAM_locate(params, "p6")) != NULL + && !TEST_true(OSSL_PARAM_set_utf8_ptr(p, obj->p6))) + return 0; + + return 1; +} + +/* + * This structure only simulates a provider dispatch, the real deal is + * a bit more code that's not necessary in these tests. + */ +struct provider_dispatch_st { + int (*set_params)(void *obj, const OSSL_PARAM *params); + int (*get_params)(void *obj, const OSSL_PARAM *params); +}; + +/* "raw" provider */ +static const struct provider_dispatch_st provider_raw = { + raw_set_params, raw_get_params +}; + +/* "api" provider */ +static const struct provider_dispatch_st provider_api = { + api_set_params, api_get_params +}; + +/*- + * APPLICATION SECTION + * =================== + */ + +/* In all our tests, these are variables that get manipulated as parameters + * + * These arrays consistenly do nothing with the "p2" parameter, and + * always include a "foo" parameter. This is to check that the + * set_params and get_params calls ignore the lack of parameters that + * the application isn't interested in, as well as ignore parameters + * they don't understand (the application may have one big bag of + * parameters). + */ +static int app_p1; /* "p1" */ +static double app_p2; /* "p2" is ignored */ +static BIGNUM *app_p3 = NULL; /* "p3" */ +static unsigned char bignumbin[4096]; /* "p3" */ +static size_t bignumbin_l; /* "p3" */ +static char app_p4[256]; /* "p4" */ +static size_t app_p4_l; /* "p4" */ +static char app_p5[256]; /* "p5" */ +static size_t app_p5_l; /* "p5" */ +static const char *app_p6 = NULL; /* "p6" */ +static size_t app_p6_l; /* "p6" */ +static unsigned char foo[1]; /* "foo" */ +static size_t foo_l; /* "foo" */ + +#define app_p1_init 17 /* A random number */ +#define app_p2_init 47.11 /* Another random number */ +#define app_p3_init "deadbeef" /* Classic */ +#define app_p4_init "Hello" +#define app_p5_init "World" +#define app_p6_init "Cookie" +#define app_foo_init 'z' + +static int cleanup_app_variables(void) +{ + BN_free(app_p3); + app_p3 = NULL; + return 1; +} + +static int init_app_variables(void) +{ + int l = 0; + + cleanup_app_variables(); + + app_p1 = app_p1_init; + app_p2 = app_p2_init; + if (!BN_hex2bn(&app_p3, app_p3_init) + || (l = BN_bn2nativepad(app_p3, bignumbin, sizeof(bignumbin))) < 0) + return 0; + bignumbin_l = (size_t)l; + strcpy(app_p4, app_p4_init); + app_p4_l = sizeof(app_p4_init); + strcpy(app_p5, app_p5_init); + app_p5_l = sizeof(app_p5_init); + app_p6 = app_p6_init; + foo[0] = app_foo_init; + foo_l = sizeof(app_foo_init); + + return 1; +} + +/* + * Here, we define test OSSL_PARAM arrays + */ + +/* An array of OSSL_PARAM, specific in the most raw manner possible */ +static const OSSL_PARAM static_raw_params[] = { + { "p1", OSSL_PARAM_INTEGER, &app_p1, sizeof(app_p1), NULL }, + { "p3", OSSL_PARAM_UNSIGNED_INTEGER, &bignumbin, sizeof(bignumbin), + &bignumbin_l }, + { "p4", OSSL_PARAM_UTF8_STRING, &app_p4, sizeof(app_p4), &app_p4_l }, + { "p5", OSSL_PARAM_UTF8_STRING, &app_p5, sizeof(app_p5), &app_p5_l }, + { "p6", OSSL_PARAM_UTF8_PTR, &app_p6, sizeof(app_p6), &app_p6_l }, + { "foo", OSSL_PARAM_OCTET_STRING, &foo, sizeof(foo), &foo_l }, + { NULL, 0, NULL, 0, NULL } +}; + +/* The same array of OSSL_PARAM, specified with the macros from params.h */ +static const OSSL_PARAM static_api_params[] = { + OSSL_PARAM_int("p1", &app_p1), + OSSL_PARAM_SIZED_BN("p3", &bignumbin, sizeof(bignumbin), bignumbin_l), + OSSL_PARAM_DEFN("p4", OSSL_PARAM_UTF8_STRING, + &app_p4, sizeof(app_p4), &app_p4_l), + OSSL_PARAM_DEFN("p5", OSSL_PARAM_UTF8_STRING, + &app_p5, sizeof(app_p5), &app_p5_l), + OSSL_PARAM_DEFN("p6", OSSL_PARAM_UTF8_PTR, + &app_p6, sizeof(app_p6), &app_p6_l), + OSSL_PARAM_DEFN("foo", OSSL_PARAM_OCTET_STRING, &foo, sizeof(foo), &foo_l), + OSSL_PARAM_END +}; + +/* + * The same array again, but constructed at run-time + * This exercises the OSSL_PARAM constructor functions + */ +OSSL_PARAM *construct_api_params(void) +{ + size_t n = 0; + static OSSL_PARAM params[10]; + OSSL_PARAM param_end = OSSL_PARAM_END; + + params[n++] = OSSL_PARAM_construct_int("p1", &app_p1, NULL); + params[n++] = OSSL_PARAM_construct_BN("p3", bignumbin, sizeof(bignumbin), + &bignumbin_l); + params[n++] = OSSL_PARAM_construct_utf8_string("p4", app_p4, sizeof(app_p4), + &app_p4_l); + params[n++] = OSSL_PARAM_construct_utf8_string("p5", app_p5, + sizeof(app_p5), &app_p5_l); + params[n++] = OSSL_PARAM_construct_utf8_ptr("p6", (char **)&app_p6, + &app_p6_l); + params[n++] = OSSL_PARAM_construct_octet_string("foo", &foo, sizeof(foo), + &foo_l); + params[n++] = param_end; + + return params; +} + +struct param_owner_st { + const OSSL_PARAM *static_params; + OSSL_PARAM *(*constructed_params)(void); +}; + +struct param_owner_st raw_params = { + static_raw_params, NULL +}; + +struct param_owner_st api_params = { + static_api_params, construct_api_params +}; + +/*- + * TESTING + * ======= + */ + +/* + * Test cases to combine parameters with "provider side" functions + */ +static struct { + const struct provider_dispatch_st *prov; + const struct param_owner_st *app; + const char *desc; +} test_cases[] = { + /* Tests within specific methods */ + { &provider_raw, &raw_params, "raw provider vs raw params" }, + { &provider_api, &api_params, "api provider vs api params" }, + + /* Mixed methods */ + { &provider_raw, &api_params, "raw provider vs api params" }, + { &provider_api, &raw_params, "api provider vs raw params" }, +}; + +/* Generic tester of combinations of "providers" and params */ +static int test_case_variant(const OSSL_PARAM *params, + const struct provider_dispatch_st *prov) +{ + BIGNUM *verify_p3 = NULL; + void *obj = NULL; + int errcnt = 0; + + /* + * Initialize + */ + if (!TEST_ptr(obj = init_object()) + || !TEST_true(BN_hex2bn(&verify_p3, p3_init))) { + errcnt++; + goto fin; + } + + /* + * Get parameters a first time, just to see that getting works and + * gets us the values we expect. + */ + init_app_variables(); + + if (!TEST_true(prov->get_params(obj, params)) + || !TEST_int_eq(app_p1, p1_init) /* "provider" value */ + || !TEST_ulong_eq(app_p2, app_p2_init) /* Should remain untouched */ + || !TEST_ptr(BN_native2bn(bignumbin, bignumbin_l, app_p3)) + || !TEST_BN_eq(app_p3, verify_p3) /* "provider" value */ + || !TEST_str_eq(app_p4, p4_init) /* "provider" value */ + || !TEST_str_eq(app_p5, p5_init) /* "provider" value */ + || !TEST_str_eq(app_p6, p6_init) /* "provider" value */ + || !TEST_char_eq(foo[0], app_foo_init) /* Should remain untouched */ + || !TEST_int_eq(foo_l, sizeof(app_foo_init))) + errcnt++; + + /* + * Set parameters, then sneak into the object itself and check + * that its attributes got set (or ignored) properly. + */ + init_app_variables(); + + if (!TEST_true(prov->set_params(obj, params))) { + errcnt++; + } else { + struct object_st *sneakpeek = obj; + + if (!TEST_int_eq(sneakpeek->p1, app_p1) /* app value set */ + || !TEST_ulong_eq(sneakpeek->p2, p2_init) /* Should remain untouched */ + || !TEST_BN_eq(sneakpeek->p3, app_p3) /* app value set */ + || !TEST_str_eq(sneakpeek->p4, app_p4) /* app value set */ + || !TEST_str_eq(sneakpeek->p5, app_p5)) /* app value set */ + errcnt++; + } + + /* + * Get parameters again, checking that we get different values + * than earlier where relevant. + */ + BN_free(verify_p3); + verify_p3 = NULL; + + if (!TEST_true(BN_hex2bn(&verify_p3, app_p3_init))) { + errcnt++; + goto fin; + } + + if (!TEST_true(prov->get_params(obj, params)) + || !TEST_int_eq(app_p1, app_p1_init) /* app value */ + || !TEST_ulong_eq(app_p2, app_p2_init) /* Should remain untouched */ + || !TEST_ptr(BN_native2bn(bignumbin, bignumbin_l, app_p3)) + || !TEST_BN_eq(app_p3, verify_p3) /* app value */ + || !TEST_str_eq(app_p4, app_p4_init) /* app value */ + || !TEST_str_eq(app_p5, app_p5_init) /* app value */ + || !TEST_str_eq(app_p6, app_p6_init) /* app value */ + || !TEST_char_eq(foo[0], app_foo_init) /* Should remain untouched */ + || !TEST_int_eq(foo_l, sizeof(app_foo_init))) + errcnt++; + + fin: + BN_free(verify_p3); + verify_p3 = NULL; + cleanup_app_variables(); + cleanup_object(obj); + + return errcnt == 0; +} + +static int test_case(int i) +{ + TEST_info("Case: %s", test_cases[i].desc); + + return test_case_variant(test_cases[i].app->static_params, + test_cases[i].prov) + && (test_cases[i].app->constructed_params == NULL + || test_case_variant(test_cases[i].app->constructed_params(), + test_cases[i].prov)); +} + +int setup_tests(void) +{ + ADD_ALL_TESTS(test_case, OSSL_NELEM(test_cases)); + return 1; +} diff --git a/test/recipes/30-test_aesgcm.t b/test/recipes/04-test_params.t similarity index 79% copy from test/recipes/30-test_aesgcm.t copy to test/recipes/04-test_params.t index f4862bf..ae83d4f 100644 --- a/test/recipes/30-test_aesgcm.t +++ b/test/recipes/04-test_params.t @@ -6,7 +6,10 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html - +use strict; +use OpenSSL::Test; use OpenSSL::Test::Simple; -simple_test("test_aesgcm", "aesgcmtest", "aesgcm"); +setup("test_params"); + +simple_test("test_params", "params_test"); From no-reply at appveyor.com Wed Mar 13 11:09:33 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 11:09:33 +0000 Subject: Build failed: openssl master.23414 Message-ID: <20190313110933.1.D3DB6ABD4020E96F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 13 11:13:16 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 11:13:16 +0000 Subject: Build completed: openssl master.23415 Message-ID: <20190313111316.1.117463D12F2F9E98@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Wed Mar 13 11:23:49 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 13 Mar 2019 11:23:49 +0000 Subject: Broken: openssl/openssl#24012 (master - fff6841) In-Reply-To: Message-ID: <5c88e8452452c_43ffdc2512aac1102c7@ee6ac89a-c5dd-4121-96ad-06dfab13c916.mail> Build Update for openssl/openssl ------------------------------------- Build: #24012 Status: Broken Duration: 22 mins and 47 secs Commit: fff6841 (master) Author: Richard Levitte Message: test/params_test.c: Add run-time constructed OSSL_PARAM variant Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8396) View the changeset: https://github.com/openssl/openssl/compare/80889e41a72e...fff684168c79 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505686856?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Wed Mar 13 12:40:42 2019 From: levitte at openssl.org (Richard Levitte) Date: Wed, 13 Mar 2019 12:40:42 +0000 Subject: [openssl] master update Message-ID: <1552480842.399204.26123.nullmailer@dev.openssl.org> The branch master has been updated via 62ca15650576f3953103b27e220e4ff4cc4abed5 (commit) from fff684168c7923aa85e6b4381d71d933396e32b0 (commit) - Log ----------------------------------------------------------------- commit 62ca15650576f3953103b27e220e4ff4cc4abed5 Author: David von Oheimb Date: Thu Feb 1 11:06:03 2018 +0100 prevent app_get_pass() from revealing cleartext password on syntax error When the argument for '-pass' was badly formed, that argument got displayed in full. This turns out to not be such a good idea if the user simply forgot to start the argument with 'pass:', or spellt the prefix incorrectly. We therefore change the display to say that a colon is missing or only showing the incorrect prefix. Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/6218) ----------------------------------------------------------------------- Summary of changes: apps/apps.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/apps/apps.c b/apps/apps.c index d095dee..06b5434 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -48,6 +48,8 @@ static int WIN32_rename(const char *from, const char *to); # define rename(from,to) WIN32_rename((from),(to)) #endif +#define PASS_SOURCE_SIZE_MAX 4 + typedef struct { const char *name; unsigned long flag; @@ -205,6 +207,7 @@ static char *app_get_pass(const char *arg, int keepbio) char *tmp, tpass[APP_PASS_LEN]; int i; + /* PASS_SOURCE_SIZE_MAX = max number of chars before ':' in below strings */ if (strncmp(arg, "pass:", 5) == 0) return OPENSSL_strdup(arg + 5); if (strncmp(arg, "env:", 4) == 0) { @@ -253,7 +256,16 @@ static char *app_get_pass(const char *arg, int keepbio) return NULL; } } else { - BIO_printf(bio_err, "Invalid password argument \"%s\"\n", arg); + /* argument syntax error; do not reveal too much about arg */ + tmp = strchr(arg, ':'); + if (tmp == NULL || tmp - arg > PASS_SOURCE_SIZE_MAX) + BIO_printf(bio_err, + "Invalid password argument, missing ':' within the first %d chars\n", + PASS_SOURCE_SIZE_MAX + 1); + else + BIO_printf(bio_err, + "Invalid password argument, starting with \"%.*s\"\n", + (int)(tmp - arg + 1), arg); return NULL; } } From no-reply at appveyor.com Wed Mar 13 12:50:03 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 12:50:03 +0000 Subject: Build failed: openssl master.23418 Message-ID: <20190313125003.1.82D3B19CF2EDC5E3@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 13 12:55:16 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 12:55:16 +0000 Subject: Build failed: openssl master.23419 Message-ID: <20190313125516.1.73961584F58F65FA@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Wed Mar 13 13:00:36 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 13 Mar 2019 13:00:36 +0000 Subject: Still Failing: openssl/openssl#24017 (master - 62ca156) In-Reply-To: Message-ID: <5c88fef4921f0_43f8bd729ba6069919@5684d850-b957-4098-b977-76cd9fa7e095.mail> Build Update for openssl/openssl ------------------------------------- Build: #24017 Status: Still Failing Duration: 19 mins and 12 secs Commit: 62ca156 (master) Author: David von Oheimb Message: prevent app_get_pass() from revealing cleartext password on syntax error When the argument for '-pass' was badly formed, that argument got displayed in full. This turns out to not be such a good idea if the user simply forgot to start the argument with 'pass:', or spellt the prefix incorrectly. We therefore change the display to say that a colon is missing or only showing the incorrect prefix. Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/6218) View the changeset: https://github.com/openssl/openssl/compare/fff684168c79...62ca15650576 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505739109?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 13 13:16:43 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 13:16:43 +0000 Subject: Build completed: openssl master.23420 Message-ID: <20190313131643.1.71FC25E472BFA818@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Mar 13 14:01:14 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 13 Mar 2019 14:01:14 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-siphash Message-ID: <1552485674.846830.6168.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-siphash Commit log since last time: 9e11fe0d85 Replumbing: Add constructor of libcrypto internal method structures 099bd33920 Replumbing: Add support for the provider query_operation function 85e2417c0d Replumbing: Add an OSSL_PROVIDER iterator with callback e2146e120f Change OSSL_PARAM_UTF8_STRING_PTR to OSSL_PARAM_UTF8_PTR eabf91cd11 generated files 7ffbd7ca96 OSSL_PARAM helper functions. 8c4412ed8f Rename 'buffer' to 'data' in OSSL_PARAM a61b7f2fa6 2nd chunk: CRMF code (crypto/crmf/, ) and its integration in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num 2a3b52eacd Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712) eef721b0d0 added generated files 8240d5fa65 FIPS 186-4 RSA Generation & Validation Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_mac.t (Wstat: 512 Tests: 8 Failed: 1) Failed test: 1 Non-zero exit status: 2 Parse errors: Bad plan. You planned 18 tests but ran 8. Files=167, Tests=1475, 248 wallclock secs ( 2.75 usr 0.30 sys + 225.67 cusr 11.48 csys = 240.20 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-siphash' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Wed Mar 13 16:27:57 2019 From: levitte at openssl.org (Richard Levitte) Date: Wed, 13 Mar 2019 16:27:57 +0000 Subject: [openssl] master update Message-ID: <1552494477.099759.31713.nullmailer@dev.openssl.org> The branch master has been updated via d3620841cc39aaa4a3d75ea32e94ccd110b5bef4 (commit) via 932c3d0f6706a08932d89c8610b06cb57fba13ce (commit) via 847275075f971afeb5fa928c078edf3bc17cddb3 (commit) from 62ca15650576f3953103b27e220e4ff4cc4abed5 (commit) - Log ----------------------------------------------------------------- commit d3620841cc39aaa4a3d75ea32e94ccd110b5bef4 Author: Richard Levitte Date: Wed Mar 13 14:06:03 2019 +0100 test/params_test.c: use TEST_double_eq to check doubles TEST_ulong_eq was used previously because TEST_double_eq didn't exist at the time. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8469) commit 932c3d0f6706a08932d89c8610b06cb57fba13ce Author: Richard Levitte Date: Wed Mar 13 14:01:27 2019 +0100 test/params_test.c: make more global variables static Again, compilers that don't like them being undeclared... Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8469) commit 847275075f971afeb5fa928c078edf3bc17cddb3 Author: Richard Levitte Date: Wed Mar 13 13:56:46 2019 +0100 test/params_test.c: make construct_api_params() static With enough warning flags, compilers complain when a non-static function hasn't been properly declared... Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8469) ----------------------------------------------------------------------- Summary of changes: test/params_test.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/test/params_test.c b/test/params_test.c index 09b6c50..338e6b2 100644 --- a/test/params_test.c +++ b/test/params_test.c @@ -387,7 +387,7 @@ static const OSSL_PARAM static_api_params[] = { * The same array again, but constructed at run-time * This exercises the OSSL_PARAM constructor functions */ -OSSL_PARAM *construct_api_params(void) +static OSSL_PARAM *construct_api_params(void) { size_t n = 0; static OSSL_PARAM params[10]; @@ -414,11 +414,11 @@ struct param_owner_st { OSSL_PARAM *(*constructed_params)(void); }; -struct param_owner_st raw_params = { +static const struct param_owner_st raw_params = { static_raw_params, NULL }; -struct param_owner_st api_params = { +static const struct param_owner_st api_params = { static_api_params, construct_api_params }; @@ -469,7 +469,7 @@ static int test_case_variant(const OSSL_PARAM *params, if (!TEST_true(prov->get_params(obj, params)) || !TEST_int_eq(app_p1, p1_init) /* "provider" value */ - || !TEST_ulong_eq(app_p2, app_p2_init) /* Should remain untouched */ + || !TEST_double_eq(app_p2, app_p2_init) /* Should remain untouched */ || !TEST_ptr(BN_native2bn(bignumbin, bignumbin_l, app_p3)) || !TEST_BN_eq(app_p3, verify_p3) /* "provider" value */ || !TEST_str_eq(app_p4, p4_init) /* "provider" value */ @@ -491,7 +491,7 @@ static int test_case_variant(const OSSL_PARAM *params, struct object_st *sneakpeek = obj; if (!TEST_int_eq(sneakpeek->p1, app_p1) /* app value set */ - || !TEST_ulong_eq(sneakpeek->p2, p2_init) /* Should remain untouched */ + || !TEST_double_eq(sneakpeek->p2, p2_init) /* Should remain untouched */ || !TEST_BN_eq(sneakpeek->p3, app_p3) /* app value set */ || !TEST_str_eq(sneakpeek->p4, app_p4) /* app value set */ || !TEST_str_eq(sneakpeek->p5, app_p5)) /* app value set */ @@ -512,7 +512,7 @@ static int test_case_variant(const OSSL_PARAM *params, if (!TEST_true(prov->get_params(obj, params)) || !TEST_int_eq(app_p1, app_p1_init) /* app value */ - || !TEST_ulong_eq(app_p2, app_p2_init) /* Should remain untouched */ + || !TEST_double_eq(app_p2, app_p2_init) /* Should remain untouched */ || !TEST_ptr(BN_native2bn(bignumbin, bignumbin_l, app_p3)) || !TEST_BN_eq(app_p3, verify_p3) /* app value */ || !TEST_str_eq(app_p4, app_p4_init) /* app value */ From no-reply at appveyor.com Wed Mar 13 16:33:28 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 16:33:28 +0000 Subject: Build failed: openssl master.23422 Message-ID: <20190313163328.1.045A10BE40C7813C@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Wed Mar 13 16:54:52 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 13 Mar 2019 16:54:52 +0000 Subject: Fixed: openssl/openssl#24020 (master - d362084) In-Reply-To: Message-ID: <5c8935dc7c954_43fe7fb2c1e88286157@df35b7f2-8840-473f-999b-c0b6a91e3ea5.mail> Build Update for openssl/openssl ------------------------------------- Build: #24020 Status: Fixed Duration: 49 mins and 58 secs Commit: d362084 (master) Author: Richard Levitte Message: test/params_test.c: use TEST_double_eq to check doubles TEST_ulong_eq was used previously because TEST_double_eq didn't exist at the time. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8469) View the changeset: https://github.com/openssl/openssl/compare/62ca15650576...d3620841cc39 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505853332?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 13 18:10:30 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 18:10:30 +0000 Subject: Build completed: openssl master.23423 Message-ID: <20190313181030.1.7BD2C7748F77D311@appveyor.com> An HTML attachment was scrubbed... URL: From nic.tuv at gmail.com Wed Mar 13 18:23:16 2019 From: nic.tuv at gmail.com (nic.tuv at gmail.com) Date: Wed, 13 Mar 2019 18:23:16 +0000 Subject: [openssl] master update Message-ID: <1552501396.106290.14083.nullmailer@dev.openssl.org> The branch master has been updated via 81d61a62faa809e6c51f5fc2b86fb0d31146fd5e (commit) from d3620841cc39aaa4a3d75ea32e94ccd110b5bef4 (commit) - Log ----------------------------------------------------------------- commit 81d61a62faa809e6c51f5fc2b86fb0d31146fd5e Author: Nicola Tuveri Date: Wed Mar 13 11:38:40 2019 +0200 Fix memory leak in ectest Fixes #8462 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8466) ----------------------------------------------------------------------- Summary of changes: test/ectest.c | 1 + 1 file changed, 1 insertion(+) diff --git a/test/ectest.c b/test/ectest.c index d2ad377..59c7e99 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1503,6 +1503,7 @@ static int underflow_test(void) BN_CTX_end(ctx); EC_POINT_free(P); EC_POINT_free(Q); + EC_POINT_free(R); EC_GROUP_free(grp); BN_CTX_free(ctx); From no-reply at appveyor.com Wed Mar 13 18:27:28 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 18:27:28 +0000 Subject: Build failed: openssl master.23424 Message-ID: <20190313182728.1.B8FA5076446EB37F@appveyor.com> An HTML attachment was scrubbed... URL: From nic.tuv at gmail.com Wed Mar 13 19:02:03 2019 From: nic.tuv at gmail.com (nic.tuv at gmail.com) Date: Wed, 13 Mar 2019 19:02:03 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1552503723.119218.10239.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 45956011b9a5b0e7a2170d4c4f5f866d00702450 (commit) from cd61ad38b54d22a3d17db9d679c24d9a602cb5d8 (commit) - Log ----------------------------------------------------------------- commit 45956011b9a5b0e7a2170d4c4f5f866d00702450 Author: Nicola Tuveri Date: Wed Mar 13 11:38:40 2019 +0200 Fix memory leak in ectest Fixes #8462 (cherry picked from commit 81d61a62faa809e6c51f5fc2b86fb0d31146fd5e) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8466) ----------------------------------------------------------------------- Summary of changes: test/ectest.c | 1 + 1 file changed, 1 insertion(+) diff --git a/test/ectest.c b/test/ectest.c index afe8615..9cd8409 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1466,6 +1466,7 @@ static int underflow_test(void) BN_CTX_end(ctx); EC_POINT_free(P); EC_POINT_free(Q); + EC_POINT_free(R); EC_GROUP_free(grp); BN_CTX_free(ctx); From builds at travis-ci.org Wed Mar 13 18:47:12 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 13 Mar 2019 18:47:12 +0000 Subject: Broken: openssl/openssl#24022 (master - 81d61a6) In-Reply-To: Message-ID: <5c8950308670a_43fc4cd79e6dc277181@e33513ec-123e-4da2-9fbc-5c32a52ff383.mail> Build Update for openssl/openssl ------------------------------------- Build: #24022 Status: Broken Duration: 47 mins and 11 secs Commit: 81d61a6 (master) Author: Nicola Tuveri Message: Fix memory leak in ectest Fixes #8462 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8466) View the changeset: https://github.com/openssl/openssl/compare/d3620841cc39...81d61a62faa8 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505910581?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Wed Mar 13 19:22:24 2019 From: builds at travis-ci.org (Travis CI) Date: Wed, 13 Mar 2019 19:22:24 +0000 Subject: Still Failing: openssl/openssl#24023 (OpenSSL_1_1_1-stable - 4595601) In-Reply-To: Message-ID: <5c89587025213_43ffdc531b86825847c@ee6ac89a-c5dd-4121-96ad-06dfab13c916.mail> Build Update for openssl/openssl ------------------------------------- Build: #24023 Status: Still Failing Duration: 43 mins and 28 secs Commit: 4595601 (OpenSSL_1_1_1-stable) Author: Nicola Tuveri Message: Fix memory leak in ectest Fixes #8462 (cherry picked from commit 81d61a62faa809e6c51f5fc2b86fb0d31146fd5e) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8466) View the changeset: https://github.com/openssl/openssl/compare/cd61ad38b54d...45956011b9a5 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/505928675?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Mar 13 20:06:45 2019 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 13 Mar 2019 20:06:45 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.23425 Message-ID: <20190313200645.1.64A3111A9D23A34E@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Mar 14 00:06:18 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 00:06:18 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-cmac Message-ID: <1552521978.464797.20229.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cmac Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification From openssl at openssl.org Thu Mar 14 01:28:33 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 01:28:33 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dso Message-ID: <1552526913.693942.10133.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification From openssl at openssl.org Thu Mar 14 01:40:53 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 01:40:53 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec Message-ID: <1552527653.130865.28926.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. skipped: test_tls13alerts needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13cookie.t .............. skipped: test_tls13cookie needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade needs TLS1.3 and TLS1.2 enabled ../../openssl/test/recipes/70-test_tls13hrr.t ................. skipped: test_tls13hrr needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t ............ skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13psk.t ................. skipped: test_tls13psk needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... skipped: ct and ec are not supported by this OpenSSL build ../../openssl/test/recipes/80-test_dane.t ..................... skipped: test_dane uses ec which is not supported by this OpenSSL build ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. skipped: test_dane uses ec which is not supported by this OpenSSL build ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build ../../openssl/test/recipes/90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build ../../openssl/test/recipes/90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/01-test_symbol_presence.t (Wstat: 256 Tests: 4 Failed: 1) Failed test: 2 Non-zero exit status: 1 Files=168, Tests=1266, 135 wallclock secs ( 1.63 usr 0.33 sys + 119.77 cusr 9.26 csys = 130.99 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ec' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Thu Mar 14 07:12:57 2019 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Mar 2019 07:12:57 +0000 Subject: [openssl] master update Message-ID: <1552547577.789013.25493.nullmailer@dev.openssl.org> The branch master has been updated via d33d76168fb7642916cdcb7ccb0513abdb6f5f05 (commit) from 81d61a62faa809e6c51f5fc2b86fb0d31146fd5e (commit) - Log ----------------------------------------------------------------- commit d33d76168fb7642916cdcb7ccb0513abdb6f5f05 Author: Richard Levitte Date: Thu Mar 14 00:39:28 2019 +0100 Don't fail when tracing is disabled When tracing is disabled, don't generate errors, especially during init. Instead, just pretend the everything is fine. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8475) ----------------------------------------------------------------------- Summary of changes: crypto/trace.c | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/crypto/trace.c b/crypto/trace.c index 8ead944..c0b3ab2 100644 --- a/crypto/trace.c +++ b/crypto/trace.c @@ -287,11 +287,11 @@ int ossl_trace_init(void) { #ifndef OPENSSL_NO_TRACE trace_lock = CRYPTO_THREAD_lock_new(); - if (trace_lock != NULL) - return 1; + if (trace_lock == NULL) + return 0; #endif - return 0; + return 1; } void ossl_trace_cleanup(void) @@ -321,15 +321,11 @@ int OSSL_trace_set_channel(int category, BIO *channel) if (category < 0 || category >= OSSL_TRACE_CATEGORY_NUM || !set_trace_data(category, &channel, NULL, NULL, trace_attach_cb, trace_detach_cb)) - goto err; + return 0; trace_channels[category].type = t_channel; - return 1; - - err: #endif - - return 0; + return 1; } #ifndef OPENSSL_NO_TRACE @@ -383,36 +379,41 @@ int OSSL_trace_set_callback(int category, OSSL_trace_cb callback, void *data) goto err; trace_channels[category].type = t_callback; - return 1; + goto done; err: BIO_free(channel); OPENSSL_free(trace_data); -#endif - return 0; + done: +#endif + return 1; } int OSSL_trace_set_prefix(int category, const char *prefix) { + int rv = 1; + #ifndef OPENSSL_NO_TRACE if (category >= 0 || category < OSSL_TRACE_CATEGORY_NUM) return set_trace_data(category, NULL, &prefix, NULL, trace_attach_cb, trace_detach_cb); + rv = 0; #endif - - return 0; + return rv; } int OSSL_trace_set_suffix(int category, const char *suffix) { + int rv = 1; + #ifndef OPENSSL_NO_TRACE if (category >= 0 || category < OSSL_TRACE_CATEGORY_NUM) return set_trace_data(category, NULL, NULL, &suffix, trace_attach_cb, trace_detach_cb); + rv = 0; #endif - - return 0; + return rv; } #ifndef OPENSSL_NO_TRACE From no-reply at appveyor.com Thu Mar 14 07:16:33 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 07:16:33 +0000 Subject: Build failed: openssl master.23438 Message-ID: <20190314071633.1.F2FC843F1A90543B@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 14 07:36:48 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 14 Mar 2019 07:36:48 +0000 Subject: Fixed: openssl/openssl#24036 (master - d33d761) In-Reply-To: Message-ID: <5c8a048fc7cb4_43fe70b01f79866590@729e1db4-3f4d-47bb-a6ad-eec602640509.mail> Build Update for openssl/openssl ------------------------------------- Build: #24036 Status: Fixed Duration: 23 mins and 7 secs Commit: d33d761 (master) Author: Richard Levitte Message: Don't fail when tracing is disabled When tracing is disabled, don't generate errors, especially during init. Instead, just pretend the everything is fine. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8475) View the changeset: https://github.com/openssl/openssl/compare/81d61a62faa8...d33d76168fb7 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/506147003?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Mar 14 08:15:19 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 08:15:19 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-poly1305 Message-ID: <1552551319.950675.29102.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-poly1305 Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification From no-reply at appveyor.com Thu Mar 14 08:26:32 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 08:26:32 +0000 Subject: Build completed: openssl master.23439 Message-ID: <20190314082632.1.609B03D810040CB4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 14 09:30:35 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 09:30:35 +0000 Subject: Build failed: openssl master.23442 Message-ID: <20190314093035.1.17E97696B992B4D3@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 14 09:34:07 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 09:34:07 +0000 Subject: Build completed: openssl master.23443 Message-ID: <20190314093407.1.7F9B8594FBC2639F@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Thu Mar 14 12:14:01 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Thu, 14 Mar 2019 12:14:01 +0000 Subject: [openssl] master update Message-ID: <1552565641.460409.4033.nullmailer@dev.openssl.org> The branch master has been updated via 6bc62a620e715f7580651ca932eab052aa527886 (commit) from d33d76168fb7642916cdcb7ccb0513abdb6f5f05 (commit) - Log ----------------------------------------------------------------- commit 6bc62a620e715f7580651ca932eab052aa527886 Author: Dr. Matthias St. Pierre Date: Wed Mar 13 23:16:29 2019 +0100 Configure: disable new trace api by default Fixes #8472 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8474) ----------------------------------------------------------------------- Summary of changes: CHANGES | 11 ++++++++--- Configure | 1 + INSTALL | 4 ++++ doc/man3/OSSL_trace_enabled.pod | 9 +++++---- doc/man3/OSSL_trace_set_channel.pod | 7 ++++--- 5 files changed, 22 insertions(+), 10 deletions(-) diff --git a/CHANGES b/CHANGES index d977c76..0f7b77a 100644 --- a/CHANGES +++ b/CHANGES @@ -9,9 +9,14 @@ Changes between 1.1.1 and 3.0.0 [xx XXX xxxx] - *) Added support for enabling instrumentation through trace output. - This is left to application control, by allowing it to register BIOs as - channels for a number of tracing and debugging categories. + *) Added a new generic trace API which provides support for enabling + instrumentation through trace output. This feature is mainly intended + as an aid for developers and is disabled by default. To utilize it, + OpenSSL needs to be configured with the `enable-trace` option. + + If the tracing API is enabled, the application can activate trace output + by registering BIOs as trace channels for a number of tracing and debugging + categories. The 'openssl' application has been expanded to enable any of the types available via environment variables defined by the user, and serves as diff --git a/Configure b/Configure index 8818d58..6b533f4 100755 --- a/Configure +++ b/Configure @@ -464,6 +464,7 @@ our %disabled = ( # "what" => "comment" "ssl-trace" => "default", "ssl3" => "default", "ssl3-method" => "default", + "trace" => "default", "ubsan" => "default", "unit-test" => "default", "weak-ssl-ciphers" => "default", diff --git a/INSTALL b/INSTALL index d8c5dc5..cffa241 100644 --- a/INSTALL +++ b/INSTALL @@ -523,6 +523,10 @@ require additional system-dependent options! See "Note on multi-threading" below. + enable-trace + Build with support for the integrated tracing api. See manual pages + OSSL_trace_set_channel(3) and OSSL_trace_enabled(3) for details. + no-ts Don't build Time Stamping Authority support. diff --git a/doc/man3/OSSL_trace_enabled.pod b/doc/man3/OSSL_trace_enabled.pod index ecb88ab..db3f99c 100644 --- a/doc/man3/OSSL_trace_enabled.pod +++ b/doc/man3/OSSL_trace_enabled.pod @@ -20,7 +20,7 @@ The functions described here are mainly interesting for those who provide OpenSSL functionality, either in OpenSSL itself or in engine modules or similar. -If operational (see L below), these functions are used to +If tracing is enabled (see L below), these functions are used to generate free text tracing output. The tracing output is divided into types which are enabled @@ -110,10 +110,11 @@ OSSL_trace_enabled() before generating any output, for example: OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trace); } -=head2 Tracing disabled +=head2 Configure Tracing -The OpenSSL library may be built with tracing disabled, which makes -everything documented here inoperational. +By default, the OpenSSL library is built with tracing disabled. To +use the tracing functionality documented here, it is therefore +necessary to configure and build OpenSSL with the 'enable-trace' option. When the library is built with tracing disabled: diff --git a/doc/man3/OSSL_trace_set_channel.pod b/doc/man3/OSSL_trace_set_channel.pod index 6981dbc..fb680a5 100644 --- a/doc/man3/OSSL_trace_set_channel.pod +++ b/doc/man3/OSSL_trace_set_channel.pod @@ -261,10 +261,11 @@ The output is almost the same as for the simple example above. =head1 NOTES -=head2 Tracing disabled +=head2 Configure Tracing -The OpenSSL library may be built with tracing disabled, which makes -everything documented here inoperational. +By default, the OpenSSL library is built with tracing disabled. To +use the tracing functionality documented here, it is therefore +necessary to configure and build OpenSSL with the 'enable-trace' option. When the library is built with tracing disabled, the macro C is defined in C and all From no-reply at appveyor.com Thu Mar 14 12:18:49 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 12:18:49 +0000 Subject: Build failed: openssl master.23456 Message-ID: <20190314121849.1.218F8EF869B4DF23@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Mar 14 12:49:24 2019 From: matt at openssl.org (Matt Caswell) Date: Thu, 14 Mar 2019 12:49:24 +0000 Subject: [openssl] master update Message-ID: <1552567764.200403.26973.nullmailer@dev.openssl.org> The branch master has been updated via ee633ace7397ebc9829b845e7e7bbd8283b455f6 (commit) from 6bc62a620e715f7580651ca932eab052aa527886 (commit) - Log ----------------------------------------------------------------- commit ee633ace7397ebc9829b845e7e7bbd8283b455f6 Author: Matt Caswell Date: Thu Mar 7 10:37:34 2019 +0000 Enable pkeyutl to use Ed448 and Ed25519 With the recent addition of the -rawin option it should be possible for pkeyutl to sign and verify with Ed448 and Ed2559. The main remaining stumbling block is that those algorirthms only support "oneshot" operation. This commit enables pkeyutl to handle that. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/8431) ----------------------------------------------------------------------- Summary of changes: apps/pkeyutl.c | 133 ++++++++++++++++++++++++++++++----------- doc/man1/pkeyutl.pod | 33 ++++++---- test/recipes/20-test_pkeyutl.t | 62 ++++++++++++------- 3 files changed, 161 insertions(+), 67 deletions(-) diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index c084525..0c27589 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -13,6 +13,9 @@ #include #include #include +#ifndef OPENSSL_NO_POSIX_IO +# include +#endif #define KEY_NONE 0 #define KEY_PRIVKEY 1 @@ -22,7 +25,7 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, const char *keyfile, int keyform, int key_type, char *passinarg, int pkey_op, ENGINE *e, - const int impl, EVP_PKEY **ppkey); + const int impl, int rawin, EVP_PKEY **ppkey); static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file, ENGINE *e); @@ -33,7 +36,7 @@ static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op, static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx, const EVP_MD *md, EVP_PKEY *pkey, BIO *in, - unsigned char *sig, int siglen, + int filesize, unsigned char *sig, int siglen, unsigned char **out, size_t *poutlen); typedef enum OPTION_choice { @@ -109,6 +112,7 @@ int pkeyutl_main(int argc, char **argv) STACK_OF(OPENSSL_STRING) *pkeyopts_passin = NULL; int rawin = 0; const EVP_MD *md = NULL; + int filesize = -1; prog = opt_init(argc, argv, pkeyutl_options); while ((o = opt_next()) != OPT_EOF) { @@ -264,7 +268,7 @@ int pkeyutl_main(int argc, char **argv) goto opthelp; } ctx = init_ctx(kdfalg, &keysize, inkey, keyform, key_type, - passinarg, pkey_op, e, engine_impl, &pkey); + passinarg, pkey_op, e, engine_impl, rawin, &pkey); if (ctx == NULL) { BIO_printf(bio_err, "%s: Error initializing context\n", prog); ERR_print_errors(bio_err); @@ -344,6 +348,15 @@ int pkeyutl_main(int argc, char **argv) if (pkey_op != EVP_PKEY_OP_DERIVE) { in = bio_open_default(infile, 'r', FORMAT_BINARY); +#ifndef OPENSSL_NO_POSIX_IO + if (infile != NULL) + { + struct stat st; + + if (stat(infile, &st) == 0 && st.st_size <= INT_MAX) + filesize = (int)st.st_size; + } +#endif if (in == NULL) goto end; } @@ -399,7 +412,7 @@ int pkeyutl_main(int argc, char **argv) if (pkey_op == EVP_PKEY_OP_VERIFY) { if (rawin) { - rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, sig, siglen, + rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, filesize, sig, siglen, NULL, 0); } else { rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen, @@ -419,7 +432,7 @@ int pkeyutl_main(int argc, char **argv) } else { if (rawin) { /* rawin allocates the buffer in do_raw_keyop() */ - rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, NULL, 0, + rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, filesize, NULL, 0, &buf_out, (size_t *)&buf_outlen); } else { rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen, @@ -468,7 +481,8 @@ int pkeyutl_main(int argc, char **argv) static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, const char *keyfile, int keyform, int key_type, char *passinarg, int pkey_op, ENGINE *e, - const int engine_impl, EVP_PKEY **ppkey) + const int engine_impl, int rawin, + EVP_PKEY **ppkey) { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; @@ -554,30 +568,39 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, if (ctx == NULL) goto end; - switch (pkey_op) { - case EVP_PKEY_OP_SIGN: - rv = EVP_PKEY_sign_init(ctx); - break; + /* + * If rawin then we don't need to actually initialise the EVP_PKEY_CTX + * itself. That will get initialised during EVP_DigestSignInit or + * EVP_DigestVerifyInit. + */ + if (rawin) { + rv = 1; + } else { + switch (pkey_op) { + case EVP_PKEY_OP_SIGN: + rv = EVP_PKEY_sign_init(ctx); + break; - case EVP_PKEY_OP_VERIFY: - rv = EVP_PKEY_verify_init(ctx); - break; + case EVP_PKEY_OP_VERIFY: + rv = EVP_PKEY_verify_init(ctx); + break; - case EVP_PKEY_OP_VERIFYRECOVER: - rv = EVP_PKEY_verify_recover_init(ctx); - break; + case EVP_PKEY_OP_VERIFYRECOVER: + rv = EVP_PKEY_verify_recover_init(ctx); + break; - case EVP_PKEY_OP_ENCRYPT: - rv = EVP_PKEY_encrypt_init(ctx); - break; + case EVP_PKEY_OP_ENCRYPT: + rv = EVP_PKEY_encrypt_init(ctx); + break; - case EVP_PKEY_OP_DECRYPT: - rv = EVP_PKEY_decrypt_init(ctx); - break; + case EVP_PKEY_OP_DECRYPT: + rv = EVP_PKEY_decrypt_init(ctx); + break; - case EVP_PKEY_OP_DERIVE: - rv = EVP_PKEY_derive_init(ctx); - break; + case EVP_PKEY_OP_DERIVE: + rv = EVP_PKEY_derive_init(ctx); + break; + } } if (rv <= 0) { @@ -649,13 +672,14 @@ static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op, static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx, const EVP_MD *md, EVP_PKEY *pkey, BIO *in, - unsigned char *sig, int siglen, + int filesize, unsigned char *sig, int siglen, unsigned char **out, size_t *poutlen) { int rv = 0; EVP_MD_CTX *mctx = NULL; unsigned char tbuf[TBUF_MAXSIZE]; - int tbuf_len = 0; + unsigned char *mbuf = NULL; + int buf_len = 0; if ((mctx = EVP_MD_CTX_new()) == NULL) { BIO_printf(bio_err, "Error: out of memory\n"); @@ -663,19 +687,58 @@ static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx, } EVP_MD_CTX_set_pkey_ctx(mctx, ctx); + /* Some algorithms only support oneshot digests */ + if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519 + || EVP_PKEY_id(pkey) == EVP_PKEY_ED448) { + if (filesize < 0) { + BIO_printf(bio_err, + "Error: unable to determine file size for oneshot operation\n"); + return rv; + } + mbuf = app_malloc(filesize, "oneshot sign/verify buffer"); + switch(pkey_op) { + case EVP_PKEY_OP_VERIFY: + if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1) + goto end; + buf_len = BIO_read(in, mbuf, filesize); + if (buf_len != filesize) { + BIO_printf(bio_err, "Error reading raw input data\n"); + goto end; + } + rv = EVP_DigestVerify(mctx, sig, (size_t)siglen, mbuf, buf_len); + break; + case EVP_PKEY_OP_SIGN: + if (EVP_DigestSignInit(mctx, NULL, md, NULL, pkey) != 1) + goto end; + buf_len = BIO_read(in, mbuf, filesize); + if (buf_len != filesize) { + BIO_printf(bio_err, "Error reading raw input data\n"); + goto end; + } + rv = EVP_DigestSign(mctx, NULL, poutlen, mbuf, buf_len); + if (rv == 1 && out != NULL) { + *out = app_malloc(*poutlen, "buffer output"); + rv = EVP_DigestSign(mctx, *out, poutlen, mbuf, buf_len); + } + break; + } + OPENSSL_free(mbuf); + goto end; + } + switch(pkey_op) { case EVP_PKEY_OP_VERIFY: if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1) goto end; for (;;) { - tbuf_len = BIO_read(in, tbuf, TBUF_MAXSIZE); - if (tbuf_len == 0) + buf_len = BIO_read(in, tbuf, TBUF_MAXSIZE); + if (buf_len == 0) break; - if (tbuf_len < 0) { + if (buf_len < 0) { BIO_printf(bio_err, "Error reading raw input data\n"); goto end; } - rv = EVP_DigestVerifyUpdate(mctx, tbuf, (size_t)tbuf_len); + rv = EVP_DigestVerifyUpdate(mctx, tbuf, (size_t)buf_len); if (rv != 1) { BIO_printf(bio_err, "Error verifying raw input data\n"); goto end; @@ -687,14 +750,14 @@ static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx, if (EVP_DigestSignInit(mctx, NULL, md, NULL, pkey) != 1) goto end; for (;;) { - tbuf_len = BIO_read(in, tbuf, TBUF_MAXSIZE); - if (tbuf_len == 0) + buf_len = BIO_read(in, tbuf, TBUF_MAXSIZE); + if (buf_len == 0) break; - if (tbuf_len < 0) { + if (buf_len < 0) { BIO_printf(bio_err, "Error reading raw input data\n"); goto end; } - rv = EVP_DigestSignUpdate(mctx, tbuf, (size_t)tbuf_len); + rv = EVP_DigestSignUpdate(mctx, tbuf, (size_t)buf_len); if (rv != 1) { BIO_printf(bio_err, "Error signing raw input data\n"); goto end; diff --git a/doc/man1/pkeyutl.pod b/doc/man1/pkeyutl.pod index c566f6d..13af327 100644 --- a/doc/man1/pkeyutl.pod +++ b/doc/man1/pkeyutl.pod @@ -62,7 +62,7 @@ if this option is not specified. This indicates that the input data is raw data, which is not hashed by any message digest algorithm. The user can specify a digest algorithm by using the B<-digest> option. This option can only be used with B<-sign> and -B<-verify>. +B<-verify> and must be used with the Ed25519 and Ed448 algorithms. =item B<-digest algorithm> @@ -216,21 +216,18 @@ hash the input data. It is used (by some algorithms) for sanity-checking the lengths of data passed in to the B and for creating the structures that make up the signature (e.g. B in RSASSA PKCS#1 v1.5 signatures). -This utility does not hash the input data but rather it will use the data -directly as input to the signature algorithm. Depending on the key type, -signature type, and mode of padding, the maximum acceptable lengths of input -data differ. The signed data can't be longer than the key modulus with RSA. In -case of ECDSA and DSA the data shouldn't be longer than the field -size, otherwise it will be silently truncated to the field size. In any event -the input size must not be larger than the largest supported digest size. +This utility does not hash the input data (except where -rawin is used) but +rather it will use the data directly as input to the signature algorithm. +Depending on the key type, signature type, and mode of padding, the maximum +acceptable lengths of input data differ. The signed data can't be longer than +the key modulus with RSA. In case of ECDSA and DSA the data shouldn't be longer +than the field size, otherwise it will be silently truncated to the field size. +In any event the input size must not be larger than the largest supported digest +size. In other words, if the value of digest is B the input should be the 20 bytes long binary encoding of the SHA-1 hash function output. -The Ed25519 and Ed448 signature algorithms are not supported by this utility. -They accept non-hashed input, but this utility can only be used to sign hashed -input. - =head1 RSA ALGORITHM The RSA algorithm generally supports the encrypt, decrypt, sign, @@ -319,6 +316,18 @@ this digest is assumed by default. The X25519 and X448 algorithms support key derivation only. Currently there are no additional options. +=head1 Ed25519 and Ed448 ALGORITHMS + +These algorithms only support signing and verifying. OpenSSL only implements the +"pure" variants of these algorithms so raw data can be passed directly to them +without hashing them first. The option "-rawin" must be used with these +algorithms with no "-digest" specified. Additionally OpenSSL only supports +"oneshot" operation with these algorithms. This means that the entire file to +be signed/verified must be read into memory before processing it. Signing or +Verifying very large files should be avoided. Additionally the size of the file +must be known for this to work. If the size of the file cannot be determined +(for example if the input is stdin) then the sign or verify operation will fail. + =head1 SM2 The SM2 algorithm supports sign, verify, encrypt and decrypt operations. For diff --git a/test/recipes/20-test_pkeyutl.t b/test/recipes/20-test_pkeyutl.t index 1457530..21f4e62 100644 --- a/test/recipes/20-test_pkeyutl.t +++ b/test/recipes/20-test_pkeyutl.t @@ -15,34 +15,56 @@ use OpenSSL::Test::Utils; setup("test_pkeyutl"); -plan tests => 2; +plan tests => 6; -sub sign -{ - # Utilize the sm2.crt as the TBS file - return run(app(([ 'openssl', 'pkeyutl', '-sign', +# For the tests below we use the cert itself as the TBS file + +SKIP: { + skip "Skipping tests that require EC, SM2 or SM3", 2 + if disabled("ec") || disabled("sm2") || disabled("sm3"); + + # SM2 + ok(run(app(([ 'openssl', 'pkeyutl', '-sign', '-in', srctop_file('test', 'certs', 'sm2.crt'), '-inkey', srctop_file('test', 'certs', 'sm2.key'), - '-out', 'signature.sm2', '-rawin', - '-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))); -} - -sub verify -{ - # Utilize the sm2.crt as the TBS file - return run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin', + '-out', 'signature.dat', '-rawin', + '-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))), + "Sign a piece of data using SM2"); + ok(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin', '-in', srctop_file('test', 'certs', 'sm2.crt'), '-inkey', srctop_file('test', 'certs', 'sm2.crt'), - '-sigfile', 'signature.sm2', '-rawin', - '-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))); + '-sigfile', 'signature.dat', '-rawin', + '-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))), + "Verify an SM2 signature against a piece of data"); } SKIP: { - skip "Skipping tests that require EC, SM2 or SM3", 2 - if disabled("ec") || disabled("sm2") || disabled("sm3"); + skip "Skipping tests that require EC", 4 + if disabled("ec"); + + # Ed25519 + ok(run(app(([ 'openssl', 'pkeyutl', '-sign', '-in', + srctop_file('test', 'certs', 'server-ed25519-cert.pem'), + '-inkey', srctop_file('test', 'certs', 'server-ed25519-key.pem'), + '-out', 'signature.dat', '-rawin']))), + "Sign a piece of data using Ed25519"); + ok(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin', '-in', + srctop_file('test', 'certs', 'server-ed25519-cert.pem'), + '-inkey', srctop_file('test', 'certs', 'server-ed25519-cert.pem'), + '-sigfile', 'signature.dat', '-rawin']))), + "Verify an Ed25519 signature against a piece of data"); - ok(sign, "Sign a piece of data using SM2"); - ok(verify, "Verify an SM2 signature against a piece of data"); + # Ed448 + ok(run(app(([ 'openssl', 'pkeyutl', '-sign', '-in', + srctop_file('test', 'certs', 'server-ed448-cert.pem'), + '-inkey', srctop_file('test', 'certs', 'server-ed448-key.pem'), + '-out', 'signature.dat', '-rawin']))), + "Sign a piece of data using Ed448"); + ok(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin', '-in', + srctop_file('test', 'certs', 'server-ed448-cert.pem'), + '-inkey', srctop_file('test', 'certs', 'server-ed448-cert.pem'), + '-sigfile', 'signature.dat', '-rawin']))), + "Verify an Ed448 signature against a piece of data"); } -unlink 'signature.sm2'; +unlink 'signature.dat'; From no-reply at appveyor.com Thu Mar 14 12:53:41 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 12:53:41 +0000 Subject: Build failed: openssl master.23457 Message-ID: <20190314125341.1.2A6A4051CB394FCD@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Mar 14 14:09:43 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 14:09:43 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-siphash Message-ID: <1552572583.281692.31479.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-siphash Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification From openssl at openssl.org Thu Mar 14 14:24:55 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 14:24:55 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm2 Message-ID: <1552573495.666400.23985.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/01-test_symbol_presence.t (Wstat: 256 Tests: 4 Failed: 1) Failed test: 2 Non-zero exit status: 1 Files=168, Tests=1486, 256 wallclock secs ( 2.75 usr 0.33 sys + 233.01 cusr 11.58 csys = 247.67 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sm2' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Mar 14 14:32:49 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 14 Mar 2019 14:32:49 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-sm3 Message-ID: <1552573969.045538.20852.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: 81d61a62fa Fix memory leak in ectest d3620841cc test/params_test.c: use TEST_double_eq to check doubles 932c3d0f67 test/params_test.c: make more global variables static 847275075f test/params_test.c: make construct_api_params() static 62ca156505 prevent app_get_pass() from revealing cleartext password on syntax error fff684168c test/params_test.c: Add run-time constructed OSSL_PARAM variant bc1e0be709 test/params_test.c: Add API test case, and mixed methods 9ad41d246f test/params_test.c: Add "real world" parameter testing 80889e41a7 Fix no-dso 5810bbd8c7 Fix various no-* options 81cd023f1d Fix memory leaks in pkread.c demo file 8267becb8b Support SM2 certificate verification Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/01-test_symbol_presence.t (Wstat: 256 Tests: 4 Failed: 1) Failed test: 2 Non-zero exit status: 1 Files=168, Tests=1486, 260 wallclock secs ( 2.90 usr 0.40 sys + 236.94 cusr 12.12 csys = 252.36 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sm3' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Mar 14 14:37:17 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 14:37:17 +0000 Subject: Build completed: openssl master.23458 Message-ID: <20190314143717.1.1FFB020B2A55A02D@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Thu Mar 14 15:22:40 2019 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Mar 2019 15:22:40 +0000 Subject: [openssl] master update Message-ID: <1552576960.505781.27980.nullmailer@dev.openssl.org> The branch master has been updated via 085bef9f7cee8506cc9d438d4fbc3663f46c5fe2 (commit) from ee633ace7397ebc9829b845e7e7bbd8283b455f6 (commit) - Log ----------------------------------------------------------------- commit 085bef9f7cee8506cc9d438d4fbc3663f46c5fe2 Author: Richard Levitte Date: Thu Mar 14 07:59:28 2019 +0100 crypto/provider_core.c: correct definition and use of lock Fixes #8476 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8477) ----------------------------------------------------------------------- Summary of changes: crypto/provider_core.c | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/crypto/provider_core.c b/crypto/provider_core.c index fb4be55..8af5b1f1 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -28,9 +28,7 @@ struct ossl_provider_st { /* OpenSSL library side data */ CRYPTO_REF_COUNT refcnt; -#ifndef HAVE_ATOMICS - CRYPTO_RWLOCK refcnt_lock; /* For the ref counter */ -#endif + CRYPTO_RWLOCK *refcnt_lock; /* For the ref counter */ char *name; DSO *module; OSSL_provider_init_fn *init_function; @@ -123,11 +121,7 @@ int ossl_provider_upref(OSSL_PROVIDER *prov) { int ref = 0; -#ifndef HAVE_ATOMICS CRYPTO_UP_REF(&prov->refcnt, &ref, prov->refcnt_lock); -#else - CRYPTO_UP_REF(&prov->refcnt, &ref, NULL); -#endif return ref; } @@ -171,6 +165,9 @@ OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, } if ((prov = OPENSSL_zalloc(sizeof(*prov))) == NULL +#ifndef HAVE_ATOMICS + || (prov->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL +#endif || !ossl_provider_upref(prov) /* +1 One reference to be returned */ || (prov->name = OPENSSL_strdup(name)) == NULL) { ossl_provider_free(prov); @@ -207,11 +204,7 @@ void ossl_provider_free(OSSL_PROVIDER *prov) if (prov != NULL) { int ref = 0; -#ifndef HAVE_ATOMICS - CRYPTO_DOWN_REF(&prov->refcnt, &ref, provider_lock); -#else - CRYPTO_DOWN_REF(&prov->refcnt, &ref, NULL); -#endif + CRYPTO_DOWN_REF(&prov->refcnt, &ref, prov->refcnt_lock); /* * When the refcount drops down to one, there is only one reference, @@ -231,6 +224,9 @@ void ossl_provider_free(OSSL_PROVIDER *prov) if (ref == 0) { DSO_free(prov->module); OPENSSL_free(prov->name); +#ifndef HAVE_ATOMICS + CRYPTO_THREAD_lock_free(prov->refcnt_lock); +#endif OPENSSL_free(prov); } } From levitte at openssl.org Thu Mar 14 15:26:41 2019 From: levitte at openssl.org (Richard Levitte) Date: Thu, 14 Mar 2019 15:26:41 +0000 Subject: [openssl] master update Message-ID: <1552577201.977524.32540.nullmailer@dev.openssl.org> The branch master has been updated via 503d4745a115b82db01c1fb22baaddb153d27cdb (commit) from 085bef9f7cee8506cc9d438d4fbc3663f46c5fe2 (commit) - Log ----------------------------------------------------------------- commit 503d4745a115b82db01c1fb22baaddb153d27cdb Author: Richard Levitte Date: Thu Mar 14 09:59:00 2019 +0100 internal/refcount.h: allow non-atomic build Configure with -DOPENSSL_DEV_NO_ATOMICS and you get refcount without atomics. This is intended for internal development only, to check the refcounting is properly coded. It should never become a configuration option, hence the name of the macro. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/8479) ----------------------------------------------------------------------- Summary of changes: include/internal/refcount.h | 49 +++++++++++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 20 deletions(-) diff --git a/include/internal/refcount.h b/include/internal/refcount.h index b6c9f9c..f8b0778 100644 --- a/include/internal/refcount.h +++ b/include/internal/refcount.h @@ -16,16 +16,17 @@ # endif # endif -# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L \ - && !defined(__STDC_NO_ATOMICS__) -# include -# define HAVE_C11_ATOMICS -# endif +# ifndef OPENSSL_DEV_NO_ATOMICS +# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L \ + && !defined(__STDC_NO_ATOMICS__) +# include +# define HAVE_C11_ATOMICS +# endif -# if defined(HAVE_C11_ATOMICS) && defined(ATOMIC_INT_LOCK_FREE) \ - && ATOMIC_INT_LOCK_FREE > 0 +# if defined(HAVE_C11_ATOMICS) && defined(ATOMIC_INT_LOCK_FREE) \ + && ATOMIC_INT_LOCK_FREE > 0 -# define HAVE_ATOMICS 1 +# define HAVE_ATOMICS 1 typedef _Atomic int CRYPTO_REF_COUNT; @@ -53,9 +54,9 @@ static inline int CRYPTO_DOWN_REF(_Atomic int *val, int *ret, void *lock) return 1; } -# elif defined(__GNUC__) && defined(__ATOMIC_RELAXED) && __GCC_ATOMIC_INT_LOCK_FREE > 0 +# elif defined(__GNUC__) && defined(__ATOMIC_RELAXED) && __GCC_ATOMIC_INT_LOCK_FREE > 0 -# define HAVE_ATOMICS 1 +# define HAVE_ATOMICS 1 typedef int CRYPTO_REF_COUNT; @@ -73,17 +74,17 @@ static __inline__ int CRYPTO_DOWN_REF(int *val, int *ret, void *lock) return 1; } -# elif defined(_MSC_VER) && _MSC_VER>=1200 +# elif defined(_MSC_VER) && _MSC_VER>=1200 -# define HAVE_ATOMICS 1 +# define HAVE_ATOMICS 1 typedef volatile int CRYPTO_REF_COUNT; -# if (defined(_M_ARM) && _M_ARM>=7) || defined(_M_ARM64) -# include -# if defined(_M_ARM64) && !defined(_ARM_BARRIER_ISH) -# define _ARM_BARRIER_ISH _ARM64_BARRIER_ISH -# endif +# if (defined(_M_ARM) && _M_ARM>=7) || defined(_M_ARM64) +# include +# if defined(_M_ARM64) && !defined(_ARM_BARRIER_ISH) +# define _ARM_BARRIER_ISH _ARM64_BARRIER_ISH +# endif static __inline int CRYPTO_UP_REF(volatile int *val, int *ret, void *lock) { @@ -98,8 +99,8 @@ static __inline int CRYPTO_DOWN_REF(volatile int *val, int *ret, void *lock) __dmb(_ARM_BARRIER_ISH); return 1; } -# else -# pragma intrinsic(_InterlockedExchangeAdd) +# else +# pragma intrinsic(_InterlockedExchangeAdd) static __inline int CRYPTO_UP_REF(volatile int *val, int *ret, void *lock) { @@ -112,9 +113,17 @@ static __inline int CRYPTO_DOWN_REF(volatile int *val, int *ret, void *lock) *ret = _InterlockedExchangeAdd(val, -1) - 1; return 1; } +# endif + # endif +# endif /* !OPENSSL_DEV_NO_ATOMICS */ -# else +/* + * All the refcounting implementations above define HAVE_ATOMICS, so if it's + * still undefined here (such as when OPENSSL_DEV_NO_ATMOICS is defined), it + * means we need to implement a fallback. This fallback uses locks. + */ +# ifndef HAVE_ATOMICS typedef int CRYPTO_REF_COUNT; From no-reply at appveyor.com Thu Mar 14 15:34:06 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 15:34:06 +0000 Subject: Build failed: openssl master.23460 Message-ID: <20190314153406.1.ED722591AB95CCE9@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Mar 14 15:56:32 2019 From: builds at travis-ci.org (Travis CI) Date: Thu, 14 Mar 2019 15:56:32 +0000 Subject: Errored: openssl/openssl#24057 (master - 085bef9) In-Reply-To: Message-ID: <5c8a783d5867e_43ff4b702fd0017908e@0f72eedf-ed5f-4df6-bb1d-08a019f6ea8d.mail> Build Update for openssl/openssl ------------------------------------- Build: #24057 Status: Errored Duration: 26 mins and 56 secs Commit: 085bef9 (master) Author: Richard Levitte Message: crypto/provider_core.c: correct definition and use of lock Fixes #8476 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8477) View the changeset: https://github.com/openssl/openssl/compare/ee633ace7397...085bef9f7cee View the full build log and details: https://travis-ci.org/openssl/openssl/builds/506337024?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Mar 14 16:41:02 2019 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 14 Mar 2019 16:41:02 +0000 Subject: Build completed: openssl master.23461 Message-ID: <20190314164102.1.89A6681A4855D733@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Mar 15 01:38:33 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 15 Mar 2019 01:38:33 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ec Message-ID: <1552613913.416943.9462.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec Commit log since last time: 503d4745a1 internal/refcount.h: allow non-atomic build 085bef9f7c crypto/provider_core.c: correct definition and use of lock ee633ace73 Enable pkeyutl to use Ed448 and Ed25519 6bc62a620e Configure: disable new trace api by default d33d76168f Don't fail when tracing is disabled Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ skipped: test_key_share needs TLS1.3 enabled ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. skipped: test_tls13alerts needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13cookie.t .............. skipped: test_tls13cookie needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade needs TLS1.3 and TLS1.2 enabled ../../openssl/test/recipes/70-test_tls13hrr.t ................. skipped: test_tls13hrr needs TLS1.3 enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ skipped: test_tls13kexmodes needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13messages.t ............ skipped: test_tls13messages needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tls13psk.t ................. skipped: test_tls13psk needs TLSv1.3 enabled ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... skipped: ct and ec are not supported by this OpenSSL build ../../openssl/test/recipes/80-test_dane.t ..................... skipped: test_dane uses ec which is not supported by this OpenSSL build ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. skipped: test_dane uses ec which is not supported by this OpenSSL build ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. ok ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build ../../openssl/test/recipes/90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build ../../openssl/test/recipes/90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/01-test_symbol_presence.t (Wstat: 256 Tests: 4 Failed: 1) Failed test: 2 Non-zero exit status: 1 Files=168, Tests=1270, 128 wallclock secs ( 1.67 usr 0.26 sys + 110.90 cusr 9.50 csys = 122.33 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ec' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From matthias.st.pierre at ncp-e.com Fri Mar 15 07:46:01 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Fri, 15 Mar 2019 07:46:01 +0000 Subject: [openssl] master update Message-ID: <1552635961.511262.6429.nullmailer@dev.openssl.org> The branch master has been updated via 355417eb4611014767480e5d3e96b1b08eb02700 (commit) from 503d4745a115b82db01c1fb22baaddb153d27cdb (commit) - Log ----------------------------------------------------------------- commit 355417eb4611014767480e5d3e96b1b08eb02700 Author: Dr. Matthias St. Pierre Date: Fri Mar 15 01:48:51 2019 +0100 VMS: only use the high precision on VMS v8.4 and up Fixes #8487 Amends #7230 Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8488) ----------------------------------------------------------------------- Summary of changes: crypto/rand/rand_vms.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c index c083977..d35106a 100644 --- a/crypto/rand/rand_vms.c +++ b/crypto/rand/rand_vms.c @@ -507,7 +507,11 @@ int rand_pool_add_additional_data(RAND_POOL *pool) * concurrently (which is the case for the drbg). */ data.tid = CRYPTO_THREAD_get_current_id(); +#if __CRTL_VER >= 80400000 sys$gettim_prec(&data.time); +#else + sys$gettim((void*)&data.time); +#endif return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); } From matthias.st.pierre at ncp-e.com Fri Mar 15 07:46:36 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Fri, 15 Mar 2019 07:46:36 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1552635996.753836.7774.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via b8caae27f19f29f3db927301fbd26fedc90c6b9b (commit) from 45956011b9a5b0e7a2170d4c4f5f866d00702450 (commit) - Log ----------------------------------------------------------------- commit b8caae27f19f29f3db927301fbd26fedc90c6b9b Author: Dr. Matthias St. Pierre Date: Fri Mar 15 01:48:51 2019 +0100 VMS: only use the high precision on VMS v8.4 and up Fixes #8487 Amends #7230 Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8488) (cherry picked from commit 355417eb4611014767480e5d3e96b1b08eb02700) ----------------------------------------------------------------------- Summary of changes: crypto/rand/rand_vms.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c index bfcf6f0..e844291 100644 --- a/crypto/rand/rand_vms.c +++ b/crypto/rand/rand_vms.c @@ -507,7 +507,11 @@ int rand_pool_add_additional_data(RAND_POOL *pool) * concurrently (which is the case for the drbg). */ data.tid = CRYPTO_THREAD_get_current_id(); +#if __CRTL_VER >= 80400000 sys$gettim_prec(&data.time); +#else + sys$gettim((void*)&data.time); +#endif return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); } From no-reply at appveyor.com Fri Mar 15 07:49:53 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 15 Mar 2019 07:49:53 +0000 Subject: Build failed: openssl master.23468 Message-ID: <20190315074953.1.D56E9656F28604E8@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Fri Mar 15 07:50:07 2019 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Fri, 15 Mar 2019 07:50:07 +0000 Subject: [openssl] master update Message-ID: <1552636207.909494.11963.nullmailer@dev.openssl.org> The branch master has been updated via c37e635065a5bcb744dfb282f59e978e41490ce4 (commit) via fe50e115718edb8938443a45c8014d6568537bd0 (commit) via 13d06925e8cb15bf4247f14280d535618e7a4b2b (commit) via 5afb177c3c84d36244fd1b25b96a204ae6777a51 (commit) via e474a286f55966cd14b96334a621e53df62d3ef6 (commit) from 355417eb4611014767480e5d3e96b1b08eb02700 (commit) - Log ----------------------------------------------------------------- commit c37e635065a5bcb744dfb282f59e978e41490ce4 Author: Dr. Matthias St. Pierre Date: Tue Mar 12 23:35:45 2019 +0100 trace: update the documentation This commit adds some missing symbols and other minor enhancements. In particular, it establishes the term 'channel' as a synonym for a BIO object attached to a trace category, and introduces the concept of a 'simple' channel versus a 'callback' channel. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8463) commit fe50e115718edb8938443a45c8014d6568537bd0 Author: Dr. Matthias St. Pierre Date: Wed Mar 13 00:14:55 2019 +0100 trace: ensure correct grouping It is important that output to the trace channels occurs only inside a trace group. This precondtion is satisfied whenever the standard TRACE macros are used. It can be violated only by a bad programming mistake, like copying the 'trc_out' pointer and using it outside the trace group. This commit enforces correct pairing of the OSSL_TRACE_CTRL_BEGIN and OSSL_TRACE_CTRL_END callbacks, and checks that OSSL_TRACE_CTRL_WRITE callbacks only occur within such groups. While implementing it, it turned out that the group assertion failed apps/openssl.c:152: OpenSSL internal error: \ Assertion failed: trace_data->ingroup because the set_trace_data() function invokes some callbacks which generate trace output, but the correct channel type was set only after the set_trace_data() call. To fix the failed assertions, the correct channel type is now set inside the set_trace_data() call, instead of doing it afterwards. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8463) commit 13d06925e8cb15bf4247f14280d535618e7a4b2b Author: Dr. Matthias St. Pierre Date: Tue Mar 12 23:04:14 2019 +0100 trace: don't leak the line prefix The openssl app registers trace callbacks which automatically set a line prefix in the OSSL_TRACE_CTRL_BEGIN callback. This prefix needs to be cleared in the OSSL_TRACE_CTRL_END callback, otherwise a memory leak is reported when openssl is built with crypto-mdebug enabled. This leak causes the tests to fail when tracing and memory debugging are enabled. The leak can be observed by any command that produces trace output, e.g. by OPENSSL_TRACE=ANY util/shlib_wrap.sh apps/openssl version ... [00:19:14] 4061 file=apps/bf_prefix.c, line=152, ... 26 bytes leaked in 1 chunks Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8463) commit 5afb177c3c84d36244fd1b25b96a204ae6777a51 Author: Dr. Matthias St. Pierre Date: Sun Mar 10 11:07:27 2019 +0100 trace: rename the trace channel types Since the term 'channel' is already used as synonym for a BIO object attached to a trace category, having a 't_channel' channel type and a 't_callback' channel type somehow overburdens this term. For that reason the type enum constants are renamed to 'SIMPE_CHANNEL' and 'CALLBACK_CHANNEL'. (The conversion to capital letters was done to comply to the coding style.) Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8463) commit e474a286f55966cd14b96334a621e53df62d3ef6 Author: Dr. Matthias St. Pierre Date: Sun Mar 10 01:35:16 2019 +0100 trace: remove some magic numbers Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8463) ----------------------------------------------------------------------- Summary of changes: apps/openssl.c | 43 ++++++++++++----------- crypto/trace.c | 69 ++++++++++++++++++++----------------- doc/man3/OSSL_trace_enabled.pod | 55 ++++++++++++++++++++++++++--- doc/man3/OSSL_trace_set_channel.pod | 30 +++++++++++----- include/openssl/trace.h | 2 +- util/private.num | 6 ++++ 6 files changed, 140 insertions(+), 65 deletions(-) diff --git a/apps/openssl.c b/apps/openssl.c index 72a0bb0..119d3e8 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -126,30 +126,19 @@ typedef struct tracedata_st { static size_t internal_trace_cb(const char *buf, size_t cnt, int category, int cmd, void *vdata) { - int ret; + int ret = 0; tracedata *trace_data = vdata; - int set_prefix = 0; + union { + CRYPTO_THREAD_ID tid; + unsigned long ltid; + } tid; + char buffer[256]; switch (cmd) { case OSSL_TRACE_CTRL_BEGIN: + if (!ossl_assert(!trace_data->ingroup)) + return 0; trace_data->ingroup = 1; - set_prefix = 1; - break; - case OSSL_TRACE_CTRL_DURING: - if (!trace_data->ingroup) - set_prefix = 1; - break; - case OSSL_TRACE_CTRL_END: - trace_data->ingroup = 0; - break; - } - - if (set_prefix) { - union { - CRYPTO_THREAD_ID tid; - unsigned long ltid; - } tid; - char buffer[256]; tid.ltid = 0; tid.tid = CRYPTO_THREAD_get_current_id(); @@ -158,8 +147,22 @@ static size_t internal_trace_cb(const char *buf, size_t cnt, OSSL_trace_get_category_name(category)); BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX, strlen(buffer), buffer); + break; + case OSSL_TRACE_CTRL_WRITE: + if (!ossl_assert(trace_data->ingroup)) + return 0; + + ret = BIO_write(trace_data->bio, buf, cnt); + break; + case OSSL_TRACE_CTRL_END: + if (!ossl_assert(trace_data->ingroup)) + return 0; + trace_data->ingroup = 0; + + BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX, 0, NULL); + + break; } - ret = BIO_write(trace_data->bio, buf, cnt); return ret < 0 ? 0 : ret; } diff --git a/crypto/trace.c b/crypto/trace.c index c0b3ab2..613664c 100644 --- a/crypto/trace.c +++ b/crypto/trace.c @@ -65,7 +65,7 @@ static int trace_write(BIO *channel, const char *buf, size_t num, size_t *written) { struct trace_data_st *ctx = BIO_get_data(channel); - size_t cnt = ctx->callback(buf, num, ctx->category, OSSL_TRACE_CTRL_DURING, + size_t cnt = ctx->callback(buf, num, ctx->category, OSSL_TRACE_CTRL_WRITE, ctx->data); *written = cnt; @@ -158,7 +158,7 @@ int OSSL_trace_get_category_num(const char *name) /* We use one trace channel for each trace category */ static struct { - enum { t_channel, t_callback } type; + enum { SIMPLE_CHANNEL, CALLBACK_CHANNEL } type; BIO *bio; char *prefix; char *suffix; @@ -169,18 +169,25 @@ static struct { #endif #ifndef OPENSSL_NO_TRACE + +enum { + CHANNEL, + PREFIX, + SUFFIX +}; + static int trace_attach_cb(int category, int type, const void *data) { switch (type) { - case 0: /* Channel */ + case CHANNEL: OSSL_TRACE2(TRACE, "Attach channel %p to category '%s'\n", data, trace_categories[category].name); break; - case 1: /* Prefix */ + case PREFIX: OSSL_TRACE2(TRACE, "Attach prefix \"%s\" to category '%s'\n", (const char *)data, trace_categories[category].name); break; - case 2: /* Suffix */ + case SUFFIX: OSSL_TRACE2(TRACE, "Attach suffix \"%s\" to category '%s'\n", (const char *)data, trace_categories[category].name); break; @@ -193,15 +200,15 @@ static int trace_attach_cb(int category, int type, const void *data) static int trace_detach_cb(int category, int type, const void *data) { switch (type) { - case 0: /* Channel */ + case CHANNEL: OSSL_TRACE2(TRACE, "Detach channel %p from category '%s'\n", data, trace_categories[category].name); break; - case 1: /* Prefix */ + case PREFIX: OSSL_TRACE2(TRACE, "Detach prefix \"%s\" from category '%s'\n", (const char *)data, trace_categories[category].name); break; - case 2: /* Suffix */ + case SUFFIX: OSSL_TRACE2(TRACE, "Detach suffix \"%s\" from category '%s'\n", (const char *)data, trace_categories[category].name); break; @@ -211,7 +218,7 @@ static int trace_detach_cb(int category, int type, const void *data) return 1; } -static int set_trace_data(int category, BIO **channel, +static int set_trace_data(int category, int type, BIO **channel, const char **prefix, const char **suffix, int (*attach_cb)(int, int, const void *), int (*detach_cb)(int, int, const void *)) @@ -222,15 +229,15 @@ static int set_trace_data(int category, BIO **channel, /* Make sure to run the detach callback first on all data */ if (prefix != NULL && curr_prefix != NULL) { - detach_cb(category, 1, curr_prefix); + detach_cb(category, PREFIX, curr_prefix); } if (suffix != NULL && curr_suffix != NULL) { - detach_cb(category, 2, curr_suffix); + detach_cb(category, SUFFIX, curr_suffix); } if (channel != NULL && curr_channel != NULL) { - detach_cb(category, 0, curr_channel); + detach_cb(category, CHANNEL, curr_channel); } /* After detach callbacks are done, clear data where appropriate */ @@ -246,11 +253,13 @@ static int set_trace_data(int category, BIO **channel, if (channel != NULL && curr_channel != NULL) { BIO_free(curr_channel); + trace_channels[category].type = 0; trace_channels[category].bio = NULL; } /* Before running callbacks are done, set new data where appropriate */ if (channel != NULL && *channel != NULL) { + trace_channels[category].type = type; trace_channels[category].bio = *channel; } @@ -268,15 +277,15 @@ static int set_trace_data(int category, BIO **channel, /* Finally, run the attach callback on the new data */ if (channel != NULL && *channel != NULL) { - attach_cb(category, 0, *channel); + attach_cb(category, CHANNEL, *channel); } if (prefix != NULL && *prefix != NULL) { - attach_cb(category, 1, *prefix); + attach_cb(category, PREFIX, *prefix); } if (suffix != NULL && *suffix != NULL) { - attach_cb(category, 2, *suffix); + attach_cb(category, SUFFIX, *suffix); } return 1; @@ -306,10 +315,11 @@ void ossl_trace_cleanup(void) /* We force the TRACE category to be treated last */ if (category == OSSL_TRACE_CATEGORY_TRACE) continue; - set_trace_data(category, &channel, &prefix, &suffix, + set_trace_data(category, 0, &channel, &prefix, &suffix, trace_attach_cb, trace_detach_cb); } - set_trace_data(OSSL_TRACE_CATEGORY_TRACE, &channel, &prefix, &suffix, + set_trace_data(OSSL_TRACE_CATEGORY_TRACE, 0, &channel, + &prefix, &suffix, trace_attach_cb, trace_detach_cb); CRYPTO_THREAD_lock_free(trace_lock); #endif @@ -319,11 +329,9 @@ int OSSL_trace_set_channel(int category, BIO *channel) { #ifndef OPENSSL_NO_TRACE if (category < 0 || category >= OSSL_TRACE_CATEGORY_NUM - || !set_trace_data(category, &channel, NULL, NULL, + || !set_trace_data(category, SIMPLE_CHANNEL, &channel, NULL, NULL, trace_attach_cb, trace_detach_cb)) return 0; - - trace_channels[category].type = t_channel; #endif return 1; } @@ -332,16 +340,16 @@ int OSSL_trace_set_channel(int category, BIO *channel) static int trace_attach_w_callback_cb(int category, int type, const void *data) { switch (type) { - case 0: /* Channel */ + case CHANNEL: OSSL_TRACE2(TRACE, "Attach channel %p to category '%s' (with callback)\n", data, trace_categories[category].name); break; - case 1: /* Prefix */ + case PREFIX: OSSL_TRACE2(TRACE, "Attach prefix \"%s\" to category '%s'\n", (const char *)data, trace_categories[category].name); break; - case 2: /* Suffix */ + case SUFFIX: OSSL_TRACE2(TRACE, "Attach suffix \"%s\" to category '%s'\n", (const char *)data, trace_categories[category].name); break; @@ -374,11 +382,10 @@ int OSSL_trace_set_callback(int category, OSSL_trace_cb callback, void *data) BIO_set_data(channel, trace_data); } - if (!set_trace_data(category, &channel, NULL, NULL, + if (!set_trace_data(category, CALLBACK_CHANNEL, &channel, NULL, NULL, trace_attach_w_callback_cb, trace_detach_cb)) goto err; - trace_channels[category].type = t_callback; goto done; err: @@ -396,7 +403,7 @@ int OSSL_trace_set_prefix(int category, const char *prefix) #ifndef OPENSSL_NO_TRACE if (category >= 0 || category < OSSL_TRACE_CATEGORY_NUM) - return set_trace_data(category, NULL, &prefix, NULL, + return set_trace_data(category, 0, NULL, &prefix, NULL, trace_attach_cb, trace_detach_cb); rv = 0; #endif @@ -409,7 +416,7 @@ int OSSL_trace_set_suffix(int category, const char *suffix) #ifndef OPENSSL_NO_TRACE if (category >= 0 || category < OSSL_TRACE_CATEGORY_NUM) - return set_trace_data(category, NULL, NULL, &suffix, + return set_trace_data(category, 0, NULL, NULL, &suffix, trace_attach_cb, trace_detach_cb); rv = 0; #endif @@ -451,13 +458,13 @@ BIO *OSSL_trace_begin(int category) CRYPTO_THREAD_write_lock(trace_lock); current_channel = channel; switch (trace_channels[category].type) { - case t_channel: + case SIMPLE_CHANNEL: if (prefix != NULL) { (void)BIO_puts(channel, prefix); (void)BIO_puts(channel, "\n"); } break; - case t_callback: + case CALLBACK_CHANNEL: (void)BIO_ctrl(channel, OSSL_TRACE_CTRL_BEGIN, prefix == NULL ? 0 : strlen(prefix), prefix); break; @@ -478,13 +485,13 @@ void OSSL_trace_end(int category, BIO * channel) && ossl_assert(channel == current_channel)) { (void)BIO_flush(channel); switch (trace_channels[category].type) { - case t_channel: + case SIMPLE_CHANNEL: if (suffix != NULL) { (void)BIO_puts(channel, suffix); (void)BIO_puts(channel, "\n"); } break; - case t_callback: + case CALLBACK_CHANNEL: (void)BIO_ctrl(channel, OSSL_TRACE_CTRL_END, suffix == NULL ? 0 : strlen(suffix), suffix); break; diff --git a/doc/man3/OSSL_trace_enabled.pod b/doc/man3/OSSL_trace_enabled.pod index db3f99c..98e3bd6 100644 --- a/doc/man3/OSSL_trace_enabled.pod +++ b/doc/man3/OSSL_trace_enabled.pod @@ -2,7 +2,8 @@ =head1 NAME -OSSL_trace_enabled, OSSL_trace_begin, OSSL_trace_end +OSSL_trace_enabled, OSSL_trace_begin, OSSL_trace_end, +OSSL_TRACE_BEGIN, OSSL_TRACE_END, OSSL_TRACE1, OSSL_TRACE2, OSSL_TRACE9 - OpenSSL Tracing API =head1 SYNOPSIS @@ -14,6 +15,18 @@ OSSL_trace_enabled, OSSL_trace_begin, OSSL_trace_end BIO *OSSL_trace_begin(int category); void OSSL_trace_end(int category, BIO *channel); + /* trace group macros */ + OSSL_TRACE_BEGIN(category) { + ... + } OSSL_TRACE_END(category); + + /* one-shot trace macros */ + OSSL_TRACE1(category, format, arg1) + OSSL_TRACE2(category, format, arg1, arg2) + ... + OSSL_TRACE9(category, format, arg1, ..., arg9) + + =head1 DESCRIPTION The functions described here are mainly interesting for those who provide @@ -30,6 +43,30 @@ L. The fallback type C should I be used with the functions described here. +Tracing for a specific category is enabled if a so called +I is attached to it. A trace channel is simply a +BIO object to which the application can write its trace output. + +The application has two different ways of registering a trace channel, +either by directly providing a BIO object using OSSL_trace_set_channel(), +or by providing a callback routine using OSSL_trace_set_callback(). +The latter is wrapped internally by a dedicated BIO object, so for the +tracing code both channel types are effectively indistinguishable. +We call them a I and a I, +respectively. + +To produce trace output, it is necessary to obtain a pointer to the +trace channel (i.e., the BIO object) using OSSL_trace_begin(), write +to it using arbitrary BIO output routines, and finally releases the +channel using OSSL_trace_end(). The OSSL_trace_begin()/OSSL_trace_end() +calls surrounding the trace output create a group, which acts as a +critical section (guarded by a mutex) to ensure that the trace output +of different threads does not get mixed up. + +The tracing code normally does not call OSSL_trace_{begin,end}() directly, +but rather uses a set of convenience macros, see the L section below. + + =head2 Functions OSSL_trace_enabled() can be used to check if tracing for the given @@ -46,7 +83,7 @@ is I. The result of trying to produce tracing output outside of such sections is undefined. -=head2 Convenience Macros +=head2 Macros There are a number of convenience macros defined, to make tracing easy and consistent. @@ -60,7 +97,7 @@ the B C and are used as follows to wrap a trace section: } OSSL_TRACE_END(TLS); -This will normally expands to: +This will normally expand to: do { BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS); @@ -98,6 +135,16 @@ This will normally expand to: OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out); } while (0); + +C, ... C are one-shot macros which essentially wrap +a single BIO_printf() into a tracing group. + +The call OSSL_TRACEn(category, format, arg1, ..., argN) expands to: + + OSSL_TRACE_BEGIN(category) { + BIO_printf(trc_out, format, arg1, ..., argN) + } OSSL_TRACE_END(category) + =head1 NOTES It is advisable to always check that a trace type is enabled with @@ -133,7 +180,7 @@ nothing. =item * the convenience macros are defined to produce dead code. -For example, take this example from L above: +For example, take this example from L section above: OSSL_TRACE_BEGIN(TLS) { diff --git a/doc/man3/OSSL_trace_set_channel.pod b/doc/man3/OSSL_trace_set_channel.pod index fb680a5..773a6b1 100644 --- a/doc/man3/OSSL_trace_set_channel.pod +++ b/doc/man3/OSSL_trace_set_channel.pod @@ -25,14 +25,21 @@ This output comes in form of free text for humans to read. The trace output is divided into categories which can be enabled individually. -They are enabled by giving them a channel in form of a BIO, or a -tracer callback, which is responsible for performing the actual -output. +Every category can be enabled individually by attaching a so called +I to it, which in the simplest case is just a BIO object +to which the application can write the tracing output for this category. +Alternatively, the application can provide a tracer callback in order to +get more finegrained trace information. This callback will be wrapped +internally by a dedicated BIO object. + +For the tracing code, both trace channel types are indistinguishable. +These are called a I and a I, +respectively. =head2 Functions OSSL_trace_set_channel() is used to enable the given trace C -by giving it the B C. +by attaching the B C object as (simple) trace channel. OSSL_trace_set_prefix() and OSSL_trace_set_suffix() can be used to add an extra line for each channel, to be output before and after group of @@ -46,7 +53,8 @@ OSSL_trace_set_callback() instead. OSSL_trace_set_callback() is used to enable the given trace C by giving it the tracer callback C with the associated data C, which will simply be passed through to C whenever -it's called. +it's called. The callback function is internally wrapped by a +dedicated BIO object, the so called I. This should be used when it's desirable to do form the trace output to something suitable for application needs where a prefix and suffix line aren't enough. @@ -78,9 +86,13 @@ callback the possibility to output a dynamic starting line, or set a prefix that should be output at the beginning of each line, or something other. -=item C +=item C -The callback is called from any regular BIO output routine. +This callback is called whenever data is written to the BIO by some +regular BIO output routine. +An arbitrary number of C callbacks can occur +inside a group marked by a pair of C and +C calls, but never outside such a group. =item C @@ -177,8 +189,8 @@ success, or 0 on failure. =head1 EXAMPLES -In all examples below, we assume that the trace producing code is -this: +In all examples below, the trace producing code is assumed to be +the following: int foo = 42; const char bar[] = { 0, 1, 2, 3, 4, 5, 6, 7, diff --git a/include/openssl/trace.h b/include/openssl/trace.h index da0ba0b..767b19f 100644 --- a/include/openssl/trace.h +++ b/include/openssl/trace.h @@ -95,7 +95,7 @@ typedef size_t (*OSSL_trace_cb)(const char *buffer, size_t count, * Possible |cmd| numbers. */ # define OSSL_TRACE_CTRL_BEGIN 0 -# define OSSL_TRACE_CTRL_DURING 1 +# define OSSL_TRACE_CTRL_WRITE 1 # define OSSL_TRACE_CTRL_END 2 /* diff --git a/util/private.num b/util/private.num index 1fbc160..6c37fc0 100644 --- a/util/private.num +++ b/util/private.num @@ -503,3 +503,9 @@ ASYNC_STATUS_EAGAIN define ASYNC_STATUS_OK define ASYNC_STATUS_ERR define ASYNC_STATUS_UNSUPPORTED define +OSSL_TRACE_BEGIN define +OSSL_TRACE_END define +OSSL_TRACE_CANCEL define +OSSL_TRACE1 define +OSSL_TRACE2 define +OSSL_TRACE9 define From openssl at openssl.org Fri Mar 15 08:28:39 2019 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 15 Mar 2019 08:28:39 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1552638519.266986.22800.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 503d4745a1 internal/refcount.h: allow non-atomic build 085bef9f7c crypto/provider_core.c: correct definition and use of lock ee633ace73 Enable pkeyutl to use Ed448 and Ed25519 6bc62a620e Configure: disable new trace api by default d33d76168f Don't fail when tracing is disabled Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pbelu.t .................... ok ../../openssl/test/recipes/30-test_pkey_meth.t ................ ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok ../../openssl/test/recipes/40-test_rehash.t ................... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok ../../openssl/test/recipes/60-test_x509_store.t ............... ok ../../openssl/test/recipes/60-test_x509_time.t ................ ok ../../openssl/test/recipes/70-test_asyncio.t .................. ok ../../openssl/test/recipes/70-test_bad_dtls.t ................. ok ../../openssl/test/recipes/70-test_clienthello.t .............. ok ../../openssl/test/recipes/70-test_comp.t ..................... ok ../../openssl/test/recipes/70-test_key_share.t ................ ok ../../openssl/test/recipes/70-test_packet.t ................... ok ../../openssl/test/recipes/70-test_recordlen.t ................ ok ../../openssl/test/recipes/70-test_renegotiation.t ............ ok ../../openssl/test/recipes/70-test_servername.t ............... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok ../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok ../../openssl/test/recipes/70-test_sslextension.t ............. ok ../../openssl/test/recipes/70-test_sslmessages.t .............. ok ../../openssl/test/recipes/70-test_sslrecords.t ............... ok ../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok ../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok ../../openssl/test/recipes/70-test_sslsignature.t ............. ok ../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok ../../openssl/test/recipes/70-test_sslversions.t .............. ok ../../openssl/test/recipes/70-test_sslvertol.t ................ ok ../../openssl/test/recipes/70-test_tls13alerts.t .............. ok ../../openssl/test/recipes/70-test_tls13cookie.t .............. ok ../../openssl/test/recipes/70-test_tls13downgrade.t ........... ok ../../openssl/test/recipes/70-test_tls13hrr.t ................. ok ../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok ../../openssl/test/recipes/70-test_tls13messages.t ............ ok ../../openssl/test/recipes/70-test_tls13psk.t ................. ok ../../openssl/test/recipes/70-test_tlsextms.t ................. ok ../../openssl/test/recipes/70-test_verify_extra.t ............. ok ../../openssl/test/recipes/70-test_wpacket.t .................. ok ../../openssl/test/recipes/80-test_ca.t ....................... ok ../../openssl/test/recipes/80-test_cipherbytes.t .............. ok ../../openssl/test/recipes/80-test_cipherlist.t ............... ok ../../openssl/test/recipes/80-test_ciphername.t ............... ok ../../openssl/test/recipes/80-test_cms.t ...................... ok ../../openssl/test/recipes/80-test_cmsapi.t ................... ok ../../openssl/test/recipes/80-test_ct.t ....................... ok ../../openssl/test/recipes/80-test_dane.t ..................... ok ../../openssl/test/recipes/80-test_dtls.t ..................... ok ../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok ../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok ../../openssl/test/recipes/80-test_ocsp.t ..................... ok ../../openssl/test/recipes/80-test_pkcs12.t ................... ok ../../openssl/test/recipes/80-test_ssl_new.t .................. ok ../../openssl/test/recipes/80-test_ssl_old.t .................. ok ../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok ../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok ../../openssl/test/recipes/80-test_tsa.t ...................... ok ../../openssl/test/recipes/80-test_x509aux.t .................. ok ../../openssl/test/recipes/90-test_asn1_time.t ................ ok ../../openssl/test/recipes/90-test_async.t .................... ok ../../openssl/test/recipes/90-test_bio_enc.t .................. ok ../../openssl/test/recipes/90-test_bio_memleak.t .............. ok ../../openssl/test/recipes/90-test_constant_time.t ............ ok ../../openssl/test/recipes/90-test_fatalerr.t ................. ok ../../openssl/test/recipes/90-test_gmdiff.t ................... ok ../../openssl/test/recipes/90-test_gost.t ..................... ok ../../openssl/test/recipes/90-test_ige.t ...................... ok ../../openssl/test/recipes/90-test_includes.t ................. skipped: test_includes doesn't work without posix-io ../../openssl/test/recipes/90-test_memleak.t .................. ok ../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds ../../openssl/test/recipes/90-test_secmem.t ................... ok ../../openssl/test/recipes/90-test_shlibload.t ................ ok ../../openssl/test/recipes/90-test_srp.t ...................... ok ../../openssl/test/recipes/90-test_sslapi.t ................... ok ../../openssl/test/recipes/90-test_sslbuffers.t ............... ok ../../openssl/test/recipes/90-test_store.t .................... ok ../../openssl/test/recipes/90-test_sysdefault.t ............... ok ../../openssl/test/recipes/90-test_threads.t .................. ok ../../openssl/test/recipes/90-test_time_offset.t .............. ok ../../openssl/test/recipes/90-test_tls13ccs.t ................. ok ../../openssl/test/recipes/90-test_tls13encryption.t .......... ok ../../openssl/test/recipes/90-test_tls13secrets.t ............. ok ../../openssl/test/recipes/90-test_v3name.t ................... ok ../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration ../../openssl/test/recipes/99-test_ecstress.t ................. ok ../../openssl/test/recipes/99-test_fuzz.t ..................... ok Test Summary Report ------------------- ../../openssl/test/recipes/20-test_pkeyutl.t (Wstat: 1024 Tests: 6 Failed: 4) Failed tests: 3-6 Non-zero exit status: 4 Files=168, Tests=1486, 249 wallclock secs ( 2.90 usr 0.30 sys + 226.09 cusr 10.99 csys = 240.28 CPU) Result: FAIL Makefile:198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:196: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.org Fri Mar 15 08:17:21 2019 From: builds at travis-ci.org (Travis CI) Date: Fri, 15 Mar 2019 08:17:21 +0000 Subject: Still Failing: openssl/openssl#24067 (OpenSSL_1_1_1-stable - b8caae2) In-Reply-To: Message-ID: <5c8b5f90d3e77_43fdeb468c2fc6592a@84fed24c-a9fe-409c-830e-fcaaba9d565d.mail> Build Update for openssl/openssl ------------------------------------- Build: #24067 Status: Still Failing Duration: 24 mins and 24 secs Commit: b8caae2 (OpenSSL_1_1_1-stable) Author: Dr. Matthias St. Pierre Message: VMS: only use the high precision on VMS v8.4 and up Fixes #8487 Amends #7230 Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8488) (cherry picked from commit 355417eb4611014767480e5d3e96b1b08eb02700) View the changeset: https://github.com/openssl/openssl/compare/45956011b9a5...b8caae27f19f View the full build log and details: https://travis-ci.org/openssl/openssl/builds/506646799?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 15 08:37:40 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 15 Mar 2019 08:37:40 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.23469 Message-ID: <20190315083740.1.6856EE6975F6C275@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 15 08:40:43 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 15 Mar 2019 08:40:43 +0000 Subject: Build failed: openssl master.23470 Message-ID: <20190315084043.1.3FAA28256AD930A1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Mar 15 08:49:43 2019 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 15 Mar 2019 08:49:43 +0000 Subject: Build completed: openssl master.23471 Message-ID: <20190315084943.1.5ABAF33EB13BA34B@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Fri Mar 15 08:55:31 2019 From: levitte at openssl.org (Richard Levitte) Date: Fri, 15 Mar 2019 08:55:31 +0000 Subject: [web] master update Message-ID: <1552640131.030420.30706.nullmailer@dev.openssl.org> The branch master has been updated via f9256cd07bd1f33a8359540133e03d7c37afdd42 (commit) from 497e8bf4a455aa2adc495777e49ad32e133a7d34 (commit) - Log ----------------------------------------------------------------- commit f9256cd07bd1f33a8359540133e03d7c37afdd42 Author: Dr. Matthias St. Pierre Date: Fri Mar 15 01:25:06 2019 +0100 OpenSSL300Design: lighten watermark The strong DRAFT watermark is very distracting while reading and makes the eyes loose the current reading position while scrolling. Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/web/pull/127) ----------------------------------------------------------------------- Summary of changes: bin/md-to-html5.tmpl.html5 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/md-to-html5.tmpl.html5 b/bin/md-to-html5.tmpl.html5 index d784305..b1c597f 100644 --- a/bin/md-to-html5.tmpl.html5 +++ b/bin/md-to-html5.tmpl.html5 @@ -8,7 +8,7 @@ $endfor$