@@ -24,8 +24,8 @@
How to become a committer?
Commit access is granted by the OpenSSL Management Committee
- (OMC) (see the
- OpenSSL bylaws ).
+ (OMC) typically on the recommendation of the OpenSSL Technical Committee (OTC)
+ (see the OpenSSL Bylaws ).
We welcome contributors who become domain experts in some
part of the library (for example, low-level crypto) as well as
@@ -45,42 +45,38 @@
Github issue tracker ,
and our
mailing lists
- find impactful ideas to work on. Seek feedback from multiple OMC
- members to understand the project, and to support your
- application. Let them know that you'd like to become a committer
- - they'll nominate you when your code review record demonstrates
- impact as well as understanding of the codebase and coding style
- (usually after a few months of activity). The final decision to
- grant commit access is taken by an OMC vote.
-
-
How to maintain commit status?
-
To maintain commit status, you should stay active in the
- project. As stated in the project bylaws, if you remain inactive
- for several months, your commit access will be withdrawn - but
- you are always welcome back, just ask an OMC member to
- re-nominate you.
+ find impactful ideas to work on.
+
+
How to maintain committer status?
+
To maintain committer status, you must stay active in the
+ project. Refer to the OpenSSL Bylaws
+ for details.
In the unlikely and unfortunate event that your actions
conflict with the project objectives or are otherwise
- disruptive, commit access may also be revoked by vote of the
- OMC.
+ disruptive, committer status may also be revoked by the OMC.
-
Code reviews
+
Approvals and code reviews
All submissions must be reviewed and approved by at least two
- committers, one of whom must also be an OMC member. If the
+ committers, one of whom must also be an OTC member. If the
author is also a committer then that counts as one of the
reviews. In other words:
- OMC members need one approval from any committer
- Committers need one approval from a committer within the
- OMC
+ OTC members need one approval from any committer
+ Committers need one approval from an OTC member
Contributors without commit rights need two approvals,
- including one from the OMC.
+ including one from an OTC member.
-
This process may seem a little heavy, but OpenSSL is a large,
- complicated codebase, and we think two reviews help prevent
- security bugs, as well as disseminate knowledge to the growing
- contributor base.
+
An OMC member may apply an OMC-hold to a submission.
+ An OTC member may apply an OTC-hold to a submission.
+ An OMC-hold may be cleared by being removed by the member
+ that put in place the hold or by a vote of the OMC.
+ An OTC-hold may be cleared by being removed by the member
+ that put in place the hold or by a vote of the OTC.
+
+
Approved submissions (outside of the automated release process and NEWS and
+ CHANGES file updates) shall only be applied after a 24-hour delay from the
+ approval (except for minor build and test breakage fix approvals).
Contributors without commit rights cannot formally approve
patches but are nevertheless welcome to comment on submissions
@@ -97,7 +93,7 @@
href="mailto:openssl-project at openssl.org">openssl-project at openssl.org
(public, moderated).
On GitHub, you can target the OMC members with @openssl/omc,
- and committers with @openssl/committers.
+ OTC members with @openssl/otc, or committers with @openssl/committers.
Commit workflow
We do code reviews on GitHub. The
@@ -116,12 +112,12 @@
a potential security issue, we ask that you report it to
openssl-security at openssl.org
and don't discuss it further in public. We review security
- sensitive patches privately, off GitHub. We do not currently
- have a way to open access to those reviews after the patches
- have been released.
+ issues privately, however acceptance of a submission for a security issue
+ does not bypass the review process that applies to all submissions.
A note on CLAs
-
All authors, including committers, must have current CLAs on
+
All authors, including committers,
+ must have current CLAs on
file. A CLA is not required for trivial contributions (e.g. the
fix of a spelling mistake). Refer to the
CLA page for further details.
diff --git a/policies/secpolicy.html b/policies/secpolicy.html
index d54fcc6..67d91d1 100644
--- a/policies/secpolicy.html
+++ b/policies/secpolicy.html
@@ -27,10 +27,9 @@
Issue triage
- Notifications are received by a group of OpenSSL Management Committee
- members. We engage resources within
+ Notifications are received by the OMC and OTC. We engage resources within
OpenSSL to start the investigation and prioritisation. We may work in private
- with individuals who are not on the OpenSSL Management Committee as
+ with individuals who are not on the OMC or OTC as
well as other organisations and
our employers where we believe
this can help with the issue investigation, resolution, or
diff --git a/policies/sidebar.shtml b/policies/sidebar.shtml
index 389cc51..a7abcf5 100644
--- a/policies/sidebar.shtml
+++ b/policies/sidebar.shtml
@@ -22,10 +22,10 @@
Security Policy
- OMC (project) Bylaws
+ OpenSSL Bylaws
- Guidelines for Committers
+ Policy for Committers
Coding Style
From matt at openssl.org Fri Jan 3 15:10:43 2020
From: matt at openssl.org (Matt Caswell)
Date: Fri, 03 Jan 2020 15:10:43 +0000
Subject: [web] master update
Message-ID: <1578064243.780039.27292.nullmailer@dev.openssl.org>
The branch master has been updated
via 76f3aa014bf5bf3cf533cf9a0b51951dbd64e8a5 (commit)
from f26e81f977a239116ab29fab62b4ed875d9099bc (commit)
- Log -----------------------------------------------------------------
commit 76f3aa014bf5bf3cf533cf9a0b51951dbd64e8a5
Author: Matt Caswell
Date: Fri Jan 3 14:57:25 2020 +0000
Create an OTC page on the website
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/web/pull/152)
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
Makefile | 6 ++++--
community/index.html | 2 ++
community/otc.html | 42 ++++++++++++++++++++++++++++++++++++++++++
community/sidebar.shtml | 3 +++
5 files changed, 52 insertions(+), 2 deletions(-)
create mode 100644 community/otc.html
diff --git a/.gitignore b/.gitignore
index b307d34..83f4641 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@ blog
sitemap.txt
community/committers.inc
community/omc-alumni.inc
+community/otc.inc
community/omc.inc
docs/OpenSSL300Design.html
docs/OpenSSLStrategicArchitecture.html
diff --git a/Makefile b/Makefile
index 82ffca8..98ddd9f 100644
--- a/Makefile
+++ b/Makefile
@@ -29,7 +29,7 @@ OLDMANSERIES=1.0.2
# All simple generated files.
SIMPLE = newsflash.inc sitemap.txt \
community/committers.inc \
- community/omc.inc community/omc-alumni.inc \
+ community/otc.inc community/omc.inc community/omc-alumni.inc \
docs/faq.inc docs/fips.inc \
docs/OpenSSLStrategicArchitecture.html \
docs/OpenSSL300Design.html \
@@ -153,7 +153,7 @@ docs/manpages.html: docs/manpages.html.tt
##
## $(SIMPLE) -- SIMPLE GENERATED FILES
##
-.PHONY: sitemap community/committers.inc community/omc.inc community/omc-alumni.inc
+.PHONY: sitemap community/committers.inc community/otc.inc community/omc.inc community/omc-alumni.inc
newsflash.inc: news/newsflash.inc
@rm -f $@
head -7 $? >$@
@@ -167,6 +167,8 @@ community/committers.inc:
./bin/mk-committers $@
@rm -f Members
+community/otc.inc:
+ ./bin/mk-omc -n -t 'OTC Members' otc otc-inactive > $@
community/omc.inc:
./bin/mk-omc -n -e -l -p -t 'OMC Members' omc omc-inactive > $@
community/omc-alumni.inc:
diff --git a/community/index.html b/community/index.html
index e204c4b..72587ad 100644
--- a/community/index.html
+++ b/community/index.html
@@ -16,6 +16,8 @@
team of committers .
The overall project is run by the
OpenSSL Management Committee .
+ Technical decisions are made by the
+ OpenSSL Technical Committee .
We operate under a set of
project bylaws
and ask everyone to follow our
diff --git a/community/otc.html b/community/otc.html
new file mode 100644
index 0000000..19f9f54
--- /dev/null
+++ b/community/otc.html
@@ -0,0 +1,42 @@
+
+
+
+
+
+
+
+
+
+
+
+ OpenSSL Technical Committee
+
+
The
+ OpenSSL Technical Committee
+ represents the official technical voice of the project. All
+ OTC decisions are taken on the basis of a vote.
+
+ The current OTC consists of (in alphabetical order):
+
+
+
+
+ Names with an (I) are currently inactive as defined in our
+
bylaws .
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/community/sidebar.shtml b/community/sidebar.shtml
index 22d5ca0..1f888d0 100644
--- a/community/sidebar.shtml
+++ b/community/sidebar.shtml
@@ -6,6 +6,9 @@
List of Committers
+
+ OpenSSL Technical Committee
+
OpenSSL Management Committee
From tmraz at fedoraproject.org Fri Jan 3 17:00:33 2020
From: tmraz at fedoraproject.org (tmraz at fedoraproject.org)
Date: Fri, 03 Jan 2020 17:00:33 +0000
Subject: [openssl] master update
Message-ID: <1578070833.402042.11626.nullmailer@dev.openssl.org>
The branch master has been updated
via 1fdde9170cbe36c9cd7bf9dc712836f591f7d511 (commit)
from e7b834b6bb0a32be694ebc8e614247c9af735c0f (commit)
- Log -----------------------------------------------------------------
commit 1fdde9170cbe36c9cd7bf9dc712836f591f7d511
Author: Ibrahim M. Ghazal
Date: Tue Dec 24 21:39:55 2019 +0300
Add -iter option to pkcs12 command
Fixes #8194
Reviewed-by: Matt Caswell
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/10130)
-----------------------------------------------------------------------
Summary of changes:
apps/pkcs12.c | 14 ++++++++++----
doc/man1/openssl-pkcs12.pod.in | 15 +++++++++------
2 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 96e142ff81..5eff88b644 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -53,7 +53,7 @@ typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_CIPHER, OPT_NOKEYS, OPT_KEYEX, OPT_KEYSIG, OPT_NOCERTS, OPT_CLCERTS,
OPT_CACERTS, OPT_NOOUT, OPT_INFO, OPT_CHAIN, OPT_TWOPASS, OPT_NOMACVER,
- OPT_DESCERT, OPT_EXPORT, OPT_NOITER, OPT_MACITER, OPT_NOMACITER,
+ OPT_DESCERT, OPT_EXPORT, OPT_ITER, OPT_NOITER, OPT_MACITER, OPT_NOMACITER,
OPT_NOMAC, OPT_LMK, OPT_NODES, OPT_MACALG, OPT_CERTPBE, OPT_KEYPBE,
OPT_INKEY, OPT_CERTFILE, OPT_NAME, OPT_CSP, OPT_CANAME,
OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH,
@@ -121,8 +121,9 @@ const OPTIONS pkcs12_options[] = {
{"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"},
{"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"},
# endif
- {"noiter", OPT_NOITER, '-', "Don't use encryption iteration"},
- {"maciter", OPT_MACITER, '-', "Use MAC iteration"},
+ {"iter", OPT_ITER, 'p', "Specify the iteration count for encryption key and MAC"},
+ {"noiter", OPT_NOITER, '-', "Don't use encryption key iteration"},
+ {"maciter", OPT_MACITER, '-', "Unused, kept for backwards compatibility"},
{"nomaciter", OPT_NOMACITER, '-', "Don't use MAC iteration"},
{"nomac", OPT_NOMAC, '-', "Don't generate MAC"},
{"nodes", OPT_NODES, '-', "Don't encrypt private keys"},
@@ -214,11 +215,16 @@ int pkcs12_main(int argc, char **argv)
if (!opt_cipher(opt_unknown(), &enc))
goto opthelp;
break;
+ case OPT_ITER:
+ if (!opt_int(opt_arg(), &iter))
+ goto opthelp;
+ maciter = iter;
+ break;
case OPT_NOITER:
iter = 1;
break;
case OPT_MACITER:
- maciter = PKCS12_DEFAULT_ITER;
+ /* no-op */
break;
case OPT_NOMACITER:
maciter = 1;
diff --git a/doc/man1/openssl-pkcs12.pod.in b/doc/man1/openssl-pkcs12.pod.in
index 16eb0accec..86c9de4670 100644
--- a/doc/man1/openssl-pkcs12.pod.in
+++ b/doc/man1/openssl-pkcs12.pod.in
@@ -25,8 +25,9 @@ B B
[B<-nokeys>]
[B<-info>]
[B<-des> B<-des3> B<-idea> B<-aes128> B<-aes192> B<-aes256> B<-aria128> B<-aria192> B<-aria256> B<-camellia128> B<-camellia192> B<-camellia256> B<-nodes>]
-[B<-noiter>]
-[B<-maciter> | B<-nomaciter> | B<-nomac>]
+[B<-iter> I | B<-noiter> | B<-nomaciter>]
+[B<-maciter>]
+[B<-nomac>]
[B<-twopass>]
[B<-descert>]
[B<-certpbe> I]
@@ -233,17 +234,19 @@ the use of signing only keys for SSL client authentication.
Specify the MAC digest algorithm. If not included them SHA1 will be used.
-=item B<-nomaciter>, B<-noiter>
+=item B<-iter> I
-These options affect the iteration counts on the MAC and key algorithms.
-Unless you wish to produce files compatible with MSIE 4.0 you should leave
-these options alone.
+This option specifies the iteration count for the encryption key and MAC. The
+default value is 2048.
To discourage attacks by using large dictionaries of common passwords the
algorithm that derives keys from passwords can have an iteration count applied
to it: this causes a certain part of the algorithm to be repeated and slows it
down. The MAC is used to check the file integrity but since it will normally
have the same password as the keys and certificates it could also be attacked.
+
+=item B<-nomaciter>, B<-noiter>
+
By default both MAC and encryption iteration counts are set to 2048, using
these options the MAC and encryption iteration counts can be set to 1, since
this reduces the file security you should not use these options unless you
From no-reply at appveyor.com Fri Jan 3 17:59:08 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 17:59:08 +0000
Subject: Build failed: openssl master.30415
Message-ID: <20200103175908.1.B9C437C7031FA54A@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 19:00:48 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 19:00:48 +0000
Subject: Build completed: openssl master.30416
Message-ID: <20200103190048.1.B5B2AC674B16E37F@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 19:05:18 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 19:05:18 +0000
Subject: Build failed: openssl master.30417
Message-ID: <20200103190518.1.4672BC94F1015836@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 19:54:22 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 19:54:22 +0000
Subject: Build failed: openssl master.30422
Message-ID: <20200103195422.1.57123656931C5309@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 20:24:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 20:24:43 +0000
Subject: Build completed: openssl master.30423
Message-ID: <20200103202443.1.714352D6A0CD1AE6@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 20:31:15 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 20:31:15 +0000
Subject: Build failed: openssl master.30424
Message-ID: <20200103203115.1.66F40C963204D164@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 21:00:43 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 21:00:43 +0000
Subject: Build completed: openssl master.30425
Message-ID: <20200103210043.1.E6F00CB69254E374@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 22:22:23 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 22:22:23 +0000
Subject: Build failed: openssl master.30428
Message-ID: <20200103222223.1.1DB7B390422B232E@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Fri Jan 3 23:52:18 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Fri, 03 Jan 2020 23:52:18 +0000
Subject: Build completed: openssl master.30429
Message-ID: <20200103235218.1.6ED50F1B7E18ACFD@appveyor.com>
An HTML attachment was scrubbed...
URL:
From scan-admin at coverity.com Sat Jan 4 00:08:32 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sat, 04 Jan 2020 00:08:32 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5e0fd78042f17_1d2d2ac5a47a0f50366f1@appnode-2.mail>
Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I1GDwgKL938MbArsezaSoQr0YOEIFmZEGZL2gjAEllyOugIMS7vnYEXxfuMZml0Y7WaBTkXCR6-2BA90x-2FU1bv5GaTvwp87RCcYDCRmoIi6v0TgsduL-2B6P2604jr-2BLoGOBeYp4Met1oLLC0NzA71ePAZLAJXRW5UaGzJ0uUsYoLQLfSU2mk7TJd9pt3NV5oMBRAM115wyLXlO4WTByixmxQOM
Build ID: 287914
Analysis Summary:
New defects found: 0
Defects eliminated: 0
From openssl at openssl.org Sat Jan 4 00:55:13 2020
From: openssl at openssl.org (OpenSSL run-checker)
Date: Sat, 04 Jan 2020 00:55:13 +0000
Subject: Still FAILED build of OpenSSL branch master with options -d
--strict-warnings enable-trace
Message-ID: <1578099313.991186.29341.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings enable-trace
Commit log since last time:
e7b834b6bb Run make update
2de5a5fbdd Update tls13_enc.c
Build log ended with (last 100 lines):
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-cfb128.d.tmp -MT crypto/modes/libfips-lib-cfb128.o -c -o crypto/modes/libfips-lib-cfb128.o ../openssl/crypto/modes/cfb128.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-ctr128.d.tmp -MT crypto/modes/libfips-lib-ctr128.o -c -o crypto/modes/libfips-lib-ctr128.o ../openssl/crypto/modes/ctr128.c
clang -Icrypto -I../openssl/crypto -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-gcm128.d.tmp -MT crypto/modes/libfips-lib-gcm128.o -c -o crypto/modes/libfips-lib-gcm128.o ../openssl/crypto/modes/gcm128.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/modes/libfips-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-ofb128.d.tmp -MT crypto/modes/libfips-lib-ofb128.o -c -o crypto/modes/libfips-lib-ofb128.o ../openssl/crypto/modes/ofb128.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-wrap128.d.tmp -MT crypto/modes/libfips-lib-wrap128.o -c -o crypto/modes/libfips-lib-wrap128.o ../openssl/crypto/modes/wrap128.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-xts128.d.tmp -MT crypto/modes/libfips-lib-xts128.o -c -o crypto/modes/libfips-lib-xts128.o ../openssl/crypto/modes/xts128.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-defn_cache.d.tmp -MT crypto/property/libfips-lib-defn_cache.o -c -o crypto/property/libfips-lib-defn_cache.o ../openssl/crypto/property/defn_cache.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-property.d.tmp -MT crypto/property/libfips-lib-property.o -c -o crypto/property/libfips-lib-property.o ../openssl/crypto/property/property.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-property_parse.d.tmp -MT crypto/property/libfips-lib-property_parse.o -c -o crypto/property/libfips-lib-property_parse.o ../openssl/crypto/property/property_parse.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-property_string.d.tmp -MT crypto/property/libfips-lib-property_string.o -c -o crypto/property/libfips-lib-property_string.o ../openssl/crypto/property/property_string.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_ctr.d.tmp -MT crypto/rand/libfips-lib-drbg_ctr.o -c -o crypto/rand/libfips-lib-drbg_ctr.o ../openssl/crypto/rand/drbg_ctr.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_hash.d.tmp -MT crypto/rand/libfips-lib-drbg_hash.o -c -o crypto/rand/libfips-lib-drbg_hash.o ../openssl/crypto/rand/drbg_hash.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_hmac.d.tmp -MT crypto/rand/libfips-lib-drbg_hmac.o -c -o crypto/rand/libfips-lib-drbg_hmac.o ../openssl/crypto/rand/drbg_hmac.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_lib.d.tmp -MT crypto/rand/libfips-lib-drbg_lib.o -c -o crypto/rand/libfips-lib-drbg_lib.o ../openssl/crypto/rand/drbg_lib.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_crng_test.d.tmp -MT crypto/rand/libfips-lib-rand_crng_test.o -c -o crypto/rand/libfips-lib-rand_crng_test.o ../openssl/crypto/rand/rand_crng_test.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_lib.d.tmp -MT crypto/rand/libfips-lib-rand_lib.o -c -o crypto/rand/libfips-lib-rand_lib.o ../openssl/crypto/rand/rand_lib.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_unix.d.tmp -MT crypto/rand/libfips-lib-rand_unix.o -c -o crypto/rand/libfips-lib-rand_unix.o ../openssl/crypto/rand/rand_unix.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_vms.d.tmp -MT crypto/rand/libfips-lib-rand_vms.o -c -o crypto/rand/libfips-lib-rand_vms.o ../openssl/crypto/rand/rand_vms.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_vxworks.d.tmp -MT crypto/rand/libfips-lib-rand_vxworks.o -c -o crypto/rand/libfips-lib-rand_vxworks.o ../openssl/crypto/rand/rand_vxworks.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_win.d.tmp -MT crypto/rand/libfips-lib-rand_win.o -c -o crypto/rand/libfips-lib-rand_win.o ../openssl/crypto/rand/rand_win.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha1dgst.d.tmp -MT crypto/sha/libfips-lib-sha1dgst.o -c -o crypto/sha/libfips-lib-sha1dgst.o ../openssl/crypto/sha/sha1dgst.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha256.d.tmp -MT crypto/sha/libfips-lib-sha256.o -c -o crypto/sha/libfips-lib-sha256.o ../openssl/crypto/sha/sha256.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha3.d.tmp -MT crypto/sha/libfips-lib-sha3.o -c -o crypto/sha/libfips-lib-sha3.o ../openssl/crypto/sha/sha3.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha512.d.tmp -MT crypto/sha/libfips-lib-sha512.o -c -o crypto/sha/libfips-lib-sha512.o ../openssl/crypto/sha/sha512.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/stack/libfips-lib-stack.d.tmp -MT crypto/stack/libfips-lib-stack.o -c -o crypto/stack/libfips-lib-stack.o ../openssl/crypto/stack/stack.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/common/libfips-lib-provider_util.d.tmp -MT providers/common/libfips-lib-provider_util.o -c -o providers/common/libfips-lib-provider_util.o ../openssl/providers/common/provider_util.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/ciphers/libfips-lib-cipher_aes_xts_fips.d.tmp -MT providers/implementations/ciphers/libfips-lib-cipher_aes_xts_fips.o -c -o providers/implementations/ciphers/libfips-lib-cipher_aes_xts_fips.o ../openssl/providers/implementations/ciphers/cipher_aes_xts_fips.c
clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/kdfs/libfips-lib-pbkdf2_fips.d.tmp -MT providers/implementations/kdfs/libfips-lib-pbkdf2_fips.o -c -o providers/implementations/kdfs/libfips-lib-pbkdf2_fips.o ../openssl/providers/implementations/kdfs/pbkdf2_fips.c
ar r providers/libimplementations.a providers/implementations/ciphers/libimplementations-lib-cipher_aes.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ccm.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ccm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_gcm.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_gcm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ocb.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ocb_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_siv.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_siv_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_wrp.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_xts.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_xts_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aria.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_ccm.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_ccm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_gcm.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_gcm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_blowfish.o providers/implementations/ciphers/libimplementations-lib-cipher_blowfish_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_camellia.o providers/implementations/ciphers/libimplementations-lib-cipher_camellia_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_cast5.o providers/implementations/ciphers/libimplementations-lib-cipher_cast5_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20_poly1305.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20_poly1305_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_des.o providers/implementations/ciphers/libimplementations-lib-cipher_des_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_desx.o providers/implementations/ciphers/libimplementations-lib-cipher_desx_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_idea.o providers/implementations/ciphers/libimplementations-lib-cipher_idea_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_rc2.o providers/implementations/ciphers/libimplementations-lib-cipher_rc2_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4_hmac_md5.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4_hmac_md5_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_seed.o providers/implementations/ciphers/libimplementations-lib-cipher_seed_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_sm4.o providers/implementations/ciphers/libimplementations-lib-cipher_sm4_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_default.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_default_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_wrap.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_wrap_hw.o providers/implementations/digests/libimplementations-lib-blake2_prov.o providers/implementations/digests/libimplementations-lib-blake2b_prov.o providers/implementations/digests/libimplementations-lib-blake2s_prov.o providers/implementations/digests/libimplementations-lib-md5_prov.o providers/implementations/digests/libimplementations-lib-md5_sha1_prov.o providers/implementations/digests/libimplementations-lib-sha2_prov.o providers/implementations/digests/libimplementations-lib-sha3_prov.o providers/implementations/digests/libimplementations-lib-sm3_prov.o providers/implementations/exchange/libimplementations-lib-dh_exch.o providers/implementations/kdfs/libimplementations-lib-hkdf.o providers/implementations/kdfs/libimplementations-lib-kbkdf.o providers/implementations/kdfs/libimplementations-lib-krb5kdf.o providers/implementations/kdfs/libimplementations-lib-pbkdf2.o providers/implementations/kdfs/libimplementations-lib-scrypt.o providers/implementations/kdfs/libimplementations-lib-sshkdf.o providers/implementations/kdfs/libimplementations-lib-sskdf.o providers/implementations/kdfs/libimplementations-lib-tls1_prf.o providers/implementations/kdfs/libimplementations-lib-x942kdf.o providers/implementations/keymgmt/libimplementations-lib-dh_kmgmt.o providers/implementations/keymgmt/libimplementations-lib-dsa_kmgmt.o providers/implementations/keymgmt/libimplementations-lib-rsa_kmgmt.o providers/implementations/macs/libimplementations-lib-blake2b_mac.o providers/implementations/macs/libimplementations-lib-blake2s_mac.o providers/implementations/macs/libimplementations-lib-cmac_prov.o providers/implementations/macs/libimplementations-lib-gmac_prov.o providers/implementations/macs/libimplementations-lib-hmac_prov.o providers/implementations/macs/libimplementations-lib-kmac_prov.o providers/implementations/macs/libimplementations-lib-poly1305_prov.o providers/implementations/macs/libimplementations-lib-siphash_prov.o providers/implementations/serializers/libimplementations-lib-serializer_common.o providers/implementations/serializers/libimplementations-lib-serializer_dh.o providers/implementations/serializers/libimplementations-lib-serializer_dh_param.o providers/implementations/serializers/libimplementations-lib-serializer_dh_priv.o providers/implementations/serializers/libimplementations-lib-serializer_dh_pub.o providers/implementations/serializers/libimplementations-lib-serializer_dsa.o providers/implementations/serializers/libimplementations-lib-serializer_dsa_param.o providers/implementations/serializers/libimplementations-lib-serializer_dsa_priv.o providers/implementations/serializers/libimplementations-lib-serializer_dsa_pub.o providers/implementations/serializers/libimplementations-lib-serializer_rsa.o providers/implementations/serializers/libimplementations-lib-serializer_rsa_priv.o providers/implementations/serializers/libimplementations-lib-serializer_rsa_pub.o providers/implementations/signature/libimplementations-lib-dsa.o
ar: creating providers/libimplementations.a
clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-md4_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-md4_prov.o -c -o providers/implementations/digests/liblegacy-lib-md4_prov.o ../openssl/providers/implementations/digests/md4_prov.c
ranlib providers/libimplementations.a || echo Never mind.
clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-mdc2_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-mdc2_prov.o -c -o providers/implementations/digests/liblegacy-lib-mdc2_prov.o ../openssl/providers/implementations/digests/mdc2_prov.c
clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-ripemd_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-ripemd_prov.o -c -o providers/implementations/digests/liblegacy-lib-ripemd_prov.o ../openssl/providers/implementations/digests/ripemd_prov.c
clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-wp_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-wp_prov.o -c -o providers/implementations/digests/liblegacy-lib-wp_prov.o ../openssl/providers/implementations/digests/wp_prov.c
ar r providers/libnonfips.a providers/common/libnonfips-lib-nid_to_name.o providers/common/libnonfips-lib-provider_util.o providers/implementations/ciphers/libnonfips-lib-cipher_aes_xts_fips.o providers/implementations/kdfs/libnonfips-lib-pbkdf2_fips.o
ar: creating providers/libnonfips.a
ranlib providers/libnonfips.a || echo Never mind.
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF apps/lib/libtestutil-lib-opt.d.tmp -MT apps/lib/libtestutil-lib-opt.o -c -o apps/lib/libtestutil-lib-opt.o ../openssl/apps/lib/opt.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-apps_mem.d.tmp -MT test/testutil/libtestutil-lib-apps_mem.o -c -o test/testutil/libtestutil-lib-apps_mem.o ../openssl/test/testutil/apps_mem.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-basic_output.d.tmp -MT test/testutil/libtestutil-lib-basic_output.o -c -o test/testutil/libtestutil-lib-basic_output.o ../openssl/test/testutil/basic_output.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-cb.d.tmp -MT test/testutil/libtestutil-lib-cb.o -c -o test/testutil/libtestutil-lib-cb.o ../openssl/test/testutil/cb.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-driver.d.tmp -MT test/testutil/libtestutil-lib-driver.o -c -o test/testutil/libtestutil-lib-driver.o ../openssl/test/testutil/driver.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-format_output.d.tmp -MT test/testutil/libtestutil-lib-format_output.o -c -o test/testutil/libtestutil-lib-format_output.o ../openssl/test/testutil/format_output.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-main.d.tmp -MT test/testutil/libtestutil-lib-main.o -c -o test/testutil/libtestutil-lib-main.o ../openssl/test/testutil/main.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-options.d.tmp -MT test/testutil/libtestutil-lib-options.o -c -o test/testutil/libtestutil-lib-options.o ../openssl/test/testutil/options.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-output_helpers.d.tmp -MT test/testutil/libtestutil-lib-output_helpers.o -c -o test/testutil/libtestutil-lib-output_helpers.o ../openssl/test/testutil/output_helpers.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-random.d.tmp -MT test/testutil/libtestutil-lib-random.o -c -o test/testutil/libtestutil-lib-random.o ../openssl/test/testutil/random.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-stanza.d.tmp -MT test/testutil/libtestutil-lib-stanza.o -c -o test/testutil/libtestutil-lib-stanza.o ../openssl/test/testutil/stanza.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-tap_bio.d.tmp -MT test/testutil/libtestutil-lib-tap_bio.o -c -o test/testutil/libtestutil-lib-tap_bio.o ../openssl/test/testutil/tap_bio.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-test_cleanup.d.tmp -MT test/testutil/libtestutil-lib-test_cleanup.o -c -o test/testutil/libtestutil-lib-test_cleanup.o ../openssl/test/testutil/test_cleanup.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-test_options.d.tmp -MT test/testutil/libtestutil-lib-test_options.o -c -o test/testutil/libtestutil-lib-test_options.o ../openssl/test/testutil/test_options.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-tests.d.tmp -MT test/testutil/libtestutil-lib-tests.o -c -o test/testutil/libtestutil-lib-tests.o ../openssl/test/testutil/tests.c
clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-testutil_init.d.tmp -MT test/testutil/libtestutil-lib-testutil_init.o -c -o test/testutil/libtestutil-lib-testutil_init.o ../openssl/test/testutil/testutil_init.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aes-x86_64.o crypto/aes/aes-x86_64.s
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_cfb.d.tmp -MT crypto/aes/libcrypto-shlib-aes_cfb.o -c -o crypto/aes/libcrypto-shlib-aes_cfb.o ../openssl/crypto/aes/aes_cfb.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_ecb.d.tmp -MT crypto/aes/libcrypto-shlib-aes_ecb.o -c -o crypto/aes/libcrypto-shlib-aes_ecb.o ../openssl/crypto/aes/aes_ecb.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_ige.d.tmp -MT crypto/aes/libcrypto-shlib-aes_ige.o -c -o crypto/aes/libcrypto-shlib-aes_ige.o ../openssl/crypto/aes/aes_ige.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_misc.d.tmp -MT crypto/aes/libcrypto-shlib-aes_misc.o -c -o crypto/aes/libcrypto-shlib-aes_misc.o ../openssl/crypto/aes/aes_misc.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_ofb.d.tmp -MT crypto/aes/libcrypto-shlib-aes_ofb.o -c -o crypto/aes/libcrypto-shlib-aes_ofb.o ../openssl/crypto/aes/aes_ofb.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_wrap.d.tmp -MT crypto/aes/libcrypto-shlib-aes_wrap.o -c -o crypto/aes/libcrypto-shlib-aes_wrap.o ../openssl/crypto/aes/aes_wrap.c
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-x86_64.o crypto/aes/aesni-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s
clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aria/libcrypto-shlib-aria.d.tmp -MT crypto/aria/libcrypto-shlib-aria.o -c -o crypto/aria/libcrypto-shlib-aria.o ../openssl/crypto/aria/aria.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/asn1/libcrypto-shlib-a_bitstr.d.tmp -MT crypto/asn1/libcrypto-shlib-a_bitstr.o -c -o crypto/asn1/libcrypto-shlib-a_bitstr.o ../openssl/crypto/asn1/a_bitstr.c
clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/asn1/libcrypto-shlib-a_d2i_fp.d.tmp -MT crypto/asn1/libcrypto-shlib-a_d2i_fp.o -c -o crypto/asn1/libcrypto-shlib-a_d2i_fp.o ../openssl/crypto/asn1/a_d2i_fp.c
../openssl/test/testutil/testutil_init.c:39:35: error: use of undeclared identifier 'PREFIX_CTRL_SET_PREFIX'
BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX,
^
../openssl/test/testutil/testutil_init.c:48:35: error: use of undeclared identifier 'PREFIX_CTRL_SET_PREFIX'
BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX, 0, NULL);
^
../openssl/test/testutil/testutil_init.c:79:32: error: implicit declaration of function 'apps_bf_prefix' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
channel = BIO_push(BIO_new(apps_bf_prefix()),
^
../openssl/test/testutil/testutil_init.c:79:32: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
../openssl/test/testutil/testutil_init.c:79:32: error: incompatible integer to pointer conversion passing 'int' to parameter of type 'const BIO_METHOD *' (aka 'const struct bio_method_st *') [-Werror,-Wint-conversion]
channel = BIO_push(BIO_new(apps_bf_prefix()),
^~~~~~~~~~~~~~~~
../openssl/include/openssl/bio.h:587:32: note: passing argument to parameter 'type' here
BIO *BIO_new(const BIO_METHOD *type);
^
5 errors generated.
Makefile:20396: recipe for target 'test/testutil/libtestutil-lib-testutil_init.o' failed
make[1]: *** [test/testutil/libtestutil-lib-testutil_init.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/openssl/run-checker/enable-trace'
Makefile:2782: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2
From scan-admin at coverity.com Sat Jan 4 08:19:37 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sat, 04 Jan 2020 08:19:37 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5e104a98a88bc_61022ac5a47a0f5036639@appnode-2.mail>
Your request for analysis of openssl/openssl has been completed successfully.
The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I0830kI2ZZfH9Y2yLBkg-2B6AMh8HDFbCT2aiYqeZPe75Tb4oEInCOUT3yT2fmebFItif7HSob-2FQMMN-2FoMDMvVK2RmXLHr54ACIxmiJNwSysMj4uK9ibw7pPjnSJQk7oMDzAO7LA9mfbZ0ZMvP5xSU6g8-2Brc1vx0scMZlhk5B7Rsm-2FYUvMo1bXXW8Q-2FAGQrfX-2BzmI6vDPrK9Y5fJebLGGCZdp
Build ID: 288253
Analysis Summary:
New defects found: 0
Defects eliminated: 0
From no-reply at appveyor.com Sat Jan 4 16:03:31 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 04 Jan 2020 16:03:31 +0000
Subject: Build failed: openssl master.30439
Message-ID: <20200104160331.1.5A6632D6B6D9514A@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sat Jan 4 17:03:40 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sat, 04 Jan 2020 17:03:40 +0000
Subject: Build completed: openssl OpenSSL_1_1_1-stable.30440
Message-ID: <20200104170340.1.CEF5A54BC8D510BA@appveyor.com>
An HTML attachment was scrubbed...
URL:
From scan-admin at coverity.com Sun Jan 5 07:48:40 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 05 Jan 2020 07:48:40 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for openssl/openssl
Message-ID: <5e1194d85befd_36132ac5a47a0f50366a3@appnode-2.mail>
Your request for analysis of openssl/openssl has been completed successfully.
The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2cohvqbzwWIlzwnut2aEc-2BPyhznhsVsfq9yRDG48ldoWBHtU6hncVBuP01FPPgQu-2BF7pKk52CWkzlE-2FUVdAZv5xe3sIjLCh5tBsGO-2Bqq-2BHaOdcvSngdpgqlNJGe0ohogUgWOZhrUUVfCS1QmFTbXoevspdilVxjv9Da7B-2Fnv2z3oi6wV4EHHnEzR5xuQb76KOBi1Ysquxh6X-2FJZhrLCIlD
Build ID: 288530
Analysis Summary:
New defects found: 3
Defects eliminated: 1
If you have difficulty understanding any defects, email us at scan-admin at coverity.com,
or post your question to StackOverflow
at https://u2389337.ct.sendgrid.net/wf/click?upn=OgIsEqWzmIl4S-2FzEUMxLXL-2BukuZt9UUdRZhgmgzAKchwAzH1nH3073xDEXNRgHN6zzUI-2FRfbrE6mNOeeukHUQw-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2cohvqbzwWIlzwnut2aEc-2BPyhznhsVsfq9yRDG48ldobGYf1r4QUpJc8H8tEAnq4-2Fp6un-2FhszzL15aTiEOo53-2Fl5nNa-2BxB0FHtFh6EuDI-2Bq4THBDa9l-2BeLfrEsdwkgrrKlSbZo8H5QlnvxqMa3VMOsYMj1FPEwaculk-2FANSQML61sZA7oc7fyZR8owGB2vFL6A9Jx1ubLpB4zTAsiRqzsK
From scan-admin at coverity.com Sun Jan 5 07:50:52 2020
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 05 Jan 2020 07:50:52 +0000 (UTC)
Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2
Message-ID: <5e11955c61738_38992ac5a47a0f5036618@appnode-2.mail>
Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3kV9FAkio52albxc-2BiZi74y9QHErTBCjcvOnuR37UFAbkDDlGmoA8vLXwH-2BHNRydt1bbUz5Yc9b2hH82duiCPRmWb4P4D23XEtLqwTOzvdqc-2BM01StHPXRO09IYcGxJCxwUjvtjrsut9AXzLM2CRQJfu0-2BrYBZT7xVgSN5mR3Fmy21nJJSrzlZ6KK85WRSMClqjl4DCmHwRMjQhZikyVov
Build ID: 288531
Analysis Summary:
New defects found: 0
Defects eliminated: 0
From pauli at openssl.org Sun Jan 5 08:06:28 2020
From: pauli at openssl.org (Dr. Paul Dale)
Date: Sun, 05 Jan 2020 08:06:28 +0000
Subject: [openssl] master update
Message-ID: <1578211588.997869.28944.nullmailer@dev.openssl.org>
The branch master has been updated
via 75e571b59298c868763508d60027e4e666dee1c1 (commit)
via 86723c2a103c763bc918dd70ffb3dd44ba5b5add (commit)
via 4c1e06fc400041a47c36c4d66b8bbda30219052f (commit)
via ff19035e62a4839d632d0ac2c3b17983c9598cf9 (commit)
from 1fdde9170cbe36c9cd7bf9dc712836f591f7d511 (commit)
- Log -----------------------------------------------------------------
commit 75e571b59298c868763508d60027e4e666dee1c1
Author: Pauli
Date: Fri Jan 3 19:28:37 2020 +1000
coverity 1456638: fix null check
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/10748)
commit 86723c2a103c763bc918dd70ffb3dd44ba5b5add
Author: Pauli
Date: Fri Jan 3 19:27:06 2020 +1000
coverity 1456639: fix NULL dereference
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/10748)
commit 4c1e06fc400041a47c36c4d66b8bbda30219052f
Author: Pauli
Date: Fri Jan 3 19:22:50 2020 +1000
coverity 1456640: fix null check
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/10748)
commit ff19035e62a4839d632d0ac2c3b17983c9598cf9
Author: Pauli
Date: Fri Jan 3 19:19:47 2020 +1000
coverity 1456642: fix null check
Reviewed-by: Tim Hudson
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/10748)
-----------------------------------------------------------------------
Summary of changes:
providers/implementations/serializers/serializer_dh_priv.c | 7 +++----
providers/implementations/serializers/serializer_dsa_priv.c | 7 +++----
providers/implementations/serializers/serializer_rsa_priv.c | 6 ++----
test/x509_time_test.c | 8 +++++---
4 files changed, 13 insertions(+), 15 deletions(-)
diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c
index 80d87ac738..a6427dc867 100644
--- a/providers/implementations/serializers/serializer_dh_priv.c
+++ b/providers/implementations/serializers/serializer_dh_priv.c
@@ -48,11 +48,10 @@ static void *dh_priv_newctx(void *provctx)
if (ctx != NULL) {
ctx->provctx = provctx;
- }
-
- /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
- ctx->sc.pbe_nid = -1;
+ /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
+ ctx->sc.pbe_nid = -1;
+ }
return ctx;
}
diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/serializers/serializer_dsa_priv.c
index 603904369a..fc0a340ca2 100644
--- a/providers/implementations/serializers/serializer_dsa_priv.c
+++ b/providers/implementations/serializers/serializer_dsa_priv.c
@@ -48,11 +48,10 @@ static void *dsa_priv_newctx(void *provctx)
if (ctx != NULL) {
ctx->provctx = provctx;
- }
-
- /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
- ctx->sc.pbe_nid = -1;
+ /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
+ ctx->sc.pbe_nid = -1;
+ }
return ctx;
}
diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/serializers/serializer_rsa_priv.c
index 05d9316ba1..3d16e43a4b 100644
--- a/providers/implementations/serializers/serializer_rsa_priv.c
+++ b/providers/implementations/serializers/serializer_rsa_priv.c
@@ -77,11 +77,9 @@ static void *rsa_priv_newctx(void *provctx)
if (ctx != NULL) {
ctx->provctx = provctx;
+ /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
+ ctx->sc.pbe_nid = -1;
}
-
- /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
- ctx->sc.pbe_nid = -1;
-
return ctx;
}
diff --git a/test/x509_time_test.c b/test/x509_time_test.c
index 8e813cb0f9..a9292dff0f 100644
--- a/test/x509_time_test.c
+++ b/test/x509_time_test.c
@@ -327,10 +327,11 @@ static int test_X509_cmp_timeframe(void)
ASN1_TIME *asn1_before = ASN1_TIME_adj(NULL, now, -1, 0);
ASN1_TIME *asn1_after = ASN1_TIME_adj(NULL, now, 1, 0);
X509_VERIFY_PARAM *vpm = X509_VERIFY_PARAM_new();
- int res;
+ int res = 0;
- res = vpm != NULL
- && test_X509_cmp_timeframe_vpm(NULL, asn1_before, asn1_mid, asn1_after)
+ if (vpm == NULL)
+ goto finish;
+ res = test_X509_cmp_timeframe_vpm(NULL, asn1_before, asn1_mid, asn1_after)
&& test_X509_cmp_timeframe_vpm(vpm, asn1_before, asn1_mid, asn1_after);
X509_VERIFY_PARAM_set_time(vpm, now);
@@ -340,6 +341,7 @@ static int test_X509_cmp_timeframe(void)
&& test_X509_cmp_timeframe_vpm(vpm, asn1_before, asn1_mid, asn1_after);
X509_VERIFY_PARAM_free(vpm);
+finish:
ASN1_TIME_free(asn1_mid);
ASN1_TIME_free(asn1_before);
ASN1_TIME_free(asn1_after);
From no-reply at appveyor.com Sun Jan 5 09:13:00 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 09:13:00 +0000
Subject: Build failed: openssl master.30445
Message-ID: <20200105091300.1.5F4BB1515BDCA57C@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Jan 5 10:11:53 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 10:11:53 +0000
Subject: Build completed: openssl OpenSSL_1_1_1-stable.30446
Message-ID: <20200105101153.1.E3EE7F1FD04735FD@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Jan 5 14:37:03 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 14:37:03 +0000
Subject: Build failed: openssl master.30447
Message-ID: <20200105143703.1.850CB38A1C62944C@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Jan 5 16:29:11 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 16:29:11 +0000
Subject: Build failed: openssl master.30451
Message-ID: <20200105162911.1.C94F8A7D3B287A69@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Jan 5 17:30:18 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 17:30:18 +0000
Subject: Build completed: openssl OpenSSL_1_1_1-stable.30452
Message-ID: <20200105173018.1.B3ACB36245C2FFFB@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Jan 5 18:27:46 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 18:27:46 +0000
Subject: Build failed: openssl master.30463
Message-ID: <20200105182746.1.E36A19CAE8B85943@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Jan 5 21:04:51 2020
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 05 Jan 2020 21:04:51 +0000
Subject: Build failed: openssl master.30474
Message-ID: <20200105210451.1.63AF1FF6EAD3E9B0@appveyor.com>
An HTML attachment was scrubbed...
URL:
From shane.lontis at oracle.com Mon Jan 6 03:08:44 2020
From: shane.lontis at oracle.com (shane.lontis at oracle.com)
Date: Mon, 06 Jan 2020 03:08:44 +0000
Subject: [openssl] master update
Message-ID: <1578280124.235040.10445.nullmailer@dev.openssl.org>
The branch master has been updated
via 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f (commit)
from 26583f6aa8dc28e3598e61db66e54e2fdf8b195f (commit)
- Log -----------------------------------------------------------------
commit 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f
Author: Shane Lontis
Date: Mon Jan 6 13:02:16 2020 +1000
Add AES_CBC_HMAC_SHA ciphers to providers.
Also Add ability for providers to dynamically exclude cipher algorithms.
Cipher algorithms are only returned from providers if their capable() method is either NULL,
or the method returns 1.
This is mainly required for ciphers that only have hardware implementations.
If there is no hardware support, then the algorithm needs to be not available.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/10146)
-----------------------------------------------------------------------
Summary of changes:
crypto/aes/build.info | 2 -
crypto/evp/evp_enc.c | 85 ++-
doc/man7/provider-cipher.pod | 49 ++
include/crypto/aes_platform.h | 7 +
include/openssl/core_names.h | 16 +
providers/common/include/prov/provider_util.h | 12 +
providers/common/include/prov/providercommon.h | 2 +
providers/common/provider_util.c | 14 +
providers/defltprov.c | 317 ++++----
providers/fips/fipsprov.c | 89 ++-
providers/implementations/ciphers/build.info | 6 +-
.../ciphers/cipher_aes_cbc_hmac_sha.c | 345 +++++++++
.../ciphers/cipher_aes_cbc_hmac_sha.h | 65 ++
.../ciphers/cipher_aes_cbc_hmac_sha1_hw.c | 782 +++++++++++++++++++
.../ciphers/cipher_aes_cbc_hmac_sha256_hw.c | 831 +++++++++++++++++++++
.../implementations/include/prov/implementations.h | 4 +
test/sslapitest.c | 100 +++
17 files changed, 2529 insertions(+), 197 deletions(-)
create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h
create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c
create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
diff --git a/crypto/aes/build.info b/crypto/aes/build.info
index 291bf2af9b..dc00df0cda 100644
--- a/crypto/aes/build.info
+++ b/crypto/aes/build.info
@@ -68,8 +68,6 @@ SOURCE[../../providers/libfips.a]=$COMMON
DEFINE[../../libcrypto]=$AESDEF
DEFINE[../../providers/libfips.a]=$AESDEF
DEFINE[../../providers/libimplementations.a]=$AESDEF
-# fipsprov.c needs access to AESNI.
-DEFINE[../../providers/fips]=$AESDEF
GENERATE[aes-ia64.s]=asm/aes-ia64.S
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 3896cff34d..c650addbd1 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -174,6 +174,10 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
case NID_aes_256_siv:
case NID_aes_192_siv:
case NID_aes_128_siv:
+ case NID_aes_256_cbc_hmac_sha256:
+ case NID_aes_128_cbc_hmac_sha256:
+ case NID_aes_256_cbc_hmac_sha1:
+ case NID_aes_128_cbc_hmac_sha1:
case NID_id_aes256_wrap:
case NID_id_aes256_wrap_pad:
case NID_id_aes192_wrap:
@@ -1086,7 +1090,9 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
int set_params = 1;
size_t sz = arg;
unsigned int i;
- OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+ OSSL_PARAM params[4] = {
+ OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END
+ };
if (ctx == NULL || ctx->cipher == NULL) {
EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
@@ -1154,13 +1160,8 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
ptr, sz);
break;
- case EVP_CTRL_AEAD_SET_MAC_KEY:
- params[0] =
- OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY,
- ptr, sz);
- break;
case EVP_CTRL_AEAD_TLS1_AAD:
- /* This one does a set and a get - since it returns a padding size */
+ /* This one does a set and a get - since it returns a size */
params[0] =
OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD,
ptr, sz);
@@ -1180,6 +1181,76 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, &sz);
break;
#endif /* OPENSSL_NO_RC2 */
+#if !defined(OPENSSL_NO_MULTIBLOCK)
+ case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
+ params[0] = OSSL_PARAM_construct_size_t(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, &sz);
+ ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+ if (ret <= 0)
+ return 0;
+
+ params[0] = OSSL_PARAM_construct_size_t(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, &sz);
+ params[1] = OSSL_PARAM_construct_end();
+ ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+ if (ret <= 0)
+ return 0;
+ return sz;
+ case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: {
+ EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *p =
+ (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *)ptr;
+
+ if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM))
+ return 0;
+
+ params[0] = OSSL_PARAM_construct_octet_string(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, (void*)p->inp, p->len);
+ params[1] = OSSL_PARAM_construct_uint(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
+ ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+ if (ret <= 0)
+ return ret;
+ /* Retrieve the return values changed by the set */
+ params[0] = OSSL_PARAM_construct_size_t(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, &sz);
+ params[1] = OSSL_PARAM_construct_uint(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
+ params[2] = OSSL_PARAM_construct_end();
+ ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+ if (ret <= 0)
+ return 0;
+ return sz;
+ }
+ case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT: {
+ EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *p =
+ (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *)ptr;
+
+ params[0] = OSSL_PARAM_construct_octet_string(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, p->out, p->len);
+
+ params[1] = OSSL_PARAM_construct_octet_string(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, (void*)p->inp,
+ p->len);
+ params[2] = OSSL_PARAM_construct_uint(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
+ ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+ if (ret <= 0)
+ return ret;
+ params[0] = OSSL_PARAM_construct_size_t(
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, &sz);
+ params[1] = OSSL_PARAM_construct_end();
+ ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+ if (ret <= 0)
+ return 0;
+ return sz;
+ }
+#endif /* OPENSSL_NO_MULTIBLOCK */
+ case EVP_CTRL_AEAD_SET_MAC_KEY:
+ if (arg < 0)
+ return -1;
+ params[0] = OSSL_PARAM_construct_octet_string(
+ OSSL_CIPHER_PARAM_AEAD_MAC_KEY, ptr, sz);
+ break;
}
if (set_params)
diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod
index 5e64c0e196..7ad239bcb6 100644
--- a/doc/man7/provider-cipher.pod
+++ b/doc/man7/provider-cipher.pod
@@ -349,6 +349,55 @@ by AES SIV ciphers which disallow multiple operations by default.
Setting "speed" to 1 allows another encrypt or decrypt operation to be
performed. This is used for performance testing.
+=item "tls1multi_enc" (B)
+
+Triggers a multiblock tls1 encrypt operation for a tls1 aware cipher that supports
+sending 4 or 8 records in one go.
+The cipher performs both the MAC and encrypt stages and constructs the record
+headers itself.
+"tls1multi_enc" supplies the output buffer for the encrypt operation,
+"tls1multi_encin" & "tls1multi_interleave" must also be set in order to supply
+values to the encrypt operation.
+
+=item "tls1multi_enclen" (B)
+
+Get the total length of the record returned from the "tls1multi_enc" operation.
+
+=item "tls1multi_interleave" (B)
+
+Sets or gets the number of records being sent in one go for a tls1 multiblock
+cipher operation (either 4 or 8 records).
+
+=item "tls1multi_encin" (B)
+
+Supplies the data to encrypt for a tls1 multiblock cipher operation.
+
+=item "tls1multi_maxsndfrag" (B)
+
+Sets the maximum send fragment size for a tls1 multiblock cipher operation.
+It must be set before using "tls1multi_maxbufsz".
+The length of the "tls1multi_maxsndfrag" parameter should not exceed that of a B.
+
+=item "tls1multi_maxbufsz" (B)
+
+Gets the maximum record length for a tls1 multiblock cipher operation.
+The length of the "tls1multi_maxbufsz" parameter should not exceed that of a B.
+
+=item "tls1multi_aad" (B)
+
+Sets the authenticated additional data used by a tls1 multiblock cipher operation.
+The supplied data consists of 13 bytes of record data containing:
+Bytes 0-7: The sequence number of the first record
+Byte 8: The record type
+Byte 9-10: The protocol version
+Byte 11-12: Input length (Always 0)
+
+"tls1multi_interleave" must also be set for this operation.
+
+=item "tls1multi_aadpacklen" (B)
+
+Gets the result of running the "tls1multi_aad" operation.
+
=back
=head1 RETURN VALUES
diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h
index 483a1949ee..b478520cf8 100644
--- a/include/crypto/aes_platform.h
+++ b/include/crypto/aes_platform.h
@@ -121,6 +121,13 @@ void gcm_ghash_v8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
# endif
# endif /* OPENSSL_CPUID_OBJ */
+# if defined(AES_ASM) && ( \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64) )
+# define AES_CBC_HMAC_SHA_CAPABLE 1
+# define AESNI_CBC_HMAC_SHA_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
+# endif
+
# if defined(AES_ASM) && !defined(I386_ONLY) && ( \
((defined(__i386) || defined(__i386__) || \
defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index e441ddf6c8..446af5fa8e 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -73,6 +73,22 @@ extern "C" {
/* For passing the AlgorithmIdentifier parameter in DER form */
#define OSSL_CIPHER_PARAM_ALG_ID "alg_id_param" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT \
+ "tls1multi_maxsndfrag" /* uint */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE \
+ "tls1multi_maxbufsz" /* size_t */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE \
+ "tls1multi_interleave" /* uint */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD \
+ "tls1multi_aad" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN \
+ "tls1multi_aadpacklen" /* uint */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC \
+ "tls1multi_enc" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN \
+ "tls1multi_encin" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN \
+ "tls1multi_enclen" /* size_t */
/* digest parameters */
#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */
diff --git a/providers/common/include/prov/provider_util.h b/providers/common/include/prov/provider_util.h
index 9925ac2b09..ca3550b3f7 100644
--- a/providers/common/include/prov/provider_util.h
+++ b/providers/common/include/prov/provider_util.h
@@ -101,3 +101,15 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
const char *ciphername,
const char *mdname,
OPENSSL_CTX *ctx);
+
+typedef struct ag_capable_st {
+ OSSL_ALGORITHM alg;
+ int (*capable)(void);
+} OSSL_ALGORITHM_CAPABLE;
+
+/*
+ * Dynamically select algorithms by calling a capable() method.
+ * If this method is NULL or the method returns 1 then the algorithm is added.
+ */
+void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE *in,
+ OSSL_ALGORITHM *out);
diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h
index 569c08c0b1..995c685292 100644
--- a/providers/common/include/prov/providercommon.h
+++ b/providers/common/include/prov/providercommon.h
@@ -13,3 +13,5 @@ const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx);
const char *ossl_prov_util_nid_to_name(int nid);
+int cipher_capable_aes_cbc_hmac_sha1(void);
+int cipher_capable_aes_cbc_hmac_sha256(void);
diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c
index ef4396f432..504463df19 100644
--- a/providers/common/provider_util.c
+++ b/providers/common/provider_util.c
@@ -237,3 +237,17 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
*macctx = NULL;
return 0;
}
+
+void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE *in,
+ OSSL_ALGORITHM *out)
+{
+ int i, j;
+
+ if (out[0].algorithm_names == NULL) {
+ for (i = j = 0; in[i].alg.algorithm_names != NULL; ++i) {
+ if (in[i].capable == NULL || in[i].capable())
+ out[j++] = in[i].alg;
+ }
+ out[j++] = in[i].alg;
+ }
+}
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 51cd2b9794..5c11b4a910 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -15,7 +15,13 @@
#include
#include
#include "prov/bio.h"
+#include "prov/providercommon.h"
#include "prov/implementations.h"
+#include "prov/provider_util.h"
+#include "internal/nelem.h"
+
+#define ALGC(NAMES, FUNC, CHECK) { { NAMES, "default=yes", FUNC }, CHECK }
+#define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
/* Functions provided by the core */
static OSSL_core_gettable_params_fn *c_gettable_params = NULL;
@@ -131,190 +137,196 @@ static const OSSL_ALGORITHM deflt_digests[] = {
{ NULL, NULL, NULL }
};
-static const OSSL_ALGORITHM deflt_ciphers[] = {
- { "AES-256-ECB", "default=yes", aes256ecb_functions },
- { "AES-192-ECB", "default=yes", aes192ecb_functions },
- { "AES-128-ECB", "default=yes", aes128ecb_functions },
- { "AES-256-CBC", "default=yes", aes256cbc_functions },
- { "AES-192-CBC", "default=yes", aes192cbc_functions },
- { "AES-128-CBC", "default=yes", aes128cbc_functions },
- { "AES-256-OFB", "default=yes", aes256ofb_functions },
- { "AES-192-OFB", "default=yes", aes192ofb_functions },
- { "AES-128-OFB", "default=yes", aes128ofb_functions },
- { "AES-256-CFB", "default=yes", aes256cfb_functions },
- { "AES-192-CFB", "default=yes", aes192cfb_functions },
- { "AES-128-CFB", "default=yes", aes128cfb_functions },
- { "AES-256-CFB1", "default=yes", aes256cfb1_functions },
- { "AES-192-CFB1", "default=yes", aes192cfb1_functions },
- { "AES-128-CFB1", "default=yes", aes128cfb1_functions },
- { "AES-256-CFB8", "default=yes", aes256cfb8_functions },
- { "AES-192-CFB8", "default=yes", aes192cfb8_functions },
- { "AES-128-CFB8", "default=yes", aes128cfb8_functions },
- { "AES-256-CTR", "default=yes", aes256ctr_functions },
- { "AES-192-CTR", "default=yes", aes192ctr_functions },
- { "AES-128-CTR", "default=yes", aes128ctr_functions },
- { "AES-256-XTS", "default=yes", aes256xts_functions },
- { "AES-128-XTS", "default=yes", aes128xts_functions },
+static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = {
+ ALG("AES-256-ECB", aes256ecb_functions),
+ ALG("AES-192-ECB", aes192ecb_functions),
+ ALG("AES-128-ECB", aes128ecb_functions),
+ ALG("AES-256-CBC", aes256cbc_functions),
+ ALG("AES-192-CBC", aes192cbc_functions),
+ ALG("AES-128-CBC", aes128cbc_functions),
+ ALG("AES-256-OFB", aes256ofb_functions),
+ ALG("AES-192-OFB", aes192ofb_functions),
+ ALG("AES-128-OFB", aes128ofb_functions),
+ ALG("AES-256-CFB", aes256cfb_functions),
+ ALG("AES-192-CFB", aes192cfb_functions),
+ ALG("AES-128-CFB", aes128cfb_functions),
+ ALG("AES-256-CFB1", aes256cfb1_functions),
+ ALG("AES-192-CFB1", aes192cfb1_functions),
+ ALG("AES-128-CFB1", aes128cfb1_functions),
+ ALG("AES-256-CFB8", aes256cfb8_functions),
+ ALG("AES-192-CFB8", aes192cfb8_functions),
+ ALG("AES-128-CFB8", aes128cfb8_functions),
+ ALG("AES-256-CTR", aes256ctr_functions),
+ ALG("AES-192-CTR", aes192ctr_functions),
+ ALG("AES-128-CTR", aes128ctr_functions),
+ ALG("AES-256-XTS", aes256xts_functions),
+ ALG("AES-128-XTS", aes128xts_functions),
#ifndef OPENSSL_NO_OCB
- { "AES-256-OCB", "default=yes", aes256ocb_functions },
- { "AES-192-OCB", "default=yes", aes192ocb_functions },
- { "AES-128-OCB", "default=yes", aes128ocb_functions },
+ ALG("AES-256-OCB", aes256ocb_functions),
+ ALG("AES-192-OCB", aes192ocb_functions),
+ ALG("AES-128-OCB", aes128ocb_functions),
#endif /* OPENSSL_NO_OCB */
#ifndef OPENSSL_NO_SIV
- { "AES-128-SIV", "default=yes", aes128siv_functions },
- { "AES-192-SIV", "default=yes", aes192siv_functions },
- { "AES-256-SIV", "default=yes", aes256siv_functions },
+ ALG("AES-128-SIV", aes128siv_functions),
+ ALG("AES-192-SIV", aes192siv_functions),
+ ALG("AES-256-SIV", aes256siv_functions),
#endif /* OPENSSL_NO_SIV */
- { "AES-256-GCM:id-aes256-GCM", "default=yes", aes256gcm_functions },
- { "AES-192-GCM:id-aes192-GCM", "default=yes", aes192gcm_functions },
- { "AES-128-GCM:id-aes128-GCM", "default=yes", aes128gcm_functions },
- { "AES-256-CCM:id-aes256-CCM", "default=yes", aes256ccm_functions },
- { "AES-192-CCM:id-aes192-CCM", "default=yes", aes192ccm_functions },
- { "AES-128-CCM:id-aes128-CCM", "default=yes", aes128ccm_functions },
- { "AES-256-WRAP:id-aes256-wrap:AES256-WRAP", "default=yes",
- aes256wrap_functions },
- { "AES-192-WRAP:id-aes192-wrap:AES192-WRAP", "default=yes",
- aes192wrap_functions },
- { "AES-128-WRAP:id-aes128-wrap:AES128-WRAP", "default=yes",
- aes128wrap_functions },
- { "AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD", "default=yes",
- aes256wrappad_functions },
- { "AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD", "default=yes",
- aes192wrappad_functions },
- { "AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", "default=yes",
- aes128wrappad_functions },
+ ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions),
+ ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions),
+ ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions),
+ ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions),
+ ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions),
+ ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions),
+ ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions),
+ ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions),
+ ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions),
+ ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD",
+ aes256wrappad_functions),
+ ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD",
+ aes192wrappad_functions),
+ ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD",
+ aes128wrappad_functions),
+ ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions,
+ cipher_capable_aes_cbc_hmac_sha1),
+ ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions,
+ cipher_capable_aes_cbc_hmac_sha1),
+ ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions,
+ cipher_capable_aes_cbc_hmac_sha256),
+ ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions,
+ cipher_capable_aes_cbc_hmac_sha256),
#ifndef OPENSSL_NO_ARIA
- { "ARIA-256-GCM", "default=yes", aria256gcm_functions },
- { "ARIA-192-GCM", "default=yes", aria192gcm_functions },
- { "ARIA-128-GCM", "default=yes", aria128gcm_functions },
- { "ARIA-256-CCM", "default=yes", aria256ccm_functions },
- { "ARIA-192-CCM", "default=yes", aria192ccm_functions },
- { "ARIA-128-CCM", "default=yes", aria128ccm_functions },
- { "ARIA-256-ECB", "default=yes", aria256ecb_functions },
- { "ARIA-192-ECB", "default=yes", aria192ecb_functions },
- { "ARIA-128-ECB", "default=yes", aria128ecb_functions },
- { "ARIA-256-CBC:ARIA256", "default=yes", aria256cbc_functions },
- { "ARIA-192-CBC:ARIA192", "default=yes", aria192cbc_functions },
- { "ARIA-128-CBC:ARIA128", "default=yes", aria128cbc_functions },
- { "ARIA-256-OFB", "default=yes", aria256ofb_functions },
- { "ARIA-192-OFB", "default=yes", aria192ofb_functions },
- { "ARIA-128-OFB", "default=yes", aria128ofb_functions },
- { "ARIA-256-CFB", "default=yes", aria256cfb_functions },
- { "ARIA-192-CFB", "default=yes", aria192cfb_functions },
- { "ARIA-128-CFB", "default=yes", aria128cfb_functions },
- { "ARIA-256-CFB1", "default=yes", aria256cfb1_functions },
- { "ARIA-192-CFB1", "default=yes", aria192cfb1_functions },
- { "ARIA-128-CFB1", "default=yes", aria128cfb1_functions },
- { "ARIA-256-CFB8", "default=yes", aria256cfb8_functions },
- { "ARIA-192-CFB8", "default=yes", aria192cfb8_functions },
- { "ARIA-128-CFB8", "default=yes", aria128cfb8_functions },
- { "ARIA-256-CTR", "default=yes", aria256ctr_functions },
- { "ARIA-192-CTR", "default=yes", aria192ctr_functions },
- { "ARIA-128-CTR", "default=yes", aria128ctr_functions },
+ ALG("ARIA-256-GCM", aria256gcm_functions),
+ ALG("ARIA-192-GCM", aria192gcm_functions),
+ ALG("ARIA-128-GCM", aria128gcm_functions),
+ ALG("ARIA-256-CCM", aria256ccm_functions),
+ ALG("ARIA-192-CCM", aria192ccm_functions),
+ ALG("ARIA-128-CCM", aria128ccm_functions),
+ ALG("ARIA-256-ECB", aria256ecb_functions),
+ ALG("ARIA-192-ECB", aria192ecb_functions),
+ ALG("ARIA-128-ECB", aria128ecb_functions),
+ ALG("ARIA-256-CBC:ARIA256", aria256cbc_functions),
+ ALG("ARIA-192-CBC:ARIA192", aria192cbc_functions),
+ ALG("ARIA-128-CBC:ARIA128", aria128cbc_functions),
+ ALG("ARIA-256-OFB", aria256ofb_functions),
+ ALG("ARIA-192-OFB", aria192ofb_functions),
+ ALG("ARIA-128-OFB", aria128ofb_functions),
+ ALG("ARIA-256-CFB", aria256cfb_functions),
+ ALG("ARIA-192-CFB", aria192cfb_functions),
+ ALG("ARIA-128-CFB", aria128cfb_functions),
+ ALG("ARIA-256-CFB1", aria256cfb1_functions),
+ ALG("ARIA-192-CFB1", aria192cfb1_functions),
+ ALG("ARIA-128-CFB1", aria128cfb1_functions),
+ ALG("ARIA-256-CFB8", aria256cfb8_functions),
+ ALG("ARIA-192-CFB8", aria192cfb8_functions),
+ ALG("ARIA-128-CFB8", aria128cfb8_functions),
+ ALG("ARIA-256-CTR", aria256ctr_functions),
+ ALG("ARIA-192-CTR", aria192ctr_functions),
+ ALG("ARIA-128-CTR", aria128ctr_functions),
#endif /* OPENSSL_NO_ARIA */
#ifndef OPENSSL_NO_CAMELLIA
- { "CAMELLIA-256-ECB", "default=yes", camellia256ecb_functions },
- { "CAMELLIA-192-ECB", "default=yes", camellia192ecb_functions },
- { "CAMELLIA-128-ECB", "default=yes", camellia128ecb_functions },
- { "CAMELLIA-256-CBC:CAMELLIA256", "default=yes", camellia256cbc_functions },
- { "CAMELLIA-192-CBC:CAMELLIA192", "default=yes", camellia192cbc_functions },
- { "CAMELLIA-128-CBC:CAMELLIA128", "default=yes", camellia128cbc_functions },
- { "CAMELLIA-256-OFB", "default=yes", camellia256ofb_functions },
- { "CAMELLIA-192-OFB", "default=yes", camellia192ofb_functions },
- { "CAMELLIA-128-OFB", "default=yes", camellia128ofb_functions },
- { "CAMELLIA-256-CFB", "default=yes", camellia256cfb_functions },
- { "CAMELLIA-192-CFB", "default=yes", camellia192cfb_functions },
- { "CAMELLIA-128-CFB", "default=yes", camellia128cfb_functions },
- { "CAMELLIA-256-CFB1", "default=yes", camellia256cfb1_functions },
- { "CAMELLIA-192-CFB1", "default=yes", camellia192cfb1_functions },
- { "CAMELLIA-128-CFB1", "default=yes", camellia128cfb1_functions },
- { "CAMELLIA-256-CFB8", "default=yes", camellia256cfb8_functions },
- { "CAMELLIA-192-CFB8", "default=yes", camellia192cfb8_functions },
- { "CAMELLIA-128-CFB8", "default=yes", camellia128cfb8_functions },
- { "CAMELLIA-256-CTR", "default=yes", camellia256ctr_functions },
- { "CAMELLIA-192-CTR", "default=yes", camellia192ctr_functions },
- { "CAMELLIA-128-CTR", "default=yes", camellia128ctr_functions },
+ ALG("CAMELLIA-256-ECB", camellia256ecb_functions),
+ ALG("CAMELLIA-192-ECB", camellia192ecb_functions),
+ ALG("CAMELLIA-128-ECB", camellia128ecb_functions),
+ ALG("CAMELLIA-256-CBC:CAMELLIA256", camellia256cbc_functions),
+ ALG("CAMELLIA-192-CBC:CAMELLIA192", camellia192cbc_functions),
+ ALG("CAMELLIA-128-CBC:CAMELLIA128", camellia128cbc_functions),
+ ALG("CAMELLIA-256-OFB", camellia256ofb_functions),
+ ALG("CAMELLIA-192-OFB", camellia192ofb_functions),
+ ALG("CAMELLIA-128-OFB", camellia128ofb_functions),
+ ALG("CAMELLIA-256-CFB", camellia256cfb_functions),
+ ALG("CAMELLIA-192-CFB", camellia192cfb_functions),
+ ALG("CAMELLIA-128-CFB", camellia128cfb_functions),
+ ALG("CAMELLIA-256-CFB1", camellia256cfb1_functions),
+ ALG("CAMELLIA-192-CFB1", camellia192cfb1_functions),
+ ALG("CAMELLIA-128-CFB1", camellia128cfb1_functions),
+ ALG("CAMELLIA-256-CFB8", camellia256cfb8_functions),
+ ALG("CAMELLIA-192-CFB8", camellia192cfb8_functions),
+ ALG("CAMELLIA-128-CFB8", camellia128cfb8_functions),
+ ALG("CAMELLIA-256-CTR", camellia256ctr_functions),
+ ALG("CAMELLIA-192-CTR", camellia192ctr_functions),
+ ALG("CAMELLIA-128-CTR", camellia128ctr_functions),
#endif /* OPENSSL_NO_CAMELLIA */
#ifndef OPENSSL_NO_DES
- { "DES-EDE3-ECB:DES-EDE3", "default=yes", tdes_ede3_ecb_functions },
- { "DES-EDE3-CBC:DES3", "default=yes", tdes_ede3_cbc_functions },
- { "DES-EDE3-OFB", "default=yes", tdes_ede3_ofb_functions },
- { "DES-EDE3-CFB", "default=yes", tdes_ede3_cfb_functions },
- { "DES-EDE3-CFB8", "default=yes", tdes_ede3_cfb8_functions },
- { "DES-EDE3-CFB1", "default=yes", tdes_ede3_cfb1_functions },
- { "DES-EDE-ECB:DES-EDE", "default=yes", tdes_ede2_ecb_functions },
- { "DES-EDE-CBC", "default=yes", tdes_ede2_cbc_functions },
- { "DES-EDE-OFB", "default=yes", tdes_ede2_ofb_functions },
- { "DES-EDE-CFB", "default=yes", tdes_ede2_cfb_functions },
- { "DESX-CBC:DESX", "default=yes", tdes_desx_cbc_functions },
- { "DES3-WRAP:id-smime-alg-CMS3DESwrap", "default=yes", tdes_wrap_cbc_functions },
- { "DES-ECB", "default=yes", des_ecb_functions },
- { "DES-CBC:DES", "default=yes", des_cbc_functions },
- { "DES-OFB", "default=yes", des_ofb64_functions },
- { "DES-CFB", "default=yes", des_cfb64_functions },
- { "DES-CFB1", "default=yes", des_cfb1_functions },
- { "DES-CFB8", "default=yes", des_cfb8_functions },
+ ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions),
+ ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions),
+ ALG("DES-EDE3-OFB", tdes_ede3_ofb_functions),
+ ALG("DES-EDE3-CFB", tdes_ede3_cfb_functions),
+ ALG("DES-EDE3-CFB8", tdes_ede3_cfb8_functions),
+ ALG("DES-EDE3-CFB1", tdes_ede3_cfb1_functions),
+ ALG("DES-EDE-ECB:DES-EDE", tdes_ede2_ecb_functions),
+ ALG("DES-EDE-CBC", tdes_ede2_cbc_functions),
+ ALG("DES-EDE-OFB", tdes_ede2_ofb_functions),
+ ALG("DES-EDE-CFB", tdes_ede2_cfb_functions),
+ ALG("DESX-CBC:DESX", tdes_desx_cbc_functions),
+ ALG("DES3-WRAP:id-smime-alg-CMS3DESwrap", tdes_wrap_cbc_functions),
+ ALG("DES-ECB", des_ecb_functions),
+ ALG("DES-CBC:DES", des_cbc_functions),
+ ALG("DES-OFB", des_ofb64_functions),
+ ALG("DES-CFB", des_cfb64_functions),
+ ALG("DES-CFB1", des_cfb1_functions),
+ ALG("DES-CFB8", des_cfb8_functions),
#endif /* OPENSSL_NO_DES */
#ifndef OPENSSL_NO_BF
- { "BF-ECB", "default=yes", blowfish128ecb_functions },
- { "BF-CBC:BF:BLOWFISH", "default=yes", blowfish128cbc_functions },
- { "BF-OFB", "default=yes", blowfish64ofb64_functions },
- { "BF-CFB", "default=yes", blowfish64cfb64_functions },
+ ALG("BF-ECB", blowfish128ecb_functions),
+ ALG("BF-CBC:BF:BLOWFISH", blowfish128cbc_functions),
+ ALG("BF-OFB", blowfish64ofb64_functions),
+ ALG("BF-CFB", blowfish64cfb64_functions),
#endif /* OPENSSL_NO_BF */
#ifndef OPENSSL_NO_IDEA
- { "IDEA-ECB", "default=yes", idea128ecb_functions },
- { "IDEA-CBC:IDEA", "default=yes", idea128cbc_functions },
- { "IDEA-OFB:IDEA-OFB64", "default=yes", idea128ofb64_functions },
- { "IDEA-CFB:IDEA-CFB64", "default=yes", idea128cfb64_functions },
+ ALG("IDEA-ECB", idea128ecb_functions),
+ ALG("IDEA-CBC:IDEA", idea128cbc_functions),
+ ALG("IDEA-OFB:IDEA-OFB64", idea128ofb64_functions),
+ ALG("IDEA-CFB:IDEA-CFB64", idea128cfb64_functions),
#endif /* OPENSSL_NO_IDEA */
#ifndef OPENSSL_NO_CAST
- { "CAST5-ECB", "default=yes", cast5128ecb_functions },
- { "CAST5-CBC:CAST-CBC:CAST", "default=yes", cast5128cbc_functions },
- { "CAST5-OFB", "default=yes", cast564ofb64_functions },
- { "CAST5-CFB", "default=yes", cast564cfb64_functions },
+ ALG("CAST5-ECB", cast5128ecb_functions),
+ ALG("CAST5-CBC:CAST-CBC:CAST", cast5128cbc_functions),
+ ALG("CAST5-OFB", cast564ofb64_functions),
+ ALG("CAST5-CFB", cast564cfb64_functions),
#endif /* OPENSSL_NO_CAST */
#ifndef OPENSSL_NO_SEED
- { "SEED-ECB", "default=yes", seed128ecb_functions },
- { "SEED-CBC:SEED", "default=yes", seed128cbc_functions },
- { "SEED-OFB:SEED-OFB128", "default=yes", seed128ofb128_functions },
- { "SEED-CFB:SEED-CFB128", "default=yes", seed128cfb128_functions },
+ ALG("SEED-ECB", seed128ecb_functions),
+ ALG("SEED-CBC:SEED", seed128cbc_functions),
+ ALG("SEED-OFB:SEED-OFB128", seed128ofb128_functions),
+ ALG("SEED-CFB:SEED-CFB128", seed128cfb128_functions),
#endif /* OPENSSL_NO_SEED */
#ifndef OPENSSL_NO_SM4
- { "SM4-ECB", "default=yes", sm4128ecb_functions },
- { "SM4-CBC:SM4", "default=yes", sm4128cbc_functions },
- { "SM4-CTR", "default=yes", sm4128ctr_functions },
- { "SM4-OFB:SM4-OFB128", "default=yes", sm4128ofb128_functions },
- { "SM4-CFB:SM4-CFB128", "default=yes", sm4128cfb128_functions },
+ ALG("SM4-ECB", sm4128ecb_functions),
+ ALG("SM4-CBC:SM4", sm4128cbc_functions),
+ ALG("SM4-CTR", sm4128ctr_functions),
+ ALG("SM4-OFB:SM4-OFB128", sm4128ofb128_functions),
+ ALG("SM4-CFB:SM4-CFB128", sm4128cfb128_functions),
#endif /* OPENSSL_NO_SM4 */
#ifndef OPENSSL_NO_RC4
- { "RC4", "default=yes", rc4128_functions },
- { "RC4-40", "default=yes", rc440_functions },
+ ALG("RC4", rc4128_functions),
+ ALG("RC4-40", rc440_functions),
# ifndef OPENSSL_NO_MD5
- { "RC4-HMAC-MD5", "default=yes", rc4_hmac_md5_functions },
+ ALG("RC4-HMAC-MD5", rc4_hmac_md5_functions),
# endif /* OPENSSL_NO_MD5 */
#endif /* OPENSSL_NO_RC4 */
#ifndef OPENSSL_NO_RC5
- { "RC5-ECB", "default=yes", rc5128ecb_functions },
- { "RC5-CBC", "default=yes", rc5128cbc_functions },
- { "RC5-OFB", "default=yes", rc5128ofb64_functions },
- { "RC5-CFB", "default=yes", rc5128cfb64_functions },
+ ALG("RC5-ECB", rc5128ecb_functions),
+ ALG("RC5-CBC", rc5128cbc_functions),
+ ALG("RC5-OFB", rc5128ofb64_functions),
+ ALG("RC5-CFB", rc5128cfb64_functions),
#endif /* OPENSSL_NO_RC5 */
#ifndef OPENSSL_NO_RC2
- { "RC2-ECB", "default=yes", rc2128ecb_functions },
- { "RC2-CBC", "default=yes", rc2128cbc_functions },
- { "RC2-40-CBC", "default=yes", rc240cbc_functions },
- { "RC2-64-CBC", "default=yes", rc264cbc_functions },
- { "RC2-CFB", "default=yes", rc2128cfb128_functions },
- { "RC2-OFB", "default=yes", rc2128ofb128_functions },
+ ALG("RC2-ECB", rc2128ecb_functions),
+ ALG("RC2-CBC", rc2128cbc_functions),
+ ALG("RC2-40-CBC", rc240cbc_functions),
+ ALG("RC2-64-CBC", rc264cbc_functions),
+ ALG("RC2-CFB", rc2128cfb128_functions),
+ ALG("RC2-OFB", rc2128ofb128_functions),
#endif /* OPENSSL_NO_RC2 */
#ifndef OPENSSL_NO_CHACHA
- { "ChaCha20", "default=yes", chacha20_functions },
+ ALG("ChaCha20", chacha20_functions),
# ifndef OPENSSL_NO_POLY1305
- { "ChaCha20-Poly1305", "default=yes", chacha20_poly1305_functions },
+ ALG("ChaCha20-Poly1305", chacha20_poly1305_functions),
# endif /* OPENSSL_NO_POLY1305 */
#endif /* OPENSSL_NO_CHACHA */
- { NULL, NULL, NULL }
+ { { NULL, NULL, NULL }, NULL }
};
+static OSSL_ALGORITHM exported_ciphers[OSSL_NELEM(deflt_ciphers)];
static const OSSL_ALGORITHM deflt_macs[] = {
#ifndef OPENSSL_NO_BLAKE2
@@ -432,7 +444,8 @@ static const OSSL_ALGORITHM *deflt_query(OSSL_PROVIDER *prov,
case OSSL_OP_DIGEST:
return deflt_digests;
case OSSL_OP_CIPHER:
- return deflt_ciphers;
+ ossl_prov_cache_exported_algorithms(deflt_ciphers, exported_ciphers);
+ return exported_ciphers;
case OSSL_OP_MAC:
return deflt_macs;
case OSSL_OP_KDF:
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 12c471f325..7afab78063 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -25,12 +25,17 @@
#include "internal/cryptlib.h"
#include "internal/property.h"
+#include "internal/nelem.h"
#include "crypto/evp.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/providercommon.h"
+#include "prov/provider_util.h"
#include "selftest.h"
+#define ALGC(NAMES, FUNC, CHECK) { { NAMES, "fips=yes", FUNC }, CHECK }
+#define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL)
+
extern OSSL_core_thread_start_fn *c_thread_start;
/*
@@ -300,6 +305,14 @@ const char *ossl_prov_util_nid_to_name(int nid)
return "DES-EDE3";
case NID_des_ede3_cbc:
return "DES-EDE3-CBC";
+ case NID_aes_256_cbc_hmac_sha256:
+ return "AES-256-CBC-HMAC-SHA256";
+ case NID_aes_128_cbc_hmac_sha256:
+ return "AES-128-CBC-HMAC-SHA256";
+ case NID_aes_256_cbc_hmac_sha1:
+ return "AES-256-CBC-HMAC-SHA1";
+ case NID_aes_128_cbc_hmac_sha1:
+ return "AES-128-CBC-HMAC-SHA1";
default:
break;
}
@@ -358,43 +371,49 @@ static const OSSL_ALGORITHM fips_digests[] = {
{ NULL, NULL, NULL }
};
-static const OSSL_ALGORITHM fips_ciphers[] = {
+static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = {
/* Our primary name[:ASN.1 OID name][:our older names] */
- { "AES-256-ECB", "fips=yes", aes256ecb_functions },
- { "AES-192-ECB", "fips=yes", aes192ecb_functions },
- { "AES-128-ECB", "fips=yes", aes128ecb_functions },
- { "AES-256-CBC", "fips=yes", aes256cbc_functions },
- { "AES-192-CBC", "fips=yes", aes192cbc_functions },
- { "AES-128-CBC", "fips=yes", aes128cbc_functions },
- { "AES-256-CTR", "fips=yes", aes256ctr_functions },
- { "AES-192-CTR", "fips=yes", aes192ctr_functions },
- { "AES-128-CTR", "fips=yes", aes128ctr_functions },
- { "AES-256-XTS", "fips=yes", aes256xts_functions },
- { "AES-128-XTS", "fips=yes", aes128xts_functions },
- { "AES-256-GCM:id-aes256-GCM", "fips=yes", aes256gcm_functions },
- { "AES-192-GCM:id-aes192-GCM", "fips=yes", aes192gcm_functions },
- { "AES-128-GCM:id-aes128-GCM", "fips=yes", aes128gcm_functions },
- { "AES-256-CCM:id-aes256-CCM", "fips=yes", aes256ccm_functions },
- { "AES-192-CCM:id-aes192-CCM", "fips=yes", aes192ccm_functions },
- { "AES-128-CCM:id-aes128-CCM", "fips=yes", aes128ccm_functions },
- { "AES-256-WRAP:id-aes256-wrap:AES256-WRAP", "fips=yes",
- aes256wrap_functions },
- { "AES-192-WRAP:id-aes192-wrap:AES192-WRAP", "fips=yes",
- aes192wrap_functions },
- { "AES-128-WRAP:id-aes128-wrap:AES128-WRAP", "fips=yes",
- aes128wrap_functions },
- { "AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD", "fips=yes",
- aes256wrappad_functions },
- { "AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD", "fips=yes",
- aes192wrappad_functions },
- { "AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", "fips=yes",
- aes128wrappad_functions },
+ ALG("AES-256-ECB", aes256ecb_functions),
+ ALG("AES-192-ECB", aes192ecb_functions),
+ ALG("AES-128-ECB", aes128ecb_functions),
+ ALG("AES-256-CBC", aes256cbc_functions),
+ ALG("AES-192-CBC", aes192cbc_functions),
+ ALG("AES-128-CBC", aes128cbc_functions),
+ ALG("AES-256-CTR", aes256ctr_functions),
+ ALG("AES-192-CTR", aes192ctr_functions),
+ ALG("AES-128-CTR", aes128ctr_functions),
+ ALG("AES-256-XTS", aes256xts_functions),
+ ALG("AES-128-XTS", aes128xts_functions),
+ ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions),
+ ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions),
+ ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions),
+ ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions),
+ ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions),
+ ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions),
+ ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions),
+ ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions),
+ ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions),
+ ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD",
+ aes256wrappad_functions),
+ ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD",
+ aes192wrappad_functions),
+ ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD",
+ aes128wrappad_functions),
+ ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions,
+ cipher_capable_aes_cbc_hmac_sha1),
+ ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions,
+ cipher_capable_aes_cbc_hmac_sha1),
+ ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions,
+ cipher_capable_aes_cbc_hmac_sha256),
+ ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions,
+ cipher_capable_aes_cbc_hmac_sha256),
#ifndef OPENSSL_NO_DES
- { "DES-EDE3-ECB:DES-EDE3", "fips=yes", tdes_ede3_ecb_functions },
- { "DES-EDE3-CBC:DES3", "fips=yes", tdes_ede3_cbc_functions },
+ ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions),
+ ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions),
#endif /* OPENSSL_NO_DES */
- { NULL, NULL, NULL }
+ { { NULL, NULL, NULL }, NULL }
};
+static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)];
static const OSSL_ALGORITHM fips_macs[] = {
#ifndef OPENSSL_NO_CMAC
@@ -416,6 +435,7 @@ static const OSSL_ALGORITHM fips_kdfs[] = {
{ NULL, NULL, NULL }
};
+
static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov,
int operation_id,
int *no_cache)
@@ -425,7 +445,8 @@ static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov,
case OSSL_OP_DIGEST:
return fips_digests;
case OSSL_OP_CIPHER:
- return fips_ciphers;
+ ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers);
+ return exported_fips_ciphers;
case OSSL_OP_MAC:
return fips_macs;
case OSSL_OP_KDF:
diff --git a/providers/implementations/ciphers/build.info b/providers/implementations/ciphers/build.info
index abc193bb1d..bff5a2d41f 100644
--- a/providers/implementations/ciphers/build.info
+++ b/providers/implementations/ciphers/build.info
@@ -40,7 +40,10 @@ SOURCE[$AES_GOAL]=\
cipher_aes_xts.c cipher_aes_xts_hw.c \
cipher_aes_gcm.c cipher_aes_gcm_hw.c \
cipher_aes_ccm.c cipher_aes_ccm_hw.c \
- cipher_aes_wrp.c
+ cipher_aes_wrp.c \
+ cipher_aes_cbc_hmac_sha.c \
+ cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c
+
# Extra code to satisfy the FIPS and non-FIPS separation.
# When the AES-xxx-XTS moves to legacy, this can be removed.
SOURCE[../../libfips.a]=cipher_aes_xts_fips.c
@@ -129,4 +132,3 @@ IF[{- !$disabled{chacha} -}]
cipher_chacha20_poly1305.c cipher_chacha20_poly1305_hw.c
ENDIF
ENDIF
-
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
new file mode 100644
index 0000000000..00b46c3f78
--- /dev/null
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
@@ -0,0 +1,345 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Dispatch functions for AES_CBC_HMAC_SHA ciphers */
+
+
+#include "cipher_aes_cbc_hmac_sha.h"
+#include "prov/implementations.h"
+
+#ifndef AES_CBC_HMAC_SHA_CAPABLE
+# define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \
+const OSSL_DISPATCH nm##kbits##sub##_functions[] = { \
+ { 0, NULL } \
+};
+#else
+# include "prov/providercommonerr.h"
+
+/* TODO(3.0) Figure out what flags are required */
+# define AES_CBC_HMAC_SHA_FLAGS (EVP_CIPH_CBC_MODE \
+ | EVP_CIPH_FLAG_DEFAULT_ASN1 \
+ | EVP_CIPH_FLAG_AEAD_CIPHER \
+ | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
+
+static OSSL_OP_cipher_freectx_fn aes_cbc_hmac_sha1_freectx;
+static OSSL_OP_cipher_freectx_fn aes_cbc_hmac_sha256_freectx;
+static OSSL_OP_cipher_get_ctx_params_fn aes_get_ctx_params;
+static OSSL_OP_cipher_gettable_ctx_params_fn aes_gettable_ctx_params;
+static OSSL_OP_cipher_set_ctx_params_fn aes_set_ctx_params;
+static OSSL_OP_cipher_settable_ctx_params_fn aes_settable_ctx_params;
+# define aes_gettable_params cipher_generic_gettable_params
+# define aes_einit cipher_generic_einit
+# define aes_dinit cipher_generic_dinit
+# define aes_update cipher_generic_stream_update
+# define aes_final cipher_generic_stream_final
+# define aes_cipher cipher_generic_cipher
+
+static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = {
+ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0),
+ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, NULL),
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL),
+ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, NULL, 0),
+ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, NULL, 0),
+# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
+ OSSL_PARAM_END
+};
+const OSSL_PARAM *aes_settable_ctx_params(void)
+{
+ return cipher_aes_known_settable_ctx_params;
+}
+
+static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_CIPHER_HW_AES_HMAC_SHA *hw =
+ (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw;
+ EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
+ const OSSL_PARAM *p, *p1, *pin;
+ int ret = 1;
+
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY);
+ if (p != NULL) {
+ if (p->data_type != OSSL_PARAM_OCTET_STRING) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ hw->init_mac_key(ctx, p->data, p->data_size);
+ }
+
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ p = OSSL_PARAM_locate_const(params,
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT);
+ if (p != NULL
+ && !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ /*
+ * The inputs to tls1_multiblock_aad are:
+ * mb_param->inp
+ * mb_param->len
+ * mb_param->interleave
+ * The outputs of tls1_multiblock_aad are written to:
+ * ctx->multiblock_interleave
+ * ctx->multiblock_aad_packlen
+ */
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD);
+ if (p != NULL) {
+ p1 = OSSL_PARAM_locate_const(params,
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE);
+ if (p->data_type != OSSL_PARAM_OCTET_STRING
+ || p1 == NULL
+ || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ mb_param.inp = p->data;
+ mb_param.len = p->data_size;
+ if (hw->tls1_multiblock_aad(vctx, &mb_param) <= 0)
+ return 0;
+ }
+
+ /*
+ * The inputs to tls1_multiblock_encrypt are:
+ * mb_param->inp
+ * mb_param->len
+ * mb_param->interleave
+ * mb_param->out
+ * The outputs of tls1_multiblock_encrypt are:
+ * ctx->multiblock_encrypt_len
+ */
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC);
+ if (p != NULL) {
+ p1 = OSSL_PARAM_locate_const(params,
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE);
+ pin = OSSL_PARAM_locate_const(params,
+ OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN);
+ if (p->data_type != OSSL_PARAM_OCTET_STRING
+ || pin == NULL
+ || pin->data_type != OSSL_PARAM_OCTET_STRING
+ || p1 == NULL
+ || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ mb_param.out = p->data;
+ mb_param.inp = pin->data;
+ mb_param.len = pin->data_size;
+ if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0)
+ return 0;
+ }
+# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
+
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD);
+ if (p != NULL) {
+ if (p->data_type != OSSL_PARAM_OCTET_STRING) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ if (hw->set_tls1_aad(ctx, p->data, p->data_size) <= 0)
+ return 0;
+ }
+
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
+ if (p != NULL) {
+ size_t keylen;
+
+ if (!OSSL_PARAM_get_size_t(p, &keylen)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ if (ctx->base.keylen != keylen) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ }
+ return ret;
+}
+
+static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_CIPHER_HW_AES_HMAC_SHA *hw =
+ (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw;
+ OSSL_PARAM *p;
+
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE);
+ if (p != NULL) {
+ size_t len = hw->tls1_multiblock_max_bufsize(ctx);
+
+ if (!OSSL_PARAM_set_size_t(p, len)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+ }
+
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE);
+ if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_interleave)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN);
+ if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_aad_packlen)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN);
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->multiblock_encrypt_len)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
+
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD);
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tls_aad_pad)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
+ if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
+ if (p != NULL
+ && !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
+ return 0;
+ }
+ return 1;
+}
+
+static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, NULL),
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL),
+ OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, NULL),
+# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
+ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
+ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
+ OSSL_PARAM_END
+};
+const OSSL_PARAM *aes_gettable_ctx_params(void)
+{
+ return cipher_aes_known_gettable_ctx_params;
+}
+
+static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx,
+ const PROV_CIPHER_HW_AES_HMAC_SHA *meths,
+ size_t kbits, size_t blkbits, size_t ivbits,
+ uint64_t flags)
+{
+ cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits,
+ EVP_CIPH_CBC_MODE, flags,
+ &meths->base, provctx);
+ ctx->hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->base.hw;
+}
+
+static void *aes_cbc_hmac_sha1_newctx(void *provctx, size_t kbits,
+ size_t blkbits, size_t ivbits,
+ uint64_t flags)
+{
+ PROV_AES_HMAC_SHA1_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+ if (ctx != NULL)
+ base_init(provctx, &ctx->base_ctx,
+ PROV_CIPHER_HW_aes_cbc_hmac_sha1(), kbits, blkbits,
+ ivbits, flags);
+ return ctx;
+}
+
+static void aes_cbc_hmac_sha1_freectx(void *vctx)
+{
+ PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+
+ if (ctx != NULL)
+ OPENSSL_clear_free(ctx, sizeof(ctx));
+}
+
+static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits,
+ size_t blkbits, size_t ivbits,
+ uint64_t flags)
+{
+ PROV_AES_HMAC_SHA256_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+ if (ctx != NULL)
+ base_init(provctx, &ctx->base_ctx,
+ PROV_CIPHER_HW_aes_cbc_hmac_sha256(), kbits, blkbits,
+ ivbits, flags);
+ return ctx;
+}
+
+static void aes_cbc_hmac_sha256_freectx(void *vctx)
+{
+ PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+
+ if (ctx != NULL)
+ OPENSSL_clear_free(ctx, sizeof(ctx));
+}
+
+# define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \
+static OSSL_OP_cipher_newctx_fn nm##_##kbits##_##sub##_newctx; \
+static void *nm##_##kbits##_##sub##_newctx(void *provctx) \
+{ \
+ return nm##_##sub##_newctx(provctx, kbits, blkbits, ivbits, flags); \
+} \
+static OSSL_OP_cipher_get_params_fn nm##_##kbits##_##sub##_get_params; \
+static int nm##_##kbits##_##sub##_get_params(OSSL_PARAM params[]) \
+{ \
+ return cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \
+ flags, kbits, blkbits, ivbits); \
+} \
+const OSSL_DISPATCH nm##kbits##sub##_functions[] = { \
+ { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))nm##_##kbits##_##sub##_newctx },\
+ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))nm##_##sub##_freectx }, \
+ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))nm##_einit }, \
+ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))nm##_dinit }, \
+ { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))nm##_update }, \
+ { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))nm##_final }, \
+ { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))nm##_cipher }, \
+ { OSSL_FUNC_CIPHER_GET_PARAMS, \
+ (void (*)(void))nm##_##kbits##_##sub##_get_params }, \
+ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
+ (void (*)(void))nm##_gettable_params }, \
+ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
+ (void (*)(void))nm##_get_ctx_params }, \
+ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
+ (void (*)(void))nm##_gettable_ctx_params }, \
+ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
+ (void (*)(void))nm##_set_ctx_params }, \
+ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
+ (void (*)(void))nm##_settable_ctx_params }, \
+ { 0, NULL } \
+};
+
+#endif /* AES_CBC_HMAC_SHA_CAPABLE */
+
+/* aes128cbc_hmac_sha1_functions */
+IMPLEMENT_CIPHER(aes, cbc_hmac_sha1, 128, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
+/* aes256cbc_hmac_sha1_functions */
+IMPLEMENT_CIPHER(aes, cbc_hmac_sha1, 256, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
+/* aes128cbc_hmac_sha256_functions */
+IMPLEMENT_CIPHER(aes, cbc_hmac_sha256, 128, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
+/* aes256cbc_hmac_sha256_functions */
+IMPLEMENT_CIPHER(aes, cbc_hmac_sha256, 256, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h
new file mode 100644
index 0000000000..86da791c49
--- /dev/null
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "prov/ciphercommon.h"
+#include "crypto/aes_platform.h"
+
+int cipher_capable_aes_cbc_hmac_sha1(void);
+int cipher_capable_aes_cbc_hmac_sha256(void);
+
+#ifdef AES_CBC_HMAC_SHA_CAPABLE
+# include
+# include
+
+typedef struct prov_cipher_hw_aes_hmac_sha_ctx_st {
+ PROV_CIPHER_HW base; /* must be first */
+ void (*init_mac_key)(void *ctx, const unsigned char *inkey, size_t inlen);
+ int (*set_tls1_aad)(void *ctx, unsigned char *aad_rec, int aad_len);
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ int (*tls1_multiblock_max_bufsize)(void *ctx);
+ int (*tls1_multiblock_aad)(
+ void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param);
+ int (*tls1_multiblock_encrypt)(
+ void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param);
+# endif /* OPENSSL_NO_MULTIBLOCK) */
+} PROV_CIPHER_HW_AES_HMAC_SHA;
+
+typedef struct prov_aes_hmac_sha_ctx_st {
+ PROV_CIPHER_CTX base;
+ AES_KEY ks;
+ size_t payload_length; /* AAD length in decrypt case */
+ union {
+ unsigned int tls_ver;
+ unsigned char tls_aad[16]; /* 13 used */
+ } aux;
+ const PROV_CIPHER_HW_AES_HMAC_SHA *hw;
+ /* some value that are setup by set methods - that can be retrieved */
+ unsigned int multiblock_interleave;
+ unsigned int multiblock_aad_packlen;
+ size_t multiblock_max_send_fragment;
+ size_t multiblock_encrypt_len;
+ size_t tls_aad_pad;
+} PROV_AES_HMAC_SHA_CTX;
+
+typedef struct prov_aes_hmac_sha1_ctx_st {
+ PROV_AES_HMAC_SHA_CTX base_ctx;
+ SHA_CTX head, tail, md;
+} PROV_AES_HMAC_SHA1_CTX;
+
+typedef struct prov_aes_hmac_sha256_ctx_st {
+ PROV_AES_HMAC_SHA_CTX base_ctx;
+ SHA256_CTX head, tail, md;
+} PROV_AES_HMAC_SHA256_CTX;
+
+# define NO_PAYLOAD_LENGTH ((size_t)-1)
+
+const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha1(void);
+const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha256(void);
+
+#endif /* AES_CBC_HMAC_SHA_CAPABLE */
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c
new file mode 100644
index 0000000000..125369d7ff
--- /dev/null
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c
@@ -0,0 +1,782 @@
+/*
+ * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_aes_cbc_hmac_sha.h"
+
+#ifndef AES_CBC_HMAC_SHA_CAPABLE
+int cipher_capable_aes_cbc_hmac_sha1(void)
+{
+ return 0;
+}
+#else
+
+# include "crypto/rand.h"
+# include "crypto/evp.h"
+# include "internal/constant_time.h"
+
+void sha1_block_data_order(void *c, const void *p, size_t len);
+void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks,
+ const AES_KEY *key, unsigned char iv[16],
+ SHA_CTX *ctx, const void *in0);
+
+int cipher_capable_aes_cbc_hmac_sha1(void)
+{
+ return AESNI_CBC_HMAC_SHA_CAPABLE;
+}
+
+static int aesni_cbc_hmac_sha1_init_key(PROV_CIPHER_CTX *vctx,
+ const unsigned char *key, size_t keylen)
+{
+ int ret;
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+
+ if (ctx->base.enc)
+ ret = aesni_set_encrypt_key(key, keylen * 8, &ctx->ks);
+ else
+ ret = aesni_set_decrypt_key(key, keylen * 8, &ctx->ks);
+
+ SHA1_Init(&sctx->head); /* handy when benchmarking */
+ sctx->tail = sctx->head;
+ sctx->md = sctx->head;
+
+ ctx->payload_length = NO_PAYLOAD_LENGTH;
+
+ return ret < 0 ? 0 : 1;
+}
+
+static void sha1_update(SHA_CTX *c, const void *data, size_t len)
+{
+ const unsigned char *ptr = data;
+ size_t res;
+
+ if ((res = c->num)) {
+ res = SHA_CBLOCK - res;
+ if (len < res)
+ res = len;
+ SHA1_Update(c, ptr, res);
+ ptr += res;
+ len -= res;
+ }
+
+ res = len % SHA_CBLOCK;
+ len -= res;
+
+ if (len) {
+ sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
+
+ ptr += len;
+ c->Nh += len >> 29;
+ c->Nl += len <<= 3;
+ if (c->Nl < (unsigned int)len)
+ c->Nh++;
+ }
+
+ if (res)
+ SHA1_Update(c, ptr, res);
+}
+
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+
+typedef struct {
+ unsigned int A[8], B[8], C[8], D[8], E[8];
+} SHA1_MB_CTX;
+
+typedef struct {
+ const unsigned char *ptr;
+ int blocks;
+} HASH_DESC;
+
+typedef struct {
+ const unsigned char *inp;
+ unsigned char *out;
+ int blocks;
+ u64 iv[2];
+} CIPH_DESC;
+
+void sha1_multi_block(SHA1_MB_CTX *, const HASH_DESC *, int);
+void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
+
+static size_t tls1_multi_block_encrypt(void *vctx,
+ unsigned char *out,
+ const unsigned char *inp,
+ size_t inp_len, int n4x)
+{ /* n4x is 1 or 2 */
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+ HASH_DESC hash_d[8], edges[8];
+ CIPH_DESC ciph_d[8];
+ unsigned char storage[sizeof(SHA1_MB_CTX) + 32];
+ union {
+ u64 q[16];
+ u32 d[32];
+ u8 c[128];
+ } blocks[8];
+ SHA1_MB_CTX *mctx;
+ unsigned int frag, last, packlen, i;
+ unsigned int x4 = 4 * n4x, minblocks, processed = 0;
+ size_t ret = 0;
+ u8 *IVs;
+# if defined(BSWAP8)
+ u64 seqnum;
+# endif
+
+ /* ask for IVs in bulk */
+ if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0)
+ return 0;
+
+ mctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
+
+ frag = (unsigned int)inp_len >> (1 + n4x);
+ last = (unsigned int)inp_len + frag - (frag << (1 + n4x));
+ if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) {
+ frag++;
+ last -= x4 - 1;
+ }
+
+ packlen = 5 + 16 + ((frag + 20 + 16) & -16);
+
+ /* populate descriptors with pointers and IVs */
+ hash_d[0].ptr = inp;
+ ciph_d[0].inp = inp;
+ /* 5+16 is place for header and explicit IV */
+ ciph_d[0].out = out + 5 + 16;
+ memcpy(ciph_d[0].out - 16, IVs, 16);
+ memcpy(ciph_d[0].iv, IVs, 16);
+ IVs += 16;
+
+ for (i = 1; i < x4; i++) {
+ ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
+ ciph_d[i].out = ciph_d[i - 1].out + packlen;
+ memcpy(ciph_d[i].out - 16, IVs, 16);
+ memcpy(ciph_d[i].iv, IVs, 16);
+ IVs += 16;
+ }
+
+# if defined(BSWAP8)
+ memcpy(blocks[0].c, sctx->md.data, 8);
+ seqnum = BSWAP8(blocks[0].q[0]);
+# endif
+ for (i = 0; i < x4; i++) {
+ unsigned int len = (i == (x4 - 1) ? last : frag);
+# if !defined(BSWAP8)
+ unsigned int carry, j;
+# endif
+
+ mctx->A[i] = sctx->md.h0;
+ mctx->B[i] = sctx->md.h1;
+ mctx->C[i] = sctx->md.h2;
+ mctx->D[i] = sctx->md.h3;
+ mctx->E[i] = sctx->md.h4;
+
+ /* fix seqnum */
+# if defined(BSWAP8)
+ blocks[i].q[0] = BSWAP8(seqnum + i);
+# else
+ for (carry = i, j = 8; j--;) {
+ blocks[i].c[j] = ((u8 *)sctx->md.data)[j] + carry;
+ carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1);
+ }
+# endif
+ blocks[i].c[8] = ((u8 *)sctx->md.data)[8];
+ blocks[i].c[9] = ((u8 *)sctx->md.data)[9];
+ blocks[i].c[10] = ((u8 *)sctx->md.data)[10];
+ /* fix length */
+ blocks[i].c[11] = (u8)(len >> 8);
+ blocks[i].c[12] = (u8)(len);
+
+ memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
+ hash_d[i].ptr += 64 - 13;
+ hash_d[i].blocks = (len - (64 - 13)) / 64;
+
+ edges[i].ptr = blocks[i].c;
+ edges[i].blocks = 1;
+ }
+
+ /* hash 13-byte headers and first 64-13 bytes of inputs */
+ sha1_multi_block(mctx, edges, n4x);
+ /* hash bulk inputs */
+# define MAXCHUNKSIZE 2048
+# if MAXCHUNKSIZE%64
+# error "MAXCHUNKSIZE is not divisible by 64"
+# elif MAXCHUNKSIZE
+ /*
+ * goal is to minimize pressure on L1 cache by moving in shorter steps,
+ * so that hashed data is still in the cache by the time we encrypt it
+ */
+ minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64;
+ if (minblocks > MAXCHUNKSIZE / 64) {
+ for (i = 0; i < x4; i++) {
+ edges[i].ptr = hash_d[i].ptr;
+ edges[i].blocks = MAXCHUNKSIZE / 64;
+ ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+ }
+ do {
+ sha1_multi_block(mctx, edges, n4x);
+ aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x);
+
+ for (i = 0; i < x4; i++) {
+ edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE;
+ hash_d[i].blocks -= MAXCHUNKSIZE / 64;
+ edges[i].blocks = MAXCHUNKSIZE / 64;
+ ciph_d[i].inp += MAXCHUNKSIZE;
+ ciph_d[i].out += MAXCHUNKSIZE;
+ ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+ memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
+ }
+ processed += MAXCHUNKSIZE;
+ minblocks -= MAXCHUNKSIZE / 64;
+ } while (minblocks > MAXCHUNKSIZE / 64);
+ }
+# endif
+# undef MAXCHUNKSIZE
+ sha1_multi_block(mctx, hash_d, n4x);
+
+ memset(blocks, 0, sizeof(blocks));
+ for (i = 0; i < x4; i++) {
+ unsigned int len = (i == (x4 - 1) ? last : frag),
+ off = hash_d[i].blocks * 64;
+ const unsigned char *ptr = hash_d[i].ptr + off;
+
+ off = (len - processed) - (64 - 13) - off; /* remainder actually */
+ memcpy(blocks[i].c, ptr, off);
+ blocks[i].c[off] = 0x80;
+ len += 64 + 13; /* 64 is HMAC header */
+ len *= 8; /* convert to bits */
+ if (off < (64 - 8)) {
+# ifdef BSWAP4
+ blocks[i].d[15] = BSWAP4(len);
+# else
+ PUTU32(blocks[i].c + 60, len);
+# endif
+ edges[i].blocks = 1;
+ } else {
+# ifdef BSWAP4
+ blocks[i].d[31] = BSWAP4(len);
+# else
+ PUTU32(blocks[i].c + 124, len);
+# endif
+ edges[i].blocks = 2;
+ }
+ edges[i].ptr = blocks[i].c;
+ }
+
+ /* hash input tails and finalize */
+ sha1_multi_block(mctx, edges, n4x);
+
+ memset(blocks, 0, sizeof(blocks));
+ for (i = 0; i < x4; i++) {
+# ifdef BSWAP4
+ blocks[i].d[0] = BSWAP4(mctx->A[i]);
+ mctx->A[i] = sctx->tail.h0;
+ blocks[i].d[1] = BSWAP4(mctx->B[i]);
+ mctx->B[i] = sctx->tail.h1;
+ blocks[i].d[2] = BSWAP4(mctx->C[i]);
+ mctx->C[i] = sctx->tail.h2;
+ blocks[i].d[3] = BSWAP4(mctx->D[i]);
+ mctx->D[i] = sctx->tail.h3;
+ blocks[i].d[4] = BSWAP4(mctx->E[i]);
+ mctx->E[i] = sctx->tail.h4;
+ blocks[i].c[20] = 0x80;
+ blocks[i].d[15] = BSWAP4((64 + 20) * 8);
+# else
+ PUTU32(blocks[i].c + 0, mctx->A[i]);
+ mctx->A[i] = sctx->tail.h0;
+ PUTU32(blocks[i].c + 4, mctx->B[i]);
+ mctx->B[i] = sctx->tail.h1;
+ PUTU32(blocks[i].c + 8, mctx->C[i]);
+ mctx->C[i] = sctx->tail.h2;
+ PUTU32(blocks[i].c + 12, mctx->D[i]);
+ mctx->D[i] = sctx->tail.h3;
+ PUTU32(blocks[i].c + 16, mctx->E[i]);
+ mctx->E[i] = sctx->tail.h4;
+ blocks[i].c[20] = 0x80;
+ PUTU32(blocks[i].c + 60, (64 + 20) * 8);
+# endif /* BSWAP */
+ edges[i].ptr = blocks[i].c;
+ edges[i].blocks = 1;
+ }
+
+ /* finalize MACs */
+ sha1_multi_block(mctx, edges, n4x);
+
+ for (i = 0; i < x4; i++) {
+ unsigned int len = (i == (x4 - 1) ? last : frag), pad, j;
+ unsigned char *out0 = out;
+
+ memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
+ ciph_d[i].inp = ciph_d[i].out;
+
+ out += 5 + 16 + len;
+
+ /* write MAC */
+ PUTU32(out + 0, mctx->A[i]);
+ PUTU32(out + 4, mctx->B[i]);
+ PUTU32(out + 8, mctx->C[i]);
+ PUTU32(out + 12, mctx->D[i]);
+ PUTU32(out + 16, mctx->E[i]);
+ out += 20;
+ len += 20;
+
+ /* pad */
+ pad = 15 - len % 16;
+ for (j = 0; j <= pad; j++)
+ *(out++) = pad;
+ len += pad + 1;
+
+ ciph_d[i].blocks = (len - processed) / 16;
+ len += 16; /* account for explicit iv */
+
+ /* arrange header */
+ out0[0] = ((u8 *)sctx->md.data)[8];
+ out0[1] = ((u8 *)sctx->md.data)[9];
+ out0[2] = ((u8 *)sctx->md.data)[10];
+ out0[3] = (u8)(len >> 8);
+ out0[4] = (u8)(len);
+
+ ret += len + 5;
+ inp += frag;
+ }
+
+ aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x);
+
+ OPENSSL_cleanse(blocks, sizeof(blocks));
+ OPENSSL_cleanse(mctx, sizeof(*mctx));
+
+ ctx->multiblock_encrypt_len = ret;
+ return ret;
+}
+# endif /* OPENSSL_NO_MULTIBLOCK */
+
+static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx,
+ unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+ unsigned int l;
+ size_t plen = ctx->payload_length;
+ size_t iv = 0; /* explicit IV in TLS 1.1 and later */
+ size_t aes_off = 0, blocks;
+ size_t sha_off = SHA_CBLOCK - sctx->md.num;
+
+ ctx->payload_length = NO_PAYLOAD_LENGTH;
+
+ if (len % AES_BLOCK_SIZE)
+ return 0;
+
+ if (ctx->base.enc) {
+ if (plen == NO_PAYLOAD_LENGTH)
+ plen = len;
+ else if (len !=
+ ((plen + SHA_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
+ return 0;
+ else if (ctx->aux.tls_ver >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+ if (plen > (sha_off + iv)
+ && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
+ sha1_update(&sctx->md, in + iv, sha_off);
+
+ aesni_cbc_sha1_enc(in, out, blocks, &ctx->ks, ctx->base.iv,
+ &sctx->md, in + iv + sha_off);
+ blocks *= SHA_CBLOCK;
+ aes_off += blocks;
+ sha_off += blocks;
+ sctx->md.Nh += blocks >> 29;
+ sctx->md.Nl += blocks <<= 3;
+ if (sctx->md.Nl < (unsigned int)blocks)
+ sctx->md.Nh++;
+ } else {
+ sha_off = 0;
+ }
+ sha_off += iv;
+ sha1_update(&sctx->md, in + sha_off, plen - sha_off);
+
+ if (plen != len) { /* "TLS" mode of operation */
+ if (in != out)
+ memcpy(out + aes_off, in + aes_off, plen - aes_off);
+
+ /* calculate HMAC and append it to payload */
+ SHA1_Final(out + plen, &sctx->md);
+ sctx->md = sctx->tail;
+ sha1_update(&sctx->md, out + plen, SHA_DIGEST_LENGTH);
+ SHA1_Final(out + plen, &sctx->md);
+
+ /* pad the payload|hmac */
+ plen += SHA_DIGEST_LENGTH;
+ for (l = len - plen - 1; plen < len; plen++)
+ out[plen] = l;
+ /* encrypt HMAC|padding at once */
+ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
+ &ctx->ks, ctx->base.iv, 1);
+ } else {
+ aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
+ &ctx->ks, ctx->base.iv, 1);
+ }
+ } else {
+ union {
+ unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)];
+ unsigned char c[32 + SHA_DIGEST_LENGTH];
+ } mac, *pmac;
+
+ /* arrange cache line alignment */
+ pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
+
+ if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
+ size_t inp_len, mask, j, i;
+ unsigned int res, maxpad, pad, bitlen;
+ int ret = 1;
+ union {
+ unsigned int u[SHA_LBLOCK];
+ unsigned char c[SHA_CBLOCK];
+ } *data = (void *)sctx->md.data;
+
+ if ((ctx->aux.tls_aad[plen - 4] << 8 | ctx->aux.tls_aad[plen - 3])
+ >= TLS1_1_VERSION) {
+ if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1))
+ return 0;
+
+ /* omit explicit iv */
+ memcpy(ctx->base.iv, in, AES_BLOCK_SIZE);
+
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ len -= AES_BLOCK_SIZE;
+ } else if (len < (SHA_DIGEST_LENGTH + 1))
+ return 0;
+
+ /* decrypt HMAC|padding at once */
+ aesni_cbc_encrypt(in, out, len, &ctx->ks, ctx->base.iv, 0);
+
+ /* figure out payload length */
+ pad = out[len - 1];
+ maxpad = len - (SHA_DIGEST_LENGTH + 1);
+ maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+ maxpad &= 255;
+
+ mask = constant_time_ge(maxpad, pad);
+ ret &= mask;
+ /*
+ * If pad is invalid then we will fail the above test but we must
+ * continue anyway because we are in constant time code. However,
+ * we'll use the maxpad value instead of the supplied pad to make
+ * sure we perform well defined pointer arithmetic.
+ */
+ pad = constant_time_select(mask, pad, maxpad);
+
+ inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
+
+ ctx->aux.tls_aad[plen - 2] = inp_len >> 8;
+ ctx->aux.tls_aad[plen - 1] = inp_len;
+
+ /* calculate HMAC */
+ sctx->md = sctx->head;
+ sha1_update(&sctx->md, ctx->aux.tls_aad, plen);
+
+ /* code containing lucky-13 fix */
+ len -= SHA_DIGEST_LENGTH; /* amend mac */
+ if (len >= (256 + SHA_CBLOCK)) {
+ j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
+ j += SHA_CBLOCK - sctx->md.num;
+ sha1_update(&sctx->md, out, j);
+ out += j;
+ len -= j;
+ inp_len -= j;
+ }
+
+ /* but pretend as if we hashed padded payload */
+ bitlen = sctx->md.Nl + (inp_len << 3); /* at most 18 bits */
+# ifdef BSWAP4
+ bitlen = BSWAP4(bitlen);
+# else
+ mac.c[0] = 0;
+ mac.c[1] = (unsigned char)(bitlen >> 16);
+ mac.c[2] = (unsigned char)(bitlen >> 8);
+ mac.c[3] = (unsigned char)bitlen;
+ bitlen = mac.u[0];
+# endif /* BSWAP */
+
+ pmac->u[0] = 0;
+ pmac->u[1] = 0;
+ pmac->u[2] = 0;
+ pmac->u[3] = 0;
+ pmac->u[4] = 0;
+
+ for (res = sctx->md.num, j = 0; j < len; j++) {
+ size_t c = out[j];
+ mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
+ c &= mask;
+ c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
+ data->c[res++] = (unsigned char)c;
+
+ if (res != SHA_CBLOCK)
+ continue;
+
+ /* j is not incremented yet */
+ mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha1_block_data_order(&sctx->md, data, 1);
+ mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= sctx->md.h0 & mask;
+ pmac->u[1] |= sctx->md.h1 & mask;
+ pmac->u[2] |= sctx->md.h2 & mask;
+ pmac->u[3] |= sctx->md.h3 & mask;
+ pmac->u[4] |= sctx->md.h4 & mask;
+ res = 0;
+ }
+
+ for (i = res; i < SHA_CBLOCK; i++, j++)
+ data->c[i] = 0;
+
+ if (res > SHA_CBLOCK - 8) {
+ mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha1_block_data_order(&sctx->md, data, 1);
+ mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= sctx->md.h0 & mask;
+ pmac->u[1] |= sctx->md.h1 & mask;
+ pmac->u[2] |= sctx->md.h2 & mask;
+ pmac->u[3] |= sctx->md.h3 & mask;
+ pmac->u[4] |= sctx->md.h4 & mask;
+
+ memset(data, 0, SHA_CBLOCK);
+ j += 64;
+ }
+ data->u[SHA_LBLOCK - 1] = bitlen;
+ sha1_block_data_order(&sctx->md, data, 1);
+ mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= sctx->md.h0 & mask;
+ pmac->u[1] |= sctx->md.h1 & mask;
+ pmac->u[2] |= sctx->md.h2 & mask;
+ pmac->u[3] |= sctx->md.h3 & mask;
+ pmac->u[4] |= sctx->md.h4 & mask;
+
+# ifdef BSWAP4
+ pmac->u[0] = BSWAP4(pmac->u[0]);
+ pmac->u[1] = BSWAP4(pmac->u[1]);
+ pmac->u[2] = BSWAP4(pmac->u[2]);
+ pmac->u[3] = BSWAP4(pmac->u[3]);
+ pmac->u[4] = BSWAP4(pmac->u[4]);
+# else
+ for (i = 0; i < 5; i++) {
+ res = pmac->u[i];
+ pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
+ pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
+ pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
+ pmac->c[4 * i + 3] = (unsigned char)res;
+ }
+# endif /* BSWAP4 */
+ len += SHA_DIGEST_LENGTH;
+ sctx->md = sctx->tail;
+ sha1_update(&sctx->md, pmac->c, SHA_DIGEST_LENGTH);
+ SHA1_Final(pmac->c, &sctx->md);
+
+ /* verify HMAC */
+ out += inp_len;
+ len -= inp_len;
+ /* version of code with lucky-13 fix */
+ {
+ unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
+ size_t off = out - p;
+ unsigned int c, cmask;
+
+ maxpad += SHA_DIGEST_LENGTH;
+ for (res = 0, i = 0, j = 0; j < maxpad; j++) {
+ c = p[j];
+ cmask =
+ ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
+ 8 - 1);
+ res |= (c ^ pad) & ~cmask; /* ... and padding */
+ cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
+ res |= (c ^ pmac->c[i]) & cmask;
+ i += 1 & cmask;
+ }
+ maxpad -= SHA_DIGEST_LENGTH;
+
+ res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+ ret &= (int)~res;
+ }
+ return ret;
+ } else {
+ /* decrypt HMAC|padding at once */
+ aesni_cbc_encrypt(in, out, len, &ctx->ks, ctx->base.iv, 0);
+ sha1_update(&sctx->md, out, len);
+ }
+ }
+
+ return 1;
+}
+
+/* EVP_CTRL_AEAD_SET_MAC_KEY */
+static void aesni_cbc_hmac_sha1_set_mac_key(void *vctx,
+ const unsigned char *mac, size_t len)
+{
+ PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+ unsigned int i;
+ unsigned char hmac_key[64];
+
+ memset(hmac_key, 0, sizeof(hmac_key));
+
+ if (len > (int)sizeof(hmac_key)) {
+ SHA1_Init(&ctx->head);
+ sha1_update(&ctx->head, mac, len);
+ SHA1_Final(hmac_key, &ctx->head);
+ } else {
+ memcpy(hmac_key, mac, len);
+ }
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36; /* ipad */
+ SHA1_Init(&ctx->head);
+ sha1_update(&ctx->head, hmac_key, sizeof(hmac_key));
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+ SHA1_Init(&ctx->tail);
+ sha1_update(&ctx->tail, hmac_key, sizeof(hmac_key));
+
+ OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
+}
+
+/* EVP_CTRL_AEAD_TLS1_AAD */
+static int aesni_cbc_hmac_sha1_set_tls1_aad(void *vctx,
+ unsigned char *aad_rec, int aad_len)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+ unsigned char *p = aad_rec;
+ unsigned int len;
+
+ if (aad_len != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ len = p[aad_len - 2] << 8 | p[aad_len - 1];
+
+ if (ctx->base.enc) {
+ ctx->payload_length = len;
+ if ((ctx->aux.tls_ver =
+ p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) {
+ if (len < AES_BLOCK_SIZE)
+ return 0;
+ len -= AES_BLOCK_SIZE;
+ p[aad_len - 2] = len >> 8;
+ p[aad_len - 1] = len;
+ }
+ sctx->md = sctx->head;
+ sha1_update(&sctx->md, p, aad_len);
+ ctx->tls_aad_pad = (int)(((len + SHA_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
+ - len);
+ return 1;
+ } else {
+ memcpy(ctx->aux.tls_aad, aad_rec, aad_len);
+ ctx->payload_length = aad_len;
+ ctx->tls_aad_pad = SHA_DIGEST_LENGTH;
+ return 1;
+ }
+}
+
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+
+/* EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE */
+static int aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize(void *vctx)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+
+ OPENSSL_assert(ctx->multiblock_max_send_fragment != 0);
+ return (int)(5 + 16
+ + (((int)ctx->multiblock_max_send_fragment + 20 + 16) & -16));
+}
+
+/* EVP_CTRL_TLS1_1_MULTIBLOCK_AAD */
+static int aesni_cbc_hmac_sha1_tls1_multiblock_aad(
+ void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
+ unsigned int n4x = 1, x4;
+ unsigned int frag, last, packlen, inp_len;
+
+ inp_len = param->inp[11] << 8 | param->inp[12];
+ ctx->multiblock_interleave = param->interleave;
+
+ if (ctx->base.enc) {
+ if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
+ return -1;
+
+ if (inp_len) {
+ if (inp_len < 4096)
+ return 0; /* too short */
+
+ if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5))
+ n4x = 2; /* AVX2 */
+ } else if ((n4x = param->interleave / 4) && n4x <= 2)
+ inp_len = param->len;
+ else
+ return -1;
+
+ sctx->md = sctx->head;
+ sha1_update(&sctx->md, param->inp, 13);
+
+ x4 = 4 * n4x;
+ n4x += 1;
+
+ frag = inp_len >> n4x;
+ last = inp_len + frag - (frag << n4x);
+ if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) {
+ frag++;
+ last -= x4 - 1;
+ }
+
+ packlen = 5 + 16 + ((frag + 20 + 16) & -16);
+ packlen = (packlen << n4x) - packlen;
+ packlen += 5 + 16 + ((last + 20 + 16) & -16);
+
+ param->interleave = x4;
+ /* The returned values used by get need to be stored */
+ ctx->multiblock_interleave = x4;
+ ctx->multiblock_aad_packlen = packlen;
+ return 1;
+ }
+ return -1; /* not yet */
+}
+
+/* EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT */
+static int aesni_cbc_hmac_sha1_tls1_multiblock_encrypt(
+ void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param)
+{
+ return (int)tls1_multi_block_encrypt(ctx, param->out,
+ param->inp, param->len,
+ param->interleave / 4);
+}
+
+#endif /* OPENSSL_NO_MULTIBLOCK */
+
+static const PROV_CIPHER_HW_AES_HMAC_SHA cipher_hw_aes_hmac_sha1 = {
+ {
+ aesni_cbc_hmac_sha1_init_key,
+ aesni_cbc_hmac_sha1_cipher
+ },
+ aesni_cbc_hmac_sha1_set_mac_key,
+ aesni_cbc_hmac_sha1_set_tls1_aad,
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize,
+ aesni_cbc_hmac_sha1_tls1_multiblock_aad,
+ aesni_cbc_hmac_sha1_tls1_multiblock_encrypt
+# endif
+};
+
+const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha1(void)
+{
+ return &cipher_hw_aes_hmac_sha1;
+}
+
+#endif /* AES_CBC_HMAC_SHA_CAPABLE */
diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
new file mode 100644
index 0000000000..4352476264
--- /dev/null
+++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
@@ -0,0 +1,831 @@
+/*
+ * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_aes_cbc_hmac_sha.h"
+
+#ifndef AES_CBC_HMAC_SHA_CAPABLE
+int cipher_capable_aes_cbc_hmac_sha256(void)
+{
+ return 0;
+}
+#else
+
+# include "crypto/rand.h"
+# include "crypto/evp.h"
+# include "internal/constant_time.h"
+
+void sha256_block_data_order(void *c, const void *p, size_t len);
+int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks,
+ const AES_KEY *key, unsigned char iv[16],
+ SHA256_CTX *ctx, const void *in0);
+
+int cipher_capable_aes_cbc_hmac_sha256(void)
+{
+ return AESNI_CBC_HMAC_SHA_CAPABLE
+ && aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL);
+}
+
+static int aesni_cbc_hmac_sha256_init_key(PROV_CIPHER_CTX *vctx,
+ const unsigned char *key,
+ size_t keylen)
+{
+ int ret;
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+
+ if (ctx->base.enc)
+ ret = aesni_set_encrypt_key(key, ctx->base.keylen * 8, &ctx->ks);
+ else
+ ret = aesni_set_decrypt_key(key, ctx->base.keylen * 8, &ctx->ks);
+
+ SHA256_Init(&sctx->head); /* handy when benchmarking */
+ sctx->tail = sctx->head;
+ sctx->md = sctx->head;
+
+ ctx->payload_length = NO_PAYLOAD_LENGTH;
+
+ return ret < 0 ? 0 : 1;
+}
+
+void sha256_block_data_order(void *c, const void *p, size_t len);
+
+static void sha256_update(SHA256_CTX *c, const void *data, size_t len)
+{
+ const unsigned char *ptr = data;
+ size_t res;
+
+ if ((res = c->num)) {
+ res = SHA256_CBLOCK - res;
+ if (len < res)
+ res = len;
+ SHA256_Update(c, ptr, res);
+ ptr += res;
+ len -= res;
+ }
+
+ res = len % SHA256_CBLOCK;
+ len -= res;
+
+ if (len) {
+ sha256_block_data_order(c, ptr, len / SHA256_CBLOCK);
+
+ ptr += len;
+ c->Nh += len >> 29;
+ c->Nl += len <<= 3;
+ if (c->Nl < (unsigned int)len)
+ c->Nh++;
+ }
+
+ if (res)
+ SHA256_Update(c, ptr, res);
+}
+
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+
+typedef struct {
+ unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8];
+} SHA256_MB_CTX;
+
+typedef struct {
+ const unsigned char *ptr;
+ int blocks;
+} HASH_DESC;
+
+typedef struct {
+ const unsigned char *inp;
+ unsigned char *out;
+ int blocks;
+ u64 iv[2];
+} CIPH_DESC;
+
+void sha256_multi_block(SHA256_MB_CTX *, const HASH_DESC *, int);
+void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
+
+static size_t tls1_multi_block_encrypt(void *vctx,
+ unsigned char *out,
+ const unsigned char *inp,
+ size_t inp_len, int n4x)
+{ /* n4x is 1 or 2 */
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+ HASH_DESC hash_d[8], edges[8];
+ CIPH_DESC ciph_d[8];
+ unsigned char storage[sizeof(SHA256_MB_CTX) + 32];
+ union {
+ u64 q[16];
+ u32 d[32];
+ u8 c[128];
+ } blocks[8];
+ SHA256_MB_CTX *mctx;
+ unsigned int frag, last, packlen, i;
+ unsigned int x4 = 4 * n4x, minblocks, processed = 0;
+ size_t ret = 0;
+ u8 *IVs;
+# if defined(BSWAP8)
+ u64 seqnum;
+# endif
+
+ /* ask for IVs in bulk */
+ if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0)
+ return 0;
+
+ mctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
+
+ frag = (unsigned int)inp_len >> (1 + n4x);
+ last = (unsigned int)inp_len + frag - (frag << (1 + n4x));
+ if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) {
+ frag++;
+ last -= x4 - 1;
+ }
+
+ packlen = 5 + 16 + ((frag + 32 + 16) & -16);
+
+ /* populate descriptors with pointers and IVs */
+ hash_d[0].ptr = inp;
+ ciph_d[0].inp = inp;
+ /* 5+16 is place for header and explicit IV */
+ ciph_d[0].out = out + 5 + 16;
+ memcpy(ciph_d[0].out - 16, IVs, 16);
+ memcpy(ciph_d[0].iv, IVs, 16);
+ IVs += 16;
+
+ for (i = 1; i < x4; i++) {
+ ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
+ ciph_d[i].out = ciph_d[i - 1].out + packlen;
+ memcpy(ciph_d[i].out - 16, IVs, 16);
+ memcpy(ciph_d[i].iv, IVs, 16);
+ IVs += 16;
+ }
+
+# if defined(BSWAP8)
+ memcpy(blocks[0].c, sctx->md.data, 8);
+ seqnum = BSWAP8(blocks[0].q[0]);
+# endif
+
+ for (i = 0; i < x4; i++) {
+ unsigned int len = (i == (x4 - 1) ? last : frag);
+# if !defined(BSWAP8)
+ unsigned int carry, j;
+# endif
+
+ mctx->A[i] = sctx->md.h[0];
+ mctx->B[i] = sctx->md.h[1];
+ mctx->C[i] = sctx->md.h[2];
+ mctx->D[i] = sctx->md.h[3];
+ mctx->E[i] = sctx->md.h[4];
+ mctx->F[i] = sctx->md.h[5];
+ mctx->G[i] = sctx->md.h[6];
+ mctx->H[i] = sctx->md.h[7];
+
+ /* fix seqnum */
+# if defined(BSWAP8)
+ blocks[i].q[0] = BSWAP8(seqnum + i);
+# else
+ for (carry = i, j = 8; j--;) {
+ blocks[i].c[j] = ((u8 *)sctx->md.data)[j] + carry;
+ carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1);
+ }
+# endif
+ blocks[i].c[8] = ((u8 *)sctx->md.data)[8];
+ blocks[i].c[9] = ((u8 *)sctx->md.data)[9];
+ blocks[i].c[10] = ((u8 *)sctx->md.data)[10];
+ /* fix length */
+ blocks[i].c[11] = (u8)(len >> 8);
+ blocks[i].c[12] = (u8)(len);
+
+ memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
+ hash_d[i].ptr += 64 - 13;
+ hash_d[i].blocks = (len - (64 - 13)) / 64;
+
+ edges[i].ptr = blocks[i].c;
+ edges[i].blocks = 1;
+ }
+
+ /* hash 13-byte headers and first 64-13 bytes of inputs */
+ sha256_multi_block(mctx, edges, n4x);
+ /* hash bulk inputs */
+# define MAXCHUNKSIZE 2048
+# if MAXCHUNKSIZE%64
+# error "MAXCHUNKSIZE is not divisible by 64"
+# elif MAXCHUNKSIZE
+ /*
+ * goal is to minimize pressure on L1 cache by moving in shorter steps,
+ * so that hashed data is still in the cache by the time we encrypt it
+ */
+ minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64;
+ if (minblocks > MAXCHUNKSIZE / 64) {
+ for (i = 0; i < x4; i++) {
+ edges[i].ptr = hash_d[i].ptr;
+ edges[i].blocks = MAXCHUNKSIZE / 64;
+ ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+ }
+ do {
+ sha256_multi_block(mctx, edges, n4x);
+ aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x);
+
+ for (i = 0; i < x4; i++) {
+ edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE;
+ hash_d[i].blocks -= MAXCHUNKSIZE / 64;
+ edges[i].blocks = MAXCHUNKSIZE / 64;
+ ciph_d[i].inp += MAXCHUNKSIZE;
+ ciph_d[i].out += MAXCHUNKSIZE;
+ ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+ memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
+ }
+ processed += MAXCHUNKSIZE;
+ minblocks -= MAXCHUNKSIZE / 64;
+ } while (minblocks > MAXCHUNKSIZE / 64);
+ }
+# endif
+# undef MAXCHUNKSIZE
+ sha256_multi_block(mctx, hash_d, n4x);
+
+ memset(blocks, 0, sizeof(blocks));
+ for (i = 0; i < x4; i++) {
+ unsigned int len = (i == (x4 - 1) ? last : frag),
+ off = hash_d[i].blocks * 64;
+ const unsigned char *ptr = hash_d[i].ptr + off;
+
+ off = (len - processed) - (64 - 13) - off; /* remainder actually */
+ memcpy(blocks[i].c, ptr, off);
+ blocks[i].c[off] = 0x80;
+ len += 64 + 13; /* 64 is HMAC header */
+ len *= 8; /* convert to bits */
+ if (off < (64 - 8)) {
+# ifdef BSWAP4
+ blocks[i].d[15] = BSWAP4(len);
+# else
+ PUTU32(blocks[i].c + 60, len);
+# endif
+ edges[i].blocks = 1;
+ } else {
+# ifdef BSWAP4
+ blocks[i].d[31] = BSWAP4(len);
+# else
+ PUTU32(blocks[i].c + 124, len);
+# endif
+ edges[i].blocks = 2;
+ }
+ edges[i].ptr = blocks[i].c;
+ }
+
+ /* hash input tails and finalize */
+ sha256_multi_block(mctx, edges, n4x);
+
+ memset(blocks, 0, sizeof(blocks));
+ for (i = 0; i < x4; i++) {
+# ifdef BSWAP4
+ blocks[i].d[0] = BSWAP4(mctx->A[i]);
+ mctx->A[i] = sctx->tail.h[0];
+ blocks[i].d[1] = BSWAP4(mctx->B[i]);
+ mctx->B[i] = sctx->tail.h[1];
+ blocks[i].d[2] = BSWAP4(mctx->C[i]);
+ mctx->C[i] = sctx->tail.h[2];
+ blocks[i].d[3] = BSWAP4(mctx->D[i]);
+ mctx->D[i] = sctx->tail.h[3];
+ blocks[i].d[4] = BSWAP4(mctx->E[i]);
+ mctx->E[i] = sctx->tail.h[4];
+ blocks[i].d[5] = BSWAP4(mctx->F[i]);
+ mctx->F[i] = sctx->tail.h[5];
+ blocks[i].d[6] = BSWAP4(mctx->G[i]);
+ mctx->G[i] = sctx->tail.h[6];
+ blocks[i].d[7] = BSWAP4(mctx->H[i]);
+ mctx->H[i] = sctx->tail.h[7];
+ blocks[i].c[32] = 0x80;
+ blocks[i].d[15] = BSWAP4((64 + 32) * 8);
+# else
+ PUTU32(blocks[i].c + 0, mctx->A[i]);
+ mctx->A[i] = sctx->tail.h[0];
+ PUTU32(blocks[i].c + 4, mctx->B[i]);
+ mctx->B[i] = sctx->tail.h[1];
+ PUTU32(blocks[i].c + 8, mctx->C[i]);
+ mctx->C[i] = sctx->tail.h[2];
+ PUTU32(blocks[i].c + 12, mctx->D[i]);
+ mctx->D[i] = sctx->tail.h[3];
+ PUTU32(blocks[i].c + 16, mctx->E[i]);
+ mctx->E[i] = sctx->tail.h[4];
+ PUTU32(blocks[i].c + 20, mctx->F[i]);
+ mctx->F[i] = sctx->tail.h[5];
+ PUTU32(blocks[i].c + 24, mctx->G[i]);
+ mctx->G[i] = sctx->tail.h[6];
+ PUTU32(blocks[i].c + 28, mctx->H[i]);
+ mctx->H[i] = sctx->tail.h[7];
+ blocks[i].c[32] = 0x80;
+ PUTU32(blocks[i].c + 60, (64 + 32) * 8);
+# endif /* BSWAP */
+ edges[i].ptr = blocks[i].c;
+ edges[i].blocks = 1;
+ }
+
+ /* finalize MACs */
+ sha256_multi_block(mctx, edges, n4x);
+
+ for (i = 0; i < x4; i++) {
+ unsigned int len = (i == (x4 - 1) ? last : frag), pad, j;
+ unsigned char *out0 = out;
+
+ memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
+ ciph_d[i].inp = ciph_d[i].out;
+
+ out += 5 + 16 + len;
+
+ /* write MAC */
+ PUTU32(out + 0, mctx->A[i]);
+ PUTU32(out + 4, mctx->B[i]);
+ PUTU32(out + 8, mctx->C[i]);
+ PUTU32(out + 12, mctx->D[i]);
+ PUTU32(out + 16, mctx->E[i]);
+ PUTU32(out + 20, mctx->F[i]);
+ PUTU32(out + 24, mctx->G[i]);
+ PUTU32(out + 28, mctx->H[i]);
+ out += 32;
+ len += 32;
+
+ /* pad */
+ pad = 15 - len % 16;
+ for (j = 0; j <= pad; j++)
+ *(out++) = pad;
+ len += pad + 1;
+
+ ciph_d[i].blocks = (len - processed) / 16;
+ len += 16; /* account for explicit iv */
+
+ /* arrange header */
+ out0[0] = ((u8 *)sctx->md.data)[8];
+ out0[1] = ((u8 *)sctx->md.data)[9];
+ out0[2] = ((u8 *)sctx->md.data)[10];
+ out0[3] = (u8)(len >> 8);
+ out0[4] = (u8)(len);
+
+ ret += len + 5;
+ inp += frag;
+ }
+
+ aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x);
+
+ OPENSSL_cleanse(blocks, sizeof(blocks));
+ OPENSSL_cleanse(mctx, sizeof(*mctx));
+
+ ctx->multiblock_encrypt_len = ret;
+ return ret;
+}
+# endif /* !OPENSSL_NO_MULTIBLOCK */
+
+static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx,
+ unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+ unsigned int l;
+ size_t plen = ctx->payload_length;
+ size_t iv = 0; /* explicit IV in TLS 1.1 and * later */
+ size_t aes_off = 0, blocks;
+ size_t sha_off = SHA256_CBLOCK - sctx->md.num;
+
+ ctx->payload_length = NO_PAYLOAD_LENGTH;
+
+ if (len % AES_BLOCK_SIZE)
+ return 0;
+
+ if (ctx->base.enc) {
+ if (plen == NO_PAYLOAD_LENGTH)
+ plen = len;
+ else if (len !=
+ ((plen + SHA256_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
+ return 0;
+ else if (ctx->aux.tls_ver >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+ /*
+ * Assembly stitch handles AVX-capable processors, but its
+ * performance is not optimal on AMD Jaguar, ~40% worse, for
+ * unknown reasons. Incidentally processor in question supports
+ * AVX, but not AMD-specific XOP extension, which can be used
+ * to identify it and avoid stitch invocation. So that after we
+ * establish that current CPU supports AVX, we even see if it's
+ * either even XOP-capable Bulldozer-based or GenuineIntel one.
+ * But SHAEXT-capable go ahead...
+ */
+ if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */
+ ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */
+ ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
+ | (OPENSSL_ia32cap_P[0] & (1 << 30))))) && /* "Intel CPU"? */
+ plen > (sha_off + iv) &&
+ (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
+ sha256_update(&sctx->md, in + iv, sha_off);
+
+ (void)aesni_cbc_sha256_enc(in, out, blocks, &ctx->ks,
+ ctx->base.iv,
+ &sctx->md, in + iv + sha_off);
+ blocks *= SHA256_CBLOCK;
+ aes_off += blocks;
+ sha_off += blocks;
+ sctx->md.Nh += blocks >> 29;
+ sctx->md.Nl += blocks <<= 3;
+ if (sctx->md.Nl < (unsigned int)blocks)
+ sctx->md.Nh++;
+ } else {
+ sha_off = 0;
+ }
+ sha_off += iv;
+ sha256_update(&sctx->md, in + sha_off, plen - sha_off);
+
+ if (plen != len) { /* "TLS" mode of operation */
+ if (in != out)
+ memcpy(out + aes_off, in + aes_off, plen - aes_off);
+
+ /* calculate HMAC and append it to payload */
+ SHA256_Final(out + plen, &sctx->md);
+ sctx->md = sctx->tail;
+ sha256_update(&sctx->md, out + plen, SHA256_DIGEST_LENGTH);
+ SHA256_Final(out + plen, &sctx->md);
+
+ /* pad the payload|hmac */
+ plen += SHA256_DIGEST_LENGTH;
+ for (l = len - plen - 1; plen < len; plen++)
+ out[plen] = l;
+ /* encrypt HMAC|padding at once */
+ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
+ &ctx->ks, ctx->base.iv, 1);
+ } else {
+ aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
+ &ctx->ks, ctx->base.iv, 1);
+ }
+ } else {
+ union {
+ unsigned int u[SHA256_DIGEST_LENGTH / sizeof(unsigned int)];
+ unsigned char c[64 + SHA256_DIGEST_LENGTH];
+ } mac, *pmac;
+
+ /* arrange cache line alignment */
+ pmac = (void *)(((size_t)mac.c + 63) & ((size_t)0 - 64));
+
+ /* decrypt HMAC|padding at once */
+ aesni_cbc_encrypt(in, out, len, &ctx->ks,
+ ctx->base.iv, 0);
+
+ if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
+ size_t inp_len, mask, j, i;
+ unsigned int res, maxpad, pad, bitlen;
+ int ret = 1;
+ union {
+ unsigned int u[SHA_LBLOCK];
+ unsigned char c[SHA256_CBLOCK];
+ } *data = (void *)sctx->md.data;
+
+ if ((ctx->aux.tls_aad[plen - 4] << 8 | ctx->aux.tls_aad[plen - 3])
+ >= TLS1_1_VERSION)
+ iv = AES_BLOCK_SIZE;
+
+ if (len < (iv + SHA256_DIGEST_LENGTH + 1))
+ return 0;
+
+ /* omit explicit iv */
+ out += iv;
+ len -= iv;
+
+ /* figure out payload length */
+ pad = out[len - 1];
+ maxpad = len - (SHA256_DIGEST_LENGTH + 1);
+ maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+ maxpad &= 255;
+
+ mask = constant_time_ge(maxpad, pad);
+ ret &= mask;
+ /*
+ * If pad is invalid then we will fail the above test but we must
+ * continue anyway because we are in constant time code. However,
+ * we'll use the maxpad value instead of the supplied pad to make
+ * sure we perform well defined pointer arithmetic.
+ */
+ pad = constant_time_select(mask, pad, maxpad);
+
+ inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
+
+ ctx->aux.tls_aad[plen - 2] = inp_len >> 8;
+ ctx->aux.tls_aad[plen - 1] = inp_len;
+
+ /* calculate HMAC */
+ sctx->md = sctx->head;
+ sha256_update(&sctx->md, ctx->aux.tls_aad, plen);
+
+ /* code with lucky-13 fix */
+ len -= SHA256_DIGEST_LENGTH; /* amend mac */
+ if (len >= (256 + SHA256_CBLOCK)) {
+ j = (len - (256 + SHA256_CBLOCK)) & (0 - SHA256_CBLOCK);
+ j += SHA256_CBLOCK - sctx->md.num;
+ sha256_update(&sctx->md, out, j);
+ out += j;
+ len -= j;
+ inp_len -= j;
+ }
+
+ /* but pretend as if we hashed padded payload */
+ bitlen = sctx->md.Nl + (inp_len << 3); /* at most 18 bits */
+# ifdef BSWAP4
+ bitlen = BSWAP4(bitlen);
+# else
+ mac.c[0] = 0;
+ mac.c[1] = (unsigned char)(bitlen >> 16);
+ mac.c[2] = (unsigned char)(bitlen >> 8);
+ mac.c[3] = (unsigned char)bitlen;
+ bitlen = mac.u[0];
+# endif /* BSWAP */
+
+ pmac->u[0] = 0;
+ pmac->u[1] = 0;
+ pmac->u[2] = 0;
+ pmac->u[3] = 0;
+ pmac->u[4] = 0;
+ pmac->u[5] = 0;
+ pmac->u[6] = 0;
+ pmac->u[7] = 0;
+
+ for (res = sctx->md.num, j = 0; j < len; j++) {
+ size_t c = out[j];
+ mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
+ c &= mask;
+ c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
+ data->c[res++] = (unsigned char)c;
+
+ if (res != SHA256_CBLOCK)
+ continue;
+
+ /* j is not incremented yet */
+ mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha256_block_data_order(&sctx->md, data, 1);
+ mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= sctx->md.h[0] & mask;
+ pmac->u[1] |= sctx->md.h[1] & mask;
+ pmac->u[2] |= sctx->md.h[2] & mask;
+ pmac->u[3] |= sctx->md.h[3] & mask;
+ pmac->u[4] |= sctx->md.h[4] & mask;
+ pmac->u[5] |= sctx->md.h[5] & mask;
+ pmac->u[6] |= sctx->md.h[6] & mask;
+ pmac->u[7] |= sctx->md.h[7] & mask;
+ res = 0;
+ }
+
+ for (i = res; i < SHA256_CBLOCK; i++, j++)
+ data->c[i] = 0;
+
+ if (res > SHA256_CBLOCK - 8) {
+ mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
+ data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+ sha256_block_data_order(&sctx->md, data, 1);
+ mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= sctx->md.h[0] & mask;
+ pmac->u[1] |= sctx->md.h[1] & mask;
+ pmac->u[2] |= sctx->md.h[2] & mask;
+ pmac->u[3] |= sctx->md.h[3] & mask;
+ pmac->u[4] |= sctx->md.h[4] & mask;
+ pmac->u[5] |= sctx->md.h[5] & mask;
+ pmac->u[6] |= sctx->md.h[6] & mask;
+ pmac->u[7] |= sctx->md.h[7] & mask;
+
+ memset(data, 0, SHA256_CBLOCK);
+ j += 64;
+ }
+ data->u[SHA_LBLOCK - 1] = bitlen;
+ sha256_block_data_order(&sctx->md, data, 1);
+ mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+ pmac->u[0] |= sctx->md.h[0] & mask;
+ pmac->u[1] |= sctx->md.h[1] & mask;
+ pmac->u[2] |= sctx->md.h[2] & mask;
+ pmac->u[3] |= sctx->md.h[3] & mask;
+ pmac->u[4] |= sctx->md.h[4] & mask;
+ pmac->u[5] |= sctx->md.h[5] & mask;
+ pmac->u[6] |= sctx->md.h[6] & mask;
+ pmac->u[7] |= sctx->md.h[7] & mask;
+
+# ifdef BSWAP4
+ pmac->u[0] = BSWAP4(pmac->u[0]);
+ pmac->u[1] = BSWAP4(pmac->u[1]);
+ pmac->u[2] = BSWAP4(pmac->u[2]);
+ pmac->u[3] = BSWAP4(pmac->u[3]);
+ pmac->u[4] = BSWAP4(pmac->u[4]);
+ pmac->u[5] = BSWAP4(pmac->u[5]);
+ pmac->u[6] = BSWAP4(pmac->u[6]);
+ pmac->u[7] = BSWAP4(pmac->u[7]);
+# else
+ for (i = 0; i < 8; i++) {
+ res = pmac->u[i];
+ pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
+ pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
+ pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
+ pmac->c[4 * i + 3] = (unsigned char)res;
+ }
+# endif /* BSWAP */
+ len += SHA256_DIGEST_LENGTH;
+ sctx->md = sctx->tail;
+ sha256_update(&sctx->md, pmac->c, SHA256_DIGEST_LENGTH);
+ SHA256_Final(pmac->c, &sctx->md);
+
+ /* verify HMAC */
+ out += inp_len;
+ len -= inp_len;
+ /* code containing lucky-13 fix */
+ {
+ unsigned char *p =
+ out + len - 1 - maxpad - SHA256_DIGEST_LENGTH;
+ size_t off = out - p;
+ unsigned int c, cmask;
+
+ maxpad += SHA256_DIGEST_LENGTH;
+ for (res = 0, i = 0, j = 0; j < maxpad; j++) {
+ c = p[j];
+ cmask =
+ ((int)(j - off - SHA256_DIGEST_LENGTH)) >>
+ (sizeof(int) * 8 - 1);
+ res |= (c ^ pad) & ~cmask; /* ... and padding */
+ cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
+ res |= (c ^ pmac->c[i]) & cmask;
+ i += 1 & cmask;
+ }
+ maxpad -= SHA256_DIGEST_LENGTH;
+
+ res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+ ret &= (int)~res;
+ }
+ return ret;
+ } else {
+ sha256_update(&sctx->md, out, len);
+ }
+ }
+
+ return 1;
+}
+
+/* EVP_CTRL_AEAD_SET_MAC_KEY */
+static void aesni_cbc_hmac_sha256_set_mac_key(void *vctx,
+ const unsigned char *mackey,
+ size_t len)
+{
+ PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+ unsigned int i;
+ unsigned char hmac_key[64];
+
+ memset(hmac_key, 0, sizeof(hmac_key));
+
+ if (len > sizeof(hmac_key)) {
+ SHA256_Init(&ctx->head);
+ sha256_update(&ctx->head, mackey, len);
+ SHA256_Final(hmac_key, &ctx->head);
+ } else {
+ memcpy(hmac_key, mackey, len);
+ }
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36; /* ipad */
+ SHA256_Init(&ctx->head);
+ sha256_update(&ctx->head, hmac_key, sizeof(hmac_key));
+
+ for (i = 0; i < sizeof(hmac_key); i++)
+ hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+ SHA256_Init(&ctx->tail);
+ sha256_update(&ctx->tail, hmac_key, sizeof(hmac_key));
+
+ OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
+}
+
+/* EVP_CTRL_AEAD_TLS1_AAD */
+static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx,
+ unsigned char *aad_rec, int aad_len)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+ unsigned char *p = aad_rec;
+ unsigned int len;
+
+ if (aad_len != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ len = p[aad_len - 2] << 8 | p[aad_len - 1];
+
+ if (ctx->base.enc) {
+ ctx->payload_length = len;
+ if ((ctx->aux.tls_ver =
+ p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) {
+ if (len < AES_BLOCK_SIZE)
+ return 0;
+ len -= AES_BLOCK_SIZE;
+ p[aad_len] = len >> 8;
+ p[aad_len - 1] = len;
+ }
+ sctx->md = sctx->head;
+ sha256_update(&sctx->md, p, aad_len);
+ ctx->tls_aad_pad = (int)(((len + SHA256_DIGEST_LENGTH +
+ AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
+ - len);
+ return 1;
+ } else {
+ memcpy(ctx->aux.tls_aad, p, aad_len);
+ ctx->payload_length = aad_len;
+ ctx->tls_aad_pad = SHA256_DIGEST_LENGTH;
+ return 1;
+ }
+}
+
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+/* EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE */
+static int aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize(
+ void *vctx)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+
+ OPENSSL_assert(ctx->multiblock_max_send_fragment != 0);
+ return (int)(5 + 16
+ + (((int)ctx->multiblock_max_send_fragment + 32 + 16) & -16));
+}
+
+/* EVP_CTRL_TLS1_1_MULTIBLOCK_AAD */
+static int aesni_cbc_hmac_sha256_tls1_multiblock_aad(
+ void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param)
+{
+ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
+ PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
+ unsigned int n4x = 1, x4;
+ unsigned int frag, last, packlen, inp_len;
+
+ inp_len = param->inp[11] << 8 | param->inp[12];
+
+ if (ctx->base.enc) {
+ if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
+ return -1;
+
+ if (inp_len) {
+ if (inp_len < 4096)
+ return 0; /* too short */
+
+ if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5))
+ n4x = 2; /* AVX2 */
+ } else if ((n4x = param->interleave / 4) && n4x <= 2)
+ inp_len = param->len;
+ else
+ return -1;
+
+ sctx->md = sctx->head;
+ sha256_update(&sctx->md, param->inp, 13);
+
+ x4 = 4 * n4x;
+ n4x += 1;
+
+ frag = inp_len >> n4x;
+ last = inp_len + frag - (frag << n4x);
+ if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) {
+ frag++;
+ last -= x4 - 1;
+ }
+
+ packlen = 5 + 16 + ((frag + 32 + 16) & -16);
+ packlen = (packlen << n4x) - packlen;
+ packlen += 5 + 16 + ((last + 32 + 16) & -16);
+
+ param->interleave = x4;
+ /* The returned values used by get need to be stored */
+ ctx->multiblock_interleave = x4;
+ ctx->multiblock_aad_packlen = packlen;
+ return 1;
+ }
+ return -1; /* not yet */
+}
+
+/* EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT */
+static int aesni_cbc_hmac_sha256_tls1_multiblock_encrypt(
+ void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param)
+{
+ return (int)tls1_multi_block_encrypt(ctx, param->out,
+ param->inp, param->len,
+ param->interleave / 4);
+}
+#endif
+
+static const PROV_CIPHER_HW_AES_HMAC_SHA cipher_hw_aes_hmac_sha256 = {
+ {
+ aesni_cbc_hmac_sha256_init_key,
+ aesni_cbc_hmac_sha256_cipher
+ },
+ aesni_cbc_hmac_sha256_set_mac_key,
+ aesni_cbc_hmac_sha256_set_tls1_aad,
+# if !defined(OPENSSL_NO_MULTIBLOCK)
+ aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize,
+ aesni_cbc_hmac_sha256_tls1_multiblock_aad,
+ aesni_cbc_hmac_sha256_tls1_multiblock_encrypt
+# endif
+};
+
+const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha256(void)
+{
+ return &cipher_hw_aes_hmac_sha256;
+}
+
+#endif /* AES_CBC_HMAC_SHA_CAPABLE */
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 75c20a096e..ed44d68a5a 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -75,6 +75,10 @@ extern const OSSL_DISPATCH aes128wrap_functions[];
extern const OSSL_DISPATCH aes256wrappad_functions[];
extern const OSSL_DISPATCH aes192wrappad_functions[];
extern const OSSL_DISPATCH aes128wrappad_functions[];
+extern const OSSL_DISPATCH aes256cbc_hmac_sha1_functions[];
+extern const OSSL_DISPATCH aes128cbc_hmac_sha1_functions[];
+extern const OSSL_DISPATCH aes256cbc_hmac_sha256_functions[];
+extern const OSSL_DISPATCH aes128cbc_hmac_sha256_functions[];
#ifndef OPENSSL_NO_ARIA
extern const OSSL_DISPATCH aria256gcm_functions[];
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 46e490a417..4993f16f4c 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -6820,6 +6820,103 @@ static int test_ca_names(int tst)
return testresult;
}
+#ifndef OPENSSL_NO_TLS1_2
+static const char *multiblock_cipherlist_data[]=
+{
+ "AES128-SHA",
+ "AES128-SHA256",
+ "AES256-SHA",
+ "AES256-SHA256",
+};
+
+/* Reduce the fragment size - so the multiblock test buffer can be small */
+# define MULTIBLOCK_FRAGSIZE 512
+
+static int test_multiblock_write(int test_index)
+{
+ static const char *fetchable_ciphers[]=
+ {
+ "AES-128-CBC-HMAC-SHA1",
+ "AES-128-CBC-HMAC-SHA256",
+ "AES-256-CBC-HMAC-SHA1",
+ "AES-256-CBC-HMAC-SHA256"
+ };
+ const char *cipherlist = multiblock_cipherlist_data[test_index];
+ const SSL_METHOD *smeth = TLS_server_method();
+ const SSL_METHOD *cmeth = TLS_client_method();
+ int min_version = TLS1_VERSION;
+ int max_version = TLS1_2_VERSION; /* Don't select TLS1_3 */
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+
+ /*
+ * Choose a buffer large enough to perform a multi-block operation
+ * i.e: write_len >= 4 * frag_size
+ * 9 * is chosen so that multiple multiblocks are used + some leftover.
+ */
+ unsigned char msg[MULTIBLOCK_FRAGSIZE * 9];
+ unsigned char buf[sizeof(msg)], *p = buf;
+ size_t readbytes, written, len;
+ EVP_CIPHER *ciph = NULL;
+
+ /*
+ * Check if the cipher exists before attempting to use it since it only has
+ * a hardware specific implementation.
+ */
+ ciph = EVP_CIPHER_fetch(NULL, fetchable_ciphers[test_index], "");
+ if (ciph == NULL) {
+ TEST_skip("Multiblock cipher is not available for %s", cipherlist);
+ return 1;
+ }
+ EVP_CIPHER_free(ciph);
+
+ /* Set up a buffer with some data that will be sent to the client */
+ RAND_bytes(msg, sizeof(msg));
+
+ if (!TEST_true(create_ssl_ctx_pair(smeth, cmeth, min_version, max_version,
+ &sctx, &cctx, cert, privkey)))
+ goto end;
+
+ if (!TEST_true(SSL_CTX_set_max_send_fragment(sctx, MULTIBLOCK_FRAGSIZE)))
+ goto end;
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL)))
+ goto end;
+
+ /* settings to force it to use AES-CBC-HMAC_SHA */
+ SSL_set_options(serverssl, SSL_OP_NO_ENCRYPT_THEN_MAC);
+ if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipherlist)))
+ goto end;
+
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
+ goto end;
+
+ if (!TEST_true(SSL_write_ex(serverssl, msg, sizeof(msg), &written))
+ || !TEST_size_t_eq(written, sizeof(msg)))
+ goto end;
+
+ len = written;
+ while (len > 0) {
+ if (!TEST_true(SSL_read_ex(clientssl, p, MULTIBLOCK_FRAGSIZE, &readbytes)))
+ goto end;
+ p += readbytes;
+ len -= readbytes;
+ }
+ if (!TEST_mem_eq(msg, sizeof(msg), buf, sizeof(buf)))
+ goto end;
+
+ testresult = 1;
+end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+
+ return testresult;
+}
+#endif /* OPENSSL_NO_TLS1_2 */
OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile\n")
@@ -6968,6 +7065,9 @@ int setup_tests(void)
ADD_ALL_TESTS(test_cert_cb, 6);
ADD_ALL_TESTS(test_client_cert_cb, 2);
ADD_ALL_TESTS(test_ca_names, 3);
+#ifndef OPENSSL_NO_TLS1_2
+ ADD_ALL_TESTS(test_multiblock_write, OSSL_NELEM(multiblock_cipherlist_data));
+#endif
return 1;
}
From kaishen.yy at antfin.com Mon Jan 6 03:16:15 2020
From: kaishen.yy at antfin.com (kaishen.yy at antfin.com)
Date: Mon, 06 Jan 2020 03:16:15 +0000
Subject: [openssl] master update
Message-ID: <1578280575.323086.14888.nullmailer@dev.openssl.org>
The branch master has been updated
via bc24e3ee52aacf3afe700617a13995c8ac96c8d5 (commit)
from 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f (commit)
- Log -----------------------------------------------------------------
commit bc24e3ee52aacf3afe700617a13995c8ac96c8d5
Author: Rich Salz
Date: Thu Oct 24 23:02:09 2019 -0400
Move -nameopt to openssl.pod
Also clarify the description of the options.
Reviewed-by: Paul Yang
Reviewed-by: Dmitry Belyavskiy
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/10259)
-----------------------------------------------------------------------
Summary of changes:
doc/man1/openssl-crl.pod.in | 9 +--
doc/man1/openssl-req.pod.in | 11 +--
doc/man1/openssl-s_client.pod.in | 11 +--
doc/man1/openssl-s_server.pod.in | 11 +--
doc/man1/openssl-s_time.pod.in | 13 ++--
doc/man1/openssl-verify.pod.in | 15 ++--
doc/man1/openssl-x509.pod.in | 153 +--------------------------------------
doc/man1/openssl.pod | 150 ++++++++++++++++++++++++++++++++++++++
doc/perlvars.pm | 8 ++
9 files changed, 184 insertions(+), 197 deletions(-)
diff --git a/doc/man1/openssl-crl.pod.in b/doc/man1/openssl-crl.pod.in
index 29d2ac25d5..680a11d06c 100644
--- a/doc/man1/openssl-crl.pod.in
+++ b/doc/man1/openssl-crl.pod.in
@@ -15,12 +15,12 @@ B B
[B<-text>]
[B<-in> I]
[B<-out> I]
-[B<-nameopt> I]
[B<-noout>]
[B<-hash>]
[B<-issuer>]
[B<-lastupdate>]
[B<-nextupdate>]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_trust_synopsis -}
=for openssl ifdef hash_old
@@ -61,11 +61,6 @@ default.
Print out the CRL in text form.
-=item B<-nameopt> I
-
-Option which determines how the subject or issuer names are displayed. See
-the description of B<-nameopt> in L.
-
=item B<-noout>
Don't output the encoded version of the CRL.
@@ -92,6 +87,8 @@ Output the lastUpdate field.
Output the nextUpdate field.
+{- $OpenSSL::safe::opt_name_item -}
+
{- $OpenSSL::safe::opt_trust_item -}
=back
diff --git a/doc/man1/openssl-req.pod.in b/doc/man1/openssl-req.pod.in
index 88772cad7c..17ffe9ade6 100644
--- a/doc/man1/openssl-req.pod.in
+++ b/doc/man1/openssl-req.pod.in
@@ -39,7 +39,6 @@ B B
[B<-reqexts> I]
[B<-precert>]
[B<-utf8>]
-[B<-nameopt>]
[B<-reqopt>]
[B<-subject>]
[B<-subj> I]
@@ -49,6 +48,7 @@ B B
[B<-engine> I]
[B<-sm2-id> I]
[B<-sm2-hex-id> I]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_r_synopsis -}
=for openssl ifdef engine keygen_engine sm2-id sm2-hex-id
@@ -280,13 +280,6 @@ default they are interpreted as ASCII. This means that the field
values, whether prompted from a terminal or obtained from a
configuration file, must be valid UTF8 strings.
-=item B<-nameopt> I
-
-Option which determines how the subject or issuer names are displayed. The
-I argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L manual page for details.
-
=item B<-reqopt> I
Customise the output format used with B<-text>. The I argument can be
@@ -330,6 +323,8 @@ string is required by the SM2 signature algorithm for signing and verification.
Specify a binary ID string to use when verifying an SM2 certificate request. The
argument for this option is string of hexadecimal digits.
+{- $OpenSSL::safe::opt_name_item -}
+
{- $OpenSSL::safe::opt_r_item -}
=back
diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in
index b14332dbda..f010e60679 100644
--- a/doc/man1/openssl-s_client.pod.in
+++ b/doc/man1/openssl-s_client.pod.in
@@ -58,7 +58,6 @@ B B
[B<-no_alt_chains>]
[B<-use_deltas>]
[B<-auth_level> I]
-[B<-nameopt> I]
[B<-verify_depth> I]
[B<-verify_email> I]
[B<-verify_hostname> I]
@@ -128,6 +127,7 @@ B B
[B<-keylogfile> I]
[B<-early_data> I]
[B<-enable_pha>]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_x_synopsis -}
{- $OpenSSL::safe::opt_trust_synopsis -}
{- $OpenSSL::safe::opt_r_synopsis -}
@@ -282,13 +282,6 @@ will never fail due to a server certificate verify failure.
Return verification errors instead of continuing. This will typically
abort the handshake with a fatal error.
-=item B<-nameopt> I
-
-Option which determines how the subject or issuer names are displayed. The
-I argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L manual page for details.
-
=item B<-chainCApath> I
The directory to use for building the chain provided to the server. This
@@ -706,6 +699,8 @@ be provided as a single positional argument after all options. If neither this
nor B<-connect> are provided, falls back to attempting to connect to
I on port I<4433>.
+{- $OpenSSL::safe::opt_name_item -}
+
{- $OpenSSL::safe::opt_x_item -}
{- $OpenSSL::safe::opt_trust_item -}
diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index f8913e647c..ed2d049081 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -19,7 +19,6 @@ B B
[B<-verify> I]
[B<-Verify> I]
[B<-cert> I]
-[B<-nameopt> I]
[B<-naccept> I<+int>]
[B<-serverinfo> I]
[B<-certform> B|B]
@@ -174,6 +173,7 @@ B B
[B<-anti_replay>]
[B<-no_anti_replay>]
[B<-http_server_binmode>]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_x_synopsis -}
{- $OpenSSL::safe::opt_trust_synopsis -}
{- $OpenSSL::safe::opt_r_synopsis -}
@@ -263,13 +263,6 @@ B<-cert> option.
Specify whether the application should build the certificate chain to be
provided to the client.
-=item B<-nameopt> I
-
-Option which determines how the subject or issuer names are displayed. The
-I argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L manual page for details.
-
=item B<-naccept> I<+int>
The server will exit after receiving the specified number of connections,
@@ -721,6 +714,8 @@ data that was sent will be rejected.
When acting as web-server (using option B<-WWW> or B<-HTTP>) open files requested
by the client in binary mode.
+{- $OpenSSL::safe::opt_name_item -}
+
{- $OpenSSL::safe::opt_x_item -}
{- $OpenSSL::safe::opt_trust_item -}
diff --git a/doc/man1/openssl-s_time.pod.in b/doc/man1/openssl-s_time.pod.in
index fd7cb02358..01707324db 100644
--- a/doc/man1/openssl-s_time.pod.in
+++ b/doc/man1/openssl-s_time.pod.in
@@ -16,7 +16,6 @@ B B
[B<-reuse>]
[B<-new>]
[B<-verify> I]
-[B<-nameopt> I]
[B<-time> I]
[B<-ssl3>]
[B<-tls1>]
@@ -26,6 +25,7 @@ B B
[B<-bugs>]
[B<-cipher> I]
[B<-ciphersuites> I]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_trust_synopsis -}
=for openssl ifdef ssl3 tls1 tls1_1 tls1_2 tls1_3
@@ -76,12 +76,11 @@ Currently the verify operation continues after errors so all the problems
with a certificate chain can be seen. As a side effect the connection
will never fail due to a server certificate verify failure.
-=item B<-nameopt> I
+=item B<-CApath> I
-Option which determines how the subject or issuer names are displayed. The
-I argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L manual page for details.
+The directory to use for server certificate verification. This directory
+must be in "hash format", see L for more information.
+These are also used when building the client certificate chain.
=item B<-new>
@@ -133,6 +132,8 @@ and optionally transfer payload data from a server. Server and client
performance and the link speed determine how many connections it
can establish.
+{- $OpenSSL::safe::opt_name_item -}
+
{- $OpenSSL::safe::opt_trust_item -}
=back
diff --git a/doc/man1/openssl-verify.pod.in b/doc/man1/openssl-verify.pod.in
index 4f7f587b6d..100cff4a6b 100644
--- a/doc/man1/openssl-verify.pod.in
+++ b/doc/man1/openssl-verify.pod.in
@@ -22,7 +22,6 @@ B B
[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
-[B<-nameopt> I]
[B<-no_check_time>]
[B<-partial_chain>]
[B<-policy> I]
@@ -48,6 +47,7 @@ B B
[B<-show_chain>]
[B<-sm2-id> I]
[B<-sm2-hex-id> I]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_trust_synopsis -}
[B<-->]
[I ...]
@@ -133,13 +133,6 @@ Set policy variable inhibit-any-policy (see RFC5280).
Set policy variable inhibit-policy-mapping (see RFC5280).
-=item B<-nameopt> I
-
-Option which determines how the subject or issuer names are displayed. The
-I argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L manual page for details.
-
=item B<-no_check_time>
This option suppresses checking the validity period of certificates and CRLs
@@ -306,14 +299,16 @@ required by the SM2 signature algorithm for signing and verification.
Specify a binary ID string to use when signing or verifying using an SM2
certificate. The argument for this option is string of hexadecimal digits.
+{- $OpenSSL::safe::opt_name_item -}
+
+{- $OpenSSL::safe::opt_trust_item -}
+
=item B<-->
Indicates the last option. All arguments following this are assumed to be
certificate files. This is useful if the first certificate filename begins
with a B<-->.
-{- $OpenSSL::safe::opt_trust_item -}
-
=item I ...
One or more certificates to verify. If no certificates are given,
diff --git a/doc/man1/openssl-x509.pod.in b/doc/man1/openssl-x509.pod.in
index ae9957117a..5dfb9bb0e6 100644
--- a/doc/man1/openssl-x509.pod.in
+++ b/doc/man1/openssl-x509.pod.in
@@ -23,7 +23,6 @@ B B
[B<-ocspid>]
[B<-subject>]
[B<-issuer>]
-[B<-nameopt> I]
[B<-email>]
[B<-ocsp_uri>]
[B<-startdate>]
@@ -66,6 +65,7 @@ B B
[B<-sigopt> I:I]
[B<-engine> I]
[B<-preserve_dates>]
+{- $OpenSSL::safe::opt_name_synopsis -}
{- $OpenSSL::safe::opt_r_synopsis -}
=for openssl ifdef engine subject_hash_old issuer_hash_old
@@ -213,12 +213,7 @@ Outputs the subject name.
Outputs the issuer name.
-=item B<-nameopt> I
-
-Option which determines how the subject or issuer names are displayed. The
-I argument can be a single option or multiple options separated by
-commas. Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L section for more information.
+{- $OpenSSL::safe::opt_name_item -}
=item B<-email>
@@ -488,150 +483,6 @@ or certificate request.
=back
-=head2 Name Options
-
-The B<-nameopt> command line switch determines how the subject and issuer
-names are displayed. If no B<-nameopt> switch is present the default "oneline"
-format is used which is compatible with previous versions of OpenSSL.
-Each option is described in detail below, all options can be preceded by
-a B<-> to turn the option off. Only the first four will normally be used.
-
-=over 4
-
-=item B
-
-Use the old format.
-
-=item B
-
-Displays names compatible with RFC2253 equivalent to B, B,
-B, B, B, B, B,
-B, B and B.
-
-=item B
-
-A oneline format which is more readable than RFC2253. It is equivalent to
-specifying the B, B, B, B, B,
-B, B, B, B and B
-options. This is the I of no name options are given explicitly.
-
-=item B
-
-A multiline format. It is equivalent B, B, B,
-B, B and B.
-
-=item B
-
-Escape the "special" characters required by RFC2253 in a field. That is
-B<,+"EE;>. Additionally B<#> is escaped at the beginning of a string
-and a space character at the beginning or end of a string.
-
-=item B
-
-Escape the "special" characters required by RFC2254 in a field. That is
-the B character as well as and B<()*>.
-
-=item B
-
-Escape control characters. That is those with ASCII values less than
-0x20 (space) and the delete (0x7f) character. They are escaped using the
-RFC2253 \XX notation (where XX are two hex digits representing the
-character value).
-
-=item B
-
-Escape characters with the MSB set, that is with ASCII values larger than
-127.
-
-=item B
-
-Escapes some characters by surrounding the whole string with B<"> characters,
-without the option all escaping is done with the B<\> character.
-
-=item B
-
-Convert all strings to UTF8 format first. This is required by RFC2253. If
-you are lucky enough to have a UTF8 compatible terminal then the use
-of this option (and B setting B) may result in the correct
-display of multibyte (international) characters. Is this option is not
-present then multibyte characters larger than 0xff will be represented
-using the format \UXXXX for 16 bits and \WXXXXXXXX for 32 bits.
-Also if this option is off any UTF8Strings will be converted to their
-character form first.
-
-=item B
-
-This option does not attempt to interpret multibyte characters in any
-way. That is their content octets are merely dumped as though one octet
-represents each character. This is useful for diagnostic purposes but
-will result in rather odd looking output.
-
-=item B
-
-Show the type of the ASN1 character string. The type precedes the
-field contents. For example "BMPSTRING: Hello World".
-
-=item B
-
-When this option is set any fields that need to be hexdumped will
-be dumped using the DER encoding of the field. Otherwise just the
-content octets will be displayed. Both options use the RFC2253
-B<#XXXX...> format.
-
-=item B
-
-Dump non character string types (for example OCTET STRING) if this
-option is not set then non character string types will be displayed
-as though each content octet represents a single character.
-
-=item B
-
-Dump all fields. This option when used with B allows the
-DER encoding of the structure to be unambiguously determined.
-
-=item B
-
-Dump any field whose OID is not recognised by OpenSSL.
-
-=item B, B, B,
-B
-
-These options determine the field separators. The first character is
-between Relative Distinguished Names (RDNs) and the second is between
-multiple Attribute Value Assertions (AVAs, multiple AVAs are
-very rare and their use is discouraged). The options ending in
-"space" additionally place a space after the separator to make it
-more readable. The B uses a linefeed character for
-the RDN separator and a spaced B<+> for the AVA separator. It also
-indents the fields by four characters. If no field separator is specified
-then B is used by default.
-
-=item B
-
-Reverse the fields of the DN. This is required by RFC2253. As a side
-effect this also reverses the order of multiple AVAs but this is
-permissible.
-
-=item B, B, B, B
-
-These options alter how the field name is displayed. B does
-not display the field at all. B uses the "short name" form
-(CN for commonName for example). B uses the long form.
-B represents the OID in numerical form and is useful for
-diagnostic purpose.
-
-=item B
-
-Align field values for a more readable output. Only usable with
-B.
-
-=item B
-
-Places spaces round the B<=> character which follows the field
-name.
-
-=back
-
=head2 Text Options
As well as customising the name output format, it is also possible to
diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod
index 21e9d97217..2e58b1bb3e 100644
--- a/doc/man1/openssl.pod
+++ b/doc/man1/openssl.pod
@@ -783,6 +783,156 @@ See L for details.
=back
+=head2 Name Format Options
+
+OpenSSL provides fine-grain control over how the subject and issuer DN's are
+displayed.
+This is specified by using the B<-nameopt> option, which takes a
+comma-separated list of options from the following set.
+An option may be preceeded by a minus sign, C<->, to turn it off.
+The default value is C.
+The first four are the most commonly used.
+
+=over 4
+
+=item B
+
+Display the name using an old format from previous OpenSSL versions.
+
+=item B
+
+Display the name using the format defined in RFC 2253.
+It is equivalent to B, B, B, B,
+B, B, B, B, B
+and B.
+
+=item B
+
+Display the name in one line, using a format that is more readable
+RFC 2253.
+It is equivalent to B, B, B, B,
+B, B, B, B,
+B and B options.
+
+=item B
+
+Display the name using multiple lines.
+It is equivalent to B, B, B, B