From matthias.st.pierre at ncp-e.com Thu Jan 2 12:50:55 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Thu, 02 Jan 2020 12:50:55 +0000 Subject: [openssl] master update Message-ID: <1577969455.522150.20737.nullmailer@dev.openssl.org> The branch master has been updated via 2de5a5fbdd14f514e962cccfe90482c37786c183 (commit) from 5f95fbf39987848fc50fc8acf42eb8f4a7ec8666 (commit) - Log ----------------------------------------------------------------- commit 2de5a5fbdd14f514e962cccfe90482c37786c183 Author: dcruette Date: Tue Dec 24 22:48:19 2019 +0100 Update tls13_enc.c Fix double + in hkdflabel declaration (FIXES #10675) CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Kurt Roeckx Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10700) ----------------------------------------------------------------------- Summary of changes: ssl/tls13_enc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 266b7dfd21..9c44813ccb 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -49,7 +49,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, * prefix and label + bytes for the label itself + 1 byte length of hash * + bytes for the hash itself */ - unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + (sizeof(label_prefix) - 1) + TLS13_MAX_LABEL_LEN + 1 + EVP_MAX_MD_SIZE]; WPACKET pkt; From matthias.st.pierre at ncp-e.com Thu Jan 2 12:52:29 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Thu, 02 Jan 2020 12:52:29 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1577969549.812224.22100.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 10e166abd47790155766b774910ededa3add74dc (commit) from 3c57b9c5810d92f75da2c1dda325439c7ebd3c97 (commit) - Log ----------------------------------------------------------------- commit 10e166abd47790155766b774910ededa3add74dc Author: dcruette Date: Tue Dec 24 22:48:19 2019 +0100 Update tls13_enc.c Fix double + in hkdflabel declaration (FIXES #10675) CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Kurt Roeckx Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10700) (cherry picked from commit 2de5a5fbdd14f514e962cccfe90482c37786c183) ----------------------------------------------------------------------- Summary of changes: ssl/tls13_enc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 36de1943ef..c07e3005b6 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -44,7 +44,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, * prefix and label + bytes for the label itself + 1 byte length of hash * + bytes for the hash itself */ - unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + (sizeof(label_prefix) - 1) + TLS13_MAX_LABEL_LEN + 1 + EVP_MAX_MD_SIZE]; WPACKET pkt; From builds at travis-ci.org Thu Jan 2 13:09:22 2020 From: builds at travis-ci.org (Travis CI) Date: Thu, 02 Jan 2020 13:09:22 +0000 Subject: Broken: openssl/openssl#30961 (master - 2de5a5f) In-Reply-To: Message-ID: <5e0deb824aca1_43fe7d6c167746305c@b2d09d66-d47e-496f-ae48-d3ec29cb834a.mail> Build Update for openssl/openssl ------------------------------------- Build: #30961 Status: Broken Duration: 17 mins and 49 secs Commit: 2de5a5f (master) Author: dcruette Message: Update tls13_enc.c Fix double + in hkdflabel declaration (FIXES #10675) CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Kurt Roeckx Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10700) View the changeset: https://github.com/openssl/openssl/compare/5f95fbf39987...2de5a5fbdd14 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/631857105?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Jan 2 13:21:17 2020 From: builds at travis-ci.org (Travis CI) Date: Thu, 02 Jan 2020 13:21:17 +0000 Subject: Broken: openssl/openssl#30962 (OpenSSL_1_1_1-stable - 10e166a) In-Reply-To: Message-ID: <5e0dee4d96471_43ff527ba6ac4209361@b1e23ad9-04bf-4121-bfd5-8359cc2720ff.mail> Build Update for openssl/openssl ------------------------------------- Build: #30962 Status: Broken Duration: 26 mins and 18 secs Commit: 10e166a (OpenSSL_1_1_1-stable) Author: dcruette Message: Update tls13_enc.c Fix double + in hkdflabel declaration (FIXES #10675) CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Kurt Roeckx Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10700) (cherry picked from commit 2de5a5fbdd14f514e962cccfe90482c37786c183) View the changeset: https://github.com/openssl/openssl/compare/3c57b9c5810d...10e166abd477 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/631857557?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Jan 2 13:45:14 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 02 Jan 2020 13:45:14 +0000 Subject: Build failed: openssl master.30389 Message-ID: <20200102134514.1.4C565A9D9CC2AEC7@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Jan 2 14:44:03 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 02 Jan 2020 14:44:03 +0000 Subject: [openssl] master update Message-ID: <1577976243.429433.31362.nullmailer@dev.openssl.org> The branch master has been updated via e7b834b6bb0a32be694ebc8e614247c9af735c0f (commit) from 2de5a5fbdd14f514e962cccfe90482c37786c183 (commit) - Log ----------------------------------------------------------------- commit e7b834b6bb0a32be694ebc8e614247c9af735c0f Author: Matt Caswell Date: Thu Jan 2 13:43:50 2020 +0000 Run make update The New Year has caused various files to appear out of date to "make update". This causes Travis to fail. Therefore we update those file. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10738) ----------------------------------------------------------------------- Summary of changes: apps/progs.c | 2 +- apps/progs.h | 2 +- crypto/asn1/charmap.h | 2 +- crypto/bn/bn_prime.h | 2 +- crypto/conf/conf_def.h | 2 +- crypto/objects/obj_dat.h | 2 +- crypto/objects/obj_xref.h | 2 +- include/openssl/obj_mac.h | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apps/progs.c b/apps/progs.c index 721e8cbf33..82cd19bed6 100644 --- a/apps/progs.c +++ b/apps/progs.c @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by apps/progs.pl * - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/apps/progs.h b/apps/progs.h index deb9549fb6..04e9c4e922 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by apps/progs.pl * - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h index 0374b643e3..e855b15977 100644 --- a/crypto/asn1/charmap.h +++ b/crypto/asn1/charmap.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/asn1/charmap.pl * - * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h index e99433cda6..ef16bb43d0 100644 --- a/crypto/bn/bn_prime.h +++ b/crypto/bn/bn_prime.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/bn/bn_prime.pl * - * Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h index 1a3557d954..3fdb6a9b4a 100644 --- a/crypto/conf/conf_def.h +++ b/crypto/conf/conf_def.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/conf/keysets.pl * - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 3319ff0c02..80426896ba 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index 2a02a934a4..ba290cc661 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by objxref.pl * - * Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 2696a4b204..5d7611bc25 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at From no-reply at appveyor.com Thu Jan 2 14:47:41 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 02 Jan 2020 14:47:41 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.30390 Message-ID: <20200102144741.1.1665FAF6FC744D54@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Jan 2 14:48:45 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 02 Jan 2020 14:48:45 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1577976525.783827.4258.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 2c52a36400345d999c8ee3604fe1ea93fddd5cb7 (commit) from 10e166abd47790155766b774910ededa3add74dc (commit) - Log ----------------------------------------------------------------- commit 2c52a36400345d999c8ee3604fe1ea93fddd5cb7 Author: Matt Caswell Date: Thu Jan 2 13:48:00 2020 +0000 Run make update The New Year has caused various files to appear out of date to "make update". This causes Travis to fail. Therefore we update those files. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10739) ----------------------------------------------------------------------- Summary of changes: crypto/asn1/charmap.h | 2 +- crypto/bn/bn_prime.h | 2 +- crypto/conf/conf_def.h | 2 +- crypto/objects/obj_dat.h | 2 +- crypto/objects/obj_xref.h | 2 +- include/openssl/obj_mac.h | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h index f15d72d736..cac354c6bf 100644 --- a/crypto/asn1/charmap.h +++ b/crypto/asn1/charmap.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/asn1/charmap.pl * - * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h index 2eb7b52f76..ba48244534 100644 --- a/crypto/bn/bn_prime.h +++ b/crypto/bn/bn_prime.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/bn/bn_prime.pl * - * Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h index 2016d31b89..2ced300e40 100644 --- a/crypto/conf/conf_def.h +++ b/crypto/conf/conf_def.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/conf/keysets.pl * - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 3cb0de78e8..d1b1bc7faf 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index 9144d569dc..1ca04bbff1 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by objxref.pl * - * Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index ac2ac325da..483fc0509e 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at From builds at travis-ci.org Thu Jan 2 15:26:18 2020 From: builds at travis-ci.org (Travis CI) Date: Thu, 02 Jan 2020 15:26:18 +0000 Subject: Fixed: openssl/openssl#30966 (master - e7b834b) In-Reply-To: Message-ID: <5e0e0b9a2e560_43fcae5c0a1d04021ac@7ab50699-4e9a-41d0-b21c-c22d63a44b74.mail> Build Update for openssl/openssl ------------------------------------- Build: #30966 Status: Fixed Duration: 41 mins and 40 secs Commit: e7b834b (master) Author: Matt Caswell Message: Run make update The New Year has caused various files to appear out of date to "make update". This causes Travis to fail. Therefore we update those file. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10738) View the changeset: https://github.com/openssl/openssl/compare/2de5a5fbdd14...e7b834b6bb0a View the full build log and details: https://travis-ci.org/openssl/openssl/builds/631895120?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.org Thu Jan 2 15:26:54 2020 From: builds at travis-ci.org (Travis CI) Date: Thu, 02 Jan 2020 15:26:54 +0000 Subject: Fixed: openssl/openssl#30967 (OpenSSL_1_1_1-stable - 2c52a36) In-Reply-To: Message-ID: <5e0e0bbd38923_43fcae83bdd1c4025c6@7ab50699-4e9a-41d0-b21c-c22d63a44b74.mail> Build Update for openssl/openssl ------------------------------------- Build: #30967 Status: Fixed Duration: 27 mins and 58 secs Commit: 2c52a36 (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Run make update The New Year has caused various files to appear out of date to "make update". This causes Travis to fail. Therefore we update those files. Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10739) View the changeset: https://github.com/openssl/openssl/compare/10e166abd477...2c52a3640034 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/631896849?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Jan 2 16:08:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 02 Jan 2020 16:08:51 +0000 Subject: Build failed: openssl master.30394 Message-ID: <20200102160851.1.189B18C46670AD3F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Jan 2 17:14:05 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 02 Jan 2020 17:14:05 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.30395 Message-ID: <20200102171405.1.1E0FED94EDF5A892@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Jan 2 20:57:01 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 02 Jan 2020 20:57:01 +0000 Subject: Build failed: openssl master.30405 Message-ID: <20200102205701.1.C0F9E7C1B2AB8526@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Jan 2 21:28:59 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 02 Jan 2020 21:28:59 +0000 Subject: Build completed: openssl master.30406 Message-ID: <20200102212859.1.B53999D848A4DE4C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 02:55:56 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 02:55:56 +0000 Subject: Build failed: openssl master.30411 Message-ID: <20200103025556.1.CF581CB1E5B9E098@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 02:59:59 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 02:59:59 +0000 Subject: Build failed: openssl master.30412 Message-ID: <20200103025959.1.ECBC7B8C3E20970C@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Fri Jan 3 04:42:41 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Fri, 03 Jan 2020 04:42:41 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5e0ec64123f80_82b2ac5a47a0f5036692@appnode-2.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2lW0-2BZw7MZMuFrG0u27bOOxjy4p8-2F84zVh7dDZIZNmMsRKAX6NxkpAdv-2BDwIY-2FvlUX-2FkDt3qaNtfzW2FsKugnrtUYdN8FPN16BhlPQAKsnJcvvEMj-2Fb0c4tYaht8-2ByOH4JE66wyaq-2BVXPkmQLp8GqxY61EIKDPvbif6rmn-2Fj-2BuXx2h4n6K6oS9JMdL-2B5Ft-2FQGIOh64FWXD2sq0PHMNzo4k Build ID: 286891 Analysis Summary: New defects found: 0 Defects eliminated: 0 From scan-admin at coverity.com Fri Jan 3 04:50:59 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Fri, 03 Jan 2020 04:50:59 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5e0ec83376d7_d352ac5a47a0f50366c2@appnode-2.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3J5wHOOSZ1DcBteXfesTSRRIeCCSLawWB9rxvepL55PERjLGe70F-2FieH-2FFV3b-2FMArBv6knVLp-2BlVNGgveE-2BpwLh5BK6sxlpuMV0KLg23RSm0T-2F-2BO2qNbZW0r77KKReJ68Q2zBSZIUBD1IJrYDBLRQeBB4CUw-2BL5gDkB9cRMhsJFkt1aQEn10awW1GFbDDkDCv7RpH409ef6y-2FSyNs3LHNg Build ID: 286893 Analysis Summary: New defects found: 7 Defects eliminated: 7 If you have difficulty understanding any defects, email us at scan-admin at coverity.com, or post your question to StackOverflow at https://u2389337.ct.sendgrid.net/wf/click?upn=OgIsEqWzmIl4S-2FzEUMxLXL-2BukuZt9UUdRZhgmgzAKchwAzH1nH3073xDEXNRgHN6zzUI-2FRfbrE6mNOeeukHUQw-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3J5wHOOSZ1DcBteXfesTSRRIeCCSLawWB9rxvepL55PA2na29xjkpXrlOxM-2FwD6q8YaaQ2mR5CxVOdlTV7LhWHa6OmQpDYMo0N9cLCrcy6-2FVoFSXFZSTRPmn8SDZwGuFe0xTQsxTfSS66EpXCG492ZN31f6reSKieyWbEefOkUzYS4XPdZVP8-2FaZbPu3fiDBm7RIKSQxgKO77zoY8MTkEs From mark at openssl.org Fri Jan 3 10:06:30 2020 From: mark at openssl.org (Mark J. Cox) Date: Fri, 03 Jan 2020 10:06:30 +0000 Subject: [web] master update Message-ID: <1578045990.475369.13900.nullmailer@dev.openssl.org> The branch master has been updated via ba98fa477470b023d70a080fad35dd406b573f3f (commit) via edfd2b0b8980e340b13d288fc373c8ee9b909307 (commit) from 9d8e43e70514d403e27663b13d06963c5381603b (commit) - Log ----------------------------------------------------------------- commit ba98fa477470b023d70a080fad35dd406b573f3f Merge: 9d8e43e edfd2b0 Author: Mark J. Cox Date: Fri Jan 3 10:05:39 2020 +0000 Merge pull request #150 from iamamoose/eolstatements Update the vulnerability XML to also include some statements about EOL commit edfd2b0b8980e340b13d288fc373c8ee9b909307 Author: Mark J. Cox Date: Fri Jan 3 09:50:43 2020 +0000 Update the vulnerability XML to also include some statements about EOL versions that was we can make it clear on the vulnerability page when things are EOL ----------------------------------------------------------------------- Summary of changes: bin/mk-cvepage | 3 +++ news/vulnerabilities.xml | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/bin/mk-cvepage b/bin/mk-cvepage index 10654b6..83333ab 100755 --- a/bin/mk-cvepage +++ b/bin/mk-cvepage @@ -140,6 +140,9 @@ preface += "

Show issues fixed only in OpenSSL " + ", ".join(bases) if options.base: preface += ", or all versions" preface += "

Fixed in OpenSSL %s

" %(options.base) + for statement in dom.getElementsByTagName('statement'): + if (statement.getAttribute("base") in options.base): + preface += statement.firstChild.data.strip() preface += "

" if len(allyears)>1: # If only vulns in this year no need for the year table of contents preface += "

Jump to year: " + ", ".join( "%s" %(year,year) for year in allyears) diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml index de81fa1..0378674 100644 --- a/news/vulnerabilities.xml +++ b/news/vulnerabilities.xml @@ -7336,6 +7336,14 @@ default and not common. + OpenSSL 0.9.6 is out of support and no longer receiving updates. + OpenSSL 0.9.7 is out of support and no longer receiving updates. + OpenSSL 0.9.8 is out of support since 1st January 2016 and no longer receiving updates. + OpenSSL 1.0.0 is out of support since 1st January 2016 and no longer receiving updates. + OpenSSL 1.0.1 is out of support since 1st January 2017 and no longer receiving updates. + OpenSSL 1.0.2 is out of support since 1st January 2020 and is no longer receiving updates. Extended support is available from OpenSSL Software Services for premium support customers + OpenSSL 1.1.0 is out of support since 12th September 2019 and no longer receiving updates. + From no-reply at appveyor.com Fri Jan 3 10:22:00 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 10:22:00 +0000 Subject: Build completed: openssl master.30413 Message-ID: <20200103102200.1.22F5969725F03D1D@appveyor.com> An HTML attachment was scrubbed... URL: From mark at openssl.org Fri Jan 3 12:14:51 2020 From: mark at openssl.org (Mark J. Cox) Date: Fri, 03 Jan 2020 12:14:51 +0000 Subject: [web] master update Message-ID: <1578053691.788693.10032.nullmailer@dev.openssl.org> The branch master has been updated via 23af72984b104ab0407873cd01c885be9635cb81 (commit) via d357e46dce040f602bd150afa23c68d80a58abfa (commit) via 5ad619db6417b3405b9932e0d514112a60beb875 (commit) via 78cdcfd517424f1b95f8d8e195e5cbdd822a631e (commit) from ba98fa477470b023d70a080fad35dd406b573f3f (commit) - Log ----------------------------------------------------------------- commit 23af72984b104ab0407873cd01c885be9635cb81 Merge: d357e46 78cdcfd Author: Mark J. Cox Date: Fri Jan 3 12:13:39 2020 +0000 Merge pull request #148 from mattcaswell/remove-110-additional Remove an additional 1.1.0 reference commit d357e46dce040f602bd150afa23c68d80a58abfa Merge: ba98fa4 5ad619d Author: Mark J. Cox Date: Fri Jan 3 12:13:07 2020 +0000 Merge pull request #151 from iamamoose/eolstatements Allow a default statement if our page is not for a specific base version commit 5ad619db6417b3405b9932e0d514112a60beb875 Author: Mark J. Cox Date: Fri Jan 3 11:48:09 2020 +0000 Allow a default statement if our page is not for a specific base version also clean up the HTML we closed the p tag in the wrong place. Add a statement on all the versions out of support. commit 78cdcfd517424f1b95f8d8e195e5cbdd822a631e Author: Matt Caswell Date: Tue Dec 17 14:26:51 2019 +0000 Remove an additional 1.1.0 reference We previously removed references to 1.1.0 as a current release. There is one remaining spot that was missed, so we update that too. ----------------------------------------------------------------------- Summary of changes: bin/mk-cvepage | 11 ++++++----- inc/mansidebar.shtml | 1 - news/vulnerabilities.xml | 1 + 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/bin/mk-cvepage b/bin/mk-cvepage index 83333ab..abed8b4 100755 --- a/bin/mk-cvepage +++ b/bin/mk-cvepage @@ -138,12 +138,13 @@ for base in allyourbase(dom): bases.append( "%s" %(base,base)) preface += "

Show issues fixed only in OpenSSL " + ", ".join(bases) if options.base: - preface += ", or all versions" + preface += ", or all versions

" preface += "

Fixed in OpenSSL %s

" %(options.base) - for statement in dom.getElementsByTagName('statement'): - if (statement.getAttribute("base") in options.base): - preface += statement.firstChild.data.strip() -preface += "

" +else: + preface += "

" +for statement in dom.getElementsByTagName('statement'): + if (statement.getAttribute("base") in (options.base or "none")): + preface += "

"+statement.firstChild.data.strip()+"

" if len(allyears)>1: # If only vulns in this year no need for the year table of contents preface += "

Jump to year: " + ", ".join( "%s" %(year,year) for year in allyears) preface += "

" diff --git a/inc/mansidebar.shtml b/inc/mansidebar.shtml index c794b16..5ec8083 100644 --- a/inc/mansidebar.shtml +++ b/inc/mansidebar.shtml @@ -5,7 +5,6 @@ diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml index 0378674..60bfd33 100644 --- a/news/vulnerabilities.xml +++ b/news/vulnerabilities.xml @@ -7336,6 +7336,7 @@ default and not common. + Note: All OpenSSL versions before 1.1.1 are out of support and no longer receiving updates. Extended support is available for 1.0.2 from OpenSSL Software Services for premium support customers. OpenSSL 0.9.6 is out of support and no longer receiving updates. OpenSSL 0.9.7 is out of support and no longer receiving updates. OpenSSL 0.9.8 is out of support since 1st January 2016 and no longer receiving updates. From matt at openssl.org Fri Jan 3 14:19:24 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 03 Jan 2020 14:19:24 +0000 Subject: [web] master update Message-ID: <1578061164.944985.3821.nullmailer@dev.openssl.org> The branch master has been updated via f26e81f977a239116ab29fab62b4ed875d9099bc (commit) from 23af72984b104ab0407873cd01c885be9635cb81 (commit) - Log ----------------------------------------------------------------- commit f26e81f977a239116ab29fab62b4ed875d9099bc Author: Matt Caswell Date: Thu Nov 21 13:44:27 2019 +0000 Update policies for OTC changes Update other policies as necessary to reflect the bylaws changes that introduced the OTC concept. Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/web/pull/146) ----------------------------------------------------------------------- Summary of changes: policies/committers.html | 64 +++++++++++++++++++++++------------------------- policies/secpolicy.html | 5 ++-- policies/sidebar.shtml | 4 +-- 3 files changed, 34 insertions(+), 39 deletions(-) diff --git a/policies/committers.html b/policies/committers.html index 46e2b74..96f1018 100644 --- a/policies/committers.html +++ b/policies/committers.html @@ -10,7 +10,7 @@
-

Guidelines for OpenSSL Committers

+

Policy for OpenSSL Committers

@@ -24,8 +24,8 @@

How to become a committer?

Commit access is granted by the OpenSSL Management Committee - (OMC) (see the - OpenSSL bylaws). + (OMC) typically on the recommendation of the OpenSSL Technical Committee (OTC) + (see the OpenSSL Bylaws).

We welcome contributors who become domain experts in some part of the library (for example, low-level crypto) as well as @@ -45,42 +45,38 @@ Github issue tracker, and our mailing lists - find impactful ideas to work on. Seek feedback from multiple OMC - members to understand the project, and to support your - application. Let them know that you'd like to become a committer - - they'll nominate you when your code review record demonstrates - impact as well as understanding of the codebase and coding style - (usually after a few months of activity). The final decision to - grant commit access is taken by an OMC vote.

- -

How to maintain commit status?

-

To maintain commit status, you should stay active in the - project. As stated in the project bylaws, if you remain inactive - for several months, your commit access will be withdrawn - but - you are always welcome back, just ask an OMC member to - re-nominate you.

+ find impactful ideas to work on.

+ +

How to maintain committer status?

+

To maintain committer status, you must stay active in the + project. Refer to the OpenSSL Bylaws + for details.

In the unlikely and unfortunate event that your actions conflict with the project objectives or are otherwise - disruptive, commit access may also be revoked by vote of the - OMC.

+ disruptive, committer status may also be revoked by the OMC.

-

Code reviews

+

Approvals and code reviews

All submissions must be reviewed and approved by at least two - committers, one of whom must also be an OMC member. If the + committers, one of whom must also be an OTC member. If the author is also a committer then that counts as one of the reviews. In other words:

    -
  • OMC members need one approval from any committer
  • -
  • Committers need one approval from a committer within the - OMC
  • +
  • OTC members need one approval from any committer
  • +
  • Committers need one approval from an OTC member
  • Contributors without commit rights need two approvals, - including one from the OMC.
  • + including one from an OTC member.
-

This process may seem a little heavy, but OpenSSL is a large, - complicated codebase, and we think two reviews help prevent - security bugs, as well as disseminate knowledge to the growing - contributor base.

+

An OMC member may apply an OMC-hold to a submission. + An OTC member may apply an OTC-hold to a submission. + An OMC-hold may be cleared by being removed by the member + that put in place the hold or by a vote of the OMC. + An OTC-hold may be cleared by being removed by the member + that put in place the hold or by a vote of the OTC.

+ +

Approved submissions (outside of the automated release process and NEWS and + CHANGES file updates) shall only be applied after a 24-hour delay from the + approval (except for minor build and test breakage fix approvals).

Contributors without commit rights cannot formally approve patches but are nevertheless welcome to comment on submissions @@ -97,7 +93,7 @@ href="mailto:openssl-project at openssl.org">openssl-project at openssl.org (public, moderated). On GitHub, you can target the OMC members with @openssl/omc, - and committers with @openssl/committers.

+ OTC members with @openssl/otc, or committers with @openssl/committers.

Commit workflow

We do code reviews on GitHub. The @@ -116,12 +112,12 @@ a potential security issue, we ask that you report it to openssl-security at openssl.org and don't discuss it further in public. We review security - sensitive patches privately, off GitHub. We do not currently - have a way to open access to those reviews after the patches - have been released.

+ issues privately, however acceptance of a submission for a security issue + does not bypass the review process that applies to all submissions.

A note on CLAs

-

All authors, including committers, must have current CLAs on +

All authors, including committers, + must have current CLAs on file. A CLA is not required for trivial contributions (e.g. the fix of a spelling mistake). Refer to the CLA page for further details. diff --git a/policies/secpolicy.html b/policies/secpolicy.html index d54fcc6..67d91d1 100644 --- a/policies/secpolicy.html +++ b/policies/secpolicy.html @@ -27,10 +27,9 @@

Issue triage

- Notifications are received by a group of OpenSSL Management Committee - members. We engage resources within + Notifications are received by the OMC and OTC. We engage resources within OpenSSL to start the investigation and prioritisation. We may work in private - with individuals who are not on the OpenSSL Management Committee as + with individuals who are not on the OMC or OTC as well as other organisations and our employers where we believe this can help with the issue investigation, resolution, or diff --git a/policies/sidebar.shtml b/policies/sidebar.shtml index 389cc51..a7abcf5 100644 --- a/policies/sidebar.shtml +++ b/policies/sidebar.shtml @@ -22,10 +22,10 @@ Security Policy

  • - OMC (project) Bylaws + OpenSSL Bylaws
  • - Guidelines for Committers + Policy for Committers
  • Coding Style From matt at openssl.org Fri Jan 3 15:10:43 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 03 Jan 2020 15:10:43 +0000 Subject: [web] master update Message-ID: <1578064243.780039.27292.nullmailer@dev.openssl.org> The branch master has been updated via 76f3aa014bf5bf3cf533cf9a0b51951dbd64e8a5 (commit) from f26e81f977a239116ab29fab62b4ed875d9099bc (commit) - Log ----------------------------------------------------------------- commit 76f3aa014bf5bf3cf533cf9a0b51951dbd64e8a5 Author: Matt Caswell Date: Fri Jan 3 14:57:25 2020 +0000 Create an OTC page on the website Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/web/pull/152) ----------------------------------------------------------------------- Summary of changes: .gitignore | 1 + Makefile | 6 ++++-- community/index.html | 2 ++ community/otc.html | 42 ++++++++++++++++++++++++++++++++++++++++++ community/sidebar.shtml | 3 +++ 5 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 community/otc.html diff --git a/.gitignore b/.gitignore index b307d34..83f4641 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ blog sitemap.txt community/committers.inc community/omc-alumni.inc +community/otc.inc community/omc.inc docs/OpenSSL300Design.html docs/OpenSSLStrategicArchitecture.html diff --git a/Makefile b/Makefile index 82ffca8..98ddd9f 100644 --- a/Makefile +++ b/Makefile @@ -29,7 +29,7 @@ OLDMANSERIES=1.0.2 # All simple generated files. SIMPLE = newsflash.inc sitemap.txt \ community/committers.inc \ - community/omc.inc community/omc-alumni.inc \ + community/otc.inc community/omc.inc community/omc-alumni.inc \ docs/faq.inc docs/fips.inc \ docs/OpenSSLStrategicArchitecture.html \ docs/OpenSSL300Design.html \ @@ -153,7 +153,7 @@ docs/manpages.html: docs/manpages.html.tt ## ## $(SIMPLE) -- SIMPLE GENERATED FILES ## -.PHONY: sitemap community/committers.inc community/omc.inc community/omc-alumni.inc +.PHONY: sitemap community/committers.inc community/otc.inc community/omc.inc community/omc-alumni.inc newsflash.inc: news/newsflash.inc @rm -f $@ head -7 $? >$@ @@ -167,6 +167,8 @@ community/committers.inc: ./bin/mk-committers $@ @rm -f Members +community/otc.inc: + ./bin/mk-omc -n -t 'OTC Members' otc otc-inactive > $@ community/omc.inc: ./bin/mk-omc -n -e -l -p -t 'OMC Members' omc omc-inactive > $@ community/omc-alumni.inc: diff --git a/community/index.html b/community/index.html index e204c4b..72587ad 100644 --- a/community/index.html +++ b/community/index.html @@ -16,6 +16,8 @@ team of committers. The overall project is run by the OpenSSL Management Committee. + Technical decisions are made by the + OpenSSL Technical Committee. We operate under a set of project bylaws and ask everyone to follow our diff --git a/community/otc.html b/community/otc.html new file mode 100644 index 0000000..19f9f54 --- /dev/null +++ b/community/otc.html @@ -0,0 +1,42 @@ + + + + + + + +
    +
    +
    +
    +

    OpenSSL Technical Committee

    +
    +

    The + OpenSSL Technical Committee + represents the official technical voice of the project. All + OTC decisions are taken on the basis of a vote.

    +

    + The current OTC consists of (in alphabetical order): +

    + + + + Names with an (I) are currently inactive as defined in our + bylaws. + +
    + + +
    +
    + +
    +
    + + + diff --git a/community/sidebar.shtml b/community/sidebar.shtml index 22d5ca0..1f888d0 100644 --- a/community/sidebar.shtml +++ b/community/sidebar.shtml @@ -6,6 +6,9 @@
  • List of Committers
  • +
  • + OpenSSL Technical Committee +
  • OpenSSL Management Committee
  • From tmraz at fedoraproject.org Fri Jan 3 17:00:33 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Fri, 03 Jan 2020 17:00:33 +0000 Subject: [openssl] master update Message-ID: <1578070833.402042.11626.nullmailer@dev.openssl.org> The branch master has been updated via 1fdde9170cbe36c9cd7bf9dc712836f591f7d511 (commit) from e7b834b6bb0a32be694ebc8e614247c9af735c0f (commit) - Log ----------------------------------------------------------------- commit 1fdde9170cbe36c9cd7bf9dc712836f591f7d511 Author: Ibrahim M. Ghazal Date: Tue Dec 24 21:39:55 2019 +0300 Add -iter option to pkcs12 command Fixes #8194 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10130) ----------------------------------------------------------------------- Summary of changes: apps/pkcs12.c | 14 ++++++++++---- doc/man1/openssl-pkcs12.pod.in | 15 +++++++++------ 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 96e142ff81..5eff88b644 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -53,7 +53,7 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_CIPHER, OPT_NOKEYS, OPT_KEYEX, OPT_KEYSIG, OPT_NOCERTS, OPT_CLCERTS, OPT_CACERTS, OPT_NOOUT, OPT_INFO, OPT_CHAIN, OPT_TWOPASS, OPT_NOMACVER, - OPT_DESCERT, OPT_EXPORT, OPT_NOITER, OPT_MACITER, OPT_NOMACITER, + OPT_DESCERT, OPT_EXPORT, OPT_ITER, OPT_NOITER, OPT_MACITER, OPT_NOMACITER, OPT_NOMAC, OPT_LMK, OPT_NODES, OPT_MACALG, OPT_CERTPBE, OPT_KEYPBE, OPT_INKEY, OPT_CERTFILE, OPT_NAME, OPT_CSP, OPT_CANAME, OPT_IN, OPT_OUT, OPT_PASSIN, OPT_PASSOUT, OPT_PASSWORD, OPT_CAPATH, @@ -121,8 +121,9 @@ const OPTIONS pkcs12_options[] = { {"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"}, {"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"}, # endif - {"noiter", OPT_NOITER, '-', "Don't use encryption iteration"}, - {"maciter", OPT_MACITER, '-', "Use MAC iteration"}, + {"iter", OPT_ITER, 'p', "Specify the iteration count for encryption key and MAC"}, + {"noiter", OPT_NOITER, '-', "Don't use encryption key iteration"}, + {"maciter", OPT_MACITER, '-', "Unused, kept for backwards compatibility"}, {"nomaciter", OPT_NOMACITER, '-', "Don't use MAC iteration"}, {"nomac", OPT_NOMAC, '-', "Don't generate MAC"}, {"nodes", OPT_NODES, '-', "Don't encrypt private keys"}, @@ -214,11 +215,16 @@ int pkcs12_main(int argc, char **argv) if (!opt_cipher(opt_unknown(), &enc)) goto opthelp; break; + case OPT_ITER: + if (!opt_int(opt_arg(), &iter)) + goto opthelp; + maciter = iter; + break; case OPT_NOITER: iter = 1; break; case OPT_MACITER: - maciter = PKCS12_DEFAULT_ITER; + /* no-op */ break; case OPT_NOMACITER: maciter = 1; diff --git a/doc/man1/openssl-pkcs12.pod.in b/doc/man1/openssl-pkcs12.pod.in index 16eb0accec..86c9de4670 100644 --- a/doc/man1/openssl-pkcs12.pod.in +++ b/doc/man1/openssl-pkcs12.pod.in @@ -25,8 +25,9 @@ B B [B<-nokeys>] [B<-info>] [B<-des> B<-des3> B<-idea> B<-aes128> B<-aes192> B<-aes256> B<-aria128> B<-aria192> B<-aria256> B<-camellia128> B<-camellia192> B<-camellia256> B<-nodes>] -[B<-noiter>] -[B<-maciter> | B<-nomaciter> | B<-nomac>] +[B<-iter> I | B<-noiter> | B<-nomaciter>] +[B<-maciter>] +[B<-nomac>] [B<-twopass>] [B<-descert>] [B<-certpbe> I] @@ -233,17 +234,19 @@ the use of signing only keys for SSL client authentication. Specify the MAC digest algorithm. If not included them SHA1 will be used. -=item B<-nomaciter>, B<-noiter> +=item B<-iter> I -These options affect the iteration counts on the MAC and key algorithms. -Unless you wish to produce files compatible with MSIE 4.0 you should leave -these options alone. +This option specifies the iteration count for the encryption key and MAC. The +default value is 2048. To discourage attacks by using large dictionaries of common passwords the algorithm that derives keys from passwords can have an iteration count applied to it: this causes a certain part of the algorithm to be repeated and slows it down. The MAC is used to check the file integrity but since it will normally have the same password as the keys and certificates it could also be attacked. + +=item B<-nomaciter>, B<-noiter> + By default both MAC and encryption iteration counts are set to 2048, using these options the MAC and encryption iteration counts can be set to 1, since this reduces the file security you should not use these options unless you From no-reply at appveyor.com Fri Jan 3 17:59:08 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 17:59:08 +0000 Subject: Build failed: openssl master.30415 Message-ID: <20200103175908.1.B9C437C7031FA54A@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 19:00:48 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 19:00:48 +0000 Subject: Build completed: openssl master.30416 Message-ID: <20200103190048.1.B5B2AC674B16E37F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 19:05:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 19:05:18 +0000 Subject: Build failed: openssl master.30417 Message-ID: <20200103190518.1.4672BC94F1015836@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 19:54:22 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 19:54:22 +0000 Subject: Build failed: openssl master.30422 Message-ID: <20200103195422.1.57123656931C5309@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 20:24:43 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 20:24:43 +0000 Subject: Build completed: openssl master.30423 Message-ID: <20200103202443.1.714352D6A0CD1AE6@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 20:31:15 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 20:31:15 +0000 Subject: Build failed: openssl master.30424 Message-ID: <20200103203115.1.66F40C963204D164@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 21:00:43 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 21:00:43 +0000 Subject: Build completed: openssl master.30425 Message-ID: <20200103210043.1.E6F00CB69254E374@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 22:22:23 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 22:22:23 +0000 Subject: Build failed: openssl master.30428 Message-ID: <20200103222223.1.1DB7B390422B232E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Jan 3 23:52:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 03 Jan 2020 23:52:18 +0000 Subject: Build completed: openssl master.30429 Message-ID: <20200103235218.1.6ED50F1B7E18ACFD@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sat Jan 4 00:08:32 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sat, 04 Jan 2020 00:08:32 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5e0fd78042f17_1d2d2ac5a47a0f50366f1@appnode-2.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I1GDwgKL938MbArsezaSoQr0YOEIFmZEGZL2gjAEllyOugIMS7vnYEXxfuMZml0Y7WaBTkXCR6-2BA90x-2FU1bv5GaTvwp87RCcYDCRmoIi6v0TgsduL-2B6P2604jr-2BLoGOBeYp4Met1oLLC0NzA71ePAZLAJXRW5UaGzJ0uUsYoLQLfSU2mk7TJd9pt3NV5oMBRAM115wyLXlO4WTByixmxQOM Build ID: 287914 Analysis Summary: New defects found: 0 Defects eliminated: 0 From openssl at openssl.org Sat Jan 4 00:55:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 04 Jan 2020 00:55:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-trace Message-ID: <1578099313.991186.29341.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-54-generic #58-Ubuntu SMP Mon Jun 24 10:55:24 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-trace Commit log since last time: e7b834b6bb Run make update 2de5a5fbdd Update tls13_enc.c Build log ended with (last 100 lines): clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-cfb128.d.tmp -MT crypto/modes/libfips-lib-cfb128.o -c -o crypto/modes/libfips-lib-cfb128.o ../openssl/crypto/modes/cfb128.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-ctr128.d.tmp -MT crypto/modes/libfips-lib-ctr128.o -c -o crypto/modes/libfips-lib-ctr128.o ../openssl/crypto/modes/ctr128.c clang -Icrypto -I../openssl/crypto -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-gcm128.d.tmp -MT crypto/modes/libfips-lib-gcm128.o -c -o crypto/modes/libfips-lib-gcm128.o ../openssl/crypto/modes/gcm128.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/modes/libfips-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-ofb128.d.tmp -MT crypto/modes/libfips-lib-ofb128.o -c -o crypto/modes/libfips-lib-ofb128.o ../openssl/crypto/modes/ofb128.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-wrap128.d.tmp -MT crypto/modes/libfips-lib-wrap128.o -c -o crypto/modes/libfips-lib-wrap128.o ../openssl/crypto/modes/wrap128.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/modes/libfips-lib-xts128.d.tmp -MT crypto/modes/libfips-lib-xts128.o -c -o crypto/modes/libfips-lib-xts128.o ../openssl/crypto/modes/xts128.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-defn_cache.d.tmp -MT crypto/property/libfips-lib-defn_cache.o -c -o crypto/property/libfips-lib-defn_cache.o ../openssl/crypto/property/defn_cache.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-property.d.tmp -MT crypto/property/libfips-lib-property.o -c -o crypto/property/libfips-lib-property.o ../openssl/crypto/property/property.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-property_parse.d.tmp -MT crypto/property/libfips-lib-property_parse.o -c -o crypto/property/libfips-lib-property_parse.o ../openssl/crypto/property/property_parse.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/property/libfips-lib-property_string.d.tmp -MT crypto/property/libfips-lib-property_string.o -c -o crypto/property/libfips-lib-property_string.o ../openssl/crypto/property/property_string.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_ctr.d.tmp -MT crypto/rand/libfips-lib-drbg_ctr.o -c -o crypto/rand/libfips-lib-drbg_ctr.o ../openssl/crypto/rand/drbg_ctr.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_hash.d.tmp -MT crypto/rand/libfips-lib-drbg_hash.o -c -o crypto/rand/libfips-lib-drbg_hash.o ../openssl/crypto/rand/drbg_hash.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_hmac.d.tmp -MT crypto/rand/libfips-lib-drbg_hmac.o -c -o crypto/rand/libfips-lib-drbg_hmac.o ../openssl/crypto/rand/drbg_hmac.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-drbg_lib.d.tmp -MT crypto/rand/libfips-lib-drbg_lib.o -c -o crypto/rand/libfips-lib-drbg_lib.o ../openssl/crypto/rand/drbg_lib.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_crng_test.d.tmp -MT crypto/rand/libfips-lib-rand_crng_test.o -c -o crypto/rand/libfips-lib-rand_crng_test.o ../openssl/crypto/rand/rand_crng_test.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_lib.d.tmp -MT crypto/rand/libfips-lib-rand_lib.o -c -o crypto/rand/libfips-lib-rand_lib.o ../openssl/crypto/rand/rand_lib.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_unix.d.tmp -MT crypto/rand/libfips-lib-rand_unix.o -c -o crypto/rand/libfips-lib-rand_unix.o ../openssl/crypto/rand/rand_unix.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_vms.d.tmp -MT crypto/rand/libfips-lib-rand_vms.o -c -o crypto/rand/libfips-lib-rand_vms.o ../openssl/crypto/rand/rand_vms.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_vxworks.d.tmp -MT crypto/rand/libfips-lib-rand_vxworks.o -c -o crypto/rand/libfips-lib-rand_vxworks.o ../openssl/crypto/rand/rand_vxworks.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/rand/libfips-lib-rand_win.d.tmp -MT crypto/rand/libfips-lib-rand_win.o -c -o crypto/rand/libfips-lib-rand_win.o ../openssl/crypto/rand/rand_win.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha1dgst.d.tmp -MT crypto/sha/libfips-lib-sha1dgst.o -c -o crypto/sha/libfips-lib-sha1dgst.o ../openssl/crypto/sha/sha1dgst.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha256.d.tmp -MT crypto/sha/libfips-lib-sha256.o -c -o crypto/sha/libfips-lib-sha256.o ../openssl/crypto/sha/sha256.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha3.d.tmp -MT crypto/sha/libfips-lib-sha3.o -c -o crypto/sha/libfips-lib-sha3.o ../openssl/crypto/sha/sha3.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/sha/libfips-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/sha/libfips-lib-sha512.d.tmp -MT crypto/sha/libfips-lib-sha512.o -c -o crypto/sha/libfips-lib-sha512.o ../openssl/crypto/sha/sha512.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/stack/libfips-lib-stack.d.tmp -MT crypto/stack/libfips-lib-stack.o -c -o crypto/stack/libfips-lib-stack.o ../openssl/crypto/stack/stack.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/common/libfips-lib-provider_util.d.tmp -MT providers/common/libfips-lib-provider_util.o -c -o providers/common/libfips-lib-provider_util.o ../openssl/providers/common/provider_util.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/ciphers/libfips-lib-cipher_aes_xts_fips.d.tmp -MT providers/implementations/ciphers/libfips-lib-cipher_aes_xts_fips.o -c -o providers/implementations/ciphers/libfips-lib-cipher_aes_xts_fips.o ../openssl/providers/implementations/ciphers/cipher_aes_xts_fips.c clang -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DFIPS_MODE -DGHASH_ASM -DKECCAK1600_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/kdfs/libfips-lib-pbkdf2_fips.d.tmp -MT providers/implementations/kdfs/libfips-lib-pbkdf2_fips.o -c -o providers/implementations/kdfs/libfips-lib-pbkdf2_fips.o ../openssl/providers/implementations/kdfs/pbkdf2_fips.c ar r providers/libimplementations.a providers/implementations/ciphers/libimplementations-lib-cipher_aes.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ccm.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ccm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_gcm.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_gcm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ocb.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_ocb_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_siv.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_siv_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_wrp.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_xts.o providers/implementations/ciphers/libimplementations-lib-cipher_aes_xts_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aria.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_ccm.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_ccm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_gcm.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_gcm_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_aria_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_blowfish.o providers/implementations/ciphers/libimplementations-lib-cipher_blowfish_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_camellia.o providers/implementations/ciphers/libimplementations-lib-cipher_camellia_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_cast5.o providers/implementations/ciphers/libimplementations-lib-cipher_cast5_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20_poly1305.o providers/implementations/ciphers/libimplementations-lib-cipher_chacha20_poly1305_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_des.o providers/implementations/ciphers/libimplementations-lib-cipher_des_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_desx.o providers/implementations/ciphers/libimplementations-lib-cipher_desx_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_idea.o providers/implementations/ciphers/libimplementations-lib-cipher_idea_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_rc2.o providers/implementations/ciphers/libimplementations-lib-cipher_rc2_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4_hmac_md5.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4_hmac_md5_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_rc4_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_seed.o providers/implementations/ciphers/libimplementations-lib-cipher_seed_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_sm4.o providers/implementations/ciphers/libimplementations-lib-cipher_sm4_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_default.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_default_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_hw.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_wrap.o providers/implementations/ciphers/libimplementations-lib-cipher_tdes_wrap_hw.o providers/implementations/digests/libimplementations-lib-blake2_prov.o providers/implementations/digests/libimplementations-lib-blake2b_prov.o providers/implementations/digests/libimplementations-lib-blake2s_prov.o providers/implementations/digests/libimplementations-lib-md5_prov.o providers/implementations/digests/libimplementations-lib-md5_sha1_prov.o providers/implementations/digests/libimplementations-lib-sha2_prov.o providers/implementations/digests/libimplementations-lib-sha3_prov.o providers/implementations/digests/libimplementations-lib-sm3_prov.o providers/implementations/exchange/libimplementations-lib-dh_exch.o providers/implementations/kdfs/libimplementations-lib-hkdf.o providers/implementations/kdfs/libimplementations-lib-kbkdf.o providers/implementations/kdfs/libimplementations-lib-krb5kdf.o providers/implementations/kdfs/libimplementations-lib-pbkdf2.o providers/implementations/kdfs/libimplementations-lib-scrypt.o providers/implementations/kdfs/libimplementations-lib-sshkdf.o providers/implementations/kdfs/libimplementations-lib-sskdf.o providers/implementations/kdfs/libimplementations-lib-tls1_prf.o providers/implementations/kdfs/libimplementations-lib-x942kdf.o providers/implementations/keymgmt/libimplementations-lib-dh_kmgmt.o providers/implementations/keymgmt/libimplementations-lib-dsa_kmgmt.o providers/implementations/keymgmt/libimplementations-lib-rsa_kmgmt.o providers/implementations/macs/libimplementations-lib-blake2b_mac.o providers/implementations/macs/libimplementations-lib-blake2s_mac.o providers/implementations/macs/libimplementations-lib-cmac_prov.o providers/implementations/macs/libimplementations-lib-gmac_prov.o providers/implementations/macs/libimplementations-lib-hmac_prov.o providers/implementations/macs/libimplementations-lib-kmac_prov.o providers/implementations/macs/libimplementations-lib-poly1305_prov.o providers/implementations/macs/libimplementations-lib-siphash_prov.o providers/implementations/serializers/libimplementations-lib-serializer_common.o providers/implementations/serializers/libimplementations-lib-serializer_dh.o providers/implementations/serializers/libimplementations-lib-serializer_dh_param.o providers/implementations/serializers/libimplementations-lib-serializer_dh_priv.o providers/implementations/serializers/libimplementations-lib-serializer_dh_pub.o providers/implementations/serializers/libimplementations-lib-serializer_dsa.o providers/implementations/serializers/libimplementations-lib-serializer_dsa_param.o providers/implementations/serializers/libimplementations-lib-serializer_dsa_priv.o providers/implementations/serializers/libimplementations-lib-serializer_dsa_pub.o providers/implementations/serializers/libimplementations-lib-serializer_rsa.o providers/implementations/serializers/libimplementations-lib-serializer_rsa_priv.o providers/implementations/serializers/libimplementations-lib-serializer_rsa_pub.o providers/implementations/signature/libimplementations-lib-dsa.o ar: creating providers/libimplementations.a clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-md4_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-md4_prov.o -c -o providers/implementations/digests/liblegacy-lib-md4_prov.o ../openssl/providers/implementations/digests/md4_prov.c ranlib providers/libimplementations.a || echo Never mind. clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-mdc2_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-mdc2_prov.o -c -o providers/implementations/digests/liblegacy-lib-mdc2_prov.o ../openssl/providers/implementations/digests/mdc2_prov.c clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-ripemd_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-ripemd_prov.o -c -o providers/implementations/digests/liblegacy-lib-ripemd_prov.o ../openssl/providers/implementations/digests/ripemd_prov.c clang -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF providers/implementations/digests/liblegacy-lib-wp_prov.d.tmp -MT providers/implementations/digests/liblegacy-lib-wp_prov.o -c -o providers/implementations/digests/liblegacy-lib-wp_prov.o ../openssl/providers/implementations/digests/wp_prov.c ar r providers/libnonfips.a providers/common/libnonfips-lib-nid_to_name.o providers/common/libnonfips-lib-provider_util.o providers/implementations/ciphers/libnonfips-lib-cipher_aes_xts_fips.o providers/implementations/kdfs/libnonfips-lib-pbkdf2_fips.o ar: creating providers/libnonfips.a ranlib providers/libnonfips.a || echo Never mind. clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF apps/lib/libtestutil-lib-opt.d.tmp -MT apps/lib/libtestutil-lib-opt.o -c -o apps/lib/libtestutil-lib-opt.o ../openssl/apps/lib/opt.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-apps_mem.d.tmp -MT test/testutil/libtestutil-lib-apps_mem.o -c -o test/testutil/libtestutil-lib-apps_mem.o ../openssl/test/testutil/apps_mem.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-basic_output.d.tmp -MT test/testutil/libtestutil-lib-basic_output.o -c -o test/testutil/libtestutil-lib-basic_output.o ../openssl/test/testutil/basic_output.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-cb.d.tmp -MT test/testutil/libtestutil-lib-cb.o -c -o test/testutil/libtestutil-lib-cb.o ../openssl/test/testutil/cb.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-driver.d.tmp -MT test/testutil/libtestutil-lib-driver.o -c -o test/testutil/libtestutil-lib-driver.o ../openssl/test/testutil/driver.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-format_output.d.tmp -MT test/testutil/libtestutil-lib-format_output.o -c -o test/testutil/libtestutil-lib-format_output.o ../openssl/test/testutil/format_output.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-main.d.tmp -MT test/testutil/libtestutil-lib-main.o -c -o test/testutil/libtestutil-lib-main.o ../openssl/test/testutil/main.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-options.d.tmp -MT test/testutil/libtestutil-lib-options.o -c -o test/testutil/libtestutil-lib-options.o ../openssl/test/testutil/options.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-output_helpers.d.tmp -MT test/testutil/libtestutil-lib-output_helpers.o -c -o test/testutil/libtestutil-lib-output_helpers.o ../openssl/test/testutil/output_helpers.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-random.d.tmp -MT test/testutil/libtestutil-lib-random.o -c -o test/testutil/libtestutil-lib-random.o ../openssl/test/testutil/random.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-stanza.d.tmp -MT test/testutil/libtestutil-lib-stanza.o -c -o test/testutil/libtestutil-lib-stanza.o ../openssl/test/testutil/stanza.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-tap_bio.d.tmp -MT test/testutil/libtestutil-lib-tap_bio.o -c -o test/testutil/libtestutil-lib-tap_bio.o ../openssl/test/testutil/tap_bio.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-test_cleanup.d.tmp -MT test/testutil/libtestutil-lib-test_cleanup.o -c -o test/testutil/libtestutil-lib-test_cleanup.o ../openssl/test/testutil/test_cleanup.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-test_options.d.tmp -MT test/testutil/libtestutil-lib-test_options.o -c -o test/testutil/libtestutil-lib-test_options.o ../openssl/test/testutil/test_options.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-tests.d.tmp -MT test/testutil/libtestutil-lib-tests.o -c -o test/testutil/libtestutil-lib-tests.o ../openssl/test/testutil/tests.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF test/testutil/libtestutil-lib-testutil_init.d.tmp -MT test/testutil/libtestutil-lib-testutil_init.o -c -o test/testutil/libtestutil-lib-testutil_init.o ../openssl/test/testutil/testutil_init.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_cfb.d.tmp -MT crypto/aes/libcrypto-shlib-aes_cfb.o -c -o crypto/aes/libcrypto-shlib-aes_cfb.o ../openssl/crypto/aes/aes_cfb.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_ecb.d.tmp -MT crypto/aes/libcrypto-shlib-aes_ecb.o -c -o crypto/aes/libcrypto-shlib-aes_ecb.o ../openssl/crypto/aes/aes_ecb.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_ige.d.tmp -MT crypto/aes/libcrypto-shlib-aes_ige.o -c -o crypto/aes/libcrypto-shlib-aes_ige.o ../openssl/crypto/aes/aes_ige.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_misc.d.tmp -MT crypto/aes/libcrypto-shlib-aes_misc.o -c -o crypto/aes/libcrypto-shlib-aes_misc.o ../openssl/crypto/aes/aes_misc.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_ofb.d.tmp -MT crypto/aes/libcrypto-shlib-aes_ofb.o -c -o crypto/aes/libcrypto-shlib-aes_ofb.o ../openssl/crypto/aes/aes_ofb.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aes/libcrypto-shlib-aes_wrap.d.tmp -MT crypto/aes/libcrypto-shlib-aes_wrap.o -c -o crypto/aes/libcrypto-shlib-aes_wrap.o ../openssl/crypto/aes/aes_wrap.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -c -o crypto/aes/libcrypto-shlib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/aria/libcrypto-shlib-aria.d.tmp -MT crypto/aria/libcrypto-shlib-aria.o -c -o crypto/aria/libcrypto-shlib-aria.o ../openssl/crypto/aria/aria.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/asn1/libcrypto-shlib-a_bitstr.d.tmp -MT crypto/asn1/libcrypto-shlib-a_bitstr.o -c -o crypto/asn1/libcrypto-shlib-a_bitstr.o ../openssl/crypto/asn1/a_bitstr.c clang -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -Icrypto/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -I../openssl/crypto/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -MMD -MF crypto/asn1/libcrypto-shlib-a_d2i_fp.d.tmp -MT crypto/asn1/libcrypto-shlib-a_d2i_fp.o -c -o crypto/asn1/libcrypto-shlib-a_d2i_fp.o ../openssl/crypto/asn1/a_d2i_fp.c ../openssl/test/testutil/testutil_init.c:39:35: error: use of undeclared identifier 'PREFIX_CTRL_SET_PREFIX' BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX, ^ ../openssl/test/testutil/testutil_init.c:48:35: error: use of undeclared identifier 'PREFIX_CTRL_SET_PREFIX' BIO_ctrl(trace_data->bio, PREFIX_CTRL_SET_PREFIX, 0, NULL); ^ ../openssl/test/testutil/testutil_init.c:79:32: error: implicit declaration of function 'apps_bf_prefix' is invalid in C99 [-Werror,-Wimplicit-function-declaration] channel = BIO_push(BIO_new(apps_bf_prefix()), ^ ../openssl/test/testutil/testutil_init.c:79:32: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes] ../openssl/test/testutil/testutil_init.c:79:32: error: incompatible integer to pointer conversion passing 'int' to parameter of type 'const BIO_METHOD *' (aka 'const struct bio_method_st *') [-Werror,-Wint-conversion] channel = BIO_push(BIO_new(apps_bf_prefix()), ^~~~~~~~~~~~~~~~ ../openssl/include/openssl/bio.h:587:32: note: passing argument to parameter 'type' here BIO *BIO_new(const BIO_METHOD *type); ^ 5 errors generated. Makefile:20396: recipe for target 'test/testutil/libtestutil-lib-testutil_init.o' failed make[1]: *** [test/testutil/libtestutil-lib-testutil_init.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/enable-trace' Makefile:2782: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From scan-admin at coverity.com Sat Jan 4 08:19:37 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sat, 04 Jan 2020 08:19:37 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5e104a98a88bc_61022ac5a47a0f5036639@appnode-2.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I0830kI2ZZfH9Y2yLBkg-2B6AMh8HDFbCT2aiYqeZPe75Tb4oEInCOUT3yT2fmebFItif7HSob-2FQMMN-2FoMDMvVK2RmXLHr54ACIxmiJNwSysMj4uK9ibw7pPjnSJQk7oMDzAO7LA9mfbZ0ZMvP5xSU6g8-2Brc1vx0scMZlhk5B7Rsm-2FYUvMo1bXXW8Q-2FAGQrfX-2BzmI6vDPrK9Y5fJebLGGCZdp Build ID: 288253 Analysis Summary: New defects found: 0 Defects eliminated: 0 From no-reply at appveyor.com Sat Jan 4 16:03:31 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 04 Jan 2020 16:03:31 +0000 Subject: Build failed: openssl master.30439 Message-ID: <20200104160331.1.5A6632D6B6D9514A@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Jan 4 17:03:40 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 04 Jan 2020 17:03:40 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.30440 Message-ID: <20200104170340.1.CEF5A54BC8D510BA@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Jan 5 07:48:40 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 05 Jan 2020 07:48:40 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5e1194d85befd_36132ac5a47a0f50366a3@appnode-2.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEvyxzJHSwEoiXkZglM3WeHA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2cohvqbzwWIlzwnut2aEc-2BPyhznhsVsfq9yRDG48ldoWBHtU6hncVBuP01FPPgQu-2BF7pKk52CWkzlE-2FUVdAZv5xe3sIjLCh5tBsGO-2Bqq-2BHaOdcvSngdpgqlNJGe0ohogUgWOZhrUUVfCS1QmFTbXoevspdilVxjv9Da7B-2Fnv2z3oi6wV4EHHnEzR5xuQb76KOBi1Ysquxh6X-2FJZhrLCIlD Build ID: 288530 Analysis Summary: New defects found: 3 Defects eliminated: 1 If you have difficulty understanding any defects, email us at scan-admin at coverity.com, or post your question to StackOverflow at https://u2389337.ct.sendgrid.net/wf/click?upn=OgIsEqWzmIl4S-2FzEUMxLXL-2BukuZt9UUdRZhgmgzAKchwAzH1nH3073xDEXNRgHN6zzUI-2FRfbrE6mNOeeukHUQw-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2cohvqbzwWIlzwnut2aEc-2BPyhznhsVsfq9yRDG48ldobGYf1r4QUpJc8H8tEAnq4-2Fp6un-2FhszzL15aTiEOo53-2Fl5nNa-2BxB0FHtFh6EuDI-2Bq4THBDa9l-2BeLfrEsdwkgrrKlSbZo8H5QlnvxqMa3VMOsYMj1FPEwaculk-2FANSQML61sZA7oc7fyZR8owGB2vFL6A9Jx1ubLpB4zTAsiRqzsK From scan-admin at coverity.com Sun Jan 5 07:50:52 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 05 Jan 2020 07:50:52 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5e11955c61738_38992ac5a47a0f5036618@appnode-2.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEOo3rtGjiQZqYPGgcjfkiXQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3kV9FAkio52albxc-2BiZi74y9QHErTBCjcvOnuR37UFAbkDDlGmoA8vLXwH-2BHNRydt1bbUz5Yc9b2hH82duiCPRmWb4P4D23XEtLqwTOzvdqc-2BM01StHPXRO09IYcGxJCxwUjvtjrsut9AXzLM2CRQJfu0-2BrYBZT7xVgSN5mR3Fmy21nJJSrzlZ6KK85WRSMClqjl4DCmHwRMjQhZikyVov Build ID: 288531 Analysis Summary: New defects found: 0 Defects eliminated: 0 From pauli at openssl.org Sun Jan 5 08:06:28 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Sun, 05 Jan 2020 08:06:28 +0000 Subject: [openssl] master update Message-ID: <1578211588.997869.28944.nullmailer@dev.openssl.org> The branch master has been updated via 75e571b59298c868763508d60027e4e666dee1c1 (commit) via 86723c2a103c763bc918dd70ffb3dd44ba5b5add (commit) via 4c1e06fc400041a47c36c4d66b8bbda30219052f (commit) via ff19035e62a4839d632d0ac2c3b17983c9598cf9 (commit) from 1fdde9170cbe36c9cd7bf9dc712836f591f7d511 (commit) - Log ----------------------------------------------------------------- commit 75e571b59298c868763508d60027e4e666dee1c1 Author: Pauli Date: Fri Jan 3 19:28:37 2020 +1000 coverity 1456638: fix null check Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10748) commit 86723c2a103c763bc918dd70ffb3dd44ba5b5add Author: Pauli Date: Fri Jan 3 19:27:06 2020 +1000 coverity 1456639: fix NULL dereference Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10748) commit 4c1e06fc400041a47c36c4d66b8bbda30219052f Author: Pauli Date: Fri Jan 3 19:22:50 2020 +1000 coverity 1456640: fix null check Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10748) commit ff19035e62a4839d632d0ac2c3b17983c9598cf9 Author: Pauli Date: Fri Jan 3 19:19:47 2020 +1000 coverity 1456642: fix null check Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10748) ----------------------------------------------------------------------- Summary of changes: providers/implementations/serializers/serializer_dh_priv.c | 7 +++---- providers/implementations/serializers/serializer_dsa_priv.c | 7 +++---- providers/implementations/serializers/serializer_rsa_priv.c | 6 ++---- test/x509_time_test.c | 8 +++++--- 4 files changed, 13 insertions(+), 15 deletions(-) diff --git a/providers/implementations/serializers/serializer_dh_priv.c b/providers/implementations/serializers/serializer_dh_priv.c index 80d87ac738..a6427dc867 100644 --- a/providers/implementations/serializers/serializer_dh_priv.c +++ b/providers/implementations/serializers/serializer_dh_priv.c @@ -48,11 +48,10 @@ static void *dh_priv_newctx(void *provctx) if (ctx != NULL) { ctx->provctx = provctx; - } - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; + /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ + ctx->sc.pbe_nid = -1; + } return ctx; } diff --git a/providers/implementations/serializers/serializer_dsa_priv.c b/providers/implementations/serializers/serializer_dsa_priv.c index 603904369a..fc0a340ca2 100644 --- a/providers/implementations/serializers/serializer_dsa_priv.c +++ b/providers/implementations/serializers/serializer_dsa_priv.c @@ -48,11 +48,10 @@ static void *dsa_priv_newctx(void *provctx) if (ctx != NULL) { ctx->provctx = provctx; - } - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; + /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ + ctx->sc.pbe_nid = -1; + } return ctx; } diff --git a/providers/implementations/serializers/serializer_rsa_priv.c b/providers/implementations/serializers/serializer_rsa_priv.c index 05d9316ba1..3d16e43a4b 100644 --- a/providers/implementations/serializers/serializer_rsa_priv.c +++ b/providers/implementations/serializers/serializer_rsa_priv.c @@ -77,11 +77,9 @@ static void *rsa_priv_newctx(void *provctx) if (ctx != NULL) { ctx->provctx = provctx; + /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ + ctx->sc.pbe_nid = -1; } - - /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */ - ctx->sc.pbe_nid = -1; - return ctx; } diff --git a/test/x509_time_test.c b/test/x509_time_test.c index 8e813cb0f9..a9292dff0f 100644 --- a/test/x509_time_test.c +++ b/test/x509_time_test.c @@ -327,10 +327,11 @@ static int test_X509_cmp_timeframe(void) ASN1_TIME *asn1_before = ASN1_TIME_adj(NULL, now, -1, 0); ASN1_TIME *asn1_after = ASN1_TIME_adj(NULL, now, 1, 0); X509_VERIFY_PARAM *vpm = X509_VERIFY_PARAM_new(); - int res; + int res = 0; - res = vpm != NULL - && test_X509_cmp_timeframe_vpm(NULL, asn1_before, asn1_mid, asn1_after) + if (vpm == NULL) + goto finish; + res = test_X509_cmp_timeframe_vpm(NULL, asn1_before, asn1_mid, asn1_after) && test_X509_cmp_timeframe_vpm(vpm, asn1_before, asn1_mid, asn1_after); X509_VERIFY_PARAM_set_time(vpm, now); @@ -340,6 +341,7 @@ static int test_X509_cmp_timeframe(void) && test_X509_cmp_timeframe_vpm(vpm, asn1_before, asn1_mid, asn1_after); X509_VERIFY_PARAM_free(vpm); +finish: ASN1_TIME_free(asn1_mid); ASN1_TIME_free(asn1_before); ASN1_TIME_free(asn1_after); From no-reply at appveyor.com Sun Jan 5 09:13:00 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 09:13:00 +0000 Subject: Build failed: openssl master.30445 Message-ID: <20200105091300.1.5F4BB1515BDCA57C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Jan 5 10:11:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 10:11:53 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.30446 Message-ID: <20200105101153.1.E3EE7F1FD04735FD@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Jan 5 14:37:03 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 14:37:03 +0000 Subject: Build failed: openssl master.30447 Message-ID: <20200105143703.1.850CB38A1C62944C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Jan 5 16:29:11 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 16:29:11 +0000 Subject: Build failed: openssl master.30451 Message-ID: <20200105162911.1.C94F8A7D3B287A69@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Jan 5 17:30:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 17:30:18 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.30452 Message-ID: <20200105173018.1.B3ACB36245C2FFFB@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Jan 5 18:27:46 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 18:27:46 +0000 Subject: Build failed: openssl master.30463 Message-ID: <20200105182746.1.E36A19CAE8B85943@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Jan 5 21:04:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 05 Jan 2020 21:04:51 +0000 Subject: Build failed: openssl master.30474 Message-ID: <20200105210451.1.63AF1FF6EAD3E9B0@appveyor.com> An HTML attachment was scrubbed... URL: From shane.lontis at oracle.com Mon Jan 6 03:08:44 2020 From: shane.lontis at oracle.com (shane.lontis at oracle.com) Date: Mon, 06 Jan 2020 03:08:44 +0000 Subject: [openssl] master update Message-ID: <1578280124.235040.10445.nullmailer@dev.openssl.org> The branch master has been updated via 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f (commit) from 26583f6aa8dc28e3598e61db66e54e2fdf8b195f (commit) - Log ----------------------------------------------------------------- commit 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f Author: Shane Lontis Date: Mon Jan 6 13:02:16 2020 +1000 Add AES_CBC_HMAC_SHA ciphers to providers. Also Add ability for providers to dynamically exclude cipher algorithms. Cipher algorithms are only returned from providers if their capable() method is either NULL, or the method returns 1. This is mainly required for ciphers that only have hardware implementations. If there is no hardware support, then the algorithm needs to be not available. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10146) ----------------------------------------------------------------------- Summary of changes: crypto/aes/build.info | 2 - crypto/evp/evp_enc.c | 85 ++- doc/man7/provider-cipher.pod | 49 ++ include/crypto/aes_platform.h | 7 + include/openssl/core_names.h | 16 + providers/common/include/prov/provider_util.h | 12 + providers/common/include/prov/providercommon.h | 2 + providers/common/provider_util.c | 14 + providers/defltprov.c | 317 ++++---- providers/fips/fipsprov.c | 89 ++- providers/implementations/ciphers/build.info | 6 +- .../ciphers/cipher_aes_cbc_hmac_sha.c | 345 +++++++++ .../ciphers/cipher_aes_cbc_hmac_sha.h | 65 ++ .../ciphers/cipher_aes_cbc_hmac_sha1_hw.c | 782 +++++++++++++++++++ .../ciphers/cipher_aes_cbc_hmac_sha256_hw.c | 831 +++++++++++++++++++++ .../implementations/include/prov/implementations.h | 4 + test/sslapitest.c | 100 +++ 17 files changed, 2529 insertions(+), 197 deletions(-) create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c create mode 100644 providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c diff --git a/crypto/aes/build.info b/crypto/aes/build.info index 291bf2af9b..dc00df0cda 100644 --- a/crypto/aes/build.info +++ b/crypto/aes/build.info @@ -68,8 +68,6 @@ SOURCE[../../providers/libfips.a]=$COMMON DEFINE[../../libcrypto]=$AESDEF DEFINE[../../providers/libfips.a]=$AESDEF DEFINE[../../providers/libimplementations.a]=$AESDEF -# fipsprov.c needs access to AESNI. -DEFINE[../../providers/fips]=$AESDEF GENERATE[aes-ia64.s]=asm/aes-ia64.S diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 3896cff34d..c650addbd1 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -174,6 +174,10 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, case NID_aes_256_siv: case NID_aes_192_siv: case NID_aes_128_siv: + case NID_aes_256_cbc_hmac_sha256: + case NID_aes_128_cbc_hmac_sha256: + case NID_aes_256_cbc_hmac_sha1: + case NID_aes_128_cbc_hmac_sha1: case NID_id_aes256_wrap: case NID_id_aes256_wrap_pad: case NID_id_aes192_wrap: @@ -1086,7 +1090,9 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) int set_params = 1; size_t sz = arg; unsigned int i; - OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; + OSSL_PARAM params[4] = { + OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END + }; if (ctx == NULL || ctx->cipher == NULL) { EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); @@ -1154,13 +1160,8 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, ptr, sz); break; - case EVP_CTRL_AEAD_SET_MAC_KEY: - params[0] = - OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, - ptr, sz); - break; case EVP_CTRL_AEAD_TLS1_AAD: - /* This one does a set and a get - since it returns a padding size */ + /* This one does a set and a get - since it returns a size */ params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, ptr, sz); @@ -1180,6 +1181,76 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, &sz); break; #endif /* OPENSSL_NO_RC2 */ +#if !defined(OPENSSL_NO_MULTIBLOCK) + case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE: + params[0] = OSSL_PARAM_construct_size_t( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, &sz); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + if (ret <= 0) + return 0; + + params[0] = OSSL_PARAM_construct_size_t( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, &sz); + params[1] = OSSL_PARAM_construct_end(); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + if (ret <= 0) + return 0; + return sz; + case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: { + EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *p = + (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *)ptr; + + if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM)) + return 0; + + params[0] = OSSL_PARAM_construct_octet_string( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, (void*)p->inp, p->len); + params[1] = OSSL_PARAM_construct_uint( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + if (ret <= 0) + return ret; + /* Retrieve the return values changed by the set */ + params[0] = OSSL_PARAM_construct_size_t( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, &sz); + params[1] = OSSL_PARAM_construct_uint( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave); + params[2] = OSSL_PARAM_construct_end(); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + if (ret <= 0) + return 0; + return sz; + } + case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT: { + EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *p = + (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *)ptr; + + params[0] = OSSL_PARAM_construct_octet_string( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, p->out, p->len); + + params[1] = OSSL_PARAM_construct_octet_string( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, (void*)p->inp, + p->len); + params[2] = OSSL_PARAM_construct_uint( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + if (ret <= 0) + return ret; + params[0] = OSSL_PARAM_construct_size_t( + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, &sz); + params[1] = OSSL_PARAM_construct_end(); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + if (ret <= 0) + return 0; + return sz; + } +#endif /* OPENSSL_NO_MULTIBLOCK */ + case EVP_CTRL_AEAD_SET_MAC_KEY: + if (arg < 0) + return -1; + params[0] = OSSL_PARAM_construct_octet_string( + OSSL_CIPHER_PARAM_AEAD_MAC_KEY, ptr, sz); + break; } if (set_params) diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod index 5e64c0e196..7ad239bcb6 100644 --- a/doc/man7/provider-cipher.pod +++ b/doc/man7/provider-cipher.pod @@ -349,6 +349,55 @@ by AES SIV ciphers which disallow multiple operations by default. Setting "speed" to 1 allows another encrypt or decrypt operation to be performed. This is used for performance testing. +=item "tls1multi_enc" (B) + +Triggers a multiblock tls1 encrypt operation for a tls1 aware cipher that supports +sending 4 or 8 records in one go. +The cipher performs both the MAC and encrypt stages and constructs the record +headers itself. +"tls1multi_enc" supplies the output buffer for the encrypt operation, +"tls1multi_encin" & "tls1multi_interleave" must also be set in order to supply +values to the encrypt operation. + +=item "tls1multi_enclen" (B) + +Get the total length of the record returned from the "tls1multi_enc" operation. + +=item "tls1multi_interleave" (B) + +Sets or gets the number of records being sent in one go for a tls1 multiblock +cipher operation (either 4 or 8 records). + +=item "tls1multi_encin" (B) + +Supplies the data to encrypt for a tls1 multiblock cipher operation. + +=item "tls1multi_maxsndfrag" (B) + +Sets the maximum send fragment size for a tls1 multiblock cipher operation. +It must be set before using "tls1multi_maxbufsz". +The length of the "tls1multi_maxsndfrag" parameter should not exceed that of a B. + +=item "tls1multi_maxbufsz" (B) + +Gets the maximum record length for a tls1 multiblock cipher operation. +The length of the "tls1multi_maxbufsz" parameter should not exceed that of a B. + +=item "tls1multi_aad" (B) + +Sets the authenticated additional data used by a tls1 multiblock cipher operation. +The supplied data consists of 13 bytes of record data containing: +Bytes 0-7: The sequence number of the first record +Byte 8: The record type +Byte 9-10: The protocol version +Byte 11-12: Input length (Always 0) + +"tls1multi_interleave" must also be set for this operation. + +=item "tls1multi_aadpacklen" (B) + +Gets the result of running the "tls1multi_aad" operation. + =back =head1 RETURN VALUES diff --git a/include/crypto/aes_platform.h b/include/crypto/aes_platform.h index 483a1949ee..b478520cf8 100644 --- a/include/crypto/aes_platform.h +++ b/include/crypto/aes_platform.h @@ -121,6 +121,13 @@ void gcm_ghash_v8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len); # endif # endif /* OPENSSL_CPUID_OBJ */ +# if defined(AES_ASM) && ( \ + defined(__x86_64) || defined(__x86_64__) || \ + defined(_M_AMD64) || defined(_M_X64) ) +# define AES_CBC_HMAC_SHA_CAPABLE 1 +# define AESNI_CBC_HMAC_SHA_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32))) +# endif + # if defined(AES_ASM) && !defined(I386_ONLY) && ( \ ((defined(__i386) || defined(__i386__) || \ defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \ diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index e441ddf6c8..446af5fa8e 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -73,6 +73,22 @@ extern "C" { /* For passing the AlgorithmIdentifier parameter in DER form */ #define OSSL_CIPHER_PARAM_ALG_ID "alg_id_param" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT \ + "tls1multi_maxsndfrag" /* uint */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE \ + "tls1multi_maxbufsz" /* size_t */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE \ + "tls1multi_interleave" /* uint */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD \ + "tls1multi_aad" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN \ + "tls1multi_aadpacklen" /* uint */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC \ + "tls1multi_enc" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN \ + "tls1multi_encin" /* octet_string */ +#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN \ + "tls1multi_enclen" /* size_t */ /* digest parameters */ #define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */ diff --git a/providers/common/include/prov/provider_util.h b/providers/common/include/prov/provider_util.h index 9925ac2b09..ca3550b3f7 100644 --- a/providers/common/include/prov/provider_util.h +++ b/providers/common/include/prov/provider_util.h @@ -101,3 +101,15 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx, const char *ciphername, const char *mdname, OPENSSL_CTX *ctx); + +typedef struct ag_capable_st { + OSSL_ALGORITHM alg; + int (*capable)(void); +} OSSL_ALGORITHM_CAPABLE; + +/* + * Dynamically select algorithms by calling a capable() method. + * If this method is NULL or the method returns 1 then the algorithm is added. + */ +void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE *in, + OSSL_ALGORITHM *out); diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index 569c08c0b1..995c685292 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -13,3 +13,5 @@ const OSSL_PROVIDER *FIPS_get_provider(OPENSSL_CTX *ctx); const char *ossl_prov_util_nid_to_name(int nid); +int cipher_capable_aes_cbc_hmac_sha1(void); +int cipher_capable_aes_cbc_hmac_sha256(void); diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index ef4396f432..504463df19 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -237,3 +237,17 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx, *macctx = NULL; return 0; } + +void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE *in, + OSSL_ALGORITHM *out) +{ + int i, j; + + if (out[0].algorithm_names == NULL) { + for (i = j = 0; in[i].alg.algorithm_names != NULL; ++i) { + if (in[i].capable == NULL || in[i].capable()) + out[j++] = in[i].alg; + } + out[j++] = in[i].alg; + } +} diff --git a/providers/defltprov.c b/providers/defltprov.c index 51cd2b9794..5c11b4a910 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -15,7 +15,13 @@ #include #include #include "prov/bio.h" +#include "prov/providercommon.h" #include "prov/implementations.h" +#include "prov/provider_util.h" +#include "internal/nelem.h" + +#define ALGC(NAMES, FUNC, CHECK) { { NAMES, "default=yes", FUNC }, CHECK } +#define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL) /* Functions provided by the core */ static OSSL_core_gettable_params_fn *c_gettable_params = NULL; @@ -131,190 +137,196 @@ static const OSSL_ALGORITHM deflt_digests[] = { { NULL, NULL, NULL } }; -static const OSSL_ALGORITHM deflt_ciphers[] = { - { "AES-256-ECB", "default=yes", aes256ecb_functions }, - { "AES-192-ECB", "default=yes", aes192ecb_functions }, - { "AES-128-ECB", "default=yes", aes128ecb_functions }, - { "AES-256-CBC", "default=yes", aes256cbc_functions }, - { "AES-192-CBC", "default=yes", aes192cbc_functions }, - { "AES-128-CBC", "default=yes", aes128cbc_functions }, - { "AES-256-OFB", "default=yes", aes256ofb_functions }, - { "AES-192-OFB", "default=yes", aes192ofb_functions }, - { "AES-128-OFB", "default=yes", aes128ofb_functions }, - { "AES-256-CFB", "default=yes", aes256cfb_functions }, - { "AES-192-CFB", "default=yes", aes192cfb_functions }, - { "AES-128-CFB", "default=yes", aes128cfb_functions }, - { "AES-256-CFB1", "default=yes", aes256cfb1_functions }, - { "AES-192-CFB1", "default=yes", aes192cfb1_functions }, - { "AES-128-CFB1", "default=yes", aes128cfb1_functions }, - { "AES-256-CFB8", "default=yes", aes256cfb8_functions }, - { "AES-192-CFB8", "default=yes", aes192cfb8_functions }, - { "AES-128-CFB8", "default=yes", aes128cfb8_functions }, - { "AES-256-CTR", "default=yes", aes256ctr_functions }, - { "AES-192-CTR", "default=yes", aes192ctr_functions }, - { "AES-128-CTR", "default=yes", aes128ctr_functions }, - { "AES-256-XTS", "default=yes", aes256xts_functions }, - { "AES-128-XTS", "default=yes", aes128xts_functions }, +static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = { + ALG("AES-256-ECB", aes256ecb_functions), + ALG("AES-192-ECB", aes192ecb_functions), + ALG("AES-128-ECB", aes128ecb_functions), + ALG("AES-256-CBC", aes256cbc_functions), + ALG("AES-192-CBC", aes192cbc_functions), + ALG("AES-128-CBC", aes128cbc_functions), + ALG("AES-256-OFB", aes256ofb_functions), + ALG("AES-192-OFB", aes192ofb_functions), + ALG("AES-128-OFB", aes128ofb_functions), + ALG("AES-256-CFB", aes256cfb_functions), + ALG("AES-192-CFB", aes192cfb_functions), + ALG("AES-128-CFB", aes128cfb_functions), + ALG("AES-256-CFB1", aes256cfb1_functions), + ALG("AES-192-CFB1", aes192cfb1_functions), + ALG("AES-128-CFB1", aes128cfb1_functions), + ALG("AES-256-CFB8", aes256cfb8_functions), + ALG("AES-192-CFB8", aes192cfb8_functions), + ALG("AES-128-CFB8", aes128cfb8_functions), + ALG("AES-256-CTR", aes256ctr_functions), + ALG("AES-192-CTR", aes192ctr_functions), + ALG("AES-128-CTR", aes128ctr_functions), + ALG("AES-256-XTS", aes256xts_functions), + ALG("AES-128-XTS", aes128xts_functions), #ifndef OPENSSL_NO_OCB - { "AES-256-OCB", "default=yes", aes256ocb_functions }, - { "AES-192-OCB", "default=yes", aes192ocb_functions }, - { "AES-128-OCB", "default=yes", aes128ocb_functions }, + ALG("AES-256-OCB", aes256ocb_functions), + ALG("AES-192-OCB", aes192ocb_functions), + ALG("AES-128-OCB", aes128ocb_functions), #endif /* OPENSSL_NO_OCB */ #ifndef OPENSSL_NO_SIV - { "AES-128-SIV", "default=yes", aes128siv_functions }, - { "AES-192-SIV", "default=yes", aes192siv_functions }, - { "AES-256-SIV", "default=yes", aes256siv_functions }, + ALG("AES-128-SIV", aes128siv_functions), + ALG("AES-192-SIV", aes192siv_functions), + ALG("AES-256-SIV", aes256siv_functions), #endif /* OPENSSL_NO_SIV */ - { "AES-256-GCM:id-aes256-GCM", "default=yes", aes256gcm_functions }, - { "AES-192-GCM:id-aes192-GCM", "default=yes", aes192gcm_functions }, - { "AES-128-GCM:id-aes128-GCM", "default=yes", aes128gcm_functions }, - { "AES-256-CCM:id-aes256-CCM", "default=yes", aes256ccm_functions }, - { "AES-192-CCM:id-aes192-CCM", "default=yes", aes192ccm_functions }, - { "AES-128-CCM:id-aes128-CCM", "default=yes", aes128ccm_functions }, - { "AES-256-WRAP:id-aes256-wrap:AES256-WRAP", "default=yes", - aes256wrap_functions }, - { "AES-192-WRAP:id-aes192-wrap:AES192-WRAP", "default=yes", - aes192wrap_functions }, - { "AES-128-WRAP:id-aes128-wrap:AES128-WRAP", "default=yes", - aes128wrap_functions }, - { "AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD", "default=yes", - aes256wrappad_functions }, - { "AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD", "default=yes", - aes192wrappad_functions }, - { "AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", "default=yes", - aes128wrappad_functions }, + ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions), + ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions), + ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions), + ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions), + ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions), + ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions), + ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions), + ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions), + ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions), + ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD", + aes256wrappad_functions), + ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD", + aes192wrappad_functions), + ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", + aes128wrappad_functions), + ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions, + cipher_capable_aes_cbc_hmac_sha1), + ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions, + cipher_capable_aes_cbc_hmac_sha1), + ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions, + cipher_capable_aes_cbc_hmac_sha256), + ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions, + cipher_capable_aes_cbc_hmac_sha256), #ifndef OPENSSL_NO_ARIA - { "ARIA-256-GCM", "default=yes", aria256gcm_functions }, - { "ARIA-192-GCM", "default=yes", aria192gcm_functions }, - { "ARIA-128-GCM", "default=yes", aria128gcm_functions }, - { "ARIA-256-CCM", "default=yes", aria256ccm_functions }, - { "ARIA-192-CCM", "default=yes", aria192ccm_functions }, - { "ARIA-128-CCM", "default=yes", aria128ccm_functions }, - { "ARIA-256-ECB", "default=yes", aria256ecb_functions }, - { "ARIA-192-ECB", "default=yes", aria192ecb_functions }, - { "ARIA-128-ECB", "default=yes", aria128ecb_functions }, - { "ARIA-256-CBC:ARIA256", "default=yes", aria256cbc_functions }, - { "ARIA-192-CBC:ARIA192", "default=yes", aria192cbc_functions }, - { "ARIA-128-CBC:ARIA128", "default=yes", aria128cbc_functions }, - { "ARIA-256-OFB", "default=yes", aria256ofb_functions }, - { "ARIA-192-OFB", "default=yes", aria192ofb_functions }, - { "ARIA-128-OFB", "default=yes", aria128ofb_functions }, - { "ARIA-256-CFB", "default=yes", aria256cfb_functions }, - { "ARIA-192-CFB", "default=yes", aria192cfb_functions }, - { "ARIA-128-CFB", "default=yes", aria128cfb_functions }, - { "ARIA-256-CFB1", "default=yes", aria256cfb1_functions }, - { "ARIA-192-CFB1", "default=yes", aria192cfb1_functions }, - { "ARIA-128-CFB1", "default=yes", aria128cfb1_functions }, - { "ARIA-256-CFB8", "default=yes", aria256cfb8_functions }, - { "ARIA-192-CFB8", "default=yes", aria192cfb8_functions }, - { "ARIA-128-CFB8", "default=yes", aria128cfb8_functions }, - { "ARIA-256-CTR", "default=yes", aria256ctr_functions }, - { "ARIA-192-CTR", "default=yes", aria192ctr_functions }, - { "ARIA-128-CTR", "default=yes", aria128ctr_functions }, + ALG("ARIA-256-GCM", aria256gcm_functions), + ALG("ARIA-192-GCM", aria192gcm_functions), + ALG("ARIA-128-GCM", aria128gcm_functions), + ALG("ARIA-256-CCM", aria256ccm_functions), + ALG("ARIA-192-CCM", aria192ccm_functions), + ALG("ARIA-128-CCM", aria128ccm_functions), + ALG("ARIA-256-ECB", aria256ecb_functions), + ALG("ARIA-192-ECB", aria192ecb_functions), + ALG("ARIA-128-ECB", aria128ecb_functions), + ALG("ARIA-256-CBC:ARIA256", aria256cbc_functions), + ALG("ARIA-192-CBC:ARIA192", aria192cbc_functions), + ALG("ARIA-128-CBC:ARIA128", aria128cbc_functions), + ALG("ARIA-256-OFB", aria256ofb_functions), + ALG("ARIA-192-OFB", aria192ofb_functions), + ALG("ARIA-128-OFB", aria128ofb_functions), + ALG("ARIA-256-CFB", aria256cfb_functions), + ALG("ARIA-192-CFB", aria192cfb_functions), + ALG("ARIA-128-CFB", aria128cfb_functions), + ALG("ARIA-256-CFB1", aria256cfb1_functions), + ALG("ARIA-192-CFB1", aria192cfb1_functions), + ALG("ARIA-128-CFB1", aria128cfb1_functions), + ALG("ARIA-256-CFB8", aria256cfb8_functions), + ALG("ARIA-192-CFB8", aria192cfb8_functions), + ALG("ARIA-128-CFB8", aria128cfb8_functions), + ALG("ARIA-256-CTR", aria256ctr_functions), + ALG("ARIA-192-CTR", aria192ctr_functions), + ALG("ARIA-128-CTR", aria128ctr_functions), #endif /* OPENSSL_NO_ARIA */ #ifndef OPENSSL_NO_CAMELLIA - { "CAMELLIA-256-ECB", "default=yes", camellia256ecb_functions }, - { "CAMELLIA-192-ECB", "default=yes", camellia192ecb_functions }, - { "CAMELLIA-128-ECB", "default=yes", camellia128ecb_functions }, - { "CAMELLIA-256-CBC:CAMELLIA256", "default=yes", camellia256cbc_functions }, - { "CAMELLIA-192-CBC:CAMELLIA192", "default=yes", camellia192cbc_functions }, - { "CAMELLIA-128-CBC:CAMELLIA128", "default=yes", camellia128cbc_functions }, - { "CAMELLIA-256-OFB", "default=yes", camellia256ofb_functions }, - { "CAMELLIA-192-OFB", "default=yes", camellia192ofb_functions }, - { "CAMELLIA-128-OFB", "default=yes", camellia128ofb_functions }, - { "CAMELLIA-256-CFB", "default=yes", camellia256cfb_functions }, - { "CAMELLIA-192-CFB", "default=yes", camellia192cfb_functions }, - { "CAMELLIA-128-CFB", "default=yes", camellia128cfb_functions }, - { "CAMELLIA-256-CFB1", "default=yes", camellia256cfb1_functions }, - { "CAMELLIA-192-CFB1", "default=yes", camellia192cfb1_functions }, - { "CAMELLIA-128-CFB1", "default=yes", camellia128cfb1_functions }, - { "CAMELLIA-256-CFB8", "default=yes", camellia256cfb8_functions }, - { "CAMELLIA-192-CFB8", "default=yes", camellia192cfb8_functions }, - { "CAMELLIA-128-CFB8", "default=yes", camellia128cfb8_functions }, - { "CAMELLIA-256-CTR", "default=yes", camellia256ctr_functions }, - { "CAMELLIA-192-CTR", "default=yes", camellia192ctr_functions }, - { "CAMELLIA-128-CTR", "default=yes", camellia128ctr_functions }, + ALG("CAMELLIA-256-ECB", camellia256ecb_functions), + ALG("CAMELLIA-192-ECB", camellia192ecb_functions), + ALG("CAMELLIA-128-ECB", camellia128ecb_functions), + ALG("CAMELLIA-256-CBC:CAMELLIA256", camellia256cbc_functions), + ALG("CAMELLIA-192-CBC:CAMELLIA192", camellia192cbc_functions), + ALG("CAMELLIA-128-CBC:CAMELLIA128", camellia128cbc_functions), + ALG("CAMELLIA-256-OFB", camellia256ofb_functions), + ALG("CAMELLIA-192-OFB", camellia192ofb_functions), + ALG("CAMELLIA-128-OFB", camellia128ofb_functions), + ALG("CAMELLIA-256-CFB", camellia256cfb_functions), + ALG("CAMELLIA-192-CFB", camellia192cfb_functions), + ALG("CAMELLIA-128-CFB", camellia128cfb_functions), + ALG("CAMELLIA-256-CFB1", camellia256cfb1_functions), + ALG("CAMELLIA-192-CFB1", camellia192cfb1_functions), + ALG("CAMELLIA-128-CFB1", camellia128cfb1_functions), + ALG("CAMELLIA-256-CFB8", camellia256cfb8_functions), + ALG("CAMELLIA-192-CFB8", camellia192cfb8_functions), + ALG("CAMELLIA-128-CFB8", camellia128cfb8_functions), + ALG("CAMELLIA-256-CTR", camellia256ctr_functions), + ALG("CAMELLIA-192-CTR", camellia192ctr_functions), + ALG("CAMELLIA-128-CTR", camellia128ctr_functions), #endif /* OPENSSL_NO_CAMELLIA */ #ifndef OPENSSL_NO_DES - { "DES-EDE3-ECB:DES-EDE3", "default=yes", tdes_ede3_ecb_functions }, - { "DES-EDE3-CBC:DES3", "default=yes", tdes_ede3_cbc_functions }, - { "DES-EDE3-OFB", "default=yes", tdes_ede3_ofb_functions }, - { "DES-EDE3-CFB", "default=yes", tdes_ede3_cfb_functions }, - { "DES-EDE3-CFB8", "default=yes", tdes_ede3_cfb8_functions }, - { "DES-EDE3-CFB1", "default=yes", tdes_ede3_cfb1_functions }, - { "DES-EDE-ECB:DES-EDE", "default=yes", tdes_ede2_ecb_functions }, - { "DES-EDE-CBC", "default=yes", tdes_ede2_cbc_functions }, - { "DES-EDE-OFB", "default=yes", tdes_ede2_ofb_functions }, - { "DES-EDE-CFB", "default=yes", tdes_ede2_cfb_functions }, - { "DESX-CBC:DESX", "default=yes", tdes_desx_cbc_functions }, - { "DES3-WRAP:id-smime-alg-CMS3DESwrap", "default=yes", tdes_wrap_cbc_functions }, - { "DES-ECB", "default=yes", des_ecb_functions }, - { "DES-CBC:DES", "default=yes", des_cbc_functions }, - { "DES-OFB", "default=yes", des_ofb64_functions }, - { "DES-CFB", "default=yes", des_cfb64_functions }, - { "DES-CFB1", "default=yes", des_cfb1_functions }, - { "DES-CFB8", "default=yes", des_cfb8_functions }, + ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions), + ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions), + ALG("DES-EDE3-OFB", tdes_ede3_ofb_functions), + ALG("DES-EDE3-CFB", tdes_ede3_cfb_functions), + ALG("DES-EDE3-CFB8", tdes_ede3_cfb8_functions), + ALG("DES-EDE3-CFB1", tdes_ede3_cfb1_functions), + ALG("DES-EDE-ECB:DES-EDE", tdes_ede2_ecb_functions), + ALG("DES-EDE-CBC", tdes_ede2_cbc_functions), + ALG("DES-EDE-OFB", tdes_ede2_ofb_functions), + ALG("DES-EDE-CFB", tdes_ede2_cfb_functions), + ALG("DESX-CBC:DESX", tdes_desx_cbc_functions), + ALG("DES3-WRAP:id-smime-alg-CMS3DESwrap", tdes_wrap_cbc_functions), + ALG("DES-ECB", des_ecb_functions), + ALG("DES-CBC:DES", des_cbc_functions), + ALG("DES-OFB", des_ofb64_functions), + ALG("DES-CFB", des_cfb64_functions), + ALG("DES-CFB1", des_cfb1_functions), + ALG("DES-CFB8", des_cfb8_functions), #endif /* OPENSSL_NO_DES */ #ifndef OPENSSL_NO_BF - { "BF-ECB", "default=yes", blowfish128ecb_functions }, - { "BF-CBC:BF:BLOWFISH", "default=yes", blowfish128cbc_functions }, - { "BF-OFB", "default=yes", blowfish64ofb64_functions }, - { "BF-CFB", "default=yes", blowfish64cfb64_functions }, + ALG("BF-ECB", blowfish128ecb_functions), + ALG("BF-CBC:BF:BLOWFISH", blowfish128cbc_functions), + ALG("BF-OFB", blowfish64ofb64_functions), + ALG("BF-CFB", blowfish64cfb64_functions), #endif /* OPENSSL_NO_BF */ #ifndef OPENSSL_NO_IDEA - { "IDEA-ECB", "default=yes", idea128ecb_functions }, - { "IDEA-CBC:IDEA", "default=yes", idea128cbc_functions }, - { "IDEA-OFB:IDEA-OFB64", "default=yes", idea128ofb64_functions }, - { "IDEA-CFB:IDEA-CFB64", "default=yes", idea128cfb64_functions }, + ALG("IDEA-ECB", idea128ecb_functions), + ALG("IDEA-CBC:IDEA", idea128cbc_functions), + ALG("IDEA-OFB:IDEA-OFB64", idea128ofb64_functions), + ALG("IDEA-CFB:IDEA-CFB64", idea128cfb64_functions), #endif /* OPENSSL_NO_IDEA */ #ifndef OPENSSL_NO_CAST - { "CAST5-ECB", "default=yes", cast5128ecb_functions }, - { "CAST5-CBC:CAST-CBC:CAST", "default=yes", cast5128cbc_functions }, - { "CAST5-OFB", "default=yes", cast564ofb64_functions }, - { "CAST5-CFB", "default=yes", cast564cfb64_functions }, + ALG("CAST5-ECB", cast5128ecb_functions), + ALG("CAST5-CBC:CAST-CBC:CAST", cast5128cbc_functions), + ALG("CAST5-OFB", cast564ofb64_functions), + ALG("CAST5-CFB", cast564cfb64_functions), #endif /* OPENSSL_NO_CAST */ #ifndef OPENSSL_NO_SEED - { "SEED-ECB", "default=yes", seed128ecb_functions }, - { "SEED-CBC:SEED", "default=yes", seed128cbc_functions }, - { "SEED-OFB:SEED-OFB128", "default=yes", seed128ofb128_functions }, - { "SEED-CFB:SEED-CFB128", "default=yes", seed128cfb128_functions }, + ALG("SEED-ECB", seed128ecb_functions), + ALG("SEED-CBC:SEED", seed128cbc_functions), + ALG("SEED-OFB:SEED-OFB128", seed128ofb128_functions), + ALG("SEED-CFB:SEED-CFB128", seed128cfb128_functions), #endif /* OPENSSL_NO_SEED */ #ifndef OPENSSL_NO_SM4 - { "SM4-ECB", "default=yes", sm4128ecb_functions }, - { "SM4-CBC:SM4", "default=yes", sm4128cbc_functions }, - { "SM4-CTR", "default=yes", sm4128ctr_functions }, - { "SM4-OFB:SM4-OFB128", "default=yes", sm4128ofb128_functions }, - { "SM4-CFB:SM4-CFB128", "default=yes", sm4128cfb128_functions }, + ALG("SM4-ECB", sm4128ecb_functions), + ALG("SM4-CBC:SM4", sm4128cbc_functions), + ALG("SM4-CTR", sm4128ctr_functions), + ALG("SM4-OFB:SM4-OFB128", sm4128ofb128_functions), + ALG("SM4-CFB:SM4-CFB128", sm4128cfb128_functions), #endif /* OPENSSL_NO_SM4 */ #ifndef OPENSSL_NO_RC4 - { "RC4", "default=yes", rc4128_functions }, - { "RC4-40", "default=yes", rc440_functions }, + ALG("RC4", rc4128_functions), + ALG("RC4-40", rc440_functions), # ifndef OPENSSL_NO_MD5 - { "RC4-HMAC-MD5", "default=yes", rc4_hmac_md5_functions }, + ALG("RC4-HMAC-MD5", rc4_hmac_md5_functions), # endif /* OPENSSL_NO_MD5 */ #endif /* OPENSSL_NO_RC4 */ #ifndef OPENSSL_NO_RC5 - { "RC5-ECB", "default=yes", rc5128ecb_functions }, - { "RC5-CBC", "default=yes", rc5128cbc_functions }, - { "RC5-OFB", "default=yes", rc5128ofb64_functions }, - { "RC5-CFB", "default=yes", rc5128cfb64_functions }, + ALG("RC5-ECB", rc5128ecb_functions), + ALG("RC5-CBC", rc5128cbc_functions), + ALG("RC5-OFB", rc5128ofb64_functions), + ALG("RC5-CFB", rc5128cfb64_functions), #endif /* OPENSSL_NO_RC5 */ #ifndef OPENSSL_NO_RC2 - { "RC2-ECB", "default=yes", rc2128ecb_functions }, - { "RC2-CBC", "default=yes", rc2128cbc_functions }, - { "RC2-40-CBC", "default=yes", rc240cbc_functions }, - { "RC2-64-CBC", "default=yes", rc264cbc_functions }, - { "RC2-CFB", "default=yes", rc2128cfb128_functions }, - { "RC2-OFB", "default=yes", rc2128ofb128_functions }, + ALG("RC2-ECB", rc2128ecb_functions), + ALG("RC2-CBC", rc2128cbc_functions), + ALG("RC2-40-CBC", rc240cbc_functions), + ALG("RC2-64-CBC", rc264cbc_functions), + ALG("RC2-CFB", rc2128cfb128_functions), + ALG("RC2-OFB", rc2128ofb128_functions), #endif /* OPENSSL_NO_RC2 */ #ifndef OPENSSL_NO_CHACHA - { "ChaCha20", "default=yes", chacha20_functions }, + ALG("ChaCha20", chacha20_functions), # ifndef OPENSSL_NO_POLY1305 - { "ChaCha20-Poly1305", "default=yes", chacha20_poly1305_functions }, + ALG("ChaCha20-Poly1305", chacha20_poly1305_functions), # endif /* OPENSSL_NO_POLY1305 */ #endif /* OPENSSL_NO_CHACHA */ - { NULL, NULL, NULL } + { { NULL, NULL, NULL }, NULL } }; +static OSSL_ALGORITHM exported_ciphers[OSSL_NELEM(deflt_ciphers)]; static const OSSL_ALGORITHM deflt_macs[] = { #ifndef OPENSSL_NO_BLAKE2 @@ -432,7 +444,8 @@ static const OSSL_ALGORITHM *deflt_query(OSSL_PROVIDER *prov, case OSSL_OP_DIGEST: return deflt_digests; case OSSL_OP_CIPHER: - return deflt_ciphers; + ossl_prov_cache_exported_algorithms(deflt_ciphers, exported_ciphers); + return exported_ciphers; case OSSL_OP_MAC: return deflt_macs; case OSSL_OP_KDF: diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 12c471f325..7afab78063 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -25,12 +25,17 @@ #include "internal/cryptlib.h" #include "internal/property.h" +#include "internal/nelem.h" #include "crypto/evp.h" #include "prov/implementations.h" #include "prov/provider_ctx.h" #include "prov/providercommon.h" +#include "prov/provider_util.h" #include "selftest.h" +#define ALGC(NAMES, FUNC, CHECK) { { NAMES, "fips=yes", FUNC }, CHECK } +#define ALG(NAMES, FUNC) ALGC(NAMES, FUNC, NULL) + extern OSSL_core_thread_start_fn *c_thread_start; /* @@ -300,6 +305,14 @@ const char *ossl_prov_util_nid_to_name(int nid) return "DES-EDE3"; case NID_des_ede3_cbc: return "DES-EDE3-CBC"; + case NID_aes_256_cbc_hmac_sha256: + return "AES-256-CBC-HMAC-SHA256"; + case NID_aes_128_cbc_hmac_sha256: + return "AES-128-CBC-HMAC-SHA256"; + case NID_aes_256_cbc_hmac_sha1: + return "AES-256-CBC-HMAC-SHA1"; + case NID_aes_128_cbc_hmac_sha1: + return "AES-128-CBC-HMAC-SHA1"; default: break; } @@ -358,43 +371,49 @@ static const OSSL_ALGORITHM fips_digests[] = { { NULL, NULL, NULL } }; -static const OSSL_ALGORITHM fips_ciphers[] = { +static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = { /* Our primary name[:ASN.1 OID name][:our older names] */ - { "AES-256-ECB", "fips=yes", aes256ecb_functions }, - { "AES-192-ECB", "fips=yes", aes192ecb_functions }, - { "AES-128-ECB", "fips=yes", aes128ecb_functions }, - { "AES-256-CBC", "fips=yes", aes256cbc_functions }, - { "AES-192-CBC", "fips=yes", aes192cbc_functions }, - { "AES-128-CBC", "fips=yes", aes128cbc_functions }, - { "AES-256-CTR", "fips=yes", aes256ctr_functions }, - { "AES-192-CTR", "fips=yes", aes192ctr_functions }, - { "AES-128-CTR", "fips=yes", aes128ctr_functions }, - { "AES-256-XTS", "fips=yes", aes256xts_functions }, - { "AES-128-XTS", "fips=yes", aes128xts_functions }, - { "AES-256-GCM:id-aes256-GCM", "fips=yes", aes256gcm_functions }, - { "AES-192-GCM:id-aes192-GCM", "fips=yes", aes192gcm_functions }, - { "AES-128-GCM:id-aes128-GCM", "fips=yes", aes128gcm_functions }, - { "AES-256-CCM:id-aes256-CCM", "fips=yes", aes256ccm_functions }, - { "AES-192-CCM:id-aes192-CCM", "fips=yes", aes192ccm_functions }, - { "AES-128-CCM:id-aes128-CCM", "fips=yes", aes128ccm_functions }, - { "AES-256-WRAP:id-aes256-wrap:AES256-WRAP", "fips=yes", - aes256wrap_functions }, - { "AES-192-WRAP:id-aes192-wrap:AES192-WRAP", "fips=yes", - aes192wrap_functions }, - { "AES-128-WRAP:id-aes128-wrap:AES128-WRAP", "fips=yes", - aes128wrap_functions }, - { "AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD", "fips=yes", - aes256wrappad_functions }, - { "AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD", "fips=yes", - aes192wrappad_functions }, - { "AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", "fips=yes", - aes128wrappad_functions }, + ALG("AES-256-ECB", aes256ecb_functions), + ALG("AES-192-ECB", aes192ecb_functions), + ALG("AES-128-ECB", aes128ecb_functions), + ALG("AES-256-CBC", aes256cbc_functions), + ALG("AES-192-CBC", aes192cbc_functions), + ALG("AES-128-CBC", aes128cbc_functions), + ALG("AES-256-CTR", aes256ctr_functions), + ALG("AES-192-CTR", aes192ctr_functions), + ALG("AES-128-CTR", aes128ctr_functions), + ALG("AES-256-XTS", aes256xts_functions), + ALG("AES-128-XTS", aes128xts_functions), + ALG("AES-256-GCM:id-aes256-GCM", aes256gcm_functions), + ALG("AES-192-GCM:id-aes192-GCM", aes192gcm_functions), + ALG("AES-128-GCM:id-aes128-GCM", aes128gcm_functions), + ALG("AES-256-CCM:id-aes256-CCM", aes256ccm_functions), + ALG("AES-192-CCM:id-aes192-CCM", aes192ccm_functions), + ALG("AES-128-CCM:id-aes128-CCM", aes128ccm_functions), + ALG("AES-256-WRAP:id-aes256-wrap:AES256-WRAP", aes256wrap_functions), + ALG("AES-192-WRAP:id-aes192-wrap:AES192-WRAP", aes192wrap_functions), + ALG("AES-128-WRAP:id-aes128-wrap:AES128-WRAP", aes128wrap_functions), + ALG("AES-256-WRAP-PAD:id-aes256-wrap-pad:AES256-WRAP-PAD", + aes256wrappad_functions), + ALG("AES-192-WRAP-PAD:id-aes192-wrap-pad:AES192-WRAP-PAD", + aes192wrappad_functions), + ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", + aes128wrappad_functions), + ALGC("AES-128-CBC-HMAC-SHA1", aes128cbc_hmac_sha1_functions, + cipher_capable_aes_cbc_hmac_sha1), + ALGC("AES-256-CBC-HMAC-SHA1", aes256cbc_hmac_sha1_functions, + cipher_capable_aes_cbc_hmac_sha1), + ALGC("AES-128-CBC-HMAC-SHA256", aes128cbc_hmac_sha256_functions, + cipher_capable_aes_cbc_hmac_sha256), + ALGC("AES-256-CBC-HMAC-SHA256", aes256cbc_hmac_sha256_functions, + cipher_capable_aes_cbc_hmac_sha256), #ifndef OPENSSL_NO_DES - { "DES-EDE3-ECB:DES-EDE3", "fips=yes", tdes_ede3_ecb_functions }, - { "DES-EDE3-CBC:DES3", "fips=yes", tdes_ede3_cbc_functions }, + ALG("DES-EDE3-ECB:DES-EDE3", tdes_ede3_ecb_functions), + ALG("DES-EDE3-CBC:DES3", tdes_ede3_cbc_functions), #endif /* OPENSSL_NO_DES */ - { NULL, NULL, NULL } + { { NULL, NULL, NULL }, NULL } }; +static OSSL_ALGORITHM exported_fips_ciphers[OSSL_NELEM(fips_ciphers)]; static const OSSL_ALGORITHM fips_macs[] = { #ifndef OPENSSL_NO_CMAC @@ -416,6 +435,7 @@ static const OSSL_ALGORITHM fips_kdfs[] = { { NULL, NULL, NULL } }; + static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov, int operation_id, int *no_cache) @@ -425,7 +445,8 @@ static const OSSL_ALGORITHM *fips_query(OSSL_PROVIDER *prov, case OSSL_OP_DIGEST: return fips_digests; case OSSL_OP_CIPHER: - return fips_ciphers; + ossl_prov_cache_exported_algorithms(fips_ciphers, exported_fips_ciphers); + return exported_fips_ciphers; case OSSL_OP_MAC: return fips_macs; case OSSL_OP_KDF: diff --git a/providers/implementations/ciphers/build.info b/providers/implementations/ciphers/build.info index abc193bb1d..bff5a2d41f 100644 --- a/providers/implementations/ciphers/build.info +++ b/providers/implementations/ciphers/build.info @@ -40,7 +40,10 @@ SOURCE[$AES_GOAL]=\ cipher_aes_xts.c cipher_aes_xts_hw.c \ cipher_aes_gcm.c cipher_aes_gcm_hw.c \ cipher_aes_ccm.c cipher_aes_ccm_hw.c \ - cipher_aes_wrp.c + cipher_aes_wrp.c \ + cipher_aes_cbc_hmac_sha.c \ + cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c + # Extra code to satisfy the FIPS and non-FIPS separation. # When the AES-xxx-XTS moves to legacy, this can be removed. SOURCE[../../libfips.a]=cipher_aes_xts_fips.c @@ -129,4 +132,3 @@ IF[{- !$disabled{chacha} -}] cipher_chacha20_poly1305.c cipher_chacha20_poly1305_hw.c ENDIF ENDIF - diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c new file mode 100644 index 0000000000..00b46c3f78 --- /dev/null +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c @@ -0,0 +1,345 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Dispatch functions for AES_CBC_HMAC_SHA ciphers */ + + +#include "cipher_aes_cbc_hmac_sha.h" +#include "prov/implementations.h" + +#ifndef AES_CBC_HMAC_SHA_CAPABLE +# define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ +const OSSL_DISPATCH nm##kbits##sub##_functions[] = { \ + { 0, NULL } \ +}; +#else +# include "prov/providercommonerr.h" + +/* TODO(3.0) Figure out what flags are required */ +# define AES_CBC_HMAC_SHA_FLAGS (EVP_CIPH_CBC_MODE \ + | EVP_CIPH_FLAG_DEFAULT_ASN1 \ + | EVP_CIPH_FLAG_AEAD_CIPHER \ + | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) + +static OSSL_OP_cipher_freectx_fn aes_cbc_hmac_sha1_freectx; +static OSSL_OP_cipher_freectx_fn aes_cbc_hmac_sha256_freectx; +static OSSL_OP_cipher_get_ctx_params_fn aes_get_ctx_params; +static OSSL_OP_cipher_gettable_ctx_params_fn aes_gettable_ctx_params; +static OSSL_OP_cipher_set_ctx_params_fn aes_set_ctx_params; +static OSSL_OP_cipher_settable_ctx_params_fn aes_settable_ctx_params; +# define aes_gettable_params cipher_generic_gettable_params +# define aes_einit cipher_generic_einit +# define aes_dinit cipher_generic_dinit +# define aes_update cipher_generic_stream_update +# define aes_final cipher_generic_stream_final +# define aes_cipher cipher_generic_cipher + +static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = { + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), +# if !defined(OPENSSL_NO_MULTIBLOCK) + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, NULL, 0), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, NULL, 0), +# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_END +}; +const OSSL_PARAM *aes_settable_ctx_params(void) +{ + return cipher_aes_known_settable_ctx_params; +} + +static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_CIPHER_HW_AES_HMAC_SHA *hw = + (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; + EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; + const OSSL_PARAM *p, *p1, *pin; + int ret = 1; + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); + if (p != NULL) { + if (p->data_type != OSSL_PARAM_OCTET_STRING) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + hw->init_mac_key(ctx, p->data, p->data_size); + } + +# if !defined(OPENSSL_NO_MULTIBLOCK) + p = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT); + if (p != NULL + && !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + /* + * The inputs to tls1_multiblock_aad are: + * mb_param->inp + * mb_param->len + * mb_param->interleave + * The outputs of tls1_multiblock_aad are written to: + * ctx->multiblock_interleave + * ctx->multiblock_aad_packlen + */ + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD); + if (p != NULL) { + p1 = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + if (p->data_type != OSSL_PARAM_OCTET_STRING + || p1 == NULL + || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + mb_param.inp = p->data; + mb_param.len = p->data_size; + if (hw->tls1_multiblock_aad(vctx, &mb_param) <= 0) + return 0; + } + + /* + * The inputs to tls1_multiblock_encrypt are: + * mb_param->inp + * mb_param->len + * mb_param->interleave + * mb_param->out + * The outputs of tls1_multiblock_encrypt are: + * ctx->multiblock_encrypt_len + */ + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC); + if (p != NULL) { + p1 = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + pin = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); + if (p->data_type != OSSL_PARAM_OCTET_STRING + || pin == NULL + || pin->data_type != OSSL_PARAM_OCTET_STRING + || p1 == NULL + || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + mb_param.out = p->data; + mb_param.inp = pin->data; + mb_param.len = pin->data_size; + if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0) + return 0; + } +# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); + if (p != NULL) { + if (p->data_type != OSSL_PARAM_OCTET_STRING) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + if (hw->set_tls1_aad(ctx, p->data, p->data_size) <= 0) + return 0; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); + if (p != NULL) { + size_t keylen; + + if (!OSSL_PARAM_get_size_t(p, &keylen)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); + return 0; + } + if (ctx->base.keylen != keylen) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); + return 0; + } + } + return ret; +} + +static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_CIPHER_HW_AES_HMAC_SHA *hw = + (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; + OSSL_PARAM *p; + +# if !defined(OPENSSL_NO_MULTIBLOCK) + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE); + if (p != NULL) { + size_t len = hw->tls1_multiblock_max_bufsize(ctx); + + if (!OSSL_PARAM_set_size_t(p, len)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + } + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_interleave)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN); + if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_aad_packlen)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN); + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->multiblock_encrypt_len)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } +# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tls_aad_pad)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); + if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); + if (p != NULL + && !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen)) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); + return 0; + } + return 1; +} + +static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = { +# if !defined(OPENSSL_NO_MULTIBLOCK) + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, NULL), +# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), + OSSL_PARAM_END +}; +const OSSL_PARAM *aes_gettable_ctx_params(void) +{ + return cipher_aes_known_gettable_ctx_params; +} + +static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx, + const PROV_CIPHER_HW_AES_HMAC_SHA *meths, + size_t kbits, size_t blkbits, size_t ivbits, + uint64_t flags) +{ + cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, + EVP_CIPH_CBC_MODE, flags, + &meths->base, provctx); + ctx->hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->base.hw; +} + +static void *aes_cbc_hmac_sha1_newctx(void *provctx, size_t kbits, + size_t blkbits, size_t ivbits, + uint64_t flags) +{ + PROV_AES_HMAC_SHA1_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + if (ctx != NULL) + base_init(provctx, &ctx->base_ctx, + PROV_CIPHER_HW_aes_cbc_hmac_sha1(), kbits, blkbits, + ivbits, flags); + return ctx; +} + +static void aes_cbc_hmac_sha1_freectx(void *vctx) +{ + PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + + if (ctx != NULL) + OPENSSL_clear_free(ctx, sizeof(ctx)); +} + +static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits, + size_t blkbits, size_t ivbits, + uint64_t flags) +{ + PROV_AES_HMAC_SHA256_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + if (ctx != NULL) + base_init(provctx, &ctx->base_ctx, + PROV_CIPHER_HW_aes_cbc_hmac_sha256(), kbits, blkbits, + ivbits, flags); + return ctx; +} + +static void aes_cbc_hmac_sha256_freectx(void *vctx) +{ + PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + + if (ctx != NULL) + OPENSSL_clear_free(ctx, sizeof(ctx)); +} + +# define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ +static OSSL_OP_cipher_newctx_fn nm##_##kbits##_##sub##_newctx; \ +static void *nm##_##kbits##_##sub##_newctx(void *provctx) \ +{ \ + return nm##_##sub##_newctx(provctx, kbits, blkbits, ivbits, flags); \ +} \ +static OSSL_OP_cipher_get_params_fn nm##_##kbits##_##sub##_get_params; \ +static int nm##_##kbits##_##sub##_get_params(OSSL_PARAM params[]) \ +{ \ + return cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \ + flags, kbits, blkbits, ivbits); \ +} \ +const OSSL_DISPATCH nm##kbits##sub##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))nm##_##kbits##_##sub##_newctx },\ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))nm##_##sub##_freectx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))nm##_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))nm##_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))nm##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))nm##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))nm##_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))nm##_##kbits##_##sub##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))nm##_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))nm##_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))nm##_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))nm##_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))nm##_settable_ctx_params }, \ + { 0, NULL } \ +}; + +#endif /* AES_CBC_HMAC_SHA_CAPABLE */ + +/* aes128cbc_hmac_sha1_functions */ +IMPLEMENT_CIPHER(aes, cbc_hmac_sha1, 128, 128, 128, AES_CBC_HMAC_SHA_FLAGS) +/* aes256cbc_hmac_sha1_functions */ +IMPLEMENT_CIPHER(aes, cbc_hmac_sha1, 256, 128, 128, AES_CBC_HMAC_SHA_FLAGS) +/* aes128cbc_hmac_sha256_functions */ +IMPLEMENT_CIPHER(aes, cbc_hmac_sha256, 128, 128, 128, AES_CBC_HMAC_SHA_FLAGS) +/* aes256cbc_hmac_sha256_functions */ +IMPLEMENT_CIPHER(aes, cbc_hmac_sha256, 256, 128, 128, AES_CBC_HMAC_SHA_FLAGS) diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h new file mode 100644 index 0000000000..86da791c49 --- /dev/null +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h @@ -0,0 +1,65 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "prov/ciphercommon.h" +#include "crypto/aes_platform.h" + +int cipher_capable_aes_cbc_hmac_sha1(void); +int cipher_capable_aes_cbc_hmac_sha256(void); + +#ifdef AES_CBC_HMAC_SHA_CAPABLE +# include +# include + +typedef struct prov_cipher_hw_aes_hmac_sha_ctx_st { + PROV_CIPHER_HW base; /* must be first */ + void (*init_mac_key)(void *ctx, const unsigned char *inkey, size_t inlen); + int (*set_tls1_aad)(void *ctx, unsigned char *aad_rec, int aad_len); +# if !defined(OPENSSL_NO_MULTIBLOCK) + int (*tls1_multiblock_max_bufsize)(void *ctx); + int (*tls1_multiblock_aad)( + void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param); + int (*tls1_multiblock_encrypt)( + void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param); +# endif /* OPENSSL_NO_MULTIBLOCK) */ +} PROV_CIPHER_HW_AES_HMAC_SHA; + +typedef struct prov_aes_hmac_sha_ctx_st { + PROV_CIPHER_CTX base; + AES_KEY ks; + size_t payload_length; /* AAD length in decrypt case */ + union { + unsigned int tls_ver; + unsigned char tls_aad[16]; /* 13 used */ + } aux; + const PROV_CIPHER_HW_AES_HMAC_SHA *hw; + /* some value that are setup by set methods - that can be retrieved */ + unsigned int multiblock_interleave; + unsigned int multiblock_aad_packlen; + size_t multiblock_max_send_fragment; + size_t multiblock_encrypt_len; + size_t tls_aad_pad; +} PROV_AES_HMAC_SHA_CTX; + +typedef struct prov_aes_hmac_sha1_ctx_st { + PROV_AES_HMAC_SHA_CTX base_ctx; + SHA_CTX head, tail, md; +} PROV_AES_HMAC_SHA1_CTX; + +typedef struct prov_aes_hmac_sha256_ctx_st { + PROV_AES_HMAC_SHA_CTX base_ctx; + SHA256_CTX head, tail, md; +} PROV_AES_HMAC_SHA256_CTX; + +# define NO_PAYLOAD_LENGTH ((size_t)-1) + +const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha1(void); +const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha256(void); + +#endif /* AES_CBC_HMAC_SHA_CAPABLE */ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c new file mode 100644 index 0000000000..125369d7ff --- /dev/null +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c @@ -0,0 +1,782 @@ +/* + * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "cipher_aes_cbc_hmac_sha.h" + +#ifndef AES_CBC_HMAC_SHA_CAPABLE +int cipher_capable_aes_cbc_hmac_sha1(void) +{ + return 0; +} +#else + +# include "crypto/rand.h" +# include "crypto/evp.h" +# include "internal/constant_time.h" + +void sha1_block_data_order(void *c, const void *p, size_t len); +void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks, + const AES_KEY *key, unsigned char iv[16], + SHA_CTX *ctx, const void *in0); + +int cipher_capable_aes_cbc_hmac_sha1(void) +{ + return AESNI_CBC_HMAC_SHA_CAPABLE; +} + +static int aesni_cbc_hmac_sha1_init_key(PROV_CIPHER_CTX *vctx, + const unsigned char *key, size_t keylen) +{ + int ret; + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + + if (ctx->base.enc) + ret = aesni_set_encrypt_key(key, keylen * 8, &ctx->ks); + else + ret = aesni_set_decrypt_key(key, keylen * 8, &ctx->ks); + + SHA1_Init(&sctx->head); /* handy when benchmarking */ + sctx->tail = sctx->head; + sctx->md = sctx->head; + + ctx->payload_length = NO_PAYLOAD_LENGTH; + + return ret < 0 ? 0 : 1; +} + +static void sha1_update(SHA_CTX *c, const void *data, size_t len) +{ + const unsigned char *ptr = data; + size_t res; + + if ((res = c->num)) { + res = SHA_CBLOCK - res; + if (len < res) + res = len; + SHA1_Update(c, ptr, res); + ptr += res; + len -= res; + } + + res = len % SHA_CBLOCK; + len -= res; + + if (len) { + sha1_block_data_order(c, ptr, len / SHA_CBLOCK); + + ptr += len; + c->Nh += len >> 29; + c->Nl += len <<= 3; + if (c->Nl < (unsigned int)len) + c->Nh++; + } + + if (res) + SHA1_Update(c, ptr, res); +} + +# if !defined(OPENSSL_NO_MULTIBLOCK) + +typedef struct { + unsigned int A[8], B[8], C[8], D[8], E[8]; +} SHA1_MB_CTX; + +typedef struct { + const unsigned char *ptr; + int blocks; +} HASH_DESC; + +typedef struct { + const unsigned char *inp; + unsigned char *out; + int blocks; + u64 iv[2]; +} CIPH_DESC; + +void sha1_multi_block(SHA1_MB_CTX *, const HASH_DESC *, int); +void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int); + +static size_t tls1_multi_block_encrypt(void *vctx, + unsigned char *out, + const unsigned char *inp, + size_t inp_len, int n4x) +{ /* n4x is 1 or 2 */ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + HASH_DESC hash_d[8], edges[8]; + CIPH_DESC ciph_d[8]; + unsigned char storage[sizeof(SHA1_MB_CTX) + 32]; + union { + u64 q[16]; + u32 d[32]; + u8 c[128]; + } blocks[8]; + SHA1_MB_CTX *mctx; + unsigned int frag, last, packlen, i; + unsigned int x4 = 4 * n4x, minblocks, processed = 0; + size_t ret = 0; + u8 *IVs; +# if defined(BSWAP8) + u64 seqnum; +# endif + + /* ask for IVs in bulk */ + if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0) + return 0; + + mctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */ + + frag = (unsigned int)inp_len >> (1 + n4x); + last = (unsigned int)inp_len + frag - (frag << (1 + n4x)); + if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) { + frag++; + last -= x4 - 1; + } + + packlen = 5 + 16 + ((frag + 20 + 16) & -16); + + /* populate descriptors with pointers and IVs */ + hash_d[0].ptr = inp; + ciph_d[0].inp = inp; + /* 5+16 is place for header and explicit IV */ + ciph_d[0].out = out + 5 + 16; + memcpy(ciph_d[0].out - 16, IVs, 16); + memcpy(ciph_d[0].iv, IVs, 16); + IVs += 16; + + for (i = 1; i < x4; i++) { + ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag; + ciph_d[i].out = ciph_d[i - 1].out + packlen; + memcpy(ciph_d[i].out - 16, IVs, 16); + memcpy(ciph_d[i].iv, IVs, 16); + IVs += 16; + } + +# if defined(BSWAP8) + memcpy(blocks[0].c, sctx->md.data, 8); + seqnum = BSWAP8(blocks[0].q[0]); +# endif + for (i = 0; i < x4; i++) { + unsigned int len = (i == (x4 - 1) ? last : frag); +# if !defined(BSWAP8) + unsigned int carry, j; +# endif + + mctx->A[i] = sctx->md.h0; + mctx->B[i] = sctx->md.h1; + mctx->C[i] = sctx->md.h2; + mctx->D[i] = sctx->md.h3; + mctx->E[i] = sctx->md.h4; + + /* fix seqnum */ +# if defined(BSWAP8) + blocks[i].q[0] = BSWAP8(seqnum + i); +# else + for (carry = i, j = 8; j--;) { + blocks[i].c[j] = ((u8 *)sctx->md.data)[j] + carry; + carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1); + } +# endif + blocks[i].c[8] = ((u8 *)sctx->md.data)[8]; + blocks[i].c[9] = ((u8 *)sctx->md.data)[9]; + blocks[i].c[10] = ((u8 *)sctx->md.data)[10]; + /* fix length */ + blocks[i].c[11] = (u8)(len >> 8); + blocks[i].c[12] = (u8)(len); + + memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13); + hash_d[i].ptr += 64 - 13; + hash_d[i].blocks = (len - (64 - 13)) / 64; + + edges[i].ptr = blocks[i].c; + edges[i].blocks = 1; + } + + /* hash 13-byte headers and first 64-13 bytes of inputs */ + sha1_multi_block(mctx, edges, n4x); + /* hash bulk inputs */ +# define MAXCHUNKSIZE 2048 +# if MAXCHUNKSIZE%64 +# error "MAXCHUNKSIZE is not divisible by 64" +# elif MAXCHUNKSIZE + /* + * goal is to minimize pressure on L1 cache by moving in shorter steps, + * so that hashed data is still in the cache by the time we encrypt it + */ + minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64; + if (minblocks > MAXCHUNKSIZE / 64) { + for (i = 0; i < x4; i++) { + edges[i].ptr = hash_d[i].ptr; + edges[i].blocks = MAXCHUNKSIZE / 64; + ciph_d[i].blocks = MAXCHUNKSIZE / 16; + } + do { + sha1_multi_block(mctx, edges, n4x); + aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x); + + for (i = 0; i < x4; i++) { + edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE; + hash_d[i].blocks -= MAXCHUNKSIZE / 64; + edges[i].blocks = MAXCHUNKSIZE / 64; + ciph_d[i].inp += MAXCHUNKSIZE; + ciph_d[i].out += MAXCHUNKSIZE; + ciph_d[i].blocks = MAXCHUNKSIZE / 16; + memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16); + } + processed += MAXCHUNKSIZE; + minblocks -= MAXCHUNKSIZE / 64; + } while (minblocks > MAXCHUNKSIZE / 64); + } +# endif +# undef MAXCHUNKSIZE + sha1_multi_block(mctx, hash_d, n4x); + + memset(blocks, 0, sizeof(blocks)); + for (i = 0; i < x4; i++) { + unsigned int len = (i == (x4 - 1) ? last : frag), + off = hash_d[i].blocks * 64; + const unsigned char *ptr = hash_d[i].ptr + off; + + off = (len - processed) - (64 - 13) - off; /* remainder actually */ + memcpy(blocks[i].c, ptr, off); + blocks[i].c[off] = 0x80; + len += 64 + 13; /* 64 is HMAC header */ + len *= 8; /* convert to bits */ + if (off < (64 - 8)) { +# ifdef BSWAP4 + blocks[i].d[15] = BSWAP4(len); +# else + PUTU32(blocks[i].c + 60, len); +# endif + edges[i].blocks = 1; + } else { +# ifdef BSWAP4 + blocks[i].d[31] = BSWAP4(len); +# else + PUTU32(blocks[i].c + 124, len); +# endif + edges[i].blocks = 2; + } + edges[i].ptr = blocks[i].c; + } + + /* hash input tails and finalize */ + sha1_multi_block(mctx, edges, n4x); + + memset(blocks, 0, sizeof(blocks)); + for (i = 0; i < x4; i++) { +# ifdef BSWAP4 + blocks[i].d[0] = BSWAP4(mctx->A[i]); + mctx->A[i] = sctx->tail.h0; + blocks[i].d[1] = BSWAP4(mctx->B[i]); + mctx->B[i] = sctx->tail.h1; + blocks[i].d[2] = BSWAP4(mctx->C[i]); + mctx->C[i] = sctx->tail.h2; + blocks[i].d[3] = BSWAP4(mctx->D[i]); + mctx->D[i] = sctx->tail.h3; + blocks[i].d[4] = BSWAP4(mctx->E[i]); + mctx->E[i] = sctx->tail.h4; + blocks[i].c[20] = 0x80; + blocks[i].d[15] = BSWAP4((64 + 20) * 8); +# else + PUTU32(blocks[i].c + 0, mctx->A[i]); + mctx->A[i] = sctx->tail.h0; + PUTU32(blocks[i].c + 4, mctx->B[i]); + mctx->B[i] = sctx->tail.h1; + PUTU32(blocks[i].c + 8, mctx->C[i]); + mctx->C[i] = sctx->tail.h2; + PUTU32(blocks[i].c + 12, mctx->D[i]); + mctx->D[i] = sctx->tail.h3; + PUTU32(blocks[i].c + 16, mctx->E[i]); + mctx->E[i] = sctx->tail.h4; + blocks[i].c[20] = 0x80; + PUTU32(blocks[i].c + 60, (64 + 20) * 8); +# endif /* BSWAP */ + edges[i].ptr = blocks[i].c; + edges[i].blocks = 1; + } + + /* finalize MACs */ + sha1_multi_block(mctx, edges, n4x); + + for (i = 0; i < x4; i++) { + unsigned int len = (i == (x4 - 1) ? last : frag), pad, j; + unsigned char *out0 = out; + + memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed); + ciph_d[i].inp = ciph_d[i].out; + + out += 5 + 16 + len; + + /* write MAC */ + PUTU32(out + 0, mctx->A[i]); + PUTU32(out + 4, mctx->B[i]); + PUTU32(out + 8, mctx->C[i]); + PUTU32(out + 12, mctx->D[i]); + PUTU32(out + 16, mctx->E[i]); + out += 20; + len += 20; + + /* pad */ + pad = 15 - len % 16; + for (j = 0; j <= pad; j++) + *(out++) = pad; + len += pad + 1; + + ciph_d[i].blocks = (len - processed) / 16; + len += 16; /* account for explicit iv */ + + /* arrange header */ + out0[0] = ((u8 *)sctx->md.data)[8]; + out0[1] = ((u8 *)sctx->md.data)[9]; + out0[2] = ((u8 *)sctx->md.data)[10]; + out0[3] = (u8)(len >> 8); + out0[4] = (u8)(len); + + ret += len + 5; + inp += frag; + } + + aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x); + + OPENSSL_cleanse(blocks, sizeof(blocks)); + OPENSSL_cleanse(mctx, sizeof(*mctx)); + + ctx->multiblock_encrypt_len = ret; + return ret; +} +# endif /* OPENSSL_NO_MULTIBLOCK */ + +static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, + unsigned char *out, + const unsigned char *in, size_t len) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + unsigned int l; + size_t plen = ctx->payload_length; + size_t iv = 0; /* explicit IV in TLS 1.1 and later */ + size_t aes_off = 0, blocks; + size_t sha_off = SHA_CBLOCK - sctx->md.num; + + ctx->payload_length = NO_PAYLOAD_LENGTH; + + if (len % AES_BLOCK_SIZE) + return 0; + + if (ctx->base.enc) { + if (plen == NO_PAYLOAD_LENGTH) + plen = len; + else if (len != + ((plen + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + return 0; + else if (ctx->aux.tls_ver >= TLS1_1_VERSION) + iv = AES_BLOCK_SIZE; + + if (plen > (sha_off + iv) + && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) { + sha1_update(&sctx->md, in + iv, sha_off); + + aesni_cbc_sha1_enc(in, out, blocks, &ctx->ks, ctx->base.iv, + &sctx->md, in + iv + sha_off); + blocks *= SHA_CBLOCK; + aes_off += blocks; + sha_off += blocks; + sctx->md.Nh += blocks >> 29; + sctx->md.Nl += blocks <<= 3; + if (sctx->md.Nl < (unsigned int)blocks) + sctx->md.Nh++; + } else { + sha_off = 0; + } + sha_off += iv; + sha1_update(&sctx->md, in + sha_off, plen - sha_off); + + if (plen != len) { /* "TLS" mode of operation */ + if (in != out) + memcpy(out + aes_off, in + aes_off, plen - aes_off); + + /* calculate HMAC and append it to payload */ + SHA1_Final(out + plen, &sctx->md); + sctx->md = sctx->tail; + sha1_update(&sctx->md, out + plen, SHA_DIGEST_LENGTH); + SHA1_Final(out + plen, &sctx->md); + + /* pad the payload|hmac */ + plen += SHA_DIGEST_LENGTH; + for (l = len - plen - 1; plen < len; plen++) + out[plen] = l; + /* encrypt HMAC|padding at once */ + aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off, + &ctx->ks, ctx->base.iv, 1); + } else { + aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off, + &ctx->ks, ctx->base.iv, 1); + } + } else { + union { + unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)]; + unsigned char c[32 + SHA_DIGEST_LENGTH]; + } mac, *pmac; + + /* arrange cache line alignment */ + pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32)); + + if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ + size_t inp_len, mask, j, i; + unsigned int res, maxpad, pad, bitlen; + int ret = 1; + union { + unsigned int u[SHA_LBLOCK]; + unsigned char c[SHA_CBLOCK]; + } *data = (void *)sctx->md.data; + + if ((ctx->aux.tls_aad[plen - 4] << 8 | ctx->aux.tls_aad[plen - 3]) + >= TLS1_1_VERSION) { + if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1)) + return 0; + + /* omit explicit iv */ + memcpy(ctx->base.iv, in, AES_BLOCK_SIZE); + + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + len -= AES_BLOCK_SIZE; + } else if (len < (SHA_DIGEST_LENGTH + 1)) + return 0; + + /* decrypt HMAC|padding at once */ + aesni_cbc_encrypt(in, out, len, &ctx->ks, ctx->base.iv, 0); + + /* figure out payload length */ + pad = out[len - 1]; + maxpad = len - (SHA_DIGEST_LENGTH + 1); + maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8); + maxpad &= 255; + + mask = constant_time_ge(maxpad, pad); + ret &= mask; + /* + * If pad is invalid then we will fail the above test but we must + * continue anyway because we are in constant time code. However, + * we'll use the maxpad value instead of the supplied pad to make + * sure we perform well defined pointer arithmetic. + */ + pad = constant_time_select(mask, pad, maxpad); + + inp_len = len - (SHA_DIGEST_LENGTH + pad + 1); + + ctx->aux.tls_aad[plen - 2] = inp_len >> 8; + ctx->aux.tls_aad[plen - 1] = inp_len; + + /* calculate HMAC */ + sctx->md = sctx->head; + sha1_update(&sctx->md, ctx->aux.tls_aad, plen); + + /* code containing lucky-13 fix */ + len -= SHA_DIGEST_LENGTH; /* amend mac */ + if (len >= (256 + SHA_CBLOCK)) { + j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK); + j += SHA_CBLOCK - sctx->md.num; + sha1_update(&sctx->md, out, j); + out += j; + len -= j; + inp_len -= j; + } + + /* but pretend as if we hashed padded payload */ + bitlen = sctx->md.Nl + (inp_len << 3); /* at most 18 bits */ +# ifdef BSWAP4 + bitlen = BSWAP4(bitlen); +# else + mac.c[0] = 0; + mac.c[1] = (unsigned char)(bitlen >> 16); + mac.c[2] = (unsigned char)(bitlen >> 8); + mac.c[3] = (unsigned char)bitlen; + bitlen = mac.u[0]; +# endif /* BSWAP */ + + pmac->u[0] = 0; + pmac->u[1] = 0; + pmac->u[2] = 0; + pmac->u[3] = 0; + pmac->u[4] = 0; + + for (res = sctx->md.num, j = 0; j < len; j++) { + size_t c = out[j]; + mask = (j - inp_len) >> (sizeof(j) * 8 - 8); + c &= mask; + c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8)); + data->c[res++] = (unsigned char)c; + + if (res != SHA_CBLOCK) + continue; + + /* j is not incremented yet */ + mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1)); + data->u[SHA_LBLOCK - 1] |= bitlen & mask; + sha1_block_data_order(&sctx->md, data, 1); + mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1)); + pmac->u[0] |= sctx->md.h0 & mask; + pmac->u[1] |= sctx->md.h1 & mask; + pmac->u[2] |= sctx->md.h2 & mask; + pmac->u[3] |= sctx->md.h3 & mask; + pmac->u[4] |= sctx->md.h4 & mask; + res = 0; + } + + for (i = res; i < SHA_CBLOCK; i++, j++) + data->c[i] = 0; + + if (res > SHA_CBLOCK - 8) { + mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1)); + data->u[SHA_LBLOCK - 1] |= bitlen & mask; + sha1_block_data_order(&sctx->md, data, 1); + mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1)); + pmac->u[0] |= sctx->md.h0 & mask; + pmac->u[1] |= sctx->md.h1 & mask; + pmac->u[2] |= sctx->md.h2 & mask; + pmac->u[3] |= sctx->md.h3 & mask; + pmac->u[4] |= sctx->md.h4 & mask; + + memset(data, 0, SHA_CBLOCK); + j += 64; + } + data->u[SHA_LBLOCK - 1] = bitlen; + sha1_block_data_order(&sctx->md, data, 1); + mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1)); + pmac->u[0] |= sctx->md.h0 & mask; + pmac->u[1] |= sctx->md.h1 & mask; + pmac->u[2] |= sctx->md.h2 & mask; + pmac->u[3] |= sctx->md.h3 & mask; + pmac->u[4] |= sctx->md.h4 & mask; + +# ifdef BSWAP4 + pmac->u[0] = BSWAP4(pmac->u[0]); + pmac->u[1] = BSWAP4(pmac->u[1]); + pmac->u[2] = BSWAP4(pmac->u[2]); + pmac->u[3] = BSWAP4(pmac->u[3]); + pmac->u[4] = BSWAP4(pmac->u[4]); +# else + for (i = 0; i < 5; i++) { + res = pmac->u[i]; + pmac->c[4 * i + 0] = (unsigned char)(res >> 24); + pmac->c[4 * i + 1] = (unsigned char)(res >> 16); + pmac->c[4 * i + 2] = (unsigned char)(res >> 8); + pmac->c[4 * i + 3] = (unsigned char)res; + } +# endif /* BSWAP4 */ + len += SHA_DIGEST_LENGTH; + sctx->md = sctx->tail; + sha1_update(&sctx->md, pmac->c, SHA_DIGEST_LENGTH); + SHA1_Final(pmac->c, &sctx->md); + + /* verify HMAC */ + out += inp_len; + len -= inp_len; + /* version of code with lucky-13 fix */ + { + unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH; + size_t off = out - p; + unsigned int c, cmask; + + maxpad += SHA_DIGEST_LENGTH; + for (res = 0, i = 0, j = 0; j < maxpad; j++) { + c = p[j]; + cmask = + ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) * + 8 - 1); + res |= (c ^ pad) & ~cmask; /* ... and padding */ + cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1); + res |= (c ^ pmac->c[i]) & cmask; + i += 1 & cmask; + } + maxpad -= SHA_DIGEST_LENGTH; + + res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); + ret &= (int)~res; + } + return ret; + } else { + /* decrypt HMAC|padding at once */ + aesni_cbc_encrypt(in, out, len, &ctx->ks, ctx->base.iv, 0); + sha1_update(&sctx->md, out, len); + } + } + + return 1; +} + +/* EVP_CTRL_AEAD_SET_MAC_KEY */ +static void aesni_cbc_hmac_sha1_set_mac_key(void *vctx, + const unsigned char *mac, size_t len) +{ + PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + unsigned int i; + unsigned char hmac_key[64]; + + memset(hmac_key, 0, sizeof(hmac_key)); + + if (len > (int)sizeof(hmac_key)) { + SHA1_Init(&ctx->head); + sha1_update(&ctx->head, mac, len); + SHA1_Final(hmac_key, &ctx->head); + } else { + memcpy(hmac_key, mac, len); + } + + for (i = 0; i < sizeof(hmac_key); i++) + hmac_key[i] ^= 0x36; /* ipad */ + SHA1_Init(&ctx->head); + sha1_update(&ctx->head, hmac_key, sizeof(hmac_key)); + + for (i = 0; i < sizeof(hmac_key); i++) + hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */ + SHA1_Init(&ctx->tail); + sha1_update(&ctx->tail, hmac_key, sizeof(hmac_key)); + + OPENSSL_cleanse(hmac_key, sizeof(hmac_key)); +} + +/* EVP_CTRL_AEAD_TLS1_AAD */ +static int aesni_cbc_hmac_sha1_set_tls1_aad(void *vctx, + unsigned char *aad_rec, int aad_len) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + unsigned char *p = aad_rec; + unsigned int len; + + if (aad_len != EVP_AEAD_TLS1_AAD_LEN) + return -1; + + len = p[aad_len - 2] << 8 | p[aad_len - 1]; + + if (ctx->base.enc) { + ctx->payload_length = len; + if ((ctx->aux.tls_ver = + p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) { + if (len < AES_BLOCK_SIZE) + return 0; + len -= AES_BLOCK_SIZE; + p[aad_len - 2] = len >> 8; + p[aad_len - 1] = len; + } + sctx->md = sctx->head; + sha1_update(&sctx->md, p, aad_len); + ctx->tls_aad_pad = (int)(((len + SHA_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); + return 1; + } else { + memcpy(ctx->aux.tls_aad, aad_rec, aad_len); + ctx->payload_length = aad_len; + ctx->tls_aad_pad = SHA_DIGEST_LENGTH; + return 1; + } +} + +# if !defined(OPENSSL_NO_MULTIBLOCK) + +/* EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE */ +static int aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize(void *vctx) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + + OPENSSL_assert(ctx->multiblock_max_send_fragment != 0); + return (int)(5 + 16 + + (((int)ctx->multiblock_max_send_fragment + 20 + 16) & -16)); +} + +/* EVP_CTRL_TLS1_1_MULTIBLOCK_AAD */ +static int aesni_cbc_hmac_sha1_tls1_multiblock_aad( + void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; + unsigned int n4x = 1, x4; + unsigned int frag, last, packlen, inp_len; + + inp_len = param->inp[11] << 8 | param->inp[12]; + ctx->multiblock_interleave = param->interleave; + + if (ctx->base.enc) { + if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION) + return -1; + + if (inp_len) { + if (inp_len < 4096) + return 0; /* too short */ + + if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5)) + n4x = 2; /* AVX2 */ + } else if ((n4x = param->interleave / 4) && n4x <= 2) + inp_len = param->len; + else + return -1; + + sctx->md = sctx->head; + sha1_update(&sctx->md, param->inp, 13); + + x4 = 4 * n4x; + n4x += 1; + + frag = inp_len >> n4x; + last = inp_len + frag - (frag << n4x); + if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) { + frag++; + last -= x4 - 1; + } + + packlen = 5 + 16 + ((frag + 20 + 16) & -16); + packlen = (packlen << n4x) - packlen; + packlen += 5 + 16 + ((last + 20 + 16) & -16); + + param->interleave = x4; + /* The returned values used by get need to be stored */ + ctx->multiblock_interleave = x4; + ctx->multiblock_aad_packlen = packlen; + return 1; + } + return -1; /* not yet */ +} + +/* EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT */ +static int aesni_cbc_hmac_sha1_tls1_multiblock_encrypt( + void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param) +{ + return (int)tls1_multi_block_encrypt(ctx, param->out, + param->inp, param->len, + param->interleave / 4); +} + +#endif /* OPENSSL_NO_MULTIBLOCK */ + +static const PROV_CIPHER_HW_AES_HMAC_SHA cipher_hw_aes_hmac_sha1 = { + { + aesni_cbc_hmac_sha1_init_key, + aesni_cbc_hmac_sha1_cipher + }, + aesni_cbc_hmac_sha1_set_mac_key, + aesni_cbc_hmac_sha1_set_tls1_aad, +# if !defined(OPENSSL_NO_MULTIBLOCK) + aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize, + aesni_cbc_hmac_sha1_tls1_multiblock_aad, + aesni_cbc_hmac_sha1_tls1_multiblock_encrypt +# endif +}; + +const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha1(void) +{ + return &cipher_hw_aes_hmac_sha1; +} + +#endif /* AES_CBC_HMAC_SHA_CAPABLE */ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c new file mode 100644 index 0000000000..4352476264 --- /dev/null +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c @@ -0,0 +1,831 @@ +/* + * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "cipher_aes_cbc_hmac_sha.h" + +#ifndef AES_CBC_HMAC_SHA_CAPABLE +int cipher_capable_aes_cbc_hmac_sha256(void) +{ + return 0; +} +#else + +# include "crypto/rand.h" +# include "crypto/evp.h" +# include "internal/constant_time.h" + +void sha256_block_data_order(void *c, const void *p, size_t len); +int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks, + const AES_KEY *key, unsigned char iv[16], + SHA256_CTX *ctx, const void *in0); + +int cipher_capable_aes_cbc_hmac_sha256(void) +{ + return AESNI_CBC_HMAC_SHA_CAPABLE + && aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL); +} + +static int aesni_cbc_hmac_sha256_init_key(PROV_CIPHER_CTX *vctx, + const unsigned char *key, + size_t keylen) +{ + int ret; + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + + if (ctx->base.enc) + ret = aesni_set_encrypt_key(key, ctx->base.keylen * 8, &ctx->ks); + else + ret = aesni_set_decrypt_key(key, ctx->base.keylen * 8, &ctx->ks); + + SHA256_Init(&sctx->head); /* handy when benchmarking */ + sctx->tail = sctx->head; + sctx->md = sctx->head; + + ctx->payload_length = NO_PAYLOAD_LENGTH; + + return ret < 0 ? 0 : 1; +} + +void sha256_block_data_order(void *c, const void *p, size_t len); + +static void sha256_update(SHA256_CTX *c, const void *data, size_t len) +{ + const unsigned char *ptr = data; + size_t res; + + if ((res = c->num)) { + res = SHA256_CBLOCK - res; + if (len < res) + res = len; + SHA256_Update(c, ptr, res); + ptr += res; + len -= res; + } + + res = len % SHA256_CBLOCK; + len -= res; + + if (len) { + sha256_block_data_order(c, ptr, len / SHA256_CBLOCK); + + ptr += len; + c->Nh += len >> 29; + c->Nl += len <<= 3; + if (c->Nl < (unsigned int)len) + c->Nh++; + } + + if (res) + SHA256_Update(c, ptr, res); +} + +# if !defined(OPENSSL_NO_MULTIBLOCK) + +typedef struct { + unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8]; +} SHA256_MB_CTX; + +typedef struct { + const unsigned char *ptr; + int blocks; +} HASH_DESC; + +typedef struct { + const unsigned char *inp; + unsigned char *out; + int blocks; + u64 iv[2]; +} CIPH_DESC; + +void sha256_multi_block(SHA256_MB_CTX *, const HASH_DESC *, int); +void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int); + +static size_t tls1_multi_block_encrypt(void *vctx, + unsigned char *out, + const unsigned char *inp, + size_t inp_len, int n4x) +{ /* n4x is 1 or 2 */ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + HASH_DESC hash_d[8], edges[8]; + CIPH_DESC ciph_d[8]; + unsigned char storage[sizeof(SHA256_MB_CTX) + 32]; + union { + u64 q[16]; + u32 d[32]; + u8 c[128]; + } blocks[8]; + SHA256_MB_CTX *mctx; + unsigned int frag, last, packlen, i; + unsigned int x4 = 4 * n4x, minblocks, processed = 0; + size_t ret = 0; + u8 *IVs; +# if defined(BSWAP8) + u64 seqnum; +# endif + + /* ask for IVs in bulk */ + if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0) + return 0; + + mctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */ + + frag = (unsigned int)inp_len >> (1 + n4x); + last = (unsigned int)inp_len + frag - (frag << (1 + n4x)); + if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) { + frag++; + last -= x4 - 1; + } + + packlen = 5 + 16 + ((frag + 32 + 16) & -16); + + /* populate descriptors with pointers and IVs */ + hash_d[0].ptr = inp; + ciph_d[0].inp = inp; + /* 5+16 is place for header and explicit IV */ + ciph_d[0].out = out + 5 + 16; + memcpy(ciph_d[0].out - 16, IVs, 16); + memcpy(ciph_d[0].iv, IVs, 16); + IVs += 16; + + for (i = 1; i < x4; i++) { + ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag; + ciph_d[i].out = ciph_d[i - 1].out + packlen; + memcpy(ciph_d[i].out - 16, IVs, 16); + memcpy(ciph_d[i].iv, IVs, 16); + IVs += 16; + } + +# if defined(BSWAP8) + memcpy(blocks[0].c, sctx->md.data, 8); + seqnum = BSWAP8(blocks[0].q[0]); +# endif + + for (i = 0; i < x4; i++) { + unsigned int len = (i == (x4 - 1) ? last : frag); +# if !defined(BSWAP8) + unsigned int carry, j; +# endif + + mctx->A[i] = sctx->md.h[0]; + mctx->B[i] = sctx->md.h[1]; + mctx->C[i] = sctx->md.h[2]; + mctx->D[i] = sctx->md.h[3]; + mctx->E[i] = sctx->md.h[4]; + mctx->F[i] = sctx->md.h[5]; + mctx->G[i] = sctx->md.h[6]; + mctx->H[i] = sctx->md.h[7]; + + /* fix seqnum */ +# if defined(BSWAP8) + blocks[i].q[0] = BSWAP8(seqnum + i); +# else + for (carry = i, j = 8; j--;) { + blocks[i].c[j] = ((u8 *)sctx->md.data)[j] + carry; + carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1); + } +# endif + blocks[i].c[8] = ((u8 *)sctx->md.data)[8]; + blocks[i].c[9] = ((u8 *)sctx->md.data)[9]; + blocks[i].c[10] = ((u8 *)sctx->md.data)[10]; + /* fix length */ + blocks[i].c[11] = (u8)(len >> 8); + blocks[i].c[12] = (u8)(len); + + memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13); + hash_d[i].ptr += 64 - 13; + hash_d[i].blocks = (len - (64 - 13)) / 64; + + edges[i].ptr = blocks[i].c; + edges[i].blocks = 1; + } + + /* hash 13-byte headers and first 64-13 bytes of inputs */ + sha256_multi_block(mctx, edges, n4x); + /* hash bulk inputs */ +# define MAXCHUNKSIZE 2048 +# if MAXCHUNKSIZE%64 +# error "MAXCHUNKSIZE is not divisible by 64" +# elif MAXCHUNKSIZE + /* + * goal is to minimize pressure on L1 cache by moving in shorter steps, + * so that hashed data is still in the cache by the time we encrypt it + */ + minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64; + if (minblocks > MAXCHUNKSIZE / 64) { + for (i = 0; i < x4; i++) { + edges[i].ptr = hash_d[i].ptr; + edges[i].blocks = MAXCHUNKSIZE / 64; + ciph_d[i].blocks = MAXCHUNKSIZE / 16; + } + do { + sha256_multi_block(mctx, edges, n4x); + aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x); + + for (i = 0; i < x4; i++) { + edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE; + hash_d[i].blocks -= MAXCHUNKSIZE / 64; + edges[i].blocks = MAXCHUNKSIZE / 64; + ciph_d[i].inp += MAXCHUNKSIZE; + ciph_d[i].out += MAXCHUNKSIZE; + ciph_d[i].blocks = MAXCHUNKSIZE / 16; + memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16); + } + processed += MAXCHUNKSIZE; + minblocks -= MAXCHUNKSIZE / 64; + } while (minblocks > MAXCHUNKSIZE / 64); + } +# endif +# undef MAXCHUNKSIZE + sha256_multi_block(mctx, hash_d, n4x); + + memset(blocks, 0, sizeof(blocks)); + for (i = 0; i < x4; i++) { + unsigned int len = (i == (x4 - 1) ? last : frag), + off = hash_d[i].blocks * 64; + const unsigned char *ptr = hash_d[i].ptr + off; + + off = (len - processed) - (64 - 13) - off; /* remainder actually */ + memcpy(blocks[i].c, ptr, off); + blocks[i].c[off] = 0x80; + len += 64 + 13; /* 64 is HMAC header */ + len *= 8; /* convert to bits */ + if (off < (64 - 8)) { +# ifdef BSWAP4 + blocks[i].d[15] = BSWAP4(len); +# else + PUTU32(blocks[i].c + 60, len); +# endif + edges[i].blocks = 1; + } else { +# ifdef BSWAP4 + blocks[i].d[31] = BSWAP4(len); +# else + PUTU32(blocks[i].c + 124, len); +# endif + edges[i].blocks = 2; + } + edges[i].ptr = blocks[i].c; + } + + /* hash input tails and finalize */ + sha256_multi_block(mctx, edges, n4x); + + memset(blocks, 0, sizeof(blocks)); + for (i = 0; i < x4; i++) { +# ifdef BSWAP4 + blocks[i].d[0] = BSWAP4(mctx->A[i]); + mctx->A[i] = sctx->tail.h[0]; + blocks[i].d[1] = BSWAP4(mctx->B[i]); + mctx->B[i] = sctx->tail.h[1]; + blocks[i].d[2] = BSWAP4(mctx->C[i]); + mctx->C[i] = sctx->tail.h[2]; + blocks[i].d[3] = BSWAP4(mctx->D[i]); + mctx->D[i] = sctx->tail.h[3]; + blocks[i].d[4] = BSWAP4(mctx->E[i]); + mctx->E[i] = sctx->tail.h[4]; + blocks[i].d[5] = BSWAP4(mctx->F[i]); + mctx->F[i] = sctx->tail.h[5]; + blocks[i].d[6] = BSWAP4(mctx->G[i]); + mctx->G[i] = sctx->tail.h[6]; + blocks[i].d[7] = BSWAP4(mctx->H[i]); + mctx->H[i] = sctx->tail.h[7]; + blocks[i].c[32] = 0x80; + blocks[i].d[15] = BSWAP4((64 + 32) * 8); +# else + PUTU32(blocks[i].c + 0, mctx->A[i]); + mctx->A[i] = sctx->tail.h[0]; + PUTU32(blocks[i].c + 4, mctx->B[i]); + mctx->B[i] = sctx->tail.h[1]; + PUTU32(blocks[i].c + 8, mctx->C[i]); + mctx->C[i] = sctx->tail.h[2]; + PUTU32(blocks[i].c + 12, mctx->D[i]); + mctx->D[i] = sctx->tail.h[3]; + PUTU32(blocks[i].c + 16, mctx->E[i]); + mctx->E[i] = sctx->tail.h[4]; + PUTU32(blocks[i].c + 20, mctx->F[i]); + mctx->F[i] = sctx->tail.h[5]; + PUTU32(blocks[i].c + 24, mctx->G[i]); + mctx->G[i] = sctx->tail.h[6]; + PUTU32(blocks[i].c + 28, mctx->H[i]); + mctx->H[i] = sctx->tail.h[7]; + blocks[i].c[32] = 0x80; + PUTU32(blocks[i].c + 60, (64 + 32) * 8); +# endif /* BSWAP */ + edges[i].ptr = blocks[i].c; + edges[i].blocks = 1; + } + + /* finalize MACs */ + sha256_multi_block(mctx, edges, n4x); + + for (i = 0; i < x4; i++) { + unsigned int len = (i == (x4 - 1) ? last : frag), pad, j; + unsigned char *out0 = out; + + memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed); + ciph_d[i].inp = ciph_d[i].out; + + out += 5 + 16 + len; + + /* write MAC */ + PUTU32(out + 0, mctx->A[i]); + PUTU32(out + 4, mctx->B[i]); + PUTU32(out + 8, mctx->C[i]); + PUTU32(out + 12, mctx->D[i]); + PUTU32(out + 16, mctx->E[i]); + PUTU32(out + 20, mctx->F[i]); + PUTU32(out + 24, mctx->G[i]); + PUTU32(out + 28, mctx->H[i]); + out += 32; + len += 32; + + /* pad */ + pad = 15 - len % 16; + for (j = 0; j <= pad; j++) + *(out++) = pad; + len += pad + 1; + + ciph_d[i].blocks = (len - processed) / 16; + len += 16; /* account for explicit iv */ + + /* arrange header */ + out0[0] = ((u8 *)sctx->md.data)[8]; + out0[1] = ((u8 *)sctx->md.data)[9]; + out0[2] = ((u8 *)sctx->md.data)[10]; + out0[3] = (u8)(len >> 8); + out0[4] = (u8)(len); + + ret += len + 5; + inp += frag; + } + + aesni_multi_cbc_encrypt(ciph_d, &ctx->ks, n4x); + + OPENSSL_cleanse(blocks, sizeof(blocks)); + OPENSSL_cleanse(mctx, sizeof(*mctx)); + + ctx->multiblock_encrypt_len = ret; + return ret; +} +# endif /* !OPENSSL_NO_MULTIBLOCK */ + +static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, + unsigned char *out, + const unsigned char *in, size_t len) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + unsigned int l; + size_t plen = ctx->payload_length; + size_t iv = 0; /* explicit IV in TLS 1.1 and * later */ + size_t aes_off = 0, blocks; + size_t sha_off = SHA256_CBLOCK - sctx->md.num; + + ctx->payload_length = NO_PAYLOAD_LENGTH; + + if (len % AES_BLOCK_SIZE) + return 0; + + if (ctx->base.enc) { + if (plen == NO_PAYLOAD_LENGTH) + plen = len; + else if (len != + ((plen + SHA256_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + return 0; + else if (ctx->aux.tls_ver >= TLS1_1_VERSION) + iv = AES_BLOCK_SIZE; + + /* + * Assembly stitch handles AVX-capable processors, but its + * performance is not optimal on AMD Jaguar, ~40% worse, for + * unknown reasons. Incidentally processor in question supports + * AVX, but not AMD-specific XOP extension, which can be used + * to identify it and avoid stitch invocation. So that after we + * establish that current CPU supports AVX, we even see if it's + * either even XOP-capable Bulldozer-based or GenuineIntel one. + * But SHAEXT-capable go ahead... + */ + if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */ + ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */ + ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */ + | (OPENSSL_ia32cap_P[0] & (1 << 30))))) && /* "Intel CPU"? */ + plen > (sha_off + iv) && + (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) { + sha256_update(&sctx->md, in + iv, sha_off); + + (void)aesni_cbc_sha256_enc(in, out, blocks, &ctx->ks, + ctx->base.iv, + &sctx->md, in + iv + sha_off); + blocks *= SHA256_CBLOCK; + aes_off += blocks; + sha_off += blocks; + sctx->md.Nh += blocks >> 29; + sctx->md.Nl += blocks <<= 3; + if (sctx->md.Nl < (unsigned int)blocks) + sctx->md.Nh++; + } else { + sha_off = 0; + } + sha_off += iv; + sha256_update(&sctx->md, in + sha_off, plen - sha_off); + + if (plen != len) { /* "TLS" mode of operation */ + if (in != out) + memcpy(out + aes_off, in + aes_off, plen - aes_off); + + /* calculate HMAC and append it to payload */ + SHA256_Final(out + plen, &sctx->md); + sctx->md = sctx->tail; + sha256_update(&sctx->md, out + plen, SHA256_DIGEST_LENGTH); + SHA256_Final(out + plen, &sctx->md); + + /* pad the payload|hmac */ + plen += SHA256_DIGEST_LENGTH; + for (l = len - plen - 1; plen < len; plen++) + out[plen] = l; + /* encrypt HMAC|padding at once */ + aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off, + &ctx->ks, ctx->base.iv, 1); + } else { + aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off, + &ctx->ks, ctx->base.iv, 1); + } + } else { + union { + unsigned int u[SHA256_DIGEST_LENGTH / sizeof(unsigned int)]; + unsigned char c[64 + SHA256_DIGEST_LENGTH]; + } mac, *pmac; + + /* arrange cache line alignment */ + pmac = (void *)(((size_t)mac.c + 63) & ((size_t)0 - 64)); + + /* decrypt HMAC|padding at once */ + aesni_cbc_encrypt(in, out, len, &ctx->ks, + ctx->base.iv, 0); + + if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ + size_t inp_len, mask, j, i; + unsigned int res, maxpad, pad, bitlen; + int ret = 1; + union { + unsigned int u[SHA_LBLOCK]; + unsigned char c[SHA256_CBLOCK]; + } *data = (void *)sctx->md.data; + + if ((ctx->aux.tls_aad[plen - 4] << 8 | ctx->aux.tls_aad[plen - 3]) + >= TLS1_1_VERSION) + iv = AES_BLOCK_SIZE; + + if (len < (iv + SHA256_DIGEST_LENGTH + 1)) + return 0; + + /* omit explicit iv */ + out += iv; + len -= iv; + + /* figure out payload length */ + pad = out[len - 1]; + maxpad = len - (SHA256_DIGEST_LENGTH + 1); + maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8); + maxpad &= 255; + + mask = constant_time_ge(maxpad, pad); + ret &= mask; + /* + * If pad is invalid then we will fail the above test but we must + * continue anyway because we are in constant time code. However, + * we'll use the maxpad value instead of the supplied pad to make + * sure we perform well defined pointer arithmetic. + */ + pad = constant_time_select(mask, pad, maxpad); + + inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1); + + ctx->aux.tls_aad[plen - 2] = inp_len >> 8; + ctx->aux.tls_aad[plen - 1] = inp_len; + + /* calculate HMAC */ + sctx->md = sctx->head; + sha256_update(&sctx->md, ctx->aux.tls_aad, plen); + + /* code with lucky-13 fix */ + len -= SHA256_DIGEST_LENGTH; /* amend mac */ + if (len >= (256 + SHA256_CBLOCK)) { + j = (len - (256 + SHA256_CBLOCK)) & (0 - SHA256_CBLOCK); + j += SHA256_CBLOCK - sctx->md.num; + sha256_update(&sctx->md, out, j); + out += j; + len -= j; + inp_len -= j; + } + + /* but pretend as if we hashed padded payload */ + bitlen = sctx->md.Nl + (inp_len << 3); /* at most 18 bits */ +# ifdef BSWAP4 + bitlen = BSWAP4(bitlen); +# else + mac.c[0] = 0; + mac.c[1] = (unsigned char)(bitlen >> 16); + mac.c[2] = (unsigned char)(bitlen >> 8); + mac.c[3] = (unsigned char)bitlen; + bitlen = mac.u[0]; +# endif /* BSWAP */ + + pmac->u[0] = 0; + pmac->u[1] = 0; + pmac->u[2] = 0; + pmac->u[3] = 0; + pmac->u[4] = 0; + pmac->u[5] = 0; + pmac->u[6] = 0; + pmac->u[7] = 0; + + for (res = sctx->md.num, j = 0; j < len; j++) { + size_t c = out[j]; + mask = (j - inp_len) >> (sizeof(j) * 8 - 8); + c &= mask; + c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8)); + data->c[res++] = (unsigned char)c; + + if (res != SHA256_CBLOCK) + continue; + + /* j is not incremented yet */ + mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1)); + data->u[SHA_LBLOCK - 1] |= bitlen & mask; + sha256_block_data_order(&sctx->md, data, 1); + mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1)); + pmac->u[0] |= sctx->md.h[0] & mask; + pmac->u[1] |= sctx->md.h[1] & mask; + pmac->u[2] |= sctx->md.h[2] & mask; + pmac->u[3] |= sctx->md.h[3] & mask; + pmac->u[4] |= sctx->md.h[4] & mask; + pmac->u[5] |= sctx->md.h[5] & mask; + pmac->u[6] |= sctx->md.h[6] & mask; + pmac->u[7] |= sctx->md.h[7] & mask; + res = 0; + } + + for (i = res; i < SHA256_CBLOCK; i++, j++) + data->c[i] = 0; + + if (res > SHA256_CBLOCK - 8) { + mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1)); + data->u[SHA_LBLOCK - 1] |= bitlen & mask; + sha256_block_data_order(&sctx->md, data, 1); + mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1)); + pmac->u[0] |= sctx->md.h[0] & mask; + pmac->u[1] |= sctx->md.h[1] & mask; + pmac->u[2] |= sctx->md.h[2] & mask; + pmac->u[3] |= sctx->md.h[3] & mask; + pmac->u[4] |= sctx->md.h[4] & mask; + pmac->u[5] |= sctx->md.h[5] & mask; + pmac->u[6] |= sctx->md.h[6] & mask; + pmac->u[7] |= sctx->md.h[7] & mask; + + memset(data, 0, SHA256_CBLOCK); + j += 64; + } + data->u[SHA_LBLOCK - 1] = bitlen; + sha256_block_data_order(&sctx->md, data, 1); + mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1)); + pmac->u[0] |= sctx->md.h[0] & mask; + pmac->u[1] |= sctx->md.h[1] & mask; + pmac->u[2] |= sctx->md.h[2] & mask; + pmac->u[3] |= sctx->md.h[3] & mask; + pmac->u[4] |= sctx->md.h[4] & mask; + pmac->u[5] |= sctx->md.h[5] & mask; + pmac->u[6] |= sctx->md.h[6] & mask; + pmac->u[7] |= sctx->md.h[7] & mask; + +# ifdef BSWAP4 + pmac->u[0] = BSWAP4(pmac->u[0]); + pmac->u[1] = BSWAP4(pmac->u[1]); + pmac->u[2] = BSWAP4(pmac->u[2]); + pmac->u[3] = BSWAP4(pmac->u[3]); + pmac->u[4] = BSWAP4(pmac->u[4]); + pmac->u[5] = BSWAP4(pmac->u[5]); + pmac->u[6] = BSWAP4(pmac->u[6]); + pmac->u[7] = BSWAP4(pmac->u[7]); +# else + for (i = 0; i < 8; i++) { + res = pmac->u[i]; + pmac->c[4 * i + 0] = (unsigned char)(res >> 24); + pmac->c[4 * i + 1] = (unsigned char)(res >> 16); + pmac->c[4 * i + 2] = (unsigned char)(res >> 8); + pmac->c[4 * i + 3] = (unsigned char)res; + } +# endif /* BSWAP */ + len += SHA256_DIGEST_LENGTH; + sctx->md = sctx->tail; + sha256_update(&sctx->md, pmac->c, SHA256_DIGEST_LENGTH); + SHA256_Final(pmac->c, &sctx->md); + + /* verify HMAC */ + out += inp_len; + len -= inp_len; + /* code containing lucky-13 fix */ + { + unsigned char *p = + out + len - 1 - maxpad - SHA256_DIGEST_LENGTH; + size_t off = out - p; + unsigned int c, cmask; + + maxpad += SHA256_DIGEST_LENGTH; + for (res = 0, i = 0, j = 0; j < maxpad; j++) { + c = p[j]; + cmask = + ((int)(j - off - SHA256_DIGEST_LENGTH)) >> + (sizeof(int) * 8 - 1); + res |= (c ^ pad) & ~cmask; /* ... and padding */ + cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1); + res |= (c ^ pmac->c[i]) & cmask; + i += 1 & cmask; + } + maxpad -= SHA256_DIGEST_LENGTH; + + res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1)); + ret &= (int)~res; + } + return ret; + } else { + sha256_update(&sctx->md, out, len); + } + } + + return 1; +} + +/* EVP_CTRL_AEAD_SET_MAC_KEY */ +static void aesni_cbc_hmac_sha256_set_mac_key(void *vctx, + const unsigned char *mackey, + size_t len) +{ + PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + unsigned int i; + unsigned char hmac_key[64]; + + memset(hmac_key, 0, sizeof(hmac_key)); + + if (len > sizeof(hmac_key)) { + SHA256_Init(&ctx->head); + sha256_update(&ctx->head, mackey, len); + SHA256_Final(hmac_key, &ctx->head); + } else { + memcpy(hmac_key, mackey, len); + } + + for (i = 0; i < sizeof(hmac_key); i++) + hmac_key[i] ^= 0x36; /* ipad */ + SHA256_Init(&ctx->head); + sha256_update(&ctx->head, hmac_key, sizeof(hmac_key)); + + for (i = 0; i < sizeof(hmac_key); i++) + hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */ + SHA256_Init(&ctx->tail); + sha256_update(&ctx->tail, hmac_key, sizeof(hmac_key)); + + OPENSSL_cleanse(hmac_key, sizeof(hmac_key)); +} + +/* EVP_CTRL_AEAD_TLS1_AAD */ +static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx, + unsigned char *aad_rec, int aad_len) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + unsigned char *p = aad_rec; + unsigned int len; + + if (aad_len != EVP_AEAD_TLS1_AAD_LEN) + return -1; + + len = p[aad_len - 2] << 8 | p[aad_len - 1]; + + if (ctx->base.enc) { + ctx->payload_length = len; + if ((ctx->aux.tls_ver = + p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) { + if (len < AES_BLOCK_SIZE) + return 0; + len -= AES_BLOCK_SIZE; + p[aad_len] = len >> 8; + p[aad_len - 1] = len; + } + sctx->md = sctx->head; + sha256_update(&sctx->md, p, aad_len); + ctx->tls_aad_pad = (int)(((len + SHA256_DIGEST_LENGTH + + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); + return 1; + } else { + memcpy(ctx->aux.tls_aad, p, aad_len); + ctx->payload_length = aad_len; + ctx->tls_aad_pad = SHA256_DIGEST_LENGTH; + return 1; + } +} + +# if !defined(OPENSSL_NO_MULTIBLOCK) +/* EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE */ +static int aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize( + void *vctx) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + + OPENSSL_assert(ctx->multiblock_max_send_fragment != 0); + return (int)(5 + 16 + + (((int)ctx->multiblock_max_send_fragment + 32 + 16) & -16)); +} + +/* EVP_CTRL_TLS1_1_MULTIBLOCK_AAD */ +static int aesni_cbc_hmac_sha256_tls1_multiblock_aad( + void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param) +{ + PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; + PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; + unsigned int n4x = 1, x4; + unsigned int frag, last, packlen, inp_len; + + inp_len = param->inp[11] << 8 | param->inp[12]; + + if (ctx->base.enc) { + if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION) + return -1; + + if (inp_len) { + if (inp_len < 4096) + return 0; /* too short */ + + if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5)) + n4x = 2; /* AVX2 */ + } else if ((n4x = param->interleave / 4) && n4x <= 2) + inp_len = param->len; + else + return -1; + + sctx->md = sctx->head; + sha256_update(&sctx->md, param->inp, 13); + + x4 = 4 * n4x; + n4x += 1; + + frag = inp_len >> n4x; + last = inp_len + frag - (frag << n4x); + if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) { + frag++; + last -= x4 - 1; + } + + packlen = 5 + 16 + ((frag + 32 + 16) & -16); + packlen = (packlen << n4x) - packlen; + packlen += 5 + 16 + ((last + 32 + 16) & -16); + + param->interleave = x4; + /* The returned values used by get need to be stored */ + ctx->multiblock_interleave = x4; + ctx->multiblock_aad_packlen = packlen; + return 1; + } + return -1; /* not yet */ +} + +/* EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT */ +static int aesni_cbc_hmac_sha256_tls1_multiblock_encrypt( + void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param) +{ + return (int)tls1_multi_block_encrypt(ctx, param->out, + param->inp, param->len, + param->interleave / 4); +} +#endif + +static const PROV_CIPHER_HW_AES_HMAC_SHA cipher_hw_aes_hmac_sha256 = { + { + aesni_cbc_hmac_sha256_init_key, + aesni_cbc_hmac_sha256_cipher + }, + aesni_cbc_hmac_sha256_set_mac_key, + aesni_cbc_hmac_sha256_set_tls1_aad, +# if !defined(OPENSSL_NO_MULTIBLOCK) + aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize, + aesni_cbc_hmac_sha256_tls1_multiblock_aad, + aesni_cbc_hmac_sha256_tls1_multiblock_encrypt +# endif +}; + +const PROV_CIPHER_HW_AES_HMAC_SHA *PROV_CIPHER_HW_aes_cbc_hmac_sha256(void) +{ + return &cipher_hw_aes_hmac_sha256; +} + +#endif /* AES_CBC_HMAC_SHA_CAPABLE */ diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index 75c20a096e..ed44d68a5a 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -75,6 +75,10 @@ extern const OSSL_DISPATCH aes128wrap_functions[]; extern const OSSL_DISPATCH aes256wrappad_functions[]; extern const OSSL_DISPATCH aes192wrappad_functions[]; extern const OSSL_DISPATCH aes128wrappad_functions[]; +extern const OSSL_DISPATCH aes256cbc_hmac_sha1_functions[]; +extern const OSSL_DISPATCH aes128cbc_hmac_sha1_functions[]; +extern const OSSL_DISPATCH aes256cbc_hmac_sha256_functions[]; +extern const OSSL_DISPATCH aes128cbc_hmac_sha256_functions[]; #ifndef OPENSSL_NO_ARIA extern const OSSL_DISPATCH aria256gcm_functions[]; diff --git a/test/sslapitest.c b/test/sslapitest.c index 46e490a417..4993f16f4c 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -6820,6 +6820,103 @@ static int test_ca_names(int tst) return testresult; } +#ifndef OPENSSL_NO_TLS1_2 +static const char *multiblock_cipherlist_data[]= +{ + "AES128-SHA", + "AES128-SHA256", + "AES256-SHA", + "AES256-SHA256", +}; + +/* Reduce the fragment size - so the multiblock test buffer can be small */ +# define MULTIBLOCK_FRAGSIZE 512 + +static int test_multiblock_write(int test_index) +{ + static const char *fetchable_ciphers[]= + { + "AES-128-CBC-HMAC-SHA1", + "AES-128-CBC-HMAC-SHA256", + "AES-256-CBC-HMAC-SHA1", + "AES-256-CBC-HMAC-SHA256" + }; + const char *cipherlist = multiblock_cipherlist_data[test_index]; + const SSL_METHOD *smeth = TLS_server_method(); + const SSL_METHOD *cmeth = TLS_client_method(); + int min_version = TLS1_VERSION; + int max_version = TLS1_2_VERSION; /* Don't select TLS1_3 */ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + + /* + * Choose a buffer large enough to perform a multi-block operation + * i.e: write_len >= 4 * frag_size + * 9 * is chosen so that multiple multiblocks are used + some leftover. + */ + unsigned char msg[MULTIBLOCK_FRAGSIZE * 9]; + unsigned char buf[sizeof(msg)], *p = buf; + size_t readbytes, written, len; + EVP_CIPHER *ciph = NULL; + + /* + * Check if the cipher exists before attempting to use it since it only has + * a hardware specific implementation. + */ + ciph = EVP_CIPHER_fetch(NULL, fetchable_ciphers[test_index], ""); + if (ciph == NULL) { + TEST_skip("Multiblock cipher is not available for %s", cipherlist); + return 1; + } + EVP_CIPHER_free(ciph); + + /* Set up a buffer with some data that will be sent to the client */ + RAND_bytes(msg, sizeof(msg)); + + if (!TEST_true(create_ssl_ctx_pair(smeth, cmeth, min_version, max_version, + &sctx, &cctx, cert, privkey))) + goto end; + + if (!TEST_true(SSL_CTX_set_max_send_fragment(sctx, MULTIBLOCK_FRAGSIZE))) + goto end; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + /* settings to force it to use AES-CBC-HMAC_SHA */ + SSL_set_options(serverssl, SSL_OP_NO_ENCRYPT_THEN_MAC); + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipherlist))) + goto end; + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) + goto end; + + if (!TEST_true(SSL_write_ex(serverssl, msg, sizeof(msg), &written)) + || !TEST_size_t_eq(written, sizeof(msg))) + goto end; + + len = written; + while (len > 0) { + if (!TEST_true(SSL_read_ex(clientssl, p, MULTIBLOCK_FRAGSIZE, &readbytes))) + goto end; + p += readbytes; + len -= readbytes; + } + if (!TEST_mem_eq(msg, sizeof(msg), buf, sizeof(buf))) + goto end; + + testresult = 1; +end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif /* OPENSSL_NO_TLS1_2 */ OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile\n") @@ -6968,6 +7065,9 @@ int setup_tests(void) ADD_ALL_TESTS(test_cert_cb, 6); ADD_ALL_TESTS(test_client_cert_cb, 2); ADD_ALL_TESTS(test_ca_names, 3); +#ifndef OPENSSL_NO_TLS1_2 + ADD_ALL_TESTS(test_multiblock_write, OSSL_NELEM(multiblock_cipherlist_data)); +#endif return 1; } From kaishen.yy at antfin.com Mon Jan 6 03:16:15 2020 From: kaishen.yy at antfin.com (kaishen.yy at antfin.com) Date: Mon, 06 Jan 2020 03:16:15 +0000 Subject: [openssl] master update Message-ID: <1578280575.323086.14888.nullmailer@dev.openssl.org> The branch master has been updated via bc24e3ee52aacf3afe700617a13995c8ac96c8d5 (commit) from 0d2bfe52bb7e839f7bddcdb1160c335f2994df2f (commit) - Log ----------------------------------------------------------------- commit bc24e3ee52aacf3afe700617a13995c8ac96c8d5 Author: Rich Salz Date: Thu Oct 24 23:02:09 2019 -0400 Move -nameopt to openssl.pod Also clarify the description of the options. Reviewed-by: Paul Yang Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/10259) ----------------------------------------------------------------------- Summary of changes: doc/man1/openssl-crl.pod.in | 9 +-- doc/man1/openssl-req.pod.in | 11 +-- doc/man1/openssl-s_client.pod.in | 11 +-- doc/man1/openssl-s_server.pod.in | 11 +-- doc/man1/openssl-s_time.pod.in | 13 ++-- doc/man1/openssl-verify.pod.in | 15 ++-- doc/man1/openssl-x509.pod.in | 153 +-------------------------------------- doc/man1/openssl.pod | 150 ++++++++++++++++++++++++++++++++++++++ doc/perlvars.pm | 8 ++ 9 files changed, 184 insertions(+), 197 deletions(-) diff --git a/doc/man1/openssl-crl.pod.in b/doc/man1/openssl-crl.pod.in index 29d2ac25d5..680a11d06c 100644 --- a/doc/man1/openssl-crl.pod.in +++ b/doc/man1/openssl-crl.pod.in @@ -15,12 +15,12 @@ B B [B<-text>] [B<-in> I] [B<-out> I] -[B<-nameopt> I