diff options
Diffstat (limited to 'crypto')
108 files changed, 924 insertions, 465 deletions
diff --git a/crypto/aes/asm/aes-riscv32-zkn.pl b/crypto/aes/asm/aes-riscv32-zkn.pl index 6fac45184620..ed8f4a7f83aa 100644 --- a/crypto/aes/asm/aes-riscv32-zkn.pl +++ b/crypto/aes/asm/aes-riscv32-zkn.pl @@ -2,7 +2,7 @@ # This file is dual-licensed, meaning that you can use it under your # choice of either of the following two licenses: # -# Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You can obtain # a copy in the file LICENSE in the source distribution or at @@ -704,11 +704,6 @@ sub AES_set_common { my ($ke128, $ke192, $ke256) = @_; my $ret = ''; $ret .= <<___; - bnez $UKEY,1f # if (!userKey || !key) return -1; - bnez $KEYP,1f - li a0,-1 - ret -1: # Determine number of rounds from key size in bits li $T0,128 bne $BITS,$T0,1f diff --git a/crypto/aes/asm/aes-riscv64-zkn.pl b/crypto/aes/asm/aes-riscv64-zkn.pl index 0e8a1540c438..68c213e43e34 100644 --- a/crypto/aes/asm/aes-riscv64-zkn.pl +++ b/crypto/aes/asm/aes-riscv64-zkn.pl @@ -2,7 +2,7 @@ # This file is dual-licensed, meaning that you can use it under your # choice of either of the following two licenses: # -# Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You can obtain # a copy in the file LICENSE in the source distribution or at @@ -392,11 +392,6 @@ sub AES_set_common { my ($ke128, $ke192, $ke256) = @_; my $ret = ''; $ret .= <<___; - bnez $UKEY,1f # if (!userKey || !key) return -1; - bnez $KEYP,1f - li a0,-1 - ret -1: # Determine number of rounds from key size in bits li $T0,128 bne $BITS,$T0,1f diff --git a/crypto/aes/asm/aes-riscv64-zvkned.pl b/crypto/aes/asm/aes-riscv64-zvkned.pl index 4c0292781d9f..014fa6807d33 100644 --- a/crypto/aes/asm/aes-riscv64-zvkned.pl +++ b/crypto/aes/asm/aes-riscv64-zvkned.pl @@ -2,7 +2,7 @@ # This file is dual-licensed, meaning that you can use it under your # choice of either of the following two licenses: # -# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2023-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You can obtain # a copy in the file LICENSE in the source distribution or at @@ -828,9 +828,6 @@ $code .= <<___; .globl rv64i_zvkned_set_encrypt_key .type rv64i_zvkned_set_encrypt_key,\@function rv64i_zvkned_set_encrypt_key: - beqz $UKEY, L_fail_m1 - beqz $KEYP, L_fail_m1 - # Get proper routine for key size li $T0, 256 beq $BITS, $T0, L_set_key_256 @@ -847,9 +844,6 @@ $code .= <<___; .globl rv64i_zvkned_set_decrypt_key .type rv64i_zvkned_set_decrypt_key,\@function rv64i_zvkned_set_decrypt_key: - beqz $UKEY, L_fail_m1 - beqz $KEYP, L_fail_m1 - # Get proper routine for key size li $T0, 256 beq $BITS, $T0, L_set_key_256 @@ -1356,11 +1350,6 @@ ___ } $code .= <<___; -L_fail_m1: - li a0, -1 - ret -.size L_fail_m1,.-L_fail_m1 - L_fail_m2: li a0, -2 ret diff --git a/crypto/aes/asm/aes-riscv64.pl b/crypto/aes/asm/aes-riscv64.pl index 525eba4b4638..4bf9edae6858 100644 --- a/crypto/aes/asm/aes-riscv64.pl +++ b/crypto/aes/asm/aes-riscv64.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -773,11 +773,13 @@ AES_set_encrypt_key: ___ $code .= save_regs(); $code .= <<___; - bnez $UKEY,1f # if (!userKey || !key) return -1; - bnez $KEYP,1f + beqz $UKEY,1f # if (!userKey || !key) return -1; + beqz $KEYP,1f + j 2f +1: li a0,-1 ret -1: +2: la $RCON,AES_rcon la $TBL,AES_Te0 li $T8,128 diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index caa079fad0ec..2d50dc657bac 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -95,7 +95,7 @@ ASN1_SEQUENCE(asn1_int_oct) = { ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING) } static_ASN1_SEQUENCE_END(asn1_int_oct) - DECLARE_ASN1_ITEM(asn1_int_oct) +DECLARE_ASN1_ITEM(asn1_int_oct) int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, int len) @@ -158,7 +158,7 @@ ASN1_SEQUENCE(asn1_oct_int) = { ASN1_EMBED(asn1_oct_int, num, INT32) } static_ASN1_SEQUENCE_END(asn1_oct_int) - DECLARE_ASN1_ITEM(asn1_oct_int) +DECLARE_ASN1_ITEM(asn1_oct_int) int ossl_asn1_type_set_octetstring_int(ASN1_TYPE *a, long num, unsigned char *data, int len) diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 7b70d6c7a0cf..47f3a9802f82 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -52,6 +52,6 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = { ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) } static_ASN1_SEQUENCE_END(NETSCAPE_PKEY) - DECLARE_ASN1_FUNCTIONS(NETSCAPE_PKEY) +DECLARE_ASN1_FUNCTIONS(NETSCAPE_PKEY) DECLARE_ASN1_ENCODE_FUNCTIONS_name(NETSCAPE_PKEY, NETSCAPE_PKEY) IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_PKEY) diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c index b6d7eee3c95e..532740aab8a3 100644 --- a/crypto/asn1/p5_scrypt.c +++ b/crypto/asn1/p5_scrypt.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -44,7 +44,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, uint64_t p) { X509_ALGOR *scheme = NULL, *ret = NULL; - int alg_nid; + int alg_nid, ivlen; size_t keylen = 0; EVP_CIPHER_CTX *ctx = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; @@ -83,10 +83,11 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, } /* Create random IV */ - if (EVP_CIPHER_get_iv_length(cipher)) { + ivlen = EVP_CIPHER_get_iv_length(cipher); + if (ivlen > 0) { if (aiv) - memcpy(iv, aiv, EVP_CIPHER_get_iv_length(cipher)); - else if (RAND_bytes(iv, EVP_CIPHER_get_iv_length(cipher)) <= 0) + memcpy(iv, aiv, ivlen); + else if (RAND_bytes(iv, ivlen) <= 0) goto err; } diff --git a/crypto/bf/bf_cfb64.c b/crypto/bf/bf_cfb64.c index e380972dbdc9..f2d42eefba80 100644 --- a/crypto/bf/bf_cfb64.c +++ b/crypto/bf/bf_cfb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num, int encrypt) { register BF_LONG v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; BF_LONG ti[2]; unsigned char *iv, c, cc; diff --git a/crypto/bf/bf_ofb64.c b/crypto/bf/bf_ofb64.c index 5c9193add17e..2cd339dd27eb 100644 --- a/crypto/bf/bf_ofb64.c +++ b/crypto/bf/bf_ofb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,7 @@ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num) { register BF_LONG v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; unsigned char d[8]; register char *dp; diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index dd14c393d737..42bb0e861afe 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -1,5 +1,5 @@ /* - * Copyright 2005-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -961,7 +961,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(), "calling setsockopt()"); -#elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTU_DISCOVER) +#elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_PROBE) sockopt_val = num ? IPV6_PMTUDISC_PROBE : IPV6_PMTUDISC_DONT; if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &sockopt_val, sizeof(sockopt_val))) diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index c5bdda498bd0..6b8daeb95f90 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -202,8 +202,19 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_CTRL_INFO: if (b->flags & BIO_FLAGS_UPLINK_INTERNAL) ret = UP_ftell(b->ptr); - else + else { +#if defined(OPENSSL_SYS_WINDOWS) + /* + * On Windows, for non-seekable files (stdin), ftell() is undefined. + */ + if (GetFileType((HANDLE)_get_osfhandle(_fileno(fp))) != FILE_TYPE_DISK) + ret = -1; + else + ret = ftell(fp); +#else ret = ftell(fp); +#endif + } break; case BIO_C_SET_FILE_PTR: file_free(b); diff --git a/crypto/bn/asm/armv4-gf2m.pl b/crypto/bn/asm/armv4-gf2m.pl index 5733a0174660..923e6d4464d2 100644 --- a/crypto/bn/asm/armv4-gf2m.pl +++ b/crypto/bn/asm/armv4-gf2m.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2011-2023 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2011-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -37,7 +37,7 @@ # Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software # Polynomial Multiplication on ARM Processors using the NEON Engine. # -# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf +# https://conradoplg.modp.net/files/2010/12/mocrysen13.pdf # $output is the last argument if it looks like a file (it has an extension) # $flavour is the first argument if it doesn't look like a file diff --git a/crypto/bn/asm/rsaz-2k-avxifma.pl b/crypto/bn/asm/rsaz-2k-avxifma.pl index ea45d2051a70..b84a3e4f1954 100644 --- a/crypto/bn/asm/rsaz-2k-avxifma.pl +++ b/crypto/bn/asm/rsaz-2k-avxifma.pl @@ -1,4 +1,4 @@ -# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved. # Copyright (c) 2024, Intel Corporation. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use @@ -362,6 +362,23 @@ ossl_rsaz_amm52x20_x1_avxifma256: .cfi_push %r14 push %r15 .cfi_push %r15 +___ +$code.=<<___ if ($win64); + push %rsi # save non-volatile registers + push %rdi + lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment) + vmovapd %xmm6, `16*0`(%rsp) + vmovapd %xmm7, `16*1`(%rsp) + vmovapd %xmm8, `16*2`(%rsp) + vmovapd %xmm9, `16*3`(%rsp) + vmovapd %xmm10, `16*4`(%rsp) + vmovapd %xmm11, `16*5`(%rsp) + vmovapd %xmm12, `16*6`(%rsp) + vmovapd %xmm13, `16*7`(%rsp) + vmovapd %xmm14, `16*8`(%rsp) + vmovapd %xmm15, `16*9`(%rsp) +___ +$code.=<<___; .Lossl_rsaz_amm52x20_x1_avxifma256_body: # Zeroing accumulators @@ -401,6 +418,23 @@ $code.=<<___; vmovdqu $R2_0, `4*32`($res) vzeroupper +___ +$code.=<<___ if ($win64); + vmovapd `16*0`(%rsp), %xmm6 + vmovapd `16*1`(%rsp), %xmm7 + vmovapd `16*2`(%rsp), %xmm8 + vmovapd `16*3`(%rsp), %xmm9 + vmovapd `16*4`(%rsp), %xmm10 + vmovapd `16*5`(%rsp), %xmm11 + vmovapd `16*6`(%rsp), %xmm12 + vmovapd `16*7`(%rsp), %xmm13 + vmovapd `16*8`(%rsp), %xmm14 + vmovapd `16*9`(%rsp), %xmm15 + lea 168(%rsp), %rsp + pop %rdi + pop %rsi +___ +$code.=<<___; mov 0(%rsp),%r15 .cfi_restore %r15 mov 8(%rsp),%r14 @@ -553,6 +587,23 @@ ossl_rsaz_amm52x20_x2_avxifma256: .cfi_push %r14 push %r15 .cfi_push %r15 +___ +$code.=<<___ if ($win64); + push %rsi # save non-volatile registers + push %rdi + lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment) + vmovapd %xmm6, `16*0`(%rsp) + vmovapd %xmm7, `16*1`(%rsp) + vmovapd %xmm8, `16*2`(%rsp) + vmovapd %xmm9, `16*3`(%rsp) + vmovapd %xmm10, `16*4`(%rsp) + vmovapd %xmm11, `16*5`(%rsp) + vmovapd %xmm12, `16*6`(%rsp) + vmovapd %xmm13, `16*7`(%rsp) + vmovapd %xmm14, `16*8`(%rsp) + vmovapd %xmm15, `16*9`(%rsp) +___ +$code.=<<___; .Lossl_rsaz_amm52x20_x2_avxifma256_body: # Zeroing accumulators @@ -604,6 +655,23 @@ $code.=<<___; vmovdqu $R2_1, `9*32`($res) vzeroupper +___ +$code.=<<___ if ($win64); + vmovapd `16*0`(%rsp), %xmm6 + vmovapd `16*1`(%rsp), %xmm7 + vmovapd `16*2`(%rsp), %xmm8 + vmovapd `16*3`(%rsp), %xmm9 + vmovapd `16*4`(%rsp), %xmm10 + vmovapd `16*5`(%rsp), %xmm11 + vmovapd `16*6`(%rsp), %xmm12 + vmovapd `16*7`(%rsp), %xmm13 + vmovapd `16*8`(%rsp), %xmm14 + vmovapd `16*9`(%rsp), %xmm15 + lea 168(%rsp), %rsp + pop %rdi + pop %rsi +___ +$code.=<<___; mov 0(%rsp),%r15 .cfi_restore %r15 mov 8(%rsp),%r14 @@ -663,6 +731,23 @@ $code.=<<___; ossl_extract_multiplier_2x20_win5_avx: .cfi_startproc endbranch +___ +$code.=<<___ if ($win64); + push %rsi # save non-volatile registers + push %rdi + lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment) + vmovapd %xmm6, `16*0`(%rsp) + vmovapd %xmm7, `16*1`(%rsp) + vmovapd %xmm8, `16*2`(%rsp) + vmovapd %xmm9, `16*3`(%rsp) + vmovapd %xmm10, `16*4`(%rsp) + vmovapd %xmm11, `16*5`(%rsp) + vmovapd %xmm12, `16*6`(%rsp) + vmovapd %xmm13, `16*7`(%rsp) + vmovapd %xmm14, `16*8`(%rsp) + vmovapd %xmm15, `16*9`(%rsp) +___ +$code.=<<___; vmovapd .Lones(%rip), $ones # broadcast ones vmovq $red_tbl_idx1, $tmp_xmm vpbroadcastq $tmp_xmm, $idx1 @@ -709,6 +794,24 @@ foreach (0..9) { $code.="vmovdqu $t[$_], `${_}*32`($out) \n"; } $code.=<<___; + vzeroupper +___ +$code.=<<___ if ($win64); + vmovapd `16*0`(%rsp), %xmm6 + vmovapd `16*1`(%rsp), %xmm7 + vmovapd `16*2`(%rsp), %xmm8 + vmovapd `16*3`(%rsp), %xmm9 + vmovapd `16*4`(%rsp), %xmm10 + vmovapd `16*5`(%rsp), %xmm11 + vmovapd `16*6`(%rsp), %xmm12 + vmovapd `16*7`(%rsp), %xmm13 + vmovapd `16*8`(%rsp), %xmm14 + vmovapd `16*9`(%rsp), %xmm15 + lea 168(%rsp), %rsp + pop %rdi + pop %rsi +___ +$code.=<<___; ret .cfi_endproc .size ossl_extract_multiplier_2x20_win5_avx, .-ossl_extract_multiplier_2x20_win5_avx diff --git a/crypto/bn/asm/rsaz-3k-avxifma.pl b/crypto/bn/asm/rsaz-3k-avxifma.pl index a19cb5aaa309..1948d726b38b 100644 --- a/crypto/bn/asm/rsaz-3k-avxifma.pl +++ b/crypto/bn/asm/rsaz-3k-avxifma.pl @@ -1,4 +1,4 @@ -# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved. # Copyright (c) 2024, Intel Corporation. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use @@ -87,8 +87,6 @@ my ($res,$a,$b,$m,$k0) = @_6_args_universal_ABI; my $mask52 = "%rax"; my $acc0_0 = "%r9"; my $acc0_0_low = "%r9d"; -my $acc0_1 = "%r15"; -my $acc0_1_low = "%r15d"; my $b_ptr = "%r11"; my $iter = "%ebx"; @@ -741,7 +739,7 @@ $code.=<<___; vmovdqu $R3_0, `6*32`($res) vmovdqu $R3_0h, `7*32`($res) - xorl $acc0_1_low, $acc0_1_low + xorl $acc0_0_low, $acc0_0_low lea 16($b_ptr), $b_ptr movq \$0xfffffffffffff, $mask52 # 52-bit mask @@ -857,6 +855,23 @@ $code.=<<___; ossl_extract_multiplier_2x30_win5_avx: .cfi_startproc endbranch +___ +$code.=<<___ if ($win64); + push %rsi # save non-volatile registers + push %rdi + lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment) + vmovapd %xmm6, `16*0`(%rsp) + vmovapd %xmm7, `16*1`(%rsp) + vmovapd %xmm8, `16*2`(%rsp) + vmovapd %xmm9, `16*3`(%rsp) + vmovapd %xmm10, `16*4`(%rsp) + vmovapd %xmm11, `16*5`(%rsp) + vmovapd %xmm12, `16*6`(%rsp) + vmovapd %xmm13, `16*7`(%rsp) + vmovapd %xmm14, `16*8`(%rsp) + vmovapd %xmm15, `16*9`(%rsp) +___ +$code.=<<___; vmovapd .Lones(%rip), $ones # broadcast ones vmovq $red_tbl_idx1, $tmp_xmm vpbroadcastq $tmp_xmm, $idx1 @@ -930,6 +945,24 @@ foreach (8..15) { $code.="vmovdqu $t[$_], `${_}*32`($out) \n"; } +$code.=<<___; + vzeroupper +___ +$code.=<<___ if ($win64); + vmovapd `16*0`(%rsp), %xmm6 + vmovapd `16*1`(%rsp), %xmm7 + vmovapd `16*2`(%rsp), %xmm8 + vmovapd `16*3`(%rsp), %xmm9 + vmovapd `16*4`(%rsp), %xmm10 + vmovapd `16*5`(%rsp), %xmm11 + vmovapd `16*6`(%rsp), %xmm12 + vmovapd `16*7`(%rsp), %xmm13 + vmovapd `16*8`(%rsp), %xmm14 + vmovapd `16*9`(%rsp), %xmm15 + lea 168(%rsp), %rsp + pop %rdi + pop %rsi +___ $code.=<<___; diff --git a/crypto/bn/asm/rsaz-4k-avxifma.pl b/crypto/bn/asm/rsaz-4k-avxifma.pl index f15e2d74118c..9f299430cefc 100644 --- a/crypto/bn/asm/rsaz-4k-avxifma.pl +++ b/crypto/bn/asm/rsaz-4k-avxifma.pl @@ -1,4 +1,4 @@ -# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved. # Copyright (c) 2024, Intel Corporation. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use @@ -84,8 +84,6 @@ my ($res,$a,$b,$m,$k0) = @_6_args_universal_ABI; my $mask52 = "%rax"; my $acc0_0 = "%r9"; my $acc0_0_low = "%r9d"; -my $acc0_1 = "%r15"; -my $acc0_1_low = "%r15d"; my $b_ptr = "%r11"; my $iter = "%ebx"; @@ -834,7 +832,7 @@ $code.=<<___; vmovdqu $R4_0, `8*32`($res) vmovdqu $R4_0h, `9*32`($res) - xorl $acc0_1_low, $acc0_1_low + xorl $acc0_0_low, $acc0_0_low movq \$0xfffffffffffff, $mask52 @@ -975,6 +973,23 @@ $code.=<<___; ossl_extract_multiplier_2x40_win5_avx: .cfi_startproc endbranch +___ +$code.=<<___ if ($win64); + push %rsi # save non-volatile registers + push %rdi + lea -168(%rsp), %rsp # 16*10 + (8 bytes to get correct 16-byte SIMD alignment) + vmovapd %xmm6, `16*0`(%rsp) + vmovapd %xmm7, `16*1`(%rsp) + vmovapd %xmm8, `16*2`(%rsp) + vmovapd %xmm9, `16*3`(%rsp) + vmovapd %xmm10, `16*4`(%rsp) + vmovapd %xmm11, `16*5`(%rsp) + vmovapd %xmm12, `16*6`(%rsp) + vmovapd %xmm13, `16*7`(%rsp) + vmovapd %xmm14, `16*8`(%rsp) + vmovapd %xmm15, `16*9`(%rsp) +___ +$code.=<<___; vmovapd .Lones(%rip), $ones # broadcast ones vmovq $red_tbl_idx1, $tmp_xmm vpbroadcastq $tmp_xmm, $idx1 @@ -1002,6 +1017,24 @@ foreach (0..9) { $code.="vmovdqu $t[$_], `(10+$_)*32`($out) \n"; } $code.=<<___; + vzeroupper +___ +$code.=<<___ if ($win64); + vmovapd `16*0`(%rsp), %xmm6 + vmovapd `16*1`(%rsp), %xmm7 + vmovapd `16*2`(%rsp), %xmm8 + vmovapd `16*3`(%rsp), %xmm9 + vmovapd `16*4`(%rsp), %xmm10 + vmovapd `16*5`(%rsp), %xmm11 + vmovapd `16*6`(%rsp), %xmm12 + vmovapd `16*7`(%rsp), %xmm13 + vmovapd `16*8`(%rsp), %xmm14 + vmovapd `16*9`(%rsp), %xmm15 + lea 168(%rsp), %rsp + pop %rdi + pop %rsi +___ +$code.=<<___; ret .cfi_endproc diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl index fe51fcaf81c7..d438af562648 100644 --- a/crypto/bn/asm/sparcv9-mont.pl +++ b/crypto/bn/asm/sparcv9-mont.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -394,11 +394,11 @@ $code.=<<___; mulx $car1,$mul1,$car1 mulx $npj,$mul1,$acc1 + add $tmp1,$car0,$car0 add $tmp0,$car1,$car1 and $car0,$mask,$acc0 ld [$np+8],$npj ! np[2] srlx $car1,32,$car1 - add $tmp1,$car1,$car1 srlx $car0,32,$car0 add $acc0,$car1,$car1 and $car0,1,$sbit diff --git a/crypto/bn/bn_dh.c b/crypto/bn/bn_dh.c index 542c33d6a8d7..d069481e981b 100644 --- a/crypto/bn/bn_dh.c +++ b/crypto/bn/bn_dh.c @@ -1,5 +1,5 @@ /* - * Copyright 2014-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2014-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -14,7 +14,7 @@ #include "crypto/bn_dh.h" #if BN_BITS2 == 64 -#define BN_DEF(lo, hi) (BN_ULONG) hi << 32 | lo +#define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo #else #define BN_DEF(lo, hi) lo, hi #endif @@ -1387,37 +1387,37 @@ const BIGNUM ossl_bignum_const_2 = { }; make_dh_bn(dh1024_160_p) - make_dh_bn(dh1024_160_q) - make_dh_bn(dh1024_160_g) - make_dh_bn(dh2048_224_p) - make_dh_bn(dh2048_224_q) - make_dh_bn(dh2048_224_g) - make_dh_bn(dh2048_256_p) - make_dh_bn(dh2048_256_q) - make_dh_bn(dh2048_256_g) +make_dh_bn(dh1024_160_q) +make_dh_bn(dh1024_160_g) +make_dh_bn(dh2048_224_p) +make_dh_bn(dh2048_224_q) +make_dh_bn(dh2048_224_g) +make_dh_bn(dh2048_256_p) +make_dh_bn(dh2048_256_q) +make_dh_bn(dh2048_256_g) - make_dh_bn(ffdhe2048_p) - make_dh_bn(ffdhe2048_q) - make_dh_bn(ffdhe3072_p) - make_dh_bn(ffdhe3072_q) - make_dh_bn(ffdhe4096_p) - make_dh_bn(ffdhe4096_q) - make_dh_bn(ffdhe6144_p) - make_dh_bn(ffdhe6144_q) - make_dh_bn(ffdhe8192_p) - make_dh_bn(ffdhe8192_q) +make_dh_bn(ffdhe2048_p) +make_dh_bn(ffdhe2048_q) +make_dh_bn(ffdhe3072_p) +make_dh_bn(ffdhe3072_q) +make_dh_bn(ffdhe4096_p) +make_dh_bn(ffdhe4096_q) +make_dh_bn(ffdhe6144_p) +make_dh_bn(ffdhe6144_q) +make_dh_bn(ffdhe8192_p) +make_dh_bn(ffdhe8192_q) #ifndef FIPS_MODULE - make_dh_bn(modp_1536_p) - make_dh_bn(modp_1536_q) +make_dh_bn(modp_1536_p) +make_dh_bn(modp_1536_q) #endif - make_dh_bn(modp_2048_p) - make_dh_bn(modp_2048_q) - make_dh_bn(modp_3072_p) - make_dh_bn(modp_3072_q) - make_dh_bn(modp_4096_p) - make_dh_bn(modp_4096_q) - make_dh_bn(modp_6144_p) - make_dh_bn(modp_6144_q) - make_dh_bn(modp_8192_p) - make_dh_bn(modp_8192_q) +make_dh_bn(modp_2048_p) +make_dh_bn(modp_2048_q) +make_dh_bn(modp_3072_p) +make_dh_bn(modp_3072_q) +make_dh_bn(modp_4096_p) +make_dh_bn(modp_4096_q) +make_dh_bn(modp_6144_p) +make_dh_bn(modp_6144_q) +make_dh_bn(modp_8192_p) +make_dh_bn(modp_8192_q) diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index 58d38b9ebd2a..44931f803802 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -771,16 +771,16 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, typedef int (*bn_pwr5_mont_f)(BN_ULONG *tp, const BN_ULONG *np, const BN_ULONG *n0, const void *table, int power, int bits); - int bn_pwr5_mont_t4_8(BN_ULONG * tp, const BN_ULONG *np, + int bn_pwr5_mont_t4_8(BN_ULONG *tp, const BN_ULONG *np, const BN_ULONG *n0, const void *table, int power, int bits); - int bn_pwr5_mont_t4_16(BN_ULONG * tp, const BN_ULONG *np, + int bn_pwr5_mont_t4_16(BN_ULONG *tp, const BN_ULONG *np, const BN_ULONG *n0, const void *table, int power, int bits); - int bn_pwr5_mont_t4_24(BN_ULONG * tp, const BN_ULONG *np, + int bn_pwr5_mont_t4_24(BN_ULONG *tp, const BN_ULONG *np, const BN_ULONG *n0, const void *table, int power, int bits); - int bn_pwr5_mont_t4_32(BN_ULONG * tp, const BN_ULONG *np, + int bn_pwr5_mont_t4_32(BN_ULONG *tp, const BN_ULONG *np, const BN_ULONG *n0, const void *table, int power, int bits); static const bn_pwr5_mont_f pwr5_funcs[4] = { @@ -792,15 +792,15 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, typedef int (*bn_mul_mont_f)(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_8(BN_ULONG * rp, const BN_ULONG *ap, const void *bp, + int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_16(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_24(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_32(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0); static const bn_mul_mont_f mul_funcs[4] = { @@ -809,20 +809,20 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, }; bn_mul_mont_f mul_worker = mul_funcs[top / 16 - 1]; - void bn_mul_mont_vis3(BN_ULONG * rp, const BN_ULONG *ap, + void bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - void bn_mul_mont_t4(BN_ULONG * rp, const BN_ULONG *ap, + void bn_mul_mont_t4(BN_ULONG *rp, const BN_ULONG *ap, const void *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - void bn_mul_mont_gather5_t4(BN_ULONG * rp, const BN_ULONG *ap, + void bn_mul_mont_gather5_t4(BN_ULONG *rp, const BN_ULONG *ap, const void *table, const BN_ULONG *np, const BN_ULONG *n0, int num, int power); void bn_flip_n_scatter5_t4(const BN_ULONG *inp, size_t num, void *table, size_t power); - void bn_gather5_t4(BN_ULONG * out, size_t num, + void bn_gather5_t4(BN_ULONG *out, size_t num, void *table, size_t power); - void bn_flip_t4(BN_ULONG * dst, BN_ULONG * src, size_t num); + void bn_flip_t4(BN_ULONG *dst, BN_ULONG *src, size_t num); BN_ULONG *np = mont->N.d, *n0 = mont->n0; int stride = 5 * (6 - (top / 16 - 1)); /* multiple of 5, but less @@ -922,13 +922,13 @@ int bn_mod_exp_mont_fixed_top(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, * Given those inputs, |bn_mul_mont| may not give reduced * output, but it will still produce "almost" reduced output. */ - void bn_mul_mont_gather5(BN_ULONG * rp, const BN_ULONG *ap, + void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap, const void *table, const BN_ULONG *np, const BN_ULONG *n0, int num, int power); void bn_scatter5(const BN_ULONG *inp, size_t num, void *table, size_t power); - void bn_gather5(BN_ULONG * out, size_t num, void *table, size_t power); - void bn_power5(BN_ULONG * rp, const BN_ULONG *ap, + void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power); + void bn_power5(BN_ULONG *rp, const BN_ULONG *ap, const void *table, const BN_ULONG *np, const BN_ULONG *n0, int num, int power); int bn_get_bits5(const BN_ULONG *ap, int off); diff --git a/crypto/bn/bn_local.h b/crypto/bn/bn_local.h index 45b545bce3dd..9ebadfd76e79 100644 --- a/crypto/bn/bn_local.h +++ b/crypto/bn/bn_local.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -387,7 +387,7 @@ struct bn_gencb_st { #elif defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT)) #if defined(__DECC) #include <c_asm.h> -#define BN_UMULT_HIGH(a, b) (BN_ULONG) asm("umulh %a0,%a1,%v0", (a), (b)) +#define BN_UMULT_HIGH(a, b) (BN_ULONG)asm("umulh %a0,%a1,%v0", (a), (b)) #elif defined(__GNUC__) && __GNUC__ >= 2 #define BN_UMULT_HIGH(a, b) ({ \ register BN_ULONG ret; \ diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 1527ac10fb1b..72e935c52fb9 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,10 +8,9 @@ */ /* - * Details about Montgomery multiplication algorithms can be found at - * http://security.ece.orst.edu/publications.html, e.g. - * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and - * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf + * Details about Montgomery multiplication algorithms can be found in + * https://www.microsoft.com/en-us/research/wp-content/uploads/1996/01/j37acmon.pdf + * and https://cetinkayakoc.net/docs/r01.pdf */ #include "internal/cryptlib.h" diff --git a/crypto/bn/bn_ppc.c b/crypto/bn/bn_ppc.c index 049ffa50da98..8ef52a30c1a4 100644 --- a/crypto/bn/bn_ppc.c +++ b/crypto/bn/bn_ppc.c @@ -1,5 +1,5 @@ /* - * Copyright 2009-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2009-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -15,14 +15,14 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num) { - int bn_mul_mont_int(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp, + int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul4x_mont_int(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp, + int bn_mul4x_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul_mont_fixed_n6(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul_mont_300_fixed_n6(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_300_fixed_n6(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 0c38e2ccd207..08f889e59799 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -30,7 +30,7 @@ static int bn_is_prime_int(const BIGNUM *w, int checks, BN_CTX *ctx, #define square(x) ((BN_ULONG)(x) * (BN_ULONG)(x)) #if BN_BITS2 == 64 -#define BN_DEF(lo, hi) (BN_ULONG) hi << 32 | lo +#define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo #else #define BN_DEF(lo, hi) lo, hi #endif diff --git a/crypto/bn/bn_rsa_fips186_4.c b/crypto/bn/bn_rsa_fips186_4.c index c2574167d06d..08def7f13c98 100644 --- a/crypto/bn/bn_rsa_fips186_4.c +++ b/crypto/bn/bn_rsa_fips186_4.c @@ -1,5 +1,5 @@ /* - * Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -29,7 +29,7 @@ #include "internal/nelem.h" #if BN_BITS2 == 64 -#define BN_DEF(lo, hi) (BN_ULONG) hi << 32 | lo +#define BN_DEF(lo, hi) (BN_ULONG)hi << 32 | lo #else #define BN_DEF(lo, hi) lo, hi #endif diff --git a/crypto/bn/bn_sparc.c b/crypto/bn/bn_sparc.c index a236e42dfae9..7c902191d773 100644 --- a/crypto/bn/bn_sparc.c +++ b/crypto/bn/bn_sparc.c @@ -1,5 +1,5 @@ /* - * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -16,11 +16,11 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num) { - int bn_mul_mont_vis3(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp, + int bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul_mont_fpu(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp, + int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); - int bn_mul_mont_int(BN_ULONG * rp, const BN_ULONG *ap, const BN_ULONG *bp, + int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num); if (!(num & 1) && num >= 6) { @@ -29,16 +29,16 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_8(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_16(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_24(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0); - int bn_mul_mont_t4_32(BN_ULONG * rp, const BN_ULONG *ap, + int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0); static const bn_mul_mont_f funcs[4] = { diff --git a/crypto/bsearch.c b/crypto/bsearch.c index 192ccbeb916f..c2ab0b812595 100644 --- a/crypto/bsearch.c +++ b/crypto/bsearch.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -23,7 +23,7 @@ const void *ossl_bsearch(const void *key, const void *base, int num, l = 0; h = num; while (l < h) { - i = (l + h) / 2; + i = l + (h - l) / 2; p = &(base_[i * size]); c = (*cmp)(key, p); if (c < 0) diff --git a/crypto/cast/c_cfb64.c b/crypto/cast/c_cfb64.c index 4170f77a78eb..3de52f56af46 100644 --- a/crypto/cast/c_cfb64.c +++ b/crypto/cast/c_cfb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num, int enc) { register CAST_LONG v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; CAST_LONG ti[2]; unsigned char *iv, c, cc; diff --git a/crypto/cast/c_ofb64.c b/crypto/cast/c_ofb64.c index 431446ab5fb7..dbd6e02729d2 100644 --- a/crypto/cast/c_ofb64.c +++ b/crypto/cast/c_ofb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,7 @@ void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num) { register CAST_LONG v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; unsigned char d[8]; register char *dp; diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index ec865b243789..d6a4230d243e 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -1,5 +1,5 @@ /* - * Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright Nokia 2007-2019 * Copyright Siemens AG 2015-2019 * @@ -149,6 +149,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, int time_left; OSSL_CMP_transfer_cb_t transfer_cb = ctx->transfer_cb; + ctx->status = OSSL_CMP_PKISTATUS_trans; #ifndef OPENSSL_NO_HTTP if (transfer_cb == NULL) transfer_cb = OSSL_CMP_MSG_http_perform; @@ -175,7 +176,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, /* should print error queue since transfer_cb may call ERR_clear_error() */ OSSL_CMP_CTX_print_errors(ctx); - if (ctx->server != NULL) + if (ctx->server != NULL || ctx->transfer_cb != NULL) ossl_cmp_log1(INFO, ctx, "sending %s", req_type_str); *rep = (*transfer_cb)(ctx, req); @@ -189,6 +190,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, return 0; } + ctx->status = OSSL_CMP_PKISTATUS_checking_response; bt = OSSL_CMP_MSG_get_bodytype(*rep); /* * The body type in the 'bt' variable is not yet verified. @@ -284,11 +286,15 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, "received 'waiting' PKIStatus, starting to poll for response"); *rep = NULL; for (;;) { + int bak = ctx->status; + + ctx->status = OSSL_CMP_PKISTATUS_request; if ((preq = ossl_cmp_pollReq_new(ctx, rid)) == NULL) goto err; if (!send_receive_check(ctx, preq, &prep, OSSL_CMP_PKIBODY_POLLREP)) goto err; + ctx->status = bak; /* handle potential pollRep */ if (OSSL_CMP_MSG_get_bodytype(prep) == OSSL_CMP_PKIBODY_POLLREP) { @@ -344,6 +350,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, int64_t time_left = (int64_t)(ctx->end_time - exp - time(NULL)); if (time_left <= 0) { + ctx->status = OSSL_CMP_PKISTATUS_trans; ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT); goto err; } @@ -455,7 +462,9 @@ int ossl_cmp_exchange_certConf(OSSL_CMP_CTX *ctx, int certReqId, OSSL_CMP_MSG *certConf; OSSL_CMP_MSG *PKIconf = NULL; int res = 0; + int bak = ctx->status; + ctx->status = OSSL_CMP_PKISTATUS_request; /* OSSL_CMP_certConf_new() also checks if all necessary options are set */ certConf = ossl_cmp_certConf_new(ctx, certReqId, fail_info, txt); if (certConf == NULL) @@ -464,6 +473,9 @@ int ossl_cmp_exchange_certConf(OSSL_CMP_CTX *ctx, int certReqId, res = send_receive_also_delayed(ctx, certConf, &PKIconf, OSSL_CMP_PKIBODY_PKICONF); + if (res) + ctx->status = bak; + err: OSSL_CMP_MSG_free(certConf); OSSL_CMP_MSG_free(PKIconf); @@ -479,6 +491,7 @@ int ossl_cmp_exchange_error(OSSL_CMP_CTX *ctx, int status, int fail_info, OSSL_CMP_MSG *PKIconf = NULL; int res = 0; + ctx->status = OSSL_CMP_PKISTATUS_request; /* not overwriting ctx->status on error exchange */ if ((si = OSSL_CMP_STATUSINFO_new(status, fail_info, txt)) == NULL) goto err; @@ -488,6 +501,7 @@ int ossl_cmp_exchange_error(OSSL_CMP_CTX *ctx, int status, int fail_info, res = send_receive_also_delayed(ctx, error, &PKIconf, OSSL_CMP_PKIBODY_PKICONF); + ctx->status = OSSL_CMP_PKISTATUS_rejected_by_client; err: OSSL_CMP_MSG_free(error); @@ -790,7 +804,7 @@ retry: ERR_raise_data(ERR_LIB_CMP, CMP_R_CERTIFICATE_NOT_ACCEPTED, "rejecting newly enrolled cert with subject: %s; %s", subj, txt); - ctx->status = OSSL_CMP_PKISTATUS_rejection; + ctx->status = OSSL_CMP_PKISTATUS_rejected_by_client; ret = 0; } OPENSSL_free(subj); @@ -812,7 +826,6 @@ static int initial_certreq(OSSL_CMP_CTX *ctx, if ((req = ossl_cmp_certreq_new(ctx, req_type, crm)) == NULL) return 0; - ctx->status = OSSL_CMP_PKISTATUS_trans; res = send_receive_check(ctx, req, p_rep, rep_type); OSSL_CMP_MSG_free(req); return res; @@ -918,7 +931,6 @@ int OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx) if ((rr = ossl_cmp_rr_new(ctx)) == NULL) goto end; - ctx->status = OSSL_CMP_PKISTATUS_trans; if (!send_receive_also_delayed(ctx, rr, &rp, OSSL_CMP_PKIBODY_RP)) goto end; @@ -1038,7 +1050,6 @@ STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx) if ((genm = ossl_cmp_genm_new(ctx)) == NULL) goto err; - ctx->status = OSSL_CMP_PKISTATUS_trans; if (!send_receive_also_delayed(ctx, genm, &genp, OSSL_CMP_PKIBODY_GENP)) goto err; ctx->status = OSSL_CMP_PKISTATUS_accepted; diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index 947374d4ec2e..7fdc478cf8f2 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -1,5 +1,5 @@ /* - * Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright Nokia 2007-2019 * Copyright Siemens AG 2015-2019 * @@ -742,7 +742,7 @@ DEFINE_OSSL_set1_up_ref(OSSL_CMP_CTX, oldCert, X509) */ DEFINE_OSSL_set0(ossl_cmp_ctx, newCert, X509) - /* Get successfully validated server cert, if any, of current transaction */ + /* Get successfully validated sender cert, if any, of current transaction */ DEFINE_OSSL_CMP_CTX_get0(validatedSrvCert, X509) /* diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h index 4b98b8cb78ff..3542256e0bca 100644 --- a/crypto/cmp/cmp_local.h +++ b/crypto/cmp/cmp_local.h @@ -1,5 +1,5 @@ /* - * Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright Nokia 2007-2019 * Copyright Siemens AG 2015-2019 * @@ -66,7 +66,7 @@ struct ossl_cmp_ctx_st { int unprotectedErrors; int noCacheExtraCerts; X509 *srvCert; /* certificate used to identify the server */ - X509 *validatedSrvCert; /* caches any already validated server cert */ + X509 *validatedSrvCert; /* caches any already validated sender cert */ X509_NAME *expected_sender; /* expected sender in header of response */ X509_STORE *trusted; /* trust store maybe w CRLs and cert verify callback */ STACK_OF(X509) *untrusted; /* untrusted (intermediate CA) certs */ diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index 873bee8b6ad3..eaa700d139d1 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -1,5 +1,5 @@ /* - * Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2007-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright Nokia 2007-2020 * Copyright Siemens AG 2015-2020 * @@ -363,13 +363,12 @@ err: return valid; } +/* checks protection of msg but not cert revocation nor cert chain */ static int check_msg_given_cert(const OSSL_CMP_CTX *ctx, X509 *cert, const OSSL_CMP_MSG *msg) { return cert_acceptable(ctx, "previously validated", "sender cert", - cert, NULL, NULL, msg) - && (check_cert_path(ctx, ctx->trusted, cert) - || check_cert_path_3gpp(ctx, msg, cert)); + cert, NULL, NULL, msg); } /*- @@ -479,22 +478,26 @@ static int check_msg_find_cert(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg) (void)ERR_set_mark(); ctx->log_cb = NULL; /* temporarily disable logging */ - /* - * try first cached scrt, used successfully earlier in same transaction, - * for validating this and any further msgs where extraCerts may be left out - */ if (scrt != NULL) { + /*- + * try first using cached message sender cert (in 'scrt' variable), + * which was used successfully earlier in the same transaction + * (assuming that the certificate itself was not revoked meanwhile and + * is a good guess for use in validating also the current message) + */ if (check_msg_given_cert(ctx, scrt, msg)) { ctx->log_cb = backup_log_cb; (void)ERR_pop_to_mark(); return 1; } /* cached sender cert has shown to be no more successfully usable */ - (void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL); /* re-do the above check (just) for adding diagnostic information */ ossl_cmp_info(ctx, "trying to verify msg signature with previously validated cert"); + ctx->log_cb = backup_log_cb; (void)check_msg_given_cert(ctx, scrt, msg); + ctx->log_cb = NULL; + (void)ossl_cmp_ctx_set1_validatedSrvCert(ctx, NULL); /* this invalidates scrt */ } res = check_msg_all_certs(ctx, msg, 0 /* using ctx->trusted */) @@ -628,7 +631,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg) scrt = ctx->srvCert; if (scrt == NULL) { if (ctx->trusted == NULL && ctx->secretValue != NULL) { - ossl_cmp_info(ctx, "no trust store nor pinned server cert available for verifying signature-based CMP message protection"); + ossl_cmp_info(ctx, "no trust store nor pinned sender cert available for verifying signature-based CMP message protection"); ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR); return 0; } @@ -642,7 +645,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg) /* use ctx->srvCert for signature check even if not acceptable */ if (verify_signature(ctx, msg, scrt)) { ossl_cmp_debug(ctx, - "successfully validated signature-based CMP message protection using pinned server cert"); + "successfully validated signature-based CMP message protection using pinned sender cert"); return ossl_cmp_ctx_set1_validatedSrvCert(ctx, scrt); } ossl_cmp_warn(ctx, "CMP message signature verification failed"); diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c index 580850bc9395..fb87f6c6ad27 100644 --- a/crypto/cms/cms_asn1.c +++ b/crypto/cms/cms_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -23,7 +23,7 @@ ASN1_SEQUENCE(CMS_OtherCertificateFormat) = { ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY) } static_ASN1_SEQUENCE_END(CMS_OtherCertificateFormat) - ASN1_CHOICE(CMS_CertificateChoices) +ASN1_CHOICE(CMS_CertificateChoices) = { ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509), ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0), ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1), ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2), ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3) } ASN1_CHOICE_END(CMS_CertificateChoices) ASN1_CHOICE(CMS_SignerIdentifier) = { @@ -31,11 +31,11 @@ ASN1_CHOICE(CMS_SignerIdentifier) = { ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0) } static_ASN1_CHOICE_END(CMS_SignerIdentifier) - ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) +ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = { ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT), ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0) } static_ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo) - /* Minor tweak to operation: free up signer key, cert */ - static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) +/* Minor tweak to operation: free up signer key, cert */ +static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { if (operation == ASN1_OP_FREE_POST) { CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; @@ -62,7 +62,7 @@ ASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = { ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY) } static_ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat) - ASN1_CHOICE(CMS_RevocationInfoChoice) +ASN1_CHOICE(CMS_RevocationInfoChoice) = { ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL), ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1) } ASN1_CHOICE_END(CMS_RevocationInfoChoice) ASN1_NDEF_SEQUENCE(CMS_SignedData) = { @@ -80,7 +80,7 @@ ASN1_SEQUENCE(CMS_OriginatorInfo) = { ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) } static_ASN1_SEQUENCE_END(CMS_OriginatorInfo) - static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) +static int cms_ec_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { CMS_EncryptedContentInfo *ec = (CMS_EncryptedContentInfo *)*pval; @@ -118,7 +118,7 @@ ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = { ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0) } static_ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier) - static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) +static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval; if (operation == ASN1_OP_FREE_POST) { @@ -143,7 +143,7 @@ ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = { ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1) } static_ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey) - static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) +static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval; if (operation == ASN1_OP_NEW_POST) { @@ -173,7 +173,7 @@ ASN1_SEQUENCE(CMS_KEKIdentifier) = { ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute) } static_ASN1_SEQUENCE_END(CMS_KEKIdentifier) - ASN1_SEQUENCE(CMS_KEKRecipientInfo) +ASN1_SEQUENCE(CMS_KEKRecipientInfo) = { ASN1_EMBED(CMS_KEKRecipientInfo, version, INT32), ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(CMS_KEKRecipientInfo) ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = { @@ -188,8 +188,8 @@ ASN1_SEQUENCE(CMS_OtherRecipientInfo) = { ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY) } static_ASN1_SEQUENCE_END(CMS_OtherRecipientInfo) - /* Free up RecipientInfo additional data */ - static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) +/* Free up RecipientInfo additional data */ +static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { if (operation == ASN1_OP_FREE_PRE) { CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; @@ -262,7 +262,7 @@ ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = { ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3) } static_ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData) - ASN1_NDEF_SEQUENCE(CMS_CompressedData) +ASN1_NDEF_SEQUENCE(CMS_CompressedData) = { ASN1_EMBED(CMS_CompressedData, version, INT32), ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR), @@ -348,7 +348,7 @@ ASN1_CHOICE(CMS_ReceiptsFrom) = { ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1) } static_ASN1_CHOICE_END(CMS_ReceiptsFrom) - ASN1_SEQUENCE(CMS_ReceiptRequest) +ASN1_SEQUENCE(CMS_ReceiptRequest) = { ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING), ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom), ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES) } ASN1_SEQUENCE_END(CMS_ReceiptRequest) ASN1_SEQUENCE(CMS_Receipt) = { @@ -375,7 +375,7 @@ ASN1_SEQUENCE(CMS_SharedInfo) = { ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2), } static_ASN1_SEQUENCE_END(CMS_SharedInfo) - int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, ASN1_OCTET_STRING *ukm, int keylen) +int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, ASN1_OCTET_STRING *ukm, int keylen) { union { CMS_SharedInfo *pecsi; diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c index ab3453d1c7c1..9c0b3c85e173 100644 --- a/crypto/cms/cms_dh.c +++ b/crypto/cms/cms_dh.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -89,16 +89,21 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) int keylen, plen; EVP_CIPHER *kekcipher = NULL; EVP_CIPHER_CTX *kekctx; + const ASN1_OBJECT *aoid; + const void *parameter = NULL; + int ptype = 0; char name[OSSL_MAX_NAME_SIZE]; if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) goto err; + X509_ALGOR_get0(&aoid, &ptype, ¶meter, alg); + /* * For DH we only have one OID permissible. If ever any more get defined * we will need something cleverer. */ - if (OBJ_obj2nid(alg->algorithm) != NID_id_smime_alg_ESDH) { + if (OBJ_obj2nid(aoid) != NID_id_smime_alg_ESDH) { ERR_raise(ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR); goto err; } @@ -107,11 +112,11 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) || EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0) goto err; - if (alg->parameter->type != V_ASN1_SEQUENCE) + if (ptype != V_ASN1_SEQUENCE) goto err; - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; + p = ASN1_STRING_get0_data(parameter); + plen = ASN1_STRING_length(parameter); kekalg = d2i_X509_ALGOR(NULL, &p, plen); if (kekalg == NULL) goto err; diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index ff8adad61668..917bf784daeb 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -166,21 +166,27 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) int plen, keylen; EVP_CIPHER *kekcipher = NULL; EVP_CIPHER_CTX *kekctx; + const ASN1_OBJECT *aoid = NULL; + int ptype = 0; + const void *parameter = NULL; + char name[OSSL_MAX_NAME_SIZE]; if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) return 0; - if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) { + X509_ALGOR_get0(&aoid, &ptype, ¶meter, alg); + + if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(aoid))) { ERR_raise(ERR_LIB_CMS, CMS_R_KDF_PARAMETER_ERROR); return 0; } - if (alg->parameter->type != V_ASN1_SEQUENCE) + if (ptype != V_ASN1_SEQUENCE) return 0; - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; + p = ASN1_STRING_get0_data(parameter); + plen = ASN1_STRING_length(parameter); kekalg = d2i_X509_ALGOR(NULL, &p, plen); if (kekalg == NULL) goto err; diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h index b412a74c7773..94496b3823ef 100644 --- a/crypto/cms/cms_local.h +++ b/crypto/cms/cms_local.h @@ -1,5 +1,5 @@ /* - * Copyright 2008-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -35,8 +35,7 @@ typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey; typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey; typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo; typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier; -typedef struct CMS_KeyAgreeRecipientIdentifier_st - CMS_KeyAgreeRecipientIdentifier; +typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier; typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier; typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo; typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo; diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c index 6b65842cc14e..9bf8284a8272 100644 --- a/crypto/cms/cms_rsa.c +++ b/crypto/cms/cms_rsa.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -42,10 +42,13 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri) X509_ALGOR *cmsalg; int nid; int rv = -1; - unsigned char *label = NULL; + const unsigned char *label = NULL; int labellen = 0; const EVP_MD *mgf1md = NULL, *md = NULL; RSA_OAEP_PARAMS *oaep; + const ASN1_OBJECT *aoid; + const void *parameter = NULL; + int ptype = 0; pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri); if (pkctx == NULL) @@ -75,21 +78,19 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri) goto err; if (oaep->pSourceFunc != NULL) { - X509_ALGOR *plab = oaep->pSourceFunc; + X509_ALGOR_get0(&aoid, &ptype, ¶meter, oaep->pSourceFunc); - if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) { + if (OBJ_obj2nid(aoid) != NID_pSpecified) { ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_LABEL_SOURCE); goto err; } - if (plab->parameter->type != V_ASN1_OCTET_STRING) { + if (ptype != V_ASN1_OCTET_STRING) { ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_LABEL); goto err; } - label = plab->parameter->value.octet_string->data; - /* Stop label being freed when OAEP parameters are freed */ - plab->parameter->value.octet_string->data = NULL; - labellen = plab->parameter->value.octet_string->length; + label = ASN1_STRING_get0_data(parameter); + labellen = ASN1_STRING_length(parameter); } if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0) @@ -98,10 +99,16 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri) goto err; if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) goto err; - if (label != NULL - && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) { - OPENSSL_free(label); - goto err; + if (label != NULL) { + unsigned char *dup_label = OPENSSL_memdup(label, labellen); + + if (dup_label == NULL) + goto err; + + if (EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, dup_label, labellen) <= 0) { + OPENSSL_free(dup_label); + goto err; + } } /* Carry on */ rv = 1; diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index 920464b3deec..4b5009b9d5bf 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -474,8 +474,10 @@ err: } else { if (dcont && (tmpin == dcont)) do_free_upto(cmsbio, dcont); - else + else if (cmsbio != NULL) BIO_free_all(cmsbio); + else + BIO_free(tmpin); } if (out != tmpout) diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index 6efd95283e9e..3bd750144cec 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -314,7 +314,7 @@ char *NCONF_get_string(const CONF *conf, const char *group, const char *name) return NULL; } ERR_raise_data(ERR_LIB_CONF, CONF_R_NO_VALUE, - "group=%s name=%s", group, name); + "group=%s name=%s", group != NULL ? group : "", name); return NULL; } diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index adc0c5f36969..4ed7d9fd76cf 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -395,7 +395,7 @@ static CONF_MODULE *module_find(const char *name) { CONF_MODULE *tmod; int i, nchar; - char *p; + const char *p; STACK_OF(CONF_MODULE) *mods; p = strrchr(name, '.'); diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c index 26613a05fe8a..b73c805f1810 100644 --- a/crypto/des/cfb64ede.c +++ b/crypto/des/cfb64ede.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -28,7 +28,7 @@ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, { register DES_LONG v0, v1; register long l = length; - register int n = *num; + register int n = *num & 0x07; DES_LONG ti[2]; unsigned char *iv, c, cc; diff --git a/crypto/des/cfb64enc.c b/crypto/des/cfb64enc.c index 3ddd6819e2ed..c27400a97987 100644 --- a/crypto/des/cfb64enc.c +++ b/crypto/des/cfb64enc.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out, { register DES_LONG v0, v1; register long l = length; - register int n = *num; + register int n = *num & 0x07; DES_LONG ti[2]; unsigned char *iv, c, cc; diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c index b0f9f0441cfb..c3bb7d7e1b36 100644 --- a/crypto/des/ofb64ede.c +++ b/crypto/des/ofb64ede.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,7 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in, DES_key_schedule *k3, DES_cblock *ivec, int *num) { register DES_LONG v0, v1; - register int n = *num; + register int n = *num & 0x07; register long l = length; DES_cblock d; register char *dp; diff --git a/crypto/des/ofb64enc.c b/crypto/des/ofb64enc.c index df4e2077e96c..84b99d9d8ff7 100644 --- a/crypto/des/ofb64enc.c +++ b/crypto/des/ofb64enc.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,7 +25,7 @@ void DES_ofb64_encrypt(register const unsigned char *in, DES_key_schedule *schedule, DES_cblock *ivec, int *num) { register DES_LONG v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; DES_cblock d; register unsigned char *dp; diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index af78e2e84bf8..10bcdd2253f3 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -76,7 +76,7 @@ ASN1_SEQUENCE(DHvparams) = { ASN1_SIMPLE(int_dhvparams, counter, BIGNUM) } static_ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams) - ASN1_SEQUENCE(DHxparams) +ASN1_SEQUENCE(DHxparams) = { ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM), ASN1_SIMPLE(int_dhx942_dh, g, BIGNUM), @@ -85,8 +85,7 @@ ASN1_SEQUENCE(DHvparams) = { ASN1_OPT(int_dhx942_dh, vparams, DHvparams), } static_ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams) - int_dhx942_dh - * d2i_int_dhx(int_dhx942_dh * *a, const unsigned char **pp, long length); +int_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a, const unsigned char **pp, long length); int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp); IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx) diff --git a/crypto/dh/dh_rfc5114.c b/crypto/dh/dh_rfc5114.c index 366776ce4ee3..67a9198a7071 100644 --- a/crypto/dh/dh_rfc5114.c +++ b/crypto/dh/dh_rfc5114.c @@ -1,5 +1,5 @@ /* - * Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2011-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -43,5 +43,5 @@ } make_dh(1024_160) - make_dh(2048_224) - make_dh(2048_256) +make_dh(2048_224) +make_dh(2048_256) diff --git a/crypto/dllmain.c b/crypto/dllmain.c index 152587870541..f2b72df89941 100644 --- a/crypto/dllmain.c +++ b/crypto/dllmain.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -35,7 +35,9 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) case DLL_THREAD_ATTACH: break; case DLL_THREAD_DETACH: +#ifndef __CYGWIN__ OPENSSL_thread_stop(); +#endif break; case DLL_PROCESS_DETACH: break; diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 3366610a9fdc..9ebc7cc2596d 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -47,7 +47,7 @@ ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { ASN1_SIMPLE(DSA, priv_key, CBIGNUM) } static_ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey) - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey) ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, params.p, BIGNUM), @@ -55,7 +55,7 @@ ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { ASN1_SIMPLE(DSA, params.g, BIGNUM), } static_ASN1_SEQUENCE_END_cb(DSA, DSAparams) - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams) ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = { ASN1_SIMPLE(DSA, pub_key, BIGNUM), @@ -64,7 +64,7 @@ ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = { ASN1_SIMPLE(DSA, params.g, BIGNUM) } static_ASN1_SEQUENCE_END_cb(DSA, DSAPublicKey) - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey) DSA *DSAparams_dup(const DSA *dsa) { diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index bfd0242c6f56..6b44b8068f9e 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -105,7 +105,7 @@ ASN1_SEQUENCE(X9_62_PENTANOMIAL) = { ASN1_EMBED(X9_62_PENTANOMIAL, k3, INT32) } static_ASN1_SEQUENCE_END(X9_62_PENTANOMIAL) - DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) +DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY); @@ -122,7 +122,7 @@ ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = { ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO) } static_ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO) - DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) +DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY); @@ -137,10 +137,10 @@ ASN1_SEQUENCE(X9_62_FIELDID) = { ASN1_ADB_OBJECT(X9_62_FIELDID) } static_ASN1_SEQUENCE_END(X9_62_FIELDID) - ASN1_SEQUENCE(X9_62_CURVE) +ASN1_SEQUENCE(X9_62_CURVE) = { ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING), ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING), ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING) } static_ASN1_SEQUENCE_END(X9_62_CURVE) - ASN1_SEQUENCE(ECPARAMETERS) +ASN1_SEQUENCE(ECPARAMETERS) = { ASN1_EMBED(ECPARAMETERS, version, INT32), ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID), ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE), ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING), ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER), ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER) } ASN1_SEQUENCE_END(ECPARAMETERS) DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS) @@ -163,7 +163,7 @@ ASN1_SEQUENCE(EC_PRIVATEKEY) = { ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) } static_ASN1_SEQUENCE_END(EC_PRIVATEKEY) - DECLARE_ASN1_FUNCTIONS(EC_PRIVATEKEY) +DECLARE_ASN1_FUNCTIONS(EC_PRIVATEKEY) DECLARE_ASN1_ENCODE_FUNCTIONS_name(EC_PRIVATEKEY, EC_PRIVATEKEY) IMPLEMENT_ASN1_FUNCTIONS(EC_PRIVATEKEY) diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index a11296002195..98cf12f36c0e 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -50,7 +50,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) * ECC domain parameter validation. * See SP800-56A R3 5.5.2 "Assurances of Domain-Parameter Validity" Part 1b. */ - return EC_GROUP_check_named_curve(group, 1, ctx) >= 0 ? 1 : 0; + return EC_GROUP_check_named_curve(group, 1, ctx) > 0 ? 1 : 0; #else int ret = 0; const BIGNUM *order; diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 13dcd29b115c..2a5f93de1fdb 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -175,6 +175,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) dest->libctx = src->libctx; dest->curve_name = src->curve_name; + EC_pre_comp_free(dest); + /* Copy precomputed */ dest->pre_comp_type = src->pre_comp_type; switch (src->pre_comp_type) { diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index 789ba9b87a4f..76841f4ad3cf 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -40,6 +40,7 @@ #include "crypto/cmperr.h" #include "crypto/cterr.h" #include "crypto/asyncerr.h" +#include "crypto/sm2err.h" #include "crypto/storeerr.h" #include "crypto/esserr.h" #include "internal/propertyerr.h" @@ -104,6 +105,9 @@ int ossl_err_load_crypto_strings(void) #endif || ossl_err_load_ESS_strings() == 0 || ossl_err_load_ASYNC_strings() == 0 +#ifndef OPENSSL_NO_SM2 + || ossl_err_load_SM2_strings() == 0 +#endif || ossl_err_load_OSSL_STORE_strings() == 0 || ossl_err_load_PROP_strings() == 0 || ossl_err_load_PROV_strings() == 0 diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 1c362d15f3c8..5b2ea1c4a4e6 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1,4 +1,4 @@ -# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -848,6 +848,7 @@ EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE:191:xts data unit is too large EVP_R_XTS_DUPLICATED_KEYS:192:xts duplicated keys HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN:108:asn1 len exceeds max resp len HTTP_R_CONNECT_FAILURE:100:connect failure +HTTP_R_CONTENT_TYPE_MISMATCH:131:content type mismatch HTTP_R_ERROR_PARSING_ASN1_LENGTH:109:error parsing asn1 length HTTP_R_ERROR_PARSING_CONTENT_LENGTH:119:error parsing content length HTTP_R_ERROR_PARSING_URL:101:error parsing url diff --git a/crypto/ess/ess_asn1.c b/crypto/ess/ess_asn1.c index 297f2cead02a..d02076fabc5a 100644 --- a/crypto/ess/ess_asn1.c +++ b/crypto/ess/ess_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -21,7 +21,7 @@ ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = { ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER) } static_ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL) - IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL) +IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL) ASN1_SEQUENCE(ESS_CERT_ID) = { @@ -29,7 +29,7 @@ ASN1_SEQUENCE(ESS_CERT_ID) = { ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL) } static_ASN1_SEQUENCE_END(ESS_CERT_ID) - IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID) +IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID) ASN1_SEQUENCE(ESS_SIGNING_CERT) = { @@ -46,7 +46,7 @@ ASN1_SEQUENCE(ESS_CERT_ID_V2) = { ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL) } static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2) - IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2) +IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2) ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = { diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 4b1c95c4abe3..224f3000ce0a 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -872,8 +872,9 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx) if (pctx != NULL && (pctx->operation == EVP_PKEY_OP_VERIFYCTX || pctx->operation == EVP_PKEY_OP_SIGNCTX) - && pctx->op.sig.algctx != NULL - && pctx->op.sig.signature->gettable_ctx_md_params != NULL) + && pctx->op.sig.signature != NULL + && pctx->op.sig.signature->gettable_ctx_md_params != NULL + && pctx->op.sig.algctx != NULL) return pctx->op.sig.signature->gettable_ctx_md_params( pctx->op.sig.algctx); diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 5ce981958eb4..5a99fe8d577e 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -2403,14 +2403,14 @@ static int s390x_aes_ocb_ctrl(EVP_CIPHER_CTX *, int type, int arg, void *ptr); #endif -#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) +#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) @@ -2641,10 +2641,10 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_generic_pack(NID_aes, 128, 0) - BLOCK_CIPHER_generic_pack(NID_aes, 192, 0) - BLOCK_CIPHER_generic_pack(NID_aes, 256, 0) +BLOCK_CIPHER_generic_pack(NID_aes, 192, 0) +BLOCK_CIPHER_generic_pack(NID_aes, 256, 0) - static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) +static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) { EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX, c); if (gctx == NULL) @@ -3189,12 +3189,12 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM, + EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM, + EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) +static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX, c); @@ -3378,9 +3378,9 @@ static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | EVP_CIPH_CUSTOM_COPY) BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, XTS_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, XTS_FLAGS) - static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) +static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX, c); switch (type) { @@ -3654,12 +3654,12 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM, + EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM, + EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - typedef struct { +typedef struct { union { OSSL_UNION_ALIGN; AES_KEY ks; @@ -4146,8 +4146,8 @@ static int aes_ocb_cleanup(EVP_CIPHER_CTX *c) BLOCK_CIPHER_custom(NID_aes, 128, 16, 12, ocb, OCB, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) - BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB, - EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB, + EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) +BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB, + EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) #endif /* OPENSSL_NO_OCB */ diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index eb3d98259e3a..e35e3f5083a8 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -1,5 +1,5 @@ /* - * Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -194,13 +194,13 @@ static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_generic(NID_aria, 128, 1, 16, ctr, ctr, CTR, 0) - BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0) - BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0) - /* Authenticated cipher modes (GCM/CCM) */ +/* Authenticated cipher modes (GCM/CCM) */ - /* increment counter (64-bit int) by 1 */ - static void ctr64_inc(unsigned char *counter) +/* increment counter (64-bit int) by 1 */ +static void ctr64_inc(unsigned char *counter) { int n = 8; unsigned char c; @@ -778,11 +778,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_aead(128, gcm, GCM) - BLOCK_CIPHER_aead(192, gcm, GCM) - BLOCK_CIPHER_aead(256, gcm, GCM) +BLOCK_CIPHER_aead(192, gcm, GCM) +BLOCK_CIPHER_aead(256, gcm, GCM) - BLOCK_CIPHER_aead(128, ccm, CCM) - BLOCK_CIPHER_aead(192, ccm, CCM) - BLOCK_CIPHER_aead(256, ccm, CCM) +BLOCK_CIPHER_aead(128, ccm, CCM) +BLOCK_CIPHER_aead(192, ccm, CCM) +BLOCK_CIPHER_aead(256, ccm, CCM) #endif diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c index c994bb395d8f..babc4f18f3be 100644 --- a/crypto/evp/e_camellia.c +++ b/crypto/evp/e_camellia.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -183,14 +183,14 @@ static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #endif -#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \ - BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) +#define BLOCK_CIPHER_generic_pack(nid, keylen, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb1, cfb1, CFB, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, cfb8, cfb8, CFB, flags) \ + BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags) /* The subkey for Camellia is generated. */ static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -347,5 +347,5 @@ static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0) - BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0) - BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0) +BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0) +BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0) diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index b8d10829c257..9c9080025c14 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -197,16 +197,16 @@ BLOCK_CIPHER_defs(des, EVP_DES_KEY, NID_des, 8, 8, 8, 64, EVP_CIPH_RAND_KEY, des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) - BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1, - EVP_CIPH_RAND_KEY, des_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) +BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1, + EVP_CIPH_RAND_KEY, des_init_key, NULL, + EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) - BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8, - EVP_CIPH_RAND_KEY, des_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) +BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8, + EVP_CIPH_RAND_KEY, des_init_key, NULL, + EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) - static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; EVP_DES_KEY *dat = (EVP_DES_KEY *)EVP_CIPHER_CTX_get_cipher_data(ctx); diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index ecb49a3f204e..13abdda138f0 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -210,20 +210,20 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, #define des_ede3_ofb_cipher des_ede_ofb_cipher #define des_ede3_cbc_cipher des_ede_cbc_cipher #define des_ede3_ecb_cipher des_ede_ecb_cipher - BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) +BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) - BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) +BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) - BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, - EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, - des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) +BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, + EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede3_init_key, NULL, NULL, NULL, des3_ctrl) - static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; DES_EDE_KEY *dat = data(ctx); diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index 0371094fe3bb..6f4f05842f87 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -54,8 +54,8 @@ BLOCK_CIPHER_func_cbc(idea, IDEA, EVP_IDEA_KEY, ks) 0, idea_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { if (!enc) { if (EVP_CIPHER_CTX_get_mode(ctx) == EVP_CIPH_OFB_MODE) diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c index f833e755162d..66b087c02014 100644 --- a/crypto/evp/e_sm4.c +++ b/crypto/evp/e_sm4.c @@ -1,5 +1,5 @@ /* - * Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017 Ribose Inc. All Rights Reserved. * Ported from Ribose contributions from Botan. * @@ -49,12 +49,12 @@ typedef struct { return &sm4_##mode; \ } -#define DEFINE_BLOCK_CIPHERS(nid, flags) \ - BLOCK_CIPHER_generic(nid, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ - BLOCK_CIPHER_generic(nid, 1, 16, ctr, ctr, CTR, flags) +#define DEFINE_BLOCK_CIPHERS(nid, flags) \ + BLOCK_CIPHER_generic(nid, 16, 16, cbc, cbc, CBC, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 16, 0, ecb, ecb, ECB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 1, 16, ofb128, ofb, OFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 1, 16, cfb128, cfb, CFB, flags | EVP_CIPH_FLAG_DEFAULT_ASN1) \ + BLOCK_CIPHER_generic(nid, 1, 16, ctr, ctr, CTR, flags) static int sm4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index ceeaea5f1145..d554941e7cc4 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -689,7 +689,7 @@ static int evp_decodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t, l = ((((unsigned long)a) << 18L) | (((unsigned long)b) << 12L) | (((unsigned long)c) << 6L) | (((unsigned long)d))); if (eof == -1) - eof = (f[2] == '=') + (f[3] == '='); + eof = (c == '=') + (d == '='); switch (eof) { case 2: diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 5584e06d7e38..109412b342b5 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -979,6 +979,11 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, size_t soutl, inl_ = (size_t)inl; int blocksize; + if (inl < 0) { + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH); + return 0; + } + if (ossl_likely(outl != NULL)) { *outl = 0; } else { @@ -1128,6 +1133,11 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, size_t soutl, inl_ = (size_t)inl; int blocksize; + if (inl < 0) { + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH); + return 0; + } + if (ossl_likely(outl != NULL)) { *outl = 0; } else { diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c index 6c36164760e3..d0cf696b3220 100644 --- a/crypto/evp/kem.c +++ b/crypto/evp/kem.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -181,7 +181,7 @@ static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation, if (provauthkey != NULL && kem->auth_decapsulate_init != NULL) { ret = kem->auth_decapsulate_init(ctx->op.encap.algctx, provkey, provauthkey, params); - } else if (provauthkey == NULL && kem->encapsulate_init != NULL) { + } else if (provauthkey == NULL && kem->decapsulate_init != NULL) { ret = kem->decapsulate_init(ctx->op.encap.algctx, provkey, params); } else { ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); diff --git a/crypto/hashtable/hashtable.c b/crypto/hashtable/hashtable.c index dba05ebe25ce..8b9f9cc0d9fd 100644 --- a/crypto/hashtable/hashtable.c +++ b/crypto/hashtable/hashtable.c @@ -1,5 +1,5 @@ /* - * Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -82,9 +82,11 @@ #if defined(__GNUC__) || defined(__CLANG__) #define PREFETCH_NEIGHBORHOOD(x) __builtin_prefetch(x.entries) #define PREFETCH(x) __builtin_prefetch(x) +#define ALIGN __attribute__((aligned(8))) #else #define PREFETCH_NEIGHBORHOOD(x) #define PREFETCH(x) +#define ALIGN #endif /* @@ -112,7 +114,7 @@ struct ht_internal_value_st { struct ht_neighborhood_entry_st { uint64_t hash; struct ht_internal_value_st *value; -}; +} ALIGN; struct ht_neighborhood_st { struct ht_neighborhood_entry_st entries[NEIGHBORHOOD_LEN]; diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c index cc12545fc447..1e603d870c03 100644 --- a/crypto/http/http_client.c +++ b/crypto/http/http_client.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright Siemens AG 2018-2020 * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -551,6 +551,7 @@ static int may_still_retry(time_t max_time, int *ptimeout) int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) { int i, found_expected_ct = 0, found_keep_alive = 0; + int status_code = 0; int got_text = 1; long n; size_t resp_len = 0; @@ -751,8 +752,8 @@ next_io: /* First line in response header */ if (rctx->state == OHS_FIRSTLINE) { - i = parse_http_line1(buf, &found_keep_alive); - switch (i) { + status_code = parse_http_line1(buf, &found_keep_alive); + switch (status_code) { case HTTP_STATUS_CODE_OK: rctx->state = OHS_HEADERS; goto next_line; @@ -767,7 +768,7 @@ next_io: /* fall through */ default: /* must return content if status >= 400 */ - rctx->state = i < HTTP_STATUS_CODES_NONFATAL_ERROR + rctx->state = status_code < HTTP_STATUS_CODES_NONFATAL_ERROR ? OHS_HEADERS_ERROR : OHS_HEADERS; goto next_line; /* continue parsing, also on HTTP error */ @@ -797,6 +798,17 @@ next_io: } if (OPENSSL_strcasecmp(key, "Content-Type") == 0) { got_text = HAS_CASE_PREFIX(value, "text/"); + if (got_text + && rctx->state == OHS_HEADERS + && rctx->expect_asn1 + && (status_code >= HTTP_STATUS_CODES_NONFATAL_ERROR + || status_code == HTTP_STATUS_CODE_OK)) { + ERR_raise_data(ERR_LIB_HTTP, HTTP_R_CONTENT_TYPE_MISMATCH, + "expected ASN.1 content but got http code %d with Content-Type: %s", + status_code, value); + rctx->state = OHS_HEADERS_ERROR; + goto next_line; + } if (rctx->state == OHS_HEADERS && rctx->expected_ct != NULL) { const char *semicolon; @@ -1452,7 +1464,11 @@ int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port, } BIO_push(fbio, bio); - BIO_printf(fbio, "CONNECT %s:%s " HTTP_1_0 "\r\n", server, port); + /* Add square brackets around a naked IPv6 address */ + if (server[0] != '[' && strchr(server, ':') != NULL) + BIO_printf(fbio, "CONNECT [%s]:%s " HTTP_1_0 "\r\n", server, port); + else + BIO_printf(fbio, "CONNECT %s:%s " HTTP_1_0 "\r\n", server, port); /* * Workaround for broken proxies which would otherwise close diff --git a/crypto/http/http_err.c b/crypto/http/http_err.c index 947a403d6009..8598dd1ff48a 100644 --- a/crypto/http/http_err.c +++ b/crypto/http/http_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -20,6 +20,8 @@ static const ERR_STRING_DATA HTTP_str_reasons[] = { { ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN), "asn1 len exceeds max resp len" }, { ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_CONNECT_FAILURE), "connect failure" }, + { ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_CONTENT_TYPE_MISMATCH), + "content type mismatch" }, { ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ERROR_PARSING_ASN1_LENGTH), "error parsing asn1 length" }, { ERR_PACK(ERR_LIB_HTTP, 0, HTTP_R_ERROR_PARSING_CONTENT_LENGTH), diff --git a/crypto/http/http_lib.c b/crypto/http/http_lib.c index 54c5c6ec1d8f..c8ffd87c0620 100644 --- a/crypto/http/http_lib.c +++ b/crypto/http/http_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -55,6 +55,7 @@ int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost, char **ppath, char **pquery, char **pfrag) { const char *p, *tmp; + const char *authority_end; const char *scheme, *scheme_end; const char *user, *user_end; const char *host, *host_end; @@ -92,7 +93,10 @@ int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost, /* parse optional "userinfo@" */ user = user_end = host = p; - host = strchr(p, '@'); + authority_end = strpbrk(p, "/?#"); + if (authority_end == NULL) + authority_end = p + strlen(p); + host = memchr(p, '@', authority_end - p); if (host != NULL) user_end = host++; else diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c index c8ed3853285a..9e95ed7323fe 100644 --- a/crypto/idea/i_cfb64.c +++ b/crypto/idea/i_cfb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -37,6 +37,7 @@ void IDEA_cfb64_encrypt(const unsigned char *in, unsigned char *out, *num = -1; return; } + n = n & 0x07; iv = (unsigned char *)ivec; if (encrypt) { diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c index afa6a960d4ed..64f8469abc60 100644 --- a/crypto/idea/i_ofb64.c +++ b/crypto/idea/i_ofb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -39,6 +39,7 @@ void IDEA_ofb64_encrypt(const unsigned char *in, unsigned char *out, *num = -1; return; } + n = n & 0x07; iv = (unsigned char *)ivec; n2l(iv, v0); diff --git a/crypto/init.c b/crypto/init.c index c309b27c5dda..ea29645b648c 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -275,27 +275,24 @@ DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests, } static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT; -static int config_inited = 0; static const OPENSSL_INIT_SETTINGS *conf_settings = NULL; DEFINE_RUN_ONCE_STATIC(ossl_init_config) { int ret = ossl_config_int(NULL); - config_inited = 1; return ret; } DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_config_settings, ossl_init_config) { int ret = ossl_config_int(conf_settings); - config_inited = 1; return ret; } DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config) { OSSL_TRACE(INIT, "ossl_no_config_int()\n"); ossl_no_config_int(); - config_inited = 1; + return 1; } diff --git a/crypto/initthread.c b/crypto/initthread.c index b03579d06c75..241fdf85362f 100644 --- a/crypto/initthread.c +++ b/crypto/initthread.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -200,16 +200,28 @@ static void init_thread_destructor(void *hands) } static CRYPTO_ONCE ossl_init_thread_runonce = CRYPTO_ONCE_STATIC_INIT; +/* MSVC linker can use other segment for uninitialized (zeroed) variables */ +#if defined(OPENSSL_SYS_WINDOWS) static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)-1; +#elif defined(OPENSSL_SYS_TANDEM) && (defined(_PUT_MODEL_) || defined(_KLT_MODEL_)) +static CRYPTO_THREAD_ID recursion_guard = { (void *)-1, (short)-1, (short)-1 }; +#else +static CRYPTO_THREAD_ID recursion_guard = (CRYPTO_THREAD_ID)0; +#endif DEFINE_RUN_ONCE_STATIC(ossl_init_thread_once) { + /* CRYPTO_THREAD_init_local() can call ossl_init_threads() again */ recursion_guard = CRYPTO_THREAD_get_current_id(); if (!CRYPTO_THREAD_init_local(&destructor_key.value, init_thread_destructor)) return 0; +#if defined(OPENSSL_SYS_TANDEM) + memset(&recursion_guard, 0, sizeof(recursion_guard)); +#else recursion_guard = (CRYPTO_THREAD_ID)0; +#endif return 1; } diff --git a/crypto/modes/asm/aes-gcm-ppc.pl b/crypto/modes/asm/aes-gcm-ppc.pl index 970283c559f8..7355c31cc129 100644 --- a/crypto/modes/asm/aes-gcm-ppc.pl +++ b/crypto/modes/asm/aes-gcm-ppc.pl @@ -409,7 +409,6 @@ my $code.=<<___; ################################################################################ .align 4 aes_gcm_crypt_1x: -.localentry aes_gcm_crypt_1x,0 cmpdi 5, 16 bge __More_1x @@ -492,7 +491,6 @@ __Encrypt_1x: ################################################################################ .align 4 __Process_partial: -.localentry __Process_partial,0 # create partial mask vspltisb 16, -1 @@ -564,7 +562,6 @@ __Encrypt_partial: .global ppc_aes_gcm_encrypt .align 5 ppc_aes_gcm_encrypt: -.localentry ppc_aes_gcm_encrypt,0 SAVE_REGS LOAD_HASH_TABLE @@ -752,7 +749,6 @@ __Process_more_enc: .global ppc_aes_gcm_decrypt .align 5 ppc_aes_gcm_decrypt: -.localentry ppc_aes_gcm_decrypt, 0 SAVE_REGS LOAD_HASH_TABLE @@ -1032,7 +1028,6 @@ __Process_more_dec: .size ppc_aes_gcm_decrypt,.-ppc_aes_gcm_decrypt aes_gcm_out: -.localentry aes_gcm_out,0 mr 3, 11 # return count diff --git a/crypto/modes/asm/ghash-armv4.pl b/crypto/modes/asm/ghash-armv4.pl index 044f86f143f9..4ab6d8cb2b42 100644 --- a/crypto/modes/asm/ghash-armv4.pl +++ b/crypto/modes/asm/ghash-armv4.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2010-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -55,7 +55,7 @@ # Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software # Polynomial Multiplication on ARM Processors using the NEON Engine. # -# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf +# https://conradoplg.modp.net/files/2010/12/mocrysen13.pdf # ==================================================================== # Note about "528B" variant. In ARM case it makes lesser sense to diff --git a/crypto/modes/build.info b/crypto/modes/build.info index 52d2df19c6d9..9fb2d503d8d6 100644 --- a/crypto/modes/build.info +++ b/crypto/modes/build.info @@ -35,7 +35,7 @@ IF[{- !$disabled{asm} -}] $MODESASM_ppc32=ghashp8-ppc.s $MODESDEF_ppc32= $MODESASM_ppc64=$MODESASM_ppc32 - IF[{- $target{sys_id} ne "AIX" && $target{sys_id} ne "MACOSX" -}] + IF[{- $target{perlasm_scheme} =~ /le$/ -}] $MODESASM_ppc64=$MODESASM_ppc32 aes-gcm-ppc.s ENDIF $MODESDEF_ppc64=$MODESDEF_ppc32 diff --git a/crypto/o_str.c b/crypto/o_str.c index 35540630be25..154393c7b3e7 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -1,5 +1,5 @@ /* - * Copyright 2003-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2003-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -296,6 +296,11 @@ static int buf2hexstr_sep(char *str, size_t str_n, size_t *strlength, int has_sep = (sep != CH_ZERO); size_t i, len = has_sep ? buflen * 3 : 1 + buflen * 2; + if (buflen > (has_sep ? SIZE_MAX / 3 : (SIZE_MAX - 1) / 2)) { + ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES); + return 0; + } + if (len == 0) ++len; if (strlength != NULL) @@ -339,7 +344,13 @@ char *ossl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep) if (buflen == 0) return OPENSSL_zalloc(1); - tmp_n = (sep != CH_ZERO) ? buflen * 3 : 1 + buflen * 2; + if ((sep != CH_ZERO && (size_t)buflen > SIZE_MAX / 3) + || (sep == CH_ZERO && (size_t)buflen > (SIZE_MAX - 1) / 2)) { + ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_TOO_MANY_BYTES); + return NULL; + } + + tmp_n = (sep != CH_ZERO) ? (size_t)buflen * 3 : 1 + (size_t)buflen * 2; if ((tmp = OPENSSL_malloc(tmp_n)) == NULL) return NULL; diff --git a/crypto/param_build.c b/crypto/param_build.c index 1eb36953ca52..4e90c581a0eb 100644 --- a/crypto/param_build.c +++ b/crypto/param_build.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -121,12 +121,22 @@ void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld) int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); } int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key, unsigned int num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_UNSIGNED_INTEGER); } @@ -134,12 +144,22 @@ int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key, long int num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); } int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key, unsigned long int num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_UNSIGNED_INTEGER); } @@ -147,12 +167,22 @@ int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key, int32_t num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); } int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key, uint32_t num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_UNSIGNED_INTEGER); } @@ -160,12 +190,22 @@ int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key, int64_t num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); } int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key, uint64_t num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_UNSIGNED_INTEGER); } @@ -173,6 +213,11 @@ int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key, size_t num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_UNSIGNED_INTEGER); } @@ -180,6 +225,11 @@ int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key, time_t num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER); } @@ -187,6 +237,11 @@ int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key, double num) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL); } @@ -196,6 +251,11 @@ static int push_BN(OSSL_PARAM_BLD *bld, const char *key, int n, secure = 0; OSSL_PARAM_BLD_DEF *pd; + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if (!ossl_assert(type == OSSL_PARAM_UNSIGNED_INTEGER || type == OSSL_PARAM_INTEGER)) return 0; @@ -233,6 +293,11 @@ static int push_BN(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key, const BIGNUM *bn) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if (bn != NULL && BN_is_negative(bn)) return push_BN(bld, key, bn, BN_num_bytes(bn) + 1, OSSL_PARAM_INTEGER); @@ -243,6 +308,11 @@ int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key, int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key, const BIGNUM *bn, size_t sz) { + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if (bn != NULL && BN_is_negative(bn)) return push_BN(bld, key, bn, BN_num_bytes(bn), OSSL_PARAM_INTEGER); @@ -255,6 +325,11 @@ int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key, OSSL_PARAM_BLD_DEF *pd; int secure; + if (bld == NULL || key == NULL || buf == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if (bsize == 0) bsize = strlen(buf); secure = CRYPTO_secure_allocated(buf); @@ -270,6 +345,11 @@ int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key, { OSSL_PARAM_BLD_DEF *pd; + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if (bsize == 0) bsize = strlen(buf); pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0); @@ -285,6 +365,11 @@ int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key, OSSL_PARAM_BLD_DEF *pd; int secure; + if (bld == NULL || key == NULL || buf == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + secure = CRYPTO_secure_allocated(buf); pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure); if (pd == NULL) @@ -298,6 +383,11 @@ int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key, { OSSL_PARAM_BLD_DEF *pd; + if (bld == NULL || key == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0); if (pd == NULL) return 0; @@ -362,10 +452,18 @@ OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld) { OSSL_PARAM_ALIGNED_BLOCK *blk, *s = NULL; OSSL_PARAM *params, *last; - const int num = sk_OSSL_PARAM_BLD_DEF_num(bld->params); - const size_t p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params)); - const size_t total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks); - const size_t ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks; + int num; + size_t p_blks, total, ss; + + if (bld == NULL) { + ERR_raise(ERR_LIB_CRYPTO, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + num = sk_OSSL_PARAM_BLD_DEF_num(bld->params); + p_blks = ossl_param_bytes_to_blocks((1 + num) * sizeof(*params)); + total = OSSL_PARAM_ALIGN_SIZE * (p_blks + bld->total_blocks); + ss = OSSL_PARAM_ALIGN_SIZE * bld->secure_blocks; if (ss > 0) { s = OPENSSL_secure_malloc(ss); diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl index d677963c6176..94ba8ad75930 100755 --- a/crypto/perlasm/x86_64-xlate.pl +++ b/crypto/perlasm/x86_64-xlate.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2005-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2005-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -663,8 +663,7 @@ my %globals; ); # Following constants are defined in x86_64 ABI supplement, for - # example available at https://www.uclibc.org/docs/psABI-x86_64.pdf, - # see section 3.7 "Stack Unwind Algorithm". + # example available at https://gitlab.com/x86-psABIs/x86-64-ABI. my %DW_reg_idx = ( "%rax"=>0, "%rdx"=>1, "%rcx"=>2, "%rbx"=>3, "%rsi"=>4, "%rdi"=>5, "%rbp"=>6, "%rsp"=>7, diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 79ed41209c09..01956252df76 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -519,6 +519,8 @@ int PKCS12_set_pbmac1_pbkdf2(PKCS12 *p12, const char *pass, int passlen, X509_ALGOR_free(param->messageAuthScheme); param->keyDerivationFunc = alg; param->messageAuthScheme = hmac_alg; + alg = NULL; + hmac_alg = NULL; X509_SIG_getm(p12->mac->dinfo, &macalg, &macoct); if (!ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(PBMAC1PARAM), param, &macalg->parameter)) @@ -540,6 +542,8 @@ int PKCS12_set_pbmac1_pbkdf2(PKCS12 *p12, const char *pass, int passlen, ret = 1; err: + X509_ALGOR_free(alg); + X509_ALGOR_free(hmac_alg); PBMAC1PARAM_free(param); OPENSSL_free(known_salt); return ret; diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 9360f9930713..a6f3248c554c 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -175,7 +175,7 @@ static int bmp_to_utf8(char *str, const unsigned char *utf16, int len) utf32chr += 0x10000; } - return UTF8_putc((unsigned char *)str, len > 4 ? 4 : len, utf32chr); + return UTF8_putc((unsigned char *)str, 4, utf32chr); } char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen) diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index b180b5848185..d6513cf3a379 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -831,6 +831,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) break; case NID_pkcs7_signed: si_sk = p7->d.sign->signer_info; + if (p7->d.sign->contents == NULL) { + ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT); + goto err; + } os = PKCS7_get_octet_string(p7->d.sign->contents); /* If detached data then the content is excluded */ if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { @@ -841,6 +845,10 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) break; case NID_pkcs7_digest: + if (p7->d.digest->contents == NULL) { + ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT); + goto err; + } os = PKCS7_get_octet_string(p7->d.digest->contents); /* If detached data then the content is excluded */ if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) { diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 675c694e66cd..6cd0c3f025c5 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -48,7 +48,8 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) break; case PKCS7_OP_GET_DETACHED_SIGNATURE: if (nid == NID_pkcs7_signed) { - if (p7->d.sign == NULL || p7->d.sign->contents->d.ptr == NULL) + if (p7->d.sign == NULL || p7->d.sign->contents == NULL + || p7->d.sign->contents->d.ptr == NULL) ret = 1; else ret = 0; @@ -742,6 +743,10 @@ int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) break; case NID_pkcs7_signed: + if (p7->d.sign == NULL || p7->d.sign->contents == NULL) { + ERR_raise(ERR_LIB_PKCS7, PKCS7_R_NO_CONTENT); + break; + } os = p7->d.sign->contents->d.data; break; diff --git a/crypto/punycode.c b/crypto/punycode.c index 18cbccf1ae7a..cb78c7f18f36 100644 --- a/crypto/punycode.c +++ b/crypto/punycode.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -268,7 +268,7 @@ int ossl_a2ulabel(const char *in, char *out, size_t outlen) return -1; while (1) { - char *tmpptr = strchr(inptr, '.'); + const char *tmpptr = strchr(inptr, '.'); size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr); if (!HAS_PREFIX(inptr, "xn--")) { diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index ba8aa34dc204..aeb9bd0d2384 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -108,10 +108,13 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { FILE *fp = NULL; struct sockaddr_un addr; - int mybuffer, ret = -1, i, numbytes, fd; + int mybuffer, ret = -1, i, numbytes, fd = -1; unsigned char tempbuf[255]; +#if defined(OPENSSL_SYS_TANDEM) + int hpns_connect_attempt = 0; +#endif - if (bytes > (int)sizeof(tempbuf)) + if (bytes <= 0 || bytes > (int)sizeof(tempbuf)) return -1; /* Make socket. */ @@ -126,9 +129,8 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) #else fd = socket(AF_UNIX, SOCK_STREAM, 0); #endif - if (fd == -1 || (fp = fdopen(fd, "r+")) == NULL) + if (fd == -1) return -1; - setbuf(fp, NULL); /* Try to connect */ for (;;) { @@ -171,6 +173,14 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) } } + /* Create stream only after a successful connect to avoid stale FILE* on fd swap. */ + fp = fdopen(fd, "r+"); + if (fp == NULL) { + close(fd); + return -1; + } + setbuf(fp, NULL); + /* Make request, see how many bytes we can get back. */ tempbuf[0] = 1; tempbuf[1] = bytes; @@ -180,6 +190,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) goto err; numbytes = tempbuf[0]; + if (numbytes <= 0 || numbytes > bytes || numbytes > (int)sizeof(tempbuf)) + goto err; + /* Which buffer are we using? */ mybuffer = buf == NULL; if (mybuffer) @@ -196,6 +209,8 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) err: if (fp != NULL) fclose(fp); + else if (fd != -1) + close(fd); return ret; } diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c index ccc69fa6bf8d..0ee6061486d2 100644 --- a/crypto/rc2/rc2cfb64.c +++ b/crypto/rc2/rc2cfb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, int *num, int encrypt) { register unsigned long v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; unsigned long ti[2]; unsigned char *iv, c, cc; diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c index b659b72a1005..fdc025bbd8f1 100644 --- a/crypto/rc2/rc2ofb64.c +++ b/crypto/rc2/rc2ofb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,7 @@ void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, int *num) { register unsigned long v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; unsigned char d[8]; register char *dp; diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c index f2f4b9bdfb3b..a7c447f681d3 100644 --- a/crypto/rc5/rc5cfb64.c +++ b/crypto/rc5/rc5cfb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num, int encrypt) { register unsigned long v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; unsigned long ti[2]; unsigned char *iv, c, cc; diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c index 30487521f22f..5217303a28d2 100644 --- a/crypto/rc5/rc5ofb64.c +++ b/crypto/rc5/rc5ofb64.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,7 @@ void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out, unsigned char *ivec, int *num) { register unsigned long v0, v1, t; - register int n = *num; + register int n = *num & 0x07; register long l = length; unsigned char d[8]; register char *dp; diff --git a/crypto/riscvcap.c b/crypto/riscvcap.c index f6db84bf16b6..64a45d87cec4 100644 --- a/crypto/riscvcap.c +++ b/crypto/riscvcap.c @@ -1,5 +1,5 @@ /* - * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,9 +26,6 @@ extern size_t riscv_vlen_asm(void); -static void parse_env(const char *envstr); -static void strtoupper(char *str); - static size_t vlen = 0; #ifdef OSSL_RISCV_HWPROBE @@ -50,10 +47,15 @@ size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max) return 0; } -static void strtoupper(char *str) +static void strtoupper(const char *str, char *dst, size_t dstlen) { - for (char *x = str; *x; ++x) - *x = toupper((unsigned char)*x); + for (size_t i = 0; i < dstlen; i++) { + if (i == dstlen - 1 || str[i] == '\0') { + dst[i] = '\0'; + break; + } + dst[i] = toupper((unsigned char)str[i]); + } } /* parse_env() parses a RISC-V architecture string. An example of such a string @@ -68,15 +70,24 @@ static void parse_env(const char *envstr) char buf[BUFLEN]; /* Convert env str to all uppercase */ - OPENSSL_strlcpy(envstrupper, envstr, sizeof(envstrupper)); - strtoupper(envstrupper); + strtoupper(envstr, envstrupper, sizeof(envstrupper)); for (size_t i = 0; i < kRISCVNumCaps; ++i) { + size_t len = strlen(RISCV_capabilities[i].name); /* Prefix capability with underscore in preparation for search */ - BIO_snprintf(buf, BUFLEN, "_%s", RISCV_capabilities[i].name); - if (strstr(envstrupper, buf) != NULL) { - /* Match, set relevant bit in OPENSSL_riscvcap_P[] */ - OPENSSL_riscvcap_P[RISCV_capabilities[i].index] |= (1 << RISCV_capabilities[i].bit_offset); + /* + * Avoid using higher level library functions which may require + * library initialization (such as BIO_snprintf) as this may be called + * in a constructor before library initialization + */ + if (len < BUFLEN - 1) { + buf[0] = '_'; + memcpy(buf + 1, RISCV_capabilities[i].name, len); + buf[len + 1] = '\0'; + if (strstr(envstrupper, buf) != NULL) { + /* Match, set relevant bit in OPENSSL_riscvcap_P[] */ + OPENSSL_riscvcap_P[RISCV_capabilities[i].index] |= (1 << RISCV_capabilities[i].bit_offset); + } } } } diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index 3315c50014fd..3cfa4a18be57 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -246,6 +246,8 @@ err: BN_free(n); BN_free(e); BN_free(d); + BN_clear_free(p); + BN_clear_free(q); sk_BIGNUM_pop_free(factors, BN_clear_free); sk_BIGNUM_pop_free(exps, BN_clear_free); sk_BIGNUM_pop_free(coeffs, BN_clear_free); diff --git a/crypto/sha/asm/keccak1600-s390x.pl b/crypto/sha/asm/keccak1600-s390x.pl index 7d5ebde11719..6cf0214bb932 100755 --- a/crypto/sha/asm/keccak1600-s390x.pl +++ b/crypto/sha/asm/keccak1600-s390x.pl @@ -1,5 +1,5 @@ #!/usr/bin/env perl -# Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -67,6 +67,7 @@ my @rhotates = ([ 0, 1, 62, 28, 27 ], $code.=<<___; .text +.machine "z10" .type __KeccakF1600,\@function .align 32 diff --git a/crypto/slh_dsa/slh_dsa.c b/crypto/slh_dsa/slh_dsa.c index 77c20daceb34..41fc494048b4 100644 --- a/crypto/slh_dsa/slh_dsa.c +++ b/crypto/slh_dsa/slh_dsa.c @@ -1,5 +1,5 @@ /* - * Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -119,11 +119,11 @@ static int slh_sign_internal(SLH_DSA_HASH_CTX *hctx, /* Generate ht signature and append to the SLH-DSA signature */ && ossl_slh_ht_sign(hctx, pk_fors, sk_seed, pk_seed, tree_id, leaf_id, wpkt); - *sig_len = sig_len_expected; - ret = 1; err: if (!WPACKET_finish(wpkt)) ret = 0; + if (ret) + *sig_len = sig_len_expected; return ret; } @@ -232,6 +232,7 @@ static uint8_t *msg_encode(const uint8_t *msg, size_t msg_len, const uint8_t *ctx, size_t ctx_len, int encode, uint8_t *tmp, size_t tmp_len, size_t *out_len) { + WPACKET pkt; uint8_t *encoded = NULL; size_t encoded_len; @@ -240,11 +241,14 @@ static uint8_t *msg_encode(const uint8_t *msg, size_t msg_len, *out_len = msg_len; return (uint8_t *)msg; } + if (ctx_len > SLH_DSA_MAX_CONTEXT_STRING_LEN) return NULL; /* Pure encoding */ encoded_len = 1 + 1 + ctx_len + msg_len; + if (encoded_len < msg_len) /* Check for overflow */ + return NULL; *out_len = encoded_len; if (encoded_len <= tmp_len) { encoded = tmp; @@ -253,10 +257,17 @@ static uint8_t *msg_encode(const uint8_t *msg, size_t msg_len, if (encoded == NULL) return NULL; } - encoded[0] = 0; - encoded[1] = (uint8_t)ctx_len; - memcpy(&encoded[2], ctx, ctx_len); - memcpy(&encoded[2 + ctx_len], msg, msg_len); + if (!WPACKET_init_static_len(&pkt, encoded, encoded_len, 0) + || !WPACKET_put_bytes_u8(&pkt, 0) + || !WPACKET_put_bytes_u8(&pkt, (uint8_t)ctx_len) + || !WPACKET_memcpy(&pkt, ctx, ctx_len) + || !WPACKET_memcpy(&pkt, msg, msg_len) + || !WPACKET_finish(&pkt)) { + if (encoded != tmp) + OPENSSL_free(encoded); + encoded = NULL; + WPACKET_cleanup(&pkt); + } return encoded; } diff --git a/crypto/sm4/asm/vpsm4_ex-armv8.pl b/crypto/sm4/asm/vpsm4_ex-armv8.pl index e8e33735852e..eac5a0f6a1d8 100644 --- a/crypto/sm4/asm/vpsm4_ex-armv8.pl +++ b/crypto/sm4/asm/vpsm4_ex-armv8.pl @@ -476,12 +476,13 @@ sub load_sbox () { $code.=<<___; adrp $xtmp2, .Lsbox_magic - ldr $MaskQ, [$xtmp2, #:lo12:.Lsbox_magic] - ldr $TAHMatQ, [$xtmp2, #:lo12:.Lsbox_magic+16] - ldr $TALMatQ, [$xtmp2, #:lo12:.Lsbox_magic+32] - ldr $ATAHMatQ, [$xtmp2, #:lo12:.Lsbox_magic+48] - ldr $ATALMatQ, [$xtmp2, #:lo12:.Lsbox_magic+64] - ldr $ANDMaskQ, [$xtmp2, #:lo12:.Lsbox_magic+80] + add $xtmp2, $xtmp2, #:lo12:.Lsbox_magic + ldr $MaskQ, [$xtmp2] + ldr $TAHMatQ, [$xtmp2, 16] + ldr $TALMatQ, [$xtmp2, 32] + ldr $ATAHMatQ, [$xtmp2, 48] + ldr $ATALMatQ, [$xtmp2, 64] + ldr $ANDMaskQ, [$xtmp2, 80] ___ } diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 7c111541388c..b7a9eaed8f7d 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -498,6 +498,10 @@ int OSSL_STORE_delete(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, int res = 0; struct ossl_passphrase_data_st pwdata = { 0 }; + if (uri == NULL) { + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } OPENSSL_strlcpy(scheme, uri, sizeof(scheme)); if ((p = strchr(scheme, ':')) != NULL) *p++ = '\0'; diff --git a/crypto/threads_none.c b/crypto/threads_none.c index 1a67d51f29f4..fd2ab38d8097 100644 --- a/crypto/threads_none.c +++ b/crypto/threads_none.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -217,7 +217,7 @@ int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key) CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void) { - return 0; + return 1; } int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b) diff --git a/crypto/threads_pthread.c b/crypto/threads_pthread.c index b1a4a63a2748..b4394f78fc1f 100644 --- a/crypto/threads_pthread.c +++ b/crypto/threads_pthread.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -534,6 +534,9 @@ void ossl_rcu_assign_uptr(void **p, void **v) CRYPTO_RCU_LOCK *ossl_rcu_lock_new(int num_writers, OSSL_LIB_CTX *ctx) { struct rcu_lock_st *new; + pthread_mutex_t *mutexes[3] = { NULL }; + pthread_cond_t *conds[2] = { NULL }; + int i; /* * We need a minimum of 2 qp's @@ -550,19 +553,40 @@ CRYPTO_RCU_LOCK *ossl_rcu_lock_new(int num_writers, OSSL_LIB_CTX *ctx) return NULL; new->ctx = ctx; - pthread_mutex_init(&new->write_lock, NULL); - pthread_mutex_init(&new->prior_lock, NULL); - pthread_mutex_init(&new->alloc_lock, NULL); - pthread_cond_init(&new->prior_signal, NULL); - pthread_cond_init(&new->alloc_signal, NULL); - + i = 0; + mutexes[i] = pthread_mutex_init(&new->write_lock, NULL) == 0 ? &new->write_lock : NULL; + if (mutexes[i++] == NULL) + goto err; + mutexes[i] = pthread_mutex_init(&new->prior_lock, NULL) == 0 ? &new->prior_lock : NULL; + if (mutexes[i++] == NULL) + goto err; + mutexes[i] = pthread_mutex_init(&new->alloc_lock, NULL) == 0 ? &new->alloc_lock : NULL; + if (mutexes[i++] == NULL) + goto err; + conds[i - 3] = pthread_cond_init(&new->prior_signal, NULL) == 0 ? &new->prior_signal : NULL; + if (conds[i - 3] == NULL) + goto err; + i++; + conds[i - 3] = pthread_cond_init(&new->alloc_signal, NULL) == 0 ? &new->alloc_signal : NULL; + if (conds[i - 3] == NULL) + goto err; + i++; new->qp_group = allocate_new_qp_group(new, num_writers); - if (new->qp_group == NULL) { - OPENSSL_free(new); - new = NULL; - } + if (new->qp_group == NULL) + goto err; return new; + +err: + for (i = 0; i < 3; i++) + if (mutexes[i] != NULL) + pthread_mutex_destroy(mutexes[i]); + for (i = 0; i < 2; i++) + if (conds[i] != NULL) + pthread_cond_destroy(conds[i]); + OPENSSL_free(new->qp_group); + OPENSSL_free(new); + return NULL; } void ossl_rcu_lock_free(CRYPTO_RCU_LOCK *lock) @@ -576,6 +600,17 @@ void ossl_rcu_lock_free(CRYPTO_RCU_LOCK *lock) ossl_synchronize_rcu(rlock); OPENSSL_free(rlock->qp_group); + /* + * Some targets (BSD) allocate heap when initializing + * a mutex or condition, to prevent leaks, those need + * to be destroyed here + */ + pthread_mutex_destroy(&rlock->write_lock); + pthread_mutex_destroy(&rlock->prior_lock); + pthread_mutex_destroy(&rlock->alloc_lock); + pthread_cond_destroy(&rlock->prior_signal); + pthread_cond_destroy(&rlock->alloc_signal); + /* There should only be a single qp left now */ OPENSSL_free(rlock); } diff --git a/crypto/threads_win.c b/crypto/threads_win.c index 51d489cdf03b..795d97a012eb 100644 --- a/crypto/threads_win.c +++ b/crypto/threads_win.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -50,7 +50,7 @@ typedef struct { * atomically updated */ struct rcu_qp { - volatile uint64_t users; + uint64_t users; }; struct thread_qp { diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c index 93a741d04d74..494e4e69d710 100644 --- a/crypto/ts/ts_asn1.c +++ b/crypto/ts/ts_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -17,7 +17,7 @@ ASN1_SEQUENCE(TS_MSG_IMPRINT) = { ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING) } static_ASN1_SEQUENCE_END(TS_MSG_IMPRINT) - IMPLEMENT_ASN1_FUNCTIONS(TS_MSG_IMPRINT) +IMPLEMENT_ASN1_FUNCTIONS(TS_MSG_IMPRINT) IMPLEMENT_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT) TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a) { @@ -51,7 +51,7 @@ ASN1_SEQUENCE(TS_REQ) = { ASN1_IMP_SEQUENCE_OF_OPT(TS_REQ, extensions, X509_EXTENSION, 0) } static_ASN1_SEQUENCE_END(TS_REQ) - IMPLEMENT_ASN1_FUNCTIONS(TS_REQ) +IMPLEMENT_ASN1_FUNCTIONS(TS_REQ) IMPLEMENT_ASN1_DUP_FUNCTION(TS_REQ) TS_REQ *d2i_TS_REQ_bio(BIO *bp, TS_REQ **a) { @@ -80,7 +80,7 @@ ASN1_SEQUENCE(TS_ACCURACY) = { ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1) } static_ASN1_SEQUENCE_END(TS_ACCURACY) - IMPLEMENT_ASN1_FUNCTIONS(TS_ACCURACY) +IMPLEMENT_ASN1_FUNCTIONS(TS_ACCURACY) IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY) ASN1_SEQUENCE(TS_TST_INFO) = { @@ -96,7 +96,7 @@ ASN1_SEQUENCE(TS_TST_INFO) = { ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1) } static_ASN1_SEQUENCE_END(TS_TST_INFO) - IMPLEMENT_ASN1_FUNCTIONS(TS_TST_INFO) +IMPLEMENT_ASN1_FUNCTIONS(TS_TST_INFO) IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO) TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) { @@ -127,7 +127,7 @@ ASN1_SEQUENCE(TS_STATUS_INFO) = { ASN1_OPT(TS_STATUS_INFO, failure_info, ASN1_BIT_STRING) } static_ASN1_SEQUENCE_END(TS_STATUS_INFO) - IMPLEMENT_ASN1_FUNCTIONS(TS_STATUS_INFO) +IMPLEMENT_ASN1_FUNCTIONS(TS_STATUS_INFO) IMPLEMENT_ASN1_DUP_FUNCTION(TS_STATUS_INFO) static int ts_resp_set_tst_info(TS_RESP *a) @@ -175,7 +175,7 @@ ASN1_SEQUENCE_cb(TS_RESP, ts_resp_cb) = { ASN1_OPT(TS_RESP, token, PKCS7), } static_ASN1_SEQUENCE_END_cb(TS_RESP, TS_RESP) - IMPLEMENT_ASN1_FUNCTIONS(TS_RESP) +IMPLEMENT_ASN1_FUNCTIONS(TS_RESP) IMPLEMENT_ASN1_DUP_FUNCTION(TS_RESP) diff --git a/crypto/x509/pcy_tree.c b/crypto/x509/pcy_tree.c index 1d91e49cece1..f9d9990bd1d1 100644 --- a/crypto/x509/pcy_tree.c +++ b/crypto/x509/pcy_tree.c @@ -1,5 +1,5 @@ /* - * Copyright 2004-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2004-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -680,8 +680,10 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, } else { *pexplicit_policy = 1; /* Tree empty and requireExplicit True: Error */ - if (init_ret & X509_PCY_TREE_EMPTY) + if (init_ret & X509_PCY_TREE_EMPTY) { + X509_policy_tree_free(tree); return X509_PCY_TREE_FAILURE; + } } ret = tree_evaluate(tree); @@ -707,13 +709,15 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, if (!ret) goto error; - *ptree = tree; - if (init_ret & X509_PCY_TREE_EXPLICIT) { nodes = X509_policy_tree_get0_user_policies(tree); - if (sk_X509_POLICY_NODE_num(nodes) <= 0) + if (sk_X509_POLICY_NODE_num(nodes) <= 0) { + X509_policy_tree_free(tree); return X509_PCY_TREE_FAILURE; + } } + + *ptree = tree; return X509_PCY_TREE_VALID; error: diff --git a/crypto/x509/t_acert.c b/crypto/x509/t_acert.c index 1ee6b9eacb05..1ef7fab682bb 100644 --- a/crypto/x509/t_acert.c +++ b/crypto/x509/t_acert.c @@ -1,5 +1,5 @@ /* - * Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -62,8 +62,10 @@ static int print_attribute(BIO *bp, X509_ATTRIBUTE *a) case V_ASN1_SEQUENCE: if (BIO_puts(bp, "\n") <= 0) goto err; - ASN1_parse_dump(bp, at->value.sequence->data, - at->value.sequence->length, i, 1); + if (ASN1_parse_dump(bp, at->value.sequence->data, + at->value.sequence->length, i, 1) + <= 0) + goto err; break; default: if (BIO_printf(bp, "unable to print attribute of type 0x%X\n", diff --git a/crypto/x509/v3_ac_tgt.c b/crypto/x509/v3_ac_tgt.c index 4fe14070369a..b819f7659551 100644 --- a/crypto/x509/v3_ac_tgt.c +++ b/crypto/x509/v3_ac_tgt.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -41,7 +41,7 @@ ASN1_SEQUENCE(OSSL_ISSUER_SERIAL) = { ASN1_OPT(OSSL_ISSUER_SERIAL, issuerUID, ASN1_BIT_STRING), } static_ASN1_SEQUENCE_END(OSSL_ISSUER_SERIAL) - ASN1_SEQUENCE(OSSL_OBJECT_DIGEST_INFO) +ASN1_SEQUENCE(OSSL_OBJECT_DIGEST_INFO) = { ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO, digestedObjectType, ASN1_ENUMERATED), ASN1_OPT(OSSL_OBJECT_DIGEST_INFO, otherObjectTypeID, ASN1_OBJECT), @@ -49,14 +49,14 @@ ASN1_SEQUENCE(OSSL_ISSUER_SERIAL) = { ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO, objectDigest, ASN1_BIT_STRING), } static_ASN1_SEQUENCE_END(OSSL_OBJECT_DIGEST_INFO) - ASN1_SEQUENCE(OSSL_TARGET_CERT) +ASN1_SEQUENCE(OSSL_TARGET_CERT) = { ASN1_SIMPLE(OSSL_TARGET_CERT, targetCertificate, OSSL_ISSUER_SERIAL), ASN1_OPT(OSSL_TARGET_CERT, targetName, GENERAL_NAME), ASN1_OPT(OSSL_TARGET_CERT, certDigestInfo, OSSL_OBJECT_DIGEST_INFO), } static_ASN1_SEQUENCE_END(OSSL_TARGET_CERT) - ASN1_CHOICE(OSSL_TARGET) +ASN1_CHOICE(OSSL_TARGET) = { ASN1_EXP(OSSL_TARGET, choice.targetName, GENERAL_NAME, 0), ASN1_EXP(OSSL_TARGET, choice.targetGroup, GENERAL_NAME, 1), diff --git a/crypto/x509/v3_cpols.c b/crypto/x509/v3_cpols.c index ab37f9dff625..c5a638e8a396 100644 --- a/crypto/x509/v3_cpols.c +++ b/crypto/x509/v3_cpols.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -256,7 +256,7 @@ err: static int displaytext_get_tag_len(const char *tagstr) { - char *colon = strchr(tagstr, ':'); + const char *colon = strchr(tagstr, ':'); return (colon == NULL) ? -1 : colon - tagstr; } diff --git a/crypto/x509/v3_prn.c b/crypto/x509/v3_prn.c index 088cffed69f0..1992344d85be 100644 --- a/crypto/x509/v3_prn.c +++ b/crypto/x509/v3_prn.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -191,9 +191,9 @@ static int unknown_ext_print(BIO *out, const unsigned char *ext, int extlen, return 1; case X509V3_EXT_PARSE_UNKNOWN: - return ASN1_parse_dump(out, ext, extlen, indent, -1); + return ASN1_parse_dump(out, ext, extlen, indent, -1) > 0; case X509V3_EXT_DUMP_UNKNOWN: - return BIO_dump_indent(out, (const char *)ext, extlen, indent); + return BIO_dump_indent(out, (const char *)ext, extlen, indent) > 0; default: return 1; diff --git a/crypto/x509/v3_san.c b/crypto/x509/v3_san.c index 76170bcb9516..2674b33cc565 100644 --- a/crypto/x509/v3_san.c +++ b/crypto/x509/v3_san.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -630,7 +630,8 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, static int do_othername(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx) { - char *objtmp = NULL, *p; + char *objtmp = NULL; + const char *p; int objlen; if ((p = strchr(value, ';')) == NULL) diff --git a/crypto/x509/v3_timespec.c b/crypto/x509/v3_timespec.c index c23b94ad085f..4b7b07c3d0d0 100644 --- a/crypto/x509/v3_timespec.c +++ b/crypto/x509/v3_timespec.c @@ -1,5 +1,5 @@ /* - * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2024-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -167,7 +167,7 @@ static int i2r_OSSL_DAY_TIME(X509V3_EXT_METHOD *method, return 0; if (dt->minute && !ASN1_INTEGER_get_int64(&m, dt->minute)) return 0; - if (dt->minute && !ASN1_INTEGER_get_int64(&s, dt->second)) + if (dt->second && !ASN1_INTEGER_get_int64(&s, dt->second)) return 0; return BIO_printf(out, "%02lld:%02lld:%02lld", (long long int)h, (long long int)m, (long long int)s) diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c index a3ee50e5cee7..99780cf4a32b 100644 --- a/crypto/x509/v3_utl.c +++ b/crypto/x509/v3_utl.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -1120,15 +1120,16 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) ASN1_OCTET_STRING *ret = NULL; unsigned char ipout[32]; char *iptmp = NULL, *p; + const char *slash; int iplen1, iplen2; - p = strchr(ipasc, '/'); - if (p == NULL) + slash = strchr(ipasc, '/'); + if (slash == NULL) return NULL; iptmp = OPENSSL_strdup(ipasc); if (iptmp == NULL) return NULL; - p = iptmp + (p - ipasc); + p = iptmp + (slash - ipasc); *p++ = 0; iplen1 = ossl_a2i_ipadd(ipout, iptmp); diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 20c012def2f3..0994c32ca533 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -1123,6 +1123,7 @@ static int check_cert(X509_STORE_CTX *ctx) goto done; } + ctx->current_crl = NULL; X509_CRL_free(crl); X509_CRL_free(dcrl); crl = NULL; @@ -1307,6 +1308,8 @@ static int check_delta_base(X509_CRL *delta, X509_CRL *base) if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0) return 0; /* Delta CRL number must exceed full CRL number */ + if (delta->crl_number == NULL) + return 0; return ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0; } @@ -3015,7 +3018,7 @@ static int dane_match_cert(X509_STORE_CTX *ctx, X509 *cert, int depth) break; } - OPENSSL_free(dane->mcert); + X509_free(dane->mcert); dane->mcert = cert; dane->mdpth = depth; dane->mtlsa = t; diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 4c75560ef248..03f532ab9cb3 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -65,8 +65,8 @@ ASN1_SEQUENCE(X509_PUBKEY_INTERNAL) = { ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) } static_ASN1_SEQUENCE_END_name(X509_PUBKEY, X509_PUBKEY_INTERNAL) - X509_PUBKEY - * ossl_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp, long len, OSSL_LIB_CTX *libctx, const char *propq) +X509_PUBKEY +*ossl_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp, long len, OSSL_LIB_CTX *libctx, const char *propq) { X509_PUBKEY *xpub = OPENSSL_zalloc(sizeof(*xpub)); |