git: e833378cf958 - stable/14 - OpenSSL: update to 3.0.12
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 25 Oct 2023 20:21:30 UTC
The branch stable/14 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=e833378cf9589171562ccad4c6ff59c3713770bd
commit e833378cf9589171562ccad4c6ff59c3713770bd
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-10-24 18:55:56 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-10-25 20:20:31 +0000
OpenSSL: update to 3.0.12
OpenSSL 3.0.12 addresses:
* Fix incorrect key and IV resizing issues when calling
EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2()
with OSSL_PARAM parameters that alter the key or IV length
([CVE-2023-5363]).
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
(cherry picked from commit ad991e4c142ebabad7aef488ad97b189ecabb270)
(cherry picked from commit 575878a533823aa3e5bab715928d9cdffbc4dcbc)
---
crypto/openssl/CHANGES.md | 9 +++
crypto/openssl/INSTALL.md | 4 +-
crypto/openssl/NEWS.md | 6 ++
crypto/openssl/VERSION.dat | 4 +-
crypto/openssl/apps/dgst.c | 2 +
crypto/openssl/apps/dhparam.c | 4 +-
crypto/openssl/apps/dsaparam.c | 4 +-
crypto/openssl/apps/enc.c | 5 +-
crypto/openssl/apps/gendsa.c | 4 +-
crypto/openssl/apps/genpkey.c | 4 +-
crypto/openssl/apps/genrsa.c | 4 +-
crypto/openssl/apps/lib/apps.c | 16 ++++--
crypto/openssl/apps/req.c | 2 +
crypto/openssl/apps/speed.c | 3 +-
crypto/openssl/crypto/aes/asm/aesv8-armx.pl | 3 +
crypto/openssl/crypto/arm_arch.h | 7 +--
crypto/openssl/crypto/bn/bn_gcd.c | 8 +--
crypto/openssl/crypto/build.info | 2 -
crypto/openssl/crypto/cms/cms_enc.c | 5 +-
crypto/openssl/crypto/cms/cms_err.c | 4 +-
crypto/openssl/crypto/cms/cms_sd.c | 14 ++++-
crypto/openssl/crypto/dh/dh_check.c | 3 +-
crypto/openssl/crypto/dh/dh_key.c | 3 +-
crypto/openssl/crypto/dh/dh_lib.c | 4 +-
crypto/openssl/crypto/dsa/dsa_check.c | 8 ++-
crypto/openssl/crypto/dsa/dsa_lib.c | 4 +-
crypto/openssl/crypto/dsa/dsa_ossl.c | 1 -
crypto/openssl/crypto/engine/eng_pkey.c | 44 ++++++++++++++-
crypto/openssl/crypto/engine/eng_table.c | 1 +
crypto/openssl/crypto/err/openssl.txt | 1 +
crypto/openssl/crypto/evp/evp_enc.c | 45 ++++++++++++++-
crypto/openssl/crypto/evp/legacy_sha.c | 8 ++-
crypto/openssl/crypto/evp/p_lib.c | 2 +-
crypto/openssl/crypto/evp/pmeth_lib.c | 5 +-
crypto/openssl/crypto/ex_data.c | 4 +-
crypto/openssl/crypto/ffc/ffc_key_validate.c | 16 ++----
crypto/openssl/crypto/lhash/lhash.c | 6 +-
crypto/openssl/crypto/mem.c | 12 +++-
crypto/openssl/crypto/modes/asm/ghashv8-armx.pl | 5 +-
crypto/openssl/crypto/objects/obj_dat.c | 7 ++-
crypto/openssl/crypto/param_build_set.c | 13 +++--
.../openssl/crypto/poly1305/asm/poly1305-armv8.pl | 26 ++++-----
crypto/openssl/crypto/property/property_parse.c | 34 +++++++++--
crypto/openssl/crypto/rsa/rsa_backend.c | 14 +----
crypto/openssl/crypto/rsa/rsa_lib.c | 32 ++++++++---
crypto/openssl/doc/man3/CMS_add1_signer.pod | 8 ++-
crypto/openssl/doc/man3/DH_generate_parameters.pod | 6 +-
.../openssl/doc/man3/DSA_generate_parameters.pod | 4 +-
crypto/openssl/doc/man3/EVP_aes_128_gcm.pod | 8 +--
crypto/openssl/doc/man3/EVP_aria_128_gcm.pod | 2 +-
crypto/openssl/doc/man3/EVP_bf_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_blake2b512.pod | 2 +-
crypto/openssl/doc/man3/EVP_camellia_128_ecb.pod | 2 +-
crypto/openssl/doc/man3/EVP_cast5_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_chacha20.pod | 2 +-
crypto/openssl/doc/man3/EVP_des_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_desx_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_idea_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_md2.pod | 2 +-
crypto/openssl/doc/man3/EVP_md4.pod | 2 +-
crypto/openssl/doc/man3/EVP_md5.pod | 2 +-
crypto/openssl/doc/man3/EVP_mdc2.pod | 2 +-
crypto/openssl/doc/man3/EVP_rc2_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_rc4.pod | 2 +-
crypto/openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_ripemd160.pod | 2 +-
crypto/openssl/doc/man3/EVP_seed_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_sha1.pod | 2 +-
crypto/openssl/doc/man3/EVP_sha224.pod | 2 +-
crypto/openssl/doc/man3/EVP_sha3_224.pod | 2 +-
crypto/openssl/doc/man3/EVP_sm3.pod | 2 +-
crypto/openssl/doc/man3/EVP_sm4_cbc.pod | 2 +-
crypto/openssl/doc/man3/EVP_whirlpool.pod | 2 +-
crypto/openssl/doc/man3/PKCS5_PBKDF2_HMAC.pod | 5 +-
.../openssl/doc/man3/SSL_CONF_CTX_set_ssl_ctx.pod | 10 +++-
.../openssl/doc/man3/SSL_CTX_set_info_callback.pod | 16 ++++--
.../openssl/doc/man3/d2i_PKCS8PrivateKey_bio.pod | 4 +-
crypto/openssl/doc/man3/d2i_X509.pod | 26 +++++++--
crypto/openssl/include/openssl/cmserr.h | 3 +-
crypto/openssl/include/openssl/evp.h | 4 +-
crypto/openssl/include/openssl/opensslv.h | 10 ++--
crypto/openssl/include/openssl/pkcs7.h.in | 6 +-
crypto/openssl/providers/fips-sources.checksums | 40 ++++++-------
crypto/openssl/providers/fips.checksum | 2 +-
.../encode_decode/encode_key2text.c | 65 +++++++++-------------
.../providers/implementations/keymgmt/dh_kmgmt.c | 2 +-
.../providers/implementations/macs/kmac_prov.c | 6 +-
secure/lib/libcrypto/Makefile.inc | 4 +-
sys/crypto/openssl/aarch64/aesv8-armx.S | 6 +-
sys/crypto/openssl/aarch64/arm_arch.h | 7 +--
sys/crypto/openssl/aarch64/ghashv8-armx.S | 26 ++++-----
sys/crypto/openssl/aarch64/poly1305-armv8.S | 24 ++++----
92 files changed, 471 insertions(+), 281 deletions(-)
diff --git a/crypto/openssl/CHANGES.md b/crypto/openssl/CHANGES.md
index a26bdbdd0ad0..f464b2320e9c 100644
--- a/crypto/openssl/CHANGES.md
+++ b/crypto/openssl/CHANGES.md
@@ -28,6 +28,14 @@ breaking changes, and mappings for the large list of deprecated functions.
[Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod
+### Changes between 3.0.11 and 3.0.12 [24 Oct 2023]
+
+ * Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(),
+ EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() with OSSL_PARAM parameters
+ that alter the key or IV length ([CVE-2023-5363]).
+
+ *Paul Dale*
+
### Changes between 3.0.10 and 3.0.11 [19 Sep 2023]
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
@@ -19732,6 +19740,7 @@ ndif
<!-- Links -->
+[CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
[CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
[CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817
[CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446
diff --git a/crypto/openssl/INSTALL.md b/crypto/openssl/INSTALL.md
index ad4a51026d7c..fef408e9d1e3 100644
--- a/crypto/openssl/INSTALL.md
+++ b/crypto/openssl/INSTALL.md
@@ -2,8 +2,8 @@ Build and Install
=================
This document describes installation on all supported operating
-systems (the Unix/Linux family, including macOS), OpenVMS,
-and Windows).
+systems: the Unix/Linux family (including macOS), OpenVMS,
+and Windows.
Table of Contents
=================
diff --git a/crypto/openssl/NEWS.md b/crypto/openssl/NEWS.md
index f7ca47baff87..8f0d973e057b 100644
--- a/crypto/openssl/NEWS.md
+++ b/crypto/openssl/NEWS.md
@@ -18,6 +18,11 @@ OpenSSL Releases
OpenSSL 3.0
-----------
+### Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
+
+ * Mitigate incorrect resize handling for symmetric cipher keys and IVs.
+ ([CVE-2023-5363])
+
### Major changes between OpenSSL 3.0.10 and OpenSSL 3.0.11 [19 Sep 2023]
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows
@@ -1453,6 +1458,7 @@ OpenSSL 0.9.x
<!-- Links -->
+[CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
[CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
[CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817
[CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446
diff --git a/crypto/openssl/VERSION.dat b/crypto/openssl/VERSION.dat
index c4157a86274d..9d9448118e6d 100644
--- a/crypto/openssl/VERSION.dat
+++ b/crypto/openssl/VERSION.dat
@@ -1,7 +1,7 @@
MAJOR=3
MINOR=0
-PATCH=11
+PATCH=12
PRE_RELEASE_TAG=
BUILD_METADATA=
-RELEASE_DATE="19 Sep 2023"
+RELEASE_DATE="24 Oct 2023"
SHLIB_VERSION=3
diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c
index e12389197de4..3f02af0d5738 100644
--- a/crypto/openssl/apps/dgst.c
+++ b/crypto/openssl/apps/dgst.c
@@ -320,6 +320,8 @@ int dgst_main(int argc, char **argv)
sigkey = app_keygen(mac_ctx, mac_name, 0, 0 /* not verbose */);
/* Verbose output would make external-tests gost-engine fail */
EVP_PKEY_CTX_free(mac_ctx);
+ if (sigkey == NULL)
+ goto end;
}
if (hmac_key != NULL) {
diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c
index 43906cea5649..2a54dca9d8b5 100644
--- a/crypto/openssl/apps/dhparam.c
+++ b/crypto/openssl/apps/dhparam.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -222,6 +222,8 @@ int dhparam_main(int argc, char **argv)
}
tmppkey = app_paramgen(ctx, alg);
+ if (tmppkey == NULL)
+ goto end;
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
if (dsaparam) {
diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c
index b5555282be6e..ca91beb5b893 100644
--- a/crypto/openssl/apps/dsaparam.c
+++ b/crypto/openssl/apps/dsaparam.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -218,6 +218,8 @@ int dsaparam_main(int argc, char **argv)
goto end;
}
pkey = app_keygen(ctx, "DSA", numbits, verbose);
+ if (pkey == NULL)
+ goto end;
assert(private);
if (outformat == FORMAT_ASN1)
i = i2d_PrivateKey_bio(out, pkey);
diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c
index b3bf4cc2592d..c275046cf57a 100644
--- a/crypto/openssl/apps/enc.c
+++ b/crypto/openssl/apps/enc.c
@@ -624,7 +624,10 @@ int enc_main(int argc, char **argv)
}
}
if (!BIO_flush(wbio)) {
- BIO_printf(bio_err, "bad decrypt\n");
+ if (enc)
+ BIO_printf(bio_err, "bad encrypt\n");
+ else
+ BIO_printf(bio_err, "bad decrypt\n");
goto end;
}
diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c
index 27feb793fed2..8aefca65566c 100644
--- a/crypto/openssl/apps/gendsa.c
+++ b/crypto/openssl/apps/gendsa.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -146,6 +146,8 @@ int gendsa_main(int argc, char **argv)
goto end;
}
pkey = app_keygen(ctx, "DSA", nbits, verbose);
+ if (pkey == NULL)
+ goto end;
assert(private);
if (!PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, passout)) {
diff --git a/crypto/openssl/apps/genpkey.c b/crypto/openssl/apps/genpkey.c
index d00754eeaca0..705e5c76b47d 100644
--- a/crypto/openssl/apps/genpkey.c
+++ b/crypto/openssl/apps/genpkey.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -183,6 +183,8 @@ int genpkey_main(int argc, char **argv)
pkey = do_param ? app_paramgen(ctx, algname)
: app_keygen(ctx, algname, 0, 0 /* not verbose */);
+ if (pkey == NULL)
+ goto end;
if (do_param) {
rv = PEM_write_bio_Parameters(out, pkey);
diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c
index 4436b7fa1745..6a683517a15f 100644
--- a/crypto/openssl/apps/genrsa.c
+++ b/crypto/openssl/apps/genrsa.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -203,6 +203,8 @@ opthelp:
goto end;
}
pkey = app_keygen(ctx, "RSA", num, verbose);
+ if (pkey == NULL)
+ goto end;
if (verbose) {
BIGNUM *e = NULL;
diff --git a/crypto/openssl/apps/lib/apps.c b/crypto/openssl/apps/lib/apps.c
index 572f6a3f8f28..a632b0cff2bf 100644
--- a/crypto/openssl/apps/lib/apps.c
+++ b/crypto/openssl/apps/lib/apps.c
@@ -960,10 +960,14 @@ int load_key_certs_crls_suppress(const char *uri, int format, int maybe_stdin,
ctx = OSSL_STORE_open_ex(uri, libctx, propq, get_ui_method(), &uidata,
params, NULL, NULL);
}
- if (ctx == NULL)
+ if (ctx == NULL) {
+ BIO_printf(bio_err, "Could not open file or uri for loading");
goto end;
- if (expect > 0 && !OSSL_STORE_expect(ctx, expect))
+ }
+ if (expect > 0 && !OSSL_STORE_expect(ctx, expect)) {
+ BIO_printf(bio_err, "Internal error trying to load");
goto end;
+ }
failed = NULL;
while (cnt_expectations > 0 && !OSSL_STORE_eof(ctx)) {
@@ -3359,8 +3363,8 @@ EVP_PKEY *app_keygen(EVP_PKEY_CTX *ctx, const char *alg, int bits, int verbose)
BIO_printf(bio_err, "Warning: generating random key material may take a long time\n"
"if the system has a poor entropy source\n");
if (EVP_PKEY_keygen(ctx, &res) <= 0)
- app_bail_out("%s: Error generating %s key\n", opt_getprog(),
- alg != NULL ? alg : "asymmetric");
+ BIO_printf(bio_err, "%s: Error generating %s key\n", opt_getprog(),
+ alg != NULL ? alg : "asymmetric");
return res;
}
@@ -3372,8 +3376,8 @@ EVP_PKEY *app_paramgen(EVP_PKEY_CTX *ctx, const char *alg)
BIO_printf(bio_err, "Warning: generating random key parameters may take a long time\n"
"if the system has a poor entropy source\n");
if (EVP_PKEY_paramgen(ctx, &res) <= 0)
- app_bail_out("%s: Generating %s key parameters failed\n",
- opt_getprog(), alg != NULL ? alg : "asymmetric");
+ BIO_printf(bio_err, "%s: Generating %s key parameters failed\n",
+ opt_getprog(), alg != NULL ? alg : "asymmetric");
return res;
}
diff --git a/crypto/openssl/apps/req.c b/crypto/openssl/apps/req.c
index 926f0796bc8f..41191803aef4 100644
--- a/crypto/openssl/apps/req.c
+++ b/crypto/openssl/apps/req.c
@@ -685,6 +685,8 @@ int req_main(int argc, char **argv)
EVP_PKEY_CTX_set_app_data(genctx, bio_err);
pkey = app_keygen(genctx, keyalgstr, newkey_len, verbose);
+ if (pkey == NULL)
+ goto end;
EVP_PKEY_CTX_free(genctx);
genctx = NULL;
diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c
index f30435704d19..1113d775b8ab 100644
--- a/crypto/openssl/apps/speed.c
+++ b/crypto/openssl/apps/speed.c
@@ -3700,7 +3700,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
} else {
int pad;
- RAND_bytes(out, 16);
+ if (RAND_bytes(inp, 16) <= 0)
+ app_bail_out("error setting random bytes\n");
len += 16;
aad[11] = (unsigned char)(len >> 8);
aad[12] = (unsigned char)(len);
diff --git a/crypto/openssl/crypto/aes/asm/aesv8-armx.pl b/crypto/openssl/crypto/aes/asm/aesv8-armx.pl
index 544dc7e8effe..d0e0be6187bd 100755
--- a/crypto/openssl/crypto/aes/asm/aesv8-armx.pl
+++ b/crypto/openssl/crypto/aes/asm/aesv8-armx.pl
@@ -3661,6 +3661,9 @@ if ($flavour =~ /64/) { ######## 64-bit code
s/\.[ui]?64//o and s/\.16b/\.2d/go;
s/\.[42]([sd])\[([0-3])\]/\.$1\[$2\]/o;
+ # Switch preprocessor checks to aarch64 versions.
+ s/__ARME([BL])__/__AARCH64E$1__/go;
+
print $_,"\n";
}
} else { ######## 32-bit code
diff --git a/crypto/openssl/crypto/arm_arch.h b/crypto/openssl/crypto/arm_arch.h
index 45d7e1556475..ec4a087fede2 100644
--- a/crypto/openssl/crypto/arm_arch.h
+++ b/crypto/openssl/crypto/arm_arch.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2011-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -21,11 +21,6 @@
# elif defined(__GNUC__)
# if defined(__aarch64__)
# define __ARM_ARCH__ 8
-# if __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
-# define __ARMEB__
-# else
-# define __ARMEL__
-# endif
/*
* Why doesn't gcc define __ARM_ARCH__? Instead it defines
* bunch of below macros. See all_architectures[] table in
diff --git a/crypto/openssl/crypto/bn/bn_gcd.c b/crypto/openssl/crypto/bn/bn_gcd.c
index 59d024f674eb..cd0b0151ec7e 100644
--- a/crypto/openssl/crypto/bn/bn_gcd.c
+++ b/crypto/openssl/crypto/bn/bn_gcd.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -611,9 +611,9 @@ int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
for (i = 0; i < m; i++) {
/* conditionally flip signs if delta is positive and g is odd */
- cond = (-delta >> (8 * sizeof(delta) - 1)) & g->d[0] & 1
+ cond = ((unsigned int)-delta >> (8 * sizeof(delta) - 1)) & g->d[0] & 1
/* make sure g->top > 0 (i.e. if top == 0 then g == 0 always) */
- & (~((g->top - 1) >> (sizeof(g->top) * 8 - 1)));
+ & (~((unsigned int)(g->top - 1) >> (sizeof(g->top) * 8 - 1)));
delta = (-cond & -delta) | ((cond - 1) & delta);
r->neg ^= cond;
/* swap */
@@ -625,7 +625,7 @@ int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
goto err;
BN_consttime_swap(g->d[0] & 1 /* g is odd */
/* make sure g->top > 0 (i.e. if top == 0 then g == 0 always) */
- & (~((g->top - 1) >> (sizeof(g->top) * 8 - 1))),
+ & (~((unsigned int)(g->top - 1) >> (sizeof(g->top) * 8 - 1))),
g, temp, top);
if (!BN_rshift1(g, g))
goto err;
diff --git a/crypto/openssl/crypto/build.info b/crypto/openssl/crypto/build.info
index b90390ae864c..c04db5591120 100644
--- a/crypto/openssl/crypto/build.info
+++ b/crypto/openssl/crypto/build.info
@@ -97,8 +97,6 @@ $UTIL_COMMON=\
context.c sparse_array.c asn1_dsa.c packet.c param_build.c \
param_build_set.c der_writer.c threads_lib.c params_dup.c
-SHARED_SOURCE[../libssl]=sparse_array.c
-
SOURCE[../libcrypto]=$UTIL_COMMON \
mem.c mem_sec.c \
cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \
diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c
index f7007c12319e..ae88df33a7f0 100644
--- a/crypto/openssl/crypto/cms/cms_enc.c
+++ b/crypto/openssl/crypto/cms/cms_enc.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -15,6 +15,7 @@
#include <openssl/cms.h>
#include <openssl/rand.h>
#include "crypto/evp.h"
+#include "crypto/asn1.h"
#include "cms_local.h"
/* CMS EncryptedData Utilities */
@@ -81,7 +82,7 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
if (enc) {
calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_get_type(ctx));
- if (calg->algorithm == NULL) {
+ if (calg->algorithm == NULL || calg->algorithm->nid == NID_undef) {
ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM);
goto err;
}
diff --git a/crypto/openssl/crypto/cms/cms_err.c b/crypto/openssl/crypto/cms/cms_err.c
index dcbea201c8e5..4bd6a0dc1bf1 100644
--- a/crypto/openssl/crypto/cms/cms_err.c
+++ b/crypto/openssl/crypto/cms/cms_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -154,6 +154,8 @@ static const ERR_STRING_DATA CMS_str_reasons[] = {
"unsupported recipientinfo type"},
{ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
"unsupported recipient type"},
+ {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM),
+ "unsupported signature algorithm"},
{ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
{ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_ERROR), "unwrap error"},
{ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_FAILURE), "unwrap failure"},
diff --git a/crypto/openssl/crypto/cms/cms_sd.c b/crypto/openssl/crypto/cms/cms_sd.c
index 53c8e378f318..2093657a2a4a 100644
--- a/crypto/openssl/crypto/cms/cms_sd.c
+++ b/crypto/openssl/crypto/cms/cms_sd.c
@@ -354,11 +354,16 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
if (md == NULL) {
int def_nid;
- if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0)
+
+ if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0) {
+ ERR_raise_data(ERR_LIB_CMS, CMS_R_NO_DEFAULT_DIGEST,
+ "pkey nid=%d", EVP_PKEY_get_id(pk));
goto err;
+ }
md = EVP_get_digestbynid(def_nid);
if (md == NULL) {
- ERR_raise(ERR_LIB_CMS, CMS_R_NO_DEFAULT_DIGEST);
+ ERR_raise_data(ERR_LIB_CMS, CMS_R_NO_DEFAULT_DIGEST,
+ "default md nid=%d", def_nid);
goto err;
}
}
@@ -398,8 +403,11 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
}
}
- if (!(flags & CMS_KEY_PARAM) && !cms_sd_asn1_ctrl(si, 0))
+ if (!(flags & CMS_KEY_PARAM) && !cms_sd_asn1_ctrl(si, 0)) {
+ ERR_raise_data(ERR_LIB_CMS, CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM,
+ "pkey nid=%d", EVP_PKEY_get_id(pk));
goto err;
+ }
if (!(flags & CMS_NOATTR)) {
/*
* Initialize signed attributes structure so other attributes
diff --git a/crypto/openssl/crypto/dh/dh_check.c b/crypto/openssl/crypto/dh/dh_check.c
index f4173e21371e..7ba2beae7fd6 100644
--- a/crypto/openssl/crypto/dh/dh_check.c
+++ b/crypto/openssl/crypto/dh/dh_check.c
@@ -259,7 +259,8 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
*/
int ossl_dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret)
{
- return ossl_ffc_validate_public_key_partial(&dh->params, pub_key, ret);
+ return ossl_ffc_validate_public_key_partial(&dh->params, pub_key, ret)
+ && *ret == 0;
}
int ossl_dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret)
diff --git a/crypto/openssl/crypto/dh/dh_key.c b/crypto/openssl/crypto/dh/dh_key.c
index 4e9705beef73..d84ea99241b9 100644
--- a/crypto/openssl/crypto/dh/dh_key.c
+++ b/crypto/openssl/crypto/dh/dh_key.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -190,7 +190,6 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
static int dh_init(DH *dh)
{
dh->flags |= DH_FLAG_CACHE_MONT_P;
- ossl_ffc_params_init(&dh->params);
dh->dirty_cnt++;
return 1;
}
diff --git a/crypto/openssl/crypto/dh/dh_lib.c b/crypto/openssl/crypto/dh/dh_lib.c
index 29cda5d7bfa8..5577413e1e0c 100644
--- a/crypto/openssl/crypto/dh/dh_lib.c
+++ b/crypto/openssl/crypto/dh/dh_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -116,6 +116,8 @@ static DH *dh_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx)
goto err;
#endif /* FIPS_MODULE */
+ ossl_ffc_params_init(&ret->params);
+
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
ERR_raise(ERR_LIB_DH, ERR_R_INIT_FAIL);
goto err;
diff --git a/crypto/openssl/crypto/dsa/dsa_check.c b/crypto/openssl/crypto/dsa/dsa_check.c
index 7ee914a477ec..fb0e9129a295 100644
--- a/crypto/openssl/crypto/dsa/dsa_check.c
+++ b/crypto/openssl/crypto/dsa/dsa_check.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -39,7 +39,8 @@ int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
*/
int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
{
- return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret);
+ return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret)
+ && *ret == 0;
}
/*
@@ -49,7 +50,8 @@ int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
*/
int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
{
- return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret);
+ return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret)
+ && *ret == 0;
}
int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
diff --git a/crypto/openssl/crypto/dsa/dsa_lib.c b/crypto/openssl/crypto/dsa/dsa_lib.c
index ccc701659217..2ae3f8e36b26 100644
--- a/crypto/openssl/crypto/dsa/dsa_lib.c
+++ b/crypto/openssl/crypto/dsa/dsa_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -176,6 +176,8 @@ static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx)
goto err;
#endif
+ ossl_ffc_params_init(&ret->params);
+
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
ERR_raise(ERR_LIB_DSA, ERR_R_INIT_FAIL);
goto err;
diff --git a/crypto/openssl/crypto/dsa/dsa_ossl.c b/crypto/openssl/crypto/dsa/dsa_ossl.c
index 62f7c70149f4..8fd66a950e37 100644
--- a/crypto/openssl/crypto/dsa/dsa_ossl.c
+++ b/crypto/openssl/crypto/dsa/dsa_ossl.c
@@ -441,7 +441,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
static int dsa_init(DSA *dsa)
{
dsa->flags |= DSA_FLAG_CACHE_MONT_P;
- ossl_ffc_params_init(&dsa->params);
dsa->dirty_cnt++;
return 1;
}
diff --git a/crypto/openssl/crypto/engine/eng_pkey.c b/crypto/openssl/crypto/engine/eng_pkey.c
index 6e6d6df35b2b..f84fcde46016 100644
--- a/crypto/openssl/crypto/engine/eng_pkey.c
+++ b/crypto/openssl/crypto/engine/eng_pkey.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -79,6 +79,48 @@ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
ERR_raise(ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
return NULL;
}
+ /* We enforce check for legacy key */
+ switch (EVP_PKEY_get_id(pkey)) {
+ case EVP_PKEY_RSA:
+ {
+ RSA *rsa = EVP_PKEY_get1_RSA(pkey);
+ EVP_PKEY_set1_RSA(pkey, rsa);
+ RSA_free(rsa);
+ }
+ break;
+# ifndef OPENSSL_NO_EC
+ case EVP_PKEY_SM2:
+ case EVP_PKEY_EC:
+ {
+ EC_KEY *ec = EVP_PKEY_get1_EC_KEY(pkey);
+ EVP_PKEY_set1_EC_KEY(pkey, ec);
+ EC_KEY_free(ec);
+ }
+ break;
+# endif
+# ifndef OPENSSL_NO_DSA
+ case EVP_PKEY_DSA:
+ {
+ DSA *dsa = EVP_PKEY_get1_DSA(pkey);
+ EVP_PKEY_set1_DSA(pkey, dsa);
+ DSA_free(dsa);
+ }
+ break;
+#endif
+# ifndef OPENSSL_NO_DH
+ case EVP_PKEY_DH:
+ {
+ DH *dh = EVP_PKEY_get1_DH(pkey);
+ EVP_PKEY_set1_DH(pkey, dh);
+ DH_free(dh);
+ }
+ break;
+#endif
+ default:
+ /*Do nothing */
+ break;
+ }
+
return pkey;
}
diff --git a/crypto/openssl/crypto/engine/eng_table.c b/crypto/openssl/crypto/engine/eng_table.c
index 3138a1526002..9dc3144bbfd7 100644
--- a/crypto/openssl/crypto/engine/eng_table.c
+++ b/crypto/openssl/crypto/engine/eng_table.c
@@ -97,6 +97,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
if (added && !engine_cleanup_add_first(cleanup)) {
lh_ENGINE_PILE_free(&(*table)->piles);
*table = NULL;
+ goto end;
}
while (num_nids--) {
tmplate.nid = *nids;
diff --git a/crypto/openssl/crypto/err/openssl.txt b/crypto/openssl/crypto/err/openssl.txt
index a6f61ca3b02f..e51504b7abd5 100644
--- a/crypto/openssl/crypto/err/openssl.txt
+++ b/crypto/openssl/crypto/err/openssl.txt
@@ -375,6 +375,7 @@ CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM:179:\
CMS_R_UNSUPPORTED_LABEL_SOURCE:193:unsupported label source
CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE:155:unsupported recipientinfo type
CMS_R_UNSUPPORTED_RECIPIENT_TYPE:154:unsupported recipient type
+CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM:195:unsupported signature algorithm
CMS_R_UNSUPPORTED_TYPE:156:unsupported type
CMS_R_UNWRAP_ERROR:157:unwrap error
CMS_R_UNWRAP_FAILURE:180:unwrap failure
diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c
index b178d1086473..4e6f83e3d0a9 100644
--- a/crypto/openssl/crypto/evp/evp_enc.c
+++ b/crypto/openssl/crypto/evp/evp_enc.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -192,7 +192,12 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
#endif
}
- if (cipher->prov != NULL) {
+ if (!ossl_assert(cipher->prov != NULL)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+ return 0;
+ }
+
+ if (cipher != ctx->fetched_cipher) {
if (!EVP_CIPHER_up_ref((EVP_CIPHER *)cipher)) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
return 0;
@@ -218,6 +223,42 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
return 0;
}
+#ifndef FIPS_MODULE
+ /*
+ * Fix for CVE-2023-5363
+ * Passing in a size as part of the init call takes effect late
+ * so, force such to occur before the initialisation.
+ *
+ * The FIPS provider's internal library context is used in a manner
+ * such that this is not an issue.
+ */
+ if (params != NULL) {
+ OSSL_PARAM param_lens[3] = { OSSL_PARAM_END, OSSL_PARAM_END,
+ OSSL_PARAM_END };
+ OSSL_PARAM *q = param_lens;
+ const OSSL_PARAM *p;
+
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
+ if (p != NULL)
+ memcpy(q++, p, sizeof(*q));
+
+ /*
+ * Note that OSSL_CIPHER_PARAM_AEAD_IVLEN is a synomym for
+ * OSSL_CIPHER_PARAM_IVLEN so both are covered here.
+ */
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN);
+ if (p != NULL)
+ memcpy(q++, p, sizeof(*q));
+
+ if (q != param_lens) {
+ if (!EVP_CIPHER_CTX_set_params(ctx, param_lens)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
+ return 0;
+ }
+ }
+ }
+#endif
+
if (enc) {
if (ctx->cipher->einit == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
diff --git a/crypto/openssl/crypto/evp/legacy_sha.c b/crypto/openssl/crypto/evp/legacy_sha.c
index 3859286eeb20..ca9a3264978a 100644
--- a/crypto/openssl/crypto/evp/legacy_sha.c
+++ b/crypto/openssl/crypto/evp/legacy_sha.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -71,7 +71,11 @@ static int sha1_int_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2)
{
- KECCAK1600_CTX *ctx = evp_ctx->md_data;
+ KECCAK1600_CTX *ctx;
+
+ if (evp_ctx == NULL)
+ return 0;
+ ctx = evp_ctx->md_data;
switch (cmd) {
case EVP_MD_CTRL_XOF_LEN:
diff --git a/crypto/openssl/crypto/evp/p_lib.c b/crypto/openssl/crypto/evp/p_lib.c
index 59a7a867ecbb..04b148a91218 100644
--- a/crypto/openssl/crypto/evp/p_lib.c
+++ b/crypto/openssl/crypto/evp/p_lib.c
@@ -1201,7 +1201,7 @@ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx)
{
- return print_pkey(pkey, out, indent, EVP_PKEY_KEYPAIR, NULL,
+ return print_pkey(pkey, out, indent, EVP_PKEY_PRIVATE_KEY, NULL,
(pkey->ameth != NULL ? pkey->ameth->priv_print : NULL),
pctx);
}
diff --git a/crypto/openssl/crypto/evp/pmeth_lib.c b/crypto/openssl/crypto/evp/pmeth_lib.c
index ce6e1a1ccbd5..ba1971ce461d 100644
--- a/crypto/openssl/crypto/evp/pmeth_lib.c
+++ b/crypto/openssl/crypto/evp/pmeth_lib.c
@@ -251,10 +251,11 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
*/
if (e != NULL)
pmeth = ENGINE_get_pkey_meth(e, id);
- else if (pkey != NULL && pkey->foreign)
+ else
+# endif /* OPENSSL_NO_ENGINE */
+ if (pkey != NULL && pkey->foreign)
pmeth = EVP_PKEY_meth_find(id);
else
-# endif
app_pmeth = pmeth = evp_pkey_meth_find_added_by_application(id);
/* END legacy */
diff --git a/crypto/openssl/crypto/ex_data.c b/crypto/openssl/crypto/ex_data.c
index 40223f06e4ec..13b928899456 100644
--- a/crypto/openssl/crypto/ex_data.c
+++ b/crypto/openssl/crypto/ex_data.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -163,6 +163,8 @@ int ossl_crypto_get_ex_new_index_ex(OSSL_LIB_CTX *ctx, int class_index,
* "app_data" routines use ex_data index zero. See RT 3710. */
if (ip->meth == NULL
|| !sk_EX_CALLBACK_push(ip->meth, NULL)) {
+ sk_EX_CALLBACK_free(ip->meth);
+ ip->meth = NULL;
ERR_raise(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE);
goto err;
}
diff --git a/crypto/openssl/crypto/ffc/ffc_key_validate.c b/crypto/openssl/crypto/ffc/ffc_key_validate.c
index 342789621d6d..a4a2a58e9a7f 100644
--- a/crypto/openssl/crypto/ffc/ffc_key_validate.c
+++ b/crypto/openssl/crypto/ffc/ffc_key_validate.c
@@ -26,7 +26,7 @@ int ossl_ffc_validate_public_key_partial(const FFC_PARAMS *params,
*ret = 0;
if (params == NULL || pub_key == NULL || params->p == NULL) {
*ret = FFC_ERROR_PASSED_NULL_PARAM;
- return 0;
+ return 1;
}
ctx = BN_CTX_new_ex(NULL);
@@ -39,18 +39,14 @@ int ossl_ffc_validate_public_key_partial(const FFC_PARAMS *params,
if (tmp == NULL
|| !BN_set_word(tmp, 1))
goto err;
- if (BN_cmp(pub_key, tmp) <= 0) {
+ if (BN_cmp(pub_key, tmp) <= 0)
*ret |= FFC_ERROR_PUBKEY_TOO_SMALL;
- goto err;
- }
/* Step(1): Verify pub_key <= p-2 */
if (BN_copy(tmp, params->p) == NULL
|| !BN_sub_word(tmp, 1))
goto err;
- if (BN_cmp(pub_key, tmp) >= 0) {
+ if (BN_cmp(pub_key, tmp) >= 0)
*ret |= FFC_ERROR_PUBKEY_TOO_LARGE;
- goto err;
- }
ok = 1;
err:
if (ctx != NULL) {
@@ -73,7 +69,7 @@ int ossl_ffc_validate_public_key(const FFC_PARAMS *params,
if (!ossl_ffc_validate_public_key_partial(params, pub_key, ret))
return 0;
- if (params->q != NULL) {
+ if (*ret == 0 && params->q != NULL) {
ctx = BN_CTX_new_ex(NULL);
if (ctx == NULL)
goto err;
@@ -84,10 +80,8 @@ int ossl_ffc_validate_public_key(const FFC_PARAMS *params,
if (tmp == NULL
|| !BN_mod_exp(tmp, pub_key, params->q, params->p, ctx))
goto err;
- if (!BN_is_one(tmp)) {
+ if (!BN_is_one(tmp))
*ret |= FFC_ERROR_PUBKEY_INVALID;
- goto err;
- }
}
ok = 1;
diff --git a/crypto/openssl/crypto/lhash/lhash.c b/crypto/openssl/crypto/lhash/lhash.c
index 1cd988f01fc7..a01cfa725e38 100644
--- a/crypto/openssl/crypto/lhash/lhash.c
+++ b/crypto/openssl/crypto/lhash/lhash.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -266,12 +266,12 @@ static void contract(OPENSSL_LHASH *lh)
if (n == NULL) {
/* fputs("realloc error in lhash",stderr); */
lh->error++;
- return;
+ } else {
+ lh->b = n;
}
lh->num_alloc_nodes /= 2;
lh->pmax /= 2;
lh->p = lh->pmax - 1;
- lh->b = n;
} else
*** 1726 LINES SKIPPED ***