diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/context.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/context.h index cc06c71b..8ad16834 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/context.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/context.h @@ -1,5 +1,5 @@ /* - * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -21,6 +21,7 @@ void *ossl_child_prov_ctx_new(OSSL_LIB_CTX *); void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *); void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *); void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *); +int ossl_thread_register_fips(OSSL_LIB_CTX *); void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *); void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *); diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/evp.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/evp.h index dbbdcccb..a0fff7fd 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/evp.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/evp.h @@ -1,5 +1,5 @@ /* - * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -949,6 +949,14 @@ int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt); int evp_mac_get_number(const EVP_MAC *mac); int evp_md_get_number(const EVP_MD *md); int evp_rand_get_number(const EVP_RAND *rand); +int evp_rand_can_seed(EVP_RAND_CTX *ctx); +size_t evp_rand_get_seed(EVP_RAND_CTX *ctx, + unsigned char **buffer, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance, + const unsigned char *adin, size_t adin_len); +void evp_rand_clear_seed(EVP_RAND_CTX *ctx, + unsigned char *buffer, size_t b_len); int evp_signature_get_number(const EVP_SIGNATURE *signature); #endif /* OSSL_CRYPTO_EVP_H */ diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/rand.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/rand.h index 6a71a339..215b3b7a 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/rand.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/rand.h @@ -1,5 +1,5 @@ /* - * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -108,16 +108,26 @@ void ossl_random_add_conf_module(void); /* * Get and cleanup random seed material. */ -size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_entropy(OSSL_LIB_CTX *ctx, unsigned char **pout, int entropy, size_t min_len, size_t max_len); -void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len); +void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); -size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, +void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx, + unsigned char *buf, size_t len); +size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len); -void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, + size_t min_len, size_t max_len, + const void *salt, size_t salt_len); +void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); +void ossl_rand_cleanup_user_nonce(OSSL_LIB_CTX *ctx, + unsigned char *buf, size_t len); /* * Get seeding material from the operating system sources. @@ -125,4 +135,9 @@ void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_pool_acquire_entropy(RAND_POOL *pool); int ossl_pool_add_nonce_data(RAND_POOL *pool); +# ifdef FIPS_MODULE +EVP_RAND_CTX *ossl_rand_get0_private_noncreating(OSSL_LIB_CTX *ctx); +# else +EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx); +# endif #endif diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/randerr.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/randerr.h index 832a8b7d..6e2eb071 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/randerr.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/crypto/randerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/cmserr.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/cmserr.h index d48c2a4a..f2d7708f 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/cmserr.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -113,6 +113,7 @@ # define CMS_R_UNSUPPORTED_LABEL_SOURCE 193 # define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 # define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 +# define CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM 195 # define CMS_R_UNSUPPORTED_TYPE 156 # define CMS_R_UNWRAP_ERROR 157 # define CMS_R_UNWRAP_FAILURE 180 diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_dispatch.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_dispatch.h index 11e3c861..61d75a38 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_dispatch.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_dispatch.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -176,6 +176,12 @@ OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf, OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio, int cmd, long num, void *ptr)) +/* New seeding functions prototypes with the 101-104 series */ +#define OSSL_FUNC_CLEANUP_USER_ENTROPY 96 +#define OSSL_FUNC_CLEANUP_USER_NONCE 97 +#define OSSL_FUNC_GET_USER_ENTROPY 98 +#define OSSL_FUNC_GET_USER_NONCE 99 + #define OSSL_FUNC_SELF_TEST_CB 100 OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb, void **cbarg)) @@ -188,14 +194,25 @@ OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK ** OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, int entropy, size_t min_len, size_t max_len)) +OSSL_CORE_MAKE_FUNC(size_t, get_user_entropy, (const OSSL_CORE_HANDLE *handle, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) +OSSL_CORE_MAKE_FUNC(void, cleanup_user_entropy, (const OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len)) OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len)) +OSSL_CORE_MAKE_FUNC(size_t, get_user_nonce, (const OSSL_CORE_HANDLE *handle, + unsigned char **pout, size_t min_len, + size_t max_len, const void *salt, + size_t salt_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) +OSSL_CORE_MAKE_FUNC(void, cleanup_user_nonce, (const OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len)) /* Functions to access the core's providers */ #define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105 diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_names.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_names.h index 5e3c132f..0a6ec1bb 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_names.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/core_names.h @@ -248,6 +248,7 @@ extern "C" { #define OSSL_RAND_PARAM_MAX_REQUEST "max_request" #define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy" #define OSSL_RAND_PARAM_TEST_NONCE "test_nonce" +#define OSSL_RAND_PARAM_GENERATE "generate" /* RAND/DRBG names */ #define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests" diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/evp.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/evp.h index 86f4e22c..d0fce0c5 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/evp.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/evp.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -85,6 +85,8 @@ /* Easy to use macros for EVP_PKEY related selections */ # define EVP_PKEY_KEY_PARAMETERS \ ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ) +# define EVP_PKEY_PRIVATE_KEY \ + ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PRIVATE_KEY ) # define EVP_PKEY_PUBLIC_KEY \ ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY ) # define EVP_PKEY_KEYPAIR \ diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/opensslv.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/opensslv.h index 6b7364f4..b87a4aa1 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/opensslv.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/opensslv.h @@ -29,7 +29,7 @@ extern "C" { */ # define OPENSSL_VERSION_MAJOR 3 # define OPENSSL_VERSION_MINOR 1 -# define OPENSSL_VERSION_PATCH 3 +# define OPENSSL_VERSION_PATCH 4 /* * Additional version information @@ -74,21 +74,21 @@ extern "C" { * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and * OPENSSL_VERSION_BUILD_METADATA_STR appended. */ -# define OPENSSL_VERSION_STR "3.1.3" -# define OPENSSL_FULL_VERSION_STR "3.1.3" +# define OPENSSL_VERSION_STR "3.1.4" +# define OPENSSL_FULL_VERSION_STR "3.1.4" /* * SECTION 3: ADDITIONAL METADATA * * These strings are defined separately to allow them to be parsable. */ -# define OPENSSL_RELEASE_DATE "19 Sep 2023" +# define OPENSSL_RELEASE_DATE "24 Oct 2023" /* * SECTION 4: BACKWARD COMPATIBILITY */ -# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.3 19 Sep 2023" +# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.4 24 Oct 2023" /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */ # ifdef OPENSSL_VERSION_PRE_RELEASE diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h index 543c80cb..f824546c 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by Makefile from include/openssl/pkcs7.h.in * - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -59,8 +59,8 @@ typedef struct pkcs7_signer_info_st { PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; X509_ALGOR *digest_alg; STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; + X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */ + ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ /* The private key to sign with */ EVP_PKEY *pkey; diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h.in b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h.in index 0a0c415b..a346bc74 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h.in +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/pkcs7.h.in @@ -1,7 +1,7 @@ /* * {- join("\n * ", @autowarntext) -} * - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -60,8 +60,8 @@ typedef struct pkcs7_signer_info_st { PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; X509_ALGOR *digest_alg; STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; + X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */ + ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ /* The private key to sign with */ EVP_PKEY *pkey; diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/randerr.h b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/randerr.h index b5e08e43..04880374 100644 --- a/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/randerr.h +++ b/deps/openssl/ios/ios64-xcrun/usr/local/include/openssl/randerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -41,6 +41,7 @@ # define RAND_R_GENERATE_ERROR 112 # define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139 # define RAND_R_INTERNAL_ERROR 113 +# define RAND_R_INVALID_PROPERTY_QUERY 137 # define RAND_R_IN_ERROR_STATE 114 # define RAND_R_NOT_A_REGULAR_FILE 122 # define RAND_R_NOT_INSTANTIATED 115 diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/lib/libcrypto.a b/deps/openssl/ios/ios64-xcrun/usr/local/lib/libcrypto.a index 59ead778..62e92101 100644 Binary files a/deps/openssl/ios/ios64-xcrun/usr/local/lib/libcrypto.a and b/deps/openssl/ios/ios64-xcrun/usr/local/lib/libcrypto.a differ diff --git a/deps/openssl/ios/ios64-xcrun/usr/local/lib/libssl.a b/deps/openssl/ios/ios64-xcrun/usr/local/lib/libssl.a index 1b3bba98..8e263942 100644 Binary files a/deps/openssl/ios/ios64-xcrun/usr/local/lib/libssl.a and b/deps/openssl/ios/ios64-xcrun/usr/local/lib/libssl.a differ diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/context.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/context.h index cc06c71b..8ad16834 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/context.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/context.h @@ -1,5 +1,5 @@ /* - * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -21,6 +21,7 @@ void *ossl_child_prov_ctx_new(OSSL_LIB_CTX *); void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *); void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *); void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *); +int ossl_thread_register_fips(OSSL_LIB_CTX *); void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *); void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *); diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/evp.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/evp.h index dbbdcccb..a0fff7fd 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/evp.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/evp.h @@ -1,5 +1,5 @@ /* - * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -949,6 +949,14 @@ int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt); int evp_mac_get_number(const EVP_MAC *mac); int evp_md_get_number(const EVP_MD *md); int evp_rand_get_number(const EVP_RAND *rand); +int evp_rand_can_seed(EVP_RAND_CTX *ctx); +size_t evp_rand_get_seed(EVP_RAND_CTX *ctx, + unsigned char **buffer, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance, + const unsigned char *adin, size_t adin_len); +void evp_rand_clear_seed(EVP_RAND_CTX *ctx, + unsigned char *buffer, size_t b_len); int evp_signature_get_number(const EVP_SIGNATURE *signature); #endif /* OSSL_CRYPTO_EVP_H */ diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/rand.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/rand.h index 6a71a339..215b3b7a 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/rand.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/rand.h @@ -1,5 +1,5 @@ /* - * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -108,16 +108,26 @@ void ossl_random_add_conf_module(void); /* * Get and cleanup random seed material. */ -size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_entropy(OSSL_LIB_CTX *ctx, unsigned char **pout, int entropy, size_t min_len, size_t max_len); -void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len); +void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); -size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, +void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx, + unsigned char *buf, size_t len); +size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len); -void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, + size_t min_len, size_t max_len, + const void *salt, size_t salt_len); +void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); +void ossl_rand_cleanup_user_nonce(OSSL_LIB_CTX *ctx, + unsigned char *buf, size_t len); /* * Get seeding material from the operating system sources. @@ -125,4 +135,9 @@ void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_pool_acquire_entropy(RAND_POOL *pool); int ossl_pool_add_nonce_data(RAND_POOL *pool); +# ifdef FIPS_MODULE +EVP_RAND_CTX *ossl_rand_get0_private_noncreating(OSSL_LIB_CTX *ctx); +# else +EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx); +# endif #endif diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/randerr.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/randerr.h index 832a8b7d..6e2eb071 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/randerr.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/crypto/randerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/cmserr.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/cmserr.h index d48c2a4a..f2d7708f 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/cmserr.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -113,6 +113,7 @@ # define CMS_R_UNSUPPORTED_LABEL_SOURCE 193 # define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 # define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 +# define CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM 195 # define CMS_R_UNSUPPORTED_TYPE 156 # define CMS_R_UNWRAP_ERROR 157 # define CMS_R_UNWRAP_FAILURE 180 diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_dispatch.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_dispatch.h index 11e3c861..61d75a38 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_dispatch.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_dispatch.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -176,6 +176,12 @@ OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf, OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio, int cmd, long num, void *ptr)) +/* New seeding functions prototypes with the 101-104 series */ +#define OSSL_FUNC_CLEANUP_USER_ENTROPY 96 +#define OSSL_FUNC_CLEANUP_USER_NONCE 97 +#define OSSL_FUNC_GET_USER_ENTROPY 98 +#define OSSL_FUNC_GET_USER_NONCE 99 + #define OSSL_FUNC_SELF_TEST_CB 100 OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb, void **cbarg)) @@ -188,14 +194,25 @@ OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK ** OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, int entropy, size_t min_len, size_t max_len)) +OSSL_CORE_MAKE_FUNC(size_t, get_user_entropy, (const OSSL_CORE_HANDLE *handle, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) +OSSL_CORE_MAKE_FUNC(void, cleanup_user_entropy, (const OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len)) OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len)) +OSSL_CORE_MAKE_FUNC(size_t, get_user_nonce, (const OSSL_CORE_HANDLE *handle, + unsigned char **pout, size_t min_len, + size_t max_len, const void *salt, + size_t salt_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) +OSSL_CORE_MAKE_FUNC(void, cleanup_user_nonce, (const OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len)) /* Functions to access the core's providers */ #define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105 diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_names.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_names.h index 5e3c132f..0a6ec1bb 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_names.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/core_names.h @@ -248,6 +248,7 @@ extern "C" { #define OSSL_RAND_PARAM_MAX_REQUEST "max_request" #define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy" #define OSSL_RAND_PARAM_TEST_NONCE "test_nonce" +#define OSSL_RAND_PARAM_GENERATE "generate" /* RAND/DRBG names */ #define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests" diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/evp.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/evp.h index 86f4e22c..d0fce0c5 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/evp.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/evp.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -85,6 +85,8 @@ /* Easy to use macros for EVP_PKEY related selections */ # define EVP_PKEY_KEY_PARAMETERS \ ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ) +# define EVP_PKEY_PRIVATE_KEY \ + ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PRIVATE_KEY ) # define EVP_PKEY_PUBLIC_KEY \ ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY ) # define EVP_PKEY_KEYPAIR \ diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/opensslv.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/opensslv.h index 6b7364f4..b87a4aa1 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/opensslv.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/opensslv.h @@ -29,7 +29,7 @@ extern "C" { */ # define OPENSSL_VERSION_MAJOR 3 # define OPENSSL_VERSION_MINOR 1 -# define OPENSSL_VERSION_PATCH 3 +# define OPENSSL_VERSION_PATCH 4 /* * Additional version information @@ -74,21 +74,21 @@ extern "C" { * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and * OPENSSL_VERSION_BUILD_METADATA_STR appended. */ -# define OPENSSL_VERSION_STR "3.1.3" -# define OPENSSL_FULL_VERSION_STR "3.1.3" +# define OPENSSL_VERSION_STR "3.1.4" +# define OPENSSL_FULL_VERSION_STR "3.1.4" /* * SECTION 3: ADDITIONAL METADATA * * These strings are defined separately to allow them to be parsable. */ -# define OPENSSL_RELEASE_DATE "19 Sep 2023" +# define OPENSSL_RELEASE_DATE "24 Oct 2023" /* * SECTION 4: BACKWARD COMPATIBILITY */ -# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.3 19 Sep 2023" +# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.4 24 Oct 2023" /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */ # ifdef OPENSSL_VERSION_PRE_RELEASE diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h index 543c80cb..f824546c 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by Makefile from include/openssl/pkcs7.h.in * - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -59,8 +59,8 @@ typedef struct pkcs7_signer_info_st { PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; X509_ALGOR *digest_alg; STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; + X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */ + ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ /* The private key to sign with */ EVP_PKEY *pkey; diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h.in b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h.in index 0a0c415b..a346bc74 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h.in +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/pkcs7.h.in @@ -1,7 +1,7 @@ /* * {- join("\n * ", @autowarntext) -} * - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -60,8 +60,8 @@ typedef struct pkcs7_signer_info_st { PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; X509_ALGOR *digest_alg; STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; + X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */ + ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ /* The private key to sign with */ EVP_PKEY *pkey; diff --git a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/randerr.h b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/randerr.h index b5e08e43..04880374 100644 --- a/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/randerr.h +++ b/deps/openssl/ios/iossimulator-xcrun/usr/local/include/openssl/randerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -41,6 +41,7 @@ # define RAND_R_GENERATE_ERROR 112 # define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139 # define RAND_R_INTERNAL_ERROR 113 +# define RAND_R_INVALID_PROPERTY_QUERY 137 # define RAND_R_IN_ERROR_STATE 114 # define RAND_R_NOT_A_REGULAR_FILE 122 # define RAND_R_NOT_INSTANTIATED 115 diff --git a/tools/ssl-ios b/tools/ssl-ios index ca0542c0..91092de2 100755 --- a/tools/ssl-ios +++ b/tools/ssl-ios @@ -1,6 +1,6 @@ #!/bin/sh -OPENSSL_VERSION=3.1.3 +OPENSSL_VERSION=3.1.4 API_LEVEL=28