OpenSSL => 3.1.4 for iOS.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4580 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
Cory McWilliams 2023-10-25 21:46:16 +00:00
parent 5db9acae1d
commit b7a4ac22b2
27 changed files with 139 additions and 47 deletions

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -21,6 +21,7 @@ void *ossl_child_prov_ctx_new(OSSL_LIB_CTX *);
void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *); void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *);
void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *); void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *);
void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *); void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *);
int ossl_thread_register_fips(OSSL_LIB_CTX *);
void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *); void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *);
void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *); void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -949,6 +949,14 @@ int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt);
int evp_mac_get_number(const EVP_MAC *mac); int evp_mac_get_number(const EVP_MAC *mac);
int evp_md_get_number(const EVP_MD *md); int evp_md_get_number(const EVP_MD *md);
int evp_rand_get_number(const EVP_RAND *rand); int evp_rand_get_number(const EVP_RAND *rand);
int evp_rand_can_seed(EVP_RAND_CTX *ctx);
size_t evp_rand_get_seed(EVP_RAND_CTX *ctx,
unsigned char **buffer,
int entropy, size_t min_len, size_t max_len,
int prediction_resistance,
const unsigned char *adin, size_t adin_len);
void evp_rand_clear_seed(EVP_RAND_CTX *ctx,
unsigned char *buffer, size_t b_len);
int evp_signature_get_number(const EVP_SIGNATURE *signature); int evp_signature_get_number(const EVP_SIGNATURE *signature);
#endif /* OSSL_CRYPTO_EVP_H */ #endif /* OSSL_CRYPTO_EVP_H */

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -108,16 +108,26 @@ void ossl_random_add_conf_module(void);
/* /*
* Get and cleanup random seed material. * Get and cleanup random seed material.
*/ */
size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_rand_get_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy, unsigned char **pout, int entropy,
size_t min_len, size_t max_len); size_t min_len, size_t max_len);
void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len);
void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len); unsigned char *buf, size_t len);
size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx,
unsigned char **pout, size_t min_len, size_t max_len, unsigned char **pout, size_t min_len, size_t max_len,
const void *salt, size_t salt_len); const void *salt, size_t salt_len);
void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout,
size_t min_len, size_t max_len,
const void *salt, size_t salt_len);
void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len); unsigned char *buf, size_t len);
void ossl_rand_cleanup_user_nonce(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
/* /*
* Get seeding material from the operating system sources. * Get seeding material from the operating system sources.
@ -125,4 +135,9 @@ void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle,
size_t ossl_pool_acquire_entropy(RAND_POOL *pool); size_t ossl_pool_acquire_entropy(RAND_POOL *pool);
int ossl_pool_add_nonce_data(RAND_POOL *pool); int ossl_pool_add_nonce_data(RAND_POOL *pool);
# ifdef FIPS_MODULE
EVP_RAND_CTX *ossl_rand_get0_private_noncreating(OSSL_LIB_CTX *ctx);
# else
EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx);
# endif
#endif #endif

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -113,6 +113,7 @@
# define CMS_R_UNSUPPORTED_LABEL_SOURCE 193 # define CMS_R_UNSUPPORTED_LABEL_SOURCE 193
# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 # define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 # define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
# define CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM 195
# define CMS_R_UNSUPPORTED_TYPE 156 # define CMS_R_UNSUPPORTED_TYPE 156
# define CMS_R_UNWRAP_ERROR 157 # define CMS_R_UNWRAP_ERROR 157
# define CMS_R_UNWRAP_FAILURE 180 # define CMS_R_UNWRAP_FAILURE 180

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -176,6 +176,12 @@ OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf,
OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio, OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio,
int cmd, long num, void *ptr)) int cmd, long num, void *ptr))
/* New seeding functions prototypes with the 101-104 series */
#define OSSL_FUNC_CLEANUP_USER_ENTROPY 96
#define OSSL_FUNC_CLEANUP_USER_NONCE 97
#define OSSL_FUNC_GET_USER_ENTROPY 98
#define OSSL_FUNC_GET_USER_NONCE 99
#define OSSL_FUNC_SELF_TEST_CB 100 #define OSSL_FUNC_SELF_TEST_CB 100
OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb, OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb,
void **cbarg)) void **cbarg))
@ -188,14 +194,25 @@ OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **
OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, int entropy, unsigned char **pout, int entropy,
size_t min_len, size_t max_len)) size_t min_len, size_t max_len))
OSSL_CORE_MAKE_FUNC(size_t, get_user_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len))
OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len)) unsigned char *buf, size_t len))
OSSL_CORE_MAKE_FUNC(void, cleanup_user_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len))
OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, size_t min_len, unsigned char **pout, size_t min_len,
size_t max_len, const void *salt, size_t max_len, const void *salt,
size_t salt_len)) size_t salt_len))
OSSL_CORE_MAKE_FUNC(size_t, get_user_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, size_t min_len,
size_t max_len, const void *salt,
size_t salt_len))
OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len)) unsigned char *buf, size_t len))
OSSL_CORE_MAKE_FUNC(void, cleanup_user_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len))
/* Functions to access the core's providers */ /* Functions to access the core's providers */
#define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105 #define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105

View File

@ -248,6 +248,7 @@ extern "C" {
#define OSSL_RAND_PARAM_MAX_REQUEST "max_request" #define OSSL_RAND_PARAM_MAX_REQUEST "max_request"
#define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy" #define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
#define OSSL_RAND_PARAM_TEST_NONCE "test_nonce" #define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
#define OSSL_RAND_PARAM_GENERATE "generate"
/* RAND/DRBG names */ /* RAND/DRBG names */
#define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests" #define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests"

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -85,6 +85,8 @@
/* Easy to use macros for EVP_PKEY related selections */ /* Easy to use macros for EVP_PKEY related selections */
# define EVP_PKEY_KEY_PARAMETERS \ # define EVP_PKEY_KEY_PARAMETERS \
( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ) ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS )
# define EVP_PKEY_PRIVATE_KEY \
( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PRIVATE_KEY )
# define EVP_PKEY_PUBLIC_KEY \ # define EVP_PKEY_PUBLIC_KEY \
( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY ) ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY )
# define EVP_PKEY_KEYPAIR \ # define EVP_PKEY_KEYPAIR \

View File

@ -29,7 +29,7 @@ extern "C" {
*/ */
# define OPENSSL_VERSION_MAJOR 3 # define OPENSSL_VERSION_MAJOR 3
# define OPENSSL_VERSION_MINOR 1 # define OPENSSL_VERSION_MINOR 1
# define OPENSSL_VERSION_PATCH 3 # define OPENSSL_VERSION_PATCH 4
/* /*
* Additional version information * Additional version information
@ -74,21 +74,21 @@ extern "C" {
* longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
* OPENSSL_VERSION_BUILD_METADATA_STR appended. * OPENSSL_VERSION_BUILD_METADATA_STR appended.
*/ */
# define OPENSSL_VERSION_STR "3.1.3" # define OPENSSL_VERSION_STR "3.1.4"
# define OPENSSL_FULL_VERSION_STR "3.1.3" # define OPENSSL_FULL_VERSION_STR "3.1.4"
/* /*
* SECTION 3: ADDITIONAL METADATA * SECTION 3: ADDITIONAL METADATA
* *
* These strings are defined separately to allow them to be parsable. * These strings are defined separately to allow them to be parsable.
*/ */
# define OPENSSL_RELEASE_DATE "19 Sep 2023" # define OPENSSL_RELEASE_DATE "24 Oct 2023"
/* /*
* SECTION 4: BACKWARD COMPATIBILITY * SECTION 4: BACKWARD COMPATIBILITY
*/ */
# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.3 19 Sep 2023" # define OPENSSL_VERSION_TEXT "OpenSSL 3.1.4 24 Oct 2023"
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */ /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
# ifdef OPENSSL_VERSION_PRE_RELEASE # ifdef OPENSSL_VERSION_PRE_RELEASE

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by Makefile from include/openssl/pkcs7.h.in * Generated by Makefile from include/openssl/pkcs7.h.in
* *
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -59,8 +59,8 @@ typedef struct pkcs7_signer_info_st {
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *digest_alg; X509_ALGOR *digest_alg;
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
X509_ALGOR *digest_enc_alg; X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */
ASN1_OCTET_STRING *enc_digest; ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */ /* The private key to sign with */
EVP_PKEY *pkey; EVP_PKEY *pkey;

View File

@ -1,7 +1,7 @@
/* /*
* {- join("\n * ", @autowarntext) -} * {- join("\n * ", @autowarntext) -}
* *
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -60,8 +60,8 @@ typedef struct pkcs7_signer_info_st {
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *digest_alg; X509_ALGOR *digest_alg;
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
X509_ALGOR *digest_enc_alg; X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */
ASN1_OCTET_STRING *enc_digest; ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */ /* The private key to sign with */
EVP_PKEY *pkey; EVP_PKEY *pkey;

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -41,6 +41,7 @@
# define RAND_R_GENERATE_ERROR 112 # define RAND_R_GENERATE_ERROR 112
# define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139 # define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139
# define RAND_R_INTERNAL_ERROR 113 # define RAND_R_INTERNAL_ERROR 113
# define RAND_R_INVALID_PROPERTY_QUERY 137
# define RAND_R_IN_ERROR_STATE 114 # define RAND_R_IN_ERROR_STATE 114
# define RAND_R_NOT_A_REGULAR_FILE 122 # define RAND_R_NOT_A_REGULAR_FILE 122
# define RAND_R_NOT_INSTANTIATED 115 # define RAND_R_NOT_INSTANTIATED 115

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -21,6 +21,7 @@ void *ossl_child_prov_ctx_new(OSSL_LIB_CTX *);
void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *); void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *);
void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *); void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *);
void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *); void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *);
int ossl_thread_register_fips(OSSL_LIB_CTX *);
void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *); void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *);
void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *); void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -949,6 +949,14 @@ int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt);
int evp_mac_get_number(const EVP_MAC *mac); int evp_mac_get_number(const EVP_MAC *mac);
int evp_md_get_number(const EVP_MD *md); int evp_md_get_number(const EVP_MD *md);
int evp_rand_get_number(const EVP_RAND *rand); int evp_rand_get_number(const EVP_RAND *rand);
int evp_rand_can_seed(EVP_RAND_CTX *ctx);
size_t evp_rand_get_seed(EVP_RAND_CTX *ctx,
unsigned char **buffer,
int entropy, size_t min_len, size_t max_len,
int prediction_resistance,
const unsigned char *adin, size_t adin_len);
void evp_rand_clear_seed(EVP_RAND_CTX *ctx,
unsigned char *buffer, size_t b_len);
int evp_signature_get_number(const EVP_SIGNATURE *signature); int evp_signature_get_number(const EVP_SIGNATURE *signature);
#endif /* OSSL_CRYPTO_EVP_H */ #endif /* OSSL_CRYPTO_EVP_H */

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -108,16 +108,26 @@ void ossl_random_add_conf_module(void);
/* /*
* Get and cleanup random seed material. * Get and cleanup random seed material.
*/ */
size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_rand_get_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy, unsigned char **pout, int entropy,
size_t min_len, size_t max_len); size_t min_len, size_t max_len);
void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len);
void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len); unsigned char *buf, size_t len);
size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx,
unsigned char **pout, size_t min_len, size_t max_len, unsigned char **pout, size_t min_len, size_t max_len,
const void *salt, size_t salt_len); const void *salt, size_t salt_len);
void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout,
size_t min_len, size_t max_len,
const void *salt, size_t salt_len);
void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len); unsigned char *buf, size_t len);
void ossl_rand_cleanup_user_nonce(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
/* /*
* Get seeding material from the operating system sources. * Get seeding material from the operating system sources.
@ -125,4 +135,9 @@ void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle,
size_t ossl_pool_acquire_entropy(RAND_POOL *pool); size_t ossl_pool_acquire_entropy(RAND_POOL *pool);
int ossl_pool_add_nonce_data(RAND_POOL *pool); int ossl_pool_add_nonce_data(RAND_POOL *pool);
# ifdef FIPS_MODULE
EVP_RAND_CTX *ossl_rand_get0_private_noncreating(OSSL_LIB_CTX *ctx);
# else
EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx);
# endif
#endif #endif

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -113,6 +113,7 @@
# define CMS_R_UNSUPPORTED_LABEL_SOURCE 193 # define CMS_R_UNSUPPORTED_LABEL_SOURCE 193
# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 # define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 # define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
# define CMS_R_UNSUPPORTED_SIGNATURE_ALGORITHM 195
# define CMS_R_UNSUPPORTED_TYPE 156 # define CMS_R_UNSUPPORTED_TYPE 156
# define CMS_R_UNWRAP_ERROR 157 # define CMS_R_UNWRAP_ERROR 157
# define CMS_R_UNWRAP_FAILURE 180 # define CMS_R_UNWRAP_FAILURE 180

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -176,6 +176,12 @@ OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf,
OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio, OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio,
int cmd, long num, void *ptr)) int cmd, long num, void *ptr))
/* New seeding functions prototypes with the 101-104 series */
#define OSSL_FUNC_CLEANUP_USER_ENTROPY 96
#define OSSL_FUNC_CLEANUP_USER_NONCE 97
#define OSSL_FUNC_GET_USER_ENTROPY 98
#define OSSL_FUNC_GET_USER_NONCE 99
#define OSSL_FUNC_SELF_TEST_CB 100 #define OSSL_FUNC_SELF_TEST_CB 100
OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb, OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb,
void **cbarg)) void **cbarg))
@ -188,14 +194,25 @@ OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **
OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, int entropy, unsigned char **pout, int entropy,
size_t min_len, size_t max_len)) size_t min_len, size_t max_len))
OSSL_CORE_MAKE_FUNC(size_t, get_user_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len))
OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len)) unsigned char *buf, size_t len))
OSSL_CORE_MAKE_FUNC(void, cleanup_user_entropy, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len))
OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, size_t min_len, unsigned char **pout, size_t min_len,
size_t max_len, const void *salt, size_t max_len, const void *salt,
size_t salt_len)) size_t salt_len))
OSSL_CORE_MAKE_FUNC(size_t, get_user_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char **pout, size_t min_len,
size_t max_len, const void *salt,
size_t salt_len))
OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle, OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len)) unsigned char *buf, size_t len))
OSSL_CORE_MAKE_FUNC(void, cleanup_user_nonce, (const OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len))
/* Functions to access the core's providers */ /* Functions to access the core's providers */
#define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105 #define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105

View File

@ -248,6 +248,7 @@ extern "C" {
#define OSSL_RAND_PARAM_MAX_REQUEST "max_request" #define OSSL_RAND_PARAM_MAX_REQUEST "max_request"
#define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy" #define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
#define OSSL_RAND_PARAM_TEST_NONCE "test_nonce" #define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
#define OSSL_RAND_PARAM_GENERATE "generate"
/* RAND/DRBG names */ /* RAND/DRBG names */
#define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests" #define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests"

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -85,6 +85,8 @@
/* Easy to use macros for EVP_PKEY related selections */ /* Easy to use macros for EVP_PKEY related selections */
# define EVP_PKEY_KEY_PARAMETERS \ # define EVP_PKEY_KEY_PARAMETERS \
( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ) ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS )
# define EVP_PKEY_PRIVATE_KEY \
( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PRIVATE_KEY )
# define EVP_PKEY_PUBLIC_KEY \ # define EVP_PKEY_PUBLIC_KEY \
( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY ) ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY )
# define EVP_PKEY_KEYPAIR \ # define EVP_PKEY_KEYPAIR \

View File

@ -29,7 +29,7 @@ extern "C" {
*/ */
# define OPENSSL_VERSION_MAJOR 3 # define OPENSSL_VERSION_MAJOR 3
# define OPENSSL_VERSION_MINOR 1 # define OPENSSL_VERSION_MINOR 1
# define OPENSSL_VERSION_PATCH 3 # define OPENSSL_VERSION_PATCH 4
/* /*
* Additional version information * Additional version information
@ -74,21 +74,21 @@ extern "C" {
* longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
* OPENSSL_VERSION_BUILD_METADATA_STR appended. * OPENSSL_VERSION_BUILD_METADATA_STR appended.
*/ */
# define OPENSSL_VERSION_STR "3.1.3" # define OPENSSL_VERSION_STR "3.1.4"
# define OPENSSL_FULL_VERSION_STR "3.1.3" # define OPENSSL_FULL_VERSION_STR "3.1.4"
/* /*
* SECTION 3: ADDITIONAL METADATA * SECTION 3: ADDITIONAL METADATA
* *
* These strings are defined separately to allow them to be parsable. * These strings are defined separately to allow them to be parsable.
*/ */
# define OPENSSL_RELEASE_DATE "19 Sep 2023" # define OPENSSL_RELEASE_DATE "24 Oct 2023"
/* /*
* SECTION 4: BACKWARD COMPATIBILITY * SECTION 4: BACKWARD COMPATIBILITY
*/ */
# define OPENSSL_VERSION_TEXT "OpenSSL 3.1.3 19 Sep 2023" # define OPENSSL_VERSION_TEXT "OpenSSL 3.1.4 24 Oct 2023"
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */ /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
# ifdef OPENSSL_VERSION_PRE_RELEASE # ifdef OPENSSL_VERSION_PRE_RELEASE

View File

@ -2,7 +2,7 @@
* WARNING: do not edit! * WARNING: do not edit!
* Generated by Makefile from include/openssl/pkcs7.h.in * Generated by Makefile from include/openssl/pkcs7.h.in
* *
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -59,8 +59,8 @@ typedef struct pkcs7_signer_info_st {
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *digest_alg; X509_ALGOR *digest_alg;
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
X509_ALGOR *digest_enc_alg; X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */
ASN1_OCTET_STRING *enc_digest; ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */ /* The private key to sign with */
EVP_PKEY *pkey; EVP_PKEY *pkey;

View File

@ -1,7 +1,7 @@
/* /*
* {- join("\n * ", @autowarntext) -} * {- join("\n * ", @autowarntext) -}
* *
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -60,8 +60,8 @@ typedef struct pkcs7_signer_info_st {
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *digest_alg; X509_ALGOR *digest_alg;
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
X509_ALGOR *digest_enc_alg; X509_ALGOR *digest_enc_alg; /* confusing name, actually used for signing */
ASN1_OCTET_STRING *enc_digest; ASN1_OCTET_STRING *enc_digest; /* confusing name, actually signature */
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */ /* The private key to sign with */
EVP_PKEY *pkey; EVP_PKEY *pkey;

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -41,6 +41,7 @@
# define RAND_R_GENERATE_ERROR 112 # define RAND_R_GENERATE_ERROR 112
# define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139 # define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139
# define RAND_R_INTERNAL_ERROR 113 # define RAND_R_INTERNAL_ERROR 113
# define RAND_R_INVALID_PROPERTY_QUERY 137
# define RAND_R_IN_ERROR_STATE 114 # define RAND_R_IN_ERROR_STATE 114
# define RAND_R_NOT_A_REGULAR_FILE 122 # define RAND_R_NOT_A_REGULAR_FILE 122
# define RAND_R_NOT_INSTANTIATED 115 # define RAND_R_NOT_INSTANTIATED 115

View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
OPENSSL_VERSION=3.1.3 OPENSSL_VERSION=3.1.4
API_LEVEL=28 API_LEVEL=28