commit b166a01e49892521d1e88b6c140142757d712712 Author: zyppe <210hcl@gmail.com> Date: Mon Feb 5 14:45:12 2024 +0800 Initialize for openssl-3 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c92639a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +openssl-3.0.8.tar.gz diff --git a/.openssl-3.metadata b/.openssl-3.metadata new file mode 100644 index 0000000..3fec4a2 --- /dev/null +++ b/.openssl-3.metadata @@ -0,0 +1 @@ +3ec911e6930e0e2ebbcc77bb2b36896e7376a2f559156f50f355b0d4f8bc90cb openssl-3.0.8.tar.gz diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..b8b7a88 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,8 @@ +libopenssl3 + obsoletes "libopenssl1_1_0-" + obsoletes "libopenssl1_1-" +libopenssl-3-devel + provides "libopenssl-devel- = " + conflicts "otherproviders(libopenssl-devel-)" + requires -"openssl-3-" + requires "libopenssl3- = " diff --git a/fix-config-in-tests.patch b/fix-config-in-tests.patch new file mode 100644 index 0000000..2f83aa7 --- /dev/null +++ b/fix-config-in-tests.patch @@ -0,0 +1,13 @@ +Index: openssl-3.0.1/test/run_tests.pl +=================================================================== +--- openssl-3.0.1.orig/test/run_tests.pl ++++ openssl-3.0.1/test/run_tests.pl +@@ -33,7 +33,7 @@ my $recipesdir = catdir($srctop, "test", + my $libdir = rel2abs(catdir($srctop, "util", "perl")); + my $jobs = $ENV{HARNESS_JOBS} // 1; + +-$ENV{OPENSSL_CONF} = rel2abs(catfile($srctop, "apps", "openssl.cnf")); ++$ENV{OPENSSL_CONF} = rel2abs(catfile($srctop, "apps", "openssl3.cnf")); + $ENV{OPENSSL_CONF_INCLUDE} = rel2abs(catdir($bldtop, "test")); + $ENV{OPENSSL_MODULES} = rel2abs(catdir($bldtop, "providers")); + $ENV{OPENSSL_ENGINES} = rel2abs(catdir($bldtop, "engines")); diff --git a/openssl-1.1.0-no-html.patch b/openssl-1.1.0-no-html.patch new file mode 100644 index 0000000..30a7db1 --- /dev/null +++ b/openssl-1.1.0-no-html.patch @@ -0,0 +1,13 @@ +Index: openssl-3.0.0-alpha1/Configurations/unix-Makefile.tmpl +=================================================================== +--- openssl-3.0.0-alpha1.orig/Configurations/unix-Makefile.tmpl 2020-04-23 22:56:27.365853133 +0200 ++++ openssl-3.0.0-alpha1/Configurations/unix-Makefile.tmpl 2020-04-23 22:56:52.474004636 +0200 +@@ -544,7 +544,7 @@ install_sw: install_dev install_engines + + uninstall_sw: uninstall_runtime uninstall_modules uninstall_engines uninstall_dev + +-install_docs: install_man_docs install_html_docs ++install_docs: install_man_docs + + uninstall_docs: uninstall_man_docs uninstall_html_docs + $(RM) -r $(DESTDIR)$(DOCDIR) diff --git a/openssl-3.0.8.tar.gz.asc b/openssl-3.0.8.tar.gz.asc new file mode 100644 index 0000000..f5efa95 --- /dev/null +++ b/openssl-3.0.8.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEeVOsH7w9yLOykjk+1enkP3357owFAmPiVZsACgkQ1enkP335 +7owJ6BAAk2EnBElYMTM3SuqLDp4fdf2EhSfhxWG45Q9oV8BQ3Th/l8zia/pIOLs7 +Pt6MXYhdd6IdVij5HMMR/ZMUJi/YnYG9lhhJ+p4NTHP+Tc4UjHoexJQuDZk9jM6y +zynSONsuIZRAXI4hiJ2Lg5X0iLhEuYBblPUDDdkO8ojTYkEohMQDj4Jt63vVPylV +m+tIDFVfYVQpXnORvy0LNDyjQhDb+gEEnAt8XwpE9FnrvkREHM1WQgmI4+1FLXBc +MaCWoFGEmFRMqxbqEjrtnCCafFcCKGYQnozrdN8VK62xGhDEOwEwjgzW00rm1TIG +eKOp9XOwcZehM5VR622eD/N4A96ET5Q3WOgqc76I8sWmx0lu/PaXl5bZcAeZpG4v +dYI926XSaSsrQ2ADhpgl02vLTVISMejmTNrxZjci0Ce76xjFfcxutD8wppL9Zqg4 +dwmpW8+qpgXZ+ABN6qYWsIXVHijJcyJgmFdQdcF/FfjVRxviCncz2i5dyUNUgw6Z ++nLlYNfk+6v0EVIgIA3rw8TGKGom3m1+d41KAMdEAET6n1D/SKbJxCyyYlBBGZBT +7Vd5u2zEjMK4b0Iv81Nq4YsActWk69PULfkYLgRGSvBFtpIn9g9RgV7hKlFTvZ/5 +S4A8XH/qrlSk+jb2Bl7qlgyZceDti8Ef6Ktz9YDdH0O133BRxAQ= +=FUbH +-----END PGP SIGNATURE----- diff --git a/openssl-3.changes b/openssl-3.changes new file mode 100644 index 0000000..a07908c --- /dev/null +++ b/openssl-3.changes @@ -0,0 +1,957 @@ +* Thu Jul 20 2023 pmonreal@suse.com +- Security fix: [bsc#1213487, CVE-2023-3446] + * Fix DH_check() excessive time with over sized modulus. + * The function DH_check() performs various checks on DH parameters. + One of those checks confirms that the modulus ("p" parameter) is + not too large. Trying to use a very large modulus is slow and + OpenSSL will not normally use a modulus which is over 10,000 bits + in length. + However the DH_check() function checks numerous aspects of the + key or parameters that have been supplied. Some of those checks + use the supplied modulus value even if it has already been found + to be too large. + A new limit has been added to DH_check of 32,768 bits. Supplying + a key/parameters with a modulus over this size will simply cause + DH_check() to fail. + * Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch +* Tue Jul 18 2023 pmonreal@suse.com +- Security fix: [bsc#1213383, CVE-2023-2975] + * AES-SIV implementation ignores empty associated data entries + * Add openssl-CVE-2023-2975.patch +* Mon May 22 2023 otto.hollmann@suse.com +- Security Fix: [CVE-2023-1255, bsc#1210714] + * Input buffer over-read in AES-XTS implementation on 64 bit ARM + * Add openssl-CVE-2023-1255.patch +- Security Fix: [CVE-2023-2650, bsc#1211430] + * Possible DoS translating ASN.1 object identifiers + * Add openssl-CVE-2023-2650.patch +* Mon Apr 3 2023 otto.hollmann@suse.com +- Security Fix: [CVE-2023-0465, bsc#1209878] + * Invalid certificate policies in leaf certificates are silently ignored + * Add openssl-CVE-2023-0465.patch +- Security Fix: [CVE-2023-0466, bsc#1209873] + * Certificate policy check not enabled + * Add openssl-CVE-2023-0466.patch +* Fri Mar 24 2023 otto.hollmann@suse.com +- Security Fix: [CVE-2023-0464, bsc#1209624] + * Excessive Resource Usage Verifying X.509 Policy Constraints + * Add openssl-CVE-2023-0464.patch +* Tue Feb 7 2023 otto.hollmann@suse.com +- Update to version 3.0.8 in SLE15-SP5 [jsc#PED-544] + * Fixed NULL dereference during PKCS7 data verification. + A NULL pointer can be dereferenced when signatures are being + verified on PKCS7 signed or signedAndEnveloped data. In case the hash + algorithm used for the signature is known to the OpenSSL library but + the implementation of the hash algorithm is not available the digest + initialization will fail. There is a missing check for the return + value from the initialization function which later leads to invalid + usage of the digest API most likely leading to a crash. + ([bsc#1207541, CVE-2023-0401]) + PKCS7 data is processed by the SMIME library calls and also by the + time stamp (TS) library calls. The TLS implementation in OpenSSL does + not call these functions however third party applications would be + affected if they call these functions to verify signatures on untrusted + data. + * Fixed X.400 address type confusion in X.509 GeneralName. + There is a type confusion vulnerability relating to X.400 address processing + inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING + but the public structure definition for GENERAL_NAME incorrectly specified + the type of the x400Address field as ASN1_TYPE. This field is subsequently + interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather + than an ASN1_STRING. + When CRL checking is enabled (i.e. the application sets the + X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to + pass arbitrary pointers to a memcmp call, enabling them to read memory + contents or enact a denial of service. + ([bsc#1207533, CVE-2023-0286]) + * Fixed NULL dereference validating DSA public key. + An invalid pointer dereference on read can be triggered when an + application tries to check a malformed DSA public key by the + EVP_PKEY_public_check() function. This will most likely lead + to an application crash. This function can be called on public + keys supplied from untrusted sources which could allow an attacker + to cause a denial of service attack. + The TLS implementation in OpenSSL does not call this function + but applications might call the function if there are additional + security requirements imposed by standards such as FIPS 140-3. + ([bsc#1207540, CVE-2023-0217]) + * Fixed Invalid pointer dereference in d2i_PKCS7 functions. + An invalid pointer dereference on read can be triggered when an + application tries to load malformed PKCS7 data with the + d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. + The result of the dereference is an application crash which could + lead to a denial of service attack. The TLS implementation in OpenSSL + does not call this function however third party applications might + call these functions on untrusted data. + ([bsc#1207539, CVE-2023-0216]) + * Fixed Use-after-free following BIO_new_NDEF. + The public API function BIO_new_NDEF is a helper function used for + streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL + to support the SMIME, CMS and PKCS7 streaming capabilities, but may also + be called directly by end user applications. + The function receives a BIO from the caller, prepends a new BIO_f_asn1 + filter BIO onto the front of it to form a BIO chain, and then returns + the new head of the BIO chain to the caller. Under certain conditions, + for example if a CMS recipient public key is invalid, the new filter BIO + is freed and the function returns a NULL result indicating a failure. + However, in this case, the BIO chain is not properly cleaned up and the + BIO passed by the caller still retains internal pointers to the previously + freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO + then a use-after-free will occur. This will most likely result in a crash. + ([bsc#1207536, CVE-2023-0215]) + * Fixed Double free after calling PEM_read_bio_ex. + The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and + decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload + data. If the function succeeds then the "name_out", "header" and "data" + arguments are populated with pointers to buffers containing the relevant + decoded data. The caller is responsible for freeing those buffers. It is + possible to construct a PEM file that results in 0 bytes of payload data. + In this case PEM_read_bio_ex() will return a failure code but will populate + the header argument with a pointer to a buffer that has already been freed. + If the caller also frees this buffer then a double free will occur. This + will most likely lead to a crash. + The functions PEM_read_bio() and PEM_read() are simple wrappers around + PEM_read_bio_ex() and therefore these functions are also directly affected. + These functions are also called indirectly by a number of other OpenSSL + functions including PEM_X509_INFO_read_bio_ex() and + SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL + internal uses of these functions are not vulnerable because the caller does + not free the header argument if PEM_read_bio_ex() returns a failure code. + ([bsc#1207538, CVE-2022-4450]) + * Fixed Timing Oracle in RSA Decryption. + A timing based side channel exists in the OpenSSL RSA Decryption + implementation which could be sufficient to recover a plaintext across + a network in a Bleichenbacher style attack. To achieve a successful + decryption an attacker would have to be able to send a very large number + of trial messages for decryption. The vulnerability affects all RSA padding + modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. + ([bsc#1207534, CVE-2022-4304]) + * Fixed X.509 Name Constraints Read Buffer Overflow. + A read buffer overrun can be triggered in X.509 certificate verification, + specifically in name constraint checking. The read buffer overrun might + result in a crash which could lead to a denial of service attack. + In a TLS client, this can be triggered by connecting to a malicious + server. In a TLS server, this can be triggered if the server requests + client authentication and a malicious client connects. + ([bsc#1207535, CVE-2022-4203]) + * Fixed X.509 Policy Constraints Double Locking security issue. + If an X.509 certificate contains a malformed policy constraint and + policy processing is enabled, then a write lock will be taken twice + recursively. On some operating systems (most widely: Windows) this + results in a denial of service when the affected process hangs. Policy + processing being enabled on a publicly facing server is not considered + to be a common setup. + ([CVE-2022-3996]) + * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and + `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor + `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and + default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting + `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using + `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases. + For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to` + for legacy EC and SM2 keys is also changed similarly to honor the + equivalent conversion format flag as specified in the underlying + `EC_KEY` object being exported to a provider, when this function is + called through `EVP_PKEY_export()`. + * Removed openssl-3-Fix-double-locking-problem.patch, + contained in upstream. + * Rebased openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch + * Update openssl.keyring with key + 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C (Richard Levitte) +* Thu Jan 5 2023 otto.hollmann@suse.com +- Update openssl.keyring: + pub rsa4096 2021-07-16 [SC] [expires: 2031-07-14] + A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C + uid Tomáš Mráz + uid Tomáš Mráz + uid Tomáš Mráz +* Wed Jan 4 2023 otto.hollmann@suse.com +- Update to version 3.0.7 in SLE15-SP5 [jsc#PED-544] +- Remove patches (already present in 3.0.7): + * openssl-3-CVE-2022-1343.patch + * openssl-CVE-2022-0778.patch + * openssl-CVE-2022-0778-tests.patch + * openssl-CVE-2022-1292.patch + * openssl-3-Fix-EC-ASM-flag-passing.patch + * openssl-update_expired_certificates.patch + * openssl-3-CVE-2022-3358.patch + * openssl-3-Fix-SHA-SHAKE-and-KECCAK-ASM-flag-passing.patch + * openssl-3-CVE-2022-3602_2.patch + * openssl-3-CVE-2022-3602_1.patch + * openssl-CVE-2022-2097.patch + * openssl-3-CVE-2022-1434.patch + * openssl-3-CVE-2022-1473.patch + * openssl-3-Fix-file-operations-in-c_rehash.patch +- Enable tests: test_req test_verify_store test_ca test_ssl_old +* Wed Dec 14 2022 otto.hollmann@suse.com +- Fix X.509 Policy Constraints Double Locking [bsc#1206374, CVE-2022-3996] + * Add patch: openssl-3-Fix-double-locking-problem.patch +* Tue Nov 1 2022 otto.hollmann@suse.com +- Update to 3.0.7: [bsc#1204714, CVE-2022-3602,CVE-2022-3786] + * Fixed two buffer overflows in punycode decoding functions. + A buffer overrun can be triggered in X.509 certificate verification, + specifically in name constraint checking. Note that this occurs after + certificate chain signature verification and requires either a CA to + have signed the malicious certificate or for the application to continue + certificate verification despite failure to construct a path to a trusted + issuer. + In a TLS client, this can be triggered by connecting to a malicious + server. In a TLS server, this can be triggered if the server requests + client authentication and a malicious client connects. + An attacker can craft a malicious email address to overflow + an arbitrary number of bytes containing the `.` character (decimal 46) + on the stack. This buffer overflow could result in a crash (causing a + denial of service). + ([CVE-2022-3786]) + An attacker can craft a malicious email address to overflow four + attacker-controlled bytes on the stack. This buffer overflow could + result in a crash (causing a denial of service) or potentially remote code + execution depending on stack layout for any given platform/compiler. + ([CVE-2022-3602]) + * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT + parameters in OpenSSL code. + Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR, + OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT. + Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead. + Using these invalid names may cause algorithms to use slower methods + that ignore the CRT parameters. + * Fixed a regression introduced in 3.0.6 version raising errors on some stack + operations. + * Fixed a regression introduced in 3.0.6 version not refreshing the certificate + data to be signed before signing the certificate. + * Added RIPEMD160 to the default provider. + * Ensured that the key share group sent or accepted for the key exchange + is allowed for the protocol version. +* Tue Nov 1 2022 otto.hollmann@suse.com +- Update to 3.0.6: [bsc#1204226, CVE-2022-3358] + * OpenSSL supports creating a custom cipher via the legacy + EVP_CIPHER_meth_new() function and associated function calls. This function + was deprecated in OpenSSL 3.0 and application authors are instead encouraged + to use the new provider mechanism in order to implement custom ciphers. + * OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers + passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and + EVP_CipherInit_ex2() functions (as well as other similarly named encryption + and decryption initialisation functions). Instead of using the custom cipher + directly it incorrectly tries to fetch an equivalent cipher from the + available providers. An equivalent cipher is found based on the NID passed + to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID + for a given cipher. However it is possible for an application to incorrectly + pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When + NID_undef is used in this way the OpenSSL encryption/decryption + initialisation function will match the NULL cipher as being equivalent and + will fetch this from the available providers. This will succeed if the + default provider has been loaded (or if a third party provider has been + loaded that offers this cipher). Using the NULL cipher means that the + plaintext is emitted as the ciphertext. + * Applications are only affected by this issue if they call + EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to + an encryption/decryption initialisation function. Applications that only use + SSL/TLS are not impacted by this issue. ([CVE-2022-3358]) + * Fix LLVM vs Apple LLVM version numbering confusion that caused build + failures on MacOS 10.11 + * Fixed the linux-mips64 Configure target which was missing the SIXTY_FOUR_BIT + bn_ops flag. This was causing heap corruption on that platform. + * Fix handling of a ticket key callback that returns 0 in TLSv1.3 to not send + a ticket + * Correctly handle a retransmitted ClientHello in DTLS + * Fixed detection of ktls support in cross-compile environment on Linux + * Fixed some regressions and test failures when running the 3.0.0 FIPS + provider against 3.0.x + * Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to + report correct results in some cases + * Fix UWP builds by defining VirtualLock + * For known safe primes use the minimum key length according to RFC 7919. + Longer private key sizes unnecessarily raise the cycles needed to compute + the shared secret without any increase of the real security. This fixes a + regression from 1.1.1 where these shorter keys were generated for the known + safe primes. + * Added the loongarch64 target + * Fixed EC ASM flag passing. Flags for ASM implementations of EC curves were + only passed to the FIPS provider and not to the default or legacy provider. + * Fixed reported performance degradation on aarch64. Restored the + implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid 32-bit + lane assignment in CTR mode") for 64bit targets only, since it is reportedly + 2-17%% slower and the silicon errata only affects 32bit targets. The new + algorithm is still used for 32 bit targets. + * Added a missing header for memcmp that caused compilation failure on some + platforms +* Wed Sep 14 2022 brunopitrus@hotmail.com +- Do not make libopenssl3-32bit obsolete libopenssl1_1-32bit. + They are independent libraries and can be installed simultaneously. +* Thu Jul 21 2022 pmonreal@suse.com +- Update to 3.0.5: + * The OpenSSL 3.0.4 release introduced a serious bug in the RSA + implementation for X86_64 CPUs supporting the AVX512IFMA instructions. + This issue makes the RSA implementation with 2048 bit private keys + incorrect on such machines and memory corruption will happen during + the computation. As a consequence of the memory corruption an attacker + may be able to trigger a remote code execution on the machine performing + the computation. + SSL/TLS servers or other servers using 2048 bit RSA private keys running + on machines supporting AVX512IFMA instructions of the X86_64 architecture + are affected by this issue. [bsc#1201148, CVE-2022-2274] + * AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised + implementation would not encrypt the entirety of the data under some + circumstances. This could reveal sixteen bytes of data that was + preexisting in the memory that wasn't written. In the special case of + "in place" encryption, sixteen bytes of the plaintext would be revealed. + Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, + they are both unaffected. [bsc#1201099, CVE-2022-2097] +- Rebase patches: + * openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +* Mon Jul 18 2022 pmonreal@suse.com +- Update to 3.0.4: [bsc#1199166, bsc#1200550, CVE-2022-1292, CVE-2022-2068] + * In addition to the c_rehash shell command injection identified in + CVE-2022-1292, further bugs where the c_rehash script does not + properly sanitise shell metacharacters to prevent command injection + have been fixed. + When the CVE-2022-1292 was fixed it was not discovered that there + are other places in the script where the file names of certificates + being hashed were possibly passed to a command executed through the shell. + This script is distributed by some operating systems in a manner where + it is automatically executed. On such operating systems, an attacker + could execute arbitrary commands with the privileges of the script. + Use of the c_rehash script is considered obsolete and should be replaced + by the OpenSSL rehash command line tool. + * Case insensitive string comparison no longer uses locales. + It has instead been directly implemented. +* Mon Jul 18 2022 pmonreal@suse.com +- Update to 3.0.3: + * Case insensitive string comparison is reimplemented via new locale-agnostic + comparison functions OPENSSL_str[n]casecmp always using the POSIX locale for + comparison. The previous implementation had problems when the Turkish locale + was used. + * Fixed a bug in the c_rehash script which was not properly sanitising shell + metacharacters to prevent command injection. This script is distributed by + some operating systems in a manner where it is automatically executed. On + such operating systems, an attacker could execute arbitrary commands with the + privileges of the script. + Use of the c_rehash script is considered obsolete and should be replaced + by the OpenSSL rehash command line tool. [bsc#1199166, CVE-2022-1292] + * Fixed a bug in the function 'OCSP_basic_verify' that verifies the signer + certificate on an OCSP response. The bug caused the function in the case + where the (non-default) flag OCSP_NOCHECKS is used to return a postivie + response (meaning a successful verification) even in the case where the + response signing certificate fails to verify. + It is anticipated that most users of 'OCSP_basic_verify' will not use the + OCSP_NOCHECKS flag. In this case the 'OCSP_basic_verify' function will return + a negative value (indicating a fatal error) in the case of a certificate + verification failure. The normal expected return value in this case would be 0. + This issue also impacts the command line OpenSSL "ocsp" application. When + verifying an ocsp response with the "-no_cert_checks" option the command line + application will report that the verification is successful even though it + has in fact failed. In this case the incorrect successful response will also + be accompanied by error messages showing the failure and contradicting the + apparently successful result. [bsc#1199167, CVE-2022-1343] + * Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the + AAD data as the MAC key. This made the MAC key trivially predictable. + An attacker could exploit this issue by performing a man-in-the-middle attack + to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such + that the modified data would still pass the MAC integrity check. + Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 + endpoint will always be rejected by the recipient and the connection will + fail at that point. Many application protocols require data to be sent from + the client to the server first. Therefore, in such a case, only an OpenSSL + 3.0 server would be impacted when talking to a non-OpenSSL 3.0 client. + [bsc#1199168, CVE-2022-1434] + * Fix a bug in the OPENSSL_LH_flush() function that breaks reuse of the memory + occuppied by the removed hash table entries. + This function is used when decoding certificates or keys. If a long lived + process periodically decodes certificates or keys its memory usage will + expand without bounds and the process might be terminated by the operating + system causing a denial of service. Also traversing the empty hash table + entries will take increasingly more time. Typically such long lived processes + might be TLS clients or TLS servers configured to accept client certificate + authentication. [bsc#1199169, CVE-2022-1473] + * The functions 'OPENSSL_LH_stats' and 'OPENSSL_LH_stats_bio' now only report + the 'num_items', 'num_nodes' and 'num_alloc_nodes' statistics. All other + statistics are no longer supported. For compatibility, these statistics are + still listed in the output but are now always reported as zero. +* Thu Jun 2 2022 jsikes@suse.com +- Added openssl-update_expired_certificates.patch + * Openssl failed tests because of expired certificates. + * bsc#1185637 +* Sat Mar 19 2022 pmonreal@suse.com +- Enable zlib compression support [bsc#1195149] +* Fri Mar 18 2022 pmonreal@suse.com +- Add crypto-policies support. + * Fix some tests that couldn't find the openssl3.cnf location + * Rebase patch: + openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +* Tue Mar 15 2022 pmonreal@suse.com +- Update to 3.0.2: [bsc#1196877, CVE-2022-0778] + * Security fix [CVE-2022-0778]: Infinite loop for non-prime moduli + in BN_mod_sqrt() reachable when parsing certificates. + * Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK + (RFC 5489) to the list of ciphersuites providing Perfect Forward + Secrecy as required by SECLEVEL >= 3. + * Made the AES constant time code for no-asm configurations + optional due to the resulting 95%% performance degradation. + The AES constant time code can be enabled, for no assembly + builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME + * Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to + use empty passphrase strings. + * The negative return value handling of the certificate + verification callback was reverted. The replacement is to set + the verification retry state with the SSL_set_retry_verify() + function. + * Rebase openssl-use-versioned-config.patch +* Tue Feb 22 2022 pmonreal@suse.com +- Keep CA_default and tsa_config1 default paths in openssl3.cnf +- Rebase patches: + * openssl-Override-default-paths-for-the-CA-directory-tree.patch + * openssl-use-versioned-config.patch +* Tue Feb 1 2022 danilo.spinella@suse.com +- Fix conflict with openssl and libressl +* Fri Jan 28 2022 simonf.lees@suse.com +- Remove /etc/pki/CA from the [jsc#SLE-17856, jsc#SLE-19044] + openssl-Override-default-paths-for-the-CA-directory-tree.patch +- Remove unused patches +* Fri Jan 21 2022 simonf.lees@suse.com +- Ship openssl-3 as binary names [jsc#SLE-17856, jsc#SLE-19044] +- Use openssl3.cnf + * openssl-use-versioned-config.patch + * fix-config-in-tests.patch +- Support crypto policies + * openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch + * openssl-Override-default-paths-for-the-CA-directory-tree.patch +- Remove obsolets, not ready to force an upgrade yet +* Thu Jan 13 2022 pmonreal@suse.com +- Update to 3.0.1: [bsc#1193740, CVE-2021-4044] + * RNDR and RNDRRS support in provider functions to provide + random number generation for Arm CPUs (aarch64). + * s_client and s_server apps now explicitly say when the TLS + version does not include the renegotiation mechanism. This + avoids confusion between that scenario versus when the TLS + version includes secure renegotiation but the peer lacks + support for it. + * The default SSL/TLS security level has been changed from 1 to 2. + RSA, DSA and DH keys of 1024 bits and above and less than 2048 + bits and ECC keys of 160 bits and above and less than 224 bits + were previously accepted by default but are now no longer + allowed. By default TLS compression was already disabled in + previous OpenSSL versions. At security level 2 it cannot be + enabled. + * The SSL_CTX_set_cipher_list family functions now accept + ciphers using their IANA standard names. + * The PVK key derivation function has been moved from + b2i_PVK_bio_ex() into the legacy crypto provider as an + EVP_KDF. Applications requiring this KDF will need to load + the legacy crypto provider. + * The various OBJ_* functions have been made thread safe. + * CCM8 cipher suites in TLS have been downgraded to security + level zero because they use a short authentication tag which + lowers their strength. + * Subject or issuer names in X.509 objects are now displayed + as UTF-8 strings by default. + * Parallel dual-prime 1536/2048-bit modular exponentiation + for AVX512_IFMA capable processors. +* Tue Sep 7 2021 pmonreal@suse.com +- Update to 3.0.0 + * The full list of changes since version 1.1.1 can be found in: + https://github.com/openssl/openssl/blob/master/CHANGES.md#openssl-30 + * OpenSSL 3.0 wiki: https://wiki.openssl.org/index.php/OpenSSL_3.0 + * The Migration guide: + https://github.com/openssl/openssl/blob/master/doc/man7/migration_guide.pod +* Thu Jul 29 2021 pmonreal@suse.com +- Update to 3.0.0 Beta 2 + * The ERR_GET_FUNC() function was removed. With the loss of + meaningful function codes, this function can only cause problems + for calling applications. + * While a callback function set via 'SSL_CTX_set_cert_verify_callback()' + is not allowed to return a value > 1, this is no more taken as + failure. + * Deprecated the obsolete X9.31 RSA key generation related + functions BN_X931_generate_Xpq(), BN_X931_derive_prime_ex(), + and BN_X931_generate_prime_ex(). +- Remove openssl-ppc64-fix-build.patch fixed upstream +* Mon Jul 5 2021 pmonreal@suse.com +- Update to 3.0.0 Beta 1 + * Add a configurable flag to output date formats as ISO 8601. + Does not change the default date format. + * Version of MSVC earlier than 1300 could get link warnings, which + could be suppressed if the undocumented -DI_CAN_LIVE_WITH_LNK4049 + was set. Support for this flag has been removed. + * Rework and make DEBUG macros consistent. Remove unused + - DCONF_DEBUG, -DBN_CTX_DEBUG, and REF_PRINT. Add a new tracing + category and use it for printing reference counts. Rename + - DDEBUG_UNUSED to -DUNUSED_RESULT_DEBUG. Fix BN_DEBUG_RAND so it + compiles and, when set, force DEBUG_RAND to be set also. Rename + engine_debug_ref to be ENGINE_REF_PRINT also for consistency. + * The public definitions of conf_method_st and conf_st have been + deprecated. They will be made opaque in a future release. + * Many functions in the EVP_ namespace that are getters of values + from implementations or contexts were renamed to include get or + get0 in their names. Old names are provided as macro aliases for + compatibility and are not deprecated. + * PKCS#5 PBKDF1 key derivation has been moved from PKCS5_PBE_keyivgen() + into the legacy crypto provider as an EVP_KDF. Applications requiring + this KDF will need to load the legacy crypto provider. This includes + these PBE algorithms which use this KDF: + - NID_pbeWithMD2AndDES_CBC - NID_pbeWithMD5AndDES_CBC + - NID_pbeWithSHA1AndRC2_CBC - NID_pbeWithMD2AndRC2_CBC + - NID_pbeWithMD5AndRC2_CBC - NID_pbeWithSHA1AndDES_CBC + * Deprecated obsolete BIO_set_callback(), BIO_get_callback(), and + BIO_debug_callback() functions. +- Fix build on ppc and ppc64 + * Add openssl-ppc64-fix-build.patch + * See https://github.com/openssl/openssl/issues/15923 +* Fri Jun 11 2021 pmonreal@suse.com +- Update to 3.0.0 Alpha 17 + * Added migration guide to man7 + * Implemented support for fully "pluggable" TLSv1.3 groups + * Added convenience functions for generating asymmetric key pairs. + * Added a proper HTTP client supporting GET with optional redirection, + POST, arbitrary request and response content types, TLS, persistent + connections, connections via HTTP(s) proxies, connections and + exchange via user-defined BIOs (allowing implicit connections), and + timeout checks. +* Mon May 10 2021 jsikes@suse.com +- Update to 3.0.0. Alpha 16 + * Mark pop/clear error stack in der2key_decode_p8 +* Sat May 1 2021 jsikes@suse.com +- Update to 3.0.0 Alpha 15 + * The default manual page suffix ($MANSUFFIX) has been changed to "ossl" + * Added support for Kernel TLS (KTLS). In order to use KTLS, support for it + must be compiled in using the "enable-ktls" compile time option. It must + also be enabled at run time using the SSL_OP_ENABLE_KTLS option. + * The error return values from some control calls (ctrl) have changed. + One significant change is that controls which used to return -2 for + invalid inputs, now return -1 indicating a generic error condition instead. + * Removed EVP_PKEY_set_alias_type(). + * All of these low level RSA functions have been deprecated without + replacement: + RSA_blinding_off, RSA_blinding_on, RSA_clear_flags, RSA_get_version, + RSAPrivateKey_dup, RSAPublicKey_dup, RSA_set_flags, RSA_setup_blinding and + RSA_test_flags. + * All of these RSA flags have been deprecated without replacement: + RSA_FLAG_BLINDING, RSA_FLAG_CACHE_PRIVATE, RSA_FLAG_CACHE_PUBLIC, + RSA_FLAG_EXT_PKEY, RSA_FLAG_NO_BLINDING, RSA_FLAG_THREAD_SAFE and + RSA_METHOD_FLAG_NO_CHECK. + * These low level DH functions have been deprecated without replacement: + DH_clear_flags, DH_get_1024_160, DH_get_2048_224, DH_get_2048_256, + DH_set_flags and DH_test_flags. + The DH_FLAG_CACHE_MONT_P flag has been deprecated without replacement. + The DH_FLAG_TYPE_DH and DH_FLAG_TYPE_DHX have been deprecated. Use + EVP_PKEY_is_a() to determine the type of a key. There is no replacement for + setting these flags. + * These low level DSA functions have been deprecated without replacement: + DSA_clear_flags, DSA_dup_DH, DSAparams_dup, DSA_set_flags and + DSA_test_flags. + * The DSA_FLAG_CACHE_MONT_P flag has been deprecated without replacement. + * Reworked the treatment of EC EVP_PKEYs with the SM2 curve to + automatically become EVP_PKEY_SM2 rather than EVP_PKEY_EC. This is a breaking + change from previous OpenSSL versions. + Unlike in previous OpenSSL versions, this means that applications must not + call 'EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)' to get SM2 computations. + The 'EVP_PKEY_set_alias_type' function has now been removed. + * Parameter and key generation is also reworked to make it possible + to generate EVP_PKEY_SM2 parameters and keys. Applications must now generate + SM2 keys directly and must not create an EVP_PKEY_EC key first. +* Mon Apr 19 2021 pmonreal@suse.com +- Update to 3.0.0 Alpha 14 + * A public key check is now performed during EVP_PKEY_derive_set_peer(). + Previously DH was internally doing this during EVP_PKEY_derive(). + * The EVP_PKEY_CTRL_PKCS7_ENCRYPT, EVP_PKEY_CTRL_PKCS7_DECRYPT, + EVP_PKEY_CTRL_PKCS7_SIGN, EVP_PKEY_CTRL_CMS_ENCRYPT, + EVP_PKEY_CTRL_CMS_DECRYPT, and EVP_PKEY_CTRL_CMS_SIGN control operations + are deprecated. They are not invoked by the OpenSSL library anymore and + are replaced by direct checks of the key operation against the key type + when the operation is initialized. + * The EVP_PKEY_public_check() and EVP_PKEY_param_check() functions now work for + more key types including RSA, DSA, ED25519, X25519, ED448 and X448. + Previously (in 1.1.1) they would return -2. For key types that do not have + parameters then EVP_PKEY_param_check() will always return 1. + * The output from numerous "printing" functions such as X509_signature_print(), + X509_print_ex(), X509_CRL_print_ex(), and other similar functions has been + amended such that there may be cosmetic differences between the output + observed in 1.1.1 and 3.0. This also applies to the "-text" output from the + x509 and crl applications. + * Improved adherence to Enhanced Security Services (ESS, RFC 2634 and RFC 5035) + for the TSP and CMS Advanced Electronic Signatures (CAdES) implementations. + As required by RFC 5035 check both ESSCertID and ESSCertIDv2 if both present. + Correct the semantics of checking the validation chain in case ESSCertID{,v2} + contains more than one certificate identifier: This means that all + certificates referenced there MUST be part of the validation chain. + * Parallel dual-prime 1024-bit modular exponentiation for AVX512_IFMA + capable processors. + * Added the AuthEnvelopedData content type structure (RFC 5083) with AES-GCM + parameter (RFC 5084) for the Cryptographic Message Syntax (CMS). Its purpose + is to support encryption and decryption of a digital envelope that is both + authenticated and encrypted using AES GCM mode. +* Wed Apr 14 2021 pmonreal@suse.com +- Update to 3.0.0 Alpha 13 + * A public key check is now performed during EVP_PKEY_derive_set_peer(). + Previously DH was internally doing this during EVP_PKEY_derive(). + To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). This + may mean that an error can occur in EVP_PKEY_derive_set_peer() rather than + during EVP_PKEY_derive(). + * The EVP_PKEY_CTRL_PKCS7_ENCRYPT, EVP_PKEY_CTRL_PKCS7_DECRYPT, + EVP_PKEY_CTRL_PKCS7_SIGN, EVP_PKEY_CTRL_CMS_ENCRYPT, + EVP_PKEY_CTRL_CMS_DECRYPT, and EVP_PKEY_CTRL_CMS_SIGN control operations + are deprecated. They are not invoked by the OpenSSL library anymore and + are replaced by direct checks of the key operation against the key type + when the operation is initialized. + * The EVP_PKEY_public_check() and EVP_PKEY_param_check() functions now work for + more key types including RSA, DSA, ED25519, X25519, ED448 and X448. + Previously (in 1.1.1) they would return -2. For key types that do not have + parameters then EVP_PKEY_param_check() will always return 1. + * The output from numerous "printing" functions such as X509_signature_print(), + X509_print_ex(), X509_CRL_print_ex(), and other similar functions has been + amended such that there may be cosmetic differences between the output + observed in 1.1.1 and 3.0. This also applies to the "-text" output from the + x509 and crl applications. + * Improved adherence to Enhanced Security Services (ESS, RFC 2634 and RFC 5035) + for the TSP and CMS Advanced Electronic Signatures (CAdES) implementations. + As required by RFC 5035 check both ESSCertID and ESSCertIDv2 if both present. + Correct the semantics of checking the validation chain in case ESSCertID{,v2} + contains more than one certificate identifier: This means that all + certificates referenced there MUST be part of the validation chain. + * Parallel dual-prime 1024-bit modular exponentiation for AVX512_IFMA + capable processors. + * Added the AuthEnvelopedData content type structure (RFC 5083) with AES-GCM + parameter (RFC 5084) for the Cryptographic Message Syntax (CMS). Its purpose + is to support encryption and decryption of a digital envelope that is both + authenticated and encrypted using AES GCM mode. +* Fri Feb 19 2021 pmonreal@suse.com +- Update to 3.0.0 Alpha 12 + * The SRP APIs have been deprecated. The old APIs do not work via + providers, and there is no EVP interface to them. Unfortunately + there is no replacement for these APIs at this time. + * Add a compile time option to prevent the caching of provider + fetched algorithms. This is enabled by including the + no-cached-fetch option at configuration time. + * Combining the Configure options no-ec and no-dh no longer + disables TLSv1.3. Typically if OpenSSL has no EC or DH algorithms + then it cannot support connections with TLSv1.3. However OpenSSL + now supports "pluggable" groups through providers. + * The undocumented function X509_certificate_type() has been + deprecated; applications can use X509_get0_pubkey() and + X509_get0_signature() to get the same information. + * Deprecated the obsolete BN_pseudo_rand() and BN_pseudo_rand_range() + functions. They are identical to BN_rand() and BN_rand_range() + respectively. + * The default key generation method for the regular 2-prime RSA keys + was changed to the FIPS 186-4 B.3.6 method (Generation of Probable + Primes with Conditions Based on Auxiliary Probable Primes). This + method is slower than the original method. + * Deprecated the BN_is_prime_ex() and BN_is_prime_fasttest_ex() + functions. They are replaced with the BN_check_prime() function + that avoids possible misuse and always uses at least 64 rounds of + the Miller-Rabin primality test. + * Deprecated EVP_MD_CTX_set_update_fn() and EVP_MD_CTX_update_fn() + as they are not useful with non-deprecated functions. +* Fri Feb 12 2021 pmonreal@suse.com +- Update to 3.0.0 Alpha 11 + * Deprecated the obsolete X9.31 RSA key generation related + functions BN_X931_generate_Xpq(), BN_X931_derive_prime_ex(), + and BN_X931_generate_prime_ex(). + * Deprecated the type OCSP_REQ_CTX and the functions OCSP_REQ_CTX_*(). + These were used to collect all necessary data to form a HTTP + request, and to perform the HTTP transfer with that request. + With OpenSSL 3.0, the type is OSSL_HTTP_REQ_CTX, and the + deprecated functions are replaced with OSSL_HTTP_REQ_CTX_*(). + * Validation of SM2 keys has been separated from the validation of + regular EC keys, allowing to improve the SM2 validation process + to reject loaded private keys that are not conforming to the SM2 + ISO standard. In particular, a private scalar 'k' outside the + range '1 <= k < n-1' is now correctly rejected. + * Behavior of the 'pkey' app is changed, when using the '-check' + or '-pubcheck' switches: a validation failure triggers an early + exit, returning a failure exit status to the parent process. + * Changed behavior of SSL_CTX_set_ciphersuites() and + SSL_set_ciphersuites() to ignore unknown ciphers. + * All of the low level EC_KEY functions have been deprecated. + * Functions that read and write EC_KEY objects and that assign or + obtain EC_KEY objects from an EVP_PKEY are also deprecated. + * Added the '-copy_extensions' option to the 'x509' command for use + with '-req' and '-x509toreq'. When given with the 'copy' or + 'copyall' argument, all extensions in the request are copied to + the certificate or vice versa. + * Added the '-copy_extensions' option to the 'req' command for use + with '-x509'. When given with the 'copy' or 'copyall' argument, + all extensions in the certification request are copied to the + certificate. + * The 'x509', 'req', and 'ca' commands now make sure that X.509v3 + certificates they generate are by default RFC 5280 compliant in + the following sense: There is a subjectKeyIdentifier extension + with a hash value of the public key and for not self-signed certs + there is an authorityKeyIdentifier extension with a keyIdentifier + field or issuer information identifying the signing key. This is + done unless some configuration overrides the new default behavior, + such as 'subjectKeyIdentifier = none' and 'authorityKeyIdentifier + = none'. +* Sat Jan 9 2021 pmonreal@suse.com +- Update to 3.0.0 Alpha 10 (CVE-2020-1971) + * See full changelog: www.openssl.org/news/changelog.html + * Fixed NULL pointer deref in the GENERAL_NAME_cmp function + This function could crash if both GENERAL_NAMEs contain an + EDIPARTYNAME. If an attacker can control both items being + compared then this could lead to a possible denial of service + attack. OpenSSL itself uses the GENERAL_NAME_cmp function for + two purposes: + 1) Comparing CRL distribution point names between an available + CRL and a CRL distribution point embedded in an X509 certificate + 2) When verifying that a timestamp response token signer matches + the timestamp authority name (exposed via the API functions + TS_RESP_verify_response and TS_RESP_verify_token) + * The -cipher-commands and -digest-commands options of the + command line utility list has been deprecated. Instead use + the -cipher-algorithms and -digest-algorithms options. + * Additionally functions that read and write DH objects such as + d2i_DHparams, i2d_DHparams, PEM_read_DHparam, PEM_write_DHparams + and other similar functions have also been deprecated. + Applications should instead use the OSSL_DECODER and OSSL_ENCODER + APIs to read and write DH files. +* Thu Dec 17 2020 pmonreal@suse.com +- Update to 3.0.0 Alpha 9 + * See also https://www.openssl.org/news/changelog.html + * Deprecated all the libcrypto and libssl error string loading + functions. Calling these functions is not necessary since + OpenSSL 1.1.0, as OpenSSL now loads error strings automatically. + * The functions SSL_CTX_set_tmp_dh_callback and SSL_set_tmp_dh_callback, as + well as the macros SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() have been + deprecated. These are used to set the Diffie-Hellman (DH) parameters that + are to be used by servers requiring ephemeral DH keys. Instead applications + should consider using the built-in DH parameters that are available by + calling SSL_CTX_set_dh_auto() or SSL_set_dh_auto(). + * The -crypt option to the passwd command line tool has been removed. + * The -C option to the x509, dhparam, dsaparam, and ecparam commands + has been removed. + * Added several checks to X509_verify_cert() according to requirements in + RFC 5280 in case 'X509_V_FLAG_X509_STRICT' is set (which may be done by + using the CLI option '-x509_strict'): + - The basicConstraints of CA certificates must be marked critical. + - CA certificates must explicitly include the keyUsage extension. + - If a pathlenConstraint is given the key usage keyCertSign must be allowed. + - The issuer name of any certificate must not be empty. + - The subject name of CA certs, certs with keyUsage crlSign, + and certs without subjectAlternativeName must not be empty. + - If a subjectAlternativeName extension is given it must not be empty. + - The signatureAlgorithm field and the cert signature must be consistent. + - Any given authorityKeyIdentifier and any given subjectKeyIdentifier + must not be marked critical. + - The authorityKeyIdentifier must be given for X.509v3 certs + unless they are self-signed. + - The subjectKeyIdentifier must be given for all X.509v3 CA certs. + * Certificate verification using X509_verify_cert() meanwhile rejects EC keys + with explicit curve parameters (specifiedCurve) as required by RFC 5480. +* Thu Nov 5 2020 pmonreal@suse.com +- Update to 3.0.0 Alpha 8 + * Add support for AES Key Wrap inverse ciphers to the EVP layer. + The algorithms are: "AES-128-WRAP-INV", "AES-192-WRAP-INV", + "AES-256-WRAP-INV", "AES-128-WRAP-PAD-INV", "AES-192-WRAP-PAD-INV" + and "AES-256-WRAP-PAD-INV". The inverse ciphers use AES decryption + for wrapping, and AES encryption for unwrapping. + * Deprecated EVP_PKEY_set1_tls_encodedpoint() and + EVP_PKEY_get1_tls_encodedpoint(). These functions were previously + used by libssl to set or get an encoded public key in/from an + EVP_PKEY object. With OpenSSL 3.0 these are replaced by the more + generic functions EVP_PKEY_set1_encoded_public_key() and + EVP_PKEY_get1_encoded_public_key(). The old versions have been + converted to deprecated macros that just call the new functions. + * The security callback, which can be customised by application + code, supports the security operation SSL_SECOP_TMP_DH. This is + defined to take an EVP_PKEY in the "other" parameter. In most + places this is what is passed. All these places occur server side. + However there was one client side call of this security operation + and it passed a DH object instead. This is incorrect according to + the definition of SSL_SECOP_TMP_DH, and is inconsistent with all + of the other locations. Therefore this client side call has been + changed to pass an EVP_PKEY instead. + * Added new option for 'openssl list', '-providers', which will + display the list of loaded providers, their names, version and + status. It optionally displays their gettable parameters. + * Deprecated pthread fork support methods. These were unused so no + replacement is required. OPENSSL_fork_prepare(), + OPENSSL_fork_parent() and OPENSSL_fork_child(). +- Remove openssl-AES_XTS.patch fixed upstream +* Fri Oct 16 2020 pmonreal@suse.com +- Fix build on ppc* architectures + * Fix tests failing: 30-test_acvp.t and 30-test_evp.t + * https://github.com/openssl/openssl/pull/13133 +- Add openssl-AES_XTS.patch for ppc64, ppc64le and aarch64 +* Fri Oct 16 2020 pmonreal@suse.com +- Re-enable test 81-test_cmp_cli.t fixed upstream +* Thu Oct 15 2020 pmonreal@suse.com +- Update to 3.0.0 Alpha 7 + * Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public + interface. Their functionality remains unchanged. + * Deprecated EVP_PKEY_set_alias_type(). This function was previously + needed as a workaround to recognise SM2 keys. With OpenSSL 3.0, this key + type is internally recognised so the workaround is no longer needed. + * Deprecated EVP_PKEY_CTX_set_rsa_keygen_pubexp() & introduced + EVP_PKEY_CTX_set1_rsa_keygen_pubexp(), which is now preferred. + * Changed all "STACK" functions to be macros instead of inline functions. + Macro parameters are still checked for type safety at compile time via + helper inline functions. + * Remove the RAND_DRBG API: + The RAND_DRBG API did not fit well into the new provider concept as + implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the + RAND_DRBG API is a mixture of 'front end' and 'back end' API calls + and some of its API calls are rather low-level. This holds in particular + for the callback mechanism (RAND_DRBG_set_callbacks()). + Adding a compatibility layer to continue supporting the RAND_DRBG API as + a legacy API for a regular deprecation period turned out to come at the + price of complicating the new provider API unnecessarily. Since the + RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC + to drop it entirely. + * Added the options '-crl_lastupdate' and '-crl_nextupdate' to 'openssl ca', + allowing the 'lastUpdate' and 'nextUpdate' fields in the generated CRL to + be set explicitly. + * 'PKCS12_parse' now maintains the order of the parsed certificates + when outputting them via '*ca' (rather than reversing it). +- Update openssl-DEFAULT_SUSE_cipher.patch +* Fri Aug 7 2020 callumjfarmer13@gmail.com +- Removed 0001-Fix-typo-for-SSL_get_peer_certificate.patch: + contained in upstream. +- Update to 3.0.0 Alpha 6 + * Added util/check-format.pl for checking adherence to the coding guidelines. + * Allow SSL_set1_host() and SSL_add1_host() to take IP literal addresses + as well as actual hostnames. + * The 'MinProtocol' and 'MaxProtocol' configuration commands now silently + ignore TLS protocol version bounds when configuring DTLS-based contexts, and + conversely, silently ignore DTLS protocol version bounds when configuring + TLS-based contexts. The commands can be repeated to set bounds of both + types. The same applies with the corresponding "min_protocol" and + "max_protocol" command-line switches, in case some application uses both TLS + and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. + TLSv1_server_method()) also silently ignore version bounds. Previously + attempts to apply bounds to these protocol versions would result in an + error. Now only the "version-flexible" SSL_CTX instances are subject to + limits in configuration files in command-line options. +* Mon Jul 20 2020 vcizek@suse.com +- Fix linking when the deprecated SSL_get_per_certificate() is in use + * https://github.com/openssl/openssl/pull/12468 + * add 0001-Fix-typo-for-SSL_get_peer_certificate.patch +* Fri Jul 17 2020 pmonrealgonzalez@suse.com +- Update to 3.0.0 Alpha 5 + * Deprecated the 'ENGINE' API. Engines should be replaced with + providers going forward. + * Reworked the recorded ERR codes to make better space for system errors. + To distinguish them, the macro 'ERR_SYSTEM_ERROR()' indicates + if the given code is a system error (true) or an OpenSSL error (false). + * Reworked the test perl framework to better allow parallel testing. + * Added ciphertext stealing algorithms AES-128-CBC-CTS, AES-192-CBC-CTS and + AES-256-CBC-CTS to the providers. CS1, CS2 and CS3 variants are supported. + * 'Configure' has been changed to figure out the configuration target if + none is given on the command line. Consequently, the 'config' script is + now only a mere wrapper. All documentation is changed to only mention + 'Configure'. + * Added a library context that applications as well as other libraries can use + to form a separate context within which libcrypto operations are performed. + - There are two ways this can be used: + 1) Directly, by passing a library context to functions that take + such an argument, such as 'EVP_CIPHER_fetch' and similar algorithm + fetching functions. + 2) Indirectly, by creating a new library context and then assigning + it as the new default, with 'OPENSSL_CTX_set0_default'. + - All public OpenSSL functions that take an 'OPENSSL_CTX' pointer, + apart from the functions directly related to 'OPENSSL_CTX', accept + NULL to indicate that the default library context should be used. + - Library code that changes the default library context using + 'OPENSSL_CTX_set0_default' should take care to restore it with a + second call before returning to the caller. + * The security strength of SHA1 and MD5 based signatures in TLS has been + reduced. This results in SSL 3, TLS 1.0, TLS 1.1 and DTLS 1.0 no longer + working at the default security level of 1 and instead requires security + level 0. The security level can be changed either using the cipher string + with @SECLEVEL, or calling SSL_CTX_set_security_level(). + * The SSL option SSL_OP_CLEANSE_PLAINTEXT is introduced. If that option is + set, openssl cleanses (zeroize) plaintext bytes from internal buffers + after delivering them to the application. Note, the application is still + responsible for cleansing other copies (e.g.: data received by SSL_read(3)). +- Update openssl-ppc64-config.patch +* Fri Jun 26 2020 vcizek@suse.com +- Update to 3.0.0 Alpha 4 + * general improvements to the built-in providers, the providers API and the internal plumbing and the provider-aware mechanisms for libssl + * general improvements and fixes in the CLI apps + * support for Automated Cryptographic Validation Protocol (ACVP) tests + * fully pluggable TLS key exchange capability from providers + * finalization of the Certificate Management Protocol (CMP) contribution, adding an impressive amount of tests for the new features + * default to the newer SP800-56B compliant algorithm for RSA keygen + * provider-rand: PRNG functionality backed by providers + * refactored naming scheme for dispatched functions (#12222) + * fixes for various issues + * extended and improved test coverage + * additions and improvements to the documentations +- Fix license: Apache-2.0 +- temporarily disable broken 81-test_cmp_cli.t test + * https://github.com/openssl/openssl/issues/12324 +* Thu Jun 4 2020 vcizek@suse.com +- Update to 3.0.0 Alpha 3 + * general improvements to the built-in providers, the providers API and the internal plumbing and the provider-aware mechanisms for libssl; + * general improvements and fixes in the CLI apps; + * cleanup of the EC API: + EC_METHOD became an internal-only concept, and functions using or returning EC_METHOD arguments have been deprecated; + EC_POINT_make_affine() and EC_POINTs_make_affine() have been deprecated in favor of automatic internal handling of conversions when needed; + EC_GROUP_precompute_mult(), EC_GROUP_have_precompute_mult(), and EC_KEY_precompute_mult() have been deprecated, as such precomputation data is now rarely used; + EC_POINTs_mul() has been deprecated, as for cryptographic applications EC_POINT_mul() is enough. + * the CMS API got support for CAdES-BES signature verification; + * introduction of a new SSL_OP_IGNORE_UNEXPECTED_EOF option; + * improvements to the RSA OAEP support; + * FFDH support in the speed app; + * CI: added external testing through the GOST engine; + * fixes for various issues; + * extended and improved test coverage; + * additions and improvements to the documentations. +* Sat May 23 2020 jengelh@inai.de +- Use find -exec +. Replace 'pwd' by simply $PWD. +- Drop Obsoletes on libopenssl1*. libopenssl3 has a new SONAME and + does not conflict with anything previously. +* Wed May 20 2020 vcizek@suse.com +- Obsolete openssl 1.1 +- Update baselibs.conf +- Set man page permissions to 644 +* Fri May 15 2020 vcizek@suse.com +- Update to 3.0.0 Alpha 2 + * general improvements to the built-in providers, the providers API and the internal plumbing; + * the removal of legacy API functions related to FIPS mode, replaced by new provider-based mechanisms; + * the addition of a new cmp app for RFC 4210; + * extended and improved test coverage; + * improvements to the documentations; + * fixes for various issues. +- drop obsolete version.patch +* Thu Apr 23 2020 vcizek@suse.com +- Initial packaging 3.0.0 Alpha 1 + * Major Release + OpenSSL 3.0 is a major release and consequently any application + that currently uses an older version of OpenSSL will at the + very least need to be recompiled in order to work with the new version. + It is the intention that the large majority of applications will + work unchanged with OpenSSL 3.0 if those applications previously + worked with OpenSSL 1.1.1. However this is not guaranteed and + some changes may be required in some cases. + * Providers and FIPS support + Providers collect together and make available algorithm implementations. + With OpenSSL 3.0 it is possible to specify, either programmatically + or via a config file, which providers you want to use for any given application + * Low Level APIs + Use of the low level APIs have been deprecated. + * Legacy Algorithms + Some cryptographic algorithms that were available via the EVP APIs + are now considered legacy and their use is strongly discouraged. + These legacy EVP algorithms are still available in OpenSSL 3.0 but not by default. + If you want to use them then you must load the legacy provider. + * Engines and "METHOD" APIs + The ENGINE API and any function that creates or modifies custom "METHODS" + are being deprecated in OpenSSL 3.0 + Authors and maintainers of external engines are strongly encouraged to + refactor their code transforming engines into providers using + the new Provider API and avoiding deprecated methods. + * Versioning Scheme + The OpenSSL versioning scheme has changed with the 3.0 release. + The new versioning scheme has this format: MAJOR.MINOR.PATCH + The patch level is indicated by the third number instead of a letter + at the end of the release version number. + A change in the second (MINOR) number indicates that new features may have been added. + OpenSSL versions with the same major number are API and ABI compatible. + If the major number changes then API and ABI compatibility is not guaranteed. + * Other major new features + Implementation of the Certificate Management Protocol (CMP, RFC 4210) + also covering CRMF (RFC 4211) and HTTP transfer (RFC 6712). + A proper HTTP(S) client in libcrypto supporting GET and POST, + redirection, plain and ASN.1-encoded contents, proxies, and timeouts + EVP_KDF APIs have been introduced for working with Key Derivation Functions + EVP_MAC APIs have been introduced for working with MACs + Support for Linux Kernel TLS diff --git a/openssl-3.spec b/openssl-3.spec new file mode 100644 index 0000000..d76faa6 --- /dev/null +++ b/openssl-3.spec @@ -0,0 +1,253 @@ +# +# spec file for package openssl-3 +# +# Copyright (c) 2022-2023 ZhuningOS +# + + +%define ssletcdir %{_sysconfdir}/ssl +%define sover 3 +%define _rname openssl +Name: openssl-3 +# Don't forget to update the version in the "openssl" package! +Version: 3.0.8 +Release: 150500.5.8.1 +Summary: Secure Sockets and Transport Layer Security +License: Apache-2.0 +URL: https://www.openssl.org/ +Source: https://www.%{_rname}.org/source/%{_rname}-%{version}.tar.gz +# to get mtime of file: +Source1: %{name}.changes +Source2: baselibs.conf +Source3: https://www.%{_rname}.org/source/%{_rname}-%{version}.tar.gz.asc +# https://www.openssl.org/about/ +# http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xA2D29B7BF295C759#/openssl.keyring +Source4: %{_rname}.keyring +Source5: showciphers.c +# PATCH-FIX-OPENSUSE: do not install html mans as it takes ages +Patch1: openssl-1.1.0-no-html.patch +Patch2: openssl-truststore.patch +Patch3: openssl-pkgconfig.patch +Patch4: openssl-DEFAULT_SUSE_cipher.patch +Patch5: openssl-ppc64-config.patch +Patch6: openssl-no-date.patch +# Patches for crypto-policies +Patch7: openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +Patch8: openssl-Override-default-paths-for-the-CA-directory-tree.patch +# use openssl3.cnf +Patch9: openssl-use-versioned-config.patch +Patch10: fix-config-in-tests.patch +# PATCH-FIX-UPSTREAM: bsc#1209624, CVE-2023-0464 Excessive Resource Usage Verifying X.509 Policy Constraints +Patch11: openssl-CVE-2023-0464.patch +# PATCH-FIX-UPSTREAM: bsc#1209878, CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored +Patch12: openssl-CVE-2023-0465.patch +# PATCH-FIX-UPSTREAM: bsc#1209873, CVE-2023-0466 Certificate policy check not enabled +Patch13: openssl-CVE-2023-0466.patch +# PATCH-FIX-UPSTREAM: bsc#1210714, CVE-2023-1255: Input buffer over-read in AES-XTS implementation on 64 bit ARM +Patch14: openssl-CVE-2023-1255.patch +# PATCH-FIX-UPSTREAM: bsc#1211430, CVE-2023-2650 Possible DoS translating ASN.1 object identifiers +Patch15: openssl-CVE-2023-2650.patch +# PATCH-FIX-UPSTREAM: bsc#1213383, CVE-2023-2975 AES-SIV ignores empty data entries +Patch16: openssl-CVE-2023-2975.patch +# PATCH-FIX-UPSTREAM: bsc#1213487 CVE-2023-3446 DH_check() excessive time with over sized modulus +Patch17: openssl-CVE-2023-3446.patch +Patch18: openssl-CVE-2023-3446-test.patch +BuildRequires: pkgconfig +BuildRequires: pkgconfig(zlib) +# Add requires for ct_log_list.cnf{,.dist} +Requires: openssl +%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 +Requires: crypto-policies +%endif + +%description +OpenSSL is a software library to be used in applications that need to +secure communications over computer networks against eavesdropping or +need to ascertain the identity of the party at the other end. +OpenSSL contains an implementation of the SSL and TLS protocols. + +%package -n libopenssl3 +Summary: Secure Sockets and Transport Layer Security +%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150400 +Requires: crypto-policies +%endif +Recommends: ca-certificates-mozilla + +%description -n libopenssl3 +OpenSSL is a software library to be used in applications that need to +secure communications over computer networks against eavesdropping or +need to ascertain the identity of the party at the other end. +OpenSSL contains an implementation of the SSL and TLS protocols. + +%package -n libopenssl-3-devel +Summary: Development files for OpenSSL +Requires: libopenssl3 = %{version} +Requires: pkgconfig(zlib) +Recommends: %{name} = %{version} +# We need to have around only the exact version we are able to operate with +Conflicts: libopenssl-devel < %{version} +Conflicts: libopenssl-devel > %{version} +Conflicts: libressl-devel +Conflicts: ssl-devel + +%description -n libopenssl-3-devel +This subpackage contains header files for developing applications +that want to make use of the OpenSSL C API. + +%package doc +Summary: Additional Package Documentation +Conflicts: openssl-doc +Provides: openssl-doc = %{version} +Obsoletes: openssl-doc < %{version} +BuildArch: noarch + +%description doc +This package contains optional documentation provided in addition to +this package's base documentation. + +%prep +%autosetup -p1 -n %{_rname}-%{version} + +%build +%ifarch armv5el armv5tel +export MACHINE=armv5el +%endif +%ifarch armv6l armv6hl +export MACHINE=armv6l +%endif + +./config \ + no-idea \ + no-ec2m \ + enable-rfc3779 \ +%ifarch x86_64 aarch64 ppc64le + enable-ec_nistp_64_gcc_128 \ +%endif + enable-camellia \ + zlib \ + --prefix=%{_prefix} \ + --libdir=%{_lib} \ + --openssldir=%{ssletcdir} \ + %{optflags} \ + -Wa,--noexecstack \ + -Wl,-z,relro,-z,now \ + -fno-common \ + -DTERMIO \ + -DPURIFY \ + -D_GNU_SOURCE \ + -DOPENSSL_NO_BUF_FREELISTS \ + $(getconf LFS_CFLAGS) \ + -Wall \ + --with-rand-seed=getrandom \ + --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config + +# Show build configuration +perl configdata.pm --dump + +# util/mkdef.pl crypto update +%make_build depend +%make_build all + +%check + +# We must revert patch8 before running tests, otherwise they will fail. +patch -p1 -R < %{P:8} + +export MALLOC_CHECK_=3 +export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) +# export HARNESS_VERBOSE=yes +LD_LIBRARY_PATH="$PWD" make TESTS='-test_evp_fetch_prov -test_tsa' test -j1 +# show ciphers +gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{buildroot}%{_libdir} -lssl -lcrypto +LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers + +%install +%make_install %{?_smp_mflags} + +# Kill static libs +rm -f %{buildroot}%{_libdir}/lib*.a +# Remove the cnf.dist +rm -f %{buildroot}%{_sysconfdir}/ssl/openssl3.cnf.dist +mkdir %{buildroot}/%{_datadir}/ssl-3 +mv %{buildroot}/%{ssletcdir}/misc %{buildroot}/%{_datadir}/ssl-3/ +ln -sf ./%{_rname} %{buildroot}/%{_includedir}/ssl +mkdir %{buildroot}/%{_datadir}/ssl +# Rename binary +mv %{buildroot}%{_bindir}/%{_rname} %{buildroot}%{_bindir}/%{name} +# Avoid file conflicts with man pages from other packages +pushd %{buildroot}/%{_mandir} +find . -type f -exec chmod 644 {} + +# Some man pages now contain spaces. This makes several +# scripts go havoc, among them /usr/sbin/Check. +# Replace spaces by underscores +# for i in man?/*\ *; do mv -v "$i" "${i// /_}"; done + +touch $OLDPWD/filelist.doc $OLDPWD/filelist +which readlink &>/dev/null || function readlink { ( set +x; target=$(file $1 2>/dev/null); target=${target//* }; test -f $target && echo $target; ) } +for i in man?/*; do + if test -L $i ; then + LDEST=`readlink $i` + rm -f $i ${i}ssl + ln -sf ${LDEST}ssl-3 ${i}ssl-3 + else + mv $i ${i}ssl-3 + fi + case "$i" in + *.1) + # These are the pages mentioned in openssl(1). They go into the main package. + echo %doc %{_mandir}/${i}ssl-3%{?ext_man} >> $OLDPWD/filelist;; + *) + # The rest goes into the openssl-doc package. + echo %doc %{_mandir}/${i}ssl-3%{?ext_man} >> $OLDPWD/filelist.doc;; + esac +done +popd + +mv %{buildroot}%{_bindir}/c_rehash %{buildroot}%{_bindir}/c_rehash-3 + +# They are provided by openssl package +rm %{buildroot}%{ssletcdir}/ct_log_list.cnf* + +# Do not install demo scripts executable under /usr/share/doc +find demos -type f -perm /111 -exec chmod 644 {} + + +# Place showciphers.c for %%doc macro +cp %{SOURCE5} . + +%post -n libopenssl3 -p /sbin/ldconfig +%postun -n libopenssl3 -p /sbin/ldconfig + +%files -n libopenssl3 +%license LICENSE.txt +%{_libdir}/libssl.so.%{sover} +%{_libdir}/libcrypto.so.%{sover} +%{_libdir}/engines-%{sover} +%dir %{_libdir}/ossl-modules +#%%{_libdir}/ossl-modules/fips.so +%{_libdir}/ossl-modules/legacy.so + +%files -n libopenssl-3-devel +%{_includedir}/%{_rname}/ +%{_includedir}/ssl +%{_libdir}/libssl.so +%{_libdir}/libcrypto.so +%{_libdir}/pkgconfig/libcrypto.pc +%{_libdir}/pkgconfig/libssl.pc +%{_libdir}/pkgconfig/openssl.pc + +%files doc -f filelist.doc +%doc doc/* demos +%doc showciphers.c + +%files -f filelist +%doc CHANGE* +%dir %{ssletcdir} +%config (noreplace) %{ssletcdir}/openssl3.cnf +%attr(700,root,root) %{ssletcdir}/private + +%dir %{_datadir}/ssl-3 +%{_datadir}/ssl-3/misc +%{_bindir}/c_rehash-3 +%{_bindir}/%{name} + +%changelog diff --git a/openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch new file mode 100644 index 0000000..21d3228 --- /dev/null +++ b/openssl-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -0,0 +1,305 @@ +From 736d709ec194b3a763e004696df22792c62a11fc Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 10:16:46 +0200 +Subject: Add support for PROFILE=SYSTEM system default cipherlist + +(was openssl-1.1.1-system-cipherlist.patch) +--- + Configurations/unix-Makefile.tmpl | 5 ++ + Configure | 11 ++++ + doc/man1/openssl-ciphers.pod.in | 9 +++ + include/openssl/ssl.h.in | 5 ++ + ssl/ssl_ciph.c | 87 +++++++++++++++++++++++++++++++++----- + ssl/ssl_lib.c | 4 - + test/cipherlist_test.c | 2 + util/libcrypto.num | 1 + 8 files changed, 110 insertions(+), 14 deletions(-) + +--- a/Configurations/unix-Makefile.tmpl ++++ b/Configurations/unix-Makefile.tmpl +@@ -315,6 +315,10 @@ MANDIR=$(INSTALLTOP)/share/man + DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME) + HTMLDIR=$(DOCDIR)/html + ++{- output_off() if $config{system_ciphers_file} eq ""; "" -} ++SYSTEM_CIPHERS_FILE_DEFINE=-DSYSTEM_CIPHERS_FILE="\"{- $config{system_ciphers_file} -}\"" ++{- output_on() if $config{system_ciphers_file} eq ""; "" -} ++ + # MANSUFFIX is for the benefit of anyone who may want to have a suffix + # appended after the manpage file section number. "ssl" is popular, + # resulting in files such as config.5ssl rather than config.5. +@@ -338,6 +342,7 @@ CC=$(CROSS_COMPILE){- $config{CC} -} + CXX={- $config{CXX} ? "\$(CROSS_COMPILE)$config{CXX}" : '' -} + CPPFLAGS={- our $cppflags1 = join(" ", + (map { "-D".$_} @{$config{CPPDEFINES}}), ++ "\$(SYSTEM_CIPHERS_FILE_DEFINE)", + (map { "-I".$_} @{$config{CPPINCLUDES}}), + @{$config{CPPFLAGS}}) -} + CFLAGS={- join(' ', @{$config{CFLAGS}}) -} +--- a/Configure ++++ b/Configure +@@ -27,7 +27,7 @@ use OpenSSL::config; + my $orig_death_handler = $SIG{__DIE__}; + $SIG{__DIE__} = \&death_handler; + +-my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; ++my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--system-ciphers-file=SYSTEMCIPHERFILE] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; + + my $banner = <<"EOF"; + +@@ -61,6 +61,10 @@ EOF + # given with --prefix. + # This becomes the value of OPENSSLDIR in Makefile and in C. + # (Default: PREFIX/ssl) ++# ++# --system-ciphers-file A file to read cipher string from when the PROFILE=SYSTEM ++# cipher is specified (default). ++# + # --banner=".." Output specified text instead of default completion banner + # + # -w Don't wait after showing a Configure warning +@@ -387,6 +391,7 @@ $config{prefix}=""; + $config{openssldir}=""; + $config{processor}=""; + $config{libdir}=""; ++$config{system_ciphers_file}=""; + my $auto_threads=1; # enable threads automatically? true by default + my $default_ranlib; + +@@ -989,6 +994,10 @@ while (@argvcopy) + die "FIPS key too long (64 bytes max)\n" + if length $1 > 64; + } ++ elsif (/^--system-ciphers-file=(.*)$/) ++ { ++ $config{system_ciphers_file}=$1; ++ } + elsif (/^--banner=(.*)$/) + { + $banner = $1 . "\n"; +--- a/doc/man1/openssl-ciphers.pod.in ++++ b/doc/man1/openssl-ciphers.pod.in +@@ -186,6 +186,15 @@ As of OpenSSL 1.0.0, the B cipher s + + The cipher suites not enabled by B, currently B. + ++=item B ++ ++The list of enabled cipher suites will be loaded from the system crypto policy ++configuration file B. ++See also L. ++This is the default behavior unless an application explicitly sets a cipher ++list. If used in a cipher list configuration value this string must be at the ++beginning of the cipher list, otherwise it will not be recognized. ++ + =item B + + "High" encryption cipher suites. This currently means those with key lengths +--- a/include/openssl/ssl.h.in ++++ b/include/openssl/ssl.h.in +@@ -210,6 +210,11 @@ extern "C" { + * throwing out anonymous and unencrypted ciphersuites! (The latter are not + * actually enabled by ALL, but "ALL:RSA" would enable some of them.) + */ ++# ifdef SYSTEM_CIPHERS_FILE ++# define SSL_SYSTEM_DEFAULT_CIPHER_LIST "PROFILE=SYSTEM" ++# else ++# define SSL_SYSTEM_DEFAULT_CIPHER_LIST OSSL_default_cipher_list() ++# endif + + /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ + # define SSL_SENT_SHUTDOWN 1 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -1438,6 +1438,53 @@ int SSL_set_ciphersuites(SSL *s, const c + return ret; + } + ++#ifdef SYSTEM_CIPHERS_FILE ++static char *load_system_str(const char *suffix) ++{ ++ FILE *fp; ++ char buf[1024]; ++ char *new_rules; ++ const char *ciphers_path; ++ unsigned len, slen; ++ ++ if ((ciphers_path = ossl_safe_getenv("OPENSSL_SYSTEM_CIPHERS_OVERRIDE")) == NULL) ++ ciphers_path = SYSTEM_CIPHERS_FILE; ++ fp = fopen(ciphers_path, "r"); ++ if (fp == NULL || fgets(buf, sizeof(buf), fp) == NULL) { ++ /* cannot open or file is empty */ ++ snprintf(buf, sizeof(buf), "%s", SSL_DEFAULT_CIPHER_LIST); ++ } ++ ++ if (fp) ++ fclose(fp); ++ ++ slen = strlen(suffix); ++ len = strlen(buf); ++ ++ if (buf[len - 1] == '\n') { ++ len--; ++ buf[len] = 0; ++ } ++ if (buf[len - 1] == '\r') { ++ len--; ++ buf[len] = 0; ++ } ++ ++ new_rules = OPENSSL_malloc(len + slen + 1); ++ if (new_rules == 0) ++ return NULL; ++ ++ memcpy(new_rules, buf, len); ++ if (slen > 0) { ++ memcpy(&new_rules[len], suffix, slen); ++ len += slen; ++ } ++ new_rules[len] = 0; ++ ++ return new_rules; ++} ++#endif ++ + STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx, + STACK_OF(SSL_CIPHER) *tls13_ciphersuites, + STACK_OF(SSL_CIPHER) **cipher_list, +@@ -1452,15 +1499,25 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; + const SSL_CIPHER **ca_list = NULL; + const SSL_METHOD *ssl_method = ctx->method; ++#ifdef SYSTEM_CIPHERS_FILE ++ char *new_rules = NULL; ++ ++ if (rule_str != NULL && strncmp(rule_str, "PROFILE=SYSTEM", 14) == 0) { ++ char *p = rule_str + 14; ++ ++ new_rules = load_system_str(p); ++ rule_str = new_rules; ++ } ++#endif + + /* + * Return with error if nothing to do. + */ + if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) +- return NULL; ++ goto err; + + if (!check_suiteb_cipher_list(ssl_method, c, &rule_str)) +- return NULL; ++ goto err; + + /* + * To reduce the work to do we only want to process the compiled +@@ -1482,7 +1539,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers); + if (co_list == NULL) { + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); +- return NULL; /* Failure */ ++ goto err; + } + + ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, +@@ -1548,8 +1605,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * in force within each class + */ + if (!ssl_cipher_strength_sort(&head, &tail)) { +- OPENSSL_free(co_list); +- return NULL; ++ goto err; + } + + /* +@@ -1593,9 +1649,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; + ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max); + if (ca_list == NULL) { +- OPENSSL_free(co_list); + ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE); +- return NULL; /* Failure */ ++ goto err; + } + ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, + disabled_mkey, disabled_auth, disabled_enc, +@@ -1628,8 +1683,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + OPENSSL_free(ca_list); /* Not needed anymore */ + + if (!ok) { /* Rule processing failure */ +- OPENSSL_free(co_list); +- return NULL; ++ goto err; + } + + /* +@@ -1637,10 +1691,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + * if we cannot get one. + */ + if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { +- OPENSSL_free(co_list); +- return NULL; ++ goto err; + } + ++#ifdef SYSTEM_CIPHERS_FILE ++ OPENSSL_free(new_rules); /* Not needed anymore */ ++#endif ++ + /* Add TLSv1.3 ciphers first - we always prefer those if possible */ + for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) { + const SSL_CIPHER *sslc = sk_SSL_CIPHER_value(tls13_ciphersuites, i); +@@ -1692,6 +1749,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + *cipher_list = cipherstack; + + return cipherstack; ++ ++err: ++ OPENSSL_free(co_list); ++#ifdef SYSTEM_CIPHERS_FILE ++ OPENSSL_free(new_rules); ++#endif ++ return NULL; ++ + } + + char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) +--- a/ssl/ssl_lib.c ++++ b/ssl/ssl_lib.c +@@ -660,7 +660,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx + ctx->tls13_ciphersuites, + &(ctx->cipher_list), + &(ctx->cipher_list_by_id), +- OSSL_default_cipher_list(), ctx->cert); ++ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ctx->cert); + if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { + ERR_raise(ERR_LIB_SSL, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); + return 0; +@@ -3285,7 +3285,7 @@ SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *li + if (!ssl_create_cipher_list(ret, + ret->tls13_ciphersuites, + &ret->cipher_list, &ret->cipher_list_by_id, +- OSSL_default_cipher_list(), ret->cert) ++ SSL_SYSTEM_DEFAULT_CIPHER_LIST, ret->cert) + || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { + ERR_raise(ERR_LIB_SSL, SSL_R_LIBRARY_HAS_NO_CIPHERS); + goto err2; +--- a/test/cipherlist_test.c ++++ b/test/cipherlist_test.c +@@ -246,7 +246,9 @@ end: + + int setup_tests(void) + { ++#ifndef SYSTEM_CIPHERS_FILE + ADD_TEST(test_default_cipherlist_implicit); ++#endif + ADD_TEST(test_default_cipherlist_explicit); + ADD_TEST(test_default_cipherlist_clear); + return 1; +--- a/util/libcrypto.num ++++ b/util/libcrypto.num +@@ -5428,3 +5428,4 @@ EVP_PKEY_CTX_get0_provider + OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: + OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: + OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP ++ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: diff --git a/openssl-CVE-2023-0464.patch b/openssl-CVE-2023-0464.patch new file mode 100644 index 0000000..1cf2edf --- /dev/null +++ b/openssl-CVE-2023-0464.patch @@ -0,0 +1,814 @@ +From 8481ba26a84d6d9c5b54c2b3773b3923a684d8b2 Mon Sep 17 00:00:00 2001 +From: Pauli +Date: Wed, 8 Mar 2023 15:28:20 +1100 +Subject: [PATCH 1/3] x509: excessive resource use verifying policy constraints + +A security vulnerability has been identified in all supported versions +of OpenSSL related to the verification of X.509 certificate chains +that include policy constraints. Attackers may be able to exploit this +vulnerability by creating a malicious certificate chain that triggers +exponential use of computational resources, leading to a denial-of-service +(DoS) attack on affected systems. + +Fixes CVE-2023-0464 +--- + CHANGES.md | 9 + crypto/x509/pcy_local.h | 8 + crypto/x509/pcy_node.c | 12 + crypto/x509/pcy_tree.c | 36 + test/recipes/80-test_policy_tree.t | 41 + + test/recipes/80-test_policy_tree_data/large_leaf.pem | 11 + test/recipes/80-test_policy_tree_data/large_policy_tree.pem | 434 ++++++++++++ + test/recipes/80-test_policy_tree_data/small_leaf.pem | 11 + test/recipes/80-test_policy_tree_data/small_policy_tree.pem | 70 + + 9 files changed, 618 insertions(+), 14 deletions(-) + +--- a/CHANGES.md ++++ b/CHANGES.md +@@ -30,6 +30,15 @@ breaking changes, and mappings for the l + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + ++ * Limited the number of nodes created in a policy tree to mitigate ++ against CVE-2023-0464. The default limit is set to 1000 nodes, which ++ should be sufficient for most installations. If required, the limit ++ can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build ++ time define to a desired maximum number of nodes or zero to allow ++ unlimited growth. ++ ++ *Paul Dale* ++ + * Fixed NULL dereference during PKCS7 data verification. + + A NULL pointer can be dereferenced when signatures are being +--- a/crypto/x509/pcy_local.h ++++ b/crypto/x509/pcy_local.h +@@ -111,6 +111,11 @@ struct X509_POLICY_LEVEL_st { + }; + + struct X509_POLICY_TREE_st { ++ /* The number of nodes in the tree */ ++ size_t node_count; ++ /* The maximum number of nodes in the tree */ ++ size_t node_maximum; ++ + /* This is the tree 'level' data */ + X509_POLICY_LEVEL *levels; + int nlevel; +@@ -157,7 +162,8 @@ X509_POLICY_NODE *ossl_policy_tree_find_ + X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, + X509_POLICY_DATA *data, + X509_POLICY_NODE *parent, +- X509_POLICY_TREE *tree); ++ X509_POLICY_TREE *tree, ++ int extra_data); + void ossl_policy_node_free(X509_POLICY_NODE *node); + int ossl_policy_node_match(const X509_POLICY_LEVEL *lvl, + const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); +--- a/crypto/x509/pcy_node.c ++++ b/crypto/x509/pcy_node.c +@@ -59,10 +59,15 @@ X509_POLICY_NODE *ossl_policy_level_find + X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, + X509_POLICY_DATA *data, + X509_POLICY_NODE *parent, +- X509_POLICY_TREE *tree) ++ X509_POLICY_TREE *tree, ++ int extra_data) + { + X509_POLICY_NODE *node; + ++ /* Verify that the tree isn't too large. This mitigates CVE-2023-0464 */ ++ if (tree->node_maximum > 0 && tree->node_count >= tree->node_maximum) ++ return NULL; ++ + node = OPENSSL_zalloc(sizeof(*node)); + if (node == NULL) { + ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); +@@ -70,7 +75,7 @@ X509_POLICY_NODE *ossl_policy_level_add_ + } + node->data = data; + node->parent = parent; +- if (level) { ++ if (level != NULL) { + if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) { + if (level->anyPolicy) + goto node_error; +@@ -90,7 +95,7 @@ X509_POLICY_NODE *ossl_policy_level_add_ + } + } + +- if (tree) { ++ if (extra_data) { + if (tree->extra_data == NULL) + tree->extra_data = sk_X509_POLICY_DATA_new_null(); + if (tree->extra_data == NULL){ +@@ -103,6 +108,7 @@ X509_POLICY_NODE *ossl_policy_level_add_ + } + } + ++ tree->node_count++; + if (parent) + parent->nchild++; + +--- a/crypto/x509/pcy_tree.c ++++ b/crypto/x509/pcy_tree.c +@@ -14,6 +14,17 @@ + + #include "pcy_local.h" + ++/* ++ * If the maximum number of nodes in the policy tree isn't defined, set it to ++ * a generous default of 1000 nodes. ++ * ++ * Defining this to be zero means unlimited policy tree growth which opens the ++ * door on CVE-2023-0464. ++ */ ++#ifndef OPENSSL_POLICY_TREE_NODES_MAX ++# define OPENSSL_POLICY_TREE_NODES_MAX 1000 ++#endif ++ + static void expected_print(BIO *channel, + X509_POLICY_LEVEL *lev, X509_POLICY_NODE *node, + int indent) +@@ -163,6 +174,9 @@ static int tree_init(X509_POLICY_TREE ** + return X509_PCY_TREE_INTERNAL; + } + ++ /* Limit the growth of the tree to mitigate CVE-2023-0464 */ ++ tree->node_maximum = OPENSSL_POLICY_TREE_NODES_MAX; ++ + /* + * http://tools.ietf.org/html/rfc5280#section-6.1.2, figure 3. + * +@@ -180,7 +194,7 @@ static int tree_init(X509_POLICY_TREE ** + if ((data = ossl_policy_data_new(NULL, + OBJ_nid2obj(NID_any_policy), 0)) == NULL) + goto bad_tree; +- if (ossl_policy_level_add_node(level, data, NULL, tree) == NULL) { ++ if (ossl_policy_level_add_node(level, data, NULL, tree, 1) == NULL) { + ossl_policy_data_free(data); + goto bad_tree; + } +@@ -239,7 +253,8 @@ static int tree_init(X509_POLICY_TREE ** + * Return value: 1 on success, 0 otherwise + */ + static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, +- X509_POLICY_DATA *data) ++ X509_POLICY_DATA *data, ++ X509_POLICY_TREE *tree) + { + X509_POLICY_LEVEL *last = curr - 1; + int i, matched = 0; +@@ -249,13 +264,13 @@ static int tree_link_matching_nodes(X509 + X509_POLICY_NODE *node = sk_X509_POLICY_NODE_value(last->nodes, i); + + if (ossl_policy_node_match(last, node, data->valid_policy)) { +- if (ossl_policy_level_add_node(curr, data, node, NULL) == NULL) ++ if (ossl_policy_level_add_node(curr, data, node, tree, 0) == NULL) + return 0; + matched = 1; + } + } + if (!matched && last->anyPolicy) { +- if (ossl_policy_level_add_node(curr, data, last->anyPolicy, NULL) == NULL) ++ if (ossl_policy_level_add_node(curr, data, last->anyPolicy, tree, 0) == NULL) + return 0; + } + return 1; +@@ -268,7 +283,8 @@ static int tree_link_matching_nodes(X509 + * Return value: 1 on success, 0 otherwise. + */ + static int tree_link_nodes(X509_POLICY_LEVEL *curr, +- const X509_POLICY_CACHE *cache) ++ const X509_POLICY_CACHE *cache, ++ X509_POLICY_TREE *tree) + { + int i; + +@@ -276,7 +292,7 @@ static int tree_link_nodes(X509_POLICY_L + X509_POLICY_DATA *data = sk_X509_POLICY_DATA_value(cache->data, i); + + /* Look for matching nodes in previous level */ +- if (!tree_link_matching_nodes(curr, data)) ++ if (!tree_link_matching_nodes(curr, data, tree)) + return 0; + } + return 1; +@@ -307,7 +323,7 @@ static int tree_add_unmatched(X509_POLIC + /* Curr may not have anyPolicy */ + data->qualifier_set = cache->anyPolicy->qualifier_set; + data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS; +- if (ossl_policy_level_add_node(curr, data, node, tree) == NULL) { ++ if (ossl_policy_level_add_node(curr, data, node, tree, 1) == NULL) { + ossl_policy_data_free(data); + return 0; + } +@@ -370,7 +386,7 @@ static int tree_link_any(X509_POLICY_LEV + /* Finally add link to anyPolicy */ + if (last->anyPolicy && + ossl_policy_level_add_node(curr, cache->anyPolicy, +- last->anyPolicy, NULL) == NULL) ++ last->anyPolicy, tree, 0) == NULL) + return 0; + return 1; + } +@@ -553,7 +569,7 @@ static int tree_calculate_user_set(X509_ + extra->flags = POLICY_DATA_FLAG_SHARED_QUALIFIERS + | POLICY_DATA_FLAG_EXTRA_NODE; + node = ossl_policy_level_add_node(NULL, extra, anyPolicy->parent, +- tree); ++ tree, 1); + } + if (!tree->user_policies) { + tree->user_policies = sk_X509_POLICY_NODE_new_null(); +@@ -580,7 +596,7 @@ static int tree_evaluate(X509_POLICY_TRE + + for (i = 1; i < tree->nlevel; i++, curr++) { + cache = ossl_policy_cache_set(curr->cert); +- if (!tree_link_nodes(curr, cache)) ++ if (!tree_link_nodes(curr, cache, tree)) + return X509_PCY_TREE_INTERNAL; + + if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) +--- /dev/null ++++ b/test/recipes/80-test_policy_tree.t +@@ -0,0 +1,41 @@ ++#! /usr/bin/env perl ++# Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++ ++use strict; ++use warnings; ++ ++use POSIX; ++use OpenSSL::Test qw/:DEFAULT srctop_file with data_file/; ++ ++use OpenSSL::Test::Utils; ++use OpenSSL::Glob; ++ ++setup("test_policy_tree"); ++ ++plan tests => 2; ++ ++# The small pathological tree is expected to work ++my $small_chain = srctop_file("test", "recipes", "80-test_policy_tree_data", ++ "small_policy_tree.pem"); ++my $small_leaf = srctop_file("test", "recipes", "80-test_policy_tree_data", ++ "small_leaf.pem"); ++ ++ok(run(app(["openssl", "verify", "-CAfile", $small_chain, ++ "-policy_check", $small_leaf])), ++ "test small policy tree"); ++ ++# The large pathological tree is expected to fail ++my $large_chain = srctop_file("test", "recipes", "80-test_policy_tree_data", ++ "large_policy_tree.pem"); ++my $large_leaf = srctop_file("test", "recipes", "80-test_policy_tree_data", ++ "large_leaf.pem"); ++ ++ok(!run(app(["openssl", "verify", "-CAfile", $large_chain, ++ "-policy_check", $large_leaf])), ++ "test large policy tree"); +--- /dev/null ++++ b/test/recipes/80-test_policy_tree_data/large_leaf.pem +@@ -0,0 +1,11 @@ ++-----BEGIN CERTIFICATE----- ++MIIBmTCCAT+gAwIBAgIBADAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgMTAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowGjEYMBYGA1UE ++AxMPd3d3LmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEp6Qe ++jrN6A0ZjqaFbX/zO01aVYXH5kthBDTEO/fU4H0CdwqrfyMsFrObwssrTJcsmSFKP ++x1FYr8wT2wCACs19lqN4MHYwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPd3d3LmV4YW1wbGUuY29t ++MCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMAoGCCqGSM49 ++BAMCA0gAMEUCIDGT8SVBkWJEZ2EzXm8M895NrNRmfc8uoheP0KKv+ndHAiEA2Onr ++20J+zTaR7vONY/1DleMm7fGY3UxTobSHSvOKbfY= ++-----END CERTIFICATE----- +--- /dev/null ++++ b/test/recipes/80-test_policy_tree_data/large_policy_tree.pem +@@ -0,0 +1,434 @@ ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBATAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgMjAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATgyLz1C0dD ++ib5J/QmoE4d+Nf5yvvlzjVZHWIu7iCMEqK67cnA1RtMp1d0xdiNQS6si3ExNPBF+ ++ELdkP0E6x26Jo4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSs+ml5upH1h25oUB0Ep4vd ++SUdZ/DAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIhAOME8j1/cMogNnuNCb0O ++RIOE9pLP4je78KJiP8CZm0iOAiALr8NI67orD/VpfRptkjCmOd7rTWMVOOJfBr6N ++VJFLjw== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICDzCCAbagAwIBAgIBAjAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgMzAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASIdzU/FF3Y ++rTsTX04fRIN2yrZwxvOAfZ6DuEgKRxEimJx1nCyETuMmfDowm52mx/Cyk08xorp8 ++PhGEbacMd9kio4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSwok/8RfJbVGTzyF5jhWLc ++hO7pcDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDRwAwRAIgYVF7bXxUuOzAZF6SmeIJ ++s+iL15bLSQ2rW7QDc6QYp9MCIAup6YokIcr8JaGttHmLaKbASQLxYDGHhfFIVZuI ++BDvT ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBAzAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNDAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ38Llxxj32 ++H3NN4Z1V8IuRKXLNhdU4z+NbT1rahusEyAHF+z9VTjim+HHfqFKV1QyNOJZ4rMA9 ++J/gODWsNCT4po4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS11YgFNKTx3a6kssIijnA9 ++DiOhoTAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIhAJXNZHMpvlnMfxhcG6EF ++Vw1pEXJ+iZnWT+Yu02a2zhamAiAiOKNhALBw/iKhQrwLo0cdx6UEfUKbaqTSGiax ++tHUylA== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBBDAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNTAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATo81HWQ/we ++egmoO/LMntQK1VQ9YzU627nblv/XWoOjEd/tBeE8+Un4jUnhZqNrP2TAzy48jEaT ++1DShCQNQGek7o4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS6/F38QgbZSHib0W1XtMfs ++4O5DTDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIgXMYCQWi5/6iQw+zqyEav ++CE7kOfTpm9GN4bZX5Eau5AACIQD0rDZwsjWf6hI2Hn8IlpwYVVC9bpxrAM/JmYuu ++79V/uw== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBBTAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNjAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARsPMjOkmzJ ++2jwT30mKUvAFYVgOlgcoXxYr61p54mbQMmmH49ABmJQMu5rjwjwYlYA3UzbEN9ki ++hMsJz/4JIrJGo4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQeflZRWUze+7jne9MkYYy5 ++iWFgJDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIhAIN6BjMnPlixl3i6Z1Xa ++pZQt52MOCHPm0XzXDn2XlC9+AiAn146u8rbppdEGMFr21vfFZaktwEb0cZkC9fBp ++S1uKwQ== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBBjAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNzAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASVmpozZzxX ++f6rFinkqS0y8sfbOwcM0gNuR0x83mmZH5+a8W4ug5W80QiBaS3rHtwTsFHpCeQKq ++eJvfb/esgJu8o4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQPuF2sXR0vOHJynh57qefK +++h7RGDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIgDX0jHPq1alZoMbPDmbZp ++QYuM9UQagQ5KJgVU1B0Mh2ECIQCtdyfT2h5jZvz3lLKkQ9a6LddIuqsyNKDAxbpb ++PlBOOA== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBBzAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgODAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASb+9fN9RLe ++SHGynsKXhLWGhIS/kZ6Yl97+h23xpjLaZUOzhn5VafXdmLrQ4BmqSMHqIKzcc8IB ++STV3NwO4NxPBo4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTBF9x+MrsyqoCaTQ2kB7Bn ++tpK2qDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIhAI37Di/5MrSj2clr+2pX ++iXzeDIvlaxzVetyH3ibUZZBSAiA41aPIssHi9evv2mZonEvXY8g+DKbh/3L2mSub ++/AyLoA== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICETCCAbagAwIBAgIBCDAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgOTAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASrRS12/zEP ++RUNye9SLadN4xK+xfTwyXfxeC+jam+J98lOMcHz6abnLpk5tJ7wab4Pkygsbj1V2 ++STxeW+YH23dto4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQYpYFLhosbir7KoyYdehsQ ++6DdLfzAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSQAwRgIhAPTCN+zWFG2cFzJ+nlfg ++JMY4U2e3vqTQmFeBXYlBASb9AiEA0KvsyNwloF1YeeaYcP5iHoRGRo8UMD3QWKEE ++vWI14Uk= ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbegAwIBAgIBCTAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTAwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBYxFDASBgNV ++BAMTC1BvbGljeSBDQSA5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoR4udEgt ++usb9f946+Xznm7Q3OaW4DTZjO7wqX1I+27zDp0JrUbCZwtm0Cw+pYkG5kPpNcFTK ++7yG3YgqM1sT+6aOB8jCB7zAOBgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYB ++BQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUjgtOHvFBcUQ03AKUbvuJ ++IWO5lzUwJQYDVR0gBB4wHDAMBgpghkgBZQMCATABMAwGCmCGSAFlAwIBMAIwcQYD ++VR0hBGowaDAYBgpghkgBZQMCATABBgpghkgBZQMCATABMBgGCmCGSAFlAwIBMAEG ++CmCGSAFlAwIBMAIwGAYKYIZIAWUDAgEwAgYKYIZIAWUDAgEwATAYBgpghkgBZQMC ++ATACBgpghkgBZQMCATACMAoGCCqGSM49BAMCA0cAMEQCICIboTAzG1DvCY/0tA/o ++l18zrW9qKVnt4mxih5JQe4fOAiBOF2ZeUT2/ZtdFhZmg+zl/fGrQ1xEx09/S956k ++Ig4S9Q== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBCjAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTEwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLxetqJp ++VR6apJytboxFCCooQ7jVcc7yoHhjlH8HsaJS3GrWpyMgiqOfyWt4KFMynKkgCU1K ++1QcU9aC5BfRQpyWjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFD6etMtD6Qpa7TjVQBgV ++/4PhZP4DMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEA+5uiOjJoq5nU7lKN ++rZtBdYNqUKvHuYB+jiNEfWvxx2cCIFZEJCGw8fzqkAyGWkLe10w8PUzPM64nh757 ++pEtxCzZh ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBCzAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTIwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPQuXEeo ++BrbyENdz9HqAoWMSQx1BErsUcQaneq3L0/VHHJBPKihb8s4nB/2yZaEarr8LFAvi ++ofx+4egydkP0mJ+jgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIoC4qL79Uy3+m26Y+ch +++sE6gCOMMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEAx/vMDhaH4EYTM2v9 ++GeM1xTP9pNRgak69JQLKLu1VM1YCIF1RYC8Fma5Bc0cZAYY+Gj7dEf9qHj1TODA5 ++C9es2CPY ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICETCCAbigAwIBAgIBDDAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTMwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDlEv73o ++ej8Xvc3UodhSHkech80DbuBKdeldOTrRp6ZaVUP3vMgjNUJkh4WkvP3UVTe5SV4D ++zQXDIiwAEJu+zdmjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFCAn0wYXyRdliJOBFvvJ ++eZoGTiyOMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNHADBEAiAo2PPmLBZpcT0bst/C ++SXvnl3gztIZu89O1MKsNwFcM9QIgIzqZx/o9MF/fP7zbLWErVcUQViOGiCRBLVh7 ++ppb7CoA= ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBDTAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTQwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABB8mgAoN ++rmFo937IBKXKuxHedUjOL7y3cpDYD1H3C4HRDBQDVOL31lC5kJUhS4HBLvJQwebR ++2kW35E3AnhbY/oKjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFBGbO20Xp/q0fPChjLHL ++WuJwSNc1MCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEA3qGzdevdYfmiSBj9 ++t9oE8hfEP+APqGiStlOLKD6xVK0CIQDq9cVa2KXMEz7YwmMO3lxoQFDPEXftbRaC ++edFB7q/YXg== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBDjAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTUwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxNDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHDiOMtx ++5sfJs/WDnw0xS5NYlkbgy2eOZHAmC/jhRp6cjShZrr2/S4IJsH8B2VMcYAHgum6a ++eMjqWFIMxIjN5xyjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOWtYUeAPk66m0o6Z7ax ++1RN42wmkMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEA+AcazVKKPfqkpcJw ++rkXWIyZrTe+1PNETQzaJCooGNGkCIQDdfHf1I78e+ogaDcjkDe0s3R9VhkvjCty6 ++uKKFtNGHMQ== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBDzAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTYwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxNTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKCkdSYz +++zyHItG2rQSyCh018b4bu9Zrw8nzkCBgkT2IyycNtpabYkWhxcEL29ZFqBnB+l7N ++5fYmHl5CmflJPh+jgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNanrmjMEN3PndPGeucm ++mST9ucNWMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiAFt48yhTTv0rP29N8H ++yRhAQGfnV4t1b8JucixLSfe32QIhAOef6iiwLxbBOMUn5ZN/WAK5TERem6DLSzWN ++/PTXHAAt ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICETCCAbigAwIBAgIBEDAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTcwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxNjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABH5txyDp ++DfRsIyYPTAQ+fuxk08E3/tpChVWoog4XQvod61wcUO1/nhoTGNKZZOhN5uhKWJWb ++1futz+XxV2QxTCyjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFHSlcxgh3gxgVag1JvAk ++zbHlgMbEMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNHADBEAiA9Ee47PnxqW0QmELB+ ++dd90Fz8wcQFZlNmkPW4Oq2xr/wIgGlxfutQq7l3TU5hyyO0Lh01AHn2DC5KPFPwE ++l8S9VeY= ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBETAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTgwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAJvlQKB ++gJZ+Tysa6iwhllPXCeJrkan6WUm+oqOIY02/SpI5Mba1Kwg73Fsswx3Eywt8sxA2 ++4fiaqwg+xZoil06jgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFM/udZ1ib8qDfShdfdfX ++8gL6w7VMMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEA6kK7vAYF2TPXzywn +++SDLsiGbU6Sj8aTtsJZf9DmhKr4CIQCt4FfI7IWinqNlURXe4HSBPsekcQkOpwjK ++PuJRx3fuFw== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBEjAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMTkwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxODBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEerejCw ++gAy7GecLVbQw6eL8k1cGWwLt+wl3sn8he8fA0I+KoFfcOCgtvOF59RMXnjZ1+7OC ++kz3mNDVSbKY6KO2jgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFM0OUOtOKTcTMRXGQwbw ++GOoLCOEYMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEAziPsm2dArB/3ILqm ++04mZl8/DX6dB4EmU+FPF2UpAeLwCIQCofc27tisg3L1mPNeiwZ26+rDe5SdixiUc ++S3KWOJ1cTg== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBEzAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjAwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAxOTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPmB5spr ++C64/21ssufcbshGnQtAWbk2o2l+ej6pMMPIZhmNyvM450L3dFX12UBNcaERCABmr ++BEJL7IubGWE9CVOjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJCh/1mh0Hl2+LE0osUv ++OJCmV3IYMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEAtxMIkO4xCRSQCU6d ++0jt+Go4xj/R4bQFWbZrlS9+fYUECICuWAgT3evhoo34o04pU84UaYOvO5V0GJsTt ++hrS1v3hT ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBFDAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjEwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHdvTDYo ++M/padIV3LdTnrzwMy1HSTeJ2aTUalkVV17uL2i3C51rWM2pl+qlRordq6W2GboMz ++/+78HhKMcCrMWKCjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFAbZN0eSPw3MyvWIEix6 ++GnYRIiFkMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEAlaapLXHwGNkeEwc0 ++jsY2XhuR3RlVhD4T2k/QyJRQ0s0CIQD5E+e+5QTe5s+534Lwcxe2iFb3oFm+8g81 ++OBVtfmSMGg== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBFTAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjIwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLTu8R5Y ++7Po4W05hWperfod6mXezwWgAVk2RW2EG2vy4NeZeML2EFhg2geNc6N5Goep9t7pn ++d+BtORRvR75oCDijgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNs0d2vXsRj3YYsBrWDo ++jrvcEA+eMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiBB603Ui+L60FcUWPrB ++Ch06hmgle2u0P07Go/XjTk00ZQIhALGhNArJFEY0gu+XUtyKEZt7BZ0/sh5dtLDP ++xkRgR6Wh ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBFjAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjMwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPXpzC9/ ++KGblQyjhdcS0a8KBPAiS7c0n+V0i9JItbyze38Ncrctp0wIGHZLjRoB4DZYX1I8e ++K5C7KVeUPEE9eOGjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFISsw9orkX/cBVWcK5KA ++//kldz8HMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEA1gazdApLS91ql8Am ++4gb4Ku7Lgll4jV+BrLkbABE2cI0CIQCEH1GUJ6ARJB1GdcHrPyaLgeZ5jV2p63UW ++UV2QL6aETA== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBFzAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjQwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKdweprb ++RZmuUk4og1Xa9Skb1vu7jsLozlm9CtDhKLbJ+cDX/VeKj/b8FuvakBO3L1QV5XU0 ++iFswsIVBVZ3m+TyjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPgcEbHfKHt0o/PCS0kD ++XWW9XkqMMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEA9XDj0w5qMS/tLlr9 ++Z2j8JtVR4M7pF/Wx2U43vmPFJEACIBAlAiUnCm1Nfj16t2cojrW+m2t1cU80ihmj ++Ld1U+dRD ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICETCCAbigAwIBAgIBGDAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjUwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyNDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAq2PphK ++4oVsc+ml3zskBLiMa+dz64k+PrrfKIGSG2Ri5Du/orj0dO9639LeCkkMwWpXAfSx ++wxHHQX0I1KwsudGjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEqcfkso+ynKq2eFaJy8 ++mzNBdN2PMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNHADBEAiBZ71jDD33HFFqMkLAW ++gTAGMmzh9b/vZ8jAclPDKHRghQIgf2GBOF1eEF8Ino9F1n1ia5c3EryvXnvVoklw ++cjMIQ5g= ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBGTAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjYwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyNTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJRoDkj7 ++iDlIygt4YmMgw4pizu2sx4436MGtw5fFHhjy7T+pPMGjYFg3dixxUOu1NHORpdJq ++8Y7SN8p8Y0XsDpijgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOutMoKSOv5lEGZaqYZM ++zNFwpX3KMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEAks62lsAHmN6xkZsF ++6ocGONpH/XmHLpoO6RfMoRCnWkICIFNFD+W6pSSvdDB96sn8jnZ7W/Y0hyLzscBO ++WtkzqqJJ ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBGjAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjcwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyNjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABE3seRj5 ++LVNKi9sZk7qv5cBVUG8BLXXfDRUhCUzT10YAU1J0yd2wmLTbwPyYm65GaecvAHSR ++SExOzX6bC35nNt6jgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNx5XhDdoflDgPrW/HyU ++tCokuJ0AMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEApAQVb0KQedyAw1SJ ++J8At4uxxm2b8W13s6ENapxw+lwwCIQC7326NFPsDjbfBKhFDQhCIMkAkYq2wzRJ7 ++ubTwkdT19g== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBGzAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjgwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABC+FQF2E ++TrZ4YGNyxFxzpTQBjlu9QUrwgHzabAn47toqRkWUGAS68jBfSdR+j2c7/oehQHhO ++relHcbQilhZnh4ijgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIOlwsa4FjZWhzQYTAY3 ++c2TSYhsEMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEAwxNBi+8baAU76yng +++XvMpY62aqPO4bAe/uedaxBb2jMCIQDJHXqibgIAm1T4/YHimllVlLQudQL5OkbF ++Krj3uVHtBg== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBHDAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMjkwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyODBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBmhjGvk ++C3QfSVdY5zuHEY4Rf3eKVro6vcKymgdBPFjjDggZNktR3OMnayCabJB51g2VL7Fg ++MegdwzJWzPvQreyjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEvevGIfitXek0IStYIR ++5ne2SkJwMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiBzlv0TggDJWUWx0UHl ++cqxuMpoNdy+ifizQIlcjWcrzvgIhAJdQfkPaZdc4/j/HfGaVNN9InJuBWGrPYU6A ++iwsSB0jY ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEzCCAbigAwIBAgIBHTAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMzAwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAyOTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCrC5p+Z ++ywMukm1LRuXeJ5V1M6V+8A8PjqB3tgHVeEn973HOfia8lt2/7EoKaLKzP8A7D3eC ++aBJUmTgHauaolYOjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGG5D5h1FRA+aZMbSXfZ ++Mp8pjYUEMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNJADBGAiEAnI2IhyXtBCRiv+Xs ++EzsO497oVf1U8SJiVR8SaEx0gzgCIQC0+un/Hcb0OWvpvoeHKcRi7e8SZkX+vn2i ++u+KsPqlfzA== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBHjAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMzEwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAzMDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHg1qbhT ++bpV0agLQkk6di7EdwrrqIn7yCiBCfPwoDI7czY1bHwkR2E8EdrG4ZLBHHFXYNHau ++kEo9nueljxbA6MGjgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGXSqDk/Zov8a62kkXDr ++8YhtqdkTMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEA1D2Fm3D8REQtj8o4 ++ZrnDyWam0Rx6cEMsvmeoafOBUeUCIBW0IoUYmF46faRQWKN7R8wnvbjUw0bxztzy ++okUR5Pma ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEjCCAbigAwIBAgIBHzAKBggqhkjOPQQDAjAXMRUwEwYDVQQDEwxQb2xpY3kg ++Q0EgMzEwIBcNMDAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV ++BAMTDFBvbGljeSBDQSAzMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIwGMmHl ++/QJSpu6KHakSe4gkf3L+NpsrtQpxu6sNfmSjO++dGv6sj2v3+DZNeyagVUJRVHaD ++IZzpoyVVrBBO6vijgfIwge8wDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFA+f9g1sP2kM5sOT/8Ge ++IDKq5FcUMCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMHEG ++A1UdIQRqMGgwGAYKYIZIAWUDAgEwAQYKYIZIAWUDAgEwATAYBgpghkgBZQMCATAB ++BgpghkgBZQMCATACMBgGCmCGSAFlAwIBMAIGCmCGSAFlAwIBMAEwGAYKYIZIAWUD ++AgEwAgYKYIZIAWUDAgEwAjAKBggqhkjOPQQDAgNIADBFAiEAvQlbAmF3pS041Zo2 ++eHrxMO3j8thB+XqHU8RatCZ60WACIG1vUFPH7UwzTTann7Sgp4s+Gd/jLOkrJnEk ++W3De9dSX ++-----END CERTIFICATE----- +--- /dev/null ++++ b/test/recipes/80-test_policy_tree_data/small_leaf.pem +@@ -0,0 +1,11 @@ ++-----BEGIN CERTIFICATE----- ++MIIBmjCCAT+gAwIBAgIBADAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgMTAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowGjEYMBYGA1UE ++AxMPd3d3LmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAER7oh ++z+MnwilNhyEB2bZTuYBpeiwW4QlpYZU6b/8uWOldyMXCaPmaXwY60nrMznfFJX6F ++h8dC6XIzvQmjUMdSoqN4MHYwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsG ++AQUFBwMBMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPd3d3LmV4YW1wbGUuY29t ++MCUGA1UdIAQeMBwwDAYKYIZIAWUDAgEwATAMBgpghkgBZQMCATACMAoGCCqGSM49 ++BAMCA0kAMEYCIQC2km5juUULIRYsRgHuLFEiABBR0pDAyTbl9LRjlkSeEQIhAO9b ++ye60dMNbhY1OOzrr4mDRv0tuNmbGBErcFs61YZkC ++-----END CERTIFICATE----- +--- /dev/null ++++ b/test/recipes/80-test_policy_tree_data/small_policy_tree.pem +@@ -0,0 +1,70 @@ ++-----BEGIN CERTIFICATE----- ++MIICETCCAbagAwIBAgIBATAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgMjAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQu7GyNFjN6 ++Sqwk1CZAt+lzTC/Us6ZkO5nsmb8yAuPb6RJ0A2LvUbsmZea+UyBFq3VuEbbuCoeE ++KRbKkS6wefAzo4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSQkJvfn8gFHIXVTBJ4hrtP ++ypA9QTAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSQAwRgIhALn6/b3H+jLusJE5QiaS ++PiwrLcl+NDguWCnxo0c6AfduAiEApkXUN+7vRfXeFFd9CfA1BnTW3eUzBOsukZoN ++zaj+utk= ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICDzCCAbagAwIBAgIBAjAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgMzAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT+p+A+K6MI ++R3eVP/+2O7lam32HU10frEKpyQslZAabYJwkc9iq5WatMbTMPQibuOIWHFl02uJ8 ++cxGKy/Hke8P5o4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSSOt6HCXw+L/4uzJsInqqA ++XrWt8DAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDRwAwRAIgS/vh3osFy+q1MLuVnAdg ++gMINfiIJw1+3zbYsJYlNhWgCICu6Qgzee4NwIrJagcdVA0RAfnCOo6wfvikpl0ts ++EepA ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBAzAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNDAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQONHKgpAJ6 ++vE41FYBekpLzybpBQp/gUmgRPKrcL0z4lLTDjCG3j6yIbZma8u2bPM1MBXw5otZ7 ++xVFhQ1AkZIOco4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ69465BL89BXORf4sSnneU ++exkm0jAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIhAPK9PqPxgme9x6TPFh2z ++vv+qVEM2WxOTdRKOPgUYzCp9AiBl8qO3szv5jNDzb0fRIqVp37v9yBjWcgO9Wl02 ++QDCpGw== ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICETCCAbagAwIBAgIBBDAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNTAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASLrUP7BFi7 +++LE2uDVCZ2Z2HK6BpL/kjBbwKkLxlJe+LqNolzu53b8+WtHwrvPPVkD9t3KMdWXU ++K7NtHYgXUz07o4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS0kaY2oJVEBLtjkqI8pXsv ++eqm3VDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSQAwRgIhAJuTMvMUda4Y29V1Tm5O ++jCqBThR2NwdQfnET1sjch3Q7AiEA7nEudfXKMljjz608aWtafTkw5V5I2/SbuUKr ++vjprfIo= ++-----END CERTIFICATE----- ++-----BEGIN CERTIFICATE----- ++MIICEDCCAbagAwIBAgIBBTAKBggqhkjOPQQDAjAWMRQwEgYDVQQDEwtQb2xpY3kg ++Q0EgNTAgFw0wMDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowFjEUMBIGA1UE ++AxMLUG9saWN5IENBIDUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ9RuYVzUGB ++FkAEM9kHe9xynDo/NcsiaAO3+E2u7jJQQN50d6hVEDHf9961omldhKhP4HTNfhqj ++VMIHKGMhXCgKo4HyMIHvMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEF ++BQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTVrjWaVjkfMpilq5tGZ4zZ ++iJtaSDAlBgNVHSAEHjAcMAwGCmCGSAFlAwIBMAEwDAYKYIZIAWUDAgEwAjBxBgNV ++HSEEajBoMBgGCmCGSAFlAwIBMAEGCmCGSAFlAwIBMAEwGAYKYIZIAWUDAgEwAQYK ++YIZIAWUDAgEwAjAYBgpghkgBZQMCATACBgpghkgBZQMCATABMBgGCmCGSAFlAwIB ++MAIGCmCGSAFlAwIBMAIwCgYIKoZIzj0EAwIDSAAwRQIhAPVgPpACX2ylQMEMSntw ++izxKHTSPhXuF6IHhNHRz7KFnAiB8y/QcF7N2iXNZEqffWSkVted/XOw3Xrck0sJ6 ++4eXNcw== ++-----END CERTIFICATE----- diff --git a/openssl-CVE-2023-0465.patch b/openssl-CVE-2023-0465.patch new file mode 100644 index 0000000..64b1eba --- /dev/null +++ b/openssl-CVE-2023-0465.patch @@ -0,0 +1,239 @@ +From d62826121bd53b1b9f51d094729843dba36d11f1 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 7 Mar 2023 15:22:40 +0000 +Subject: [PATCH 1/5] Generate some certificates with the certificatePolicies + extension + +Related-to: CVE-2023-0465 +--- + CHANGES.md | 12 ++++++++++++ + NEWS.md | 5 +++++ + crypto/x509/x509_vfy.c | 12 ++++++++++-- + test/certs/ca-pol-cert.pem | 19 +++++++++++++++++++ + test/certs/ee-cert-policies-bad.pem | 20 ++++++++++++++++++++ + test/certs/ee-cert-policies.pem | 20 ++++++++++++++++++++ + test/certs/mkcert.sh | 9 +++++++-- + test/certs/setup.sh | 6 ++++++ + test/recipes/25-test_verify.t | 13 ++++++++++++- + 9 files changed, 111 insertions(+), 5 deletions(-) + create mode 100644 test/certs/ca-pol-cert.pem + create mode 100644 test/certs/ee-cert-policies-bad.pem + create mode 100644 test/certs/ee-cert-policies.pem + +--- a/CHANGES.md ++++ b/CHANGES.md +@@ -30,12 +30,22 @@ breaking changes, and mappings for the l + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + ++ * Fixed an issue where invalid certificate policies in leaf certificates are ++ silently ignored by OpenSSL and other certificate policy checks are skipped ++ for that certificate. A malicious CA could use this to deliberately assert ++ invalid certificate policies in order to circumvent policy checking on the ++ certificate altogether. ++ ([CVE-2023-0465]) ++ ++ *Matt Caswell* ++ + * Limited the number of nodes created in a policy tree to mitigate + against CVE-2023-0464. The default limit is set to 1000 nodes, which + should be sufficient for most installations. If required, the limit + can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build + time define to a desired maximum number of nodes or zero to allow + unlimited growth. ++ ([CVE-2023-0464]) + + *Paul Dale* + +@@ -19587,6 +19597,8 @@ ndif + + + ++[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 ++[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 + [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 + [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 +--- a/NEWS.md ++++ b/NEWS.md +@@ -20,6 +20,9 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + ++ * Fixed handling of invalid certificate policies in leaf certificates ++ ([CVE-2023-0465]) ++ * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) + * Fixed NULL dereference during PKCS7 data verification ([CVE-2023-0401]) + * Fixed X.400 address type confusion in X.509 GeneralName ([CVE-2023-0286]) + * Fixed NULL dereference validating DSA public key ([CVE-2023-0217]) +@@ -1430,6 +1433,8 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 ++[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 + [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 + [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 +--- a/crypto/x509/x509_vfy.c ++++ b/crypto/x509/x509_vfy.c +@@ -1654,15 +1654,23 @@ static int check_policy(X509_STORE_CTX * + goto memerr; + /* Invalid or inconsistent extensions */ + if (ret == X509_PCY_TREE_INVALID) { +- int i; ++ int i, cbcalled = 0; + + /* Locate certificates with bad extensions and notify callback. */ +- for (i = 1; i < sk_X509_num(ctx->chain); i++) { ++ for (i = 0; i < sk_X509_num(ctx->chain); i++) { + X509 *x = sk_X509_value(ctx->chain, i); + ++ if ((x->ex_flags & EXFLAG_INVALID_POLICY) != 0) ++ cbcalled = 1; + CB_FAIL_IF((x->ex_flags & EXFLAG_INVALID_POLICY) != 0, + ctx, x, i, X509_V_ERR_INVALID_POLICY_EXTENSION); + } ++ if (!cbcalled) { ++ /* Should not be able to get here */ ++ ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); ++ return 0; ++ } ++ /* The callback ignored the error so we return success */ + return 1; + } + if (ret == X509_PCY_TREE_FAILURE) { +--- /dev/null ++++ b/test/certs/ca-pol-cert.pem +@@ -0,0 +1,19 @@ ++-----BEGIN CERTIFICATE----- ++MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 ++IENBMCAXDTIzMDMwODEyMjMxNloYDzIxMjMwMzA5MTIyMzE2WjANMQswCQYDVQQD ++DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd ++j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz ++n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W ++l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l ++YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc ++ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9 ++CLNNsUcCAwEAAaN7MHkwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYD ++VR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8GA1UdIwQYMBaAFI71Ja8em2uE ++PXyAmslTnE1y96NSMBkGA1UdIAQSMBAwDgYMKwYBBAGBgVy8+0cBMA0GCSqGSIb3 ++DQEBCwUAA4IBAQBbE+MO9mewWIUY2kt85yhl0oZtvVxbn9K2Hty59ItwJGRNfzx7 ++Ge7KgawkvNzMOXmj6qf8TpbJnf41ZLWdRyVZBVyIwrAKIVw1VxfGh8aEifHKN97H ++unZkBPcUkAhUJSiC1BOD/euaMYqOi8QwiI702Q6q1NBY1/UKnV/ZIBLecnqfj9vZ ++7T0wKxrwGYBztP4pNcxCmBoD9Dg+Dx3ZElo0WXyO4SOh/BgrsKJHKyhbuTpjrI/g ++DhcINRp6+lIzuFBtJ67+YXnAEspb3lKMk0YL/LXrCNF2scdmNfOPwHi+OKBqt69C ++9FJyWFEMxx2qm/ENE9sbOswgJRnKkaAqHBHx ++-----END CERTIFICATE----- +--- /dev/null ++++ b/test/certs/ee-cert-policies-bad.pem +@@ -0,0 +1,20 @@ ++-----BEGIN CERTIFICATE----- ++MIIDTTCCAjWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg ++Fw0yMzAzMDgxMjIzMzJaGA8yMTIzMDMwOTEyMjMzMlowGTEXMBUGA1UEAwwOc2Vy ++dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY ++YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT ++5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l ++Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1 ++U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5 ++ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn ++iIQPYf55NB9KiR+3AgMBAAGjgakwgaYwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4H ++mCKX4XOiMB8GA1UdIwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQC ++MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4YW1w ++bGUwKQYDVR0gBCIwIDAOBgwrBgEEAYGBXLz7RwEwDgYMKwYBBAGBgVy8+0cBMA0G ++CSqGSIb3DQEBCwUAA4IBAQArwtwNO++7kStcJeMg3ekz2D/m/8UEjTA1rknBjQiQ ++P0FK7tNeRqus9i8PxthNWk+biRayvDzaGIBV7igpDBPfXemDgmW9Adc4MKyiQDfs ++YfkHi3xJKvsK2fQmyCs2InVDaKpVAkNFcgAW8nSOhGliqIxLb0EOLoLNwaktou0N ++XQHmRzY8S7aIr8K9Qo9y/+MLar+PS4h8l6FkLLkTICiFzE4/wje5S3NckAnadRJa ++QpjwM2S6NuA+tYWuOcN//r7BSpW/AZKanYWPzHMrKlqCh+9o7sthPd72+hObG9kx ++wSGdzfStNK1I1zM5LiI08WtXCvR6AfLANTo2x1AYhSxF ++-----END CERTIFICATE----- +--- /dev/null ++++ b/test/certs/ee-cert-policies.pem +@@ -0,0 +1,20 @@ ++-----BEGIN CERTIFICATE----- ++MIIDPTCCAiWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg ++Fw0yMzAzMDgxMjIzMjNaGA8yMTIzMDMwOTEyMjMyM1owGTEXMBUGA1UEAwwOc2Vy ++dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY ++YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT ++5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l ++Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1 ++U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5 ++ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn ++iIQPYf55NB9KiR+3AgMBAAGjgZkwgZYwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4H ++mCKX4XOiMB8GA1UdIwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQC ++MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4YW1w ++bGUwGQYDVR0gBBIwEDAOBgwrBgEEAYGBXLz7RwEwDQYJKoZIhvcNAQELBQADggEB ++AGbWslmAAdMX3+5ChcnFrX+NqDGoyhb3PTgWdtlQB5qtWdIt4rSxN50OcQxFTX0D ++QOBabSzR0DDKrgfBe4waL19WsdEvR9GyO4M7ASze/A3IEZue9C9k0n7Vq8zDaAZl ++CiR/Zqo9nAOuhKHMgmC/NjUlX7STv5pJVgc4SH8VEKmSRZDmNihaOalUtK5X8/Oa ++dawKxsZcaP5IKnOEPPKjtVNJxBu5CXywJHsO0GcoDEnEx1/NLdFoJ6WFw8NuTyDK ++NGLq2MHEdyKaigHQlptEs9bXyu9McJjzbx0uXj3BenRULASreccFej0L1RU6jDlk ++D3brBn24UISaFRZoB7jsjok= ++-----END CERTIFICATE----- +--- a/test/certs/mkcert.sh ++++ b/test/certs/mkcert.sh +@@ -119,11 +119,12 @@ genca() { + local OPTIND=1 + local purpose= + +- while getopts p: o ++ while getopts p:c: o + do + case $o in + p) purpose="$OPTARG";; +- *) echo "Usage: $0 genca [-p EKU] cn keyname certname cakeyname cacertname" >&2 ++ c) certpol="$OPTARG";; ++ *) echo "Usage: $0 genca [-p EKU][-c policyoid] cn keyname certname cakeyname cacertname" >&2 + return 1;; + esac + done +@@ -146,6 +147,10 @@ genca() { + if [ -n "$NC" ]; then + exts=$(printf "%s\nnameConstraints = %s\n" "$exts" "$NC") + fi ++ if [ -n "$certpol" ]; then ++ exts=$(printf "%s\ncertificatePolicies = %s\n" "$exts" "$certpol") ++ fi ++ + csr=$(req "$key" "CN = $cn") || return 1 + echo "$csr" | + cert "$cert" "$exts" -CA "${cacert}.pem" -CAkey "${cakey}.pem" \ +--- a/test/certs/setup.sh ++++ b/test/certs/setup.sh +@@ -440,3 +440,9 @@ OPENSSL_SIGALG=ED448 OPENSSL_KEYALG=ed44 + + # critical id-pkix-ocsp-no-check extension + ./mkcert.sh geneeextra server.example ee-key ee-cert-ocsp-nocheck ca-key ca-cert "1.3.6.1.5.5.7.48.1.5=critical,DER:05:00" ++ ++# certificatePolicies extension ++./mkcert.sh genca -c "1.3.6.1.4.1.16604.998855.1" "CA" ca-key ca-pol-cert root-key root-cert ++./mkcert.sh geneeextra server.example ee-key ee-cert-policies ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1" ++# We can create a cert with a duplicate policy oid - but its actually invalid! ++./mkcert.sh geneeextra server.example ee-key ee-cert-policies-bad ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1,1.3.6.1.4.1.16604.998855.1" +--- a/test/recipes/25-test_verify.t ++++ b/test/recipes/25-test_verify.t +@@ -29,7 +29,7 @@ sub verify { + run(app([@args])); + } + +-plan tests => 164; ++plan tests => 166; + + # Canonical success + ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), +@@ -516,3 +516,14 @@ SKIP: { + ok(run(app([ qw(openssl verify -trusted), $rsapluscert_file, $cert_file ])), + 'Mixed key + cert file test'); + } ++ ++# Certificate Policies ++ok(verify("ee-cert-policies", "", ["root-cert"], ["ca-pol-cert"], ++ "-policy_check", "-policy", "1.3.6.1.4.1.16604.998855.1", ++ "-explicit_policy"), ++ "Certificate policy"); ++ ++ok(!verify("ee-cert-policies-bad", "", ["root-cert"], ["ca-pol-cert"], ++ "-policy_check", "-policy", "1.3.6.1.4.1.16604.998855.1", ++ "-explicit_policy"), ++ "Bad certificate policy"); diff --git a/openssl-CVE-2023-0466.patch b/openssl-CVE-2023-0466.patch new file mode 100644 index 0000000..4efd4dd --- /dev/null +++ b/openssl-CVE-2023-0466.patch @@ -0,0 +1,81 @@ +From f079bca52e6abf58d32cc003f32a3ab3c6781f44 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 21 Mar 2023 16:15:47 +0100 +Subject: [PATCH] Fix documentation of X509_VERIFY_PARAM_add0_policy() + +The function was incorrectly documented as enabling policy checking. + +Fixes: CVE-2023-0466 +--- + CHANGES.md | 8 ++++++++ + NEWS.md | 2 ++ + doc/man3/X509_VERIFY_PARAM_set_flags.pod | 9 +++++++-- + 3 files changed, 17 insertions(+), 2 deletions(-) + +--- a/CHANGES.md ++++ b/CHANGES.md +@@ -30,6 +30,13 @@ breaking changes, and mappings for the l + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + ++ * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention ++ that it does not enable policy checking. Thanks to David Benjamin for ++ discovering this issue. ++ ([CVE-2023-0466]) ++ ++ *Tomáš Mráz* ++ + * Fixed an issue where invalid certificate policies in leaf certificates are + silently ignored by OpenSSL and other certificate policy checks are skipped + for that certificate. A malicious CA could use this to deliberately assert +@@ -19597,6 +19604,7 @@ ndif + + + ++[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 +--- a/NEWS.md ++++ b/NEWS.md +@@ -20,6 +20,7 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + ++ * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) + * Fixed handling of invalid certificate policies in leaf certificates + ([CVE-2023-0465]) + * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) +@@ -1433,6 +1434,7 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 + [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 +--- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod ++++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod +@@ -98,8 +98,9 @@ B. + X509_VERIFY_PARAM_set_time() sets the verification time in B to + B. Normally the current time is used. + +-X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled +-by default) and adds B to the acceptable policy set. ++X509_VERIFY_PARAM_add0_policy() adds B to the acceptable policy set. ++Contrary to preexisting documentation of this function it does not enable ++policy checking. + + X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled + by default) and sets the acceptable policy set to B. Any existing +@@ -400,6 +401,10 @@ The X509_VERIFY_PARAM_get_hostflags() fu + The X509_VERIFY_PARAM_get0_host(), X509_VERIFY_PARAM_get0_email(), + and X509_VERIFY_PARAM_get1_ip_asc() functions were added in OpenSSL 3.0. + ++The function X509_VERIFY_PARAM_add0_policy() was historically documented as ++enabling policy checking however the implementation has never done this. ++The documentation was changed to align with the implementation. ++ + =head1 COPYRIGHT + + Copyright 2009-2023 The OpenSSL Project Authors. All Rights Reserved. diff --git a/openssl-CVE-2023-1255.patch b/openssl-CVE-2023-1255.patch new file mode 100644 index 0000000..f45f1a5 --- /dev/null +++ b/openssl-CVE-2023-1255.patch @@ -0,0 +1,85 @@ +From 72dfe46550ee1f1bbfacd49f071419365bc23304 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Mon, 17 Apr 2023 16:51:20 +0200 +Subject: [PATCH] aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption + +Original author: Nevine Ebeid (Amazon) +Fixes: CVE-2023-1255 + +The buffer overread happens on decrypts of 4 mod 5 sizes. +Unless the memory just after the buffer is unmapped this is harmless. + +Reviewed-by: Paul Dale +Reviewed-by: Tom Cosgrove +(Merged from https://github.com/openssl/openssl/pull/20759) +--- + CHANGES.md | 10 ++++++++++ + NEWS.md | 3 +++ + crypto/aes/asm/aesv8-armx.pl | 4 +++- + 3 files changed, 16 insertions(+), 1 deletion(-) + +--- a/CHANGES.md ++++ b/CHANGES.md +@@ -30,6 +30,15 @@ breaking changes, and mappings for the l + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + ++ * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms which ++ happens if the buffer size is 4 mod 5. This can trigger a crash of an ++ application using AES-XTS decryption if the memory just after the buffer ++ being decrypted is not mapped. ++ Thanks to Anton Romanov (Amazon) for discovering the issue. ++ ([CVE-2023-1255]) ++ ++ *Nevine Ebeid* ++ + * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention + that it does not enable policy checking. Thanks to David Benjamin for + discovering this issue. +@@ -19604,6 +19613,7 @@ ndif + + + ++[CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255 + [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 +--- a/NEWS.md ++++ b/NEWS.md +@@ -20,6 +20,8 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + ++ * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms ++ ([CVE-2023-1255]) + * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) + * Fixed handling of invalid certificate policies in leaf certificates + ([CVE-2023-0465]) +@@ -1434,6 +1436,7 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++[CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255 + [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 + [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 +--- a/crypto/aes/asm/aesv8-armx.pl ++++ b/crypto/aes/asm/aesv8-armx.pl +@@ -3353,7 +3353,7 @@ $code.=<<___ if ($flavour =~ /64/); + .align 4 + .Lxts_dec_tail4x: + add $inp,$inp,#16 +- vld1.32 {$dat0},[$inp],#16 ++ tst $tailcnt,#0xf + veor $tmp1,$dat1,$tmp0 + vst1.8 {$tmp1},[$out],#16 + veor $tmp2,$dat2,$tmp2 +@@ -3362,6 +3362,8 @@ $code.=<<___ if ($flavour =~ /64/); + veor $tmp4,$dat4,$tmp4 + vst1.8 {$tmp3-$tmp4},[$out],#32 + ++ b.eq .Lxts_dec_abort ++ vld1.32 {$dat0},[$inp],#16 + b .Lxts_done + .align 4 + .Lxts_outer_dec_tail: diff --git a/openssl-CVE-2023-2650.patch b/openssl-CVE-2023-2650.patch new file mode 100644 index 0000000..6646171 --- /dev/null +++ b/openssl-CVE-2023-2650.patch @@ -0,0 +1,121 @@ +From ceeda53145a4bd32ec564d506adc7aac96ebd27c Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Fri, 12 May 2023 10:00:13 +0200 +Subject: [PATCH] Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will + translate + +OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical +numeric text form. For gigantic sub-identifiers, this would take a very +long time, the time complexity being O(n^2) where n is the size of that +sub-identifier. + +To mitigate this, a restriction on the size that OBJ_obj2txt() will +translate to canonical numeric text form is added, based on RFC 2578 +(STD 58), which says this: + +> 3.5. OBJECT IDENTIFIER values +> +> An OBJECT IDENTIFIER value is an ordered list of non-negative numbers. +> For the SMIv2, each number in the list is referred to as a sub-identifier, +> there are at most 128 sub-identifiers in a value, and each sub-identifier +> has a maximum value of 2^32-1 (4294967295 decimal). + +Fixes otc/security#96 +Fixes CVE-2023-2650 +--- + CHANGES.md | 27 +++++++++++++++++++++++++++ + NEWS.md | 4 ++++ + crypto/objects/obj_dat.c | 19 +++++++++++++++++++ + 3 files changed, 50 insertions(+) + +--- a/CHANGES.md ++++ b/CHANGES.md +@@ -30,6 +30,32 @@ breaking changes, and mappings for the l + + ### Changes between 3.0.7 and 3.0.8 [7 Feb 2023] + ++ * Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic ++ OBJECT IDENTIFIER sub-identifiers to canonical numeric text form. ++ ++ OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical ++ numeric text form. For gigantic sub-identifiers, this would take a very ++ long time, the time complexity being O(n^2) where n is the size of that ++ sub-identifier. ([CVE-2023-2650]) ++ ++ To mitigitate this, `OBJ_obj2txt()` will only translate an OBJECT ++ IDENTIFIER to canonical numeric text form if the size of that OBJECT ++ IDENTIFIER is 586 bytes or less, and fail otherwise. ++ ++ The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT ++ IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at ++ most 128 sub-identifiers, and that the maximum value that each sub- ++ identifier may have is 2^32-1 (4294967295 decimal). ++ ++ For each byte of every sub-identifier, only the 7 lower bits are part of ++ the value, so the maximum amount of bytes that an OBJECT IDENTIFIER with ++ these restrictions may occupy is 32 * 128 / 7, which is approximately 586 ++ bytes. ++ ++ Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 ++ ++ *Richard Levitte* ++ + * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms which + happens if the buffer size is 4 mod 5. This can trigger a crash of an + application using AES-XTS decryption if the memory just after the buffer +@@ -19613,6 +19639,7 @@ ndif + + + ++[CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650 + [CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255 + [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 +--- a/NEWS.md ++++ b/NEWS.md +@@ -20,6 +20,8 @@ OpenSSL 3.0 + + ### Major changes between OpenSSL 3.0.7 and OpenSSL 3.0.8 [7 Feb 2023] + ++ * Mitigate for very slow `OBJ_obj2txt()` performance with gigantic OBJECT ++ IDENTIFIER sub-identities. ([CVE-2023-2650]) + * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms + ([CVE-2023-1255]) + * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) +@@ -1436,6 +1438,8 @@ OpenSSL 0.9.x + * Support for various new platforms + + ++ ++[CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650 + [CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255 + [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 + [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 +--- a/crypto/objects/obj_dat.c ++++ b/crypto/objects/obj_dat.c +@@ -443,6 +443,25 @@ int OBJ_obj2txt(char *buf, int buf_len, + first = 1; + bl = NULL; + ++ /* ++ * RFC 2578 (STD 58) says this about OBJECT IDENTIFIERs: ++ * ++ * > 3.5. OBJECT IDENTIFIER values ++ * > ++ * > An OBJECT IDENTIFIER value is an ordered list of non-negative ++ * > numbers. For the SMIv2, each number in the list is referred to as a ++ * > sub-identifier, there are at most 128 sub-identifiers in a value, ++ * > and each sub-identifier has a maximum value of 2^32-1 (4294967295 ++ * > decimal). ++ * ++ * So a legitimate OID according to this RFC is at most (32 * 128 / 7), ++ * i.e. 586 bytes long. ++ * ++ * Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 ++ */ ++ if (len > 586) ++ goto err; ++ + while (len > 0) { + l = 0; + use_bn = 0; diff --git a/openssl-CVE-2023-2975.patch b/openssl-CVE-2023-2975.patch new file mode 100644 index 0000000..4a50973 --- /dev/null +++ b/openssl-CVE-2023-2975.patch @@ -0,0 +1,57 @@ +From 00e2f5eea29994d19293ec4e8c8775ba73678598 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 4 Jul 2023 17:30:35 +0200 +Subject: [PATCH] Do not ignore empty associated data with AES-SIV mode + +The AES-SIV mode allows for multiple associated data items +authenticated separately with any of these being 0 length. + +The provided implementation ignores such empty associated data +which is incorrect in regards to the RFC 5297 and is also +a security issue because such empty associated data then become +unauthenticated if an application expects to authenticate them. + +Fixes CVE-2023-2975 + +Reviewed-by: Matt Caswell +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/21384) + +(cherry picked from commit c426c281cfc23ab182f7d7d7a35229e7db1494d9) +--- + .../implementations/ciphers/cipher_aes_siv.c | 18 +++++++++++------- + 1 file changed, 11 insertions(+), 7 deletions(-) + +diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c +index 45010b90db..b396c8651a 100644 +--- a/providers/implementations/ciphers/cipher_aes_siv.c ++++ b/providers/implementations/ciphers/cipher_aes_siv.c +@@ -120,14 +120,18 @@ static int siv_cipher(void *vctx, unsigned char *out, size_t *outl, + if (!ossl_prov_is_running()) + return 0; + +- if (inl == 0) { +- *outl = 0; +- return 1; +- } ++ /* Ignore just empty encryption/decryption call and not AAD. */ ++ if (out != NULL) { ++ if (inl == 0) { ++ if (outl != NULL) ++ *outl = 0; ++ return 1; ++ } + +- if (outsize < inl) { +- ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); +- return 0; ++ if (outsize < inl) { ++ ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); ++ return 0; ++ } + } + + if (ctx->hw->cipher(ctx, out, in, inl) <= 0) +-- +2.34.1 + diff --git a/openssl-CVE-2023-3446-test.patch b/openssl-CVE-2023-3446-test.patch new file mode 100644 index 0000000..33fd947 --- /dev/null +++ b/openssl-CVE-2023-3446-test.patch @@ -0,0 +1,60 @@ +From 8a62fd996cb1c22383ec75b4155d54dec4a1b0ee Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Fri, 7 Jul 2023 14:39:48 +0100 +Subject: [PATCH] Add a test for CVE-2023-3446 + +Confirm that the only errors DH_check() finds with DH parameters with an +excessively long modulus is that the modulus is too large. We should not +be performing time consuming checks using that modulus. + +Reviewed-by: Paul Dale +Reviewed-by: Tom Cosgrove +Reviewed-by: Bernd Edlinger +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/21451) + +(cherry picked from commit ede782b4c8868d1f09c9cd237f82b6f35b7dba8b) +--- + test/dhtest.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/test/dhtest.c b/test/dhtest.c +index 7b587f3cfa8f..f8dd8f3aa722 100644 +--- a/test/dhtest.c ++++ b/test/dhtest.c +@@ -73,7 +73,7 @@ static int dh_test(void) + goto err1; + + /* check fails, because p is way too small */ +- if (!DH_check(dh, &i)) ++ if (!TEST_true(DH_check(dh, &i))) + goto err2; + i ^= DH_MODULUS_TOO_SMALL; + if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) +@@ -124,6 +124,17 @@ static int dh_test(void) + /* We'll have a stale error on the queue from the above test so clear it */ + ERR_clear_error(); + ++ /* Modulus of size: dh check max modulus bits + 1 */ ++ if (!TEST_true(BN_set_word(p, 1)) ++ || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS))) ++ goto err3; ++ ++ /* ++ * We expect no checks at all for an excessively large modulus ++ */ ++ if (!TEST_false(DH_check(dh, &i))) ++ goto err3; ++ + /* + * II) key generation + */ +@@ -138,7 +149,7 @@ static int dh_test(void) + goto err3; + + /* ... and check whether it is valid */ +- if (!DH_check(a, &i)) ++ if (!TEST_true(DH_check(a, &i))) + goto err3; + if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) + || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) diff --git a/openssl-CVE-2023-3446.patch b/openssl-CVE-2023-3446.patch new file mode 100644 index 0000000..7b21c31 --- /dev/null +++ b/openssl-CVE-2023-3446.patch @@ -0,0 +1,71 @@ +From 1fa20cf2f506113c761777127a38bce5068740eb Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 6 Jul 2023 16:36:35 +0100 +Subject: [PATCH] Fix DH_check() excessive time with over sized modulus + +The DH_check() function checks numerous aspects of the key or parameters +that have been supplied. Some of those checks use the supplied modulus +value even if it is excessively large. + +There is already a maximum DH modulus size (10,000 bits) over which +OpenSSL will not generate or derive keys. DH_check() will however still +perform various tests for validity on such a large modulus. We introduce a +new maximum (32,768) over which DH_check() will just fail. + +An application that calls DH_check() and supplies a key or parameters +obtained from an untrusted source could be vulnerable to a Denial of +Service attack. + +The function DH_check() is itself called by a number of other OpenSSL +functions. An application calling any of those other functions may +similarly be affected. The other functions affected by this are +DH_check_ex() and EVP_PKEY_param_check(). + +CVE-2023-3446 + +Reviewed-by: Paul Dale +Reviewed-by: Tom Cosgrove +Reviewed-by: Bernd Edlinger +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/21451) + +(cherry picked from commit 9e0094e2aa1b3428a12d5095132f133c078d3c3d) +--- + crypto/dh/dh_check.c | 6 ++++++ + include/openssl/dh.h | 6 +++++- + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c +index 0b391910d6b3..84a926998e9b 100644 +--- a/crypto/dh/dh_check.c ++++ b/crypto/dh/dh_check.c +@@ -152,6 +152,12 @@ int DH_check(const DH *dh, int *ret) + if (nid != NID_undef) + return 1; + ++ /* Don't do any checks at all with an excessively large modulus */ ++ if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) { ++ ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE); ++ return 0; ++ } ++ + if (!DH_check_params(dh, ret)) + return 0; + +diff --git a/include/openssl/dh.h b/include/openssl/dh.h +index b97871eca7fa..36420f51d89e 100644 +--- a/include/openssl/dh.h ++++ b/include/openssl/dh.h +@@ -89,7 +89,11 @@ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); + # include + + # ifndef OPENSSL_DH_MAX_MODULUS_BITS +-# define OPENSSL_DH_MAX_MODULUS_BITS 10000 ++# define OPENSSL_DH_MAX_MODULUS_BITS 10000 ++# endif ++ ++# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS ++# define OPENSSL_DH_CHECK_MAX_MODULUS_BITS 32768 + # endif + + # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 diff --git a/openssl-DEFAULT_SUSE_cipher.patch b/openssl-DEFAULT_SUSE_cipher.patch new file mode 100644 index 0000000..e26bc7a --- /dev/null +++ b/openssl-DEFAULT_SUSE_cipher.patch @@ -0,0 +1,64 @@ +Index: openssl-3.0.0-alpha7/ssl/ssl_ciph.c +=================================================================== +--- openssl-3.0.0-alpha7.orig/ssl/ssl_ciph.c ++++ openssl-3.0.0-alpha7/ssl/ssl_ciph.c +@@ -1592,7 +1592,14 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_ + */ + ok = 1; + rule_p = rule_str; +- if (strncmp(rule_str, "DEFAULT", 7) == 0) { ++ if (strncmp(rule_str,"DEFAULT_SUSE", 12) == 0) { ++ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_SUSE_CIPHER_LIST, ++ &head, &tail, ca_list, c); ++ rule_p += 12; ++ if (*rule_p == ':') ++ rule_p++; ++ } ++ else if (strncmp(rule_str, "DEFAULT", 7) == 0) { + ok = ssl_cipher_process_rulestr(OSSL_default_cipher_list(), + &head, &tail, ca_list, c); + rule_p += 7; +Index: openssl-3.0.0-alpha7/test/recipes/99-test_suse_default_ciphers.t +=================================================================== +--- /dev/null ++++ openssl-3.0.0-alpha7/test/recipes/99-test_suse_default_ciphers.t +@@ -0,0 +1,23 @@ ++#! /usr/bin/env perl ++ ++use strict; ++use warnings; ++ ++use OpenSSL::Test qw/:DEFAULT/; ++use OpenSSL::Test::Utils; ++ ++setup("test_default_ciphersuites"); ++ ++plan tests => 6; ++ ++my @cipher_suites = ("DEFAULT_SUSE", "DEFAULT"); ++ ++foreach my $cipherlist (@cipher_suites) { ++ ok(run(app(["openssl", "ciphers", "-s", $cipherlist])), ++ "openssl ciphers works with ciphersuite $cipherlist"); ++ ok(!grep(/(MD5|RC4|DES)/, run(app(["openssl", "ciphers", "-s", $cipherlist]), capture => 1)), ++ "$cipherlist shouldn't contain MD5, DES or RC4\n"); ++ ok(grep(/(TLSv1.3)/, run(app(["openssl", "ciphers", "-tls1_3", "-s", "-v", $cipherlist]), capture => 1)), ++ "$cipherlist should contain TLSv1.3 ciphers\n"); ++} ++ +Index: openssl-3.0.0-alpha7/include/openssl/ssl.h.in +=================================================================== +--- openssl-3.0.0-alpha7.orig/include/openssl/ssl.h.in ++++ openssl-3.0.0-alpha7/include/openssl/ssl.h.in +@@ -189,6 +189,11 @@ extern "C" { + */ + # ifndef OPENSSL_NO_DEPRECATED_3_0 + # define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" ++# define SSL_DEFAULT_SUSE_CIPHER_LIST "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:"\ ++ "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:"\ ++ "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:"\ ++ "DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:"\ ++ "AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA" + /* + * This is the default set of TLSv1.3 ciphersuites + * DEPRECATED IN 3.0.0, in favor of OSSL_default_ciphersuites() diff --git a/openssl-Override-default-paths-for-the-CA-directory-tree.patch b/openssl-Override-default-paths-for-the-CA-directory-tree.patch new file mode 100644 index 0000000..c0fb670 --- /dev/null +++ b/openssl-Override-default-paths-for-the-CA-directory-tree.patch @@ -0,0 +1,42 @@ +From 6790960076742a9053c624e26fbb87fcd5789e27 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Thu, 24 Sep 2020 09:17:26 +0200 +Subject: Override default paths for the CA directory tree + +Also add default section to load crypto-policies configuration +for TLS. + +It needs to be reverted before running tests. + +(was openssl-1.1.1-conf-paths.patch) +--- + apps/openssl.cnf | 20 ++++++++++++++++++-- + 2 files changed, 19 insertions(+), 3 deletions(-) + +Index: openssl-3.0.1/apps/openssl.cnf +=================================================================== +--- openssl-3.0.1.orig/apps/openssl.cnf ++++ openssl-3.0.1/apps/openssl.cnf +@@ -52,6 +52,8 @@ tsa_policy3 = 1.2.3.4.5.7 + + [openssl_init] + providers = provider_sect ++# Load default TLS policy configuration ++ssl_conf = ssl_module + + # List of providers to load + [provider_sect] +@@ -71,6 +73,13 @@ default = default_sect + [default_sect] + # activate = 1 + ++[ ssl_module ] ++ ++system_default = crypto_policy ++ ++[ crypto_policy ] ++ ++.include = /etc/crypto-policies/back-ends/opensslcnf.config + + #################################################################### + [ ca ] diff --git a/openssl-no-date.patch b/openssl-no-date.patch new file mode 100644 index 0000000..ad461cf --- /dev/null +++ b/openssl-no-date.patch @@ -0,0 +1,13 @@ +Index: openssl-1.1.1-pre1/util/mkbuildinf.pl +=================================================================== +--- openssl-1.1.1-pre1.orig/util/mkbuildinf.pl 2018-02-13 16:31:28.011389734 +0100 ++++ openssl-1.1.1-pre1/util/mkbuildinf.pl 2018-02-13 16:31:51.539764582 +0100 +@@ -28,7 +28,7 @@ print <<"END_OUTPUT"; + */ + + #define PLATFORM "platform: $platform" +-#define DATE "built on: $date" ++#define DATE "" + + /* + * Generate compiler_flags as an array of individual characters. This is a diff --git a/openssl-pkgconfig.patch b/openssl-pkgconfig.patch new file mode 100644 index 0000000..175fe30 --- /dev/null +++ b/openssl-pkgconfig.patch @@ -0,0 +1,22 @@ +Index: openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl +=================================================================== +--- openssl-1.1.1-pre3.orig/Configurations/unix-Makefile.tmpl 2018-03-20 15:20:03.037124698 +0100 ++++ openssl-1.1.1-pre3/Configurations/unix-Makefile.tmpl 2018-03-20 15:21:04.206084731 +0100 +@@ -843,7 +843,7 @@ libcrypto.pc: + echo 'Version: '$(VERSION); \ + echo 'Libs: -L$${libdir} -lcrypto'; \ + echo 'Libs.private: $(LIB_EX_LIBS)'; \ +- echo 'Cflags: -I$${includedir}' ) > libcrypto.pc ++ echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libcrypto.pc + + libssl.pc: + @ ( echo 'prefix=$(INSTALLTOP)'; \ +@@ -860,7 +860,7 @@ libssl.pc: + echo 'Version: '$(VERSION); \ + echo 'Requires.private: libcrypto'; \ + echo 'Libs: -L$${libdir} -lssl'; \ +- echo 'Cflags: -I$${includedir}' ) > libssl.pc ++ echo 'Cflags: -DOPENSSL_LOAD_CONF -I$${includedir}' ) > libssl.pc + + openssl.pc: + @ ( echo 'prefix=$(INSTALLTOP)'; \ diff --git a/openssl-ppc64-config.patch b/openssl-ppc64-config.patch new file mode 100644 index 0000000..37f1962 --- /dev/null +++ b/openssl-ppc64-config.patch @@ -0,0 +1,32 @@ +Index: openssl-3.0.0-alpha5/util/perl/OpenSSL/config.pm +=================================================================== +--- openssl-3.0.0-alpha5.orig/util/perl/OpenSSL/config.pm ++++ openssl-3.0.0-alpha5/util/perl/OpenSSL/config.pm +@@ -525,14 +525,19 @@ EOF + return { target => "linux-ppc64" } if $KERNEL_BITS eq '64'; + + my %config = (); +- if (!okrun('echo __LP64__', +- 'gcc -E -x c - 2>/dev/null', +- 'grep "^__LP64__" 2>&1 >/dev/null') ) { +- %config = ( cflags => [ '-m32' ], +- cxxflags => [ '-m32' ] ); +- } +- return { target => "linux-ppc", +- %config }; ++ # ## ++ # if (!okrun('echo __LP64__', 'gcc -E -x c - 2>/dev/null', 'grep "^__LP64__" 2>&1 >/dev/null') ) { %config = ( cflags => [ '-m32' ], cxxflags => [ '-m32' ] ); } ++ # return { target => "linux-ppc", ++ # %config }; ++ # ## ++ if (okrun('echo __LP64__', 'gcc -E -x c - 2>/dev/null', ++ 'grep "^__LP64__" 2>&1 >/dev/null') ) ++ { ++ return { target => "linux-ppc", %config }; ++ } else { ++ return { target => "linux-ppc64", %config }; ++ } ++ ## + } + ], + [ 'ppc64le-.*-linux2', { target => "linux-ppc64le" } ], diff --git a/openssl-truststore.patch b/openssl-truststore.patch new file mode 100644 index 0000000..8ccc84f --- /dev/null +++ b/openssl-truststore.patch @@ -0,0 +1,17 @@ +Don't use the legacy /etc/ssl/certs directory anymore but rather the +p11-kit generated /var/lib/ca-certificates/openssl one (fate#314991) +Index: openssl-1.1.1-pre1/include/internal/cryptlib.h +=================================================================== +--- openssl-1.1.1-pre1.orig/include/internal/cryptlib.h 2018-02-13 14:48:12.000000000 +0100 ++++ openssl-1.1.1-pre1/include/internal/cryptlib.h 2018-02-13 16:30:11.738161984 +0100 +@@ -59,8 +59,8 @@ DEFINE_LHASH_OF(MEM); + + # ifndef OPENSSL_SYS_VMS + # define X509_CERT_AREA OPENSSLDIR +-# define X509_CERT_DIR OPENSSLDIR "/certs" +-# define X509_CERT_FILE OPENSSLDIR "/cert.pem" ++# define X509_CERT_DIR "/var/lib/ca-certificates/openssl" ++# define X509_CERT_FILE "/var/lib/ca-certificates/ca-bundle.pem" + # define X509_PRIVATE_DIR OPENSSLDIR "/private" + # define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf" + # else diff --git a/openssl-use-versioned-config.patch b/openssl-use-versioned-config.patch new file mode 100644 index 0000000..828526b --- /dev/null +++ b/openssl-use-versioned-config.patch @@ -0,0 +1,127 @@ +From 300d2b56166aee85d9ce4c1275da1ad79c876e31 Mon Sep 17 00:00:00 2001 +From: Sahana Prasad +Date: Tue, 5 Oct 2021 12:10:42 +0200 +Subject: [PATCH] Updates the conf file to openssl11.cnf Resolves: + rhbz#1947584, rhbz#2003123 Signed-off-by: Sahana Prasad + +Refactored for SUSE by Simon Lees sflees@suse.de + +Index: openssl-3.0.2/include/internal/cryptlib.h +=================================================================== +--- openssl-3.0.2.orig/include/internal/cryptlib.h ++++ openssl-3.0.2/include/internal/cryptlib.h +@@ -61,7 +61,7 @@ DEFINE_STACK_OF(EX_CALLBACK) + typedef struct mem_st MEM; + DEFINE_LHASH_OF(MEM); + +-# define OPENSSL_CONF "openssl.cnf" ++# define OPENSSL_CONF "openssl3.cnf" + + # ifndef OPENSSL_SYS_VMS + # define X509_CERT_AREA OPENSSLDIR +Index: openssl-3.0.2/Configurations/unix-Makefile.tmpl +=================================================================== +--- openssl-3.0.2.orig/Configurations/unix-Makefile.tmpl ++++ openssl-3.0.2/Configurations/unix-Makefile.tmpl +@@ -675,14 +675,14 @@ install_ssldirs: + : {- output_on() if windowsdll(); "" -}; \ + fi; \ + done +- @$(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist" +- @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new +- @chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new +- @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl.cnf.dist +- @if [ ! -f "$(DESTDIR)$(OPENSSLDIR)/openssl.cnf" ]; then \ +- $(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl.cnf"; \ +- cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \ +- chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl.cnf; \ ++ @$(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.dist" ++ @cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.new ++ @chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.new ++ @mv -f $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.new $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf.dist ++ @if [ ! -f "$(DESTDIR)$(OPENSSLDIR)/openssl3.cnf" ]; then \ ++ $(ECHO) "install $(SRCDIR)/apps/openssl.cnf -> $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf"; \ ++ cp $(SRCDIR)/apps/openssl.cnf $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf; \ ++ chmod 644 $(DESTDIR)$(OPENSSLDIR)/openssl3.cnf; \ + fi + @$(ECHO) "install $(SRCDIR)/apps/ct_log_list.cnf -> $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.dist" + @cp $(SRCDIR)/apps/ct_log_list.cnf $(DESTDIR)$(OPENSSLDIR)/ct_log_list.cnf.new +@@ -1136,7 +1136,7 @@ lint: + + generate_apps: + ( cd $(SRCDIR); $(PERL) VMS/VMSify-conf.pl \ +- < apps/openssl.cnf > apps/openssl-vms.cnf ) ++ < apps/openssl3.cnf > apps/openssl-vms.cnf ) + + generate_crypto_bn: + ( cd $(SRCDIR); $(PERL) crypto/bn/bn_prime.pl > crypto/bn/bn_prime.h ) +@@ -1374,7 +1374,7 @@ tar: + + # Helper targets ##################################################### + +-link-utils: $(BLDDIR)/util/opensslwrap.sh $(BLDDIR)/apps/openssl.cnf ++link-utils: $(BLDDIR)/util/opensslwrap.sh $(BLDDIR)/apps/openssl3.cnf + + $(BLDDIR)/util/opensslwrap.sh: Makefile + @if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \ +@@ -1382,7 +1382,7 @@ $(BLDDIR)/util/opensslwrap.sh: Makefile + ln -sf "../$(SRCDIR)/util/`basename "$@"`" "$(BLDDIR)/util"; \ + fi + +-$(BLDDIR)/apps/openssl.cnf: Makefile ++$(BLDDIR)/apps/openssl3.cnf: Makefile + @if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \ + mkdir -p "$(BLDDIR)/apps"; \ + ln -sf "../$(SRCDIR)/apps/`basename "$@"`" "$(BLDDIR)/apps"; \ +Index: openssl-3.0.2/Configure +=================================================================== +--- openssl-3.0.2.orig/Configure ++++ openssl-3.0.2/Configure +@@ -56,7 +56,7 @@ EOF + # directories bin, lib, include, share/man, share/doc/openssl + # This becomes the value of INSTALLTOP in Makefile + # (Default: /usr/local) +-# --openssldir OpenSSL data area, such as openssl.cnf, certificates and keys. ++# --openssldir OpenSSL data area, such as openssl3.cnf, certificates and keys. + # If it's a relative directory, it will be added on the directory + # given with --prefix. + # This becomes the value of OPENSSLDIR in Makefile and in C. +Index: openssl-3.0.2/doc/HOWTO/certificates.txt +=================================================================== +--- openssl-3.0.2.orig/doc/HOWTO/certificates.txt ++++ openssl-3.0.2/doc/HOWTO/certificates.txt +@@ -16,7 +16,7 @@ Certificate authorities should read http + In all the cases shown below, the standard configuration file, as + compiled into openssl, will be used. You may find it in /etc/, + /usr/local/ssl/ or somewhere else. By default the file is named +-openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html. ++openssl3.cnf and is described at https://www.openssl.org/docs/apps/config.html. + You can specify a different configuration file using the + '-config {file}' argument with the commands shown below. + +Index: openssl-3.0.2/doc/man3/OPENSSL_config.pod +=================================================================== +--- openssl-3.0.2.orig/doc/man3/OPENSSL_config.pod ++++ openssl-3.0.2/doc/man3/OPENSSL_config.pod +@@ -17,7 +17,7 @@ see L: + + =head1 DESCRIPTION + +-OPENSSL_config() configures OpenSSL using the standard B and ++OPENSSL_config() configures OpenSSL using the standard B and + reads from the application section B. If B is NULL then + the default section, B, will be used. + Errors are silently ignored. +Index: openssl-3.0.2/INSTALL.md +=================================================================== +--- openssl-3.0.2.orig/INSTALL.md ++++ openssl-3.0.2/INSTALL.md +@@ -567,7 +567,7 @@ is an objective. + + ### no-autoload-config + +-Don't automatically load the default `openssl.cnf` file. ++Don't automatically load the default `openssl3.cnf` file. + + Typically OpenSSL will automatically load a system config file which configures + default SSL options. diff --git a/openssl.keyring b/openssl.keyring new file mode 100644 index 0000000..c266b3b --- /dev/null +++ b/openssl.keyring @@ -0,0 +1,94 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C +Comment: Richard Levitte +Comment: Richard Levitte +Comment: Richard Levitte + +xsFNBFQwazYBEAC01v949yFYzwbn0UkEkM3MHTrDqWbp+erhXqdVD5ymG/pXvmqx +5KlxL1TZMuWEFuaq9EVkW8Wm5glk4D14IalIVKARAMDwqgNrPnw0GCAmNIf+Omvl +G7gdsSR93eALJp1vvKZpeEVZj0M0gQ1i4QIIR8PMqs+2jaYyed4HhRYzUbGKZMnr +94Onby8FIAYq0B79VqBv5NfMc2KEKrLXwuDSjtZd2TGB7qeLF7sCczyFoi5XTj+B +iVfdxCzoYEa1Rjp5hGllVj85w2DdfKED/BW7VCel4H+WTZGqTFQ1e3kPo1KdqlwD +F+Ci2JFU6myPy0LpHrNhn6FsdQGOuRKgYPycol7VzJHKtcGNMDkUFGV2DsgljQuW +Sj5TNNX5umFCIIN94eLvHtV9bXP98yKB/5pr2JhagL6kdU7OE0c/mugA05gGQTUJ +DeLNsRq54YC+CLyM9dxMvH7yB43yMfUvgKcSRt0sHUo8g5aOYdFq0SXQUr8+t/iH +3t5/JxhqBik8FBiu0aISsTDUbvbxQQQe/LhfR+FWDZRFwHOL0VELapfw1whitGG+ +y+F9fQIJfa5yzEiC9AWYZjHRaFB7q6LAvF0V8vP+pkT157fTK63W53mt1+VPMt2L +732i+/Cqy/6HzwOdnNnNyfEdvm2Jojs8KXN20vChnfUGifvTjxuiFib9sQARAQAB +zR9SaWNoYXJkIExldml0dGUgPGxldml0dGVAbHAuc2U+wsGPBBMBAgAiBQJUMGwd +AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAhCRDV6eQ/ffnujBYhBHlTrB+8 +PcizspI5PtXp5D99+e6Mq7QP/iNhBEDJYRTrYc6JAmRIg6YyiKjeOx8kXtVCe9+q +CzC+Y9ehyZB5Dyl0Ybej9jNJdEDJzDHKzVwU4NrfefcTWqUOQDNbpClGtXcQHlUt +hjREPWpyAEH1OhD5NDTSMI5YYKZDEfiN6oEpWlc7WK0mXZuY5mHOo0B3yNDfV845 ++7CGPK9zuE56/f9SLmCaFsCkNMGbvV4ybLRoBfZdnC5NPOKyJXQ0TG0CbxGMgIN5 +cOrBphU+ZrPYY+p4jEoD5rvFugQl4+oRsvxygpJV5t8pe1ihNMhmzu3CpRtMjmRA +dzK+27Z8p7m8BORuoC+NbXVpcmjIueXDkYdxP+09qUyw8xE398tAuEXpbCVoQ68b +6NDCBpowgvUu34zxDn0wKdt2YGHB6z7Kl7b8RycWG3Y8u/Hs+l6QehEmiy6UKXl7 +zW3PIi3192WzElUi7TtG/btqC6YPs0U3SQMkNWzwkjbKM9bC4gPFMK05a8QENc66 +M+USWjNg0TiAkGP9PDlpYyhtjicCTgL51lDm8LBXr9cbzvXav7Jc6NVh7Zby89r1 +DsPFzfDkccOX6nSnqYMISmvRUGrGfgrkeeM0MNu93aPTrs+0fxq+HJIZEhX/YCyQ +N4jqM+hQGh9bOwM7BacaP9F9vnq2hDK2WIXlWChX9Q70xArViJqzI8/76Ph1inPb +jbJczSVSaWNoYXJkIExldml0dGUgPGxldml0dGVAb3BlbnNzbC5vcmc+wsGPBBMB +AgAiBQJUMGwKAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAhCRDV6eQ/ffnu +jBYhBHlTrB+8PcizspI5PtXp5D99+e6M1bAP/0byoJMiMsswapbBypQCT/vQmaoX +jZzNcU4qAKlB5EMlHkxl1T8ytEXxmNMd/e0ltV9HALeBqX1eYHS7oTG3rMXKuYVY +TO19eM2wLiCW664EUtOsB9zAnpp6X+8UWMoNEpWlEHgkdlADQ0xIrrH3pt29SAbd +x0QsvwkWPawEoKMoUiGPnVY4hAt7Xx9gDmWEa2T6tExd9soBBTIuIpTH3MbAEHsv +nBbdyarNltGF/pXYGMmGaYmU0WujqKzqpBpy3zwd0Rx1Kms5e0ZcypVzqx3Xgcue +W8fbMPTZbG+Z922GUFDJ139WjAA2FsMJ9ES7XIIoJh/4nfBwk+PXcj29TieDnl2r +d4x7Yxnqp4Vzau+IARz9Vr1OIFVlQbaSdXfmDFi/fvVf9CJZnWwcSwkqp4pk50Zy +nEA+8TzEQj08jdj0+yrJNvbRxqbIafzSmoU77bANs4gc0WOdTTpvv4honUQROARp +G/JT47hE7ATVGNdF7bmWNEyEYFtZMdGP0xD+K0xEgsir65aruVixVrNKxOX9wqx6 +JGzHTSTgtAVYAvMIsWJTLuCXZbMRmmmmubfyVaMAisz5UIYD+TCPncuJ1dMUW9WI +uLNFGLTRGHri01EWe2epaHZWA0WB0cQZaeGpc7C986WskDi9SA9ZzCIGW4oQIBQX +lRJjjYxIBCnjxtUWzSVSaWNoYXJkIExldml0dGUgPHJpY2hhcmRAbGV2aXR0ZS5v +cmc+wsGSBBMBAgAlAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCVDBtJgIZ +AQAhCRDV6eQ/ffnujBYhBHlTrB+8PcizspI5PtXp5D99+e6MmN0P/AmpB8DasBnj +h9fAlBM8kEZ23MHVdEguPWX8KBML4L6eVlWRn7hdfpvOS90Ll5LTdtWPAQs8lDYh +4V86hIYgLK9tisZyby+5NT4dEl6CXgHbRjdDbp0xKfGc5F9jWzPZpG8ZdDz6Zbvd +ooy/4ThXNS16HcsJRckan6oFjCNAWSNpXDYcLtA7+9ncimrC/C+kGYlyPWJGYZu1 +C3I+oL3+qWwiqAG9hp/zedsIsNP7o24wb0SgD0dTzphmOAPwTRfGS2DHhpbAH9P6 +MZPiFBRGsARRRFfTRGkzI9W1M4bv9l/L8s6STpjD8+40f+aUE8cyUcNj1ycyRGFA +nwf5MeO3MqzvjocoUyoZNc4t7/6rh6sceFjgMt/DFFZbi3kvz9cJBcaN6TWWktd4 ++1WmLxwcF0n3xaB04KCvXTaBZ5f/Hz5D4O8HyYsS6GlW6yIUiuAOvav8WizaTMbY +k81XfXBuBKv7Vxk0fRYf9+HJ7fyWyIlIN9FqrSiiopA3JR+8gP8ueFcycmLnl2D9 +fyZn/sv+UCLrMR6fyD/5EtzgzW0AJ8BDJw5n7ctmZ6UhuasDZZMPC2uB9LVhpQ8W +3mDDxJoaYe5bE2p0ca+mwEHZQpbpjmtT/2x5rGFZYxBUOhuGn/94zEYSqLLDirlF +IEUgucXLOLQHyEl+kEkCLEmSbn71WsM8wsGPBBMBAgAiBQJUMGs2AhsDBgsJCAcD +AgYVCAIJCgsEFgIDAQIeAQIXgAAhCRDV6eQ/ffnujBYhBHlTrB+8PcizspI5PtXp +5D99+e6MbdMP/1yj/fl/t8sl6ZH8v26uBBLSUeZPJYef9TCoe6akV//x4JLujB8y +dGGW8bToC680zpuYlNn+avMwmjyocPwe7Cqgev6AyO+CjspoodM9Xai0y10CAHCl +vGAW8mX7c79jtLcMB/Z/0+5u4ErkzfwyURRpB5deLcQ4LhyRVZbLQ72fdCrmPYzO +e6Rhmfr9nWKL/oHDTLDUtRjAXdurI8YQKK9nCtbsM2uytvYkzpD2wx0B16rB7N04 +QLJBNDyOUJwnm4K+Xt9LLs8NUJ8JXCdwXKXGrFFbt2b3vmy0y4/NR5AUoS444ao5 +1mybA19WkCcCj5mSKmfZ9Dfbv6K3JCJx4ra5uJT2HP2M3NugtumQ1KPBUlNApVC6 +u+Vn7SMqFW/KFRCxOjXDWWU+F4prqzOVc5SYqIUOk7XVxgj1FBryw5Wel5iq1Bn8 +La1Fv3Hs/+pUKHRYYIC48kRET7h6oCmBiNn+XmU0A2qZnIyblmVpmfYftj3UWUC0 +S86qf/dRi8unTXYl8qEQyOSPz8g6t2RDgEsJOzKhiO+j+wcBYVOgrSgsawC8yxjA +zfVwkprUJognVBJFCv4sKMb9wg99iEacI6O401w3FQy5FyokjmxXzrhn0UPj3t35 +wd81WZ5HWaBSLnBo8HklfDyaybPlXODldSI7OGOch/0/CZEQzQwzsmnazsFNBFQw +azYBEADPNcBdaXTUwkG81K9NRKsKGVZ1coVRxkOx2+VD2THTY45sBx9MGmQsmSpj +U45kx/wO5KiTVj+bM+scSzwNgERqLiyf/2hgOIDYaoyKSfAfIVCmm5pSa2Ad01RV +9qT3i0eSSpa1Kpx8eAHKcVsDsWb2ZCd8/MI9778cCjrCbPI4o9zEVK+fjtmYKtdk +HsEoMSVU6Jy86E908OLaJbOeo1a7bSKs4tU8zGWAX+ddY5Cb+w3cHQb4QheDWZHM +el8ZcEgTah7huS6lUA4seQnTKXHmkIZ+uNtB3gFMKso/6GoOGZnUTk8dPY3POLY1 +nbMQ/dEvMQpFxLCOBNQP0lhO4DGP0KuwLXzq2XAxrylX5tY0bNmZKLTjhi4CbKAt +c/+iwMUkQQXJRw7Vlp9Fp9ogOvzx/YlMaZQZZixg5uN2b4UD5cWliHn4Aq7DkTzQ +Je31m7sezA3cLnFR86ol2X77y79n0GRjGsMa+b+e9NRWNKs28JiCPF3ya31Kk+3+ +sjauCZQW3KYx31Il5bO3ulLHOtxhSkCUHx5sJ81NJIhZFr+7yAel/ECCiT9KbVbh +ddJBHsd7GNkwzb1QivcqnYiBW9QzXkQ+xAKHfS7YM5ooYcg6G7jw89/W0xznnGiz +5JTjMkj1s9cppQ8tdqiV4Uemvx/96Nr5F7n++UJZ7Oval9/zswARAQABwsF2BBgB +AgAJBQJUMGs2AhsMACEJENXp5D99+e6MFiEEeVOsH7w9yLOykjk+1enkP3357ozr +2A//YzMQJ6Mo+/SU328dOeoseI/sFypuK882pPhXfJqX8l8H1zyHbKWy5lLLiv1M +oNOC/8pWbpv2QlWyN3PKrB6srClnpPyiHIO37/lQBcpjvAfy9HWpl21FDxn9Ruxn +a/IMYwq60EjE5h8NynNn57vydF3qTcTqkhtHW61L3vbBAcz9VMSay9QVm1f6qzM5 +WbbLxp1sfNjQWKSo381kjs1Vj7yCTBrJul3qSeX0CsRB7WF5VYMalpNTHPRIqCWp +zTMcO3E5SSGIJy+AqwAZZvFiylGrSsux6TnVEVJ07s0nn1yj3q7Ii7av+waGmTf7 +9B0AyZv0IZ4j4NUWFNnGhsG1bEumFLkQl7Id/M61k0yKOusHdzDcZbCzecyww1w3 +WD+j4wvGkfBy4mQRqLiyjutsN/dpxRRkULATME+TH9J5eNq0A5sRRaayEiA1TDcA +WfF0PtA4smNy1GyIarobC+xn8AENi4eeYZBbfDfh8oRhEsICQ6rs098wiYz8jtZ/ +pOruzbiD7ZKDy+vjKtYqgjGnioHQalJCZrKTUnREpH102pg1Cw6v2OcjiXsqU5L7 +Yrhv1jQIluII051VIJ/QBWe5uT7YiJOsMLMQGWvkObPXEYLld2UF6hK6MH4epkwV +/w1uNqnlvIeEFgHTKmSHvfwlAF64lUiDCUdWExXybKkE2NY= +=1H60 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/showciphers.c b/showciphers.c new file mode 100644 index 0000000..8ef9b8a --- /dev/null +++ b/showciphers.c @@ -0,0 +1,27 @@ +#include +#include + +int main() { + SSL_CTX *ctx = NULL; + SSL *ssl = NULL; + STACK_OF(SSL_CIPHER) *sk = NULL; + const SSL_METHOD *meth = TLS_server_method(); + int i; + const char *p; + + ctx = SSL_CTX_new(meth); + if (ctx == NULL) + return 1; + ssl = SSL_new(ctx); + if (ssl == NULL) + return 1; + sk = SSL_get_ciphers(ssl); + for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { + const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i); + p = SSL_CIPHER_get_name(c); + if (p == NULL) + break; + printf("%s\n", p); + } + return 0; +}