From c95361b22536568c09ca784633cba86139d6dbe0 Mon Sep 17 00:00:00 2001 From: Aaron Li Date: Thu, 5 Dec 2024 11:02:08 +0800 Subject: [PATCH] Update openssl to v3.0.14 Signed-off-by: Aaron Li --- README.md | 2 +- os_stub/openssllib/openssl | 2 +- .../openssllib/openssl_gen/openssl/opensslv.h | 8 ++++---- .../openssllib/openssl_gen/prov/ciphercommon.h | 16 +++++++++------- .../openssl_gen/prov/ciphercommon_aead.h | 7 ++++++- os_stub/openssllib/version.txt | 2 +- 6 files changed, 22 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index eaa2c2c1517..46814076c66 100644 --- a/README.md +++ b/README.md @@ -169,7 +169,7 @@ For other architectures, refer to [build](https://github.com/DMTF/libspdm/blob/m 1) [Mbed TLS](https://tls.mbed.org) as cryptography library. Version 3.6.2. -2) [OpenSSL](https://www.openssl.org) as cryptography library. Version 3.0.9. +2) [OpenSSL](https://www.openssl.org) as cryptography library. Version 3.0.14. ### Unit Test framework diff --git a/os_stub/openssllib/openssl b/os_stub/openssllib/openssl index de90e54bbe8..9cff14fd978 160000 --- a/os_stub/openssllib/openssl +++ b/os_stub/openssllib/openssl @@ -1 +1 @@ -Subproject commit de90e54bbe82e5be4fb9608b6f5c308bb837d355 +Subproject commit 9cff14fd97814baf8a9a07d8447960a64d616ada diff --git a/os_stub/openssllib/openssl_gen/openssl/opensslv.h b/os_stub/openssllib/openssl_gen/openssl/opensslv.h index 9340a01afda..f7000b5f4af 100644 --- a/os_stub/openssllib/openssl_gen/openssl/opensslv.h +++ b/os_stub/openssllib/openssl_gen/openssl/opensslv.h @@ -74,21 +74,21 @@ extern "C" { * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and * OPENSSL_VERSION_BUILD_METADATA_STR appended. */ -# define OPENSSL_VERSION_STR "3.0.9" -# define OPENSSL_FULL_VERSION_STR "3.0.9" +# define OPENSSL_VERSION_STR "3.0.14" +# define OPENSSL_FULL_VERSION_STR "3.0.14" /* * SECTION 3: ADDITIONAL METADATA * * These strings are defined separately to allow them to be parsable. */ -# define OPENSSL_RELEASE_DATE "30 May 2023" +# define OPENSSL_RELEASE_DATE "4 Jun 2024" /* * SECTION 4: BACKWARD COMPATIBILITY */ -# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.9 30 May 2023" +# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.14 4 Jun 2024" /* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */ # ifdef OPENSSL_VERSION_PRE_RELEASE diff --git a/os_stub/openssllib/openssl_gen/prov/ciphercommon.h b/os_stub/openssllib/openssl_gen/prov/ciphercommon.h index 1c8127b0956..32565f40205 100644 --- a/os_stub/openssllib/openssl_gen/prov/ciphercommon.h +++ b/os_stub/openssllib/openssl_gen/prov/ciphercommon.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -42,6 +42,13 @@ typedef int (PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out, #define PROV_CIPHER_FLAG_INVERSE_CIPHER 0x0200 struct prov_cipher_ctx_st { + /* place buffer at the beginning for memory alignment */ + /* The original value of the iv */ + unsigned char oiv[GENERIC_BLOCK_SIZE]; + /* Buffer of partial blocks processed via update calls */ + unsigned char buf[GENERIC_BLOCK_SIZE]; + unsigned char iv[GENERIC_BLOCK_SIZE]; + block128_f block; union { cbc128_f cbc; @@ -58,6 +65,7 @@ struct prov_cipher_ctx_st { unsigned int pad : 1; /* Whether padding should be used or not */ unsigned int enc : 1; /* Set to 1 for encrypt, or 0 otherwise */ unsigned int iv_set : 1; /* Set when the iv is copied to the iv/oiv buffers */ + unsigned int key_set : 1; /* Set when key is set on the context */ unsigned int updated : 1; /* Set to 1 during update for one shot ciphers */ unsigned int variable_keylength : 1; unsigned int inverse_cipher : 1; /* set to 1 to use inverse cipher */ @@ -82,12 +90,6 @@ struct prov_cipher_ctx_st { * manage partial blocks themselves. */ unsigned int num; - - /* The original value of the iv */ - unsigned char oiv[GENERIC_BLOCK_SIZE]; - /* Buffer of partial blocks processed via update calls */ - unsigned char buf[GENERIC_BLOCK_SIZE]; - unsigned char iv[GENERIC_BLOCK_SIZE]; const PROV_CIPHER_HW *hw; /* hardware specific functions */ const void *ks; /* Pointer to algorithm specific key data */ OSSL_LIB_CTX *libctx; diff --git a/os_stub/openssllib/openssl_gen/prov/ciphercommon_aead.h b/os_stub/openssllib/openssl_gen/prov/ciphercommon_aead.h index 5b37d94f1fa..7ce9a5b3cb6 100644 --- a/os_stub/openssllib/openssl_gen/prov/ciphercommon_aead.h +++ b/os_stub/openssllib/openssl_gen/prov/ciphercommon_aead.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -23,9 +23,14 @@ static void * alg##kbits##lc##_newctx(void *provctx) \ { \ return alg##_##lc##_newctx(provctx, kbits); \ } \ +static void * alg##kbits##lc##_dupctx(void *src) \ +{ \ + return alg##_##lc##_dupctx(src); \ +} \ const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##kbits##lc##_dupctx }, \ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_##lc##_einit }, \ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_##lc##_dinit }, \ { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_##lc##_stream_update }, \ diff --git a/os_stub/openssllib/version.txt b/os_stub/openssllib/version.txt index 0783e3a402a..e1abc06847e 100644 --- a/os_stub/openssllib/version.txt +++ b/os_stub/openssllib/version.txt @@ -1 +1 @@ -openssl-3.0.9 \ No newline at end of file +openssl-3.0.14 \ No newline at end of file