openssl-x509.pod.in: fix description of certificate serial number storage

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)

(cherry picked from commit aa73b7d352c383e415d4d7567b79ce074c6762cd)

APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial.

Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)

(cherry picked from commit ec8a3409487c871b440fa52bff7c3ef33378494a)

apps/x509: Fix -CAfile option being neglected with -new or -in

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)

(cherry picked from commit 10c7887330bb6ca136cd16fe081639f4462a072e)

Add an EVP demo for CMAC

Fixes openssl#14110

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18778)

(cherry picked from commit cdf0a5c46032ba4c39d93a7bec52494b4808830f)

Check for EVP_MD being NULL inside ssl.

Fix multiple places that could potentially segfault if memory
allocations fail. e.g. ssl_load_ciphers() could fail while calling
ssl_evp_md_fetch().

Found by #18355

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18784)

(cherry picked from commit b740012f77aed97cb4b3cd8a4f1fb2f668542795)

speed: Always reset the outlen when calling EVP_PKEY_derive

Fixes #18768

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18777)

(cherry picked from commit ab8d56d05b773e499c86be874fd3f11f5950213c)

Pre-declare all core dispatch table functions, and fix the internal ones

When assigning pointers to functions in an OSSL_DISPATCH table, we try
to ensure that those functions are properly defined or declared with
an extra declaration using the corresponding function typedefs that
are defined by include/openssl/core_dispatch.h.

For the core dispatch table, found in crypto/provider_core.c, it seems
we forgot this habit, and thus didn't ensure well enough that the
function pointers that are assigned in the table can actually be used
for those dispatch table indexes.

This change adds all the missing declarations, and compensates for
differences with functions that do the necessary casting, making those
explicit rather than implicit, thereby trying to assure that we know
what we're doing.

One function is not fixed in this change, because there's a controversy,
a clash between the signature of BIO_ctrl() and OSSL_FUNC_BIO_ctrl_fn.
They have different return types.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18198)

(cherry picked from commit 9574842e90e29015daa2b071e965cec9aa885c17)

add a check for the return of OBJ_new_nid()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18773)

(cherry picked from commit a0ff8e413e94ba46720a4bf3a5032c50531c526c)

ci: add GitHub token permissions for workflows

Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18766)

(cherry picked from commit c6e7f427c82dfa17416a39af7661c40162d57aaf)

OSSL_trace_set_channel.pod and openssl.pod: fix missing/inconsistent category items

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18763)

x509_vfy.c: Revert the core of #14094 regarding chain_build() error reporting

The problem of producing to-the-point diagnostics will be fixed in a follow-up PR.
Fixes #18691

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18758)

(cherry picked from commit 1f00dc4f8c0ef0101368de2adf22495e5e295114)

test/certs/setup.sh: add missing comment on CA cert variant without basic constraints

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18758)

(cherry picked from commit a148a9b4f49b0c456d45a39c0d63a52405aa5ea9)

Fix memory leak in EVP_PKEY_get1_encoded_public_key.

Occurs if a failure happens after the malloc call in the second call to
EVP_PKEY_get_octet_string_param().

Detected by PR #18355

Some calling code assumes that nothing is allocated in the returned
pointer if there was a failure. Other calling code always trys freeing.
The third case is in ecdh_cms_encrypt() where it does not check the
return value. I am assuming this change is ok since the legacy path in
EVP_PKEY_get1_encoded_public_key() also does not return the pointer on
failure.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18739)

(cherry picked from commit 4e9a4997c540e64647d4e1708a1dbda51fb59a68)

http_client.c: fix calculation of Content-Length in set1_content()

Work around an inconsistency in the implementations of BIO_CTRL_INFO.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18701)

(cherry picked from commit 243465fd556837402bff52b7bf3d59420b68a02e)

apps/cmp.c: fix cleanup of CMP_CTX vs. APP_HTTP_TLS_INFO in its http_cb_arg field

Prevent crashes on error by making sure the info is freed after OSSL_CMP_CTX_free(),
which may call OSSL_HTTP_close() and thus indirectly reference the info.
Moreover, should not attempt to reference the cmp_ctx variable when NULL.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18702)

(cherry picked from commit 8c094747d78bb8627e9ca5241fed0550a3de2fdb)

cmp_http.c: extend comment in keep_alive()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18702)

(cherry picked from commit 93d9d6097685dc29e654db15c091c550aef16d5b)

Fix memory leak in X509V3_add1_i2d when flag is X509V3_ADD_DELETE

Fixes #18677

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18698)

(cherry picked from commit 4798e0680b112993815098ca21d7d68ff31ebc6e)

use #pragma comment(lib) with _MSC_VER only

Avoid this warning when compiled with llvm/gcc + mingw-w64 and
`USE_BCRYPTGENRANDOM` enabled:

```
../providers/implementations/rands/seeding/rand_win.c:31:11: warning: unknown pragma ignored [-Wunknown-pragmas]
          ^
1 warning generated.
```

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18709)

(cherry picked from commit 695cb63c744bab090144a86949b68324ee3094d6)

feat: add hmac-sm3 test cases from GM/T 0042-2015 Appendix D.3

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18714)

(cherry picked from commit 0648ec1c35a54fb2b7ead34a215691fe9e38516d)

Fix SHA, SHAKE, and KECCAK ASM flag passing

Flags for ASM implementations of SHA, SHAKE, and KECCAK were only passed to
the FIPS provider and not to the default or legacy provider.  This left some
potential for optimization.  Pass the correct flags also to these providers.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18747)

(cherry picked from commit a8b238f0e4c1198935e066ef19579ca694253286)

Make evp_test skip mac tests if digest or ciphers are disabled.

Fixes test error in #18714
This only happens currently during minimal builds.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18737)

(cherry picked from commit c8a016cac44d5402df3106f46c9725aa1b480e40)

Add an EVP demo for HMAC

Fixes openssl#14109

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18752)

(cherry picked from commit e269d8af79de7b0dcc1b72687eed340cc3822a9e)

ssl/tls_srp.c: Add check for BN_dup

As the potential failure of the BN_dup,
it should be better to check the return value
in order to guarantee the success.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18699)

(cherry picked from commit 12e488367d34657a5c0e1bc322e66c48463d2a0c)

NEWS.md: Drop an extra empty line causing mdlint failure

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18740)

Fix reported performance degradation on aarch64

This restores the implementation prior to
commit 2621751 ("aes/asm/aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode")
for 64bit targets only, since it is reportedly 2-17% slower,
and the silicon errata only affects 32bit targets.
Only for 32bit targets the new algorithm is used.

Fixes #18445

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18581)

(cherry picked from commit 65523758e546fcef0f930e5f8878ef51d174dbc8)

Windows: use the basename of the product (.dll) for definition files

This resolves the faulty LIBRARY value that contained the directory
of the product (.dll) in the build tree.  This applies to engines and
other modules alike.

Fixes #18726

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18732)

(cherry picked from commit 5cc9ab5cf51137daf6d2d57718f56316dcb62744)

Updated information for OSSL_SIGNATURE_PARAM_PSS_SALTLEN
Fixes #18066

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18736)

(cherry picked from commit d104c6ff7499b0638c82557ce94e284b00f74627)

Fixes OSCP->OCSP typo in ocsp command line

The existing help text says:

>  -badsig                 Corrupt last byte of loaded OSCP response signature (for test)

but this should be OCSP. This is the only occurrence within the project
of this typo.

CLA: trivial

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18684)

(cherry picked from commit 2837b19fcba4bf4ff2ecdc8435c650bf18c27552)

http_client.c: fix comment and documentation of the memory BIOs used

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)

(cherry picked from commit 7d5019c15af8f88443a7edddd4b150a7dafeda5d)

OSSL_HTTP_REQ_CTX_nbio(): fix copy&paste glitch calling BIO_should_retry(rctx-rbio)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)

(cherry picked from commit 059a4ad0999dd6dbd7340b5e4f7566812d51bb1e)

OSSL_HTTP_open(): improve use of use_ssl and its documentation

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)

(cherry picked from commit 35750cb9af007702dad92d62da57200fdf9ddaf4)

app_http_tls_cb(): fix crash on inconsistency w.r.t. use of TLS

This happens if use_ssl is not set but an SSL_CTX is provided.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)

(cherry picked from commit 96e13a1679872d879683346c1e09ca227f77efb0)

openssl-cmds.pod.in: add missing entry for cmp

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18653)

(cherry picked from commit 33478aedafaff1f414cabd67fb30970c41996f5c)

Fix typos in SSL_CTX_use_certificate.pod file

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18087)

(cherry picked from commit a97931955da72c39287a860155ffe071a3125f9f)

Add missing header for memcmp

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18719)

(cherry picked from commit f9e578e720bb35228948564192adbe3bc503d5fb)

Prepare for 3.0.6

Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes

Prepare for release of 3.0.5

Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes

make update

Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes

Update copyright year

Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes

Update CHANGES and NEWS for upcoming release 3.0.5

Reviewed-by: Paul Dale <pauli@openssl.org>
Release: yes

AES OCB test vectors

Add test vectors for AES OCB for x86 AES-NI multiple of 96 byte issue.

Co-authored-by: Alejandro Sedeño <asedeno@google.com>
Co-authored-by: David Benjamin <davidben@google.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit 2f19ab18a29cf9c82cdd68bc8c7e5be5061b19be)

Fix AES OCB encrypt/decrypt for x86 AES-NI

aesni_ocb_encrypt and aesni_ocb_decrypt operate by having a fast-path
that performs operations on 6 16-byte blocks concurrently (the
"grandloop") and then proceeds to handle the "short" tail (which can
be anywhere from 0 to 5 blocks) that remain.

As part of initialization, the assembly initializes $len to the true
length, less 96 bytes and converts it to a pointer so that the $inp
can be compared to it. Each iteration of "grandloop" checks to see if
there's a full 96-byte chunk to process, and if so, continues. Once
this has been exhausted, it falls through to "short", which handles
the remaining zero to five blocks.

Unfortunately, the jump at the end of "grandloop" had a fencepost
error, doing a `jb` ("jump below") rather than `jbe` (jump below or
equal). This should be `jbe`, as $inp is pointing to the *end* of the
chunk currently being handled. If $inp == $len, that means that
there's a whole 96-byte chunk waiting to be handled. If $inp > $len,
then there's 5 or fewer 16-byte blocks left to be handled, and the
fall-through is intended.

The net effect of `jb` instead of `jbe` is that the last 16-byte block
of the last 96-byte chunk was completely omitted. The contents of
`out` in this position were never written to. Additionally, since
those bytes were never processed, the authentication tag generated is
also incorrect.

The same fencepost error, and identical logic, exists in both
aesni_ocb_encrypt and aesni_ocb_decrypt.

This addresses CVE-2022-2097.

Co-authored-by: Alejandro Sedeño <asedeno@google.com>
Co-authored-by: David Benjamin <davidben@google.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit 6ebf6d51596f51d23ccbc17930778d104a57d99c)

Fix bn_gcd code to check return value when calling BN_one()

BN_one() uses the expand function which calls malloc which may fail.
All other places that reference BN_one() check the return value.

The issue is triggered by a memory allocation failure.
Detected by PR #18355

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18697)

(cherry picked from commit 7fe7cc57af3db1e497877f0329ba17609b2efc8b)

v3_sxnet: add a check for the return of i2s_ASN1_INTEGER()

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/18608)

(cherry picked from commit 9ef1f848a646565d4dd86e56542cf921d4921ad9)

Avoid crashing if CONF_modules_unload() is called after OPENSSL_cleanup()

Although this is basically an incorrect API call it was not crashing
before and it might happen inadvertently if CONF_modules_unload()
is called from a destructor for example.

Fixes #18669

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18673)

(cherry picked from commit d840f07bcdfc3910de5aa327a245866a67f94799)

APPS: dsaparam, gendsa: Support setting properties

The -provider and -propquery options did not work on dsaparam and
gendsa. Fix this and add tests that check that operations that are not
supported by the FIPS provider work when run with

| -provider default -propquery '?fips!=yes'

See also https://bugzilla.redhat.com/show_bug.cgi?id=2094956, where this
was initially reported.

Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18576)

(cherry picked from commit 30b2c3592e8511b60d44f93eb657a1ecb3662c08)

Coverity: fix 1506297: negative returns

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18587)

(cherry picked from commit 3ee2611677e7e9f90e270f3ee4f343c9d3d86835)

Coverity: fix 1506298: negative returns

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18587)

(cherry picked from commit be54ad88a67d2fba3b4fd51bef0fe7db0c01b99a)

Documentation update for EVP_set_default_properties

Explicitly state that it is not thread safe.
Fixes #18613

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18678)

(cherry picked from commit 5c535e4692a5a4f2ec7691de4efc6290193a0882)

fix Coverity 1506709: error handling

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18679)

(cherry picked from commit f80cdee7c1eee93d13c7dcbeda32dfca3e1e4059)

Remove redundant check for `saltlen > UINT32_MAX`

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18671)

(cherry picked from commit 05e51bc79bac45e194dd6f0bf73c99ed5ca06272)

Fix memory leak in cmp_calc_protection()

Triggered by a  memory allocation failure.
Detected by PR #18355

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18670)

Avoid using union wrt. SystemTimeToFileTime

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18660)

(cherry picked from commit 8eca6864e080c9b8197fec81cd6f327be43bb14c)

Avoid using union wrt. optlen parameter for getsockopt

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18660)

(cherry picked from commit 8e949b35d396005d63f3a2c944c36a1c94e41019)

kdf objects missing a return if malloc fails.

I have searched through all references of ERR_R_MALLOC_FAILURE for any
other instances..

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18638)

(cherry picked from commit 7260709e9ef155c8b3fccaa32e8ba496a3059905)

SSL_get_current_cipher() and SSL_get_pending_cipher() return 'const SSL_CIPHER *'

Fix the documentation.

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18599)

(cherry picked from commit d842b6eff0940b6ce337536cb718a8d561290f50)

Add test for try_key_ref() fallback handling

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)

(cherry picked from commit dca637f50cf71372c46a9cf6022ad4eb9970ab7f)

Add missing documentation of OSSL_FUNC_store_export_object()

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)

(cherry picked from commit 13941d438458068d4150c5899f6bbc0add393cc4)

Correct doubled OSSL_OSSL when documenting OSSL_FUNC_.._fn

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)

(cherry picked from commit 13b47155ba425ffd0683e1bff30f746c96a19049)

store_result: Add fallback for fetching the keymgmt from the provider of the store

Fixes #17531

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17554)

(cherry picked from commit 4cfcc7e1213d39c78852a614894ebcd2e2be095c)

crypto/provider_core.c: Avoid calling unlock two times

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18641)

(cherry picked from commit 61f510600e2c7cdee6e61f8b7075fb0e939eb179)

Allocate EVP_PBE_CTL with OPENSSL_zalloc.

Fixes openssl#18598.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18666)

(cherry picked from commit 3211266aa23253ce8af2b98c4fd94a12a4afa7e4)

Fix range_should_be_prefix() to actually return the correct result

range_should_be_prefix() was misidentifying whether an IP address range
should in fact be represented as a prefix. This was due to a bug introduced
in commit 42d7d7dd which made this incorrect change:

-    OPENSSL_assert(memcmp(min, max, length) <= 0);
+    if (memcmp(min, max, length) <= 0)
+        return -1;

This error leads to incorrect DER being encoded/accepted.

Reported by Theo Buehler (@botovq)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18524)

(cherry picked from commit 30532e59f475e0066c030693e4d614311a9e0cae)

fuzz/asn1.c: Add check for ASN1_item_i2d

As the potential failure of the ASN1_item_i2d,
it should be better to check the return value.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18647)

(cherry picked from commit 1cb35ce06a968dc82e7cd9502ecce8e89eca9580)

Fix memory leak in ossl_rsa_fromdata.

Occurs if a malloc failure happens inside collect_numbers()

Reported via #18365

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18646)

(cherry picked from commit 28adea95975c3ea53fc590efda35dee13efd4767)

Add a test for an all 0 RSA key

Testing a key with all values set to 0.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18651)

(cherry picked from commit 995eccb611431a4857cac3283e2442c01109d428)

The rsa_validate_keypair_multiprime() function return is not boolean

A -ve return value from this function indicates an error which we should
treat as a failure to validate.

Fixes #18538

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18651)

(cherry picked from commit 518f1ee81d5a6910365ef404888d0e119a87fd81)

Improve checks for invalid saltlen in DER writer.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)

(cherry picked from commit 08f876d0dea184b071a5aded4c55317e5a63c80e)

der_writer: Use uint32_t instead of long.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)

(cherry picked from commit 59196250cb45ecd128d2f8bbc47de612167606d3)

Add checks for saltlen and trailerfield to rsa key writer.

Fixes openssl#18168.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)

(cherry picked from commit 48320997b49b07b5abadec89c7fbe5d5f3d41da4)

Fix a memory leak in EC_GROUP_new_from_ecparameters

This can be reproduced with my error injection patch.

The test vector has been validated on the 1.1.1 branch
but the issue is of course identical in all branches.

$ ERROR_INJECT=1656112173 ../util/shlib_wrap.sh ./x509-test ./corpora/x509/fe543a8d7e09109a9a08114323eefec802ad79e2
    #0 0x7fb61945eeba in __sanitizer_print_stack_trace ../../../../gcc-trunk/libsanitizer/asan/asan_stack.cpp:87
    #1 0x402f84 in my_malloc fuzz/test-corpus.c:114
    #2 0x7fb619092430 in CRYPTO_zalloc crypto/mem.c:230
    #3 0x7fb618ef7561 in bn_expand_internal crypto/bn/bn_lib.c:280
    #4 0x7fb618ef7561 in bn_expand2 crypto/bn/bn_lib.c:304
    #5 0x7fb618ef819d in BN_bin2bn crypto/bn/bn_lib.c:454
    #6 0x7fb618e7aa13 in asn1_string_to_bn crypto/asn1/a_int.c:503
    #7 0x7fb618e7aa13 in ASN1_INTEGER_to_BN crypto/asn1/a_int.c:559
    #8 0x7fb618fd8e79 in EC_GROUP_new_from_ecparameters crypto/ec/ec_asn1.c:814
    #9 0x7fb618fd98e8 in EC_GROUP_new_from_ecpkparameters crypto/ec/ec_asn1.c:935
    #10 0x7fb618fd9aec in d2i_ECPKParameters crypto/ec/ec_asn1.c:966
    #11 0x7fb618fdace9 in d2i_ECParameters crypto/ec/ec_asn1.c:1184
    #12 0x7fb618fd1fc7 in eckey_type2param crypto/ec/ec_ameth.c:119
    #13 0x7fb618fd57b4 in eckey_pub_decode crypto/ec/ec_ameth.c:165
    #14 0x7fb6191a9c62 in x509_pubkey_decode crypto/x509/x_pubkey.c:124
    #15 0x7fb6191a9e42 in pubkey_cb crypto/x509/x_pubkey.c:46
    #16 0x7fb618eac032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432
    #17 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
    #18 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
    #19 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
    #20 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
    #21 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
    #22 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
    #23 0x7fb618eadd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124
    #24 0x7fb618eade35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114
    #25 0x40310c in FuzzerTestOneInput fuzz/x509.c:33
    #26 0x402afb in testfile fuzz/test-corpus.c:182
    #27 0x402656 in main fuzz/test-corpus.c:226
    #28 0x7fb618551f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #29 0x402756  (/home/ed/OPC/openssl/fuzz/x509-test+0x402756)

=================================================================
==12221==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x7fb61945309f in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fb619092430 in CRYPTO_zalloc crypto/mem.c:230
    #2 0x7fb618ef5f11 in BN_new crypto/bn/bn_lib.c:246
    #3 0x7fb618ef82f4 in BN_bin2bn crypto/bn/bn_lib.c:440
    #4 0x7fb618fd8933 in EC_GROUP_new_from_ecparameters crypto/ec/ec_asn1.c:618
    #5 0x7fb618fd98e8 in EC_GROUP_new_from_ecpkparameters crypto/ec/ec_asn1.c:935
    #6 0x7fb618fd9aec in d2i_ECPKParameters crypto/ec/ec_asn1.c:966
    #7 0x7fb618fdace9 in d2i_ECParameters crypto/ec/ec_asn1.c:1184
    #8 0x7fb618fd1fc7 in eckey_type2param crypto/ec/ec_ameth.c:119
    #9 0x7fb618fd57b4 in eckey_pub_decode crypto/ec/ec_ameth.c:165
    #10 0x7fb6191a9c62 in x509_pubkey_decode crypto/x509/x_pubkey.c:124
    #11 0x7fb6191a9e42 in pubkey_cb crypto/x509/x_pubkey.c:46
    #12 0x7fb618eac032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432
    #13 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
    #14 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
    #15 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
    #16 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
    #17 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
    #18 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
    #19 0x7fb618eadd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124
    #20 0x7fb618eade35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114
    #21 0x40310c in FuzzerTestOneInput fuzz/x509.c:33
    #22 0x402afb in testfile fuzz/test-corpus.c:182
    #23 0x402656 in main fuzz/test-corpus.c:226
    #24 0x7fb618551f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 56 byte(s) in 1 object(s) allocated from:
    #0 0x7fb61945309f in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fb619092430 in CRYPTO_zalloc crypto/mem.c:230
    #2 0x7fb618ef7561 in bn_expand_internal crypto/bn/bn_lib.c:280
    #3 0x7fb618ef7561 in bn_expand2 crypto/bn/bn_lib.c:304
    #4 0x7fb618ef819d in BN_bin2bn crypto/bn/bn_lib.c:454
    #5 0x7fb618fd8933 in EC_GROUP_new_from_ecparameters crypto/ec/ec_asn1.c:618
    #6 0x7fb618fd98e8 in EC_GROUP_new_from_ecpkparameters crypto/ec/ec_asn1.c:935
    #7 0x7fb618fd9aec in d2i_ECPKParameters crypto/ec/ec_asn1.c:966
    #8 0x7fb618fdace9 in d2i_ECParameters crypto/ec/ec_asn1.c:1184
    #9 0x7fb618fd1fc7 in eckey_type2param crypto/ec/ec_ameth.c:119
    #10 0x7fb618fd57b4 in eckey_pub_decode crypto/ec/ec_ameth.c:165
    #11 0x7fb6191a9c62 in x509_pubkey_decode crypto/x509/x_pubkey.c:124
    #12 0x7fb6191a9e42 in pubkey_cb crypto/x509/x_pubkey.c:46
    #13 0x7fb618eac032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432
    #14 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
    #15 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
    #16 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
    #17 0x7fb618eacaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643
    #18 0x7fb618ead288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518
    #19 0x7fb618eab9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382
    #20 0x7fb618eadd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124
    #21 0x7fb618eade35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114
    #22 0x40310c in FuzzerTestOneInput fuzz/x509.c:33
    #23 0x402afb in testfile fuzz/test-corpus.c:182
    #24 0x402656 in main fuzz/test-corpus.c:226
    #25 0x7fb618551f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

SUMMARY: AddressSanitizer: 80 byte(s) leaked in 2 allocation(s).

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18633)

(cherry picked from commit be50862e72d96e599f1111bbb69f41b5af651c97)

Added documentation for PEM_X509_INFO_read() and PEM_X509_INFO_read_bio()

Fixes #18342
Fixes <propq> to I<propq>
Updated copyright year

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18623)

(cherry picked from commit 9454423bf1eac4c75e70ff4fd67456e4cfb05a92)

Update fips source checksums to drop the unwanted headers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18630)

Avoid including decoder/encoder/store headers into fips module

Fixes #18618

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18630)

Fix compile issues in test/v3ext.c with no-rfc3779

There are no ASIdentifiers if OPENSSL_NO_RFC3779 is defined,
therefore the test cannot be compiled.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18634)

(cherry picked from commit b76efe61ea9710a8f69e1cb8caf1aeb2ba6f1ebe)

Add a CI workflow for no-rfc3779

Currently this configurations seem to be failing.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18634)

(cherry picked from commit a09adac311975afcb5ad099b2e1cfc7eb1e72865)

Test whether decoded-from-explicit survives import/export

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18629)

The flag "decoded-from-explicit" must be imp/exportable

Otherwise the information that the EC group was imported from
explicit parameters is lost when the key is moved across providers.

Fixes #18600

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18629)

put_str: Use memcpy instead of strncpy

This fixes a warning from latest gcc.

There is no point in using strncpy here as we
intentionally copy only the string contents without
the terminating NUL. The len is set from strlen().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18628)

Fix the checks of X509_LOOKUP_* functions

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18400)

(cherry picked from commit e22ea36fa8296b402348da8f5ab5e258be8402cf)

Fix the checks of X509_REVOKED_add1_ext_i2d

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18400)

(cherry picked from commit c540a82767954a616934ba6caa6ddc736502c574)

crypto/http/http_client.c: Add the check for OPENSSL_strdup

As the potential failure of the OPENSSL_strdup(), it should
be better to check the return value and return error if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18624)

(cherry picked from commit 816d6e578ccc4d8ae41de77e3069762d03079d18)

rsa: fix bn_reduce_once_in_place call for rsaz_mod_exp_avx512_x2

bn_reduce_once_in_place expects the number of BN_ULONG, but factor_size
is moduli bit size.

Fixes #18625.

Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18626)

(cherry picked from commit 4d8a88c134df634ba610ff8db1eb8478ac5fd345)

test/v3nametest.c: Add check for OPENSSL_malloc

As the potential failure of the OPENSSL_malloc(),
it should be better to add the check and return
error if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18573)

(cherry picked from commit b147b9daf17744d529f23b5da40397a6071a88aa)

test/evp_test.c: Add check for OPENSSL_strdup

As the potential failure of the OPENSSL_strdup(),
it should be better to check the return value and
return error if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18592)

(cherry picked from commit 5203a8dfdc209f05c7dbd9c1e5208743fcaa6752)

Improve diagnostics on setting groups

- If keymgmmt is not available, it's not an error but the error message
  persists in stack
- when setting groups, it's worth saying which group is not available
Fixes #18585

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18591)

(cherry picked from commit ce8822b7e5f4fdf836677faee336a5cf996d4363)

apps/s_server.c: Add check for OPENSSL_strdup

As the potential failure of the OPENSSL_strdup(),
it should be better to check the return value and
return error if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18595)

(cherry picked from commit a6a2dd9f60b3f3e93de1337ee84f9e8f33bc86a8)

crypto/x509/by_store.c: Add check for OPENSSL_strdup

As the potential failure of the OPENSSL_strdup(),
it should be better to check the return value and
return error if fails.

Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18593)

(cherry picked from commit e163969d3580e5b797fcebde0d3000302912ef18)

Prepare for 3.0.5

Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

Prepare for release of 3.0.4

Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

make update

Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

Use --release in dev/release.sh

Fixes #18243.
Fixes #18242.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18305)

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

Update CHANGES.md and NEWS.md for new release

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes

c_rehash: Drop the issuer_name_hash= prefix from the CRL hash

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Fix file operations in c_rehash.

CVE-2022-2068

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

providers/implementations/exchange/kdf_exch.c: fix unavailable SIZE_MAX

SIZE_MAX is used in a recent fix of this file, but without including
internal/numbers.h, so that macro ends up not existing on some platforms,
resulting in build failures.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18605)

Clarify use of EGD for HPNS in rand/rand_egd.c comments.

Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18565)

Fix documentation of BIO_FLAGS_BASE64_NO_NL

Commit 8bfb7506d210841f2ee4eda8afe96441a0e33fa5 updated
`BIO_f_base64(3)` to improve the documentation of the
`BIO_FLAGS_BASE64_NO_NL` flag.  In particular, the updated text
states that when this flag is used, all newlines in the input are
ignored.  This is incorrect, as the following program proves:

```c

unsigned char *in_buf =
    "IlRoZSBxdWljayBicm93biBmb3gganVt\ncHMgb3ZlciBhIGxhenkgZG9nLiI=\n";

int main(int argc, char **argv) {
    BIO *b64 = BIO_new(BIO_f_base64());
    if (b64 == NULL) return 1;
    BIO_set_flags(b64, BIO_get_flags(b64) | BIO_FLAGS_BASE64_NO_NL);
    int in_len = strlen(in_buf);
    BIO *in = BIO_new_mem_buf(in_buf, in_len);
    if (in == NULL) return 2;
    in = BIO_push(b64, in);
    unsigned char *out_buf = calloc(in_len, sizeof(unsigned char));
    if (out_buf == NULL) return 3;
    size_t out_len;
    int r = BIO_read_ex(in, out_buf, in_len, &out_len);
    printf("rv = %d\n", r);
    printf("decoded = %s\n", out_buf);
    return 0;
}
```

Update the text of `BIO_f_base64(3)` to clarify that when the flag
is set, the data must be all on one line (with or without a trailing
newline character).

Signed-off-by: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18568)

(cherry picked from commit 0edcbacca99ab2b716da395f204610fc2775ea83)

Have set_dateopt() return 1 on success to make -dateopt work

Fixes #18553

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18554)