Tomas Mraz [Tue, 26 Apr 2022 10:40:24 +0000 (12:40 +0200)]
c_rehash: Do not use shell to invoke openssl
Except on VMS where it is safe.
This fixes CVE-2022-1292.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Fri, 15 Apr 2022 09:22:59 +0000 (10:22 +0100)]
Fix the RC4-MD5 cipher
A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS
AAD data as the MAC key.
CVE-2022-1434
Fixes #18112
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Wed, 13 Apr 2022 15:47:35 +0000 (16:47 +0100)]
Test ocsp with invalid responses and the "-no_cert_checks" option
The "-no_cert_checks" option causes the flag OCSP_NOCHECKS to be set.
The bug fixed in the previous commit will cause the ocsp app to respond with
a success result in the case when the OCSP response signing certificate
fails to verify and -no_cert_checks is used - so we test that it fails in
this case.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Wed, 13 Apr 2022 15:36:54 +0000 (16:36 +0100)]
Fix OCSP_basic_verify signer certificate validation
The function `OCSP_basic_verify` validates the signer certificate on an OCSP
response. The internal function, ocsp_verify_signer, is responsible for this
and is expected to return a 0 value in the event of a failure to verify.
Unfortunately, due to a bug, it actually returns with a postive success
response in this case. In the normal course of events OCSP_basic_verify
will then continue and will fail anyway in the ocsp_check_issuer function
because the supplied "chain" value will be empty in the case that
ocsp_verify_signer failed to verify the chain. This will cause
OCSP_basic_verify to return with a negative result (fatal error). Normally
in the event of a failure to verify it should return with 0.
However, in the case of the OCSP_NOCHECKS flag being used, OCSP_basic_verify
will return with a positvie result. This could lead to callers trusting an
OCSP Basic response when it should not be.
CVE-2022-1343
Fixes #18053
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Daniel Hu [Mon, 7 Feb 2022 10:17:06 +0000 (10:17 +0000)]
Acceleration of chacha20 on aarch64 by SVE
This patch accelerates chacha20 on aarch64 when Scalable Vector Extension
(SVE) is supported by CPU. Tested on modern micro-architecture with
256-bit SVE, it has the potential to improve performance up to 20%
The solution takes a hybrid approach. SVE will handle multi-blocks that fit
the SVE vector length, with Neon/Scalar to process any tail data
Test result:
With SVE
type 1024 bytes 8192 bytes 16384 bytes
ChaCha20
1596208.13k
1650010.79k
1653151.06k
Without SVE (by Neon/Scalar)
type 1024 bytes 8192 bytes 16384 bytes
chacha20
1355487.91k
1372678.83k
1372662.44k
The assembly code has been reviewed internally by
ARM engineer Fangming.Fang@arm.com
Signed-off-by: Daniel Hu <Daniel.Hu@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17916)
Jonathan Swinney [Wed, 27 Oct 2021 16:50:30 +0000 (16:50 +0000)]
md5: add assembly implementation for aarch64
This change improves md5 performance significantly by using a hand-optimized
assembly implementation of the inner loop of md5 calculation. The instructions
are carefully ordered to separate data dependencies as much as possible.
Test with:
$ openssl speed md5
AWS Graviton 2
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
md5 46990.60k 132778.65k 270376.96k 364718.08k 405962.75k 409201.32k
md5-modified 51725.23k 152236.22k 323469.14k 453869.57k 514102.61k 519056.04k
+10% +15% +20% +24% +27% +27%
Apple M1
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
md5 74634.39k 195561.25k 375434.45k 491004.23k 532361.40k 536636.48k
md5-modified 84637.11k 229017.09k 444609.62k 588069.50k 655114.24k 660850.56k
+13% +17% +18% +20% +23% +23%
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16928)
Dmitry Belyavskiy [Fri, 29 Apr 2022 12:22:24 +0000 (14:22 +0200)]
Improving locale test
Fixes #18205
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18211)
Tomas Mraz [Thu, 28 Apr 2022 15:04:05 +0000 (17:04 +0200)]
fix_dh_paramgen_type: Avoid crash with invalid paramgen type
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18202)
Tomas Mraz [Wed, 13 Apr 2022 14:26:18 +0000 (16:26 +0200)]
evp_md_init_internal: Avoid reallocating algctx if digest unchanged
Fixes #16947
Also refactor out algctx freeing into a separate function.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18105)
Dr. David von Oheimb [Thu, 28 Apr 2022 13:35:13 +0000 (15:35 +0200)]
http_client.c: check expected content type only if HTTP status code is 200 (OK)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18204)
Dmitry Belyavskiy [Fri, 22 Apr 2022 17:26:08 +0000 (19:26 +0200)]
Testing the EVP_PKEY_CTX_new_from_name without preliminary init
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18199)
Dmitry Belyavskiy [Fri, 22 Apr 2022 16:16:56 +0000 (18:16 +0200)]
Ensure we initialized the locale before evp_pkey_name2type
Fixes #18158
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18199)
Richard Levitte [Tue, 26 Apr 2022 09:04:49 +0000 (11:04 +0200)]
Fix memleak in test/provider_test.c
This memory leak is triggered when configuring with 'no-legacy'
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18179)
yavtuk [Mon, 11 Apr 2022 20:40:59 +0000 (23:40 +0300)]
Prefer .inst rather than .long for probe instructions in arm64cpuid.pl
Fixes an issue disassembling the functions because the symtab contains
an attribute indicating the presence of data within them.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18086)
Tomas Mraz [Thu, 21 Apr 2022 15:33:26 +0000 (17:33 +0200)]
poly1305: Properly copy the whole context on dup
Also reset the updated flag when Poly1305_Init is called.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18143)
Jan Engelhardt [Mon, 25 Apr 2022 08:51:00 +0000 (10:51 +0200)]
doc: replace "symmetric cipher" phrase in EVP_MD manpages
CLA: trivial
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18169)
Jon Spillett [Thu, 21 Apr 2022 06:49:04 +0000 (16:49 +1000)]
Prefer GNU library initialization mechanism over platform one
If GNU toolchain is used, use the __attribute__((constructor))
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18147)
Tomas Mraz [Thu, 21 Apr 2022 15:13:44 +0000 (17:13 +0200)]
Test that SipHash_Final() fails on uninited context
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
Tomas Mraz [Thu, 21 Apr 2022 15:09:14 +0000 (17:09 +0200)]
siphash: Properly set mac size in sipcopy
Also fully duplicate the context on dup
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
Tomas Mraz [Thu, 21 Apr 2022 15:07:40 +0000 (17:07 +0200)]
siphash: Fail finalization on uninitialized siphash context
Fixes #18140
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
Mathias Berchtold [Sat, 23 Apr 2022 00:26:18 +0000 (19:26 -0500)]
Move ossl_deinit_casecmp to the end of OPENSSL_cleanup()
Calls like evp_cleanup_int() depend on OPENSSL_strcasecmp().
Fixes https://github.com/openssl/openssl/issues/18160
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18161)
EasySec [Sun, 24 Apr 2022 16:57:39 +0000 (18:57 +0200)]
pem_password_cb(3): References to other man pages
Refer to OSSL_ENCODER_to_bio and OSSL_DECODER_from_bio man pages.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18164)
zhouzilong [Mon, 25 Apr 2022 06:40:24 +0000 (14:40 +0800)]
Clear unused variables in X509_print_ex()
CLA: trivial
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18167)
Jon Spillett [Thu, 21 Apr 2022 02:08:16 +0000 (12:08 +1000)]
Use .s extension for ia64 assembler
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18136)
Hugo Landau [Thu, 21 Apr 2022 15:10:33 +0000 (16:10 +0100)]
Fix bug in OPENSSL_LH_flush
Fixes #18139.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18141)
Hugo Landau [Fri, 22 Apr 2022 13:17:44 +0000 (14:17 +0100)]
Add support for new release commit review requirement bypass
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18155)
Tomas Mraz [Thu, 21 Apr 2022 10:44:18 +0000 (12:44 +0200)]
Add Tomas Mraz key to release key fingerprints
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18138)
Kirill A. Korinsky [Thu, 7 Apr 2022 13:07:37 +0000 (15:07 +0200)]
Never use `__atomic_*` on macOS 10.7 and 10.8
macOS 10.7 and 10.8 had a bit wired clang which is detected as
`__GNUC__` which has `__ATOMIC_ACQ_REL` but it excepts one option at
`__atomic_is_lock_free` instead of 2.
This prevents OpenSSL to be compiled on such systems.
Fixes: #18055
Signed-off-by: Kirill A. Korinsky <kirill@korins.ky>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18056)
Dmitry Belyavskiy [Tue, 12 Apr 2022 10:35:25 +0000 (12:35 +0200)]
Minimal test checking we can get public key in Turkish locale
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18069)
Dmitry Belyavskiy [Wed, 13 Apr 2022 10:33:21 +0000 (12:33 +0200)]
FIPS provider modifications
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18069)
Dmitry Belyavskiy [Tue, 12 Apr 2022 10:30:08 +0000 (12:30 +0200)]
str[n]casecmp => OPENSSL_strncasecmp
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18069)
Dmitry Belyavskiy [Wed, 13 Apr 2022 10:32:14 +0000 (12:32 +0200)]
Public API functions OPENSSL_str[n]casecmp
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18069)
Tom Cosgrove [Fri, 15 Apr 2022 17:43:49 +0000 (18:43 +0100)]
Fix gcc 6.3 builds of aarch64 BSAES
gcc6.3 doesn't seem to support the register aliases fp and lr for x29 and x30,
so use the x names.
Fixes #18114
Change-Id: I077edda42af4c7cdb7b24f28ac82d1603f550108
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18127)
Daniel Fiala [Mon, 28 Mar 2022 12:53:08 +0000 (12:53 +0000)]
Clear incorrectly reported errors in cms_io.
Fixes openssl#17841.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18109)
Zhou Qingyang [Wed, 6 Apr 2022 16:48:09 +0000 (00:48 +0800)]
Fix a possible NULL pointer dereference in create_cert_store()
In create_cert_store(), X509_STORE_new() is called and there is a
dereference of it in following function X509_STORE_add_lookup()
without check, which could lead to NULL pointer dereference.
Fix this by adding a NULL check of X509_STORE_new()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18057)
Zhou Qingyang [Mon, 11 Apr 2022 16:25:26 +0000 (00:25 +0800)]
Fix wild pointer dereference in make_ocsp_response()
The function OCSP_basic_add1_status() will return NULL on malloc failure.
However the return value is not checked before being passed to
OCSP_SINGLERESP_add1_ext_i2d(), and there is a wild field pointer,
which could lead to wild pointer dereference.
Fix this by adding return value check
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18081)
EasySec [Sat, 16 Apr 2022 21:39:38 +0000 (23:39 +0200)]
Fix small typo in X509v3_get_ext_by_NID() man page
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18124)
Daniel Fiala [Mon, 11 Apr 2022 19:58:31 +0000 (21:58 +0200)]
Do a prelimary check for numbers in openssl prime command.
Fixes openssl#16241.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18092)
Tomas Mraz [Tue, 12 Apr 2022 15:58:23 +0000 (17:58 +0200)]
Avoid undefined behavior of provided macs on EVP_MAC reinitialization
When the context is reinitialized, i.e. the same key should be used
we must properly reinitialize the underlying implementation.
However in POLY1305 case it does not make sense as this special MAC
should not reuse keys. We fail with this provided implementation
when reinitialization happens.
Fixes #17811
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18100)
Tomas Mraz [Tue, 12 Apr 2022 14:35:56 +0000 (16:35 +0200)]
evp_test: Try computing MACs twice with reinitialization of EVP_MAC_CTX
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18100)
EasySec [Wed, 13 Apr 2022 11:02:44 +0000 (13:02 +0200)]
doc: Clarify that calling SSL_set_session(ssl, NULL) is a correct use case.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18101)
cuishuang [Sat, 2 Apr 2022 09:49:54 +0000 (17:49 +0800)]
fix some typos
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18023)
Bernd Edlinger [Mon, 11 Apr 2022 08:12:48 +0000 (10:12 +0200)]
Fix an assertion in the DTLS server code
This fixes an internal error alert from the server and
an unexpected connection failure in the release version,
but a failed assertion and a server crash in the
debug version.
Reproduce this issue with a DTLS server/client like that:
./openssl s_server -dtls -mtu 1500
./openssl s_client -dtls -maxfraglen 512
In the debug version a crash happens in the Server now:
./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ssl/statem/statem_dtls.c:269: OpenSSL internal error: Assertion failed: len == written
Aborted (core dumped)
While in the release version the handshake exceeds the
negotiated max fragment size, and fails because of this:
$ ./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ERROR
4057152ADA7F0000:error:
0A0000C2:SSL routines:do_dtls1_write:exceeds max fragment size:ssl/record/rec_layer_d1.c:826:
shutting down SSL
CONNECTION CLOSED
From the client's point of view the connection fails
with an Internal Error Alert:
$ ./openssl s_client -dtls -maxfraglen 512
Connecting to ::1
CONNECTED(
00000003)
40B76343377F0000:error:
0A000438:SSL routines:dtls1_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_d1.c:613:SSL alert number 80
and now the connection attempt fails unexpectedly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18093)
Tomas Mraz [Thu, 31 Mar 2022 09:01:33 +0000 (11:01 +0200)]
Add error code for unsupported explicit parameters
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)
Tomas Mraz [Wed, 30 Mar 2022 15:00:01 +0000 (17:00 +0200)]
endecode_test: Handle expected failures for non-fips ec keys
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)
Tomas Mraz [Mon, 28 Mar 2022 16:14:47 +0000 (18:14 +0200)]
Import only named params into FIPS module
Fixes #17978
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17998)
tangyiqun [Tue, 12 Apr 2022 08:07:17 +0000 (16:07 +0800)]
Check the return of EVP_KDF_fetch()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18096)
bobwirka [Sun, 12 Dec 2021 19:53:13 +0000 (14:53 -0500)]
Added Simple SSL Echo Client/Server to demos.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17260)
Matt Caswell [Mon, 24 Jan 2022 16:59:30 +0000 (16:59 +0000)]
Add an initial QUIC Technical requirements document
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17577)
Zhou Qingyang [Sun, 10 Apr 2022 18:05:19 +0000 (02:05 +0800)]
Add return value check of X509V3_add_value() in X509V3_parse_list()
X509V3_add_value() will return 0 on malloc failure, which could lead to
err logic in X509V3_parse_list().
Fix this by adding return value check of X509V3_add_value().
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18077)
Juergen Christ [Wed, 26 Jan 2022 10:48:44 +0000 (11:48 +0100)]
s390: Add new machine generation
Allow to specify "z16" as machine generation in environment variable
OPENSSL_s390xcap. It is an alias for "z15".
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18054)
Daniel Fiala [Mon, 4 Apr 2022 17:41:32 +0000 (19:41 +0200)]
SSL_conf_cmd: Allow DH Parameters at any position.
Fixes openssl#17326.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18041)
Daniel Hu [Mon, 14 Feb 2022 14:36:34 +0000 (14:36 +0000)]
SM4 optimization for ARM by ASIMD
This patch optimizes SM4 for ARM processor using ASIMD instruction
It will improve performance if both of following conditions are met:
1) Input data equal to or more than 4 blocks
2) Cipher mode allows parallelism, including ECB,CTR,GCM or CBC decryption
This patch implements SM4 SBOX lookup in vector registers, with the
benefit of constant processing time over existing C implementation.
It is only enabled for micro-architecture N1/V1. In the ideal scenario,
performance can reach up to 2.7X
When either of above two conditions is not met, e.g. single block input
or CFB/OFB mode, CBC encryption, performance could drop about 50%.
The assembly code has been reviewed internally by ARM engineer
Fangming.Fang@arm.com
Signed-off-by: Daniel Hu <Daniel.Hu@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17951)
Todd Short [Fri, 1 Apr 2022 14:54:45 +0000 (10:54 -0400)]
Fix -no-tls1_2 in tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18019)
Tomas Mraz [Wed, 30 Mar 2022 14:04:55 +0000 (16:04 +0200)]
Add test for openssl ecparam with fips and base providers
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
Tomas Mraz [Mon, 28 Mar 2022 16:09:18 +0000 (18:09 +0200)]
ec_export: Other parameters are exportable with domain parameters
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
Tomas Mraz [Wed, 6 Apr 2022 08:29:54 +0000 (10:29 +0200)]
Add test for resetting SM2 dist ID
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)
Tomas Mraz [Wed, 6 Apr 2022 08:03:22 +0000 (10:03 +0200)]
sm2: Allow setting 0 length SM2 dist ID param
Fixes #18022
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18052)
yuanjungong [Thu, 7 Apr 2022 04:35:59 +0000 (12:35 +0800)]
Crypto/evp: Fix null pointer dereference
Check the return value of EVP_KDF_fetch to avoid a potential
null pointer dereference.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18062)
Pauli [Thu, 31 Mar 2022 21:06:17 +0000 (08:06 +1100)]
kdf: avoid NULL dereference on malloc failure in sshkdf
Fixes #18009
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18011)
Hugo Landau [Mon, 4 Apr 2022 12:45:44 +0000 (13:45 +0100)]
Document {SSL|SSL_CTX}_set_{purpose|trust}()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18037)
Hugo Landau [Mon, 4 Apr 2022 12:44:31 +0000 (13:44 +0100)]
Document SSL_CTX_get_ssl_method
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18037)
Tomas Mraz [Tue, 5 Apr 2022 14:43:45 +0000 (16:43 +0200)]
test_fipsinstall: Fallback to config(FIPSKEY) for the FIPSKEY
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18048)
Hugo Landau [Mon, 4 Apr 2022 11:25:16 +0000 (12:25 +0100)]
Fix failure to check result of bn_rshift_fixed_top
Fixes #18010.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18034)
Hugo Landau [Mon, 4 Apr 2022 13:36:20 +0000 (14:36 +0100)]
Add SSL_(CTX_)?get0_(verify|chain)_cert_store functions
Currently we do not have any way to retrieve these values once set.
Fixes #18035.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18038)
Hugo Landau [Mon, 4 Apr 2022 08:23:18 +0000 (09:23 +0100)]
Remove unused libctx functions (runonce, onfree)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18031)
Daiki Ueno [Sun, 10 Oct 2021 07:14:06 +0000 (09:14 +0200)]
KTLS: Enable KTLS for receiving as well in TLS 1.3
This removes a guard condition that prevents KTLS being enabled for
receiving in TLS 1.3. Use the correct sequence number and BIO for
receive vs transmit offload.
Co-authored-by: John Baldwin <jhb@FreeBSD.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
Daiki Ueno [Sun, 10 Oct 2021 06:54:07 +0000 (08:54 +0200)]
KTLS: Handle TLS 1.3 in ssl3_get_record.
- Don't unpad records, check the outer record type, or extract the
inner record type from TLS 1.3 records handled by the kernel. KTLS
performs all of these steps and returns the inner record type in the
TLS header.
- When checking the length of a received TLS 1.3 record don't allow
for the extra byte for the nested record type when KTLS is used.
- Pass a pointer to the record type in the TLS header to the
SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old
pointer pointed to the last byte of payload rather than the record
type. For the non-KTLS case, the TLS header has been updated with
the inner type before this callback is invoked.
Co-authored-by: John Baldwin <jhb@FreeBSD.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
John Baldwin [Tue, 8 Mar 2022 00:55:18 +0000 (16:55 -0800)]
KTLS: Add using_ktls helper variable in ssl3_get_record().
When KTLS receive is enabled, pending data may still be present due to
read ahead. This data must still be processed the same as records
received without KTLS. To ease readability (especially in
consideration of additional checks which will be added for TLS 1.3),
add a helper variable 'using_ktls' that is true when the KTLS receive
path is being used to receive a record.
Co-authored-by: Dmitry Podgorny <pasis.ua@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
John Baldwin [Thu, 24 Feb 2022 18:12:07 +0000 (10:12 -0800)]
KTLS: Check for unprocessed receive records in ktls_configure_crypto.
KTLS implementations currently assume that the start of the in-kernel
socket buffer is aligned with the start of a TLS record for the
receive side. The socket option to enable KTLS specifies the TLS
sequence number of this initial record.
When read ahead is enabled, data can be pending in the SSL read buffer
after negotiating session keys. This pending data must be examined to
ensurs that the kernel's socket buffer does not contain a partial TLS
record as well as to determine the correct sequence number of the
first TLS record to be processed by the kernel.
In preparation for enabling receive kernel offload for TLS 1.3, move
the existing logic to handle read ahead from t1_enc.c into ktls.c and
invoke it from ktls_configure_crypto().
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)
Arran Cudbard-Bell [Mon, 28 Mar 2022 19:13:39 +0000 (13:13 -0600)]
Document the fact that setting a BIO create function means the BIO will no longer be marked as initialised
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/17983)
Todd C. Miller [Fri, 12 Mar 2021 20:44:54 +0000 (13:44 -0700)]
Add -static-libgcc to solaris-sparcv7-gcc shared_ldflag
This avoids a run-time dependency on libgcc_s.so which may not be
present on all systems. OpenSSL already uses -static-libgcc for
the solaris-x86-gcc and solaris64-x86_64-gcc configurations.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14538)
Todd C. Miller [Thu, 31 Mar 2022 16:32:29 +0000 (10:32 -0600)]
Fix AIX build when no-shared is passed to Configure.
AIX shared libs are also .a files so the AIX platform staticname()
appends a '_a' to the name to avoid a collision. However, this
must not be done when no-shared is passed to Configure or the
binaries that link with -lcrypto and -lssl be unable to link as
those libraries won't exist without the '_a' suffix.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18006)
Daniel Fiala [Tue, 29 Mar 2022 18:32:42 +0000 (20:32 +0200)]
Redefine macro X509_http_nbio to avoid using ocsp.h
The functions used from ocsp.h are actually just aliases
for functions from http.h. Use them directly to avoid
including ocsp.h.
Fixes openssl#17148
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17980)
Shi Pujin [Wed, 16 Feb 2022 02:53:56 +0000 (10:53 +0800)]
Add loongarch64 target
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17712)
Viktor Söderqvist [Fri, 1 Apr 2022 09:27:25 +0000 (11:27 +0200)]
Fix broken link to coding-style.html
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18015)
Tomas Mraz [Mon, 28 Mar 2022 17:13:22 +0000 (19:13 +0200)]
OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17997)
Pauli [Wed, 16 Mar 2022 03:57:24 +0000 (14:57 +1100)]
Fix Coverity
1503096: out-of-bounds access
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17898)
Pauli [Thu, 31 Mar 2022 22:33:17 +0000 (09:33 +1100)]
Fix Coverity
1498612 &
1503221: integer overflow
Both are the same issue and both as false positives. Annotate the line so
that this is ignored.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/18012)
Viktor Söderqvist [Wed, 28 Apr 2021 08:54:57 +0000 (10:54 +0200)]
CMS sign digest
CLI changes: New parameter -digest to CLI command openssl cms, to
provide pre-computed digest for use with -sign.
API changes: New function CMS_final_digest(), like CMS_final() but
uses a pre-computed digest instead of computing it from the data.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/15348)
Tomas Mraz [Fri, 25 Mar 2022 14:13:16 +0000 (15:13 +0100)]
req, x509: Allow printing modulus of RSA-PSS keys
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17990)
Hugo Landau [Mon, 14 Mar 2022 08:13:12 +0000 (08:13 +0000)]
Refactor OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA
This refactors OSSL_LIB_CTX to avoid using CRYPTO_EX_DATA. The assorted
objects to be managed by OSSL_LIB_CTX are hardcoded and are initialized
eagerly rather than lazily, which avoids the need for locking on access
in most cases.
Fixes #17116.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17881)
Sebastian Pop [Mon, 28 Mar 2022 20:58:15 +0000 (20:58 +0000)]
disable 5x interleave on buffers shorter than 512 bytes: 3% speedup on Graviton2
d6e4287c9726691e800bff221be71edd894a3c6a introduced 5x interleaving as an
optimization for ThunderX2, and that leads to some performance degradation on
when encoding short buffers. We found this performance degradation by measuring
the performance of nginx on Ubuntu 20.04 that comes with OpenSSL 1.1.1f and
Ubuntu 22.04 with OpenSSL 3.0.1.
This patch limits the 5x interleave to buffers larger than 512 bytes.
On Graviton2 we see the following performance with this patch:
$ openssl speed -evp aes-128-gcm -bytes 128
AES-128-GCM 64 bytes 79 bytes 80 bytes 128 bytes 256 bytes 511 bytes 512 bytes 1024 bytes
master
1062564.71k 775113.11k
1069959.33k
1411716.28k
1653114.86k
1585981.16k
1973683.03k
2203214.08k
master+patch
1062729.28k 771915.11k
1103883.42k
1458665.43k
1708701.20k
1647060.84k
1975571.80k
2204038.42k
diff 0% 0% 3% 3% 3% 4% 0% 0%
revert d6e428
1055290.03k 773448.92k
1117411.97k
1441478.57k
1695698.52k
1634598.04k
1981851.65k
2196680.36k
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17984)
Pauli [Fri, 25 Mar 2022 23:03:53 +0000 (10:03 +1100)]
doc: fix example in ssh KDF man page.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17972)
Ben Avison [Tue, 29 Mar 2022 13:33:13 +0000 (14:33 +0100)]
Remove further uses of __ARMEL__ in AArch64 assembly
The sweep of the source tree in #17373 missed the BSAES assembly due its
PR #14592 having been temporarily backed out at the time.
This constitutes a partial fix for #17958 - covers cases except when
configured with -DOPENSSL_AES_CONST_TIME.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17988)
Tomas Mraz [Tue, 22 Mar 2022 15:33:52 +0000 (16:33 +0100)]
Test processing of a duplicated HRR
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)
Tomas Mraz [Tue, 22 Mar 2022 11:34:07 +0000 (12:34 +0100)]
tls_process_server_hello: Disallow repeated HRR
Repeated HRR must be rejected.
Fixes #17934
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)
Pauli [Mon, 28 Mar 2022 01:14:22 +0000 (12:14 +1100)]
sparse array: reduces the block size
This becomes a performance improvement in the ossl_sa_doall_arg function which
has started appearing on profile output. The other ossl_sa_ functions don't
contribute significantly to profile output.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17973)
Pauli [Tue, 15 Mar 2022 03:35:30 +0000 (14:35 +1100)]
document the safe_div_round_up_TYPE functions
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17884)
Pauli [Tue, 15 Mar 2022 03:28:07 +0000 (14:28 +1100)]
Use safe math to computer sizes.
The sizes are rounded via the expression: (cmpl + 7) / 8 which overflows if
cmpl is near to the type's maximum. Instead we use the safe_math function to
computer this without any possibility of error.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17884)
Pauli [Tue, 15 Mar 2022 03:19:07 +0000 (14:19 +1100)]
Add a divide rounding up safe math function.
This function takes arguments a & b and computes a / b rounding any
remainder up.
It is safe with respect to overflow and negative inputs. It's only fast for
non-negative inputs.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17884)
Hugo Landau [Mon, 28 Mar 2022 11:10:06 +0000 (12:10 +0100)]
Fix typo in manpage SSL_CONF_cmd(3)
Fixes #17976.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17977)
Hugo Landau [Tue, 22 Mar 2022 10:59:36 +0000 (10:59 +0000)]
Remove statistics tracking from LHASH
Fixes #17928. Supercedes #17931.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17935)
Kevin K Biju [Wed, 23 Mar 2022 05:10:50 +0000 (10:40 +0530)]
Size of random output is now a long, also added option to select chunk size
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17949)
Pauli [Thu, 24 Mar 2022 03:31:19 +0000 (14:31 +1100)]
Fix Coverity
1503218: negative loop bound
OPENSSL_sk_num returns an integer which can theoretically be negative.
Assigning this to a size_t and using it as a loop bound isn't ideal.
Rather than adding checked for NULL or negative returns, changing the loop
index and end to int is simpler.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17954)
Todd Short [Wed, 23 Mar 2022 22:55:10 +0000 (18:55 -0400)]
ticket_lifetime_hint may exceed 1 week in TLSv1.3
For TLSv1.3, limit ticket lifetime hint to 1 week per RFC8446
Fixes #17948
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17952)
Juergen Christ [Wed, 23 Mar 2022 12:26:13 +0000 (13:26 +0100)]
s390x: Hide internal cpuid symbol and function
The symbol OPENSSL_s390xcap_P and the OPENSSL_cpuid_setup function are not
exported by the version script of OpenSSL. However, if someone uses the
static library without the version script, these symbols all of a sudden
become global symbols and their usage in assembler code does not correctly
reflect that for PIC. Since these symbols should never be used outside of
OpenSSL, hide them inside the binary.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17946)
Tomas Mraz [Thu, 24 Mar 2022 15:18:33 +0000 (16:18 +0100)]
Fix formatting of NOTES-WINDOWS.md and doc-nits failure
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17960)
Pauli [Wed, 16 Mar 2022 03:13:25 +0000 (14:13 +1100)]
Fix Coverity
1498612: integer overflow
The assert added cannot ever fail because (current & 0xFFFF) != 0 from the
while loop and the trailing zero bit count therefore cannot be as large as 32.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17892)
Gabor Kertesz [Tue, 22 Mar 2022 17:13:22 +0000 (18:13 +0100)]
Add build note for win-arm64
Windows on Arm is not officially supported by release, but with
x86 emulated Perl it can be built locally.
This method is added to Windows notes.
Locally all tests are passed on win-arm64.
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17940)